Ccna Full Cousre PDF

CISCO CERTIFIED
NETWORK ASSOSIATES
CCNA
640-802
Sumesh Balakrishnan
sumeshbkrn@gmail.com
TYPES OF COMPUTER NETWORK
Local Area Network (LAN): LAN is a small data network covering a limited area, such as a
building or group of buildings. Most LANs connect workstations or personal computers. This allows
many users to share devices, such as laser printers, as well as data.
Metropolitan Area Network (MAN): A data communications network that covers an area larger
than a LAN and smaller than a WAN. It interconnects two or more LANs, and usually covers an
entire metropolitan area, such as a large city and its suburbs.
Wide Area Network (WAN): A computer network that spans a relatively large geographical area.
Typically, a WAN consists of two or more local-area networks (LANs).
Computers connected to a wide-area network are often connected through public networks, such as
the telephone system. They can also be connected through leased lines or satellites. The largest
WAN in existence is the Internet.
Components of Networking
 Network Interface Card (NIC)
 Cables
 Hub / Switch
 Routers
 Protocols (Logical Component)
Network Interface Card.
NIC is used to connect computer to an Ethernet networks. It works as an interface to the

network. Each NIC card is assigned a physical address called MAC address (Media Access
Controller). This is assigned by manufacturer of NIC. It stored in ROM.
These addresses are globally unique. It is 48 bit hexadecimal address. MAC address is
divided into two sections of 24 bits. First 24 bits provide by IEEE called OUI (Organizationally
Unique Identifier). The last 24 bits assigned by manufacturer.
Command to see MAC address of a windows PC from DOS prompt.

C:> IPconfig/all
2
CABLING
Cable is the medium through which information usually moves from one network device to
another. There are several types of cable which are commonly used with LANs. The type of cable
chosen for a network is related to the network's topology, protocol, and size of the network.
Following are the main classification of network cables.
Coaxial Cable:- Coaxial cables consist of two wires. A copper conductor at its center and a plastic
layer provides insulation between the center conductor and a braided metal shield. The metal shield
helps to reduce electrical interference (Cross talk). Coaxial cable support greater cable lengths
between network devices than twisted pair cable. The two types of coaxial cabling are Thick coaxial
and Thin coaxial. Thick coaxial cable has an extra protective plastic cover and shielding.
Thick Coaxial Cable

Support 500 M segment length Thin Coaxial Cable
10Base5 Ethernet. Support 200 M segment length
10Base2 Ethernet.
The most common type of connector used with coaxial cables is the Bayone-Neill-Concelman
(BNC) connector
Twisted Pair Cabling:- Twisted-pair cable is a type of four pair cable that is used for modern
Ethernet networks. A pair of wires forms a circuit that can transmit data. The pairs are twisted one
another provide protection against crosstalk, the noise generated by adjacent pairs.
Two type twisted pair cables are Shielded Twisted Pair (STP) and Unshielded Twisted Pair (UTP).
In STP each pair of wires is wrapped in a metallic foil and all four pairs of wires then are wrapped in
an overall metallic braid or foil. Ethernet Using Twisted Pair Cabling known as 10BaseT, 100BaseT.
3
Categories of Unshielded Twisted Pair
CAT – 1 - Used for telephone communications. Not suitable for transmitting data.
CAT – 2 - 4 Mbps
CAT – 3 - 10 Mbps
CAT – 4 - 16 Mbps
CAT – 5 - 100 Mbps
CAT – 5e - Above 100 Mbps
CAT – 6 - 1 Gbps
CAT – 7 - Above 1 Gbps
Twisted Pair cable connector known as RJ45 (Registered Jack)
RJ45
Optical Fiber Cable:- Fiber Optical Cabling consists of a centre glass fiber core surrounded by
several layers of protective materials. It transmits light rather than electric signals eliminating the
problem of electrical interference. Two type optical cables are single-mode and multi-mode.
The simplest type of optical fiber is called single-mode. It has a very
thin core. In a single-mode fiber, designed for the transmission of a single ray or
mode of light as a carrier and is used for long-distance signal transmission. It
supports 10gbps up to 10Km.
Another type of fiber-optic cable is called multi-mode. Each optical
fiber in a multi-mode cable is about 10 times bigger than one in a single-mode
cable. It is designed to carry multiple light rays or modes concurrently, each at a
slightly different reflection angle within the optical fiber core. It supports
100gbps up to 2 Km.
Ethernet using fiber cable known as 10BaseF, 100BaseF.
Twisted Pair Cable Crimping
4
LAN Topology
Topology refers to the shape of a network, or the network's layout. How different nodes in a
network are connected to each other and how they communicate is determined by the network's
topology. Each topology has its own advantages and disadvantages. Most using LAN topologies are.
Bus Topology
A bus topology consists of a main run of cable with a

terminator at each end. Terminators absorb free signals from
the medium. All nodes are connected to the central cable
(Backbone cable). 10base5, 10Base2 Ethernet networks and
LocalTalk networks use a bus topology.
Advantages:-
 Easy to connect a computer or peripheral to a linear
bus.
 Requires less cable length than a star topology.
Disadvantages:-
 Entire network shuts down if there is a break in the main cable.
 Terminators are required at both ends of the backbone cable.
 Difficult to identify the problem if the entire network shuts down.
Star Topology
In the computer networking world the most commonly used
topology in LAN is the star topology. All the computers in the
star topologies are connected to central devices like hub or
switch. Computers in a network are usually connected with the
hub or switch with the Unshielded Twisted Pair (UTP) or
Shielded Twisted Pair Cables (STP). Ethernet use star topology.
Advantages:-
 Easy to install and wire.
 No disruptions to the network then connecting or removing devices.
 Easy to detect faults and to remove parts.
Disadvantages:-
 Requires more cable length than a linear topology.
 If the hub or concentrator fails, nodes attached are disabled.
 More expensive than linear bus topologies.
Ring Topology
In ring Network, every computer or devices have two adjacent
neighbors for communication. In a ring network, all the
communication messages travel in the same directory whether
clockwise or anti clockwise. Any damage of the cable of any cable or
device can result in the breakdown of the whole network.
FDDI, SONET or Token Ring Technology can be used to implement

Ring
5
Mesh Topology
Mesh topology work on the concept of routes. In Mesh topology,
message sent to the destination can take any possible shortest, easiest
route to reach its destination. The topology in which every device
connects to every other device is called a full Mesh topology unlike in
the partial mesh in which every device is indirectly connected to the
other devices.
Ethernet network can connect in Mesh Topology.
Hybrid topology It is integration of Bus, Star, Ring and Mesh Topology.
6
ISO OSI Layer Model
ISO - International Standards Organization
OSI – Open System Interconnection
7 OSI Layers
Application Layer:- This layer makes the point where users actually communicate with computer.
It is an interface between users and network. We must have application software dealing with actual
data.
Protocols :- Http, FTP, SMTP, POP3, DHCP, Telnet, TFTP etc.
Presentation Layer:- It present data to user and responsible for data translation and code formatting
. it provides the task like compression, decompression, encryption and decompression etc.
Protocols:- JPG, ASCII, TIFF, MP3, MPG etc.
Session Layer:- This layer establishes, manages and terminates connection between applications.
The session layer also manages who can transfer the data in a certain amount of time and for how
long. It also reports and logs upper layer errors.
Protocols:- NetBIOS, Mail slots, RPC, SQL etc.
Transport Layer:- The network start from this layer. It is responsible of end to end data
transmission. It actually segments and reassemble data stream. TCP and UDP are the
communication protocol used in this layer. Error correction is the function of this layer. The format
of data (PDU – Protocol Data Unit) of this layer is called segment.
Network Layer:- The network layer determines that how data transmit between the network
devices. It also translates the logical address into physical address. This layer also responsible for
defining the route, managing the network problems and addressing. Router work on this layer. PDU
of this layer is Packet.
Protocol:- IP, IPX, ICMP, ARP, RIP etc.
Data-Link Layer.:- This layer provides physical identification of device using MAC address. It add
source and destination address to the packet and converted into frames. This layer also handle error
notification. PDU of this layer is Frame. This layer has two sub layers.
7
Logical Link Control (LLC)- It responsible of identify network protocol in the frame.
MAC Layer:- The physical address is adding to the packet from this layer.
Protocol:- PPP, HDLC, MAC, DLCI, Ethernet etc.
Physical Layer:- It specify the electrical mechanical procedural and functional requirements for
activating a physical link. This layer responsibility is carry data from one device to another device.
PDU of this layer known as Bit.
Protocols :- .
TCP/IP DoD Model

The Department of Defense developed a four-layer reference model in 1970s for the DARPA
Internetwork Project. DoD is a reference model that determines the way in which messages should
be transmitted between any two-communication entities in a network. In DoD model, the two end
points in a network are divided into 4 layers. As data moves through the layers, header information
is added (for transmission) or removed (for reception). The DoD model consists of the following
four layers:
Cisco Three Level of Network Hierarchical Model

According to Cisco there are 3 types of level in networking.
1. Core Layer
It is the topest level of network and is responsible for transporting large amount of traffic
both reliably and quickly. The only purpose of this layer is switch traffic as fast as possible.
So the equipments should have high end config and we should not use any security control
config in those devices.
2. Distribution Layer
It provides the traffic distribution to different small networks. Routing and filtering
mechanism implemented here.
3. Access Layer.
It controls users and workgroup access to internetwork resources. The access layer is
sometime refereed to as the desktop layer.
Data Encapsulation
The upper layers (Application, Presentation, Session) data id broken up and add a TCP or
UDP header at transport layer and is called a segment. This segment is changed to packet by adding
layer 3 protocol header at network layer. In data link layer it also adds a MAC header to packet and
is called Frame and at last in to bits in physical layer. This whole process is called data
encapsulation. The reverse process is called de-encapsulation.
8
TCP and UDP
TCP UDP
Sequenced Unsequenced
Reliable Unreliable
Connection-oriented Connectionless
High Overhead Low overhead
Acknowledgement No acknowledgment
Windowing flow control No flow control
TCP – UDP Port Number
TCP and UDP use port numbers to communicate with the upper layers because they are what
keep track of different conversations crossing the network simultaneously. Originating source port
numbers are dynamically assigned by the source host and will equal some number starting at 1024.
1023 and below are reserved for well-known port number it is used by servers to identify upper layer
protocol.
Application Protocol Well –Known
Port Number
FTP data TCP 20
FTP control TCP 21
SSH TCP 22
Telnet TCP 23
SMTP TCP 25
DNS TCP, UDP 53
DHCP UDP 67, 68
TFTP UDP 69
HTTP (WWW) TCP 80
POP3 TCP 110
SNMP UDP 161
Flow Controlling
It is functions that prevent network conjunction. There are three methods of flow control.
Buffering:- It is used by destination network device to temporary store access data in
memory until they can be processed. But in this technology there is a possibility of buffer
over flow.
Source Quench Message:- This used by destination device to prevent buffer overflow. If a
source device receives a buffer full message, it will stop its current data transmission.
Windowing:- In this method the destination device initiating the communication by sending
window packets to the source. A window is the maximum amount of data that can send by a source
device with out waiting an acknowledgement. For increasing communication speed TCP will
increase the window size if any data lose occurred it decrease the window size is called sliding
window technology.
Protocols
Telnet:- It is use to access a remote device using its IP address.
FTP:- File transferring Protocol. It is use to file handling between two devices.
9
TFTP:- Trivial File Transfer Protocol
NFS:- Network File System. It is used to create session layer entities.
SMTP:- Simple Mail transfer Protocol. It is used to upload mail.
SNMP:- Simple Network Management Protocol. It is used to monitor the network.
DNS:- Domain Name Service. It is use to convert name to IP address and vice versa.
DHCP:- Dynamic Host Config Protocol. It is use to dynamically configure IP address,
Subnet Mask, Default gateway.
ARP:- Address Resolution Protocol:- It finds the hardware address of a host from a known
IP address. ARP sent broadcast asking the machine with the specified IP address to
replay with its hardware address.
RARP:- Reverse ARP. Use to convert Physical Address to IP address in diskless machine (ie
DHCP)
10
ETHERNET (IEEE 802.3)
Ethernet is connection media access method or a LAN technology that allows all hosts on a
network to share the same bandwidth of a link Other LAN technologies are Token Ring and FDDI.
Every LAN technology has a collision prevention mechanism. In Ethernet technology we use
CSMA/CD
CSMA/CD (Carrier Sense Multiple Access / Collision Detection)

It helps devices to share bandwidth of a medium without having two devices to transmit at
the same time.
When a host wants to transmit over the network, it first checks for the presence of any digital
signal on the medium. If it is free it will send the data and weights for an acknowledgement signal. If
any error occurred in the medium CSMA/CD will generate an extended jam signal and send to all
transmitting station. So that devices respond to all transmitting station. So that devices respond to
that jam signal by weighting a random time before attending retransmission. CSMA/CD uses back
of algorithm for this purpose.
Ethernet Frame
Preamble Synchronization
Start Frame Signifies that the next byte begins the Destination MAC
Delimiter (SFD) field
Destination MAC
Identifies the intended recipient of this frame
address
Source MAC
Identifies the sender of this frame
address
Defines the length of the data field of the frame (either
Length
length or type is present, but not both)
Defines the type of protocol listed inside the frame
Type
(either length or type is present, but not both)
Data and Pad Holds data from a higher layer, typically an L3 PDU
(generic), and often an IP packet
Frame Check Provides a method for the receiving NIC to determine if
Sequence (FCS) the frame experienced transmission errors
Ethernet Types
11
Communication Types
Communication types are divided into two.
Half Duplex:- the capacity of transfer data in only one direction at a time between a sending
and receiving station.
Full Duplex:- The capacity to transmit information between a sending station and a receiving
station at the same time.
Transmission Methods
Data Transmission mainly divided into three
Unicast:- It means one – to – one communication. That is a device can send a data to a
particular device on the network.
Multicast:- If a device wants to send a same copy of data to more than one device in that
network (not to all). So we can crate a group for those destination devices and send the data
to that group. That is one to many communications.
Broadcast:- It means one-to-all communication. That is a signal send by a device will reach
all devices connected to that network. The destination of a broadcast signal is all.
HUB and SWITCH
Hub and Switch are networking component. That is these devices are use to populate
network. A hub is really a multi port repeater. That is any digital signal received on a hub port is
amplified and transmitted out through all ports on the hub. Functionally hub has only single channel
for communication. That is called single collision domain. So hub is referred as single collision
domain and single broadcast domain.
Two type hubs are Active hub and Passive hub. Active hub amplify received signal and send
to all other ports. But passive hub simply pass received signal without amplification.
A Switch is more intelligent than hub. It can read source MAC address of an incoming signal
and store that MAC address into a table called MAC address table. The MAC table is in ASIC chip
(Application Specified Integrated Circuit). Before forwarding any data, switch looks up in the MAC
table for finding the destination port. If the address match is made, switch performs unicast
operation. All switch ports have individual channel to other ports. So switch support full duplex
communication and create multiple collision domain. Switch forward all broadcast signal to all ports
of the switch without received port. So switch also referred as Single Broadcast domain.
12
IPv4 Address (Version 4)
TCP/IP provides a unique logical addressing scheme called IP address. It uniquely identifies
each device on the internetwork. It is a 32 bit address commonly written as four octets. Each octet
have a value ranging from 0 - 255
IP Address Classes
IP addresses are divided into 5 classes and each IP address contains two parts. The first
portion is for network address and second portion for host address. The IP classes and network
numbers
A Class (Internetwork Communication)

B Class (Internetwork Communication)
C Class (Internetwork Communication)
D Class (Reserved for Multicasting)
E Class (Reserved Research and Experiments)
Class A, B and C are used for internetwork communication. Class D is reserved for Multicasting
technology and Class E for research and experiments. 127 range of IP address are called loop back
address and it is used for checking proper functionality TCP/IP protocol.
Subnet Mask
Subnet mask is another 32 bit representation. It is used to identify the network and host
portion of an IP address. By default the following subnet mask are used.
Note:- All host bits ‘0’ is ‘Network Address

All host bits ‘1’ is Broadcast Address
Private and Public IP address

An intranet is an internal network that uses internet technology. Ip addresses which are used
in an intranet is called Private IP address.
To communicate over an internet a device must have a Public IP address which is provided
by IANA (Internet Assigned Numbers Authority). They will also provide addresses for private
addresses for private networks in each class as follows.
Private Address Range in each Class

Class A - 10.0.0.0 - 10.255.255.255.
Class B 172.16.0.0 - 172.16.31.255.255
Class C 192.168.0.0 - 192.168.255.255
13
Formula for calculating number of Networks = 2n (n= No. of network bits)
Formula for calculating number of Hosts = 2n - 2 (n= No. of host bits)
CLASS A
Range :- 1.0.0.0 - 126.255.255.255

Default Subnet Mask - 255.0.0.0 ( /8 )
Network bits - 8 ( 7 ) [First bit fix ‘0’]
Host bits - 24
No. of network - 27-2 = 126

Subtract 2 is the Default network 0.0.0.0 and Loopback network
127.0.0.0
No. of hosts per network - 224-2 = 16777214
Subtract 2 is Network and Broadcast address
Eg:-
Network Address – 1.0.0.0
Subnet Mask 255.0.0.0
First Host Address - 1.0.0.1

Last Host Address - 1.255.255.254
Broadcast Address - 1.255.255.255
CLASS B
Range :- 128.0.0.0 - 191.255.255.255

Network bits - 16 ( 14 ) [First two bit fix ‘10’]
Host bits - 16
No. of network - 214 = 16384
Eg:-

CLASS C
Range :- 192.0.0.0 - 223.255.255.255

Network bits - 24 ( 21 ) [First three bit fix ‘110’]
Host bits - 8
No. of network - 221 = 2097152
14
Eg:-

SUBNETTING
For reducing wastage of host we can borrow the bits from host portion into network portion,
by adding this the no. of host will be reduced the number of network will be increased. We borrow
network bits from host bits by changing corresponding bit in subnet mask into ‘1’.
Prefix Subnet Mask Prefix Subnet Mask Prefix Subnet Mask

/8 255.0.0.0 /16 255.255.0.0 /24 255.255.255.0
/9 255.128.0.0 /17 255.255.128.0 /25 255.255.255.128
/10 255.192.0.0 /18 255.255.192.0 /26 255.255.255.192
/11 255.224.0.0 /19 255.255.224.0 /27 255.255.255.224
/12 255.240.0.0 /20 255.255.240.0 /28 255.255.255.240
/13 255.248.0.0 /21 255.255.248.0 /29 255.255.255.248
/14 255.252.0.0 /22 255.255.252.0 /30 255.255.255.252
/15 255.254.0.0 /23 255.255.254.0
After subneting the
n
No. of Subnetwork = 2 where ‘n’ is the number of bits borrowed from host.
n
No. of hosts per subnetwork = 2 -2 where ‘n’ is the number of bits remaining in host portion.
Block Size = 256 - Subnet Mask.
C Class Subnetting
Class C address a default subnet mask 255.255.255.0. In a class C address only 8 bits are
available for defining the hosts. This means that we can use upto 6 bits for subnetting because we
have to leave atleast last two bits for host address.
Eg:-
Network – 192.168.0.0
Subnet Mask - 255.255.255.128 ( /25 )
No. of subnet bits - 1
No. of subnets - 21 = 2 subnets
No. of host bits - 7
No. of hosts per subnet - 27-1 = 126 hosts
Block Size - 256-128 = 128
15
Subnet 1 192.168.0.0/25 Subnet 2 192.168.0.128
First Host 192.168.0.1/25 First Host 192.168.0.129
Last Host 192.168.0.126/25 Last Host 192.168.0.254
Broadcast 192.168.0.127/25 Broadcast 192.168.0.255
B Class Subnetting
Class B address a default subnet mask 255.255.0.0. In a class B address only 16 bits are
Eg:-
Network – 128.0.0.0
Subnet Mask - 255.255.128.0 ( /17 )

No. of hosts per subnet - 215-1 = 32766 hosts
Block Size - 256-128 = 128
Subnet 1 128.0.0.0 /17 Subnet 2 128.0.128.0 /17
First Host 128.0.0.1 /17 First Host 128.0.128.1 /17
Last Host 128.0.127.254 /17 Last Host 128.0.255.254 /17
Broadcast 128.0.127.255 /17 Broadcast 128.0.255.255 /17
A Class Subnetting
Class A address a default subnet mask 255.0.0.0. In a class A address only 24 bits are
Eg:-
Network – 1.0.0.0
Subnet Mask - 255.128.0.0 ( /9 )

No. of hosts per subnet - 223-1 =8388606 hosts
Block Size - 256-128 = 128
Subnet 1 1.0.0.0 /9 Subnet 2 1.128.0.0 /9
First Host 1.0.0.1 /9 First Host 1.128.0.1 /9
Last Host 1.127.255.254 /9 Last Host 1.255.255.254 /9
Broadcast 1.127.255.255 /9 Broadcast 1.255.255.255 /9
Upto IOS version 11.2 the first and last subnetwork did not support. So we should manually
configure that IOS to support that subnetwork. For this we should use the command.
Router(config)# IP subnet-zero
16
Variable Length Subnet Mask (VLSM)
It helps to optimize available address space and specify a different subnet mask for the same
network number on various subnets instead of using one subnet mask throughout the network. Each
subnet is none overlapping with other subnet.
200.10.10.0/24
2 host - 200.10.10.0/30
6 host - 200.10.10.8/29
10 host - 200.10.10.16/28
12 host - 200.10.10.32/28
25 host - 200.10.10.64/27
17
CISCO ROUTER
Leading Manufactures of Router.
 Cisco Systems
 3-Com
 D – Link
 Nortel
 Link Sys
 Juniper
CISCO
Cisco is the worldwide leader in networking systems for organizations of all sizes, offering solutions
that fully support enterprise-wide deployment of networked business applications. Cisco routers
provide high availability, comprehensive security, integrated wireless, ease of management, and
advanced quality of service (QoS) for today’s most demanding network services, including IP
communications, video, customer relationship management, financial transactions, and other real-
time applications.
Cisco Router Series
700
800 Home Office Solution
1600
1700
2500
2600 Branch Office Solution
3600
4000
7600
10000 Central Office and ISPs
12000
Several Cisco router models are available. These models are designed to satisfy a particular network
or set of network needs.
Eg:- 2501, 2502, 2503
Router Components
Cisco Routes have various components that are controlled by the Cisco IOS (Internetwork Operating
System). The IOS provides commands and software functionality to configure Router.
18
Read Only Memory ( ROM )
ROM is used as the memory area from which a Cisco router begins the boot process, and is made up
of a number of elements. These elements are implemented via microcode, a set of programming
instructions that are contained in ROM.
Power-on Self Test (POST).

When the router is powered up, microcode stored in ROM performs a POST sequence. This
is used to ensure that elements such as the CPU, memory, and interfaces are capable of
functioning correctly.
Bootstrap Program.
The bootstrap program is used to initialize the CPU and boot functions of the router. The
bootstrap program is responsible for locating and loading the router's IOS.
ROM Monitor. A special diagnostic environment used for the purpose of troubleshooting or
special configuration. For example, this mode can be used to transfer an IOS image over a
console connection.
Mini IOS (RxBoot.)

When a valid IOS image cannot be found in Flash or on a TFTP server, this limited IOS
version is loaded for the purpose of installing a new IOS image into Flash. It is also
sometimes referred to as the boot loader, boot image, or helper image. The command set
provided is only a subset of normal IOS commands.
Flash Memory
Flash memory is erasable programmable read-only memory (EPROM). It is used to store and run the
Cisco IOS software - the router's operating system. When a router is powered down, the contents of
Flash memory are not lost. However, its contents can be upgraded by "flashing" the chip.
Non-Volatile Random Access Memory (NVRAM)

NVRAM is non-volatile RAM. By "non-volatile", we mean that the contents of NVRAM are not
lost when the router is powered down or reloaded. Where RAM holds the running configuration file,
NVRAM holds the startup configuration file. If NVRAM is empty when the router reloads, you will
19
be prompted to enter setup mode. All Cisco routers have a 16-bit software register value that is used
to choose booting option is stored in NVRAM.
Random-Access Memory.
RAM is short for Random-Access Memory. RAM on a Cisco router stores operational information
such as routing tables and the running configuration file. RAM contents are lost when the router is
powered down or reloaded.
CPU (Processor)
The CPU performs functions just as it does in a normal PC. It executes commands given by the IOS
using other hardware components. Different Cisco router series comes with different Processors.
IOS
Cisco calls its operating system the Internetwork Operating System or IOS. IOS Versions are 11.0,
11.1, 11.2, 11.3, 12.0, 12.1, 12.2, 12.3, 12.4
Router Boot Order

POST (Hardware Memory Verification)
Bootstrap Loader (Locating IOS Image - Flash, TFTP Server, ROM )
Decompressing IOS to RAM
Copy Startup Config from NVRAM to RAM (Running Config ) If NVRM is empty enter
setup mode.
Interfaces and Ports
Routers
contain
different
type of
interfaces and ports. The interfaces provide physical connection between the routers and a particular
network media. The path ways through which the packets flow to and from the router. Eg:- Ethernet,
Serial, BRI, Token Ring etc.
Ports on the router enable a user to connect to the router to management configuration purpose. Eg:-
Consol Port, Auxiliary Port.
AUI (Attached Units Interface)

It is a 15 pin female interface used to Ethernet connectivity. We can use a transceiver to
convert 15 pin to RJ45. It can be connected to a switch, hub or direct to a computers Ethernet ports.
Serial Interface
These 60 pin female interface used to connect with ISP through a modem.
Console Access Method of a Router

Cisco provides a command line interface that we can used to configure and maintain Router.
We can access CLI through the Console Port, Auxiliary port or by telneting the router using a
virtual terminal.
20
The PC serving a console communication with a router using terminal emulation software.
Such as Hyper Terminal in Windows and Minicom in Linux.
Default Hyper Terminal Settings

Bits per second - 9600
Data bits - 8
Parity - None
Stop bit - 1
Flow control - None
Via Console Port
Via Auxiliary Port

Using auxiliary port and an asynchronous modem we can access a remote router through
telephone line.
Telnet
We can access router console through the connected IP network with the router using telnet
protocol.
Router Modes
The Router provides the basic level of access called Router modes. With in each mode
certain commands are available for execution.
Router Mode Router Prompt
User Mode Router>
Privilege Mode Router#
Global Configuration Mode Router(config)#
Sub Configuration Mode
Interface Configuration Mode Router(config-if)#
Line Configuration Mode Router(config-line)#
Router Configuration Mode Router(config-router)#
21
Router > enable ( User Mode)
Router# Disable (Privilege Mode)
Router# config terminal (Privilege Mode)

Router(config)#exit (Global configuration mode)
Router(config)#interface <interface name> (Global configuration mode)

Ethernet
Serial
BRI
Router(config-if)#exit (Interface configuration mode) [Ctrl + Z to Privilege mode]
Router(config)#line <line type> (Global configuration mode)

consol
aux
vty
Router(config-line)#exit (Line configuration mode) [Ctrl + Z to Privilege mode]
Router(config)#Router <protocol> (Global configuration mode)

RIP
OSPF
EIGRP
Router(config-router)#exit (Router configuration mode) [Ctrl + Z to Privilege mode]
Router Commands
Router# Show Running-config Displays the configuration currently
running in RAM.
Router# Show Startup-config Displays the configuration saved in

NVRAM.
Router# Show Version It will display IOS version, Router series,

Size of NVRAM, FLASH, Processor, IOS
file name, Config-Register
Router# Show Flash It will display details of Flash memory
Router# Show History It will display previous commands. Default

history size 10
Router# Show Terminal Display History buffer size
Router# Terminal History Size < 0-255 > Set history buffer size
Router# Show clock Display router time and date
Router# Clock set hh:mm:ss dd mmm yyyy Set Time and date
Router# Show interface <interface name> Show particular interface details
22
Router# copy running-config startup-config Save running configuration to NVRAM
Router# copy startup-config running-config Merge startup-config to running-config
Router# Reload Restart router
Router# Erase startup-config Erase startup-config from NVRAM
If be erase NVRAM config and reload the router. It will ask for initial configuration as
follows.
Would you like to enter initial configuration dialogue (Y/N):
This mode is called Setup mod of Router.
Router(config)#hostname <Name> Set Router Host Name
Router(config)#banner motd # message # Create Message-of-the-Day Banner

Router(config)#no ip domain-lookup Turns off trying to automatically resolve an
unrecognized command to a local host
name
Router(config)#line console 0 Turns on synchronous logging. Information
Router(config-line)#logging synchronous items sent to the console will not interrupt
the command you are typing. The prompt
will be moved to a new line.
Router(config)#line console 0 Sets the time limit when the console
Router(config-line)#exec-timeout 0 0 automatically logs off. Set to 0 0 (minutes
seconds) means the console never logs off.
Helping Keys
Ctrl+A - Moves cursor to the beginning of the line
Ctrl+E - Moves cursor to the end of the line
Ctrl+B - Moves back one character
Ctrl+F - Moves forward one character
Ctrl+D - Delete a single character
Ctrl+U - Erase a line
Ctrl+W- Erase a word
Ctrl+Z - Ends configuration mode and return to Privilege mode
Ctrl+P - Show previous command
Ctrl+N- Show next command
Tab - finishes typing a command for you
23
Router Password Types
Router has 5 types of password
1. Enable Password
2. Enable Secret
3. Consol Password
4. Auxiliary Password
5. Telnet Password
1. Enable Password
It is used to getting privilege mode from user mode.
Configuration
Router(config)#enable password <password>
Eg:- Router(config)#enable password ccna
Router>enable
Password:ccna
Router#
Remove Enable Password
Router(config)#no enable password
2. Enable Secret Password
It has the same purpose of enable password but it will display in encrypted format in startup
and running configuration. (‘Enable password’ will display in clear text). If we set both enable
password and enable secret password the preference will be for enable secret password.
Configuration
Router(config)#enable secret <password>
Eg:- Router(config)#enable secret cisco
Router>enable
Password:cisco
Router#
Remove Enable Secret
Router(config)#no enable secret
24
3. Console Password
To protect from entering to console of a router, that is even to user mode.
Configuration
Router(config)#line console 0
Router(config-line)#password <password>
Router(config-line)#login
Remove Console password
Router(config)#line console 0
Router(config-line)#no password
4. Auxiliary Password
It can be used to restrict access router via auxiliary port. (ie. remote login via telephone line
using dialup modem)
Configuration
Router(config)#line aux 0
Remove Console password
Router(config)#line aux 0
5. Telnet Password
It is used to authenticate a user while he is tries to login to a router using telnet service. In
that time a user will get a virtual terminal line (vty). The numbers of vty lines depend on the series
of router. We can set a password for individual line or a common password.
Configuration
Router(config)#line vty 0 4
Remove telnet password
All passwords are seen in clear text in router configuration files. We can change all into
encryption format using the global configuration command.
Router(config)#service password-encryption
To disable the above feature from affecting future passwords set.
Router(config)#no service password-encryption
Configuration Register Value.

It is a 16-bit software register that stored in NVRAM. It is used to control the boot sequence
of a router. If the registers value is 0x2102, the router will boot in the normal sequence.
25
Register Value and booting options
0x2102 - Normal boot
0x2101 - Mini IOS
0x2100 - Rom monitor
0x2142 - Normal boot with skip loading NVRM to RAM
Display configuration register of router.

Router#show version
Change configuration register
Router(config)#config-register <value>
Eg:-
Router(config)#config-register 0x2102
Password Recovery
All passwords are saved in NVRAM (startup-config). The last step of booting of a router is
copy the content of NVRAM to RAM. If we skip this process from boot sequence no passwords will
be placed in to RAM. We can skip this process by setting configuration register value into 0x2142.
Steps for password recovery.
1. Power off and on the router.
2. Press Ctrl + Break key (in windows) / Ctrl + A, F (in Linux) to enter Rom monitor.
We will get Rom monitor with the prompt ‘ Rom Mon 1>’ ( ‘>’ in 2500 series)
3. Change configuration register value to 0x2142 from rom monitor mode by the command.
Rom mon>confreg 0x2142 (in 2500 series ‘>o/r 0x2142’)
4. Restart router with the command ‘ i ’ (init)
Rom mon> i
5. Router will restart and ask to enter initial configuration (ie. setup mode). Exit with the ‘no’
option or press ctrl + c.
6. Copy startup configuration from NVRAM to RAM
Router#copy startup-config running-config
7. Delete or change passwords.
8. Copy running configuration to startup configuration
Router#copy running-config startup-config
9. Set configuration register value to default.
Router(config)#config-register 0x2102
26
Router to LAN (Ethernet) connectivity
To configure an IP address for an interface the ‘ IP Address’ is used in the interface configuration
mode.
Router(config)#interface <interface name>
Router(config-if)# IP address <Host IP address > <Subnet mask>
Router(config-if)#no shutdown
Eg:-
Router(config)#interface ethernet 0/0
Router(config-if)# IP address 192.168.10.1 255.255.255.0
Note:- All router interface in default shutdown state (inactive). If an interface is in shutdown state
the ‘Show IP interface brief’ command will display administratively down message. We can turn an
interface on with ‘no shutdown command’ in its sub-configuration mode.
Verification Commands
Ping <destination IP >
Show running configuration
Show interface ethernet x/x
Show IP interface brief
Telneting to Router.
To telneting to router you should configure Telnet password and Enable or Enable Secret
password.
C:> telnet <any active IP address of router>
Eg:- C:> telnet 192.168.10.1
27
Backup and Restoring
We can backup and restore the IOS file of a router and also startup configuration, running
configuration to an external computer. For receiving file from router the computer must be
configured with any file handling program (FTP or TFTP)
Basic requirement of backup and restoring.

1. Router should connect with TFTP/FTP active server.
2. PC should communicate with router and vice versa
3. PC should have space for accommodate file from router.
Backup Startup or Running configuration

Router#copy startup-config tftp
or
Router#copy running-config tftp
Address or name of remote host: <tftp server ip address>
Destination file name[]:
Restore backup configuration file to Startup or Running configuration

Note:- For restoring you should keep backup file in tftp folder.
Router#copy tftp startup-config
or
Router#copy tftp running-config
Source file name: <configuration file name that stored in tftp folder>
Destination file name []:
Backup IOS from router

Note ios file name using ‘show flash’ command
Router#copy flash tftp
Source files name: < ios file name that stored in flash>
Restore IOS
Note:- For restoring you should keep IOS file in tftp folder
Router#copy tftp flash
Address or name of remote host: <ip address of tftp server>
Source file name: <ios file name that stored in tftp folder>
28
Router Back-to-Back connecting
In real environment a router is connected to WAN (ISP) using synchronous serial cable and
modems. This communication must have a clock speed providing by ISP. End modem called
CSU/DSU. In lab we can connect two routers using a serial cable called. DCE / DTE cable. DCE is
equivalent to ISP. For configuring DCE end we must provide a clock rate in bit per second.
DCE - Data Communication Equipment
DTE - Data Terminal Equipment
You can use the command to identify DCE or DTE end of the cable
Router# Show controllers serial x/x
In a point-to-point connection only two host ip addresses is required. So the best mask for
point-to-point links is 255.255.255.252 ( /30 ).
R1(config)#interface serial 0/0

R1(config-if)#IP address 200.1.1.1 255.255.255.252
R1(config-if)#clock rate 64000
R1(config-if)#no shutdown
R2(config)#interface serial 0/1

R2(config-if)#IP address 200.1.1.2 255.255.255.252
R2(config-if)#no shutdown
Cisco serial cable (T1 Line) has a default bandwidth of 1.544 Mbps (1544 kbps). We can
change bandwidth of a link as follows.
Router(config-if)#bandwidth <in kb> eg:- 64
29
ROUTING
Routing is a process hat taking a packet from one network and sending it to another device
on another network through internetwork. For these purpose router uses logical addressing scheme
(IP address) to find the destination network address for deliver a packet to a device in that network,
source must know about IP and MAC address. By default source has only know IP of destination
device, so it uses a protocol called ARP (Address Resolution Protocol). To find MAC address of
known IP address. To able to route packets to a different network a router must know about
following.
1. Destination network address
2. All possible routes to that network
3. The best route among all routes.
Router stores all destination network address into a table called Routing table. Rooting
process take place based on this table that is if a network not in the routing table the Router discards
that packet. By default all routers routing table have directly connected network information
indicated as ‘C’.
To display the routing table of router use the command.
Router#Show ip route
Type of routing
Routing types are divided into three.
1. Static Routing
2. Default Routing
3. Dynamic Routing
Static Routing
In Static Routing the administrator manually add the network information of all destination
networks into each routers routing table. So there is no overhead in router’s CPU. It also increases
networks security. But administrator must know about all networks in the internetwork. So it is not
feasible in large network.
Configuration
Add a static route:-
Router(config)#ip route <network> <subnet mask> <exit interface name>
or
<gateway ip address>
Remove a static route:-
Router(config)#no ip route <network> <subnet mask>
Static routing disadvantages
1. Administrator must really understand internetwork, and how each router is connected to
configure network.
2. If one router is add to the internetwork the administrator must add the new route to each
router manually.
3. It is not suitable for large network.
30
Route Summarization
In large internetworks, hundreds or even thousands of network addresses can exist. In these
environments, it is often not desirable for routers to maintain many routes in their routing table.
Route summarization, also called route aggregation can reduce the number of routes that a router
must maintain by representing a series of network numbers in a single summary address. It reduces
size of a routing table, and CPU process of router. Also we can conserve bandwidth consumption in
dynamic routing updates.
R1(config)#ip route 192.168.10.0 255.255.255.192 serial0/0
Default Routing
Default route is used to send packets with a remote destination network that is not in routing
table of the router through the default gateway. Router which has only one exit interface is called
stub router, so this type of routers has only one gateway. We can define default route in this type of
router. Also we configure default route which router connected to internet.
Configuration
Add default route:-
Router(config)#ip route 0.0.0.0 0.0.0.0 <exit interface name>
or
<gateway ip address>
Remove default route:-
Router(config)#no ip route 0.0.0.0 0.0.0.0
31
Dynamic Routing
In dynamic routing the routes are learned by routing protocols. A routing protocol defines a
set of rules used by a router to find each destination network. If any routing protocol found more
routes to a particular network it add best route to routing table. If current route failed it add next best
route to routing table.
Types of dynamic routing protocols
1. Distance Vector (Eg:- RIP, IGRP)
2. Link State (eg:- OSPF, IS-IS)
3. Hybrid (Eg:- EIGRP)
Distance Vector Routing Protocols

A distance vector routing protocol advertises the number of hops to a network destination (the
distance) and the direction in which a packet can reach a network destination (the vector). The
distance vector algorithm, also known as the Bellman-Ford algorithm, enables a router to pass route
updates to its neighbors at regularly scheduled intervals. Each neighbor then adds its own distance
value and forwards the routing information on to its other neighbors. The result of this process is a
table containing the cumulative distance to each network destination.
Distance vector routing protocols, the earliest dynamic routing protocols, are an improvement over
static routing, but have some limitations. When the topology of the internetwork changes, distance
vector routing protocols can take several minutes to detect the change and make the appropriate
corrections.
One advantage of distance vector routing protocols is simplicity. Distance vector routing protocols
are easy to configure and administer. They are well suited for small networks with relatively low
performance requirements.
Distance Vector Loop Avoidance mechanism.

Split horizon:- It is a method of preventing a routing loop in a network. With Split Horizon
activated, a router omits sending routes back to the router it learned them from.
Route poisoning:- It is a way to prevent routing loops. Distance-vector routing protocols use route
poisoning to indicate to other routers that a route is no longer reachable and should be removed from
their routing tables. When the routing protocol detects an invalid route, all of the routers in the
network are informed that the bad route has unreachable metric.
When the neighbor receives route poisoning, it sends back an update called Poison Reverse
to the transmitter to ensure that he had received the poisoned route information.
Maximum hop count:- The hop count is a measure of distance across network. It is a count of the
number of routers an IP packet has to pass through in order to reach its destination. Different routing
protocol support different hop count limit. If a network with maximum hop count + 1 considered
unreachable network.
Holddown Timer:- When a route has become invalid, don't accept other updates about that route for
this period of time.
Triggered update:- Triggered update is sent immediately in response to some change in the routing
table.
32
Routing Information Protocol (RIP)
RIP is a dynamic, distance vector routing protocol. RIP send routing updates to neighbor
routers periodically or when the network topology changes. RIP calculates the best route based on
hop count. Like all distance vector routing protocols, RIP takes some time to converge. While RIP
requires less CPU power and RAM than some other routing protocols.
RIP has two version, version 1(RIPv1) and version 2 (RIPv2)
RIPv1 Features
 Distance-Vector protocol.
 It uses the Bellman-Ford Algorithm for route calculation.
 RIPv1 is specified in RFC 1058
 Each RIPv1 router sends its routing table each of its neighbors periodically.
 RIP sends its updates over UDP Port No. 520
 RIPv1 uses broadcast updates (255.255.255.255) ,
 Classfull routing protocol.
 Don’t send subnet mask with its routing updates. (No support for VLSMs or CIDR).
 No support for authentication.
 Metric is hop count. Maximum hop count limit 15 (16 unreachable network)
 Equal cost load balancing, maximum six. Default 4.
 Used in small, flat networks or at the edge of larger networks.
 Default Administrative distance 120
Administrative Distance (AD)
It is the value ranging 0 to 255.AD is the feature that routers use in order to select the best
path when there are two or more different routes to the same destination from two different routing
protocols. Administrative distance defines the reliability of a routing protocol. Each routing protocol
is prioritized in order of most to least reliable (believable) with the help of an administrative distance
value.
Default Administrative Distance

Route Source Default Distance Values
Connected interface 0
Static route 1
External Border Gateway Protocol (BGP) 20
Internal EIGRP 90
IGRP 100
OSPF 110
Intermediate System-to-Intermediate System (IS-IS) 115
Routing Information Protocol (RIP) 120
On Demand Routing (ODR) 160
External EIGRP 170
Unknown 255
33
RIP Timers
Update Time:-
The time between each update. Default is 30 seconds
Invalid:-
If no updates are received, wait this long after the last successful update received before
mark that route is invalid. Default: 180s
Holddown:-
When a route has become invalid, don't accept updates about this route for this period of
time, Default: 180s
Flush timer:-
If a route has been invalid for this time, flush (remove) it from Routing table. Default: 240s.
Configuring RIP (Version 1)
Router(config)#router rip
Router(config-Router)#network <directly connected network>
Router(config-Router)#exit
Remove Network.
Router(config-Router)#no network < network>
Eg:-
R1(config)#router rip
R1 R1(config-router)#network 200.1.1.0
R1(config-router)#network 200.2.2.0
R2
R3
Router#show running-configuration
Router#show ip route
Router#show ip protocols
Router#debug ip rip (see rip events)
Router#no debug all (disable debug)
Passive interface
This interface wouldn’t send update but receive updates. Mainly used for security and for
avoiding updates to unestablished networks.
Configuration
Router(config-router)#passive-interface <interface name>
34
Eg:-
Router(config-router)#passive-interface ethernet 0/0
Disable Passive Interface
Router(config-router)#no passive-interface <interface name>
RIPv2 Features.
 Distance-Vector protocol.
 It uses the Bellman-Ford Algorithm for route calculation.
 RIPv2 is specified in RFC 2453
 Uses multicast updates (224.0.0.9)
 Classless routing protocol.
 It send subnet mask with routing updates. (Support VLSM network)
 Supports a simple authentication mechanism.
 Default Auto summary
Configuring RIP (Version 2)

Router(config-Router)#version 2
Router(config-Router)#no auto-summary
Eg:-
R1(config-router)#version 2
R1
R1(config-router)#no auto-summary
R3
Remove RIP:- Router(config)#no router rip
35
RIP Limitations
 The diameter of a network that runs RIP cannot be larger than 15.
 In large networks, RIP traffic can consume a substantial amount of the bandwidth. The more
changes in the topology, the more flash updates, and the more bandwidth is consumed.
RIP Advantage
 RIP is easy to implement.
 In a small network, RIP has very little overhead in terms of bandwidth, memory
consumption, processor load, etc.
Autonomous System
An Autonomous system (AS) is a group of networks under a single administration and with
single routing policies. Each AS is assigned a unique number in order to differentiate it from other
autonomous systems. The assigned unique number can be from 1 to 65,535. The Internet Assigned
Numbers Authority (IANA) is responsible for assigning these numbers.
Inertial Gateway Protocol (IGP)

An Interior Gateway Protocol (IGP) refers to a routing protocol that exchanges routing information
between gateways within a single autonomous system. The routing information is used by the
Internet Protocol (IP) or other network protocols to specify how to route transmissions. IGPs include
RIP, OSPF, IGRP, EIGRP, and IS-IS.
Exterior Gateway Protocol (EGP)

EGP is used to exchange routing information between autonomous systems. The routing information
passed between autonomous systems is called reachability information. The most used EGP is BGP
(Border Gateway Routing Protocol).
ASBR:- An Autonomous System Border Router is a type of router that is connected to more than
one Autonomous System (AS).
ABR:- An Area Border Router is a type of router with interface that connects one or more areas
to the Backbone Area (Area 0).
Interior Gateway Routng Protocol (IGRP)

IGRP, a proprietary network protocol, developed by Cisco Systems, designed to work on
autonomous systems. IGRP is a distance-vector routing protocol, which means that each router
sends all or a portion of its routing table in a routing message update at regular intervals to each of
its neighboring routers. A router chooses the best path between a source and a destination. Since
each path can comprise many links, the system needs a way to compare the links in order to find the
best path. A system such as RIP uses only one criteria -- hops -- to determine the best path. IGRP
36
uses five criteria to determine the best path: the link's speed, delay, packet size, loading and
reliability. Network administrators can set the weighting factors for each of these metrics.
Features
 Distance Vector Routing Protocol
 Send periodic broadcast updates. Default 90sec
 Cisco Proprietary Protocol (only support Cisco Devices)
 Support Autonomous System
 Uses IP protocol 9.
 All routers must use same AS no. in order to share routing table information.
 Maximum hop count 255. Default 100
 It composite metric. Bandwidth, Delay, Load, Reliability, MTU
(Default: Bandwidth and Delay)
 Classfull routing Protocol (Not send subnetmask with routing updates.)
 No support for VLSMs.
 No support for authentication.
 By default, equal-cost load balancing. Unequal-cost load balancing with the variance
command. Maximum 6, default 4
 Administrative Distance 100
 Previously used in large networks; now replaced by EIGRP.
IGRP default Timers

Update Timer - 90 sec
Invalid - 270 sec (90 x 3)
Holddown - 280 sec (90 x 3 +10)
Flush - 630 sec (90 x 7)
IGRP Configuration.
Router(config)#router igrp <AS no. 1- 65,535 >
Note:- AS no. should be same to share routing information between routers.
Eg:-
R1(config)#router igrp 100

R2
R3
Remove IGRP
Router(config)#no router igrp <AS no.>
IGRP Verification Commands
37
Router#show running configuration
Router#show ip route
Router#show ip protocol
Router#debug ip igrp events
Router#debug ip igrp transactions
Router#no debug all - to turn off all debug
38
Link State Routing Protocols
Link State Routing protocols reduce broadcast traffic because they do not send out periodic
broadcasts or send out their entire tables with each broadcast. Link state routing protocols exchange
a complete copy of their Link State information at beginning. Thereafter route updates are multicast
only when a change has occurred, including only the change in the update not the entire Link State
Updates. Changes are flooded immediately and computed in parallel. If no changes occur, they do
not generate an update. The ultimate objective is that every router has identical information about
the internetwork, and each router will independently calculate its own best paths. Link State routing
protocols use simple hello packets instead of periodic updates to maintain neighbor ship. Also they
use three separate tables (Neighbour table, Topology table, Routing table). OSPF, IS-IS is the most
using Link State routing protocols.
Open Shortest Path Fist (OSPF)

OSPF was developed by IETF. In general link-state routing protocols have some advantages
over distance vector, like faster convergence, support for large networks.
Some other features of OSPF include the usage of areas, which make possible a hierarchical
network topologies classless behavior. OSPF also support VLSM and authentication.
Features
 Open standard Protocol
 Link State Protocol
 Fast convergence
 Classless Routing Protocol (Supports VLSM )
 Metric is based on bandwidth
 Only sends out changes when they occur
 Equal coast load balancing.
 OSPF also uses the concept of areas to implement hierarchical routing.
 No hop count limit.
 Multicast updates. 224.0.0.5, 224.0.0.6
 Electing DR and BDR on Multi-access network.
Link State Updates (LSU):- Information of an interface and of its relationship to its neighboring
routers, including:
 IP address/mask of the interface,
 The type of network it is connected to
 The routers connected to that network
 The metric (cost) of that link
Hello Protocol: - The OSPF hello protocol provides dynamic neighbor discovery and maintenances
neighbor relation ships.
Neighborship Database:- It contain list of all OSPF routers for which hello packets have been
received.
Topology Database:- It contains information from all of the LSA packets that have been received for
an area.
OSPF Process
1. Dynamic neighbor discovery
Each router finds its OSPF neighbor routers using Hello packets and stores this information
into neighbor database.
2. Flooding of link-state information
39
The second thing that happens is that each router, on the network announces its own piece of
link-state information to all other routers on the network. This includes who their
neighboring routers are and the cost of the link between them.
3. Building a Topological Database
Each router collects all of this link-state information from other routers and puts it into a
topological database.
4. Shortest-Path First (SPF), Dijkstra’s Algorithm
Process topology database using SPF algorithm and find routes and add into routing table.
• On broadcast networks hello interval = 10 seconds, dead interval 40 seconds.

• On non-broadcast networks hello interval = 30 seconds, dead interval 120 seconds.
OSPF Network Type.
Broadcast Multi-access
Point to Point
Non Broadcast Multi-access
Router ID:- RID is an IP address used to identify the router. Router ID will be highest IP address of
all configured loopback interfaces. If no loopback interface configure\ the highest IP address of all
active physical interfaces.
Designated Router and Backup Designated Router

If the IP network is multi-access, the OSPF routers will elect one Designated Router (DR)
and one Backup Designated Router (BDR). DR serves as collection points for Link State
Advertisements (LSAs) on multi-access networks. If DR is failed BDR act as DR. Router with the
highest Router ID is elected the DR, next is BDR.
Configuration
Router(config)#router ospf <process id >
Router(config-router)#network <directly connected n/w > <wildcard mask> area < area no>
Router(config-router)#network <directly connected n/w > <wildcard mask> area < area no>
Router(config-router)#exit
process-id: (1 – 65535) .Which allows you to run multiple, different OSPF routing processes on the
same router. Process-id is locally significant, and does not have to be the same number on other
routers.
Area No. (0-4294967295) Area number should be same in all routers.
Wildcard mask - 32-bit quantity used in conjunction with an IP address to determine which bits in
an IP address should be ignored when comparing that address with another IP address. The wildcard
mask contains the same number of bits as the IP address. Each ‘0’ bit in the mask means that the
corresponding bit in the IP address must match exactly. A ‘1’ indicates that the bit does not have to
match and can be ignored. A wildcard mask is specified when setting up access lists, default routing,
OSPF to specify an individual host, a network or a certain range of network.
Eg:-
Subnet Mask 255.255.255.0 Binary 11111111.11111111.11111111.00000000
Wildcard mask 0.0.0.255 Binary 00000000.00000000.00000000.11111111

40

Wildcard mask 0.0.0.31.255 Binary 00000000.00000000.00011111.11111111
Remove OSPF
Router(config)#no router ospf <process id >
OSPF Verification commands

Router# show ip route
Router# show running-config
Router# show ip ospf
Router# show ip ospf interface
Router# show ip ospf neighbor
Router# show ip ospf database
Router# debug ip ospf adj
Router# debug ip ospf events
41
Hybrid Routing Protocol
Hybrid Routing, commonly referred to as balanced-hybrid routing, is a combination of
distance-vector routing, which works by sharing its knowledge of the entire network with its
neighbors and link-state routing which works by having the routers tell every router on the network
about its closest neighbors.
Hybrid Routing is a third classification of routing algorithm. Hybrid routing protocols use
distance-vectors for more accurate metrics to determine the best paths to destination networks, and
report routing information only when there is a change in the topology of the network. Hybrid
routing allows for rapid convergence but requires less processing power and memory as compared to
link-state routing.
A perfect example of a hybrid routing protocol is the Enhanced Interior Gateway Routing
Protocol (EIGRP), developed by Cisco.
Enhanced Interior Gateway Routing Protocol (EIGRP)

EIGRP referred as hybrid routing protocol because it has characteristics of both distance-vector
and link-state protocols. EIGRP doesn’t send link-state packets as OSPF does; instead, it sends
traditional distance-vector updates containing information about networks plus the cost of reaching
them from the advertising router. And EIGRP has link-state characteristics as synchronizes routing
tables between neighbors at startup, and then sends specific updates only when topology changes
occur. This makes EIGRP suitable for very large networks. EIGRP has a maximum hop count of
255. There are a number of powerful features that make EIGRP a real standout from IGRP and other
protocols. The main ones are listed here:
Features.
 Hybrid routing protocol (distance vector that has link-state protocol characteristics).
 Cisco proprietary protocol.
 Support Autonomous System (AS No. should be match in order to share routing table)
 Faster convergence
 Classless routing protocol (supports VLSMs).
 Composite metric - bandwidth, delay, load, reliability, MTU.
(Default- Bandwidth and Delay)
 Multicast Routing updates - 224.0.0.10.
 Sends partial route updates only when there are changes.
 Support for authentication.
 Maximum Hop Count = 255
 Maintain three separate tables (Neighbour table, Topology table, Routing table).
 Use simple Hello packets to maintain neighborship.
 Support multiple network layer protocol using PDM. (IP, IPX, AppleTalk)
 Uses DUAL for loop prevention and route calculation.
 By default, equal-cost load balancing. Unequal-cost load balancing with the variance
command.
 Administrative distance is 90 for EIGRP internal routes, 170 for EIGRP external routes, and
5 for EIGRP summary routes.
 Used in large networks.
Protocol Depended Module (PDM)
One of the most interesting features of EIGRP is that it provides routing support for multiple
Network layer protocols: IP, IPX, and AppleTalk. EIGRP supports different Network layer protocols
through the use of protocol-dependent modules (PDMs). Each EIGRP PDM will maintain a separate
series of tables for each network layer protocol.
42
Neighbor table
Each router keeps information about adjacent neighbor routers in the neighbor. When a
newly discovered neighbor is learned, the address and interface of the neighbor are recorded, and
this information is held in the neighbor table, stored in RAM. There is one neighbor table for each
protocol-dependent module. Sequence numbers are used to match acknowledgments with update
packets. The last sequence number received from the neighbor is recorded so that out of- order
packets can be detected.
There are three conditions that must be met for neighborship establishment:
Hello or ACK received
AS numbers match
Identical metrics (K values)
Topology table
The topology table is populated by the protocol-dependent modules and acted upon by the
Diffusing Update Algorithm (DUAL). It contains all destinations advertised by neighboring routers,
holding each destination address and a list of neighbors that have advertised the destination. For
each neighbor, the advertised metric is recorded, which comes only from the neighbor’s routing
table. If the neighbor is advertising this destination, it must be using the route to forward packets.
Routing table
EIGRP chooses the best routes to a destination from the topology table and places these
routes in the routing table. Each EIGRP router maintains a routing table for each PDM (Protocol
Depended Module.
Successor
A successor route is the best route to a remote network. A successor route is used by EIGRP
to forward traffic to a destination and is stored in the routing table. It is backed up by a feasible
successor route that is stored in the topology table-if one is available.
Feasible successor
A destination entry is moved from the topology table to the routing table when there is a
feasible successor. A feasible successor is a path whose reported distance is less than the feasible
distance, and it is considered a backup route. EIGRP will keep up to six feasible successors in the
topology table. Only the one with the best metric (the successor).is placed in the routing table. The
show ip eigrp topology command will display all the EIGRP feasible successor routes known to a
router.
Reported distance (RD)
This is the metric of a remote network, as reported by a neighbor. It is also the routing table
metric of the neighbor, and is the same as the number after the slash in the topology table.
Feasible distance (FD)
This is the best metric along all paths to a remote network, including the metric to the
neighbor that is advertising that remote network. This is the route that you will find in the routing
table, because it is considered the best path. The metric of a feasible distance is the metric reported
by the neighbor (called reported distance), plus the metric to the neighbor reporting the route.
RTP(Reliable Transport Protocol)

It is a proprietary protocol used by EIGRP. EIGRP send updates using multicast address
224.0.0.10. For each multicast it sends out, it maintains a list of neighbors who have replied. If any
neighbour does not replay it will switch to using unicasts up to 16 times. Till yet, if it does’ not
sends the replay it is considered dead. Thus it is reliable multicast. The routers send the packets with
sequence number it’s possible for them to detect the arrival of old, redundant, or outof- sequence
information.
43
Diffusing Update Algorithm (DUAL):-
EIGRP uses DUAL for selecting and maintaining the best path to each remote network. This
algorithm allows for the following:
Backup route determination if one is available
Support of Variable-Length Subnet Masks (VLSMs)
Dynamic route recoveries
Queries for an alternate route if no route can be found
DUAL provides EIGRP with possibly the fastest route convergence time among all
protocols. The key to EIGRP’s speedy convergence is twofold: First, EIGRP routers maintain a copy
of all of their neighbors’ routes, which they use to calculate their own cost to each remote network.
If the best path goes down, it may be as simple as examining the contents of the topology table to
select the best replacement route. Secondly, if there isn’t a good alternative in the local topology
table, EIGRP routers very quickly ask their neighbors for help finding one.
Configuration
Router(config)#router eigrp <Autonomous System no. 1- 65,535 >
Router(config-router)#network <directly connected network>
Router(config-router)#network <directly connected network>
Router(config-router)#no auto-summary (turn off default auto summary feature)
Turn off EIGRP
Router(config)#no router eigrp <AS no.>
EIGRP is automatic route summarization, this summarizes subnets to the classful network
boundary. This is enabled by default, you can turn this off per AS by using the command ‘no auto-
summary’ in router configuration mode (and turn it on again with: auto-summary ). EIGRP summary
routes have an administrative distance value of 5.
R1(config)#router eigrp 100

R1
R3
Router(config-router)#no auto-summary
EIGRP Verification commands.
Router# show ip route (show entire routing table)
Router# show ip route eigrp (show eigrp routes only)
Router# show ip eigrp neighbors (show eigrp neighbor routers)
Router# show ip eigrp topology (show eigrp topology table)
44
Access List
Access List is a set of conditions that categorize packets. It is mainly used for control network
access from an untrusted network or a host. Access list are divided into three types.
1. Standard Access List
2. Extended Access List
3. Named Access List
Standard Access List: - Using Standard access list we can only specify the source ip address in a
packet. It is also used for either full blocking or full permitting. The identifying number is ranging
from 1-99 <extended range 1300 – 1999>.. The implementation of every access list contains two
steps.
a) Creation of Access List:- It specify the network address or host address to be blocked or
permitted. It will create all entries of ACL using single ACL number for one direction.
b) Applying to any interface:- We can apply an access list either as inbound or outbound to an
interface. If we apply an inbound access list to an interface it will check the incoming packets to
a router through that interface. If we apply an outbound access list to an interface it will check
the outgoing packets from the router through that interface.
If the first entry of an access list is deny statement it will block all other traffic also. So we
must configure a command that allow all other traffic.
If the first entry is permit statement router will block all other traffic automatically. It is
called implicit deny.
Normally standard access list are applying close to the destination.
Std Access List Creation

Router(Config)#access-list <1-99> permit/deny <source ip address> <source wild card
mask>
Router(Config)# “ “ “ “ “
Router(Config)# “ “ “ “ “
Router(Config)#access-list <1-99> permit any
Remove ACL
Router(Config)#no access-list <1-99>
Apply to an interface
Router(config)#interface <interface name >
Router(config-if)# ip access-group <acl no> in / out
Remove apply
Router(config-if)# no ip access-group <acl no> in / out
45
Controlling Telnet Access using Standard Acl
We can use standard access list to control telnet access. We don’t need to specify the Telnet
protocol and destination address if we apply the access list in VTY line.
Creation
Router(Config)#access-list <1-99> permit/deny <source ip address> <source wild card
mask>
Router(Config)#access-list <1-99> permit any
Apply in VTY Line
Router (config)#line vty 0 4
Router(config-line)#access-class <acl no> in
Extended Access List:- Extended ACL can check many of the other fields in the layer 3 and layer 4
headers of an IP packet. They can check source and destination ip address, the protocol field in the
Network layer header, and the port number at the Transport layer header. This given extended access
lists the ability to make much more granular decisions when controlling traffic. The extended ACL
identifying numbers are ranging from 100-199 <extended range 2000 – 2699>.
Extended Access List Creation

Router(Config)#access-list <100-199> permit/deny <protocol IP, TCP, UDP > <source ip>
<source wild card mask> <destination ip> <destination wild card mask> eq
<destination port number>
Router(Config)#access-list <100-199> permit IP any any
Apply to any interface

Router(config-if)# ip access-group <acl no> in / out
Well know port numbers

Application Protocol Port Number
FTP data TCP 20
FTP control TCP 21
SSH TCP 22
Telnet TCP 23
SMTP TCP 25
DNS TCP, UDP 53
DHCP UDP 67, 68
TFTP UDP 69
HTTP (WWW) TCP 80
POP3 TCP 110
SNMP UDP 161
46
Named Access List:-
It used in both standard and extended access list lists to help with administration of access lists by
allowing you to name the lists instead of using numbers. This also allows you to change a single line
of an access list, which is not possible in regular numbers access list.
Named Standard
Router(config)# IP access-list standard <name>
Router(config-std-nacl)# deny / permit <source ip> <source wild card mask>
Router(config-std-nacl)# permit any
Named Extended
Router(config)# IP access-list extended <name>
Router(config-ext-nacl)# deny / permit <protocol > <source ip> <source wild card mask>
<destination ip> <destination wildcard mask> eq <destination port no.>
Router(config-ext-nacl)# permit ip any any
Apply to any interface
Router(config-if)# ip access-group <ACL name> in / out
Enable
Conf t
Line console 0
Exec-timeout 0
47
Network Address Translation (NAT)
We cannot use our private IP address for internet communication. For communicating to the
outside network a PC should have a global address (Public IP address). So before communicating to
the internet we should convert our private IP address into global address. This technology is called
network address translation (NAT).
Benefit of NAT
Reduce Global Address depletion and save money
Hide internal topology from outside network (Security)
Types of NAT
1. Static NAT
2. Dynamic NAT
3. Dynamic Nat with Overload
Static NAT
This is one to on mapping. That is, we manually configure to convert an internal IP
address into one external IP address. So using that address only that system can communicate to
outside network. It is permanent mapping.
Configuration
Router(config)#ip nat inside source static <inside ip> <outside ip>
Router(config)#interface <name>
Router(config-if)#ip nat inside
Router(config-if)#ip nat outside
Dynamic NAT
It is a group-to-group mapping. That is, we create a pool of public address for local address
and also for global address. So any system in our local group can communicate outside using
available global address in global group. If a system releases a particular IP address, another one can
use the same address.
Configuration
Router(config)#access-list <1-99> permit <local network address> <wild card mask>
Router(config)#ip nat pool <pool name> <start global ip> <end global ip> netmask <subnet mask>
Router(config)#ip nat inside source list <acl no.> pool <pool name>
48
Dynamic NAT with Overload
Using this type of NAT all systems in our local group can communicate
simultaneously to outside network using a single public IP address. For differentiating each user a
router will add a unique port number with IP address. So it is also refereed as Port Address
Translation (PAT).
Configuration
Router(config)#access-list <1-99> permit <local network address> <wild card mask>
Router(config)#ip nat pool <pool name> <start global ip> <end global ip> netmask <subnet
mask>
Router(config)#ip nat inside source list <acl no.> pool <pool name> overload
Router#show ip nat translations
Router#show ip nat statistics
Router#ping <destination ip>
Router#show running-configuration
Router#clear ip nat translation
Router#debug ip nat
Router#no debug all
49
Wide Area Network
WAN Terms
Customer Premises Equipment (CPE) :-
Devices owned by the subscribers and located on the subscriber’s premises.
Demarcation Point (Demarc)
It is the spot where the service provider’s responsibility end and CPE begins.
Central Office (CO)
This point connects the customer’s to the providers switching network
Toll Network
Toll network is trunk line inside a WAN provider’s network
Local Loop
It connects the demark point to process switching office
CSU/DSU
The Channel Service Unit and Data Service Unit is physical layer device used in wide area
networking to convert the CPE digital signals to what is understood by the provider’s WAN
switch.
WAN Connection Types
1. Leased Line
2. Circuit Switching
3. Packet Switching
Leased Line:- They are mainly known as point to point connection or dedicated connection. It
mainly designed to use the full bandwidth. It forms a single pre-established WAN connection from
CPE to a remote network through a telephone company. There are no setup procedures before data
transmission. It uses synchronous serial line upto 45 mbps. These circuits are generally price based
on bandwidth. Encapsulation used PPP or HDLC.
Circuit Switching:- This works like a normal telephone line. It 1st establishes a connection, then
transfer the data, after that it tear down the communication line. It provides dedicated bandwidth
between two points, but only for the duration of the call. Typically used as a cheaper alternative to
leased lines, particularly when connectivity is not needed all the time. Also is useful for backup
when a leased line or packet-switched service fails.
Eg:- ISDN, Dialup
Packet Switching:- In packet switching users can share bandwidth of a carrier to save money. It
Provides virtual circuits between pairs of sites, with contracted traffic rates for each VC. Each site’s
physical connectivity consists of a leased line from the site to a device in the provider’s network.
Generally cheaper than leased lines.
Eg:- Frame relay , X.25
50
HDLC ( High-Level Data-Link Control)
It was derived from Synchronous Data Link Control (SDLC), which was created by IBM as a
Data Link connection protocol. HDLC works at the Data Link Layer in point to point leased line
connection. It has very little overhead compared to PPP.
HDLC header does not contain any identification about the type of protocol being carried
inside the HDLC encapsulation. Because of this, each vendor use HDLC has its own way of identify
the Network Layer Protocol, meaning each vendor’s HDLC is proprietary.
HDLC serves as Cisco’s default on serial links. Cisco uses a Proprietary Type field to
support multiprotocol traffic. Supports synchronous links only.
PPP (Point-to-Point Protocol)

PPP is industry-standard layer 2 protocol in point to point links between different vendor’s
equipment. It can be used over both synchronous and asynchronous line. PPP is more featured
comparatively HDLC.
PPP has two sub layers.
1. NCP (Network Control Protocol)
2. LCP (Link Control Protocol)
Network Control Protocol (NCP)
It is designed to allow the simultaneous use of multiple Network Layer Protocols. Some
examples of protocols here are IPCP, IPXCP, ATCP, CDPCP.
Link Control Protocol (LCP)
It is a method of establishing, configuring and maintaining data-link connection. Main
features of LCP is follows.
1. Authentication:- Exchanges names and passwords so that each device can verify the identity of
the device on the other end of the link. Two method of authentication used by PPP are PAP and
CHAP.
2. Compression:- It is used to increase the throughput of PPP connections by compressing the data.
PPP decompress the data frame on the receiving end.
3. Error Detection:- PPP uses Link Quality Monitoring(LQM) and magic number option to ensure
a reliable loop free data-link.
4. Multilink:- This allows separate physical path to appear to be one logical path at layer 3.
5. PPP Callback:- PPP call back can be good thing for to keep track of usage based upon access
charges. With callback enabled, a calling router (client) will contact a remote router (server).
Once authentication is completed, the remote router will terminate the connection and then re-
initiate a connection to the calling router from the remote router.
Password Authentication Protocol (PAP):-
PAP is the less secure than CHAP. PAP sent username and password in clear text and only
performed initial link establishment.
Challenge Handshake Authentication Protocol (CHAP):-
CHAP is more secure because it sent username and password to remote router in MD5
encrypted format. CHAP also performed periodic checkup on the link to sure the router is still
communicating with same host.
51
PPP Configuration
PPP with PAP

Router(config)#username <remote router hostname> <password>
Router(config)#interface serial x/x
Router(config-if)#encapsulation PPP
Router(config-if)#PPP authentication PAP
Router(config-if)#PPP PAP send-username <own hostname> password <password>
Router(config-if)#IP address <IP address> <Subnet Mask>
PPP with CHAP

Router(config)#username <remote router hostname> <password>
Router(config-if)#encapsulation PPP
Router(config-if)#PPP authentication CHAP
Router(config-if)#IP address <IP address> <Subnet Mask>
Verification
Router#ping <destination IP>
Router# Show ip interface brief
Router#show interface serial x/x
Router#show ip interface serial x/x
52
FRAME RELAY
Frame Relay is a data-link and network layer specification through physical layer that
provide high performance. It is a packet switching technology. Frame Relay can be more cost
effective than Point-to-point leased lines. Frame Relay runs at speed of 64kbps upto 45 mbps. Also
provides dynamic bandwidth allocation and conjunction control. Frame relay network also referred
as NBMA (Non Broadcast Multi Access) network.
Frame Relay encapsulation Type
Cisco – Cisco Preparatory
IETF – Internet engineering Task Force (Open Standard)
Virtual Circuit (VC):- A logical concept that represent the path that frames travel between DTEs.
Mainly two type of virtual circuits Permanent and Switched virtual circuit.
Permanent virtual circuit (PVC) is mainly used in leased lines. It also used in frame relay
ATM network, a logical connection defined in software which maintained permanently. The
Switched Virtual Circuit (SVC) a dynamically established virtual circuit, created on demand and
terminated as soon as transmission is over and the circuit is no longer needed.
Data Link Connection Identifier(DLCI):- Frame relay PVC’s are identified to DTE end devices
using DLCI, to distinguish between virtual circuit. DLCI address is locally significant.
Local Management Interface (LMI):- It is signaling standard between a router and the frame relay
switch. It provided information about operation and status of Virtual Circuit between frame relay
switch and DTE device.
LMI Types.
CISCO, ANSI, Q933A
Access rate:- The maximum speed at which the Frame Relay interface can transmit.
Committed Information Rate (CIR):- The maximum bandwidth of data guaranteed to be
delivered.
Inverse ARP:- Frame relay protocol with which a router announces its layer 3 address over a VC,
thereby informing the neighbor of useful Layer 3 Layer 2 mapping information.
Frame Relay Conjunction Control

Discard Eligibility (DE):-
The packets above the CIR are eligible to be discarded. If the providers network is congested
at the time. The excessive bits are marked with DE in the frame relay header. If the
provider’s network is congested, the frame relay switch will discard the packet with DE bit
set.
Forward explicit Conduction Notification (FECN)
The frame relay switch will inform the destination DTE that the path the frame just traversed
is congested. It sets the FECN bit to 1 in frame relay packet header.
53
Backward Explicit Conduction Notification (BECN):- when the switch detects congestion in
frame relay network it sets BECN bit to 1 and sends to the source router.
Sub interface:- Sub interface as a logical interface defined by the IOS software. Several sub
interfaces will share a single physical interface, yet for configuration purposes they operate as if they
were separate physical interfaces.
Frame relay network type

Point to Point
Point to Multipoint
Frame Relay Router Configuration

Router(config-if)#encapsulation frame-relay IETF (default Cisco)
Router(config-if)#frame-relay lmi-type ANSI / CISCO / Q933A
Router(config-if)#frame-relay interface-dlci <dlci>
Router(config-if)#IP address <IP> <Subnet Mask>
Frame Relay Switch Configuration

Router(config)#frame-relay switching
Router(config-if)#frame-relay intf-type DCE
Router(config-if)#clock rate 64000
Router(config-if)#IP address <IP> <Subnet Mask>
Router(config-if)#frame-relay route <incoming DLCI> interface <outgoing interface> <outgoing DLCI)
Frame Relay Sub interface Configuration

Router(config-if)#exit
Router(config)#interface serial x/x . <0 - 4294967295> Point-to-Point / Point-to- Multipoint
Router(config-sub-if)#frame-relay interface-dlci <dlci>
Router(config-sub-if)#IP address <IP> <Subnet Mask>
Frame Relay Verification Commands

Router#show frame-relay lmi
Router#show frame-relay pvc
Router#show interface serial x/x
Router#show frame-relay map
Router#show frame-relay route (frame relay switch)
54
LAN SWITCHING
LAN Bridges and Switches

A bridge device filters data traffic at a network boundary. Bridges reduce the amount of
traffic on a LAN by dividing it into segments (collision domains). Bridges operate at the data link
layer (Layer 2) of the OSI model. It inspect incoming traffic and decide whether to forward or
discard frames based on MAC address.
LAN switches are called "multi-port bridges" because it serves a similar function as bridges.
Bridges use software based, but switches use Application Specific Integrated Circuits (ASICs) to
build and maintain their filter tables. Switches create private dedicated collision domains and
provide independent bandwidth on each port (ie. micro segmentation).
Single Collision Domain

Hub
Single Broadcast domain
Multiple collision domain (no. of ports)
Bridge
Multiple collision domain (no. of ports)
Switch
Multiple collision domains.
Router
Multiple Broadcast domain
Collision Domain:- A collision domain is a set of network interface cards (NIC) for which a frame
sent by one NIC could result in a collision with a frame sent by any other NIC in the same collision
domain.
Broadcast Domain:- A broadcast domain is a set of NICs for which a broadcast frame sent by one
NIC is received by all other NICs in the same broadcast domain.
Bridging, LAN Switching - Comparison

 Bridges are software based, while switches are hardware based because they use ASIC chips
to filtering decision.
 A switch can be viewed as a multiport bridge.
 Switches have a higher number of ports than most bridges.
 Both bridges and switches forward layer 2 broadcast and multicast.
 Bridges and switches learn MAC address by examining the source address of each frame
received.
 Both are make forwarding / filtering decision based on layer 2 addresses.
Functions of LAN Switch

1. Address Learning
The switch learns MAC addresses by examining the source MAC address of each frame the
switch receives. This information use to forwarding and filtering decision.
2. Forwarding or filtering
The switch decides when to forward or filter a frame based on the destination MAC address.
The switch looks at the previously learned MAC addresses in an address table to decide
where to forward the frames.
3. Loop prevention
The switch creates a loop-free environment with other switches by using Spanning Tree
Protocol (STP). Having physically redundant links helps LAN availability, and STP prevents
the switch logic from letting frames loop around the network indefinitely, congesting the
LAN.
55
Switching Process
Switches reduce network overhead by forwarding traffic from one segment to another only when
necessary. To decide whether to forward a frame, the switch uses a dynamically built table called a
bridge table or MAC address table. The switch examines the address table to decide whether it
should forward a frame.
 If the received frame’s destination is a broadcast or multicast, forward on all ports except the
received port.
 If the received frame’s destination is a unicast, and the address is not in the address table,
forward on all ports except the received port.
 If the received frame’s destination is a unicast, and the address is in the address table, forward
the frame out the one correct port.
How Switch Learn MAC address

Switches build the MAC address table by listening to incoming frames and examining the
frame’s source MAC address. If a frame enters the switch, and the source MAC address is not in the
address table, the switch creates an entry in the table. The MAC address is placed in the table, along
with the interface in which the frame arrived.
Switching Modes
LAN switch types decide how a frame is handled when it’s received on a switch port.
Latency- the time it takes for a frame to be sent out an exit port once the switch receives the frame-
depends on the chosen switching mode. There are three switching modes.
1. Cut-Through
With cut-through processing, the switch starts sending the frame out the output port as soon as
possible (received destination MAC address). Although this might reduce latency, it also
propagates errors. Because the frame check sequence (FCS) is in the Ethernet trailer, the switch
cannot determine if the frame had any errors before starting to forward the frame.
2. Fragment Free
Fragment Free is a modified form of cut-through switching in which the switch waits for the
collision window (64 bytes) to pass before forwarding. This is because if a packet has a collision
error, it almost always occurs within the first 64 bytes. It means each frame will be checked into
the data field to make sure no fragmentation has occurred.
3. Store-and-forward
Store-and-forward switching is Cisco’s primary LAN switching method. The store-and-forward
method provides efficient, error-free transport instead of fast transport. When in store-and-
forward, the LAN switch copies the entire frame onto its onboard buffers and then computes the
cyclic redundancy check (CRC). Because it copies the entire frame, latency through the switch
varies with frame length.
56
Port Security
Cisco Port Security is a feature that can help secure access to the physical network. If any
unauthorized device connected in a switch port the port will be inactive or shutdown.
Configuration
Swithch(config-if)#switchport mode access

Swithch(config-if)#switchport port-security
Swithch(config-if)#switchport port-security mac-address 1234.5678.90ab
Swithch(config-if)# switchport port-security maximum <no.>
Swithch(config-if)# switchport port-security violation < shutdown / restrict / protect>
Verification
Switch# Show port-security
Configuring Switch IP address
1900 Series
switch(config)#ip address <ip address> <subnet mask>
2950, 3550 series
switch(config)#interface vlan 1
switch(config-if)# ip address <ip address> <subnet mask>
switch(config-if)#no shutdown
Switch MAC Address Table
Switch#show mac-address-table dynamic
57
Spanning Tree Protocol (IEEE 802.1d)
LAN designs with redundant links introduce the possibility that frames might loop around
the network forever. These looping frames would cause network performance problems. STP avoids
this layer 2 looping by placing each bridge/switch port in either a forwarding state or a blocking
state. The collective set of forwarding ports creates a single path over which frames are sent between
Ethernet segments. If any active link will be failed STP opens alternative link dynamically.
STP Terms
Bridge ID:- It is the combination of the bridge priority value (default: 32768) and the MAC address
of switch.
BPDU - All the switches exchange information to use in the selection of the root switch, as well as
in subsequent configuration of the network. Each switch compares the parameters in the Bridge
Protocol Data Unit (BPDU) that they send to one neighbor with the one that they receive from
another neighbor.
Port cost:- Port cost determines the best path when multiple links are used between two switches
and none of the links is a root port. The cost of a link determined by the bandwidth of a link.
Default port cost
Speed (BW) New IEEE cost Original IEE cost
10gbps 2 1
1gbps 4 1
100mbps 19 100
10mbps 100 100
Root Bridge:- Switch/Bridge with lowest bridge id. All other known as Nonroot bridges.
Root Port:- Root port is always the link directly connected to root bridge or the shortest path
(lowest cost) to the root bridge will be root port. If multiple port with same cost, lowest port number
will be root port. All root port in forwarding state.
Designated port:- For each LAN segment one port is designated port. Which port sending lowest
cost BPDUs for that segment will designated port. If multiple port with same cost, the port with
lowest Bridge ID will be designated port. All designated port in forwarding state.
Nondesignated port - A Nondesignated port is one with a higher cost than the designated port.
Nondesignated ports are put in blocking mode.
STP Process
 Elect Root Bridge. The bridge with least Bridge ID.
 Elect Root port for all Nonroot bridges. The port with least cost to root bridge. All root port
in forwarding state.
 Elect designated port for each LAN segment. The port sending lowest cost to that segment.
All designated port in forwarding state.
 All other ports (non designated ports) in blocked state.
STP Timers
Hello interval - 2 sec – The time period between Hellos created by root bridge.
Max age - 20 sec – How long any switch should be wait for hellos
Forward delay - 30 sec – Delay for change blocking to forwarding stage.
STP Port states

Blocking - A blocked port won’t forward frames; it just listens to BPDUs. The purpose of the
blocking state is to prevent the use of looped paths. All ports are in blocking state by default
when the switch is powered up.
58
Listening - The port listens to BPDUs to make sure no loops occur on the network before
passing data frames. A port in listening state prepares to forward data frames without populating
the MAC address table. (15 sec)
Learning - The switch port listens to BPDUs and learns all the paths in the switched network. A
port in learning state populates the MAC address table but doesn’t forward data frames. (15 sec)
Forwarding - The port sends and receives all data frames on the bridged port. If the port is still a
designated or root port at the end of the learning state, it enters this state.
PortFast:- Port fast allows a switch to immediately place a port in forwarding state. However the
only ports on which you can safely enable PortFast on end user devices connected ports.
Per Vlan Spanning Tree (PVST):- Per-VLAN Spanning Tree (PVST) maintains a spanning tree
instance for each VLAN configured in the network. PVST treats each VLAN as a separate network,
it has the ability to load balance traffic (at layer-2) by forwarding some VLANs on one trunk and
other Vlans on another trunk without causing a Spanning Tree loop.
Rapid Spanning Tree Protocol (RSTP) (IEEE 802.1w)
IEEE with document 802.1w introduced an evolution of the Spanning Tree Protocol: Rapid
Spanning Tree Protocol (RSTP), which provides for faster spanning tree convergence after a
topology change.
Configuration
Root Bridge
Switch(config)#spanning-tree vlan <vlan-id> root primary
Priority Value
Switch(config)#spanning-tree vlan <vlan-id> priority <priority>
Port Fast
Switch(config-if)#spanning-tree portfast
RSTP
Switch(config-if)#spanning-tree mode rapid-pvst
Show spanning-tree
Show spanning-tree vlan <vlan id>
Show spanning-tree interface <interface name>
59
Virtual LAN (VLAN)
A group of devices on one or more logically segmented LANs, enabling devices to
communicate as if attached to the same physical medium, when they are actually located on
numerous different LAN segments.
The benefits of VLAN:

1. Easy Administration and flexibility.
2. Increased Security.
3. Grouping based on functional requirements irrespective of physical location.
4. Simplify moves, adds, changes,
5. Reduce broadcast domain.
VLAN Membership
It mainly shows the assigning of switch port to ach VLAN. Two types of VLANs.
1. Static VLAN:- Static VLAN is a VLAN in which an administrator manually assigns a port
on a switch to a VLAN. A port on a switch can be assigned to a VLAN using an Interface
Subconfiguration mode command. Static VLAN is also known as port-based VLAN.
2. Dynamic VLAN:- Here the administrator assigns all the host’s devices MAC address in to a
database, then the switches can be configured to assign VLANs dynamically whenever a host
is plugged in to the switch.
The VLAN Member Policy Server (VMPS) contains database of all workstation
MAC addresses, along with the associated VLAN the MAC address belongs to.
Type of Ports
Access Port:- These ports are mainly used to connect end user devices. Access link devices
cannot communicate with devices outside their VLAN unless the packet is routed.
Trunk Port:- These links can carry multiple VLANs between different devices. These are
100 or 1000 mbps point to point links between switch to switch, switch to router or switch to
server.
Frame Tagging
It is mainly a frame identification method used to tag frames with various VLAN
identification methods, which uniquely assign a user-defined VLAN id to each frame.
Each switch that the frame reaches must first identify the VLAN ID from the frame tag. Then
it finds out what to do with the frame by looking at the information in the filter table. If the frame
reaches a switch that has another trunked link, the frame is forwarded out the trunk link port. Once
the frame reaches an exit to an access link, the switch removes the VLAN identifier.
Cisco switches use two frame tagging methods. ISL and 802.1q
Inter Switch Link (ISL):- ISL is Cisco proprietary, it can be used only between two Cisco
switches. ISL fully encapsulates each original Ethernet frame in an ISL header and trailer. The
original Ethernet frame inside the ISL header and trailer remains unchanged. ISL header VLAN
field provides a place to encode the VLAN number. By tagging a frame with the correct VLAN
number inside the header, the sending switch can ensure that the receiving switch knows to which
VLAN the encapsulated frame belongs.
802.1Q :- 802.1Q is a trunking method developed by IEEE. 802.1Q inserts a 4-byte field into the
original Ethernet frame and recalculate the FCS. Unlike ISL trunking method, it allows trunks
between different vendors' devices.
60
VLAN Trunking Protocol (VTP)
VTP stands for VLAN Trunking Protocol. It is a Cisco's proprietary layer 2 messaging
protocol that switches use to exchange VLAN configuration information. When a VLAN is added,
changed, or deleted, VTP advertises information to all the switches in domain to update their VLAN
configuration. It reduces the administrative burden on switched network
VTP Modes of Operation
1. Server:- - Default for catalysts switches
- Must have at least one server per VTP domain
- Can create, add or delete VLANs in a VTP domain
- Any changes made in server will be advertised to entire VTP domain
2. Client - Switches receives information from VTP server, also send and receives
updates
- Cannot change VLAN information.
3. Transparent - These switches would not participate in VTP domain, advertisements but still
forwards VTP advertisements through any configured trunk links.
Configuration.
 Creating VLAN
Switch(config)#vlan <vlan id 2 - 1001>
Switch(config-vlan)#name <name>
Switch(config-vlan)#exit
 Delete VLAN
Switch(config)#no vlan <vlan id >
 Assigning port to VLANs
Switch(config)#interface fastethernet <x/x>
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan <vlan id>
Switch(config-if)#no shutdown
 Verification
Swith#show vlan
Swith#show vlan brief
Switch#show vlan id <vlan id>
 Configuring Trunk Port
Switch(config)#interface fastethernet <x/x>
Switch(config-if)#switchport trunk encapsulation <isl / dot1q>
Switch(config-if)#switchport mode trunk
Switch(config-if)#switchport trunk allowed vlan all
Note: The 2900 series switch supports only dot1q trunking.
 Verification
Switch#show interface trunk
Switch#show interface fastethernet <x/x> switchport
 Set VTP Domain Name
Switch(config)#vtp domain <domain name>
 Change VTP Mode
Switch(config)#vtp mode <server / client / transparent>
 Verify VTP
Switch#show vtp status
Switch#show vtp counters
61
Inter VLAN Routing
VLAN members can not communicate with other members present in other VLANs.
Because VLANs have there own broadcast domain and is a network and traffic separation at layer 2.
So to make communicate between different VLANs we need layer 3 device (Router).
Configuration
 Create VLANs
Switch(config)#vlan 10
Switch(config-vlan)#name Sales
Switch(config)#vlan 20
Switch(config-vlan)#name Finance
 Assign Ports
Switch(config)#interface fastethernet 0/3
Switch(config-if)#switchport access vlan 10
 Configuring Trunk Port
Switch(config-if)#switchport trunk encapsulation dot1q
Switch(config-if)#switchport mode trunk
 Router Configuration
Router(config)#interface fastethernet 0/0
Router(config-if)#no ip address
Router(config-if)#exit
Router(config)#interface fastethernet 0/0.1 (creating sub-interface for vlan 10)
62
Router(config-subif)#encapsulation dot1q 10
Router(config-subif)#ip address 192.168.10.1 255.255.255.0
Router(config-subif)#no shutdown
Router(config-subif)#exit
Router(config)#interface fastethernet 0/0.2 (creating sub-interface for vlan 20)
Router(config-subif)#encapsulation dot1q 20
Router(config-subif)#ip address 192.168.20.1 255.255.255.0
Router(config-subif)#no shutdown
63
Cisco Security Device Manager (SDM)
The Cisco Security Device Manager (SDM) is an intuitive, Web-based device management
tool embedded within Cisco IOS access routers. Cisco SDM simplifies router and security
configuration through intelligent wizards, enabling customers to quickly and easily deploy,
configure, and monitor a Cisco access router without requiring knowledge of the Cisco IOS
Software command-line interface (CLI).
SDM Supported Platform
 Cisco 831, 836, and 837
 Cisco 1710, 1721, 1751, and 1760
 Cisco 2610XM, 2611XM, 2620XM, 2621XM, 2650XM, 2651XM, and 2691
 Cisco 3620, 3640, 3661, and 3662
 Cisco 3725 and 3745
Required Cisco IOS Software
Cisco IOS Software Release 12.2(11)T6 or later
Memory Requirements
Cisco SDM requires at least 2.3 MB of free Flash memory on the router
Operating system requirements
SDM Installed
 Windows 2000
 Windows NT 4.0 (Service Pack 4)
 Windows 98
 Windows ME
 Windows XP
 Windows Server 2003
Java requirements
 The client device must have a browser that supports JDK 1.1.4 as supported in the Internet
Explorer and Netscape browsers
 Java plug-in, JRE2 version 1.3.1 or later
Internet Explorer Set Below configuration

Internet Options > Advanced > Security.
Allow active content to run in files on My Computer.
Router(config)#username <name> privilege 15 password <pswd>

Router(config)#ip http server
Router(config)#ip http authentication local
Router(config-line)#privilege level 15
Router(config-line)#login local
Router(config-line)#exit
Router(config)#interface fastethernet 0/0
Router(config-if)#ip address 192.168.10.1 255.255.255.0
64

Ccna Full Cousre PDF

Hochgeladen von

Dokumentinformationen

Originaltitel

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Ccna Full Cousre PDF

Hochgeladen von

Copyright:

Verfügbare Formate

CISCO CERTIFIED

Network Interface Card.

NIC is used to connect computer to an Ethernet networks. It works as an interface to the

Command to see MAC address of a windows PC from DOS prompt.

Thick Coaxial Cable

Twisted Pair cable connector known as RJ45 (Registered Jack)

Twisted Pair Cable Crimping

A bus topology consists of a main run of cable with a

FDDI, SONET or Token Ring Technology can be used to implement

Ethernet network can connect in Mesh Topology.

Hybrid topology It is integration of Bus, Star, Ring and Mesh Topology.

TCP/IP DoD Model

Cisco Three Level of Network Hierarchical Model

CSMA/CD (Carrier Sense Multiple Access / Collision Detection)

A Class (Internetwork Communication)

Note:- All host bits ‘0’ is ‘Network Address

Private and Public IP address

Private Address Range in each Class

Range :- 1.0.0.0 - 126.255.255.255

No. of network - 27-2 = 126

First Host Address - 1.0.0.1

Range :- 128.0.0.0 - 191.255.255.255

First Host Address - 128.0.0.1

Range :- 192.0.0.0 - 223.255.255.255

First Host Address - 192.0.0.1

Prefix Subnet Mask Prefix Subnet Mask Prefix Subnet Mask

No. of subnet bits - 1

No. of subnet bits - 1

Leading Manufactures of Router.

Cisco Router Series

Power-on Self Test (POST).

Mini IOS (RxBoot.)

Non-Volatile Random Access Memory (NVRAM)

Router Boot Order

Interfaces and Ports

AUI (Attached Units Interface)

Console Access Method of a Router

Default Hyper Terminal Settings

Via Console Port

Via Auxiliary Port

Router# config terminal (Privilege Mode)

Router(config)#interface <interface name> (Global configuration mode)

Router(config-if)#exit (Interface configuration mode) [Ctrl + Z to Privilege mode]

Router(config)#line <line type> (Global configuration mode)

Router(config-line)#exit (Line configuration mode) [Ctrl + Z to Privilege mode]

Router(config)#Router <protocol> (Global configuration mode)

Router# Show Startup-config Displays the configuration saved in

Router# Show Version It will display IOS version, Router series,

Router# Show Flash It will display details of Flash memory

Router# Show History It will display previous commands. Default

Router# Show Terminal Display History buffer size

Router# Show clock Display router time and date

Router# Show interface <interface name> Show particular interface details

Router# copy startup-config running-config Merge startup-config to running-config

Router# Reload Restart router

Router# Erase startup-config Erase startup-config from NVRAM

Router(config)#banner motd # message # Create Message-of-the-Day Banner

Configuration Register Value.

Display configuration register of router.

Eg:- C:> telnet 192.168.10.1

Basic requirement of backup and restoring.

Backup Startup or Running configuration

Restore backup configuration file to Startup or Running configuration