Ccna Lab Manual

CCNA
Lab Guide
Cisco IOS Introduction
General Reading:-
System Architecture
Like a computer, a router has a CPU that varies in performance and capabilities depending on the
router platform. Two examples of processors that Cisco uses are the Motorola 68030 and the
Orion/R4600. The Cisco IOS software running in the router requires the CPU or processor to make
routing and bridging decisions, maintain routing tables, and other system management functions.
The CPU must have access to data in memory to make decisions or to get instructions.
There are usually four types of memory on a Cisco router:
ROMROM is generally the memory on a chip or multiple chips. It is available on a router's
processor board. It is read-only, which means that data cannot be written to it. The initial software
that runs on a Cisco router is called the bootstrap software and is usually stored in ROM. The
bootstrap software is invoked when the router boots up.
FlashFlash memory is located on a processor board SIMM but can be expanded using PCMCIA
(removable) cards. Flash memory is most commonly used to store one or more Cisco IOS software
images. Configuration files or system information can also be copied to Flash. On some high-end
systems, Flash memory is also used to hold bootstrap software.
RAMRAM is very fast memory that loses its information when the system is restarted. It is used in
PCs to store running applications and data. On a router, RAM is used to hold IOS system tables and
buffers. RAM memory is basically used for all system operational storage requirements.
NVRAMOn the router, NVRAM is used to store the startup configuration. This is the configuration
file that IOS reads when the router boots up. It is extremely fast memory and is persistent across
reboots.
Although CPU and memory are required components to run IOS, a router must also have various
interfaces to allow packet forwarding. Interfaces are input and output connections to the router that
carries data that needs to be routed or switched. The most common types of interfaces are Ethernet
and serial. Similar to the driver software on a computer with parallel ports and USB ports, IOS has
device drivers to support these various interface types. All Cisco routers have a console port that
provides an EIA/TIA-232 asynchronous serial connection. The console port can be connected to a
computer's serial connection to gain terminal access to the router. Most routers also have an
auxiliary port that is very similar to the console port, but is typically used for modem connection for
remote router management.
Following Output shows the console output of a new Cisco 3640 router that has just been started.
Notice the processor, interface, and memory information that is listed.

System Bootstrap, Version 11.1(20)AA2, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)
Copyright (c) 1999 by Cisco Systems, Inc.
C3600 processor with 98304 Kbytes of main memory
Main memory is configured to 64 bit mode with parity disabled

program load complete, entry point: 0x80008000, size: 0xa8d168
Self decompressing the image :
#################################################
#################################################################### [OK]

Restricted Rights Legend

Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.

Cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706

Cisco Internetwork Operating System Software
IOS (tm) 3600 Software (C3640-IS-M), Version 12.2(10), RELEASE SOFTWARE (fc2)
Copyright (c) 1986-2002 by Cisco Systems, Inc.
Compiled Mon 06-May-02 23:23 by pwade
Image text-base: 0x60008930, data-base: 0x610D2000

cisco 3640 (R4700) processor (revision 0x00) with 94208K/4096K bytes of memory.
Processor board ID 17746964
R4700 CPU at 100Mhz, Implementation 33, Rev 1.0
Bridging software.
X.25 software, Version 3.0.0.
SuperLAT software (copyright 1990 by Meridian Technology Corp).
5 Ethernet/IEEE 802.3 interface(s)
1 Serial network interface(s)
DRAM configuration is 64 bits wide with parity disabled.
125K bytes of non-volatile configuration memory.
8192K bytes of processor board System flash (Read/Write)
16384K bytes of processor board PCMCIA Slot0 flash (Read/Write)

--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:

When a new router is first started, IOS runs an autoinstall process wherein the user is prompted to
answer a few questions. IOS then configures the system based on the input provided. After initial
setup, the configuration is most commonly modified using the command-line interface (CLI). Other
ways of configuring the router include HTTP and network management applications
Cisco IOS has three command modes, each with access to different command sets:
User modeThis is the first mode a user has access to after logging into the router. The user
mode can be identified by the > prompt following the router name. This mode allows the user to
execute only the basic commands, such as those that show the system's status. The system cannot
be configured or restarted from this mode.
Router>
Privileged modeThis mode allows users to view the system configuration, restart the system,
and enter configuration mode. It also allows all the commands that are available in user mode.
Privileged mode can be identified by the # prompt following the router name. The user mode enable
command tells IOS that the user wants to enter privileged mode. If an enable password or enable
secret password has been set, the user needs to enter the correct password or secret to be granted
access to privileged mode. An enable secret password uses stronger encryption when it is stored in
the configuration and, therefore, is safer. Privileged mode allows the user to do anything on the
router, so it should be used with caution. To exit privileged mode, the user executes the disable
command.
Router#

Configuration modeThis mode allows users to modify the running system configuration. To enter
configuration mode, enter the command configure terminal from privileged mode. Configuration
mode has various submodes, starting with global configuration mode, which can be identified by the
(config)# prompt following the router name. As the configuration mode submodes change
depending on what is being configured, the words inside the parentheses change. For example,
when you enter interface configuration submode, the prompt changes to (config-if)# following the
router name. To exit configuration mode, the user can enter end or press Ctrl-Z.
Router(config)#

Terminal Server
Now days it is very difficult to use console cable and access multiple devices as routers and
switched which we configure are placed in datacenter, to overcome this problem we use terminal
server. This is a single point of management device.
A terminal or comm server commonly provides out-of-band access for multiple devices. A terminal
server is a router with multiple, low speed, asynchronous ports that are connected to other serial
devices, for example, modems or console ports on routers or switches.
The terminal server allows you to use a single point to access the console ports of many devices. A
terminal server eliminates the need to configure backup scenarios like modems on auxiliary ports for
every device. You can also configure a single modem on the auxiliary port of the terminal server, to
provide dial-up service to the other devices when network connectivity fails.
Below is the pictorial scenario which shows the working of terminal server

Task 1 Telnet to CCNA Terminal Server at IP address 172.16.50.88
Solution:
In Linux Base system such as Ubuntu go to applications then accessories and click
on terminal and type telnet 172.16.50.88
For Windows machine go to run and type telnet 172.16.50.88

Task 2 After you telnet into terminal server it will ask you for username and password,
use username:student and password:student
Solution:
telnet 172.16.50.88

+--------------------------------------------------------------------+
| Following commands are available for use at privilege 0 |
| 1).Show Host |
| 2).Show Sessions |
| 3).Show Users |
| 4).Clear Line |
| 5).Disconnect |
| |
| Following CCNA Racks Can be Accessed From This Terminal :- |
| 1).CCNA-Rack1 |
| 2).CCNA-Rack2 |
| 3).CCNA-Rack3 |
| 4).CCNA-Rack4 |
| 5).CCNA-Rack5 |
| 6).CCNA-Rack6 |
| 7).CCNA-Rack7 |
| 8).CCNA-Rack8 |
| 9).CCNA-Rack9 |
| 10).CCNA-Rack10 |
+--------------------------------------------------------------------+

********************************************************************
* WELCOME TO ACIT Bangalore *
* YOU ARE CONNECTED TO CCNA-TERMINAL 88 *
********************************************************************
User Access Verification

Username: student
Password:
CCNA_Term#
Task 3 use show host commands to see the available racks.
Solution:
CCNA_Term#show host
Default domain is not set
Name/address lookup uses static mappings

Codes: UN - unknown, EX - expired, OK - OK, ?? - revalidate
temp - temporary, perm - permanent
NA - Not Applicable None - Not defined

Host Port Flags Age Type Address(es)
Rack1-R1 1026 (perm, OK) 64 IP 128.0.0.2
Rack1-R3 1028 (perm, OK) 84 IP 128.0.0.2
Rack1-SW1 1029 (perm, OK) 84 IP 128.0.0.2
Rack1-SW2 1030 (perm, OK) 84 IP 128.0.0.2
..<output omitted>

Task 4 Now access device rack1-r1
Solution:
CCNA_Term#rack1-r1
Translating "rack1-r1"
Trying Rack1-R1 (128.0.0.2, 1026)... Open
% Please answer 'yes' or 'no'.
Would you like to enter the initial configuration dialog? [yes/no]:no
Press RETURN to get started!
Router>
(Note:- At this point we are in device R1 of rack1)
Task 5 Lock the session of R1 and come back to terminal server by pressing
CTRL+SHIFT+6 X
Solution:
Router>
CCNA_Term#
Task 6 Now open rack1-r2, rack1-r3, rack1-sw1 and rack1-sw2
Solution:
CCNA_Term#rack1-r2
Router>
CCNA_Term#rack1-r3
Router>
CCNA_Term#rack1-sw1
Translating "rack1-sw1"
Trying Rack1-SW1 (128.0.0.2, 1029)... Open
switch>
CCNA_Term#rack1-sw2
Translating "rack1-sw2"
Trying Rack1-SW2 (128.0.0.2, 1030)... Open
switch>

Task 7 Go back to Terminal Server and check the sessions which you have opened by
pressing CTRL+SHIFT+6 X
Solution:
CCNA_Term#show sessions
Conn Host Address Byte Idle Conn Name
1 rack3-r1 128.0.0.2 162 8 rack3-r1
2 rack3-r2 128.0.0.2 0 0 rack3-r2
3 rack3-r3 128.0.0.2 0 0 rack3-r3
4 rack3-sw1 128.0.0.2 39 0 rack3-sw1
* 5 rack3-sw2 128.0.0.2 0 0 rack3-sw2
(Note:- In above output you can see that we have opened 5 session. Automatically connection
numbers are assigned to every session. So next time if you want to access R1 then we dont have
to press rack1-r1 again it can be simply accessed by pressing its current connection number i.e. 1.
The Star before 5 shows the current active connection)

Task 8 on R1,R2,R3,SW1,SW2 Assign hostname R1,R2,R3,SW1,SW2 respectively
Solution:
CCNA_Term#1
[Resuming connection 1 to rack1-r1 ... ]

Router>enable
Router#config t
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#
CCNA_Term#2

Router>enable
Router#config t
R2(config)#
CCNA_Term#3

Router>enable
Router#config t
R3(config)#

CCNA_Term#4
[Resuming connection 4 to rack1-SW1 ... ]

Switch>enable
Switch#config t
Switch(config)#hostname SW1
SW1(config)#
CCNA_Term#5
[Resuming connection 5 to rack1-SW2 ... ]

Switch>enable
Switch#config t
SW2(config)#

Task 9 Go to R1 and Check the available interfaces
Solution:
On R1:
R1#show ip interface brief
Interface IP-Address OK? Method Status Protocol
Ethernet0/0 unassigned YES unset administratively down down
Serial1/0 unassigned YES unset administratively down down
(Note:- Above are the list of interfaces available on router R1 but it may vary as device to device)

Task 9 On R1 assign IP address 10.0.0.1 and use classful subnetmask to interface
Ethernet 0/0 and verify your configuration.
Solution:
On R1:
R1#
R1#configure terminal
R1(config)#interface ethernet 0/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
*Jul 1 00:37:53.867: %LINK-3-UPDOWN: Interface Ethernet0/0, changed state to
up
*Jul 1 00:37:54.871: %LINEPROTO-5-UPDOWN: Line protocol on Interface
Ethernet0/0, changed state to up
R1(config)#exit
R1#
(Note:- We Can See that no shutdown command has been issued to start the interface. After
issuing the command we can see that 2 log massages are appeared on the console, stating that link
and line-protocol changed to up.)
Verification:

On R1:
R1#
Ethernet0/0 10.0.0.1 YES manual up up
Serial1/0 unassigned YES manual administratively down down
...<output omitted>
(Note:- In verification we can see that interface status and line protocol of interface Ethernet 0/0 is
UP, also we can see that IP address which we assigned Is there, we should always consider a
important note that every UP interface of router which has ip address is assigned defines one whole
network, in this case interface Ethernet 0/0 defines the network 10.0.0.0 255.0.0.0, it can be verified
with show ip route command, therefore we cannot give any ip from this network to any other
interface of the this router.)
R1#show ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile,
B BGP , D - EIGRP, EX - EIGRP external, O OSPF
IA - OSPF inter area , N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2 , E1 - OSPF external type 1,
E2 - OSPF external type 2 , i - IS-IS, su - IS-IS summary,
L1 - IS-IS level-1, L2 - IS-IS level-2 ,
ia - IS-IS inter area, * - candidate default,
U - per-user static route , o - ODR,
P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/8 is directly connected, Ethernet0/0
L 10.0.0.1/32 is directly connected, Ethernet0/0

(Note:- above output is called routing table of the router. In this table router keeps the entries of
networks know to him, We can see C as legend before network entry of 10.0.0.0/8 it shows that it
is directly connected on Ethernet 0/0, L entry shows the local ip address of the network 10.0.0.0/8,
which we assigned to the interface int this task.)
Task 10 Check the current configuration of the router with show running-config command
and save the configuration.
Verification:
R1#show running-config
Building configuration...

Current configuration : 1161 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
clock timezone IST 5 30
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
ip source-route
!
!
!
!
ip cef
no ipv6 traffic interface-statistics
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
redundancy
!
!
!
interface Ethernet0/0
ip address 10.0.0.1 255.0.0.0
!
no ip address
shutdown
!
no ip address
shutdown
!
no ip address
shutdown
!
interface Serial1/0
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/1
no ip address
shutdown
!
interface Serial1/2
no ip address
shutdown
!
interface Serial1/3
no ip address
shutdown
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
control-plane
!
!
line con 0
logging synchronous
line aux 0
line vty 0 4
login
!
exception data-corruption buffer truncate
end
R1#
R1#write
Building configuration...
[OK]
R1#

Task 11 Erase All the Devices and Reload
Solution:
R1#write erase
Erasing the nvram filesystem will remove all configuration files! Continue?
[confirm]
[OK]
Erase of nvram: complete
R1#
*Jul 1 01:09:36.006: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
R1#reload
Proceed with reload? [confirm]

*Jul 1 01:09:39.958: %SYS-5-RELOAD: Reload requested by console. Reload
Reason: Reload Command.
R2#write erase
Erasing the nvram filesystem will remove all configuration files! Continue?
[confirm]
[OK]
Erase of nvram: complete
R2#
*Jul 1 01:09:36.006: %SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
R2#reload
Proceed with reload? [confirm]

*Jul 1 01:09:39.958: %SYS-5-RELOAD: Reload requested by console. Reload
Reason: Reload Command.
...<output omitted>

IP Routing
Need of Routing:-
Routing is the process of moving data from one network to another by forwarding packets via
gateways. With IP based networks, the routing decision is based on the destination address in the
IP packet's header. Routing is the process of moving a packet of data from one network to another
network based on the destination IP address. The Internet uses routing to move data from your
computer, across several networks, to reach a final destination, like a website. Specialized
computer devices that perform this routing function are referred to as routers. Routers use the
information contained in a route to make decisions about which network interface to forward a
packet through in order to reach the destination address in the packet. Routers maintain a list of
routes which is often referred to as a routing table.
Routers look up routes in the routing table to figure out how to move data from one network to
another network. Routes are simply the signposts that tell a router which network interface to
forward a packet through in order to reach the packet's intended destination
Types of Routing
There are two basic kinds of routes: static or dynamic.
1. Static Routes
Routes can be entered into a router by a person who administrates the network (the network
administrator). Since these routes are entered by the administrator, and these routes don't change
until the administrator changes them, they are referred to as static routes.
2. Default Routes
A default route is also referred to as the 'route of last resort'. This is the route a router uses when all
other routes have been examined and none seem to be the right route to use.
3.Dynamic Routes
If the routes are learned on-the-fly from other routers, it is called a dynamically-learned route, or a
dynamic route for short. Dynamic routes are learned from routing protocols.
4.Routing Protocol
A routing protocol is a standardized process by which routers learn and communicate connectivity
information, called routes, each of which which describes how to reach a destination host and
network. Routers that wish to exchange routing information must use the same routing protocol to
communicate routing information.
Routing is the process of learning all the paths through the network (routes) and using routes to
forward data from one network to another. A protocol is a standardized way to perform a task. So, a
routing protocol would be a standardized way of learning routes and moving data from one network
to another.
Routing protocols are used by routers to dynamically learn all paths through a set of networks and
forward data between the networks. Routers are specialized computer devices designed to perform
routing.
5.Examples of Routing Protocols
EIGRP
OSPF
RIP, RIP II
IS-IS
BGP

Static Routing Configuration

Task 1 Assign Hostnames to Router1, Router2, Router3 R1, R2, R3 respectively.
Solution:
On Router1 :
Router>enable
Router#config
Router#configure terminal
R1(config)#

On Router2 :
Router>enable
Router#config
R2(config)#

On Router3 :
Router>enable
Router#config
R3(config)#

Task 2 Assign IP address 12.0.0.1 and subnet mask of 255.0.0.0 to interface Serial 1/0 and
IP address 10.0.0.1 255.0.0.0 to interface Ethernet0/0 on R1. After you complete your
configuration verify it.
Solution:
On R1 :
R1(config)#interface serial 1/0
R1(config-if)#exit
R1(config-if)#int ethernet0/0
R1(config-if)#exit
R1(config)#exit
Verification :
Serial1/0 12.0.0.1 YES manual up up

Task 3 Similarly assign ip address to R2 and R3 as per the diagram.
Solution:
On R2 :
R2(config-if)#clock rate 64000
R2(config-if)#exit
R2(config-if)#exit
R2(config)#exit
R2#
Verification:
R2#show ip int brief
On R3 :
R3(config-if)#exit
R3(config-if)#exit
R3(config)#exit
R3#

Task 4 Check Connectivity Between Directly Connected Interfaces.
Verification:
On R1:
R1#ping 12.0.0.2

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.0.0.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/8/12 ms
On R2 :
R2#
R2#ping 12.0.0.1

!!!!!
R2#ping 23.0.0.3

!!!!!
R2#
On R3 :
R3#
R3#ping 23.0.0.2

!!!!!
R3#
Task 5 Save your configuration
Solution:
On R1:
R1#write
On R2:
R2#write
On R3:
R3#write

Task 6 Configure a static route from R1 so that it can reach networks 23.0.0.0/8, 20.0.0.0/8
30.0.0.0/8
Solution:
On R1:
R1#
R1#config terminal
R1(config)#ip route 20.0.0.0 255.0.0.0 12.0.0.2
R1(config)#ip route 23.0.0.0 255.0.0.0 12.0.0.2
R1(config)#ip route 30.0.0.0 255.0.0.0 12.0.0.2
Verification:
R1#
R1#show ip route
Codes: L local, C connected, S static, R RIP, M mobile,
B BGP, D EIGRP, EX EIGRP external, O OSPF,
IA OSPF inter area, N1 OSPF NSSA external type 1,
N2 OSPF NSSA external type 2 E1 OSPF external type 1,
E2 OSPF external type 2, i IS-IS, su IS-IS summary,
L1 IS-IS level-1, L2 IS-IS level-2, ia IS-IS inter area
* - candidate default, U per-user static route o ODR,
P periodic downloaded static route, + - replicated route


C 12.0.0.0/8 is directly connected, Serial1/0
L 12.0.0.1/32 is directly connected, Serial1/0
S 20.0.0.0/8 [1/0] via 12.0.0.2
S 23.0.0.0/8 [1/0] via 12.0.0.2
S 30.0.0.0/8 [1/0] via 12.0.0.2
R1#

Task 7 Configure R2 so that it gets reach ability to networks 10.0.0.0/8, and 30.0.0.0/8 do not specify
next hop address to achieve this task
On R2 :
R2#
R2(config)#ip route 10.0.0.0 255.0.0.0 serial 1/0
R2(config)#ip route 30.0.0.0 255.0.0.0 serial 1/1
R2(config)#exit
R2#
Verification:
R2#
R2#show ip route
IA OSPF inter area, N1 OSPF NSSA external type 1,
N2 OSPF NSSA external type 2, E1 OSPF external type 1,
E2 OSPF external type 2, i IS-IS, su IS-IS summary,
L1 IS-IS level-1, L2 IS-IS level-2, ia IS-IS inter area,
* - candidate default, U per-user static route
o ODR, P periodic downloaded static route, + - replicated
route


S 10.0.0.0/8 is directly connected, Serial1/0
S 30.0.0.0/8 is directly connected, Serial1/1
R2#

Task 8: Configure R3 in such a manner that it gets rechability to all other networks in single static
route. Do not configure any more specific static routes to achieve this task.
On R3 :
R3#
R3(config)#ip route 0.0.0.0 0.0.0.0 23.0.0.2
R3(config)#exit
R3#

Verification :
R3#
R3#show ip route
IA OSPF inter area N1 OSPF NSSA external type 1,
N2 OSPF NSSA external type 2 E1 OSPF external type 1,
E2 OSPF external type 2 i IS-IS, su IS-IS summary,
L1 IS-IS level-1, L2 IS-IS level-2
ia IS-IS inter area, * - candidate default,
U per-user static route
o ODR, P periodic downloaded static route, + - replicated route

Gateway of last resort is 23.0.0.2 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 23.0.0.2
R3#

Task 9 : Ping 30.0.0.3 from R1,
Ping 10.0.0.1 and 30.0.0.3 for R2
Ping 10.0.0.1 from R3 to test end to end reachability.
R1#
R1#ping 30.0.0.3

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/18/24ms
R1#
R2#
R2#ping 10.0.0.1

!!!!!
R2#
R2#ping 30.0.0.3

!!!!!
R2#
R3#
R3#ping 10.0.0.1

!!!!!
R3#

Explanation:-
As we see from above output that we have got the full reachabltiy.
On R1 we have give destination network i.e 20.0.0.0,23.0.0.0 and 30.0.0.0 and their respective
subnet masks and in the last part we gave the next hop address that is router to whom packet
should be routed.
Here the ip route format is ip route <dest net> <dest subnet> <next hop address>
ip route 20.0.0.0 255.0.0.0 12.0.0.2
ip route 23.0.0.0 255.0.0.0 12.0.0.2
ip route 30.0.0.0 255.0.0.0 12.0.0.2
on R2 we have been instructed not to give next hop address so we can here give outgoing interface
ip route 10.0.0.0 255.0.0.0 serial1/0
ip route 30.0.0.0 255.0.0.0 serial1/1
On R3 we have instructed not to use any specific routes so here we are using special static route
which is also called as default route. That is if router does not get any specific network in his routing
table. It is going to use the default route to route the packet.
ip route 0.0.0.0 0.0.0.0 23.0.0.2

RIPv2

RIPv2 was first described in RFC 1388 and RFC 1723 (1994); the current RFC is 2453, written in
November 1998. Although current environments use advanced routing protocols such as OSPF and
EIGRP, there still are networks using RIP. The need to use VLSMs and other requirements
prompted the definition of RIPv2.
RIPv2 improves upon RIPv1 with the ability to use VLSM, with support for route authentication, and
with multicasting of route updates. RIPv2 supports CIDR. It still sends updates every 30 seconds
and retains the 15-hop limit; it also uses triggered updates. RIPv2 still uses UDP port 520; the RIP
process is responsible for checking the version number. It retains the loop-prevention strategies of
poison reverse and counting to infinity. On Cisco routers, RIPv2 has the same administrative
distance as RIPv1, which is 120. Finally, RIPv2 uses the IP address 224.0.0.9 when multicasting
route updates to other RIP routers. As in RIPv1, RIPv2 will, by default, summarize IP networks at
network boundaries. You can disable auto-summarization if required.
You can use RIPv2 in small networks where VLSM is required. It also works at the edge of larger
networks.
RIPv2 Forwarding Information Base
RIPv2 maintains a routing table database as in Version 1. The difference is that it also keeps the
subnet mask information. The following list repeats the table information of RIPv1:
IP addressIP address of the destination host or network, with subnet mask
GatewayThe first gateway along the path to the destination
InterfaceThe physical network that must be used to reach the destination
MetricA number indicating the number of hops to the destination
TimerThe amount of time since the route entry was last updated
RIPv2 Design
Things to remember in designing a network with RIPv2 include that it supports VLSM within
networks and CIDR for network summarization across adjacent networks. RIPv2 allows for the
summarization of routes in a hierarchical network. RIPv2 is still limited to 16 hops; therefore, the
network diameter cannot exceed this limit. RIPv2 multicasts its routing table every 30 seconds
to the multicast IP address 224.0.0.9. RIPv2 is usually limited to accessing networks where it can
interoperate with servers running routed or with non-Cisco routers. RIPv2 also appears at the edge
of larger internetworks. RIPv2 further provides for route authentication.

Split Horizon:
In this example, network node A routes packets to node B in order to reach node C. The links
between the nodes are distinct point-to-point links.

According to the split-horizon rule, node A does not advertise its route for C (namely A to B to C)
back to B. On the surface, this seems redundant since B will never route via node A because the
route costs more than the direct route from B to C. However, if the link between B and C goes down,
and B had received a route from A, B could end up using that route via A. A would send the packet
right back to B, creating a loop. With the split-horizon rule in place, this particular loop scenario
cannot happen, improving convergence time in complex, highly-redundant environments
Poison Reverse:
Split-horizon routing with poison reverse is a variant of split-horizon route advertising in which a
router actively advertises routes as unreachable over the interface over which they were learned.
The effect of such an announcement is to immediately remove most looping routes before they can
propagate through the network.
The main disadvantage of poison reverse is that it can significantly increase the size of routing
announcements in certain fairly common network topologies.
RIPv2 Summary
The characteristics of RIPv2 follow:
Distance-vector protocol.
Uses UDP port 520.
Classless protocol (support for CIDR).
Supports VLSMs.
Metric is router hop count.
Maximum hop count is 15; infinite (unreachable) routes have a metric of 16.
Periodic route updates sent every 30 seconds to multicast address 224.0.0.9.
25 routes per RIP message (24 if you use authentication).
Supports authentication.
Implements split horizon with poison reverse.
Implements triggered updates.
Subnet mask included in route entry.
Administrative distance for RIPv2 is 120.
Used in small, flat networks or at the edge of larger networks.

RIP Configuration
Load IP Routing initials prior to starting

Task 1 Configure RIPv2 on R1 advertise its all network into RIP
Solution:
On R1:
R1#
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#network 10.0.0.0
R1(config-router)#exit
R1(config)#exit
R1#

Verification:
On R1:
R1#
R1#show ip protocols
*** IP Routing is NSF aware ***

Routing Protocol is "rip"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Sending updates every 30 seconds, next due in 27 seconds
Invalid after 180 seconds, hold down 180, flushed after 240
Redistributing: rip
Default version control: send version 2, receive version 2
Interface Send Recv Triggered RIP Key-chain
Ethernet0/0 2 2
Serial1/0 2 2
Automatic network summarization is in effect
Maximum path: 4
Routing for Networks:
10.0.0.0
12.0.0.0
Routing Information Sources:
Gateway Distance Last Update
Distance: (default is 120)

R1#

Task 2 From above output we can see that R1 is doing auto-summarization so disable auto-
summarization on R1
Solution:
On R1:
R1#
R1(config-router)#no auto-summary
R1(config)#exit
R1#
Verification:
R1#

Redistributing: rip
Ethernet0/0 2 2
Serial1/0 2 2
Automatic network summarization is not in effect
Maximum path: 4
10.0.0.0
12.0.0.0
R1#

Task 3 configure RIP v2 on R2 and R3 advertise all the networks and disable auto-
summarization.
Solution:
On R2:
R2#
R2#config terminal
R2(config)#exit
R2#

On R3:
R3#
R3(config)#exit
R3#

Task 4 Verify Routing tables of all 3 routers and test end-to-end connectivity.
Verification:
R1#show ip route
B BGP D - EIGRP, EX - EIGRP external, O - OSPF,
IA - OSPF inter area N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1,
E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary,
L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area,
* - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route,
+ - replicated route


20.0.0.0/24 is subnetted, 1 subnets
R 20.0.0.0 [120/1] via 12.0.0.2, 00:00:24, Serial1/0
R 23.0.0.0 [120/1] via 12.0.0.2, 00:00:24, Serial1/0
R 30.0.0.0 [120/2] via 12.0.0.2, 00:00:24, Serial1/0
R1#

R1#ping 23.0.0.2

!!!!!
R1#ping 20.0.0.2

!!!!!
R1#ping 30.0.0.3

!!!!!

R1#
On R2:
R2#
R2#show ip route
B - BGP, D - EIGRP, EX - EIGRP external, O - OSPF,
N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1,
L2 - IS-IS level-2 , ia - IS-IS inter area,


R 10.0.0.0 [120/1] via 12.0.0.1, 00:00:14, Serial1/0
R 30.0.0.0 [120/1] via 23.0.0.3, 00:00:27, Serial1/1
R2#
R2#
R2#ping 10.0.0.1

!!!!!
R2#ping 30.0.0.3

!!!!!
R2#

On R3:
R3#
R3#show ip route
B BGP, D - EIGRP, EX - EIGRP external, O - OSPF,
IA - OSPF inter area, N1 - OSPF NSSA external type 1,
E2 - OSPF external type 2, i - IS-IS, su - IS-IS summary,
L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route


R 10.0.0.0 [120/2] via 23.0.0.2, 00:00:06, Serial1/0
R 12.0.0.0 [120/1] via 23.0.0.2, 00:00:06, Serial1/0
R 20.0.0.0 [120/1] via 23.0.0.2, 00:00:06, Serial1/0
R3#
R3#
R3#ping 12.0.0.1

!!!!!
R3#ping 20.0.0.2

!!!!!
R3#ping 10.0.0.1

!!!!!
R3#

Task 5 Configure all three routers in such way that they send updates through only required
interfaces
Solution:
On R1:
R1#config terminal
R1(config-router)#passive-interface ethernet 0/0
R1(config)#exit
R1#

On R2:
R2#config terminal
R2(config)#exit
R2#

On R3:
R3#config terminal
R3(config)#exit
R3
Verification:
R1#

Redistributing: rip
Serial1/0 2 2
Automatic network summarization is not in effect
Maximum path: 4
10.0.0.0
12.0.0.0
Passive Interface(s):
Ethernet0/0
12.0.0.2 120 00:00:01

Explanation:
Task 1 is asking us to configure RIP version 2 on all the interfaces. In the router rip sub
configuration we have to advertise our interfaces with network command. We can only declare
networks in their classfull boundaries. Version 2 is to be specified as default behavior is send
version 1 updates and receive both version 1 and version 2 updates.
This configuration can be checked in show ip protocols
In configuration of task 2 we can see that by default RIP will always do auto-summarization. To
disable the auto-summarization we can give no auto-summary under RIP routing process.
Task 5 is asking us to send RIPv2 updates only out of required interface. Always remember that
RIPv2 does support classless network advertisement but we can only publish classfull networks in
RIPv2. By default all the routing protocols except BGP, Send hello packets and advertise the
networks, which we have defined by network command. In RIPv2 if we make a passive interface
then that interface is advertised but it does not send any updates. But the limitation in RIPv2 is this
interface can still receive RIP updates.

EIGRP
Implementing EIGRP
EIGRP is an advanced distance vector routing protocol developed by Cisco. EIGRP is suited for
many different topologies and media. In a well-designed network, EIGRP scales well and provides
extremely quick convergence times with minimal overhead. EIGRP is a popular choice for a routing
protocol on Cisco devices.
Introducing EIGRP
EIGRP is a Cisco-proprietary routing protocol that combines the advantages of link-state and
distance vector routing protocols. EIGRP is an advanced distance vector or hybrid routing protocol
that includes the following features:
Rapid Convergence
EIGRP uses the Diffusing Update Algorithm (DUAL) to achieve rapid convergence. A router that
uses EIGRP stores all available backup routes for destinations so that it can quickly adapt to
alternate routes. If no appropriate route or backup route exists in the local routing table, EIGRP
queries its neighbors to discover an alternate route.
Reduced bandwidth usage
EIGRP does not make periodic updates. Instead, it sends partial updates when the path or the
metric changes for that route. When path information changes, DUAL sends an update about only
that link rather than about the entire table.
Multiple network layer support
EIGRP supports AppleTalk, IP version 4 (IPv4), IP version 6 (IPv6), and Novell Internetwork Packet
Exchange (IPX), which use protocol-dependent modules (PDM). PDMs are responsible for protocol
requirements that are specific to the network layer.
Classless routing
Because EIGRP is a classless routing protocol, it advertises a routing mask for each destination
network. The routing mask feature enables EIGRP to support discontiguous subnetworks and
variable-length subnet masks (VLSM).
Less overhead
EIGRP uses multicast and unicast rather than broadcast. As a result, end stations are unaffected
by routing updates and requests for topology information.
Load balancing
EIGRP supports unequal metric load balancing, which allows administrators to better distribute
traffic flow in their networks.

Easy summarization
EIGRP enables administrators to create summary routes anywhere within the network rather than
rely on the traditional distance vector approach of performing classful route summarization only at
major network boundaries.
Each EIGRP router maintains a neighbor table. This table includes a list of directly connected
EIGRP routers that have an adjacency with this router.
Each EIGRP router maintains a topology table for each routed protocol configuration. The topology
table includes route entries for every destination that the router learns. EIGRP chooses the best
routes to a destination from the topology table and places these routes in the routing table.
In EIGRP, the best route is called a successor route while a backup route is called the feasible
successor. To determine the best route (successor) and the backup route (feasible successor) to a
destination, EIGRP uses the following two parameters:
Advertised distance
The EIGRP metric for an EIGRP neighbor to reach a particular network
Feasible distance
The advertised distance for a particular network learned from an EIGRP neighbor plus the EIGRP
metric to reach that neighbor
A router compares all feasible distances to reach a specific network and then selects the lowest
feasible distance and places it in the routing table. The feasible distance for the chosen route
becomes the EIGRP routing metric to reach that network in the routing table.
The EIGRP topology database contains all the routes that are known to each EIGRP neighbor.
Routers A and B send their routing tables to Router C, whose table is displayed in Both Routers A
and B have pathways to network 10.1.1.0/24, as well as to other networks that are not shown
.

Configuring and Verifying EIGRP
Use the router eigrp and network commands to create an EIGRP routing process. Note that
EIGRP requires an autonomous system (AS) number. The AS number does not have to be
registered as is the case when routing on the Internet with the Border Gateway Protocol (BGP)
routing protocol. However, all routers within an AS must use the same AS number to exchange
routing information with each other.

The network command defines a major network number to which the router is directly connected.
The EIGRP routing process looks for interfaces that have an IP address that belongs to the
networks that are specified with the network command and begins the EIGRP process on these
interfaces.
EIGRP Command Example
Command Description
router eigrp 100 Enables the EIGRP routing process for AS 100
network 172.16.0.0 Associates network 172.16.0.0 with the EIGRP routing process
network 10.0.0.0 Associates network 10.0.0.0 with the EIGRP routing process
EIGRP sends updates out of the interfaces in networks 10.0.0.0 and 172.16.0.0. The updates
include information about networks 10.0.0.0 and 172.16.0.0 and any other networks that EIGRP
learns.
EIGRP automatically summarizes routes at the classful boundary. In some cases, you might not
want automatic summarization to occur. For example, if you have discontiguous networks, you need
to disable automatic summarization to minimize router confusion.
To disable automatic summarization, use the no auto-summary command in the EIGRP router
configuration mode.
The show ip protocols command displays the parameters and current state of the active routing
protocol process. This command shows the EIGRP AS number. It also displays filtering and
redistribution numbers and neighbor and distance information. This also shows the networks that
are currently being advertised on the router by the protocol.
Use the show ip eigrp interfaces [type number] [as-number] command to determine on which
interfaces EIGRP is active, and to learn information about EIGRP that relates to those interfaces. If
you specify an interface by using the type number option, only that interface is displayed. Otherwise,
all interfaces on which EIGRP is running are displayed. If you specify an AS using the as-number
option, only the routing process for the specified AS is displayed. Otherwise, all EIGRP processes
are displayed. Exam shows the output of the show ip eigrp interfaces command.
EIGRP Summary
The characteristics of EIGRP follow:
Hybrid routing protocol (distance vector that has link-state protocol characteristics).
Uses IP protocol 88.
Classless protocol (supports VLSMs).
Default composite metric uses bandwidth and delay.
You can factor load and reliability into the metric.
Sends partial route updates only when there are changes.
Support for authentication.
Uses DUAL for loop prevention.
By default, equal-cost load balancing. Unequal-cost load balancing with the variance command.
Administrative distance is 90 for EIGRP internal routes, 170 for EIGRP external routes, and 5 for
EIGRP summary routes.
Potential routing protocol for the core of a network; used in large networks.

EIGRP Configuration
Load IP Routing Initials Prior to Starting

Task 1 Configure EIGRP AS 100 on R1 advertise its all networks into EIGRP
Solution:
On R1 :
R1#
R1(config)#router eigrp 100
R1(config)#exit
R1#

Verification:
On R1:
R1#

Routing Protocol is "eigrp 100"
Default networks flagged in outgoing updates
Default networks accepted from incoming updates
Redistributing: eigrp 100
EIGRP-IPv4 Protocol for AS(100)
Metric weight K1=1, K2=0, K3=1, K4=0, K5=0
NSF-aware route hold timer is 240
Router-ID: 12.0.0.1
Topology : 0 (base)
Active Timer: 3 min
Distance: internal 90 external 170
Maximum path: 4
Maximum hopcount 100
Maximum metric variance 1

Automatic Summarization: enabled
Maximum path: 4
10.0.0.0
12.0.0.0

R1#

Task 2 From above output we can see that R1 is doing auto-summarization so disable auto-
summarization on R1
Solution:
On R1:
R1#
R1(config)#exit
R1#
Verification:
R1#

Router-ID: 12.0.0.1
Topology : 0 (base)
Active Timer: 3 min
Maximum path: 4

Automatic Summarization: disabled
Maximum path: 4
10.0.0.0
12.0.0.0

R1#

Task 4 configure EIGRP AS 100 on R2 and R3 advertise all the networks and disable auto-
summarization.
Solution:
On R2:
R2#
R2#config terminal
R2(config)#exit
R2#

On R3:
R3#
R3(config)#exit
R3#

Verification:
On R1:
R1#show ip route


D 10.0.0.0/24 is directly connected, Ethernet0/0
D 20.0.0.0 [120/1] via 12.0.0.2, 00:00:24, Serial1/0
D 23.0.0.0 [120/1] via 12.0.0.2, 00:00:24, Serial1/0
D 30.0.0.0 [120/2] via 12.0.0.2, 00:00:24, Serial1/0
R1#
R1#
R1#ping 23.0.0.2

!!!!!
R1#ping 20.0.0.2

!!!!!
R1#ping 30.0.0.3

!!!!!

R1#

On R2:
R2#
R2#show ip route


D 10.0.0.0 [120/1] via 12.0.0.1, 00:00:14, Serial1/0
D 30.0.0.0 [120/1] via 23.0.0.3, 00:00:27, Serial1/1
R2#
R2#
R2#ping 10.0.0.1

!!!!!
R2#ping 30.0.0.3

!!!!!
R2#

On R3:
R3#
R3#show ip route


D 10.0.0.0 [120/2] via 23.0.0.2, 00:00:06, Serial1/0
D 12.0.0.0 [120/1] via 23.0.0.2, 00:00:06, Serial1/0
D 20.0.0.0 [120/1] via 23.0.0.2, 00:00:06, Serial1/0
R3#
R3#
R3#ping 12.0.0.1

!!!!!
R3#ping 20.0.0.2

!!!!!
R3#ping 10.0.0.1

!!!!!
R3#

Task 5 Configure all three routers in such manner that they send updates through only
required interfaces
Solution:
On R1
R1#config terminal
R1(config)#exit
R1#

On R2:
R2#config terminal
R2(config)#exit
R2#

On R3:
R3#config terminal
R3(config)#exit
R3#

Verification:
On R1:
R1#

Router-ID: 12.0.0.1
Topology : 0 (base)
Active Timer: 3 min
Maximum path: 4

Automatic Summarization: disabled
Maximum path: 4
10.0.0.0
12.0.0.0
Ethernet0/0

R1#

OSPF
Background Information
OSPF protocol was developed due to a need in the internet community to introduce a high
functionality non-proprietary Internal Gateway Protocol (IGP) for the TCP/IP protocol family. The
discussion of the creation of a common interoperable IGP for the Internet started in 1988 and did
not get formalized until 1991. At that time the OSPF Working Group requested that OSPF be
considered for advancement to Draft Internet Standard.
The OSPF protocol is based on link-state technology, which is a departure from the Bellman-Ford
vector based algorithms used in traditional Internet routing protocols such as RIP. OSPF has
introduced new concepts such as authentication of routing updates, Variable Length Subnet Masks
(VLSM), route summarization, and so forth.
These chapters discuss the OSPF terminology, algorithm and the pros and cons of the protocol in
designing the large and complicated networks of today.
OSPF versus RIP
The rapid growth and expansion of today's networks has pushed RIP to its limits. RIP has certain
limitations that can cause problems in large networks:
RIP has a limit of 15 hops. A RIP network that spans more than 15 hops (15 routers) is considered
unreachable.
RIP cannot handle Variable Length Subnet Masks (VLSM). Given the shortage of IP addresses and
the flexibility VLSM gives in the efficient assignment of IP addresses, this is considered a major
flaw.
Periodic broadcasts of the full routing table consume a large amount of bandwidth. This is a major
problem with large networks especially on slow links and WAN clouds.
RIP converges slower than OSPF. In large networks convergence gets to be in the order of minutes.
RIP routers go through a period of a hold-down and garbage collection and slowly time-out
information that has not been received recently. This is inappropriate in large environments and
could cause routing inconsistencies.
RIP has no concept of network delays and link costs. Routing decisions are based on hop counts.
The path with the lowest hop count to the destination is always preferred even if the longer path has
a better aggregate link bandwidth and less delays.
RIP networks are flat networks. There is no concept of areas or boundaries. With the introduction of
classless routing and the intelligent use of aggregation and summarization, RIP networks seem to
have fallen behind.
Some enhancements were introduced in a new version of RIP called RIP2. RIP2 addresses the
issues of VLSM, authentication, and multicast routing updates. RIP2 is not a big improvement over
RIP (now called RIP 1) because it still has the limitations of hop counts and slow convergence which
are essential in todays large networks.
OSPF, on the other hand, addresses most of the issues previously presented:
With OSPF, there is no limitation on the hop count.
The intelligent use of VLSM is very useful in IP address allocation.
OSPF uses IP multicast to send link-state updates. This ensures less processing on routers that are
not listening to OSPF packets. Also, updates are only sent in case routing changes occur instead of
periodically. This ensures a better use of bandwidth.
OSPF has better convergence than RIP. This is because routing changes are propagated
instantaneously and not periodically.
OSPF allows for better load balancing.
OSPF allows for a logical definition of networks where routers can be divided into areas. This limits
the explosion of link state updates over the whole network. This also provides a mechanism for
aggregating routes and cutting down on the unnecessary propagation of subnet information.
OSPF allows for routing authentication by using different methods of password authentication.
OSPF allows for the transfer and tagging of external routes injected into an Autonomous System.
This keeps track of external routes injected by exterior protocols such as BGP.
This of course leads to more complexity in the configuration and troubleshooting of OSPF networks.
Administrators that are used to the simplicity of RIP are challenged with the amount of new
information they have to learn in order to keep up with OSPF networks. Also, this introduces more
overhead in memory allocation and CPU utilization. Some of the routers running RIP might have to
be upgraded in order to handle the overhead caused by OSPF.
What Do We Mean by Link-States?
OSPF is a link-state protocol. We could think of a link as being an interface on the router. The state
of the link is a description of that interface and of its relationship to its neighboring routers. A
description of the interface would include, for example, the IP address of the interface, the mask, the
type of network it is connected to, the routers connected to that network and so on. The collection of
all these link-states would form a link-state database.
Shortest Path First Algorithm
OSPF uses a shorted path first algorithm in order to build and calculate the shortest path to all
known destinations. The shortest path is calculated with the use of the Dijkstra algorithm. The
algorithm by itself is quite complicated. This is a very high level, simplified way of looking at the
various steps of the algorithm:
1. Upon initialization or due to any change in routing information, a router generates a link-state
advertisement. This advertisement represents the collection of all link-states on that router.
2. All routers exchange link-states by means of flooding. Each router that receives a link-state update
should store a copy in its link-state database and then propagate the update to other routers.
3. After the database of each router is completed, the router calculates a Shortest Path Tree to all
destinations. The router uses the Dijkstra algorithm in order to calculate the shortest path tree. The
destinations, the associated cost and the next hop to reach those destinations form the IP routing
table.
4. In case no changes in the OSPF network occur, such as cost of a link or a network being added or
deleted, OSPF should be very quiet. Any changes that occur are communicated through link-state
packets, and the Dijkstra algorithm is recalculated in order to find the shortest path.
The algorithm places each router at the root of a tree and calculates the shortest path to each
destination based on the cumulative cost required to reach that destination. Each router will have its
own view of the topology even though all the routers will build a shortest path tree using the same
link-state database. The following sections indicate what is involved in building a shortest path tree.

OSPF Cost
The cost (also called metric) of an interface in OSPF is an indication of the overhead required to
send packets across a certain interface. The cost of an interface is inversely proportional to the
bandwidth of that interface. A higher bandwidth indicates a lower cost. There is more overhead
(higher cost) and time delays involved in crossing a 56k serial line than crossing a 10M Ethernet
line. The formula used to calculate the cost is:
Cost = 100/Bandwidth in Mbps

OSPF Configuration
Load IP Routing Intials Prior to Starting

Task 1 Configure OSPF area 0 on R1 advertise its all networks into OSPF use process id 100
Solution:
On R1:
R1#
R1(config)#router ospf 100
R1(config-router)#network 10.0.0.0 0.0.0.255 area 0
R1(config)#exit
R1#

Verification:
On R1:
R1#

Routing Protocol is "ospf 100"
Router ID 12.0.0.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
10.0.0.0 0.0.0.255 area 0
12.0.0.0 0.0.0.255 area 0

R1#

Task 2 configure OSPF area 0 on R2 and R3 advertise all the networks use process id 100
Solution:
On R2:
R2#
R2#config terminal
R2(config)#exit
R2#

On R3:
R3#
R3(config)#exit
R3#

Verification:
R1#show ip route


O 10.0.0.0/24 is directly connected, Ethernet0/0
O 20.0.0.0 [120/1] via 12.0.0.2, 00:00:24, Serial1/0
O 23.0.0.0 [120/1] via 12.0.0.2, 00:00:24, Serial1/0
O 30.0.0.0 [120/2] via 12.0.0.2, 00:00:24, Serial1/0
R1#
R1#
R1#ping 23.0.0.2

!!!!!
R1#ping 20.0.0.2

!!!!!
R1#ping 30.0.0.3

!!!!!

R1#
On R2:
R2#
R2#show ip route


O 10.0.0.0 [120/1] via 12.0.0.1, 00:00:14, Serial1/0
O 30.0.0.0 [120/1] via 23.0.0.3, 00:00:27, Serial1/1
R2#
R2#
R2#ping 10.0.0.1

!!!!!
R2#ping 30.0.0.3

!!!!!
R2#

On R3:
R3#
R3#show ip route


O 10.0.0.0 [120/2] via 23.0.0.2, 00:00:06, Serial1/0
O 12.0.0.0 [120/1] via 23.0.0.2, 00:00:06, Serial1/0
O 20.0.0.0 [120/1] via 23.0.0.2, 00:00:06, Serial1/0
R3#
R3#
R3#ping 12.0.0.1

!!!!!
R3#ping 20.0.0.2

!!!!!
R3#ping 10.0.0.1

!!!!!
R3#

Task 4 Configure all three routers in such manner that they send updates through only required
interfaces
On R1
R1#config terminal
R1(config)#exit
R1#

On R2:
R2#config terminal
R2(config)#exit
R2#

On R3:
R3#config terminal
R3(config)#exit
R3#
Verification:
On R1:
R1#

Routing Protocol is "ospf 100"
Router ID 12.0.0.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
10.0.0.0 0.0.0.255 area 0
12.0.0.0 0.0.0.255 area 0
Ethernet0/0

R1#

Task 5 check ospf neighbors on all the router with show ip ospf neighbor.
Verification:
On R1:
R1#
R1#show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface
23.0.0.2 0 FULL/- 00:00:36 12.0.0.2 Serial1/0
R1#

On R2:
R2#

30.0.0.3 0 FULL/- 00:00:38 23.0.0.3 Serial1/1
12.0.0.1 0 FULL/- 00:00:38 12.0.0.1 Serial1/0
R2#

On R3:

23.0.0.2 0 FULL/- 00:00:34 23.0.0.2 Serial1/0
R3#

Explanation:
In task 1 we have been asked to advertise network in OSPF un likely in EIGRP we give router eigrp
and AS number in EIGRP configuration. But in ospf we have to give process id. When we have to
advertise networks in ospf we have to use wild-card bits.
The best way to calculate wild-card bits for any network is to subtract subnet-mask from broadcast
address.
For e.g.
Wildcard bit for 150.1.1.0/24 will be
255.255.255.255
- 255.255.255.0
= 0.0.0.255
So if you want to advertise network 150.1.1.0/24 in ospf u can advertise with network 1501.1.0 0.0.0.255
area 0

Switch Introduction
Hubs vs. Switches
Prior to switches, Hubs were the standard for connecting devices on a local area network (LAN).
The problem with hubs was that everything that went through them had to share the bandwidth of
the link. Bandwidth was wasted because all traffic was sent to all devices, and there were a lot of
collisions because the hub didnt do anything to prevent them. A switch fixes these problems.
What do switches do?
Here are some facts about switches that you should know:
Switches work at Layer 2 of the OSI model, not Layer 1 like a hub
Switches switch Ethernet frames
Switches dont look at IP address information, only Ethernet MAC addresses
Switches keeps a table of all MAC addresses traversing the switch and what port they are on (this
table is called the bridge forwarding table or CAM table)
Switches only sends traffic to the devices that are the destination for that traffic, saving bandwidth
Each device connected to the switch gets the full bandwidth of the switch port because the switch
prevents collisions
Flooding
Now that you know that the switch has the bridge forwarding table and uses that to intelligently send
traffic, a common question is, what if the destination MAC address for the traffic that the switch
receives is not in the bridge forwarding table? What does the switch do with that Ethernet frame?
The answer is that the switch will flood that frame out all ports on the switch. The switch will then
monitor the traffic for the response from that frame and see what device, on what port, responded to
that flooded frame. That information will be put in the bridge forwarding table so that, next time, the
switch wont have to flood that traffic
Port speed & Duplex
Of particular importance when it comes to switches are port speed and duplex. The speed of a port
can be set to 10Mb, 100Mb, or 1000Mb (1GB), or Auto negotiate, depending on what the switch and
the connecting device offers. Most switch ports and devices use auto negotiate to find the best
speed and duplex available. However, this doesnt always work. Some devices have trouble with
this and you may have to go in to the switch and hardcode the speed or duplex.
Speaking of duplex, what is duplex? Duplex is set to either half, full, or is auto negotiated. A half
duplex connection is where only one device can send or receive at a time. A full duplex connection
is where both devices can send and receive at the same time.
Thus, if you have a 100Mb half-duplex connection, only sending at 100Mb OR receiving at 100Mb
can happen at the same time. If you have a 100Mb full duplex connection, you can effectively get
200Mb out of the link because you could be sending 100Mb and receiving 100Mb at the same time.

Have you ever wondered what a Virtual LAN (or VLAN) is or been unclear as to why you would want
one? If so, I have been in your place at one time too. Since then, I have learned a lot about what a
VLAN is and how it can help me. In this article, I will share that knowledge with you.
What is a LAN?
Okay, most of you already know what a LAN is but lets give it a definition to make sure. We have to
do this because, if you dont know what a LAN is, you cant understand what a VLAN is.
A LAN is a local area network and is defined as all devices are in the same broadcast domain. If you
remember, routers stop broadcasts, switches just forward them.
What is a VLAN?
As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain created by
switches. Normally, it is a router creating that broadcast domain. With VLANs, a switch can create
the broadcast domain.
This works by, you, the administrator, putting some switch ports in a VLAN other than 1, the default
VLAN. All ports in a single VLAN are in a single broadcast domain.
Because switches can talk to each other, some ports on switch A can be in VLAN 10 and other
ports on switch B can be in VLAN 10. Broadcasts between these devices will not be seen on any
other port in any other VLAN, other than 10. However, these devices can all communicate because
they are on the same VLAN. Without additional configuration, they would not be able to
communicate with any other devices, not in their VLAN.
Are VLANs required?
It is important to point out that you dont have to configure a VLAN until your network gets so large
and has so much traffic that you need one. Many times, people are simply using VLANs because
the network they are working on was already using them.
Another important fact is that, on a Cisco switch, VLANs are enabled by default and ALL devices
are already in a VLAN. The VLAN that all devices are already in is VLAN 1. So, by default, you can
just use all the ports on a switch and all devices will be able to talk to one another.
When do I need a VLAN?
You need to consider using VLANs in any of the following situations:
You have more than 200 devices on your LAN
You have a lot of broadcast traffic on your LAN
Groups of users need more security or are being slowed down by too many broadcasts?
Groups of users need to be on the same broadcast domain because they are running the same
applications. An example would be a company that has VoIP phones. The users using the phone
could be on a different VLAN, not with the regular users.
Or, just to make a single switch into multiple virtual switches.
Why not just subnet my network?
A common question is why not just subnet the network instead of using VLANs? Each VLAN should
be in its own subnet. The benefit that a VLAN provides over a subnetted network is that devices in
different physical locations, not going back to the same router, can be on the same network. The
limitation of subnetting a network with a router is that all devices on that subnet must be connected
to the same switch and that switch must be connected to a port on the router.
How can devices on different VLANs communicate?
Devices on different VLANs can communicate with a router or a Layer 3 switch. As each VLAN is
its own subnet, a router or Layer 3 switch must be used to route between the subnets.
What is a trunk port?
When there is a link between two switches or a router and a switch that carries the traffic of more
than one VLAN, that port is a trunk port.
A trunk port must run a special trunking protocol. The protocol used would be Ciscos proprietary
Inter-switch link (ISL) or the IEEE standard 802.1q.
How do I create a VLAN?
Configuring VLANs can vary even between different models of Cisco switches. Your goals, no
matter what the commands are, is to:
Create the new VLANs
Put each port in the proper VLAN
Lets say we wanted to create VLANs 5 and 10. We want to put ports 2 & 3 in VLAN 5 (Marketing)
and ports 4 and 5 in VLAN 10 (Human Resources). On a Cisco 2950 switch, here is how you would
do it:

At this point, only ports 2 and 3 should be able to communicate with each other and ports 4 & 5
should be able to communicate. That is because each of these is in its own VLAN. For the device
on port 2 to communicate with the device on port 4, you would have to configure a trunk port to a
router so that it can strip off the VLAN information, route the packet, and add back the VLAN
information.
What do VLANs offer?
VLANs offer higher performance for medium and large LANs because they limit broadcasts. As the
amount of traffic and the number of devices grow, so does the number of broadcast packets. By
using VLANs you are containing broadcasts.
VLANs also provide security because you are essentially putting one group of devices, in one
VLAN, on their own network.
Summary
A VLAN is a broadcast domain formed by switches
Administrators must create the VLANs then assign what port goes in what VLAN, manually.
VLANs provide better performance for medium and large LANs.
All devices, by default, are in VLAN 1.
A trunk port is a special port that runs ISL or 802.1q so that it can carry traffic from more than one
VLAN.
For devices in different VLANs to communicate, you must use a router or Layer 3 switch.

VTP
Unfortunately, if you have more than a couple of switches, configuring VLANs can be a real pain.
To make life easier, Cisco developed VLAN Trunking Protocol (VTP). Lets find out what VTP can
do for you.
How can VTP help me?
Say that you have 20 switches in your large office building. On each of these switches, you have
four VLANs. Without VTP, you have to create each of these four VLANs on each of these switches.
With VTP, you only have to create the four VLANs once, on one switch, and all other switches learn
about the four VLANs.
In other words, the job of VTP is to distribute VLAN configuration information between all the
switches.
How does it work?
The job of VTP is best explained from the perspective of the VTP server. All switches, by default,
are VTP servers. The VTP server is where you would create, remove, or modify VLANs.
This VTP server sends an advertisement, across the domain, every 5 minutes or whenever a
change is made in the VLAN database. That advertisement contains all the different VLAN names,
VLAN numbers, what switches have ports in what VLANs, and a revision number. Whenever a
switch receives an update with a larger revision number than the last one it applied, it applies that
revision.
Keep in mind that VTP is a Cisco proprietary protocol. So, to use VTP between your switches, you
must have all Cisco switches.
VTP Modes
VTP switches can be in three different modes. Those modes are:
Server the default where all VLAN adds, changes, and removals are allowed
Client where no changes can be made, only new revisions can be received from the VTP server
switches.
Transparent where local VLAN information can be changed but that information is not sent out to
other switches. Transparent switches also do not apply VTP advertisements from other switches but
they do forward those advertisements on.
Usually, you would want a few of your core switches to be servers and all remaining remote or
access layer switches to be clients. You would only make changes on the server switches and those
changes would be propagated to the client switches.
What about pruning?
VTP pruning is the process of not sending IP broadcast traffic for certain VLANs to switches that do
not have any ports in that VLAN. The switches that choose not to send these broadcasts know that
they cannot do this because of VTP. With VTP telling them what ports the other switches have, this
switch knows that they dont have to send them broadcast packets, because they know that the
other switches dont need them.
To configure VTP, you use the vtp global configuration mode command. With this command you
can specify the following:
VTP domain the name of the VTP domain. All switches communicating with VTP in the same
domain, must have the same VTP domain name.
VTP mode either server, client, or transparent
VTP password a password to control who can and cannot receive VTP information
VTP pruning VTP pruning is either turned on or off
Here is a sample configuration:

To see what is going on with VTP, you can use show vtp status, like this:

Summary
VTP is used to distribute VLAN configuration information between switches
VTP is Cisco proprietary and can only be used on Cisco switches.
By using VTP, you can also prune your VLANs, saving bandwidth
The command to configure VTP is the global configuration mode command, vtp
The command to check status is the privileged mode command, show vtp status

Switch Configuration

Task 1 Assign hostname R1, SW1, SW2, R2 to router1, switch1, switch2, router2 respectively.
Solution:
On Router1:
Router>
Router>enable
R1(config)#

On Router2:
Router>
Router>enable
R2(config)#

On Router3:
Router>
Router>enable
R3(config)#

On Switch1:
Switch>
Switch>enable
Switch#configure terminal
SW1(config)#

On Switch2:
Switch>
Switch>enable
Switch#configure terminal
SW2(config)#

Task 2 Assign IP address 192.168.1.1/24 to R1s E0/0 interface.
Solution:
On R1:
R1(config)#interface Ethernet 0/0
R1(config-if)#exit
R1(config)#

Task 3 Assign IP address 192.168.1.2/24 to R2s E0/0 interface.
Solution:
On R2:
R2(config)#interface Ethernet 0/0
R2(config-if)#exit
R2(config)#

Task 4 On SW1 configure interface Ethernet0/0 as trunk and use dot1q as trunking
encapsulation. Verify the configuration.
Solution:
On SW1:
SW1(config)#
SW1(config)#interface Ethernet 0/0
SW1(config-if)#switchport trunk encapsulation dot1q
SW1(config-if)#switchport mode trunk
SW1(config-if)#exit
SW1(config)#

Verification:
SW1#
SW1#show interfaces trunk

Port Mode Encapsulation Status Native vlan
E0/0 on 802.1q trunking 1

Port Vlans allowed on trunk
E0/0 1-4094

Port Vlans allowed and active in management domain
E0/0 1

Port Vlans in spanning tree forwarding state and not pruned
E0/0 1
SW1#

Task 5 On SW2 configure interface ethernet0/0 as trunk and use dot1q as trunking
encapsulation. Verify the configuration.
Solution:
On SW2:
SW2(config)#
SW2(config-if)#exit
SW2(config)#
Verification:
SW2#

E0/0 on 802.1q trunking 1

E0/0 1-4094

E0/0 1

E0/0 1
SW2#

Task 6 On SW1 change VTP Domain to CCNA and VTP Password to ACIT
Solution:
On SW1:
SW1(config)#
SW1(config)#vtp domain CCNA
SW1(config)#vtp password ACIT
SW1(config)#exit
SW1#
Verification:
SW1#
SW1#show vtp status
VTP Version : 3 (capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Server
VTP Domain Name : CCNA
VTP Pruning Mode : Disabled (Operationally Disabled)
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x20 0x1D 0x95 0xF3 0x5C 0xF0 0x11 0x94
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
VTP version running : 1
SW1#

Task 7 On SW2 change VTP Domain to CCNA and VTP Password to ACIT and change VTP
mode to client
Solution:
On SW2:
SW2(config)#
SW2(config)#vtp domain CCNA
SW2(config)#vtp password ACIT
SW2(config)#vtp mode client
SW2(config)#exit
SW2#

Verification:
SW2#
SW2#show vtp status
VTP Version : 3 (capable)
Configuration Revision : 0
Maximum VLANs supported locally : 1005
Number of existing VLANs : 5
VTP Operating Mode : Client
VTP Domain Name : CCNA
VTP Pruning Mode : Disabled (Operationally Disabled)
VTP V2 Mode : Disabled
VTP Traps Generation : Disabled
MD5 digest : 0x20 0x1D 0x95 0xF3 0x5C 0xF0 0x11 0x94
Configuration last modified by 0.0.0.0 at 0-0-00 00:00:00
Local updater ID is 0.0.0.0 (no valid interface found)
VTP version running : 1
SW2#

Task 8 On SW1 create vlan 100, 200 ,300 ,400, 500 , 600 and verify that vlan information is
propagated to SW2.
Solution:
On SW1:
SW1#configure terminal
SW1(config)#vlan 100,200,300,400,500,600
SW1(config-vlan)#exit
SW1(config)#exit
SW1#
Verification:
On SW1
SW1#
SW1#show vlan
VLAN Name Status Ports
---- ------------------ --------- -------------------------------
1 default active Et0/1, Et0/2, Et0/3
100 VLAN0100 active
200 VLAN0200 active
300 VLAN0300 active
400 VLAN0400 active
500 VLAN0500 active
600 VLAN0600 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
...<output omitted>

SW1#

On SW2:
SW2#
SW2#show vlan
---- ------------------ --------- -------------------------------
100 VLAN0100 active
200 VLAN0200 active
300 VLAN0300 active
400 VLAN0400 active
500 VLAN0500 active
600 VLAN0600 active
...<output omitted>

SW2#

Task 9 On SW1 assign vlan 100 to Ethernet 0/1 port
Solution:
On SW1:
SW1(config)#interface ethernet 0/1
SW1(config-if)#switchport mode access
SW1(config-if)#switchport access vlan 100
SW1(config-if)#exit
SW1(config)#exit
SW1#
Verification:
SW1#
SW1#show vlan
---- ------------------ --------- -------------------------------
1 default active Et0/2, Et0/3
100 VLAN0100 active Et0/1
200 VLAN0200 active
300 VLAN0300 active
400 VLAN0400 active
500 VLAN0500 active
600 VLAN0600 active
...<output omitted>

SW1#

Task 10 On SW2 assign vlan 100 to Ethernet 0/2 port
Verification:
On SW2:
SW2(config)#interface ethernet 0/2
SW2(config-if)#exit
SW2(config)#exit
SW2#

Verification:
SW2#
SW2#show vlan
---- ------------------ --------- -------------------------------
1 default active Et0/1, Et0/3
200 VLAN0200 active
300 VLAN0300 active
400 VLAN0400 active
500 VLAN0500 active
600 VLAN0600 active
...<output omitted>

SW2#
Task 11 Test the reachability from R1 to R2
Verification:
ON R1:
R1#
R1#ping 192.168.1.2

!!!!!
R1#

Intervlan Configuration
Note :-Load Intervlan Initials Prior to Starting

Task 1 Configure VLAN 100, 200 on SW1
Solution:
ON SW1
SW1#
SW1(config)#vlan 100,200
SW1(config-vlan)#exit
SW1(config)#exit

Verification:
ON SW1
SW1#
SW1#show vlan

---- ------------------ --------- -------------------------------
100 VLAN0100 active
200 VLAN0200 active

Task 2 On SW1 Assign VLAN 100 to interface Ethernet 0/1 and VLAN200 to interface Ethernet
0/2
Verification:
On SW1:
SW1(config-if)#exit
SW1(config-if)#exit
SW1(config)#exit
SW1#

Verification:
On SW1:
SW1#
SW1#show vlan

---- ------------------ --------- -------------------------------
1 default active Et0/3

Task 3 Configure Ethernet 0/3 Port of SW1 as DOT1Q trunk and allow VLANS 100,200 on this
trunk
Solution:
ON SW1:
SW1(config)#int ethernet0/3
SW1(config-if)#switchport trunk allowed vlan 100,200
SW1(config-if)#exit
SW1(config)#exit
SW1#

Verification:
ON SW1
SW1#

Et0/3 on 802.1q trunking 1

Et0/3 100,200

Et0/3 100,200

Et0/3 100,200
SW1#

Task 4 On R3 Create Sub-interface Numbered 100 and assign vlan 100 and give ip address
192.168.100.254/24 and check the connectivity to R1
Solution:
On R3
R3(config)#
R3(config-if)#exit
R3(config)#int ethernet 0/0.100
R3(config-subif)#encapsulation dot1Q 100
R3(config-subif)#ip address 192.168.100.254 255.255.255.0
R3(config-subif)#exit
R3(config)#exit

Verification:
R3#
Ethernet0/0 unassigned YES unset up up
Ethernet0/0.100 192.168.100.254 YES manual up up
R3#
R3#ping 192.168.100.1

!!!!!
R3

Task 5 On R3 Create Sub-interface Numbered 200 and assign vlan 200 and give ip address
192.168.200.254/24 and check the connectivity to R2
Solution:
On R3:
R3(config)#
R3(config)#int ethernet 0/0.200
R3(config-subif)#encapsulation dot1Q 200
R3(config-subif)#ip address 192.168.200.254 255.255.255.0
R3(config-subif)#exit
R3(config)#exit

Verification:
R3#
Ethernet0/0 unassigned YES unset up up
R3#
R3#ping 192.168.200.2

!!!!!
R3

Task 6 Configure RIPv2 on R1,R2,R3 on all the routers to get end-to-end connectivity and
test Rechablity between R1 and R2.
Solution:
On R1:
R1(config)#
R1(config)#

On R2:
R2(config)#
R2(config)#

On R3:
R3(config)#
R3(config)#

Verification:
On R1
R1#
R1#show ip route
L1 - IS-IS level-1, L2 - IS-IS level-2 ,ia - IS-IS inter area,


R 192.168.2.0/24 [120/2] via 192.168.100.254, 00:00:09, Ethernet0/0
R 192.168.200.0/24 [120/1] via 192.168.100.254, 00:00:09,Ethernet0/0
R1#ping 192.168.200.2

!!!!!
R1#ping 192.168.2.2

!!!!!
R1#

On R2:
R2#
R2#show ip route


R 192.168.1.0/24 [120/2] via 192.168.200.254, 00:00:08, Ethernet0/0
R 192.168.100.0/24 [120/1] via 192.168.200.254, 00:00:08,Ethernet0/0
R2#
R2#ping 192.168.100.1

!!!!!
R2#ping 192.168.1.1

!!!!!
R2#
On R3:
R3#
R3#show ip route
R 192.168.1.0/24 [120/1] via 192.168.100.1, 00:00:25,Ethernet0/0.100
R 192.168.2.0/24 [120/1] via 192.168.200.2, 00:00:15,Ethernet0/0.200
C 192.168.100.0/24 is directly connected, Ethernet0/0.100
L 192.168.100.254/32 is directly connected, Ethernet0/0.100
C 192.168.200.0/24 is directly connected, Ethernet0/0.200
L 192.168.200.254/32 is directly connected, Ethernet0/0.200
R3#ping 192.168.1.1

!!!!!
R3#
R3#ping 192.168.2.2

!!!!!
R3#

WAN
What is HDLC?
HDLC stands for High-Level Data Link Control protocol. Like the two other WAN protocols
mentioned in this article, HDLC is a Layer 2 protocol. HDLC is a simple protocol used to connect
point to point serial devices. For example, you have point to point leased line connecting two
locations, in two different cities. HDLC would be the protocol with the least amount of configuration
required to connect these two locations. HDLC would be running over the WAN, between the two
locations. Each router would be de-encapsulating HDLC and turning dropping it off on the LAN.

HDLC performs error correction, just like Ethernet. Ciscos version of HDLC is actually proprietary
because they added a protocol type field. Thus, Cisco HDLC can only work with other Cisco
devices.
HDLC is actually the default protocol on all Cisco serial interfaces. If you do a show running-config
on a Cisco router, your serial interfaces (by default) wont have any encapsulation. This is because
they are configured to the default of HDLC. If you do a show interface serial 0/0, youll see that
you are running HDLC. Here is an example:

What is PPP?
You may have heard of the Point to Point Protocol (PPP) because it is used for most every dial up
connection to the Internet. PPP is documented in RFC 1661. PPP is based on HDLC and is very
similar. Both work well to connect point to point leased lines.
The differences between PPP and HDLC are:
PPP is not proprietary when used on a Cisco router
PPP has several sub-protocols that make it function.
PPP is feature-rich with dial up networking features
Because PPP has so many dial-up networking features, it has become the most popular dial up
networking protocol in use today. Here are some of the dial-up networking features it offers:
Link quality management monitors the quality of the dial-up link and how many errors have been
taken. It can bring the link down if the link is receiving too many errors.
Multilink can bring up multiple PPP dialup links and bond them together to function as one.
Authentication is supported with PAP and CHAP. These protocols take your username and
password to ensure that you are allowed access to the network you are dialing in to.
To change from HDLC to PPP, on a Cisco router, use the encapsulation ppp command, like this:

After changing the encapsulation to ppp, I typed ppp ? to list the PPP options available. There are
many PPP options when compared to HDLC. The list of PPP options in the screenshot is only a
partial list of what is available.
What is Frame-Relay?
Frame Relay is a Layer 2 protocol and commonly known as a service from carriers. For example,
people will say I ordered a frame-relay circuit. Frame relay creates a private network through a
carriers network. This is done with permanent virtual circuits (PVC). A PVC is a connection from
one site, to another site, through the carriers network. This is really just a configuration entry that a
carrier makes on their frame relay switches.
Obtaining a frame-relay circuit is done by ordering a T1 or fractional T1 from the carrier. On top of
that, you order a frame-relay port, matching the size of the circuit you ordered. Finally, you order a
PVC that connects your frame relay port to another of your ports inside the network.
The benefits to frame-relay are:
Ability to have a single circuit that connects to the frame relay cloud and gain access to all other
sites (as long as you have PVCs). As the number of locations grow, you would save more and more
money because you dont need as many circuits as you would if you were trying to fully-mesh your
network with point to point leased lines.
Improved disaster recovery because all you have to do is to order a single circuit to the cloud and
PVCs to gain access to all remote sites.
By using the PVCs, you can design your WAN however you want. Meaning, you define what sites
have direct connections to other sites and you only pay the small monthly PVC fee for each
connection.
Some other terms you should know, concerning frame relay are:
LMI = local management interface. LMI is the management protocol of frame relay. LMI is sent
between the frame relay switches and routers to communicate what DLCIs are available and if
there is congestion in the network.
DLCI = data link connection identifier. This is a number used to identify each PVC in the frame relay
network.
CIR = committed information rate. This is the amount bandwidth you pay to guarantee you will
receive, on each PVC. Generally you have much less CIR than you have port speed. You can, of
course, burst above your CIR to your port speed but that traffic is marked DE.
DE = discard eligible. Traffic marked DE (that was above your CIR) CAN be discarded by the frame-
relay network if there is congestion.
FECN & BECN = forward explicit congestion notification & backward explicit congestion notification.
These are bits set inside LMI packets to alert the frame-relay devices that there is congestion in the
network.

PPP Configuration

Task 1 Configure hostnames R1, R2, R3 on router1 router2 and router3 respectively.
Solution:
On R1
Router>enable
R1(config)#

On R2
Router>
Router>enable
R2(config)#

On R3
Router>
Router>enable
R3(config)#

Task 2 assign encapsulation of PPP to R1 interface Serial1/0 and assign IP address of
12.0.0.1/24
Solution:
On R1
R1(config-if)#encapsulation ppp
R1(config-if)#exit
R1(config)#

Task 3 assign encapsulation of PPP to R2 interface Serial1/0 and assign IP address of
12.0.0.1/24, give clock-rate of 64000. Check connectivity between R1 and R2.
Solution:
On R2
R2(config)#interface serial1/0
R2(config-if)#exit
R2(config)#
Verification:
R2#
R2#ping 12.0.0.1
!!!!!
R2#

Task 4 Configure PPP Pap authentication between R1 and R2 use password as ACIT
Solution:
On R1:
R1(config)#
R1(config)#username R2 password ACIT
R1(config)#interface Serial1/0
R1(config-if)#ppp authentication pap
R1(config-if)#ppp pap sent-username R1 password ACIT
R1(config-if)#exit
R1(config)#

On R2:
R2(config)#
R2(config)#username R1 password ACIT
R2(config)#int serial 1/0
R2(config-if)#ppp authentication pap
R2(config-if)#ppp pap sent-username R2 password ACIT
R2(config-if)#exit
R2(config)#

Verification:
On R1
R1#
R1#show users
Line User Host(s) Idle Location
* 0 con 0 idle 00:00:00

Interface User Mode Idle Peer Address
Se1/0 R2 Sync PPP 00:00:01 12.0.0.2

R1#
R1#ping 12.0.0.2

!!!!!
R1#
On R2
R2#
R2#show users
* 0 con 0 idle 00:00:00

Se1/0 R1 Sync PPP 00:00:00 12.0.0.1

R2#
R2#ping 12.0.0.1

!!!!!
R2#

Task 5 On R2 configure interface Serial1/1 with IP address of 23.0.0.2/24 and set
encapsulation to PPP, Set clock rate of 64000.
Solution:
On R2:
R2(config)#username R3 password CISCO
R2(config)#int se1/1
R2(config-if)#ip add 23.0.0.2 255.255.255.0
R2(config-if)#ppp authentication chap
R2(config-if)#ppp chap password CISCO
R2(config-if)#exit
R2(config)#

On R3:
R3(config)#username R2 password CISCO
R3(config)#int se1/0
R3(config-if)#ip add 23.0.0.3 255.255.255.0
R3(config-if)#ppp authentication chap
R3(config-if)#ppp chap password CISCO
R3(config-if)#exit
R3(config)#
Verification:
On R2
R2#
R2#show users
* 0 con 0 idle 00:00:00

Se1/0 R1 Sync PPP 00:00:00 12.0.0.1
Se1/1 R3 Sync PPP 00:00:00 23.0.0.3

R2#
R2#ping 23.0.0.3

!!!!!
R2#
On R3
R3#
R3#show users
* 0 con 0 idle 00:00:00

Se1/0 R2 Sync PPP 00:00:00 23.0.0.2

R3#
R3#ping 23.0.0.2

!!!!!
R3#

Frame-Relay Configuration

Task 1 Assign hostname FR-SWITCH to router 2 and Configure Router 2 as Frame-Relay
Switch, Use LMI-Type Cisco use DLCI 103 from R1 and Use DLCI 301 from R3.
Solution:
On Router 2
Router>enable
Router(config)#hostname FR-SWITCH
FR-SWITCH(config)#frame-relay switching
FR-SWITCH(config)#interface serial 1/0
FR-SWITCH(config-if)#encapsulation frame-relay
FR-SWITCH(config-if)#frame-relay lmi-type cisco
FR-SWITCH(config-if)#frame-relay intf-type dce
FR-SWITCH(config-if)#clock rate 64000
FR-SWITCH(config-if)#frame-relay route 103 interface serial 1/1 301
FR-SWITCH(config-if)#no sh
FR-SWITCH(config-if)#no shutdown
FR-SWITCH(config-if)#exit
FR-SWITCH(config)#
FR-SWITCH(config)#interface serial 1/1
FR-SWITCH(config-if)#encapsulation frame-relay
FR-SWITCH(config-if)#frame-relay lmi-type cisco
FR-SWITCH(config-if)#frame-relay intf-type dce
FR-SWITCH(config-if)#clock rate 64000
FR-SWITCH(config-if)#frame-relay route 301 interface serial 1/0 103
FR-SWITCH(config-if)#no shutdown
FR-SWITCH(config-if)#exit
FR-SWITCH(config)#exit
FR-SWITCH#

Task 2 On router 1 assign hostname R1 and give interface serial1/0 ip address 13.0.0.1/24,
use frame-relay as encapsulation, use frame-relay static DLCI mapping to map R3 IP
address. Use DLCI 103.
Solution:
On R1
Router>enable
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay map ip 13.0.0.3 103 broadcast
R1(config-if)#exit
R1(config)#exit
R1#
Task 3 On router 3 assign hostname R3 and give interface serial1/0 ip address 13.0.0.3/24,
use frame-relay as encapsulation, use frame-relay static DLCI mapping to map R1 IP
address. Use DLCI 301.
Solution:
On R3
Router>enable
R3(config-if)#encapsulation frame-relay
R3(config-if)#frame-relay map ip 13.0.0.1 301 broadcast
R3(config-if)#exit
R3(config)#exit
R3#
Verification:
On R1
R1#
R1#show frame-relay map
Serial1/0 (up): ip 13.0.0.3 dlci 103(0x67,0x1870), static,
broadcast,
CISCO, status defined, active
R1#ping 13.0.0.3

!!!!!
R1#

On R2
FR-SWITCH#
FR-SWITCH#show frame-relay route
Input Intf Input Dlci Output Intf Output Dlci Status
Serial1/0 103 Serial1/1 301 active
Serial1/1 301 Serial1/0 103 active
FR-SWITCH#

On R3
R3#
R3#show frame-relay map
Serial1/0 (up): ip 13.0.0.1 dlci 301(0x12D,0x48D0), static,
broadcast,
CISCO, status defined, active
R3#ping 13.0.0.1

!!!!!
R3#

DHCP

Configuring DHCP Server
This chapter describes how to configure Dynamic Host Configuration Protocol (DHCP). As
explained in RFC 2131, Dynamic Host Configuration Protocol, DHCP provides configuration
parameters to Internet hosts. DHCP consists of two components: a protocol for delivering host-
specific configuration parameters from a DHCP Server to a host and a mechanism for allocating
network addresses to hosts. DHCP is built on a client/server model, where designated DHCP
Server hosts allocate network addresses and deliver configuration parameters to dynamically
configured hosts.

Above shows, the basic steps that occur when a DHCP client requests an IP address from a DHCP
server. The client, Host A, sends a DHCPDISCOVER broadcast message to locate a DHCP
Server. A DHCP server offers configuration parameters (such as an IP address, a MAC address, a
domain name, and a lease for the IP address) to the client in a DHCPOFFER unicast message.

DHCP Configuration

Task 1 On Router 3 assign hostname R3 and assign IP address 192.168.123.3/24 to
ethernet0/0
Solution:
On R3:
Router>
Router>enable
R3(config)#interface ethernet0/0
R3(config-if)#exit
R3(config)

Task 2 Configure R3 as DHCP Server so that R1 and R2 are automatically assigned with IP
addresses. Also configure R3 as default-gateway and DNS server for R1,R2 .
Solution:
On R3
R3(config)#ip dhcp pool ACIT
R3(dhcp-config)#network 192.168.123.0 /24
R3(dhcp-config)#default-router 192.168.123.3
R3(dhcp-config)#dns-server 192.168.123.3
R3(dhcp-config)#exit
R3(config)#
Task 3 assing hostname R1 and R2, to router1 and router2 respectivly. And configure R1
and R2 to negotiate IP address via DHCP on their Ethernet0/0 interface
Solution:
On R1
Router>enable
R1(config)#interface Ethernet0/0
R1(config-if)#ip address dhcp
R1(config-if)#exit
R1(config)#exit
R1#

On R2
Router>enable
R2(config)#interface Ethernet0/0
R2(config-if)#ip address dhcp
R2(config-if)#exit
R2(config)#exit
R2#

Verification:
On R1
Ethernet0/0 192.168.123.1 YES DHCP up up

R1#
R1#ping 192.168.123.3

!!!!!
R1#
On R2
Ethernet0/0 192.168.123.2 YES DHCP up up

R2#
R2#ping 192.168.123.3

!!!!!
R2#
On R3
R3#show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.123.1 0063.6973.636f.2d63. Mar 02 2002 12:10 AM Automatic
3030.302e.3031.3463.
2e30.3030.302d.4661.
302f.30
192.168.123.2 0063.6973.636f.2d63. Mar 02 2002 12:12 AM Automatic
3030.312e.3031.3463.
2e30.3030.302d.4661.
302f.30
R3#ping 192.168.123.1

!!!!!
R3#ping 192.168.123.2

!!!!!
R3#

Access Control List
The Cisco Access Control List (ACL) is used for filtering traffic based on a given filtering
criteria on a router or switch interface. Based on the conditions supplied by the ACL, a
packet is allowed or blocked from further movement.
Cisco ACLs are available for several types of routed protocols including IP, IPX, AppleTalk,
XNS, DECnet, and others. However, we will be discussing ACLs pertaining to TCP/IP
protocol only.
ACLs for TCP/IP traffic filtering are primarily divided into two types:
Standard Access Lists, and
Extended Access Lists
Standard Access Control Lists: Standard IP ACLs range from 1 to 99. A Standard
Access List allows you to permit or deny traffic FROM specific IP addresses. The
destination of the packet and the ports involved can be anything.
Standard ACL example:
access-list 10 permit 192.168.2.0 0.0.0.255
This list allows traffic from all addresses in the range 192.168.2.0 to 192.168.2.255
Note that when configuring access lists on a router, you must identify each access list
uniquely by assigning either a name or a number to the protocol's access list.
There is an implicit deny added to every access list. If you entered the command:

show access-list 10

The output looks like:
access-list 10 permit 192.168.2.0 0.0.0.255
access-list 10 deny any
Extended Access Control Lists: Extended IP ACLs allow you to permit or deny traffic
from specific IP addresses to a specific destination IP address and port. It also allows you
to have granular control by specifying controls for different types of protocols such as ICMP,
TCP, UDP, etc within the ACL statements. Extended IP ACLs range from 100 to 199. In
Cisco IOS Software Release 12.0.1, extended ACLs began to use additional numbers
(2000 to 2699).

ACL Configuration
Load Access-List-Initials prior to starting

Task 1 Configure R3 such that network connected to R1 cannot access network 30.0.0.0/24
use standard access-list to achieve this task.
Solution:
On R3
R3#
R3(config)#access-list 3 deny 12.0.0.0 0.0.0.255
R3(config)#access-list 3 deny 10.0.0.0 0.0.0.255
R3(config)#access-list 3 permit any
R3(config-if)#ip access-group 3 in
R3(config-if)#exit
Verification:
On R1
R1#ping 30.0.0.3

U.U.U.U.U
Success rate is 0 percent (0/5)
R1#

Task 2 Configure R2 in such way that only 23.0.0.0/24 has access to telnet. Use password ACIT for telnet, do
not apply any access-list under any interfaces.
On R2
R2#
R2#config terminal
R2(config)#access-list 2 permit 23.0.0.0 0.0.0.255
R2(config)#line vty 0 4
R2(config-line)#password ACIT
R2(config-line)#access-class 2 in
R2(config-line)#exit
R2(config)#exit
R2#
Verification
On R3
R3#
R3#telnet 23.0.0.2
Trying 23.0.0.2 ... Open

User Access Verification

Password:
R2>exit
[Connection to 23.0.0.2 closed by foreign host]
On R1
R1#telnet 12.0.0.2
Trying 12.0.0.2 ...
% Connection refused by remote host

Task 3 On R1 Deny all ICMP traffic on its serial 1/0 interface. Use extended access-list to
achieve this task.
Solution:
On R1
R1#
R1(config)#access-list 101 deny icmp any any
R1(config)#access-list 101 permit ip any any
R1(config-if)#ip access-group 101 in
R1(config-if)#exit
R1(config)#exit
R1#
Verification:
On R1
R2#ping 12.0.0.1

U.U.U.U.U
Success rate is 0 percent (0/5)
R2#

Ccna Lab Manual

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Ccna Lab Manual

Încărcat de

Drepturi de autor:

Formate disponibile

CCNA

S-ar putea să vă placă și