Beruflich Dokumente
Kultur Dokumente
Networking Basics
www.cisco.com
Local-Area NetworkLAN
What is a LAN?
A collection of computers, printers, and other
devices that can communicate with each other in a
small area (< ~ 3000 m or 1000 feet)
Local-Area Networks
LANs are designed to:
Operate within a limited geographic area
Allow multi-access to high-bandwidth media
Control the network privately under local
administration
Provide full-time connectivity to local services
Connect physically adjacent devices
PC or Workstation
Loaded with NOS
Network Interface
Card (NIC)
1990sGlobal Internetworking
www.cisco.com
Layered Communication
Location A
I like
rabbits
L: Dutch
Ik hou
van
konijnen
Message
Information
for the
Remote
Translator
Information
for the
Remote
Secretary
Source: Tanenbaum, 1996
Layered Communication
Location B
Location A
I like
rabbits
L: Dutch
Ik hou
van
konijnen
Message
Jaime
les lapins
Information
for the
Remote
Translator
L: Dutch
Ik hou
van
konijnen
Information
for the
Remote
Secretary
Layered Communication
Location A
I like
rabbits
L: Dutch
Ik hou
van
konijnen
Layers
Message
Information
for the
remote
translator
Information
for the
remote
secretary
Location B
Jaime
les lapins
L: Dutch
Ik hou
van
konijnen
Application
Presentation
Session
Transport
Network
Data Link
Physical
NIC Card
Application
Presentation
Session
Transport
Network
Data Link
Physical
Hub
Host Layers
7
Application
Presentation
Session
Transport
Network
Data Link
Physical
Media Layers
7
Application
Presentation
Session
4
Transport
Network
Data Link
Physical
}
}
Layer Functions
7
Application
Layer Functions
7
Application
Presentation
Data representation
Ensures data is readable by
receiving system
Format of data
Data structures
Negotiates data transfer
syntax for application layer
Layer Functions
7
Application
Presentation
Data representation
Session
Inter-host communication
Establishes, manages, and
terminates sessions between
applications
Layer Functions
7
Application
Presentation
Data representation
Session
Transport
Inter-host communication
End-to-end connection reliability
Concerned with data transport
issues between hosts
Data transport reliability
Establishes, maintains, and
terminates virtual circuits
Fault detection and recovery
Information flow control
Layer Functions
7
Application
Presentation
Data representation
Session
Transport
Network
Inter-host communication
End-to-end connection reliability
Addresses and best path
Provides connectivity and path
selection between two end
systems
Domain of routing
Layer Functions
7
Application
Presentation
Data representation
Session
Transport
Network
Data Link
Access to media
Inter-host communication
End-to-end connection reliability
Layer Functions
7
Application
Presentation
Data representation
Session
Transport
Network
Data Link
Access to media
Physical
Binary transmission
Wires, connectors, voltages,
data rates
Inter-host communication
End-to-end connection reliability
Peer-to-Peer Communications
Host A
Host B
Application
Application
Presentation
Presentation
Session
Session
Transport
Segments
Transport
Network
Packets
Network
Data Link
Frames
Data Link
Physical
Bits
Physical
Application Layer
This is where users communicate to the
computer.
This is where communication between two
users are established.
This is a point where user or application
interfaces with the protocols to gain access to
the network.
Examples are WWW, Telnet, FTP, TFTP, Email, SNMP, DNS
Presentation Layer
Tasks like Translation, Encryption, decryption,
compression, decompression are associated with
this layer.
It receives the data in native format & converts in
standard format or receives data in standard
format and converts in native format, ie. EBCDIC
to ASCII.
It is mainly responsible for how the data is to be
presented to the Application Layer.
Examples are PICT, TIFF, JPEG, MIDI, MPEG,
GIFF etc.
Presentation Layer
login:
Text
Data
ASCII
EBCDIC
Encrypted
Graphics
Visual images
Sound
MIDI
Video
MPEG
QuickTime
PICT
TIFF
JPEG
GIF
Session Layer
Session Establishment
Establishes a session between two devices before actual
transmission of data.
Dialog Control
Simplex
Half Duplex
Full Duplex
Session Layer
Simplex
Data travels only one way.
Radio transmission is the best example of this.
Half Duplex
Both way but one at a time. By default all LAN Cards (NICs)
work on Half Duplex.
Full Duplex
Both way at the same time.
Session Layer
Service Request
Service Reply
Coordinates applications as
they interact on different hosts
Transport Layer
Transport Layer
Transport Layer never actually transports the data but only
prepares for transporting.
Uses Socket to define the services running on a particular
node, the data is associated with.
Responsible for the following :
Segmentation
End-to-end Communication
Flow Control
Error Control
Multiplexing of Applications
TCP, UDP and SPX work at this layer
Socket
80
21
25
Transport Layer
Segments Upper-Layer
Applications
Application
Electronic
File
Terminal
Presentation
Transfer
Session
Session
Transport
Application
Port
Data
Application
Port
Segments
Data
Port Numbers
Application
Layer
Transport
Layer
F
T
P
T
E
L
N
E
T
S
M
T
P
D
N
S
T
F
T
P
S
N
M
P
R
I
P
21
23
25
53
69
161
520
TCP
UDP
Port
Numbers
Segmentation
Transport Layer
Sends Segments with Flow Control
Transmit
Sender
Stop
Go
Receiver
Not Ready
Buffer Full
Process
Segments
Ready
Resume Transmission
Buffer OK
Flow Control
Used while connection oriented communication
It helps to have a control on over flow of Buffer.
Advantages are:
The segments delivered are acknowledged if received
Any segment not acknowledged are retransmitted
segments are sequenced back upon their arrival
Congestion, Overloading and data loss are avoided
To achieve all this it uses the technique of Sliding window or
Windowing
Transport Layer
Establishes Connection
Sender
Receiver
Synchronize
Negotiate Connection
Synchronize
Acknowledge
Connection Established
Data Transfer
(Send Segments)
End-to-End Communication
Connection Less Transmission
UDP is used
Not reliable
Faster
Transport Layer
Reliability with Windowing
Window Size = 1
Send 1
Sender
Receive 1
Ack 2
Receive 2
Ack 3
Send 2
Receiver
Window Size = 3
Sender
Send 1
Send 2
Send 3
Send 4
Receive 1
Receive 2
Receive 3
Ack 4
Receiver
Transport Layer
An Acknowledgement Technique
Sender
1 2 3 4 5 6 7
Receiver
1 2 3 4 5 6 7
Send 1
Send 2
Send 3
Ack 4
Send 4
Send 5
Send 6
Ack 5
Send 5
Ack 7
Network Layer
Which
Which Path?
Path?
2
4
9
6
8
10
11
3
7
Node
1
2
3
2.1
1.2
1.3
1.1
3.1
Network
Node
TCP/IP
Example
Network
Host
10.
8.2.48
Novell IPX
Example
Network
1aceb0b.
(Mask 255.0.0.0)
Node
0000.0c00.6e25
Network Layer
Protocol Operations
X
C
C
A
A
Dynamic Route
Uses a route that a network protocol
adjusts automatically for topology or
traffic changes
A
A
Point-to-point or
circuit-switched
connection
B
B
Stub network
A
A
B
B
D
D
C
C
A
A
B
B
X
D
D
C
C
A
A
B
B
X
D
D
C
C
Physical Layer
DOD MODEL
The DoD
Model
OSI Model
Application
Application
Presentation
Session
Host-to-Host
Internet
Network
Access
Transport
Network
Data Link
Physical
Process/Application Layer
The Process / Application layer defines protocols
for node-to-node application communication and
also controls user-interface specification.
A vast array of protocols combine at this layer of
DoDs Model to integrate the activities and duties
of upper layer of OSI.
Examples for this layer are :
Telnet, FTP, TFTP, NFS, SMTP, SNMP, DNS
DHCP, BootP etc.
Host-to-Host Layer
The Host-to-Host layer parallels the functions of
the OSIs Transport layer
It performs the following:
Defining protocols for setting up the level of
transmission service for Applications
It tackles issues like creating reliable ene-toend communication.
It ensures the error free delivery of data
It handles packet sequencing and maintains
data integrity.
Internet Layer
Internet Layer corresponds to the OSIs Network
Layer.
It performs the following:
Designating the protocols relating to the logical
transmission of packets over the entire network.
It takes care of the addressing of hosts by
giving them an IP address.
It handles routing of packets among multiple
networks.
DoD Model
Process /
Application
Telnet
FTP
LPD
SNMP
TFTP
SMTP
NFS
X Window
Host-to-Host
TCP
ICMP
Internet
Network
Access
UDP
BootP
ARP
RARP
Token
Ring
FDDI
IP
Ethernet
Fast
Ethernet
LOWER LAYERS
PROTOCOLS
Token
Ring
FDDI
FDDI
Dual Ring
Ethernet
www.cisco.com
Introduction
Ethernet is a methodology for accessing a media
It allows all hosts on a network to share the same bandwidth of
a link.
It is popular because :
It is easy to implement & Troubleshoot
It is easy to add new technologies like Fast Ethernet and
Gigabit Ethernet to existing infrastructure.
Ethernet uses Data Link Layer and Physical Layer
Specification
It uses something called
CSMA/CD
Ethernet Operation
A
Ethernet Operation
A
D
Application
Presentation
Session
Transport
Network
Data Link
Physical
Ethernet Operation
A
D
Application
Presentation
Session
Transport
Network
Data Link
Physical
B and C
Application
Presentation
Session
Transport
Network
Data Link
Physical
Ethernet LANs:
How do they work?
Multiple workstations
are connected to a
segment
Each station has to take
turns sending traffic
All stations listen to all
traffic on their segment
Stations can only send
data (Ethernet Frames)
when no one else is
sending
Ethernet LANs:
MAC Addresses
0000.0c12.3456
0000.1018.321a
0000.0c12.1111
Ethernet LANs:
Unicast Frames
0000.0c12.3456
Frame
To: 0000.0c12.3456
0000.1018.321a
0000.0c12.1111
Ethernet LANs:
Broadcast Frames
0000.0c12.3456
Frame
To: FFFF.FFFF.FFFF
0000.1018.321a
0000.0c12.1111
Frame
Packet
CSMA/CD is the
mechanism that
regulates the segment
Each station listens for
other traffic before they
transmit
Ethernet Collisions
Collision!
Packe
Frame Packe
Frame t
t
Frame
Packet
Frame
Packet
Sometimes stations
transmit
simultaneously
Two frames on the
same segment collide
Collisions require
each station to wait
and resend
Ethernet Reliability
A
Figure 1
Figure 2
Collision
Ethernet Reliability
A
Collision
JAM
JAM
JAM
JAM
JAM
JAM
Ethernet Reliability
A
Collision
JAM
JAM
JAM
JAM
JAM
JAM
CSMA/CD
CSMA/CD stands for Carrier Sense Multiple Access /
Collision Detect.
Full Duplex
Ethernet Addressing
24 bits
Organizationally
Unique Identifier (OUI)
(Assigned by IEEE)
Ethernet Addressing using MAC Addresses
24 bits
Vender Assigned
Ethernet Frames
Frames are used at the Data Link Layer to
encapsulate packets coming down for
transmission on a type of Media Access
Types of Media Access
Contention (Ethernet)
Token Passing (Token Ring or FDDI)
We will be covering only Contention, as rest all are beyond the scope of our course.
MAC SUB-LAYER
MAC Layer - 802.3
# Bytes
0000.0C
IEEE assigned
xx.xxxx
Vendor
assigned
MAC Address
2
Length
Variable
Data
4
FCS
Ethernet II
uses Type
here and
does not use
802.2.
Preamble
It allows the receiving devices to lock the
incoming bit stream.
The Peamble is used to indicate to the
receiving station that the data portion of
the message will follow.
Data
This is the packet sent down to the Data
Link Layer from the Network layer.
The size can vary from 46-1500 bytes.
1 or 2
OR
# Bytes
Variable
Data
802.2 (SAP)
1
1 or 2
Dest
SAP
Source
SAP
Ctrl
Variable
Data
Data
FCS
802.2 Frame
802.2 Frame has two new fields
DSAP (Destination Service Access Pointer)
SSAP (Source Service Access Pointer)
SNAP
Frame
The SNAP Frame has its own protocol field to identify
EXAMPLE - SNAP
ETHERNET
CABLING
Network Cabling
Media connecting network components
NIC cards take turns transmitting on the cable
LAN cables only carry one signal at a time
WAN cables can carry multiple signals
simultaneously
Twisted-Pair
Outer Jacket
10/100 Mbps
Relative cost:
Least costly
100 m
Color-Coded
Plastic Insulation
RJ-45
Connector
Coaxial Cable
OuterJacket
BNC Connector
10/100 Mbps
Relative cost:
Medium
200/500 m
Fiber-Optic Cable
Outer Jacket
Kevlar Reinforcing
Material
Plastic
Shield
100+ Mbps
Most expensive
Up to 2 km
Glass Fiber
and Cladding
Optical Fiber
Metal cables transmit signals in the form of electric
current
Optical fiber is made of glass or plastic and transmits
signals in the form of light.
Light, a form of electromagnetic energy, travels at
300,000 Kilometers/second ( 186,000 miles/second), in
a vaccum.
The speed of the light depends on the density of the
medium through which it is traveling ( the higher
density, the slower the speed).
Cable Specification
Cables
Distance
Throughput Ethernet
Standard
Connectors
Co-axial
Thinnet
10Base2
T-connector
Co-axial
Thicknet
10Base5
AUI
Category 3
10BaseT
RJ-45
Category 5
10BaseX /
RJ-45
Fast Ethernet
Crimping
There are two types of Crimping used with UTP cables and
RJ-45 connectors.
Straight-Through
This is used while connecting
Router to a Hub or Switch
Server to Hub or Switch
Workstation to a Hub or Switch
Crossover
UTP Implementation
Straight-through
Cable 10BaseT/
Straight-through Cable
100BaseTx Straight-through
Hub/Switch
Pin
1
2
3
4
5
6
7
8
Label
RD+
RDTD+
NC
NC
TDNC
NC
Server/Router
Pin
1
2
3
4
5
6
7
8
Label
TD+
TDRD+
NC
NC
RDNC
NC
1
8
w g w b w o w br
g o
b br
w g w b w o w br
g o
b br
UTP Implementation
Crossover
Cable 10BaseT/
100BaseT Crossover
Hub/Switch
Pin
1
2
3
4
5
6
7
8
Label
RD+
RDTD+
NC
NC
TDNC
NC
Hub/Switch
Pin
1
2
3
4
5
6
7
8
Label
RD+
RDTD+
NC
NC
TDNC
NC
Crossover Cable
1
1
br w g w b w o w
br
g
o
b
w ww w
br
b
g br o b
o g
CISCO MODEL
Distribution
Layer
Access
Layer
118
Core Layer
Core Layer is actually the core of the network.
It is responsible for transporting large amount
of traffic reliably and quickly.
Core Layer failure affects each individual user,
hence fault tolerance becomes an issue at this
layer.
Core layer is likely to see large volume of
traffic, hence speed and latency is the driving
concerns.
Distribution Layer
Characteristics
Access Layer
Aggregation Point
Distribution Layer
Routes traffic
Broadcast/Multicast
Domains
Media Translation
Security
Distribution Layer
It is sometimes also referred as workgroup layer.
It is communication point between Access Layer
and Core Layer.
Routing, Filtering & WAN Access is the Primary
function of the distribution layer.
Network policies are implemented at Distribution
Layer.
Best path is determined and request are
forwarded to Core Layer.
At Distribution Layer
We do the following:
Implementation of tools like access lists, packet
filtering etc.
Implementation of security and network policies
like address translation and firewalls
Redistribution between routing protocols, including
static routing
Routing between VLANs
Definition of Broadcast and Multicast Domains
Access Layer
125
What Is TCP/IP?
A suite of protocols
Rules that dictate how packets
of information are sent across
multiple networks
Addressing
Error checking
TCP/IP Protocol
The Transmission Control Protocol/Internet Protocol
(TCP/IP) suit was created by the Department of Defense
(DoD).
The Internet Protocol can be used to communicate across
any set of interconnected networks.
TCP/IP supports both LAN and WAN communications.
IP suite includes not only Layer 3 and 4 specifications but
also specifications for common applications like e-mail,
remote login, terminal emulation and file transfer.
The TCP/IP protocol stack maps closely to the OSI model in
the lower layers.
OSI Model
Application
Application
Presentation
Session
Host-to-Host
Internet
Network
Access
Transport
Network
Data Link
Physical
DoD Model
Process /
Application
Telnet
FTP
LPD
SNMP
TFTP
SMTP
NFS
X Window
Host-to-Host
TCP
ICMP
Internet
Network
Access
UDP
BootP
ARP
RARP
Token
Ring
FDDI
IP
Ethernet
Fast
Ethernet
TCP/IP Applications
Application layer
File Transfer Protocol (FTP)
Remote Login (Telnet)
E-mail (SMTP)
Transport layer
Transport Control Protocol (TCP)
User Datagram Protocol (UDP)
Network layer
Internet Protocol (IP)
Data-Link
Physical
Reverse Address
Resolution Protocol (RARP)
Internet Protocol
Provides connectionless,best - effort
delivery routing of datagrams.
IP is not concerned with the content of
the datagrams.
It looks for a way to move the datagrams
to their destination.
IP Datagram
Bit
1 0
Version
(4)
Bit 15 Bit 16
Header
Length (4)
Type
of Service (8)
Identification (16)
Time-to-Live (8)
Bit 31
Protocol (8)
20
Bytes
IP Datagram
Version Currently used IP version
Header Length Datagram header length
TOS Level of importance assigned by a particular upper-layer protocol
Total Length- Length of packet in bytes including Data and Header
Identification Identifies current datagram (Sequence Number)
Flags Specifies whether the packet can be fragmented or not
Fragment Offset Used to piece together datagram fragments
Protocol Field
Transport
Layer
UDP
TCP
6
Internet
Layer
17
Protocol
Numbers
IP
172.16.3.2
172.16.3.2
172.16.3.2
172.16.3.2
Map IP
Ethernet
Reverse ARP
What is
my IP
address?
Reverse ARP
I heard that
broadcast.
Your IP
address is
172.16.3.25.
What is
my IP
address?
Reverse ARP
I heard that
broadcast.
Your IP
address is
172.16.3.25.
What is
my IP
address?
Reverse ARP
I heard that
broadcast.
Your IP
address is
172.16.3.25.
What is
my IP
address?
Map Ethernet
IP
Destination
Unreachable
ICMP
Echo (Ping)
Internet
Other
Data-Link
Physical
ICMP Ping
Application
Transport
Internet
Data-Link
Physical
Transmission Control
Protocol (TCP)
ConnectionOriented
User Datagram
Protocol (UDP)
Connectionless
Bit 15 Bit 16
Source Port (16)
Bit 31
Destination Port (16)
Window (16)
Urgent (16)
Options (0 or 32 if Any)
Data (Varies)
20
Bytes
Port Numbers
Application
Layer
Transport
Layer
F
T
P
T
E
L
N
E
T
S
M
T
P
D
N
S
T
F
T
P
S
N
M
P
R
I
P
21
23
25
53
69
161
520
TCP
UDP
Port
Numbers
Destination
Port
Telnet Z
Host Z
Host A
SP
DP
1028
23
Host B
Send SYN
(seq = 100 ctl = SYN)
SYN Received
SYN Received
Established
(seq = 101 ack = 301
ctl = ack)
Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
Send 2
Receive 2
Send ACK 3
Receive ACK 3
Send 3
Receive 3
Send ACK 4
Receive ACK 4
Window Size = 1
Destination
Port
I just
sent number
10
Sequence
Acknowledgment
1028
23
11
2
.
TCP Windowing
Sender
Window Size = 3
Send 1
Window Size = 3
Receiver
Window Size = 3
Send 2
Window Size = 3
Send 3
Packet 3 Is
ACK 3
Window Size = 2 Dropped
Window Size = 3
Send 3
Window Size = 3
Send 4
ACK 5
Window Size = 2
Bit 15 Bit 16
Source Port (16)
Bit 31
Destination Port (16)
Length (16)
Checksum (16)
Data (if Any)
8
Bytes
Application
Transport
Internet
File Transfer
- TFTP*
- FTP*
- NFS
E-Mail
- SMTP
Remote Login
- Telnet*
- rlogin*
Network Management
- SNMP*
Name Management
- DNS*
Data-Link
Telnet
Telnet is used for Terminal Emulation.
It allows a user sitting on a remote machine to
access the resources of another machine.
It allows you to transfer files from one machine to
another.
It also allows access to both directories and files.
It uses TCP for data transfer and hence slow but
reliable.
X Window
Introduction to TCP/IP
Addresses
172.18.0.1
172.18.0.2
10.13.0.0
10.13.0.1
172.16.0.1
HDR SA DA DATA
172.17.0.1
172.16.0.2
172.17.0.2
192.168.1.0
192.168.1.1
IPv4 Addressing
32-bit addresses
Commonly expressed in dotted
decimal format (e.g., 192.168.10.12)
IP Addressing
32 bits
Dotted
Decimal
Maximum
Network
255
255
Host
255
255
IP Addressing
32 bits
Dotted
Decimal
Network
16 17
255
24 25
32
11111111 11111111
11111111 11111111
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
8 9
255
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
Binary
255
255
Maximum
Host
IP Addressing
32 bits
Dotted
Decimal
Network
16 17
255
24 25
32
11111111 11111111
11111111 11111111
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
8 9
255
128
64
32
16
8
4
2
1
128
64
32
16
8
4
2
1
Binary
255
255
Maximum
Host
Example
172
16
122
204
Decimal
Example 10101100 00010000 01111010 11001100
Binary
IP Address Classes
8 bits
8 bits
8 bits
8 bits
Host
Host
Host
Host
Host
Class A:
Network
Class B:
Network Network
Class C:
Class D:
Multicast
Class E:
Research
Host
IP AddressingClass A
10.222.135.17
Network # 10
Host # 222.135.17
Range of class A network IDs: 1126
IP AddressingClass B
128.128.141.245
Network # 128.128
Host # 141.245
IP AddressingClass C
192.150.12.1
Network # 192.150.12
Host # 1
Range of class C network IDs:
192.0.1223.255.254
Number of available hosts: 254
# Networks
# Hosts
Example
126
16,777,214
01111111
00000000
00000000
00000000
16,384
65,534
10111111
11111111
00000000
00000000
2,097,152
254
11011111
11111111
11111111
00000000
Class A
35.0.0.0
Class B
128.5.0.0
Class C
132.33.33.0
IP Address Classes
Bits:
Class A:
Bits:
Class B:
Bits:
Class C:
Bits:
Class D:
8 9
0NNNNNNN
16 17
24 25
Host
Host
32
Host
Range (1-126)
1
8 9
10NNNNNN
16 17
Network
Range (128-191)
1
8 9
110NNNNN
Host
16 17
Network
Range (192-223)
1
8 9
1110MMMM
24 25
Host
24 25
Network
16 17
32
32
Host
24 25
32
Range (224-239)
Private Addresses
Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.255.255
Class C 192.168.0.0 to 192.168.255.255
...
...
N
1
2
3
...
16
16
15
14
13
12
11
10
9
8
7
6
5
4
3
2
1
172
Host
11111111 11111101
11111111 11111110
11111111 11111111
65534
65535
65536
2
65534
Subnet Mask
Network
IP
Address
172
Host
16
Network
Default
Subnet
Mask
8-bit
Subnet
Mask
255
0
Host
255
11111111
11111111
00000000
00000000
Also written as /16 where 16 represents the number of 1s
in the mask.
Network
Subnet
Host
255
255
255
32
16
128
192
224
240
248
252
254
255
Host
172.16.2.160
10101100
00010000
00000010
10100000
255.255.0.0
11111111
11111111
00000000
00000000
10101100
00010000
00000000
00000000
172
16
Network
Number
Host
10101100
00010000
00000010
10100000
11111111
11111111
11111111
00000000
10101100
00010000
00000010
00000000
172
16
128
192
224
240
248
252
254
255
255.255.255.0
Subnet
Network
Number
255.255.255.192
Network
Number
Host
10101100
00010000
00000010
10100000
11111111
11111111
11111111
11000000
10101100
00010000
00000010
10000000
128
192
224
240
248
252
254
255
172.16.2.160
Subnet
128
192
224
240
248
252
254
255
Network
172
16
128
172.16.2.160
255.255.255.192
172
16
10101100
00010000
160
Mask
Subnet 4
Broadcast
First
Last
172.16.2.160
255.255.255.192
172
16
10101100
00010000
11111111
11111111
160
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10111110 Last
16
160
3
172.16.2.160
255.255.255.192
10101100
00010000
11111111
11111111
10101100
00010000
10101100
00010000
10101100
00010000
5
00000010 10000001 First
10101100
00010000
16
160
3
10101100
00010000
255.255.255.192 11111111
8
9
172.16.2.128
10101100
11111111
00010000
10101100
00010000
172.16.2.160
172.16.2.191
172.16.2.129
10101100
00010000
5
00000010 10000001 First
172.16.2.190
10101100
00010000
Variable-Length
Subnet Masks
2001, Cisco Systems, Inc.
3-200
What Is a Variable-Length
Subnet Mask?
HQ
172.16.0.0/16
What Is a Variable-Length
Subnet Mask? (cont.)
HQ
HQ
172.16.0.0/16
What Is a Variable-Length
Subnet Mask? (cont.)
172.16.14.32/27
172.16.14. 64/27
B
HQ
HQ
172.16.0.0/16
172.16.14.96/27
C
What Is a Variable-Length
Subnet Mask? (cont.)
172.16.14.32/27
A
172.16.14. 64/27
B
HQ
HQ
172.16.0.0/16
172.16.14.96/27
C
Calculating VLSMs
Subnetted Address: 172.16.32.0/20
In Binary 10101100. 00010000.00100000.00000000
1st subnet:
Subnet VLSM
subnet
Host
.0010
.0010
.0010
.0010
.0010
0000.00
0000.01
0000.10
0000.11
0001.00
Subnet VLSM
Subnet
000000=172.16.32.0/26
000000=172.16.32.64/26
000000=172.16.32.128/26
000000=172.16.32.192/26
000000=172.16.33.0/26
Host
172.16.32.0/26
172.16.32.64/26
172.16.32.128/26
172.16.32.192/26
26 bit mask
(62 hosts)
172.16.32.0/26
172.16.32.64/26
172.16.32.128/26
172.16.32.192/26
Derived from the
172.16.33.0/26 Subnet
30 bit mask
(2 hosts)
26 bit mask
(62 hosts)
172.16.32.0/26
172.16.33.0/30
172.16.33.4/30
172.16.32.64/26
172.16.33.8/30
172.16.32.128/26
172.16.33.12/30
172.16.32.192/26
Derived from the
172.16.33.0/26 Subnet
30-Bit Mask
(2 Hosts)
26-Bit Mask
(62 Hosts)
Route Summarization
3-213
172.16.26.0/24
A
172.16.27.0/24
Routing table
172.16.25.0/24
172.16.26.0/24
172.16.27.0/24
What Is Route
Summarization? (cont.)
172.16.25.0/24
I can route to the
172.16.0.0/16 network.
172.16.26.0/24
A
172.16.27.0/24
Routing Table
172.16.25.0/24
172.16.26.0/24
172.16.27.0/24
B
Routing Table
172.16.0.0/16
172
16
. 10101 001 .
172.16.170.0/24 =
172
16
. 10101 010 .
172.16.171.0/24 =
172
16
. 10101 011 .
172.16.172.0/24 =
172
16
. 10101 100 .
172.16.173.0/24 =
172
16
. 10101 101 .
172.16.174.0/24 =
172
16
. 10101 110 .
172.16.175.0/24 =
172
16
. 10101 111 .
Noncommon
Bits = 11
Summarizing Addresses in
a VLSM-Designed Network
172.16.128.0/20
172.16.32.64/26
172.16.32.0/24
A
172.16.0.0/16
172.16.32.128/26
172.16.64.0/20
Corporate
Network
Classless
Interdomain Routing
2001, Cisco Systems, Inc.
3-218
CIDR Example
192.168.8.0/24
192.168.9.0/24
192.168.9.0/24
192.168.15.0/24
192.168.8.0/21
ISP
WAN Basics
What Is a WAN?
A network that serves users across a broad
geographic area
Often uses transmission devices provided by
public carriers (Pacific Bell, AT&T, etc.)
This service is commonly referred to as plain old
telephone service (POTS)
WAN Overview
Service
Provider
What is a
WAN?
A WAN is a data communications network that covers a relatively broad geographic
area and often uses transmission facilities provided by common carriers, such as
telephone companies. WAN technologies function at the lower three layers of the OSI
reference model: the physical layer, the data link layer, and the network layer.
Point-to-Point Links or
Leased Lines
Leased Line
Circuit Switching
Modem
WAN
Modem
Circuit Switching
Mobile
Users
Basic
Telephone
Service
Server
Modem
Access Router
Widely available
Easy to set up
Dial on demand
Asynchronous transmission
Low cost, usage-based
Lower bandwidth access requirements
ISDN
Telecommuter/AfterHours, Work-atHome
BRI
2B+D
BRI/PRI
23B+D
30B+D (Europe)
Company Network
High bandwidth
Up to 128 Kbps per basic rate interface
Dial on demand
Multiple channels
Fast connection time
Monthly rate plus cost-effective,
usage-based billing
Strictly digital
Packet Switching
Multiplexing
Modem
Demultiplexing
WAN
Modem
Packet Switching
WAN switching method that allows you to share
bandwidth with other companies to save money.
Think of packet switching networks as a party line. As long
as you are not constantly transmit-ting data and are instead
using bursty data transfers, packet switching can save you
a lot of money. However, if you have constant data
transfers,then you will need to get a leased line.
Frame Relay and X.25 are packet-switching technologies.
Speeds can range from 56Kbps to 2.048Mbps.
Frame Relay
Permanent, not dialup
Multiple connections per
physical interface
(permanent virtual circuits)
Efficient handling of
bursty (peak performance
period) data
Guaranteed bandwidth
(typical speeds are
56/64 Kbps, 256 Kbps,
and 1.544 Mbps)
committed information
rate (CIR)
Cost varies greatly by region
X.25
DTE
DTE
DCE
X.25
DCE
48
ISDN Cloud
core_sw_b
core_sw_a
Leased Line/
Frame Relay
Core_
Server
Frame
Relay
PPP
HDLC
EIA/TIA-232
EIA/TIA-449
X.21 V.24 V.35
HSSI
RJ-45
NOTE: Pinouts are
different than RJ-45
used in campus
End user
device
DTE
CSU/
DSU
DCE
Service
provider
EIA/TIA-232
EIA/TIA-449
V.35
X.21
EIA-530
Serial Implementation of
DTE versus DCE
Data Terminal Equipment
Modem
CSU/DSU
DCE
DTE
S
S
DTE
DCE
S
S
S
DCE
DTE
Router
To Corporate
Network
EIA/TIA-232
V.35
X.21
HSSI
WAN Provider
(Carrier) Network
Modem
Usually on the
Customers
Premises
DTE
DCE
The Customers
Equipment
Serial Transmission
WAN Serial connectors use serial transmission
Serial transmission uses one bit at time over a
single channel.
Parallel transmission can use 8 bits at a time,
but all WANs use serial transmission.
LAN/WAN Devices
www.cisco.com
LAN/WAN Devices
Hubs
Bridges
Switches
Routers
Hub
Device that serves as the center of a
star topology network, sometimes
referred to as a multiport repeater,
no forwarding intelligence
Hubs
123
126
124
127
Hub
125
128
Amplifies signals
Propagates signals through the network
Does not filter data packets based on destination
No path determination or switching
Used as network concentration point
Physical
CSMA/CD is used
Bridge
Device that connects and passes
packets between two network
segments.
More intelligent than hubanalyzes
incoming packets and forwards (or
filters) them based on addressing
information.
Bridge Example
123
126
Bridge
124
127
Hub
Hub
125
128
Segment 1
Corporate Intranet
Segment 2
Switches
Use bridging technology to
forward traffic between ports.
Provide full dedicated data
transmission rate between two stations
that are directly connected to the switch
ports.
Build and maintain address
tables called content-addressable
memory (CAM).
SwitchingDedicated Media
Workstation
10-Mbps
UTP Cable
Dedicated
31
Switch
34
32
35
100 Mbps
33
100 Mbps
Corporate Intranet
36
OR
Switches
Switch
Memory
Routers
1.2
1.0
4.0
1.3
E0
2.1
S0
Routing Table
NET INT Metric
1
E0
0
2
S0
0
4
S0
1
2.2
S0
4.3
4.1
4.2
E0
Routing Table
NET INT Metric
1
S0
1
2
S0
0
4
E0
0
Connects to WAN
services
Mobile User
Branch Office
Main Office
Internet
Bridge
Switch
Router
Collision Domains:
1
4
Broadcast Domains:
1
Product Selection
Considerations
Selection Issues:
Scale of the routing features needed
Port density/variety requirements
Capacity and performance
Common user interface
Cisco
1600/1700
Cisco Series
700/800
Series
Cisco
2500
Series
Cisco
2600
Series
Cisco
3600
Series
AS
5000
Series
Cisco
7000
Series
Cisco
10000
Series
Visual Objective
Router 7200
Router 7300
Router 7500
Router 7600
Router 10000
Router 12000
The 1600, 1700, 2600, 3600 and higher routers have modular
interfaces.
These Routers allow you to buy what you need and add almost any
type of interface you may need later.
Fixed Interfaces
2500 Routerrear view
Modular Interfaces
WAN
Interface
Card
Ethernet 10BaseT
3640 Router
rear view
Ethernet AUI
Console
Module
RAM
It contains the software and data
structures that allow the router to function.
The principal software running in RAM is
the Cisco IOS image and the running
configuration. Some routers, such as the
2500 series, run IOS from Flash and not
RAM.
ROM Functions
ROM
POST : The microcode used to test the basic
functionality of the router hardware and to
determine what components are present.
ROM
Bootstrap code : the bootstrap code is
used to bring the router up during
initialization. It contains microcode for basic
functions to start and maintain the router. It
reads the configuration register to
determine how to boot and then, if
instructed to do so, loads the IOS
software.
ROM
ROM monitor : A low-level operating system normally
used for manufacturing, testing and troubleshooting.
A partial IOS : This partial IOS can be used to load a
new software image into Flash memory and to perform
some other maintainence operations. It does not
support the IP routing and most other routing
functions. Sometimes, this subset of the IOS is
referred to as RXBOOT code.
Flash memory
Flash memory : is used to contain the IOS
software image. Some router run IOS image
directly from Flash and do not need to
transfer it to RAM.
NVRAM
NVRAM : is used mainly to store the
configuration. NVRAM uses a battery to
maintain the data when the power is removed
from the router.
Configuration Register
Configuration Register : is used to control
how the router boots up.
Setting Up A Console
Connection
Device with Console
Console
Connection
Console connection is required to configure the router for the
first time.
All Cisco devices are shipped with one Console cable.
It allows you to connect a device and configure, verify and
monitor it.
The cable is a rollover cable with RJ-45 connectors
Pinouts for the rollover cable is:
1-8
4-5
7-2
2-7
5-4
8-1
3-6
6-3
---
Console Connection
Setup terminal emulation program to run at
9600 bps
8 data bits
no parity
1 stop bit
no flow control
Most of the router has an auxiliary port which can connect to a
modem
This will give you console access to a remote router.
The console port and auxiliary port are considered out-of-band
management since you are configuring router out of the network
Telnet is considered in-band.
Router Power-On/Bootup
Sequence
1.
2.
3.
4.
5.
6.
7.
--- System Configuration Dialog --Continue with configuration dialog? [yes/no]: yes
At any point you may enter a question mark '?' for help.
Use ctrl-c to abort configuration dialog at any prompt.
Default settings are in square brackets '[]'.
IP-Address
OK?
Method
Status
Protocol
BRI0
unassigned
YES
unset
administratively down
down
BRI0:1
unassigned
YES
unset
administratively down
down
BRI0:2
unassigned
YES
unset
administratively down
down
Ethernet0
unassigned
YES
unset
administratively down
down
Serial0
unassigned
YES
unset
administratively down
down
Setup Initial
Global Parameters
Configuring global parameters:
Enter host name [Router]:wg_ro_c
The enable secret is a password used to protect access to
privileged EXEC and configuration modes. This password, after
entered, becomes encrypted in the configuration.
Enter enable secret: cisco
The enable password is used when you do not specify an
enable secret password, with some older software versions, and
some boot images.
Enter enable password: sanfran
The virtual terminal password is used to protect
access to the router over a network interface.
Enter virtual terminal password: sanjose
Configure SNMP Network Management? [no]:
Setup Initial
Protocol Configurations
Configure LAT? [yes]: no
Configure AppleTalk? [no]:
Configure DECnet? [no]:
Configure IP? [yes]:
Configure IGRP routing? [yes]: no
Configure RIP routing? [no]:
Configure CLNS? [no]:
Configure IPX? [no]:
Configure Vines? [no]:
Configure XNS? [no]:
Configure Apollo? [no]:
Setup Interface
Parameters
BRI interface needs isdn switch-type to be configured
Valid switch types are :
[0] none..........Only if you don't want to configure BRI.
[1] basic-1tr6....1TR6 switch type for Germany
[2] basic-5ess....AT&T 5ESS switch type for the US/Canada
[3] basic-dms100..Northern DMS-100 switch type for US/Canada
[4] basic-net3....NET3 switch type for UK and Europe
[5] basic-ni......National ISDN switch type
[6] basic-ts013...TS013 switch type for Australia
[7] ntt...........NTT switch type for Japan
[8] vn3...........VN3 and VN4 switch types for France
Choose ISDN BRI Switch Type [2]:
Configuring interface parameters:
Do you want to configure BRI0 (BRI d-channel) interface? [no]:
Do you want to configure Ethernet0 interface? [no]: yes
Configure IP on this interface? [no]: yes
IP address for this interface: 10.1.1.33
Subnet mask for this interface [255.0.0.0] : 255.255.255.0
Class A network is 10.0.0.0, 24 subnet bits; mask is /24
Do you want to configure Serial0
interface? [no]:
Setup Script
Review and Use
The following configuration command script was created:
hostname Router
interface BRI0
enable secret 5 $1$/CCk$4r7zDwDNeqkxFO.kJxC3G0
shutdown
enable password sanfran
no ip address
line vty 0 4
!
password sanjose
interface Ethernet0
no snmp-server
no shutdown
!
ip address 10.1.1.31 255.255.255.0
no appletalk routing
no mop enabled
no decnet routing
!
ip routing
interface Serial0
no clns routing
shutdown
no ipx routing
no ip address
no vines routing
<text omitted>
no xns routing
end
no apollo routing
isdn switch-type basic-5ess
[0] Go to the IOS command prompt without saving this config.
[1] Return back to the setup without saving this config.
[2] Save this configuration to nvram and exit.
Enter your selection [2]:
Router User-Mode
Command List
wg_ro_c>?
Exec commands:
access-enable
atmsig
cd
clear
connect
dir
disable
disconnect
enable
exit
help
lat
lock
login
logout
-- More --
Router Privileged-Mode
Command List
wg_ro_c#?
Exec commands:
access-enable
access-profile
access-template
bfe
cd
clear
clock
configure
connect
copy
debug
delete
dir
disable
disconnect
enable
erase
exit
help
-- More --
Access to Configuration
Interface configuration Mode
Modes
Support commands for per-interface basis configuration
Promp looks like
Router(Config-if)#
Exit command will take you one level back and eventually
allowing you to log out.
CTRL+Z can also be used instead of Exit command
Provides a list of
commands and the
arguments associated
with a specific command.
clok
Translating "CLOK"
% Unknown command or computer name, or unable to find computer address
Router#
clear
Router#
cl?
clock
clock
Symbolic translation
% Incomplete command.
Command prompting
Router#
set
Router#
clock ?
Set the time and date
clock set
% Incomplete command.
Router#
hh:mm:ss
<Ctrl-P>clock set ?
Current Time
clok
Translating "CLOK"
% Unknown command
or computer
unable to find computer address
Router#
clock name,
set or
19:56:00
% Incomplete command.
Router#
clear
clock
Router#
<1-31>
Router#
MONTH
Command
prompting
% Incomplete command.
Router#
Router#
set
Router#
Set%the
time and input
date
Invalid
Router#
% Incomplete
% command.
Incomplete
Router#
Syntax checking
Command
prompting
<Ctrl-E>
<Ctrl-E>
<Esc-B>
<Ctrl-E>
<Esc-B>
<Ctrl-F>
<Ctrl-E>
<Esc-B>
<Ctrl-F>
<Ctrl-B>
<Ctrl-E>
<Esc-B>
<Ctrl-F>
<Ctrl-B>
<Esc-F>
<Ctrl-E>
<Esc-B>
<Ctrl-F>
<Ctrl-B>
<Esc-F>
<Ctrl-D>
NVRAM
Config
Config
IOS
show
running-config
show
startup-config
Console
Setup utility
In NVRAM
wg_ro_c#show running-config
Building configuration...
wg_ro_c#show startup-config
Using 1359 out of 32762 bytes
!
version 12.0
!
-- More --
Current configuration:
!
version 12.0
!
-- More --
Router>enable
Router#config term
Router(config)#
Configuration
Mode
Ctrl-Z (end)
Exit
Prompt
Interface
Router(config-if)#
Subinterface
Router(config-subif)#
Controller Router(config-controller)#
Line
Router(config-line)#
Router
Router(config-router)#
IPX router
Router(config-ipx-router)#
Saving Configurations
wg_ro_c#
wg_ro_c#copy running-config startup-config
Destination filename [startup-config]?
Building configuration
wg_ro_c#
Interface Description
wg_ro_c(config)#interface ethernet 0
wg_ro_c(config-if)#description Engineering LAN, Bldg. 18
Enable Password
Router(config)#enable password cisco
Secret Password
Router(config)#enable secret sanfran
Configuring an Interface
Router(config)#interface type number
Router(config-if)#
Specify interface
Router#configure term
Router(config)#
Router(config)#interface serial 0
Router(config-if)#
Router#configure term
Router(config)#
Specify interface
Router(config)#interface serial 0
Router(config-if)#
Set bandwidth
Router(config-if)#bandwidth 64
Router(config-if)#exit
Router(config)#exit
Router#
Disabling or Enabling an
Interface
Router#configure term
Router(config)#interface serial 0
Router(config-if)#shutdown
%LINK-5-CHANGED: Interface Serial0, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to down
Carrier Detect
Operational..................
Connection problem...
Interface problem........
Disabled ......................
Keepalives
Serial1
Serial1
Serial1
Serial1
is
is
is
is
ROUTING
What is Routing?
10.120.2.0
172.16.1.0
172.16.1.0
S0
Network
Protocol
Connected
Learned
Destination
Network
10.120.2.0
172.16.1.0
Exit
Interface
E0
S0
Routed Protocol: IP
Dynamic Route
Uses a route that a network
routing protocol adjusts
automatically for topology or
traffic changes
STATIC ROUTING
Static Routing: The administrator must handtype all network locations into the routing table.
In Static Routing, the administrator is
responsible for updating all changes by hand
into all routers.
IP Route command
Static Routing
The following list describes each command in the string:
ip route
The command used to create the static route.
destination network
The network you are placing in the
routing table.
mask
Indicates the subnet mask being used on the
network.
next hop address
The address of the next hop router that
will receive the packet and forward it to the
remote network. This is a router interface
that is on a directly connected network. You
must be able to ping the router interface before
you add the route.
172.16.1.0
SO
Network
172.16.2.2
172.16.2.1
B
B
Default Routing
Default routing is used to send packets with a
remote destination network not in the routing
table to the next hop router.
You can only use default routing on stub
networks, which means that they have only
one exit port out of the network.
Default Routes
Stub Network
172.16.1.0
SO
Network
A
172.16.2.2
172.16.2.1
BB
This route allows the stub network to reach all known networks
beyond router A.
Static Routing
Static Routing is the process of an administrator manually adding routes in each
routers routing table.
Benefits of Static Routing
No overhead on the Router CPU
No Bandwidth usage between routers
Security (Administrator can allow routing to selected networks)
Disadvantage of Static Routing
The administrator must really understand the full internetwork to configure
routes correctly.
If one network is added to the internetwork the administrator must add a route
to it on all routers.
It is not feasible in large networks because it would be a full-time job.
Routed protocols
used between
routers to direct user
traffic; also called
network protocols
Examples: IP, IPX,
DECnet, AppleTalk,
NetWare, OSI, VINES
Routing protocols
used between
routers to maintain
routing tables
Examples: RIP, IGRP,
OSPF, BGP, EIGRP
Network
Protocol
Protocol name
1.1
2.1
3.1
DYNAMIC ROUTING
Dynamic Routing: Dynamic routing is the
process of routing protocols running on the router
communicating with neighbor routers.
If a change occurs in the network the dynamic
routing protocols automatically inform all
routers about the change.
Dynamic Routing
Most internetworks use dynamic routing
X
C
B
C
Routing Protocols
www.cisco.com
E0
Network
Protocol
Connected
RIP
IGRP
172.16.1.0
S0
Destination
Network
10.120.2.0
172.16.2.0
172.17.3.0
Exit
Interface
E0
S0
S1
Routed Protocol: IP
Routing protocol: RIP, IGRP
172.17.3.0
EGPs: BGP
Administrative Distance:
Ranking Routes
I need to send a packet to
Network E. Both router B
and C will get it there.
Which route is best?
IGRP
Administrative
Distance=100
Router A
Router B
RIP
Administrative
Distance=120
Router C
Router D
RIP
Distance vector
Most common IGP
Uses hop count
Distance vector
Developed by Cisco
Addresses problems in
large, heterogeneous
networks
Hybrid protocol
Developed by Cisco
Superior convergence
and operating efficiency
Merges benefits of link
state & distance vector
OSPF
Distance Vector
Hybrid
Link State
Distance Vector
C
D
Hybrid Routing
B
A
C
D
Link State
DistanceHow far
VectorIn which direction
Routing
Table
Routing
Table
Routing
Table
Routing
Table
Distance VectorSources of
Information and Discovering Routes
10.1.0.0
E0
10.2.0.0
A
S0
Routing Table
S0
10.3.0.0
B
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0
E0
10.2.0.0
S0
10.3.0.0
S0
10.2.0.0
S0
10.3.0.0
S1
10.4.0.0
E0
Distance VectorSources of
Information and Discovering Routes
10.1.0.0
E0
10.2.0.0
A
S0
Routing Table
S0
10.3.0.0
B
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0
E0
10.2.0.0
S0
10.3.0.0
S0
10.2.0.0
S0
10.3.0.0
S1
10.4.0.0
E0
10.3.0.0
S0
10.4.0.0
S1
10.2.0.0
S0
10.1.0.0
S0
Distance VectorSources of
Information and Discovering Routes
10.1.0.0
E0
10.2.0.0
A
S0
Routing Table
S0
10.3.0.0
B
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0
E0
10.2.0.0
S0
10.3.0.0
S0
10.2.0.0
S0
10.3.0.0
S1
10.4.0.0
E0
10.3.0.0
S0
10.4.0.0
S1
10.2.0.0
S0
10.4.0.0
S0
10.1.0.0
S0
10.1.0.0
S0
Distance VectorSelecting
Best Route with Metrics
A
IGRP
Bandwidth
56
Delay
RIP
Hop count
T1
56
T1
B
Distance VectorMaintaining
Routing Information
Process to
update this
routing
table
Topology
change
causes
routing
table
update
Distance VectorMaintaining
Routing Information
Process to
update this
routing
table
Router A sends
out this updated
routing table
after the
next period
expires
Topology
change
causes
routing
table
update
Distance VectorMaintaining
Routing Information
Process to
update this
routing
table
Process to
update this
routing
table
Router A sends
out this updated
routing table
after the
next period
expires
Topology
change
causes
routing
table
update
10.2.0.0
A
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0
E0
10.2.0.0 S0
10.3.0.0 S0
10.2.0.0
S0
10.3.0.0 S1
10.4.0.0 E0
10.3.0.0
S0
10.4.0.0 S1
10.2.0.0 S0
10.4.0.0
S0
10.1.0.0 S0
10.1.0.0 S0
10.2.0.0
A
E0
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0 S0
10.2.0.0 S0
10.3.0.0 S1
10.4.0.0 E0 Down
10.3.0.0
S0
10.4.0.0 S1
10.2.0.0
S0
10.4.0.0
S0
10.1.0.0 S0
10.1.0.0
S0
10.2.0.0
A
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0 S0
10.2.0.0
S0
10.3.0.0 S1
10.4.0.0 S0
10.3.0.0
S0
10.4.0.0
S1
10.2.0.0
S0
10.4.0.0
S0
10.1.0.0
S1
10.1.0.0
S0
10.2.0.0
A
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0 S0
10.2.0.0 S0
10.3.0.0 S1
10.4.0.0 S0
10.3.0.0
S0
10.4.0.0 S1
10.2.0.0
S0
10.4.0.0
S0
10.1.0.0 S0
10.1.0.0
S0
10.2.0.0
A
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0 S0
10.2.0.0 S0
10.3.0.0 S1
10.4.0.0 S0
10.3.0.0
S0
10.4.0.0
S1
10.2.0.0
S0
10.4.0.0
S0
10.1.0.0
S0
10.1.0.0
S0
10.2.0.0
E0
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0
S0
10.2.0.0 S0
10.3.0.0 S1
10.4.0.0
S0
16
10.3.0.0
S0
10.4.0.0
S1
16
10.2.0.0
S0
10.4.0.0
S0
16
10.1.0.0
S0
10.1.0.0
S0
10.2.0.0
A
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0
E0
10.2.0.0 S0
10.3.0.0
S0
10.2.0.0
S0
10.3.0.0 S1
10.4.0.0
S0
10.3.0.0
S0
10.4.0.0
S1
10.2.0.0
S0
10.4.0.0
S0
10.1.0.0
E1
10.1.0.0
S0
10.2.0.0
A
S0
Routing Table
10.3.0.0
S0
S1
Routing Table
10.4.0.0
S0
E0
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0
S0
10.2.0.0 S0
10.3.0.0 S1
10.4.0.0
10.3.0.0
S0
10.4.0.0 S1
10.2.0.0
S0 Infinity
1
S0
10.4.0.0
S0
10.1.0.0 E1
10.1.0.0
S0
10.2.0.0
A
S0
10.3.0.0
S0
S1
10.4.0.0
S0
E0
Poison
Reverse
Routing Table
Routing Table
Routing Table
10.1.0.0 E0
10.2.0.0 S0
10.3.0.0
S0
10.2.0.0 S0
10.3.0.0 S1
10.4.0.0
10.3.0.0
S0
10.4.0.0 S1
Possibly
Down
10.2.0.0
S0 Infinity
1
S0
10.4.0.0
S0
10.1.0.0 E1
10.1.0.0
S0
Update after
hold-down Time
10.1.0.0
10.2.0.0
E0
S0
Update after
hold-down Time
S0
10.3.0.0
B
S1
10.4.0.0
S0
E0
Network 10.4.0.0
is unreachable
10.1.0.0
E0
Network 10.4.0.0
is unreachable
10.2.0.0
A
S0
S0
10.3.0.0
B
S1
10.4.0.0
S0
E0
Implementing Solutions in
Multiple Routes
D
10.4.0.0
E
Implementing Solutions in
Multiple Routes (cont.)
Holddown
10.4.0.0
E
Holddown
A
Holddown
Implementing Solutions in
Multiple Routes (cont.)
Holddown
Poison Reverse
D
Poison Reverse
10.4.0.0
E
Holddown
Poison Reverse
Poison Reverse
A
Holddown
Implementing Solutions in
Multiple Routes (cont.)
Holddown
10.4.0.0
E
Holddown
Packet for
Network 10.4.0.0
Packet for
Network 10.4.0.0
A
Holddown
Implementing Solutions in
Multiple Routes (cont.)
D
10.4.0.0
E
Link up!
Implementing Solutions in
Multiple Routes (cont.)
D
10.4.0.0
E
Link up!
A
D
Link-State Packets
Topological
Database
Routing
Table
SPF
Algorithm
Hybrid Routing
Choose a
routing path based
on distance vectors
Balanced Hybrid Routing
Converge rapidly using
change-based
updates
IP Routing
Configuration Tasks
Network 172.16.0.0
Router configuration
Select routing protocols
Specify networks or
interfaces
RIP
IGRP,
RIP
IGRP
Network
160.89.0.0
RIP
Network 172.30.0.0
RIP Overview
19.2 kbps
T1
T1
T1
RIP Configuration
Router(config)#router rip
Starts the RIP routing process
Router(config-router)#network network-number
Selects participating attached networks
The network number must be a major classful
network number
S2
S2
A
172.16.1.1 10.1.1.1
2.3.0.0
router rip
network 172.16.0.0
network 10.0.0.0
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
2.3.0.0
router rip
network 192.168.1.0
network 10.0.0.0
router rip
network 10.0.0.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
RouterA#sh ip protocols
Routing Protocol is "rip"
Sending updates every 30 seconds, next due in 0 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Outgoing update filter list for all interfaces is
Incoming update filter list for all interfaces is
Redistributing: rip
Default version control: send version 1, receive any version
Interface
Send Recv
Key-chain
Ethernet0
1
1 2
Serial2
1
1 2
Routing for Networks:
10.0.0.0
172.16.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.1.1.2
120
00:00:10
Distance: (default is 120)
192.168.1.0
Displaying the
IP Routing Table
E0
172.16.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
RouterA#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate
default
U - per-user static route, o - ODR
T - traffic engineered route
Gateway of last resort is not set
C
R
C
R
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
RouterA#debug ip rip
RIP protocol debugging is on
RouterA#
00:06:24: RIP: received v1 update from 10.1.1.2 on Serial2
00:06:24:
10.2.2.0 in 1 hops
00:06:24:
192.168.1.0 in 2 hops
00:06:33: RIP: sending v1 update to 255.255.255.255 via
Ethernet0 (172.16.1.1)
00:06:34:
network 10.0.0.0, metric 1
00:06:34:
network 192.168.1.0, metric 3
00:06:34: RIP: sending v1 update to 255.255.255.255 via
Serial2 (10.1.1.1)
00:06:34:
network 172.16.0.0, metric 1
192.168.1.0
Introduction to IGRP
IGRP
19.2 kbps
Source
Destination
Bandwidth
Delay
Reliability
Loading
MTU
Source
Initial
Route
Destination
Configuring IGRP
Router(config-router)#network network-number
Selects participating attached networks
Router(config-router)#variance multiplier
Control IGRP load balancing
Router(config-router)#traffic-share
{ balanced | min }
Control how load-balanced traffic is distributed
S2
S2
A
172.16.1.1 10.1.1.1
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
RouterA#sh ip protocols
Routing Protocol is "igrp 100"
Sending updates every 90 seconds, next due in 21 seconds
Invalid after 270 seconds, hold down 280, flushed after 630
Outgoing update filter list for all interfaces is
Incoming update filter list for all interfaces is
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
IGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0
IGRP maximum hopcount 100
IGRP maximum metric variance 1
Redistributing: igrp 100
Routing for Networks:
10.0.0.0
172.16.0.0
Routing Information Sources:
Gateway
Distance
Last Update
10.1.1.2
100
00:01:01
Distance: (default is 100)
192.168.1.0
Displaying the
IP Routing Table
E0
172.16.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
RouterA#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
T - traffic engineered route
Gateway of last resort is not set
C
I
C
I
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
172.16.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
172.16.1.0
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
RouterB#sh ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default
U - per-user static route, o - ODR
T - traffic engineered route
Gateway of last resort is not set
I
S2
A
172.16.1.1 10.1.1.1
S2
10.1.1.2
S3
B
S3
E0
C
10.2.2.2 10.2.2.3 192.168.1.1
192.168.1.0
EIGRP Overview
2000, Cisco Systems, Inc.
www.cisco.com
6-412
IP Routing
Protocols
Enhanced
IGRP
IPX Routing
Protocols
AppleTalk
Routing Protocol
IPX Routing
Protocols
EIGRP supports:
Rapid convergence
Reduced bandwidth usage
Multiple network-layer protocols
EIGRP Features
Advantages of EIGRP
Uses multicast instead of broadcast
Utilizes link bandwidth and delay
EIGRP metric = IGRP metric x 256
(32 bit vs. 24 bit)
172.16.0.0 /16
192.168.42.0 /27
10.0.0.0 /18
172.16.0.0 /16
192.168.42.0 /24
EIGRP Packets
Hello: Establish neighbor relationships
Update: Send routing updates
Query: Ask neighbors about
routing information
Reply: Response to query about
routing information
ACK: Acknowledgement of a reliable packet
SRTT
(ms)
8
29
RTO Q Seq
Cnt Num
200 0 9
200 0 6
EIGRP Reliability
EIGRP reliable packets are packets that require
explicit acknowledgement:
Update
Query
Reply
B
I am router A, who is on the link?
B
I am router A, who is on the link?
A
1
Hello
3
5
Ack
A
1
Hello
4
Topology
Table
3
5
Ack
A
1
Hello
4
Topology
Table
3
5
Ack
A
1
Hello
4
Topology
Table
3
5
Ack
Converged
Ack
IP
A
AppleTalk
T1
19.2
T1
AppleTalk
IPX
IPX
T1
C
EIGRP DUAL
Diffusing Update Algorithm (DUAL)
Finite-state machine
Tracks all routes advertised by neighbors
Select loop-free path using a successor and remember
any feasible successors
If successor lost:
Use feasible successor
If no feasible successor:
Query neighbors and recompute new successor
C
(a)
A
(1)
(1)
B
D
(2)
(2)
via B
via D
via E
FD AD
3
3
1
4
2
4
3
Topology
(fd)
(Successor)
(fs)
D EIGRP
(a)
via B
via C
FD AD
2
2
1
5
3
Topology
(fd)
(Successor)
E EIGRP
(a)
via D
via C
FD AD
3
3
2
4
3
Topology
(fd)
(Successor)
(1)
(1)
C
EIGRP
DUAL Example
(a)
C
(a)
A
(1)
(1)
B
(2)
(2)
via B
via D
via E
FD AD
3
3
1
4
2
4
3
Topology
(fd)
(Successor)
(fs)
D EIGRP
(a)
via B
via C
FD AD
2
2
1
5
3
Topology
(fd)
(Successor)
E EIGRP
(a)
via D
via C
FD AD
3
3
2
4
3
Topology
(fd)
(Successor)
(1)
(1)
C
EIGRP
C
(a)
via B
via D
via E
A
(1)
D
(2)
(2)
(1)
(1)
C
EIGRP
FD AD
3
3
1
4
D EIGRP
(a) **ACTIVE**
via E
via C
FD AD
-1
E EIGRP
(a)
via D
via C
FD AD
3
3
2
4
3
Topology
(fd)
(Successor)
Topology
(fd)
(q)
(q)
Topology
(fd)
(Successor)
C
(a)
FD AD
3
3
1
Topology
(fd)
(Successor)
D EIGRP
(a) **ACTIVE**
via E
via C
FD AD
-1
Topology
(fd)
(q)
E EIGRP
(a) **ACTIVE**
via D
via C
FD AD
-1
Topology
(fd)
(q)
via B
via D
via E
A
(1)
D
(2)
(2)
(1)
(1)
C
EIGRP
C
(a)
(1)
D
(2)
Topology
(fd)
(Successor)
D EIGRP
(a) **ACTIVE**
via E
via C
FD AD
-1
Topology
(fd)
(q)
E EIGRP
(a)
via C
via D
FD AD
4
4
3
(1)
(1)
C
FD AD
3
3
1
via B
via D
via E
(2)
EIGRP
Topology
(fd)
(Successor)
C
(a)
(1)
D
R
(2)
Topology
(fd)
(Successor)
D EIGRP
(a)
via C
via E
FD AD
5
5
3
5
4
Topology
(fd)
(Successor)
(Successor)
E EIGRP
(a)
via C
via D
FD AD
4
4
3
Topology
(fd)
(Successor)
(1)
(1)
C
FD AD
3
3
1
via B
via D
via E
(2)
EIGRP
C
(a)
(1)
D
(2)
Topology
(fd)
(Successor)
D EIGRP
(a)
via C
via E
FD AD
5
5
3
5
4
Topology
(fd)
(Successor)
(Successor)
E EIGRP
(a)
via C
via D
FD AD
4
4
3
Topology
(fd)
(Successor)
(1)
(1)
C
FD AD
3
3
1
via B
via D
via E
(2)
EIGRP
C
(a)
A
(1)
(1)
B
D
(2)
(2)
via B
via D
via E
FD AD
3
3
1
4
2
4
3
Topology
(fd)
(Successor)
(fs)
D EIGRP
(a)
via B
via C
FD AD
2
2
1
5
3
Topology
(fd)
(Successor)
E EIGRP
(a)
via D
via C
FD AD
3
3
2
4
3
Topology
(fd)
(Successor)
(1)
(1)
C
EIGRP
C
(a)
(1)
D
(2)
Topology
(fd)
(Successor)
D EIGRP
(a)
via C
via E
FD AD
5
5
3
5
4
Topology
(fd)
(Successor)
(Successor)
E EIGRP
(a)
via C
via D
FD AD
4
4
3
Topology
(fd)
(Successor)
(1)
(1)
C
FD AD
3
3
1
via B
via D
via E
(2)
EIGRP
Variance Example
20
10
E
10
10
A
Network Z
(config)#
variance 2
25
20
D
Configuring
EIGRP
2000, Cisco Systems, Inc.
www.cisco.com
6-446
10.4.0.0 Token
172.16.6.0
Ring
172.16.7.0
192.168.1.0
S0
172.16.5.0
S1
T0
10.1.0.0
172.16.2.0
S2
172.16.1.0
B
D
10.2.0.0
172.16.3.0
Token
Ring
172.16.4.0
EIGRP SummarizationAutomatic
Purpose: Smaller routing tables, smaller updates, query
boundary
Autosummarization:
On major network boundaries, subnetworks are summarized to a
single classful (major) network
Autosummarization is turned on by default
172.17.X.X
172.16.X.X
172.16.0.0/16
EIGRP SummarizationManual
Manual summarization
Configurable on a per-interface basis in any
router within network
When summarization is configured on an interface,
the router immediate creates a route pointing to null
zero
Loop prevention mechanism
Configuring Summarization
(config-router)#
no auto-summary
172.16.1.0
10.0.0.0
S0
C
172.16.2.0
router eigrp 1
network 10.0.0.0
network 172.16.0.0
no auto-summary
World
Verifying EIGRP
Operation
2000, Cisco Systems, Inc.
www.cisco.com
6-452
show ip protocols
Router#
ACCESS-LISTS
Token
Ring
FDDI
Internet
Token
Ring
FDDI
172.17.0.0
Dial-on-demand routing
Source
Permit?
S0
Standard
Checks Source address
Generally permits or denies entire protocol suite
Incoming
Packet
Protocol
Source
and
Destination
Outgoing
Packet
Permit?
S0
Standard
Checks Source address
Generally permits or denies entire protocol suite
Extended
Checks Source and Destination address
Generally permits or denies specific protocols
Incoming
Packet
Protocol
Source
and
Destination
Outgoing
Packet
Permit?
S0
Standard
Checks Source address
Generally permits or denies entire protocol suite
Extended
Checks Source and Destination address
Generally permits or denies specific protocols
Inbound or Outbound
Choose
Interface
Outbound
Interfaces
Routing
Table
Entry
?
N
S0
Access N
List
?
Y
Choose
Interface
Outbound
Interfaces
Test
Access List
Statements
Routing
Table
Entry
S0
Access N
List
?
Y
E0
Packet
Permit
?
Choose
Interface
Outbound
Interfaces
Test
Access List
Statements
Routing
Table
Entry
S0
Access N
List
?
E0
Packet
Permit
?
Y
N
Discard Packet
Notify Sender
Packet Discard Bucket
If no access list statement matches then discard the packet
Match
First
Test
Y
Y
?
Deny
Permit
Destination
Interface(s)
Packet
Discard
Bucket
Deny
Packets to Interface(s)
in the Access Group
Deny
Deny
Permit
Y
Match
Next
Test(s)
?
Permit
Destination
Interface(s)
Packet
Discard
Bucket
Deny
Packets to Interface(s)
in the Access Group
Deny
Deny
Deny
Packet
Discard
Bucket
Permit
Y
Match
Next
Test(s)
?
N
Match
Last
Test
?
Deny
Permit
Destination
Interface(s)
Permit
Packets to Interface(s)
in the Access Group
Deny
Deny
Deny
Packet
Discard
Bucket
Permit
Y
Match
Next
Test(s)
?
N
Match Y
Last
Test
?
N Implicit
Deny
Deny
Permit
Destination
Interface(s)
Permit
If no match
deny all
Standard
Number Range/Identifier
1-99
Standard
Extended
Number Range/Identifier
1-99
100-199
Number Range/Identifier
IP
Standard
Extended
Named
1-99
100-199
Name (Cisco IOS 11.2 and later)
IPX
Standard
Extended
SAP filters
Named
800-899
900-999
1000-1099
Name (Cisco IOS 11.2. F and later)
Packet
(IP header)
Segment
(for example,
TCP header)
Source
Address
Data
Use
access
list statements
1-99
Deny
Permit
Packet
(IP header)
Segment
(for example,
TCP header)
Data
Port
Number
Protocol
Source
Address
Destination
Address
Deny
Use
access
list statements
1-99 or 100-199 to
test the
packet
Permit
64
32
16
Examples
check all address bits
(match all)
Wildcard mask:
16
17
18
:
0
:
1
31
Configuring Standard
IP Access Lists
1999, Cisco Systems, Inc.
www.cisco.com
10-484
Router(config-if)#
ip access-group access-list-number
{ in | out }
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
172.16.3.0
S0
E0
E1
172.16.4.0
172.16.4.13
172.16.3.0
S0
E0
E1
172.16.4.0
172.16.4.13
172.16.3.0
172.16.4.0
S0
E0
E1
172.16.4.13
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
www.cisco.com
10-494
console
Console port (direct connect)
0 1 2 34
0 1 2 34
Physical port (e0) (Telnet)
Router#
Configuring Extended
IP Access Lists
1999, Cisco Systems, Inc.
www.cisco.com
10-499
Extended
Filters Based on
Source.
Filters Based on
Source and destination.
Specifies a specific IP
protocol and port number.
Range is 1 through 99
access-list access-list-number
} protocol source source-wildcard
destination destination-wildcard
] [ established ] [log]
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
Non172.16.0.0
S0
E0
E1
172.16.4.0
172.16.4.13
Non172.16.0.0
172.16.4.0
S0
E0
E1
172.16.4.13
0.0.0.255
any eq 23
Non172.16.0.0
172.16.4.0
S0
E0
E1
172.16.4.13
0.0.0.255
any eq 23
Non172.16.0.0
172.16.4.0
S0
E0
E1
172.16.4.13
0.0.0.255
any eq 23
interface ethernet 0
ip access-group 101 out
Top-down processing
Place more specific test statements first
E0
S0
S1
S1
To0
Token
Ring
E0
E0
E1
Recommended:
Place extended access lists close to the source
Place standard access lists close to the destination
WAN PROTOCOLS
Service
Provider
Telephone
Company
Address
Control
Proprietary
Data
FCS
Flag
Address
Control
Data
FCS
Flag
HDLC Command
Router(config-if)#encapsulation hdlc
An Overview of PPP
Multiple protocol
encapsulations using
NCPs in PPP
TCP/IP
Novell IPX
AppleTalk
PPP Encapsulation
IPX
IPCP
PPP
IPXCP
Layer 3 Protocols
Network
Layer
Many Others
Data Link
Layer
Physical
Layer
How It Operates
Protocol
Require a password
PAP
Perform Challenge Handshake CHAP
Compression
Stacker or
Predictor
Error
Detection
Magic Number
Multilink
PAP
2-Way Handshake
Central-Site Router
(HQ)
santacruz, boardwalk
Accept/Reject
Hostname: santacruz
Password: boardwalk
username santacruz
password boardwalk
CHAP
3-Way Handshake
Central-Site Router
(HQ)
Challenge
Response
Hostname: santacruz
Password: boardwalk
Accept/Reject
username santacruz
password boardwalk
Authenticating Router
Router to Be Authenticated
(The router that initiated the call.)
Enabling PPP
ppp encapsulation
hostname
username / password
ppp authentication
ppp encapsulation
hostname
username / password
ppp authentication
Configuring PPP
Router(config-if)#encapsulation ppp
Enable PPP encapsulation
Configuring PPP
Authentication
Router(config)#hostname name
Configuring PPP
Authentication
(cont.)
Router(config-if)#ppp authentication
{chap | chap pap | pap chap | pap}
PSTN/ISDN
hostname left
username right password sameone
!
int serial 0
ip address 10.0.1.1 255.255.255.0
encapsulation ppp
ppp authentication CHAP
Right
router
hostname right
username left password sameone
!
int serial 0
ip address 10.0.1.2 255.255.255.0
encapsulation ppp
ppp authentication CHAP
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
4d20h:
changed
Service
Provider
Right
router
Frame Relay
Application
Presentation
Session
Transport
Network
IP/IPX/AppleTalk, etc.
Data Link
Frame Relay
Physical
EIA/TIA-232,
EIA/TIA-449, V.35,
X.21, EIA/TIA-530
LMI
100=Active
400=Active
DLCI: 400
Local Access
Loop=64 kbps
Local
Access
Loop=T1
PVC
DLCI: 500
Local Access
Loop=64 kbps
Frame Relay
Address Mapping
DLCI: 500
PVC
CSU/DSU
Inverse ARP or
Frame Relay map
Frame
Relay DLCI (500)
IP
(10.1.1.1)
10.1.1.1
PVC
10.1.1.1
CSU/DSU
LMI
500=Active
400=Inactive
DLCI: 400
PVC
Keepalive
Frame Relay
Cloud
DLCI=400
172.168.5.7
Status Inquiry
Frame Relay
Cloud
DLCI=400
172.168.5.7
Status Inquiry
Frame Relay
Cloud
DLCI=100
DLCI=400
172.168.5.5
172.168.5.7
Status Inquiry
Status Inquiry
34
Frame Relay
Cloud
DLCI=100
DLCI=400
172.168.5.5
172.168.5.7
Status Inquiry
Status Inquiry
34
Frame Relay
Cloud
DLCI=400
172.168.5.7
172.168.5.5
5
4
Frame Relay
Cloud
DLCI=400
172.168.5.7
172.168.5.5
Hello, I am 172.168.5.7.
5
6
5
4
Frame Relay
Cloud
DLCI=400
172.168.5.7
172.168.5.5
Hello, I am 172.168.5.7.
5
6
7
5
4
Keepalives
interface Serial1
ip address 10.16.0.1 255.255.255.0
encapsulation frame-relay
bandwidth 64
interface Serial1
ip address 10.16.0.2 255.255.255.0
encapsulation frame-relay
bandwidth 64
frame-relay lmi-type ansi
interface Serial1
interface Serial1
ip address 10.16.0.2 255.255.255.0
ip address 10.16.0.1 255.255.255.0
encapsulation frame-relay
encapsulation frame-relay
bandwidth 64
bandwidth 64
frame-relay lmi-type ansi
Inverse ARP
Enabled by default
Does not appear in configuration output
p1r1
HQ
Branch
DLCI=100
IP address=10.16.0.2/24
interface Serial1
ip address 10.16.0.1 255.255.255.0
encapsulation frame-relay
bandwidth 64
frame-relay map ip 10.16.0.2 110 broadcast
Full Mesh
Partial Mesh
Star (Hub and Spoke)
1
2
B
C
Problem:
Broadcast traffic must be replicated for
each active connection
Physical
Interface Subnet A
S0
Subnet B
Subnet C
Solution:
Split horizon can cause problems in NBMA environments
Subinterfaces can resolve split horizon issues
A single physical interface simulates multiple logical interfaces
Configuring Subinterfaces
Point-to-Point
Subinterfaces act as leased line
Each point-to-point subinterface requires its own subnet
Applicable to hub and spoke topologies
Multipoint
Subinterfaces act as NBMA network so they do not resolve the split
horizon issue
Can save address space because uses single subnet
Applicable to partial-mesh and full-mesh topology
Configuring Point-to-Point
Subinterfaces
10.17.0.1
s0.2
A
DLCI=110
s0.3
10.18.0.1
interface Serial0
no ip address
encapsulation frame-relay
!
interface Serial0.2 point-to-point
ip address 10.17.0.1 255.255.255.0
bandwidth 64
frame-relay interface-dlci 110
!
interface Serial0.3 point-to-point
ip address 10.18.0.1 255.255.255.0
bandwidth 64
frame-relay interface-dlci 120
!
10.17.0.2
B
10.18.0.2
C
Multipoint Subinterfaces
Configuration Example
B
s2.2=10.17.0.1/24
s2.1=10.17.0.2/24
DLCI=130
RTR1
RTR3
s2.1=10.17.0.3/24
interface Serial2
no ip address
encapsulation frame-relay
!
interface Serial2.2 multipoint
ip address 10.17.0.1 255.255.255.0
bandwidth 64
frame-relay map ip 10.17.0.2 120
broadcast
frame-relay map ip 10.17.0.3 130
broadcast
frame-relay map ip 10.17.0.4 140
broadcast
RTR4
s2.1=10.17.0.4/24
OSPF Overview
2000, Cisco Systems, Inc.
www.cisco.com
4-562
What Is OSPF?
OSPF in IP Packets
89 - OSPF
6 - TCP
17 - UDP
Frame Payload
Frame
Header
IP
Header
Protocol
Number
Packet Payload
C
R
C
OSPF
Terminology
2000, Cisco Systems, Inc.
www.cisco.com
4-565
OSPF Terminology
Interfaces
Token
Ring
OSPF Terminology
Neighbors
Interfaces
Token
Ring
OSPF Terminology
Neighbors
Interfaces
Cost = 10
Token
Ring
Cost = 1785
Cost = 6
OSPF Terminology
Neighbors
Interfaces
Area 1
Cost = 10
Area 0
Token
Ring
Cost = 1785
Cost = 6
OSPF Terminology
Autonomous System
Neighbors
Interfaces
Area 1
Cost = 10
Area 0
Token
Ring
Cost = 1785
Cost = 6
OSPF Terminology
Autonomous System
Neighbors
Interfaces
Area 1
Cost = 10
Area 0
Token
Ring
Cost = 1785
Cost = 6
Neighborship
Database
Lists Neighbors
OSPF Terminology
Autonomous System
Neighbors
Interfaces
Area 1
Cost = 10
Area 0
Token
Ring
Cost = 1785
Cost = 6
Neighborship
Database
Lists Neighbors
Topology
Database
Lists All Routes
OSPF Terminology
Autonomous System
Neighbors
Interfaces
Area 1
Cost = 10
Area 0
Token
Ring
Cost = 1785
Cost = 6
Neighborship
Database
Lists Neighbors
Topology
Database
Lists All Routes
Routing
Table
Lists Best Routes
OSPF Operation
www.cisco.com
4-574
OSPF Topologies
Broadcast
Multiaccess
Point-to-Point
NBMA
X.25
Frame Relay
OSPF Operation in a
Broadcast Multiaccess
Topology
www.cisco.com
4-576
Neighborship
D
Hello
afadjfjorqpoeru
39547439070713
Router ID
Hello/dead intervals
Neighbors
Area-ID
Router priority
DR IP address
BDR IP address
Authentication password
Stub area flag
Hello
Neighborship (cont.)
D
Hello
afadjfjorqpoeru
39547439070713
Router ID
Hello/dead intervals
Neighbors
Area-ID
Router priority
DR IP address
BDR IP address
Authentication password
Stub area flag
Hello
DR and BDR
DR
BDR
P=2
DR
BDR
Hello
P=1
P=1
P=0
Exchange Process
A
172.16.5.1/24
E0
172.16.5.2/24
E1
Down State
Exchange Process
A
172.16.5.1/24
E0
172.16.5.2/24
E1
Down State
Router B
Neighbors List
172.16.5.1/24, int E1
Exchange Process
A
172.16.5.1/24
E0
172.16.5.2/24
E1
Down State
Router B
Neighbors List
172.16.5.1/24, int E1
I am router ID 172.16.5.2, and I see 172.16.5.1.
Exchange Process
A
172.16.5.1/24
E0
172.16.5.2/24
E1
Down State
Router B
Neighbors List
172.16.5.1/24, int E1
I am router ID 172.16.5.2, and I see 172.16.5.1.
Router A
Neighbors List
172.16.5.2/24, int E0
Two-Way State
Discovering Routes
DR
E0
E0
172.16.5.1
afadjfjorqpoeru
39547439070713
Hello
172.16.5.3
Exstart State
afadjfjorqpoeru
39547439070713
Hello
Discovering Routes
DR
E0
E0
172.16.5.1
afadjfjorqpoeru
39547439070713
Hello
172.16.5.3
Exstart State
afadjfjorqpoeru
39547439070713
Hello
afadjfjorqpoeru
39547439070713
DBD
afadjfjorqpoeru
39547439070713
DBD
E0
172.16.5.3
afadjfjorqpoeru
39547439070713
LSAck
afadjfjorqpoeru
39547439070713
LSAck
E0
172.16.5.3
afadjfjorqpoeru
39547439070713
afadjfjorqpoeru
39547439070713
LSAck
LSAck
Loading State
afadjfjorqpoeru
39547439070713
LSR
LSU
E0
172.16.5.3
afadjfjorqpoeru
39547439070713
afadjfjorqpoeru
39547439070713
LSAck
LSAck
Loading State
afadjfjorqpoeru
39547439070713
LSR
LSU
Choosing Routes
10.1.1.0/24
A
Token
Ring
10.2.2.0/24
B
FDDI
10.3.3.0/24
C
Cost=6
Cost=1
Cost=10
10.4.4.0/24
Topology Table
Net
Cost Out Interface
10.2.2.0 6
To0
10.3.3.0 7
To0
This is the best route to 10.3.3.0.
10.3.3.0 10
E0
1 LSU
A
Link-State Change
LSU
DR
1 LSU
A
Link-State Change
LSU
DR
1 LSU
A
3
LSU
Link-State Change
LSU
DR
4 I need to update
my routing table.
1 LSU
A
3
LSU
Is entry in
link-state
database?
No
Add to database
Send LSAck
to DR
Flood LSA
Run SPF to calculate
new routing table
End
Is entry in
link-state
database?
No
Add to database
Send LSAck
to DR
Flood LSA
Run SPF to calculate
new routing table
End
Yes
Is seq. #
the same?
Ignore LSA
Yes
Is entry in
link-state
database?
No
Add to database
Send LSAck
to DR
Flood LSA
Run SPF to calculate
new routing table
End
Yes
Is seq. #
the same?
No
Is seq. #
higher?
No
Send LSU
with newer
information to
source
End
Ignore LSA
Yes
Is entry in
link-state
database?
No
Add to database
Send LSAck
to DR
Flood LSA
Run SPF to calculate
new routing table
End
Yes
Is seq. #
the same?
Ignore LSA
Yes
No
Is seq. #
higher?
No
Send LSU
with newer
information to
source
End
Yes
Go
to
A
OSPF Operation in a
Point-to-Point Topology
2000, Cisco Systems, Inc.
www.cisco.com
4-599
Point-to-Point Neighborship
Configuring OSPF
in a Single Area
2000, Cisco Systems, Inc.
www.cisco.com
4-601
Point-to-Point Network
S0
10.64.0.2
10.64.0.1
E0
<Output Omitted>
interface Ethernet0
ip address 10.64.0.1 255.255.255.0
!
<Output Omitted>
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
10.2.1.2
10. 2.1.1
S1
<Output Omitted>
interface Ethernet0
router ospf 50
network 10.2.1.2 0.0.0.0 area 0
network 10.64.0.2 0.0.0.0 area 0
Configuring Optional
Commands
Unadvertised Loopback Address
Ex: 192.168.255.254
Not in OSPF table
Saves address space
Cannot use ping
Network
172.16.0.0
Router ID:
Number by which the router is known to OSPF
Default: The highest IP address on an active interface at the
moment of OSPF process startup
Can be overridden by a loopback interface: Highest IP address of
any active loopback interface
Configuring Optional
Commands (cont.)
Traffic
Token
Ring
Cisco
Non-Cisco
Router(config-if)#
Verifying OSPF
Operation
2000, Cisco Systems, Inc.
www.cisco.com
4-605
show ip protocols
show ip route
show ip ospf
Displays
OSPF timers and statistics
Router#
show ip ospf neighbor detail
clear ip route *
Pri
1
1
1
1
State
2WAY/DROTHER
FULL/BDR
2WAY/DROTHER
FULL/DR
Dead Time
00:00:31
00:00:38
00:00:36
00:00:38
Address
192.168.0.13
192.168.0.14
192.168.0.11
192.168.0.12
Interface
Ethernet0
Ethernet0
Ethernet0
Ethernet0
Neighbor ID
192.168.0.11
Pri
1
State
FULL/
Dead Time
00:00:39
Address
10.1.1.2
Interface
Serial1
ADV Router
192.168.0.10
192.168.0.11
192.168.0.12
192.168.0.13
192.168.0.14
Age
817
817
816
816
817
Seq#
0x80000003
0x80000003
0x80000003
0x80000003
0x80000003
Checksum
0xFF56
0xFD55
0xFB54
0xF953
0xD990
ADV Router
192.168.0.14
Age
812
Seq#
0x80000002
Checksum
0x4AC8
Link count
1
1
1
1
1
NAT
(NETWORK ADDRESS
TRANSLATION)
Private Addresses
Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.255.255
Class C 192.168.0.0 to 192.168.255.255
NAT
NAT is used when a packet is traversing
from one network to another and when the
source address on the transmitting
network is not legal or valid on the
destination network i.e, when a source
corresponds to a private address.
USE NAT IF
NAT Operation
Inside
10.1.1.1
Internet
10.1.1.2
Inside Local
IP Address
Inside Global
IP Address
10.1.1.1
10.1.1.2
192.168.2.2
192.168.2.3
NAT table
TYPES OF NAT
STATIC NAT
DYNAMIC NAT
DYNAMIC NAT WITH OVERLOAD (PATPort Address Translation)
DA
192.168.2.2
10.1.1.3
DA
10.1.1.1
Host B
172.20.7.3
SA
192.168.2.2
Internet
10.1.1.2
10.1.1.2
SA
10.1.1.1
10.1.1.1
2 NAT table
Inside Local
IP Address
10.1.1.3
10.1.1.2
10.1.1.1
Inside Global
IP Address
192.168.2.4
192.168.2.3
192.168.2.2
DA
192.168.2.2
10.1.1.3
Host B
172.20.7.3
DA
10.1.1.1
SA
192.168.2.2
Internet
10.1.1.2
1
SA
10.1.1.1
10.1.1.1
2 NAT table
Protocol
TCP
TCP
TCP
Inside Local IP
Address
10.1.1.3
10.1.1.2
10.1.1.1
Inside Global IP
Address: Port
DA
192.168.2.2
Host C
172.21.7.3
Outside Global
IP Address: Port
192.168.2.2:1492 172.21.7.3:23
192.168.2.2:1723 172.21.7.3:23
192.168.2.2:1024 172.20.7.3:23
This interface
connected to
the inside
network.
This
interface
connected to
the outside
world.
This interface
connected to
the inside
network.
This interface
connected to
the outside
world.
ISDN
(INTEGRATED SERVICES
DIGITAL NETWORK)
What is ISDN?
Small office
Digital
PBX
Provider
network
Telecommuter
Home office
Central site
ISDN Standards
Issue
Protocol
Telephone
Network and
ISDN
ISDN Concepts,
Aspects, and
Interfaces
Switching and
Signaling
Key Examples
E-Series
E.163International Telephone
Numbering Plan
E.164International ISDN Addressing
I-Series
Q-Series
Capacity
64 kbps
NT1
BRI
Service
provider
network
D 2B
PRI
CSU/DSU
D 23 or 30B
ISDN
service provider
4
ISDN
Switch
ISDN
Switch
2
SS7
B channel(s)
D channel/SS7 signaling
TE1
NT2 T NT1
ISDN Terminal
TE2
Existing
Terminal
Service
provider
network
TA
Terminal
Adapter
TE1
Service
provider
network
NT1
S/T
bri 0
TE1 U
NT1
TE2
S0
TA
S/T
NT1
CO
S
S
S
S
S
S
CO
What Is Dial-on-Demand
Routing?
Dallas
Corporate
PSTN
Chicago
I need to send
data to Dallas.
ISDN
Telecommuter
Headquarters
Vendor
Periodic connections
Small amounts of data
DCE
DCE
ISDN or
Basic
Service
ISDN or
Basic
Service
DCE
DCE
1
2
1
2
3
ISDN or
Basic
Service
10.1.0.1
Home
bri 0
5551000
10.1.0.2
ISDN
bri 0
5552000
Central
Subnets
10.10.0.0
10.20.0.0
Specify address of
next hop router
ip route 10.10.0.0 255.255.0.0 10.1.0.2
ip route 10.20.0.0 255.255.0.0 10.1.0.2
Network prefix
and prefix mask
Deny FTP
Deny Telnet
Any IP traffic, except FTP and Telnet, will initiate the link
Applies rules
defined by dialerlist to individual
interfaces
Both values
must match
Home
bri 0
5551000
10.1.0.2
ISDN
bri 0
5552000
Central
interface BRI0
ip address 10.1.0.1 255.255.255.0
encapsulation ppp
dialer idle-timeout 180
dialer map ip 10.1.0.2 name Central 5552000
dialer-group 1
no fair-queue
ppp authentication chap
Subnets
10.10.0.0
10.20.0.0
Number to dial
1
2
hostname Home
!
isdn switch-type basic-5ess
!
interface BRI0
ip address 10.1.0.1 255.255.255.0
encapsulation ppp
dialer idle-timeout 180
dialer map ip 10.1.0.2 name Central 5552000
dialer-group 1
no fair-queue
ppp authentication chap
!
router rip
network 10.0.0.0
!
no ip classless
ip route 10.10.0.0 255.255.0.0 10.1.0.2
ip route 10.20.0.0 255.255.0.0 10.1.0.2
dialer-list 1 protocol ip permit
!
10.108.126.1
10.108.126.2
ISDN
Static routes to
reach destination
Interface
configuration for
DDR
Time to wait
before dropping
call
Subnets
192.168.12.0
192.168.14.0
Router#show dialer
Router#show ip route
Router#debug dialer
Router(config-if)#shutdown
Understanding LAN
Switching
What is Switching ?
It breaks the Collision Domain
It takes the packet and forwards to destined
port without any modification.
Network still remains in one large Broadcast
Domain.
It increases bandwidth of the network.
Multiple devices can be connected to each
interface.
Collision Domain
All the computers which are physically
connected together and can collide with each
other are part of a single Collision Domain.
To reduce collision increase collision domain
Reducing Collision Domain will increase
collision.
Switching Technology
To understand Switching Technology we
need to understand the following :
Layer 2 Switching
Address Learning
Forward/Filtering Decisions
Loop Avoidance
Spanning-Tree Protocol
LAN Switch Types
10
Hub
Ethernet concentrator
Self-contained Ethernet
LAN in a box
Works at physical layer 1
CRASH
Hub
Hub-Based LANs
10BaseT
Hub
10BaseT
Hub
Shared resources
Desktop connections wired to
centralized closets
Poor security within shared
segments
Routers provide scalability
Adds, moves, and changes
are easier than without hubs,
but still a hassle
Groups of users determined
by
physical location
SwitchesLayer 2
Switched Ethernet
10
Ethernet
Switch
Backbone
Ethernet
10
One device
sending at
a time
All nodes share 10 Mbps
Ethernet
Switch
Backbone
Switched Ethernet
10
Multiple
devices
sending at the
same time
Todays LANs
10/100
Switch
10/100
Switch
10-Mbps
Hub
Mostly switched
resources; few
shared
Routers provide
scalability
Groups of users
determined by
physical location
www.cisco.com
Layer 2 Switching
This is hardware based switching
It uses MAC address to filter the network.
To build Filter Table, it uses ASICs (Applicationspecific Integrated Circuits)
It is like Multiport bridge.
Layer 2 switches do not look at the Network layer
header and hence faster.
Based on hardware address it decides whether to
forward the packet or drop it.
Layer 2 Switching
Layer 2 Switching provides the following:
Hardware-based bridging (MAC)
Wire speed
Layer 2 switch is considered faster because no
modification in the packet.
Low Latency
Because the switching is faster
Low cost
Functions of Switch
at Layer 2
Loop Avoidance
Address Learning
Switches and Bridges remember the source address of each frame
received on an interface and enter this information into MAC
database.
Whenever switch receives a packet it makes an entry of the
source address and sends a broadcast for destination.
- The destination machine then responds to broadcast and switch
receives a packet from destination.
Switch again makes entry for the destination machines
hardware address.
Using this method Switch maintains a table stating that which
hardware address is available at which port.
Broadcast / Unicast
When packets are sent to a specific
machine that is called Unicast.
It always knows the destination address
Loop Avoidance
If multiple connections between switches are
created for redundancy, network loops can occur.
Most commonly networks are implemented with
redundant links for fault tolerance purpose.
These multiple links may cause loops and broadcast
storm
In a switched network some scheme should be
implemented to avoid these loops.
The Spanning-Tree Protocol (STP) is used to stop
network loops and allow redundancy.
10 Mbps
C
3
Data from A to B
10 Mbps
4
B
Interface
1
Stations
10 Mbps
C
3
1
10 Mbps
4
B
Interface
1
Stations
3
X
Data from A to B
10 Mbps
C
3
1
Data from
to B
10AMbps
Interface
Stations
1
A
3
X
Data from A to B
4
B
10 Mbps
C
2
Interface
1
A
B
X
X
Data from B to A
10 Mbps
Stations
4
B
10 Mbps
C
3
1
10 Mbps
Data from B to A
4
B
Interface
1
Stations
A
B
X
X
Switching type basically effects the Latency and the reliability of your
network.
Cut-Through
(Real
Time)
Cut-Through switching is the fastest one, because it
does not check for errors.
It does not store data and process for error.
It just reads the destination address and forwards it.
It begins to forward the frame as soon as it reads the
destination address and determines the outgoing
interface.
It has Lowest Latency and not reliable.
Hence it is also called Wire Speed Switching.
Understanding
Spanning-tree
protocol(802.1d)
2/1
Switch 1
Switch 2
1/2
2/2
Segment B
Station B
Loop Occuring
In this scenario if no loop avoidance scheme is implemented
the switch will generate a broadcast storm.
A device can receive multiple copy of same frames.
The MAC address table will be continuously updated and the
table itself will be confused, because frames will be received
from more than one link. This is called thrashing MAC Table.
This is how loops within other loop will be generated and no
switching will be performed in the network.
Note : Spanning Tree Protocol is designed to solve this
problem.
Spanning-Tree Protocol
The main function of STP is to maintain a loop free
network.
Originally STP was created by DEC (Now Compaq)
It was modified by IEEE and was published in 802.1d
specification.
DEC and IEEE 802.1d are not compatible
Bridge ID
Bridge ID is used to determine the Root Bridge and Root Port.
The Bridge ID is 8 bytes long.
Bridge ID includes the priority and the MAC Address of the
device.
All devices running IEEE STP version has 32,768 as priority
value.
To Determine Bridge ID the Priorities and MAC address are
combined.
If two switches / Bridges have the same priority then MAC Address
is used to determine Bridge ID.
Eg. If switch A with MAC ID 0000.0c00.1111.1111 and switch B with
MAC IS 0000.0c00.2222.2222 have the same priority then switch
A will become the Root Bridge.
Designated Port
There will be only one Designated Port in one
Segment.
Designated Port is selected on the bridge that has
the lowest cost path to Root Bridge.
Designated Port is in the forwarding state.
Responsible for forwarding traffic for the
segmentation
Nondesignated Ports are normally in the blocking
state to break the loop topology. That means the
Spanning Tree is preventing it from forwarding
traffic.
Link Speed
10 Gbps
1 Gbps
100 Mbps
10 Mbps
Convegence
Covergence occurs when bridges and switches have
transitioned to either the forwarding or blocking states.
No data is forwarded during this time.
Convergence is important to make sure all devices have the
same database.
Before data can be forwarded, all devices must be updated.
The problem with convergence is the time it takes for these
devices to update.
It usually takes 50 seconds to got from Blocking to forwarding
state.
Forward delay is the time it takes to transition a port from listening
to learning state or from learning to forwarding state.
Primary Function
Default Setting
Hello Time
2 seconds
Forward Delay
30 seconds
Max Age
20 seconds
Port 0
Switch Z
MAC 0c0011110000
Default Priority 32768
100BaseT
Port 0
Port 1
Port 1
Switch Y
MAC 0c0011111111
Default Priority 32768
100BaseT
Find out the following:
What is the Root Bridge?
What are the Designated, Nondesignated and Root Ports?
What are the Forwarding and Blocking Ports?
Root Bridge: Switch Z, Because it has the lowest bridge ID (priority and
MAC address)
Root Port: Port 0 of Switches X and Y because it is the lowest-cost path to
the root.
Designated Port: Port 0 of Switch Z. All ports on the root are designated
ports. Port 1 of Switch X is a designated port. Because both Switch X and
SwitchY have the same path cost to the Root Bridge, the designated port is
selected to be on switch X because it has a lower bridge ID than Switch Y.
Blocking: Port 1 of Switch Y. The nondesignated port on the segment.
Forwarding: All designated ports and root ports are in the forwarding state.
802.1d Spanning-Tree
Protocol (STP)
Allows redundancy by using parallel links
Shuts down redundant links to eliminate
loops
Cisco refinements:
PortFast
UplinkFast
Understanding
Virtual LANs
Virtual LANs
VLAN 1
VLAN 2
VLAN 3
Server Farm
VLAN Definition
VLAN is defined as logical grouping of
network resources & User connected to
predefined ports on a Switch, defined by
Administrator.
VLAN
VLANs are used to create smaller broadcast
domain within a switch.
A Single VLAN is treated as a separate
subnet or broadcast domain.
Marketing
Floor 3
Floor 2
Floor 1
Acctg.
VLAN Benefits
Reduced administrative costs
Simplify moves, adds, and changes
Advantages of VLAN
Broadcast Control: Multimedia applications use
broadcasts and multicast heavily, moreover,
faulty equipment, inadequate segmentation and
poorly designed Firewalls can be major players
for the above problem.
Switches forwards broadcasts to all segments
and hence called as Flat Network because it is
one Broadcast Domain
Solution :
It is the job of the Administrator to properly do
the segmentation of the network to avoid
problem from propagating throughout the
Network.
Devices in a particular VLAN are members of
same Broadcast Domain and so they receive all
broadcast .
Note: Routers are used along with Switches to
provide connection between VLANs which stops
broadcast from propagating throughout the
entire internetwork.
Solution :
Creation of VLANs and multiple broadcast
groups, empowers the Administrator to have
control over each port and user.
Groups are created based on users requirement
for network resources.
If configured, unauthorized access of the
network resources will be reported to the
network management station by Switches.
Contd..
In case of Inter-VLAN communication, restriction
are implemented on the router.
Restriction can also be placed on the Hardware
address, Protocols and Application
Functioning of VLANs
Scenario: A collapsed Backbone.
Contd..
With reference to the figure, each network is
attached to the router having its own logical
network number.
Each node attached to a particular network must
match that network number in order to
communicate on the internetwork.
Contd..
With reference to the figure, Switches
removes the physical boundaries, creating
greater flexibility and scalability than
router.
You can group users into communities,
which are known as VLAN Organization.
Contd..
With reference to the figure there are four
VLANs or broadcast domain. Node within a
particular VLAN can communicate with each
other, but not with any other VLAN or node in
other VLAN.
So, communication between VLAN is only
possible through a Layer 3 device.
VLAN Membership
Administrator are responsible for creating
VLANs, which are further assigned to
Switch ports.
Vlan Membership can be configured as
Static or Dynamic.
Static VLAN
This is the basic and most secure type for
creating VLAN.
Port assignment associated with a VLAN is
maintained until and unless modified by the
Administrator.
This type of VLAN configuration is easy to Setup
and Monitor.
Dynamic VLAN
Using intelligent management software, you can
enable MAC address, Protocols or even
Application to create Dynamic VLANs.
For e.g. MAC address might be fed into a
centralized VLAN management application, Now
if a node is attached to an unassigned port, the
VLAN management database will lookup the
MAC address and assign and configure the
Switch port to correct VLAN. Again, if the user
moves, the Switch will automatically assign them
to correct VLAN.
VLAN Identification
VLAN can span multiple connected switches.
Switches must keep a track of Frames and
which VLAN, these Frame belong to.
Frame Tagging performs this function.
MAC
MAC
Addresses Addresses
VLAN 1
VLAN 2
Subnet
198.21.xx
Subnet
198.22.xx
VLAN 1
VLAN 2
Membership by Port
Maximizes Forwarding Performance
VLAN 3
VLAN 1
VLAN 2
Communicating Between
VLANs
Two Physical Topology Approaches
Logical
Communication
VLANs 1, 2, 3
Cisco Internetworking
Software
Physical Link
per VLAN
VLAN 3
VLAN 2
VLAN 1
Layer 3 links
VLANs together
Adds additional security
and management
Logical links conserve
physical ports
Multimode, depending
on protocol
Controls access by VLAN
Up to 255 VLANs per router
VLAN Technologies
www.cisco.com
Inter-Switch Link
Inter-Switch Link
(ISL) Carries
VLAN Identifier
802.10
ISL
802.1Q
LANE
VLAN Standardization
Packet Tagging as Common VLAN Exchange
Level-1 Explicit Tagging
DES SRC
FCS
DES SRC
DES SRC
FCS
FCS
SRC
DES
Data
VLAN ID
VLAN Standard
Implementation
Typical Environment
Cisco
Domain
Cisco environment
uses ISL
802.1Q
Vendor X
Domain
Si
Si
ISL
Company ABC
Trunk Links :
Capable of carrying multiple VLANs
Used to connect Switches to other
Switches or to Routers or even Servers
Supported on Fast or Gigabit ether net
only.
IEEE 802.1q
Created by IEEE as standard method for Frame
Tagging.
It inserts a field into Frame to identify the VLAN.
When trunking between Cisco Switches link and
different brand of Switch, it is mandatory to use
802.1q for the trunk to work.
DrawBack
As the frame is encapsulated with information,
only ISL devices can read it.
Also, the frame can be up to 1522 bytes long,
devices that receive an ISL frame may record
this as giant frame, as it is over the maximum of
1518 bytes allowed on an ethernet segment.
TRUNKING
Trunk Links are 100-1000 Mbps point-to-point
links between two Switches, between a Switch
and Router or between Switch and Server.
Trunk Links carry the traffic of multiple VLANs,
from 1 to 1005 at a time
Cannot run Trunk Links on 10 Mbps.
VLAN 1
VLAN 2
ISL
ISL
LANE
LANE
ATM
Fabric
LANE
802.1Q
Benefits of VTP
Consistent VLAN configuration across all
switches in the network.
Allowing VLANs to be Trunked over mixed
networks, like Ethernet to ATM LANE or FDDI.
Accurate tracking and Monitoring of VLANs.
Dynamic reporting of adding VLAN to all
Switches.
Plug and Play VLAN adding.
VTP Modes
Server Mode
Sends/Forwards
VTP advertisements
Client Mode
Sends/Forwards
VTP advertisements
Transparent Mode
Forwards VTP
advertisements
Syn VLAN
configuration
information with
other switches
VLAN configurations
are saved on
NVRAM
Syn VLAN
configuration
information with
other switches
VLAN configurations
are not saved on
NVRAM
VTP Modes
Catalyst Switch can
create VLANs
Catalyst Switch
cannot create
VLANs
Catalyst Switch
cannot modify
VLANs
Catalyst Switch
cannot delete
VLANs
Contd..
Figure shows a configuration revision number
as N. As the database is modified, the VTP
server increments the revision number by 1.
The VTP server then advertises the database
with the new configuration revision number.
When Switch receives an advertisement that
has a higher revision number, it overwrites
the database in NVRAM with the new
database being advertised.
VTP Pruning
Pruning is defined as preserving bandwidth by
configuring the VTP to reduce the amount of
broadcast, multicast and other unicast packets
VTP Pruning only sends broadcast to Trunk
Links that must have the information, any Trunk
Link that does not need the broadcast will not
receive them.
VTP Pruning is disabled by default on all
Switches.
Vlan Commands
Use the vlan global configuration command to configure a VLAN with a
number & name. Use the no vlan command to delete a VLAN or to negate the
configuration of a translational bridge VLAN.
Syntax Description
vlan
vlan-name
Command Mode
Global configuration
Example
This example shows how to configure VLAN 2 with the name
Engineering:
hostname(config)# vlan 2 name engineering
show (vlan)
Use the show vlan privileged Exec command to display the settings of VLAN
configuration parameters.
show vlan [vlan]
Syntax Description
vlan
Default
This command has no default value.
Command Mode
Privileged Exec
Usage Guidelines
If you do not specify vlan, the system displays all VLAN configuration parameters.
Example
This example shows how to display the settings of the VLAN configuration parameters:
hostname# show vlan
VLAN Name
Status
Ports
---- -------------------------------- --------1
default
active
1-15
2
VLAN0002
active
16-18
3
VLAN0003
active
4
VLAN0004
active
5
VLAN0005
active
Vlan-membership
vlan-membership
Use the vlan-membership interface configuration command to assign a port to
a VLAN. Use the no vlan-membership command to remove a port from a
VLAN.
vlan-membership {static {vlan} | dynamic}
no vlan-membership
Syntax Description
static
vlan
dynamic
Vlan-membership
Default
All nontrunk ports belong to a default VLAN. ISL VLAN ID 1 is the
default VLAN for Ethernet VLANs. The membership type of all
nontrunk ports is static.
Command Mode
Interface configuration
Usage Guidelines
If you want to know the VLAN membership of a port that has been set to
dynanmic but is static by default, query the VLAN Membership Policy
Server (VMPS).
Vlan-membership
Example
This example shows how to configure the interface as a dynamic
VLAN port:
hostname(config)# interface ethernet 0/6
hostname(config-if)# vlan-membership dynamic
show (Vlan-membership)
Command Mode
Privileged Exec
Usage Guidelines
This command is not functional when bridge groups are enabled.
Example
This example shows how to display the VLAN assignment and
membership type for all switch ports:
hostname# show vlan-membership
VTP
Syntax Description
server
enable
disable
password
Password between 8 and 64 alphanumeric characters.
Password is case insensitive.
VTP CONFIGURATION
Default
The default VTP mode is server, and the default trap-generation is
enabled. The default VTP pruning mode is enabled.
Usage Guidelines
If you create a VTP password, it generates a secret value. This value is
used in the calculation of the MD5 digest of a VTP advertisement. The
MD5 digest ensures the validity of VTP advertisements.
show (vtp)
Use the show vtp privileged Exec command to display Vlan Trunking Protocol
(VTP) statistics.
Syntax Description
This command has no additional arguments or keywords.
Default
This command has no default value.
Command Mode
Privileged Exec
Usage Guidelines
Example
This example shows how to display VTP statistics:
hostname# show vtp
VTP version: 1
Configuration revision
: 3
Maximum VLANs supported locally: 1005
Number of existing VLANs: 5
VTP domain name
: Zorro
VTP password
: vtp_server
VTP operating mode
: Server
VTP pruning mode
: Enabled
VTP traps generation
: Enabled
Configuration last modified by: 0.0.0.0 at
00-00-0000 00:00:00
Trunk
Syntax Description
on
Configures the port into permanent Inter-Switch Link (ISL) trunk
mode and negotiates with the connected device to convert the link to
trunk mode. The port converts to trunk mode even if the other end of the
link does not.
off
Disables port trunk mode and negotiates with the connected
device to convert the link to nontrunk. The port converts to nontrunk
even if the other end of the link does not. Use this state when an ISL port
is connected to another ISL port that does not support the DISL protocol.
desirable
Triggers the port to negotiate the link from nontrunking to
trunk mode. The port negotiates to a trunk port if the connected device is
either in the On, Desirable, or Auto state. Otherwise, the port becomes a
nontrunk port.
Syntax Description
auto Enables a port to become a trunk only if the connected device has
the state set to On or Desirable.
nonegotiate Configures port to permanent ISL trunk mode and no
negotiation takes place with the partner.
Trunk
Default
The default DISL configuration state for a Fast Ethernet port is
off.
Command Mode
Interface configuration
Usage Guidelines
This command applies only to one Fast Ethernet port. If you use
this command for a Fast Ethernet port that is an aggregate port
group member, the newly configured value also applies to all
other aggregate port group members.
Trunk
Example
This example shows how to set the Fast Ethernet port to trunk
mode:
hostname(config)# interface fastethernet
0/26
hostname(config-if)# trunk on