Kumar Reddy CCNA Notes

CCNA TRAINING DOCUMENT
1. NETWORKING-BASICS
Network Connection of Computers
Ethernet
Ethernet uses only one cable that is used to connect all over the world
RJ45/CAT 5/CAT 6/10 baset. Earlier Token ring was used in Ethernet.
Types
1. Broadcast Multi-Access: All systems are connected to the network and
only the addressed system receives the packets. First messages are
broadcasted, addresses are received and then the packets are unicasted.
2. Point-to-point: Only two computers are connected. Address is not

mandatory (But is present).It is not broadcasted.
Routers: Router is an intelligent device that receives data (packet) and checks
from where it comes and where it goes (in the best route).Router is a CISCO
product.
RJ45 R RJ11 F RJ11 R RJ45 Server
O
Router TelecomO
Ethernet (Fibre Optics)
Data in a network is packed such that it travels in a any media such as RJ45,fibre
optics etc.,
Note: CCNA tells about

How to connect computers?
How hosts systems talks to each other, when and why?
How it interacts with the router and how router talks to the outer world?
Networks are divided as the private (illegal, reserved, non-routable) and public
(Legal) networks. The private networks are secured leased lines that are over a
particular area-used internally only. The public networks are world wide.
Private
R secured R
leased line Server
Router Router
Ethernet
Public
network
Computers will have two addresses:

1. Logical Address IP Address
2. Physical Address Hardware address
-- MAC address
-- Ethernet address
-- Permanent address
MAC Address Media Access Control Address. No two network cards will have
the same MAC addresses.
E.g.: 0010ab 1234cd

Vendor Card No.
Code
Operating System: OS interfaces between the hardware and the software. The
software program that binds itself to the machine components
We need a protocol to transfer data between two systems else your system will be
a stand-alone system. In order for two systems to communicate NOS (Network
Operating Systems) is needed.
TCP/IP is used to transfer data between systems. It is not a single protocol
instead it is a stack of protocols.
TCP UDP
IP ARP RARP ICMP IGMP
TCP Transmission Control Protocol

UDP User Datagram Protocol
IP Internet Protocol
ARP Address Resolution Protocol
RARP Reverse Address Resolution Protocol
ICMP Internet Control Messaging Protocol
IGMP - Internet Group Messaging Protocol
2. IP ADDRESS
Quality of IP Address (Borrowed from the Human & Telecom networks)

1. Identification and Location
2. Same length
3. Network is divided based on the size
IP Address 32 bit address
Divided into 4 octets
0-255 0-255 0-255 0-255
Each octet is of,
27 26 25 24 23 22 21 20
222222222222222222222
128 64 32 16 8 4 2 1
22
This ranges from 00000000 . 11111111 i.e. from 0 to 255.
IP Address has two parts.
1. Location (NID Network ID)
2. Identification (HID - Host ID)
Network Classifications
Class A
NID HID
(Network ID) (Host ID)
NID 8 bits.
HID 24 bits.
Network ID
There 8 bits and so - 28 networks are possible = 256 networks. These 0-255 values in
first octet are shared among other classes also. We have values ranging in 0-127 for
Class A.
I octet
0 0 0 0 0 0 0 0
MSB LSB
1
128 64 132 116 18 14 12 11
MSB Most Significant Bit

LSB Least Significant Bit
128(MSB) is reserved for Class A as 0 always.

0.0.0.0 Reserved for representing any network.
127.0.0.0 Loop Back Address.
.
Thus Class A can have 1-126 networks.
E.g. 10.0.0.0 is a Class A Network
Host ID
If the hosts IDs are 0 then it represents the Network and not the host. If the hosts
IDs are 1 then it represents the Broadcast address for the particular network.
E.g.
10.0.0.0 ----------- Network Address(All HID 0)
10.0.0.1 ----------- First Host IP Address(All HID
0except the least)
10.255.255.254 ----------- Last Host IP Address(All HID
1except the least)

10.255.255.255 ----------- Broadcast IP Address(All HID 1)
Class B
NID HID
NID 16 bits.
HID 16 bits.
Network ID:
I octet
1 0 0 0 0 0 0 0
MSB LSB
128 64
132 116 18 14 12 11
Two bits are reserved for Class B.

The other bits can be from 000000 to 111111.
NID has 2 octets out of which two 2 bits are reserved.

216 - 2 = 214 = 16384 networks for Class B.
E.g. 172.16.0.0 is a Class B network.
Host ID
E.g.
170.27.0.0 ----------- Network Address
170.27.0.1 ----------- First Host IP Address
170.27.255.254 ----------- Last Host IP Address
170.27.255.255 ----------- Broadcast IP Address
Class C
NID HID
NID 24 bits.
HID 8 bits.
Network ID
I octet
1 1 0 0 0 0 0 0
MSB LSB
1 1 1 1 1
128 64 32 16 8 4 2 1
The last three bits are reserved for Class C.

The others can be from 00000 to 11111.
NID has 3 octets out of which two 3 bits are reserved.

224 3 = 221 = 2097152 networks for Class C.
E.g. 202.14.0.0 is a Class C network.
Host ID
E.g.
194.21.16.0 ----------- Network Address
194.21.16.1 ----------- First Host IP Address
194.21.16.254 ----------- Last Host IP Address
194.21.16.255 ----------- Broadcast IP Address
Class D: Class D can have 224 239 networks. They are used for Multicasting.
Class E: Class E can have 240 255 networks. They are used for Research purposes.
Note: From the above given addresses some addresses are reserved for the private
networks. They are,
10.0.0.0 --------- A
172.16.0.0 to 172.31.0.0 --------- B
192.168.0.0 to 192.168.255.0 --------- C
Broadcasting:
Broadcast involves delivering a message from one sender to many recipients. This
broadcast is 'limited' in that it does not reach every node on the Internet, only nodes on
the LAN.
Broadcast address is found by ORing the IP address and the bit complement of the
subnet mask.
E.g. : Let 190.16.4.9 be the IP address(Class B network).

The subnet mask for class B network is 255.255.0.0
---bit complement is 0.0.255.255
190.16.4.9 ---- 10111110000100000000010000001001

0.0.255.255 ---- 00000000000000001111111111111111
190.16.255.255 ---- 10111110000100001111111111111111
SUMMARY
Class N/w Host Range- I MSB No of No of FHID LHID BC Addr Subnet

Bits bits octet fixed n/ws hosts mask
A 8 24 1-126 0 126 224-2 X.0.0.1 X.255.255.254 X.255.255.255 255.0.0.0
B 16 16 127-191 10 216-2=214 216-2 X.Y.0.1 X.Y.255.254 X.Y.255.255 255. 255.0.0
C 24 8 192-223 110 224-3=221 28-2 X.Y.Z.1 X.Y.Z.254 X.Y.Z.255 255. 255.

255.0
D 224-239
E 240-255
All HIDs 1 NID-1
HID-0
4. OSI REFERENCE MODEL

OSI Open Systems Interconnection.This is designed by the ISO(International Standard
Organisations).This model is developed from the TCP/IP Model given by the
DoD,Department of Defence,US.
Open Systems: Irrespective of the plaltform ,open to any platform.
The OSI Model comprises of 7 layers.
OSI Model
(International Standard Organisation)

TCP/IP Model Application Layer
(Department of Defence,US)
4 Presentation Layer
3 Session Layer
2 Transport Layer
1 Network Layer
Data Link Layer
Physical Layer
PHYSICAL LAYER
Physical layer is about the physical connections/media between the networks.

Connections may be bound or unbound.
Bound UTP, STP, Coaxial, Fibre optics..
Unbound Infrared rays, Blue tooth, Radio waves, Micro waves
UTP Unsheilded Twisted Pair.
10 base T
10 base 10
100 base 10
Bandwidth Signal Length of the

Frequency cable
AMP
87.5 m (accurately)
100m cable
Ethernet Cross over and Straight Through Cables

There are 8 pins in the cables and or of different colours to identfy.
PIN N0 WIRE COLOR CROSSED-OVER STRAIGHT-THROUGH

1 Orange/White 3 1
2 Orange 6 2
3 Green/White 1 3
4 Blue 4 4
5 Blue/White 5 5
6 Green 2 6
7 Brown/White 7 7
8 Brown 8 8
If there are more then two systems,connecting them to each and every systems are
not possible.In such cases we use Hub or Switches to connect the systems.
Hub(Concentrator):Hubs operate on the physical layer.Hubs are nothing

but a repeater, that sends copy to all the systems during communicaton.A
hub can contain multiple ports.
HUB
1 3 4 5
HUB
2 4 6 8
In a hub with 8 ports, each connected to a system.If system-1 has to send data to
system-8 it sends data to system-8 and also to all other systems that are connected to the
hub. If the data transfer rate is 10 mbps that is shared to send data to all the systems.
Full Duplex
If transmission takes place in one line and data is received in another line,
it is said to be in Full Duplex.
Half Duplex
If transmission and received in same line, it is said to be in Half Duplex.
DATA LINK LAYER

All the systems in the network are identified and are ready to send the data.
This layer concentrates on
How the data look like? Format.
To whom the data is being sent and from where it is coming?
It checks for any collision or error? Error Detection.Error Detection is
done by CSMA/CD(Carrier Sense Multilpe Access/Collision Detection)
that continuously senses the line to check if there is any error or collision.
Network Interface Card(NIC) contains the MAC(Media Access Control)
Address.
Sub Layers of Data Link Layer:
LLC Logical Link Control:It is concerned with managing the
traffic over the network
While carrying the packet from the Data link layer to the network
layer it should also carry data saying that it is a IP packet logical
link between Datalink layer and the Network layer.
I A
P T
IP
X
10.0.0.0
Router
MAC Media Access Control: It is concerned with sharing the

physical connection to the network among several computers. Each
computer has its own MAC address.
Frame in the Data link layer consists the To and From MAC address.
Most popular layer-2 component is the Switch.
Switch: A network switch is a small hardware device that joins multiple
computers together within one LAN Technically, network switches operate
at layer 2 i.e Data Link Layer.
A switch unlike hub sends data only to the specific system that
requested the data.
Switch maintains the MAT (MAC Address Table) to look up the
MAC address of the hosts to which it needs to send the data. First time it
broadcasts and there after it maintains the addresses.
Port Number MAC address
NETWORK LAYER
This layer concentrates on routing the packet to the destination in the best route.
Router
Packtes in the network layer contains the To and From IP address.
In the following figure there are 4 data links between the the two networks.
10.0.0.0 20.0.0.0 40.0.0.0 60.0.0.0
Router1 Router2 Router3
TRANSPORT LAYER
This layer is a software layer(A transport layer product is introduced now.)
The role of the transport layer is to provide a reliable, end-to-end data transport
between source and destination machines.
This layer concentrates on,
Segments: The exchanged between the communicating hosts are called the
segments. This layer packetizes(i.e. turns into segments). The size of the
segment ranges to less than or equal to the MTU(Maximum Transmission
Unit=1500 bytes).
Sequence numbers
Check sum
Acknowledgement
Error checking
Windowing
3-way handshake
Port numbers
HTTP-80
FTP-21- CONTROL,20 - DATA
SMTP-25
TELNET-23
POP3-110
The connection may be connection oriented or connectionless.

Connection oriented
Establishes a connection
Transmits data
Ends connection
TCP/IP provides a reliable and connection-oriented service.
Connectionless:
Data delivery
Error checking
UDP provides an unreliable and connection-less service.
SESSION LAYER
The session layer allows users on different machines to establish sessions between
them. A session management takes place whenever a session opens and ends.
If the port is inactive for a particular period of time the port is reset (the session is
closed).
Source Quench: It is a message from one host to another host saying that to
reduce the speed of data transfer. It is one way to control data flow over the
network.
PRESENTATION LAYER
This layer is concerned with the presentation of data that is transferred between
two application processes.
It ensures that the date exchanged between them has a common meaning Shared
semantics.(common presentation style)
Data are transferred in Binary or ASCII format .
If any compression or encryption are needed they are also agreed upon.
APPLICAION LAYER
This layer ensures that it provides service for an application program to
communicate with other application program in the network.
This layer concentrates on,
Communication partners
Quality of service
User authentication
Constraints on data.
NOTE:
1.Encapsulation-Give the right information to the right user.
PL
DL
NL
TL
SL
PL
A
L
2.Disdavantage of TCP/IP communication? Acknowledgement

3. Which takes part in all layers of OSI model?
a. Router
b. Amplifier
c. Bridge
d. Network Management station
e. Network host
f. Web Server
Ans : d,e and f takes part in all layer activities.They are all hosts.
5. ROUTING FUNDAMENTALS
Concepts
Routing Table
Default Gateway
Windows DOS Commands
Ipconfig
Ipconfig /all
Route Print
Route Add
Route Delete
Ping
arp a
tracert
Protocols
ICMP
ARP
ROUTING TABLE
A routing table is a database in which a routing protocol stores information about
the network layer topology of the intranet work (The IP Addresses are looked up here
before the packets are being routed).
Routing table can be built in two ways:
1. Manual
Route add <destn> MASK <destn SM> <Next Hop>
(Forwarding Router)
E.g. Route add 30.0.0.0 MASK 255.0.0.0 10.0.0.1

2. Default Gateway
PING command: Sends a packet through the internet to grope the destination host. Echo
Request and Reply are the two pairs in ICMP message. The ICMP checks whether there
is an error during communication.
Echo Request
Echo Reply
50.0.0.2 70.0.0.1 90.0.0.1
50.0.0.0 70.0.0.0
30.0.0.0 R1 R2 R3 90.0.0.0
30.0.0.1 50.0.0.1 70.0.0.2
While pinging a host from the source,If the host/network is not configured with
the router and if it does not identify the destination system in the routing
table,then the following ICMP message is generated,
Destination Host Unreachable
While pinging a host from the source,If the host is connected and configured to
the router, the host sends all its messages to the router and then forwarded to the
destination. Now if the router is enable to identify the destination IP Address in
the routing table,then the following ICMP message isgenerated,
E
Reply from <destn> ; bytes=32 time=10ms TTL=128
While pinging a host from the source,If the destination host is not connected to
the network or if the cable is loosely connected or if the destination host does not
respond to the source request then the
following ICMP error message isgenerated,
Request timed out
arp a
This command is used to obtain the MAC address of the destination host.
C:\>arp -a
Interface: 9.184.45.180 --- 0x2

Internet Address Physical Address Type
9.184.45.1 00-00-0c-07-ac-2d dynamic
9.184.45.15 00-0d-60-8c-9d-93 dynamic
9.184.45.100 00-0d-60-fb-e4-ed dynamic
9.184.45.184 00-11-25-48-14-22 dynamic
C:\>arp d 10.0.0.1
Deletes the MAC address of the particular host.
tracert
The tracert command is used to visually see a network packet being sent and
received and the amount of hops required for that packet to get to its destination.
C:\>tracert
Usage: tracert [-d] [-h maximum_hops] [-j host-list] [-w timeout] target_name
Options:
-d Do not resolve addresses to hostnames.
-h maximum_hops Maximum number of hops to search for target.
-j host-list Loose source route along host-list.
-w timeout Wait timeout milliseconds for each reply.
C:\>tracert 9.184.45.148
Tracing route to 9.184.45.148 over a maximum of 30 hops

1 * <1 ms <1 ms 9.184.45.148
Trace complete.
Find the FHID, LHID, Broadcast and SubnetMask
CLASS NETWORK FHID LHID BroadCast SubnetMask

A 1.0.0.0 1.0.0.1 1.255.255.254 1.255.255.255 255.0.0.0
A 39.0.0.0 39.0.0.1 39.255.255.254 3.255.255.255 255.0.0.0
B 147.0.0.0 147.0.0.1 147.0.255.254 147.0.255.255 255.255.0.0
C 211.0.0.0 211.0.0.1 211.0.0.254 211.0.0.255 255.255.255.0
6. SUBNETTING
Subnetting is the process of subdividing your networks into subnets that are
meaningful, for the effective management of IP Address.With the help of mathematical
functions we divide network itno subnets. Due to this congestion is controlled.
a. If 9.0.0.5 sends a packet to 9.0.0.3 hub copies and sends the packet to all the other
hosts also(Broadcasts).Once it broadcasts it receives the MAC address, it unicasts to
every hosts.Here packet is received by only the destination that matches the To
address(MAC address).
9.0.0.2 9.0.0.3
9.0.0.5 9.0.0.4
HUB
b. In case if a hub is replaced by the switch, intially it broadcasts and receives the MAC
address.After that the switch sends the packet only to the particular destination host and
doesnot send copies to other systems.
c. In case if a router is replaced with the switch/hub, broadcasting and unicasting takes
place.But it ensures that the MAC address doesnot cross the particular network/LAN.
Divide the following network consisting of 2 subnets

A 10.0.0.0 10.0.0.1 10.255.255.254 10.255.255.255 255.0.0.0
To get 2 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
Hence to get two subnets, we need to borrow 2 bits from the host id.
128 64
NID HID
Therefore the subnets are,

10.64.0.0 and 10.128.0.0
Class Subnet FHID LHID BroadCast SubnetMask
A 10.64.0.0 10.64.0.1 10.127.255.254 10.127.255.255 255.192.0.0
A 10.128.0.0 10.128.0.1 10.191.255.254 10.191.255.255 255.192.0.0
64+(32+16+8+4+2+1)=64+63=127 128+64=192
128+63=191
Total no of host id bits=24 -2(borrowed)=22.
So, The no of hosts possible in each subnet = 222-2 = 4194304-2 = 4194302 hosts

A 10.0.0.0 10.0.0.1 10.255.255.254 10.255.255.255 255.0.0.0
To get 6 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
Hence to get 6 subnets, we need to borrow 3 bits from the host id.
128 64 32
NID HID
Therefore the subnets are, 10.32.0.0

10.64.0.0
10.96.0.0
10.128.0.0
10.160.0.0
10.192.0.0

A 10.32.0.0 10.32.0.1 10.63.255.254 10.63.255.255 255.224.0.0
A 10.64.0.0 10.64.0.1 10.95.255.254 10.95.255.255 255.224.0.0
A 10.96.0.0 10.96.0.1 10.127.255.254 10.127.255.255 255.224.0.0
A 10.128.0.0 10.128.0.1 10.159.255.254 10.159.255.255 255.224.0.0
A 10.160.0.0 10.160.0.1 10.191.255.254 10.191.255.255 255.224.0.0
A 10.192.0.0 10.192.0.1 10.223.255.254 10.223.255.255 255.224.0.0
32+(16+8+4+2+1)=32+31=63 128+64+32=224
So, The no of hosts possible in each subnet = 221-2 = 2097152-2 = 2097150 hosts.

A 10.0.0.0 10.0.0.1 10.255.255.254 10.255.255.255 255.0.0.0
To get 14 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
24-2=16-2=14 subnets
128 64 32 16
NID HID

10.16.0.0
10.32.0.0
10.48.0.0
|
10.224.0.0

A 10.16.0.0 10.16.0.1 10.31.255.254 10.31.255.255 255.240.0.0
A 10.32.0.0 10.32.0.1 10.47.255.254 10.47.255.255 255.240.0.0
A 10.48.0.0 10.48.0.1 10.63.255.254 10.63.255.255 255.240.0.0
.. ................ . .. ..
A 10.208.0.0 10.208.0.1 10.223.255.254 10.223.255.255 255.240.0.0
A 10.224.0.0 10.224.0.1 10.239.255.254 10.239.255.255 255.240.0.0
16+(8+4+2+1)=16+15=31 128+64+32+16=240
How many bits you need to borrow to get 23 subnets.
To get 23 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
24-2=16-2=14 subnets
25-2=32-2=30 subnets
128 64 32 16 8
NID HID

10.8.0.0
10.16.0.0
10.24.0.0
|
10.184.0.0
|
10.240.0.0
A 10.8.0.0 10.8.0.1 10.15.255.254 10.15.255.255 255.248.0.0
A 10.16.0.0 10.16.0.1 10.23.255.254 10.23.255.255 255.248.0.0
A 10.24.0.0 10.24.0.1 10.31.255.254 10.31.255.255 255.248.0.0
.. ................ . .. ..
A 10.184.0.0 10.184.0.1 10.191.255.254 10.191.255.255 255.248.0.0
. ..
A 10.240.0.0 10.240.0.1 10.247.255.254 10.247.255.255 255.248.0.0
8+(4+2+1)=8+7=15 128+64+32+16+8=248
How many bits you need to borrow to get 45 subnets.
To get 45 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
24-2=16-2=14 subnets
25-2=32-2=30 subnets
26-2=64-2=62 subnets
128 64 32 16 8 4
NID HID

10.4.0.0
10.8.0.0
10.12.0.0
|
10.180.0.0
|
10.248.0.0

A 10.4.0.0 10.4.0.1 10.7.255.254 10.7.255.255 255.252.0.0
A 10.8.0.0 10.8.0.1 10.11.255.254 10.11.255.255 255.252.0.0
A 10.12.0.0 10.12.0.1 10.15.255.254 10.15.255.255 255.252.0.0
.. ................ . .. ..
A 10.180.0.0 10.180.0.1 10..183.254 10.183.255.255 255.252.0.0
. ..
A 10.248.0.0 10.248.0.1 10.251.255.254 10.252.255.255 255.252.0.0
4+(2+1)=4+3=7 128+64+32+16+8+4=252
Divide the following network consisting of 75 and 150 subnets

A 10.0.0.0 10.0.0.1 10.255.255.254 10.255.255.255 255.0.0.0
To get 2 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
24-2=16-2=14 subnets.
25-2=32-2=30 subnets
26-2=64-2=62 subnets.
27-2=128-2=126 subnets
28-2=256-2=254 subnets
And to get 150 subnets, we need to borrow 8 bits from the host id.
128 64 32 16 8 4 2
NID HID
128 64 32 16 8 4 2 1
NID HID
75 subnet 150 subnet
10.2.0.0 10.1.0.0
10.4.0.0 10.2.0.0
10.6.0.0 10.3.0.0
| |
10.150.0.0 10.150.0.0
75 subnets
A 10.2.0.0 10.2.0.1 10.3.255.254 10.3.255.255 255.254.0.0
A 10.4.0.0 10.4.0.1 10.3.255.254 10.3.255.255 255.254.0.0
A 10.150.0.0 10.150.0.1 10.151.255.254 10.151.255.255 255.254.0.0
A 10.254.0.0 10.254.0.1 10.255.255.254 10.255.255.255 255.254.0.0

2+(1)=2+1 128+64+32+16+8+4+2=254

150 subnets
A 10.1.0.0 10.1.0.1 10.1.255.254 10.1.255.255 255.255.0.0
A 10.2.0.0 10.2.0.1 10.2.255.254 10.2.255.255 255.255.0.0
. . .. .. ..
A 10.150.0.0 10.150.0.1 10.150.255.254 10.150.255.255 255.255.0.0
1+(0)=1 128+64+32+16+8+4+2+1=255

------------------------------------------------------------------------------------------------------------

B 170.0.0.0 170.0.0.1 170.0.255.254 170.0.255.255 255.255.0.0
To get 9 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
24-2=16-2=14 subnets
128 64 32 16
NID HID
170.0.32.0
170.0.48.0
|
170.0.128.0
170.0.144.0

B 170.0.16.0 170.0.16.1 170.0.31.254 170.0.31.255 255.255.240.0
B 170.0.32.0 170.0.32.1 170.0.47.254 170.0.47.255 255.255.240.0
B 170.0.48.0 170.0.48.1 170.0.79.254 170.0.79.255 255.255.240.0
B . . . . ..
B 170.0.128.0 170.0.128.1 170.0.143.254 170.0.143.255 255.255.240.0
B 170.0.144.0 170.0.144.1 170.0.175.254 170.0.175.255 255.255.240.0
16+(8+4+2+1)=16+15=31 128+64+32+16=240
Total no of host id bits=16 -4(borrowed)=14


B 170.0.0.0 170.0.0.1 170.0.255.254 170.0.255.255 255.255.0.0
To get 99 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
23-2=8-2=6 subnets
24-2=16-2=14 subnets
25-2=32-2=30 subnets
26-2=64-2=60 subnets
27-2=128-2=126 subnets
128 64 32 16 8 4 2
NID HID

170.0.4.0
170.0.6.0
|
170.0.250.0
170.0.252.0

B 170.0.2.0 170.0.2.1 170.0.3.254 170.0.3.255 255.255.240.0
B 170.0.4.0 170.0.4.1 170.0.5.254 170.0.5.255 255.255.240.0
B 170.0.6.0 170.0.6.1 170.0.7.254 170.0.7.255 255.255.240.0
B . . . . ..
B 170.0.250.0 170.0.250.1 170.0.251.254 170.0.251.255 255.255.240.0
B 170.0.252.0 170.0.252.1 170.0.253.254 170.0.253.255 255.255.240.0
2+(1)=2+1=3 128+64+32+16+8+4+2=254

So, The no of hosts possible in each subnet = 29-2 =512-2 = 510 hosts.
------------------------------------------------------------------------------------------------------------

C 200.0.0.0 200.0.0.1 200.0.0.254 200.0.0.255 255.255.255.0
To get 2 subnets,
2n-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets.
128 64
NID HID

200.0.0.128

C 200.0.0.64 200.0.0.65 200.0.0.126 200.0.0.127 255.255.255.192
C 200.0.0.128 200.0.0.129 200.0.0.190 200.0.0.191 255.255.255.192
64+(32+16+8+4+2+1)=64+63=127 128+64=192
Note:127 is the Broadcast id.
So, The no of hosts possible in each subnet = 26-2 =64-2 =62 hosts.
2No of bits left -2 >= No of hosts

2No of bits borrowed 2 >= No of subnets
Divide the following network consisting of 23 hosts.
To get 2 subnets,
2no of bits left-2>=no of hosts
28-2=256-2=254 hosts
27-2=128-2=126 hosts
26-2=64-2=62 hosts
25-2=-32-2=30 hosts-----------------23-2=-8-2=6 subnets
24-2=16-2=14 hosts
Hence to get 23 hosts, we need to borrow 3 bits from the host id so that 5 bits will be left.
128 64 32
NID HID

192.168.1.64
192.168.1.96
|
192.168.1.192(we borrow 3 bits and so 32*6 =192)

C 192.168.1.32 192.168.1.33 192.168.1.62 192.168.1.63 255.255.255.224
C 192.168.1.64 192.168.1.65 192.168.1.94 192.168.1.95 255.255.255.224
C 192.168.1.192 192.168.1.193 192.168.1.222 192.168.1.223 255.255.255.224

32+(16+8+4+2+1)=32+31=63 128+64+32=192
Total no of host id bits= 8-3(borrowed)=5

So, The no of hosts possible in each subnet = 25-2 =32-2 =30 hosts in each subnet.
Divide the following network consisting of 11 hosts.
To get 2 subnets,
2no of bits left-2>=no of hosts
28-2=256-2=254 hosts
27-2=128-2=126 hosts
26-2=64-2=62 hosts
25-2=-32-2=30 hosts
24-2=16-2=14 hosts---------------------24-2=-16-2=14
23-2=8-2=6 hosts
Hence to get 11 hosts, we need to borrow 4 bits from the host id so that 4 bits will be left.
128 64 32 16
NID HID

192.168.1.32
192.168.1.48
|
192.168.224.(we borrow 3 bits and so 16*14=224)

C 192.168.1.16 192.168.1.17 192.168.1.30 192.168.1.31 255.255.255.240
C 192.168.1.32 192.168.1.33 192.168.1.46 192.168.1.47 255.255.255.240
C . . ... .. .
C 192.168.1.224 192.168.1.225 192.168.1.254 192.168.1.255 255.255.255.240
16+(8+4+2+1)=16+15=31 128+64+32+16=240

Divide the following network consisting of 17 subnets.
To get 2 subnets,
2no of bits borrowed-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets
23-2=8-2=6 subnets
24-2=16-2=14 subnets
25-2=32-2=30 subnets
128 64 32 16 8
NID HID

192.168.1.16
192.168.1.24
|
192.168.1.136(we borrow 5 bits and so 8*17=136)
|

C 192.168.1.8 192.168.1.9 192.168.1.14 192.168.1.15 255.255.255.248
C 192.168.1.16 192.168.1.17 192.168.1.22 192.168.1.23 255.255.255.248
C . . ... .. ..
C 192.168.1.240 192.168.1.241 192.168.1.246 192.168.1.247 255.255.255.248
8+(4+2+1)=8+7=15 128+64+32+16+8=248

Divide the following network consisting of 50 subnets.
To get 2 subnets,
2no of bits borrowed-2>=no of subnets
21-2=2-2=0 subnets
22-2=4-2=2 subnets
23-2=8-2=6 subnets
24-2=16-2=14 subnets
25-2=32-2=30 subnets
26-2=64-2=62 subnets
128 64 32 16 8 4
NID HID

192.168.1.8
192.168.1.12
|
|

C 192.168.1.4 192.168.1.5 192.168.1.6 192.168.1.7 255.255.255.252
C 192.168.1.8 192.168.1.9 192.168.1.10 192.168.1.11 255.255.255.252
C . . ... .. ..
C 192.168.1.248 192.168.1.249 192.168.1.250 192.168.1.251 255.255.255.252
4+(2+1)=4+3=7 128+64+32+16+8+4=252

NOTE : Subnetting Principle

Donot change your NID
Borrow HID bits to Nid
Octet structure and bit values will not changes
Rules for FHID, LHID, BC and SNM will not change.
CISCO ROUTERS
1. COMMAND LINE INTERFACE

CISCO ROUTER, doesnt have the monitor so every router needs to be connected
to the console.
Console is to manage/administor/monitor the router.For the console to be connected
the router needs the console port.To connect the router a cable(RJ45) is provided
with 9 pins.
For a router there should be atleast 2 ports.
Router
Ethernet Serial console powerpoint

Port port port Aux
Serial port/
Hub Switch
WAN port
Power point
Console
To enter the hyperterminal

Programs Acessories Communication Hyperterminal
(Hypetterminal window opens)
-prompts for the screen name(not the router name)
-connect to window select com1 ok
-com1 properties window select restore default ok
-save and exit
Once you switch on the router (if new router that is not configured / brand new
router) it will prompt as ,
Would u like to enter initial configuretion dialog[yes/no]:
(if pressed no )
press return to get started(enter)
Router>
(this is the first prompt in the router.This is called the user mode or the
user execution mode)
Router> enable (enter)
Router#(this is called the priviliged mode/enabled mode /priviliged
executable mode not every one can enter restrictions provided)
cisco commands are not case sensitive
The user and the priviliged mode are not configurable mode , they are executable
only . we can see all the configurations that exists and no new configurations
added or no troubleshooting.
U can find the errors in these two modes but cannot be rectified.
Router#show running-config(enter)
(this command displays the currently running configuration)
Router#debug xxx
Router#copy xxx
Router#configure terminal(enter)
Router(config)#
(this is the global configuration mode-where u can make new
configurations)
To change the hostname
Router(config)#hostname abc(enter)
abc(config)#
Specific configuration mode
Router(config)#interface ethernet 0/fastethernet 0/serial 0/serial 1(enter)

Router(config-if)#
Router(config)#Line console 0(enter)

Router(config-line)#
To configure from console through port 0
To configure from telnet(virtual terminal-VTY) through port 0 to port 4
To configure from auxillary through port 0
To set username and password to the router(for the user and priviliged mode)
(For console)
To set password for the user mode,
Router(config-line)#password xxxx
Router(config-line)#login
-enter the pasword
-specify that in the line console mode.
press return to get started
u will be prompted for the password
password: (once u enter the password and press enter)
Router>
To set username & password for the user mode,

Router(config)#username xxxx password xxxx
Router(config-line)#login local
-enter the username and password in the global confifuration mode
-specify that in the line console as login local
-By default the password would be displyed in the above.For to display

the encrypted password
Router(config)#service password-encryption
To set password for the privileged mode,

Router(config)#enable password/secret xxxx
-enter the username and password in the global confifuration mode
-specify that in the line console as login(Optional)
To remove the password/username or any other changes made,

abc(config)#no hostname(enter)
Router(config)#
Router(config-line)#no login
Router(config-line)#no password
Router(config-line)#no login local

Router(config)#no username xxxx(removes the username & password)
Router(config)#no enable password/secret
To exit from each mode we can use exit or (ctrl + z)

Press Return to get started
User mode
Disable Exit
Enable mode
Exit
Global configuration mode ----------- ctrl z
Exit
Specific configuration mode
2. STATIC ROUTING (Leased Line)
R R
V.35
Router Router
Network Telecom Network
company
Fig-a
Two networks that are geographically apart are connected with the help of the
telecom company.
The network cable given by the telecom company to the LAN is the RJ11
cable.But the cable to the router is the RJ45 cable.Hene there should be a
mediator to synchronize the flow. So, Modem is used for that process.
Modem R
RJ11 RJ45
Telecom
Company
Fig-a can be represented as,
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1
R R
10.0.0.0 1 30.0.0.0
E0 S0 S0 E0
2
HOR BOR
How to give IP address to the Router and configure it?
Router(config)interface e 0
Router(config-if)ip address 10.0.0.1 255.0.0.0
Router(config-if)no shutdown
Router(config-if)exit
Administratively by default all the interfaces are shutdown,when is router is on.

So it is important to give no shutdown.Unless interfaces are not shutdown it is
not possible to ping a system(from any mode-user or privileged).
Router(config)interface s 0
Router(config)interface e 0
Router(config)interface s 0
To check the IP address
Router#sh run
Router#sh interface
Router#sh interface e 0
Router#sh interface s 0
Router#sh ip interface brief
To check the routing table
Router#sh ip route
Note: By default router is DTE(Data terminal Euipment).It is mandatory to give the

clock rate for the DCE end,inorder to synchronize the data flow.
To check whether a router is DTE or DCE.
Router#sh controllers s 0
To set the clock rate
Router(config)#interface s 0
Router(config-if)#clock rate 64000
To add an entry in the routing table

Router(config)#ip route <dest N/W> <SNM> <Next Hop>
Router(config)#ip route 30.0.0.0 255.0.0.0 20.0.0.2
This specifies that if any packet is to sent to 30.0.0.0 network from

10.0.0.0 network ,then the path is through 20.0.0.2.
To debug IP packet
Router#debug ip packet
To stop debugging the IP packet
Router#no debug ip packet
To stop all debuggings
Router#undebug all (u all)
3. DYNAMIC ROUTING
R
40.0.0.0 50.0.0.0
R R
80.0.0.0
20.0.0.0 30.0.0.0
10.0.0.0 70.0.0.0
R R
60.0.0.0
In the above figure there are 3 different paths to travel from 10.0.0.0 network to
70.0.0.0 network.
Based on the parameters like distance, bandwidth, no. of hops etc., the best path is
chosen.This work is done by the router based on the routing table.
The routing protocols helps the router to find the best path.
Dynamic routing
Distance Link State

Vector Protocols
Prorocols
RIP OSPF
IGRP IS-IS
BGP
EIGRP(Hybrid)
RIP Routing Information Protocol

IGRP Interior Gateway Routing Protocol
EIGRP Enhanced Interior Gateway Routing Protocol
IGRP & EIGRP works on the cisco Router only(Cisco proprietary).

Routing Protocols build the routing table automatically.
Distance Vector protcols:

RIP decide upon the best route based on the distance and direction(of flow of
packet in terms of E0 and S0) and IGRP decide upon the best route based on
the distance,bandwidth and delay.
Routing table is broacasted after a particular time.
RIP every 30 sec
IGRP every 90 sec.
Every time whether or not the table is changed it is broacasted. This
unneccessarily occupies the bandwidth.
Each router knew only the adjacent routers.
Link state protocols:

Complex protocols
They decide upon the best route based on the bandwidth, delay, load, MTU,
and reliability.
For the first time it broadcasts the table and there after only the state in
send.When there is a change in the table it is broadcasted.
Each router knew the whole topology of the network.
RIP Routing Information Protocols
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1 30.0.0.2 40.0.0.1

10.0.0.0 R R R 40.0.0.0
E0 1 S0 S0 2 S1 S0 3 E0
Ipaddress int hops Ipaddress int hops Ipaddress int hops
C 30.0.0.0 S0 0
C 40.0.0.0 E0 0
R 20.0.0.0 S0 1
R 10.0.0.0 S0 2
During Routing Table broadcasts RIP of R1says to the adjacent router R2 that it is
1 hop for R2.
Assume that there is a problem in cable between R3 and 40.0.0.0 network.Now
the 40.0.0.0 entry in R3 will be removed.R2 broadcasts its known addresses to
R3. With all the addresses R2 sends 40.0.0.0 also with the hop count as 2 though
S1.Again R3 will send its addresses to R2.Now 40.0.0.0 network with hop count 2
in R3 will be sent to R2 with hop count 3. This repeats as non stop process and
results in Routing Loops.
To avoid this a maximum hop was set,
RIP 16
IGRP 100
But when the network is down it was unneccessary for 16 hop counts. So to
overcome that it was decided that router should not broadcast a network in the
same direction from where it was received.This is called Split horizon.
40(3) 10(1) 40(2) 10(2) 40(1) 10(3)
10.0.0.0 R R R 40.0.0.0
1 20.0.0.0 2 30.0.0.0 3
20(1) 20(2)
30(1) 20(1)
30(2) 30(1)
R1 will not advertise its route for R3 back to R2. On the surface, this seems redundant
since R2 will never use R1's route because it costs more than R2's route to R3. However,
if R2's route to R3 goes down, R2 could end up using R1's route, which goes through
R2; R1 would send the packet right back to R2, creating a loop. With split horizon, this
particular routing loop cannot happen.
This logic did not suit the network with mesh topology. To overcome this ,
1. Route poisoning-Route poisoning is a method of preventing a network
from sending packets through a route that has become invalid. When the
path between two routers in a network goes bad, all the routers in the
network are informed immediately. However, it is possible for this
information to be lost, causing some routers to once again attempt to send
packets over the bad route. This requires that they be informed again that
the route is invalid, and again, this information can be lost.(Routing Loop)
Route poisoning and reverse poisoning are routing loop prevention
techniques used by distance vector routing protocols.
Route poisoning is setting a route's metric to infinity (i.e. max hops+1).
2. Poison reverse allows routers to break the split horizon rule by
advertising information learned from an interface out the same
interface. However, it can advertise routes learned from an interface
out the same interface with a 16 hop count, which indicates a
destination unreachable, "poisoning" the route. Routers with a route
with a better metric (hop count) to the network ignore the destination
unreachable update.
Poison reverse is the process of breaking the split horizon rule and
sending a poisoned route back over the same interface from which it was
learned
Hold-down time: A function that prevents a router from being updated for a
specified period in order to give other nodes some time to reconfigure and prevent
a routing loop. When a router is notified of a route failure, it starts the hold-down
timer. In the meantime, if a notification of a route is received from its neighbor
with equal or better metrics than the route that failed, the router stops the timer
and updates its routing table. If the new route metrics are inferior, it keeps the
timer running and does not update (possibly down).
Note: No of hops doesnot represent the no of routers a packet has to cross.
4.CONFIGURING RIP AND IGRP
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1
10.0.0.0 R 20.0.0.0 R 30.0.0.0

1 2
RIP
R1(config)#router RIP
R1(config-router)#network 10.0.0.0
R2(config)#router RIP
IGRP
R1(config)#router IGRP 123
R2(config)#router IGRP 123

Note: 123 is the autonomous systems number.It may range from 1 to 65535.A very large
network is difficult to manage.Hence the network is divivded into autonomous systems
and are numbered. It is also done to manage the network and for administration
convenience. Routers with the same autonomous systems will only communicate.
RIP considered only the distance and direction for routing.Since it was not
efficient IGRP came up that considerd bandwidth,distance,load,delay and other
factors into consideration.
Router chooses the best administrative distance if two routing protocols are giving
the route to a network.Lesser the administrative distance better the path.
RIP and IGRP also have the following differences.
RIP IGRP
Update Interval 30 60
Hold-down timer 180 280
Invalid after 180 270
Flushed after 240 630
Commands Continued..
To check the dynamic routing protocols
Router#sh ip protocols
To display the dynamic changes made in the routing table.
Router#debug ip routing
Router#debug ip rip
Router#debug ip igrp transactions
Router#clear ip route *
5. TELNET (CISCO MANGEMENT PROTOCOLS)
Telnet is the generic service that comes with the TCP/IP to manage the routers
automatically from anywhere.
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1
R R
1 2
10.0.0.0 30.0.0.0
20.0.0.0
To configure Telnet and set password,
R1(config)#line vty 0 4
R1(config-line)#password xxx
If password is not configured in R2 and if tried to telnet R2(20.0.0.2)User mode
R1#telnet 20.0.0.2
Router will show information as,

Password required,but none set
Connection to 20.0.0.2 is closed
If password is configured in R2 and if u try to telnet R2(20.0.0.2)
R1>telnet 20.0.0.2
User access verification
Password:
If secret not enabled for the privileged mode.
R2>enable
No password set
If the secret password is set
R2>enable
Password:
R2#
If there are more than 2 sessions opened.Migration can be done within sesssions
by,
Disconnecting the sessions
R2>exit
R1#
Suspend a session
R2>(Press) ctrl + shift + 6 and x
R1#
To display the sessions opened by a particular user.
R1#sh sessions
To move to the last session
R1#(enter)(enter)
To move to a particular session
R1#session no.(enter)(enter)
To display the users logged on.
R1#sh users
Line no Console IP Address
0 Console
2 Vty 0 20.0.0.1
3 Vty 2 20.0.0.2
To disconnect a user
R1#clear line 3
[confirm]
R1#
Note: Each time to open a session we give,
R2#Telnet 20.0.0.1
R2#Telnet 20.0.0.2..
This can be altered by
R1(config)#ip host us 20.0.0.2
Then thereafter we can use as,
R2#us
CDP-Cisco Delivery Protocol:This is a layer-2 protocol. It is used to get information

regarding the directly connected cisco devices(neighboring)
R1#sh cdp
R1#sh cdp neighbors
R1#sh cdp neighbors detail(device IP address is obtained by this command)
CDP runs every 60 sec.

Hold time 180 sec.
To check CDP dynamically
R1(config)#cdp run
To stop CDP running dynamically
R1(config)#no cdp run
To change timer and hold timer
To check CDP dynamically
R1(config)#cdp time <60>
R1(config)#cdp holdtime <180>
Note: Telnet allows only 5 sessions(vty 0 4).If the 6th session is tried to opened an
error message is displayed.
R1#telnet 20.0.0.2
Trying Telnet 20.0.0.2
% connection refused by remote host.
6.ACCESS CONTROL LISTS(ACL)
Firewall: A firewall is a hardware/software designed to prevent unauthorised acces

from or to private networks.
Types of firewall techniques,
Packet filter-Looks at each packet entering or leaving the network
and accepts or rejects it based on user-defined rules.
Application gateway-Applies security mechanisms to specific
applications, such as FTP and Telnet servers.
Circuit-level gateways-Applies security mechanisms when a TCP
or UDP connection is established. Once the connection has been
made, packets can flow between the hosts without further checking.
Proxy-server-Checks all messages entering and leaving the
network. The proxy server effectively hides the true network
addresses.
When there are only two networks telecom network provides a dedicated line and
there is no need of a firewall here.
But when the networks are connected to the internet we need a firewall.
R R
1 2
LAN1 Internet LAN2
Hackers Partners Other Users
There are multiple users accessing the internet and there are hackers who try to access the
secured data.To overcome this firewall is used and is made to sit at the gateway(Router).
VPN-Virtual Private Network
It is a private communications network used within a company, or by several
companies or organizations, to communicate confidentially over a publicly accessible
network.
Basically, a VPN is a private network that uses a public network (usually the
Internet) to connect remote sites or users together. Instead of using a dedicated,
real-world connection such as leased line, a VPN uses virtual connections
routed through the Internet from the companys private network to the remote site
or employee.
Destination
VPN
R R
1 2
Source Internet
Hackers Partners Other Users
IDS-Intrusion Detection System-An Intrusion Detection System is used to detect all types
of malicious network traffic and computer usage.It is used to provide security inside the
network.
Essentials for security,

Clearly defined entity
Given in time
Admin decides upon the entity and security implements it.
A good router will have two gateways.An access control lists has the follwing format.
Action SIP SWCM SPNO DIP DWCM DPNO Protocol Interface Direction
*Deny 10.0.0.0 0.255.255.255 >1023 30.0.0.10 0.0.0.0 80 TCP E0 in
Deny 10.0.0.10 0.0.0.0 >1023 30.0.0.10 0.0.0.0 80 TCP E0 in
Permit 20.0.0.25 0.0.0.0 >1023 30.0.0.10 0.0.0.0 80 TCP E0 in
*- This field is the definition field that is specified for the network.
The following are the original entries that should be matched to the defined entry.
By default all the IPs are denied once a list is created, ermission should be
specified explicitly. This is called as the implicit deny(for both incoming and
outgoing packets.)
WCM-Wild Card Mask: This represents the bits to be compared with the IP
address.Only if the IP address matches with the defined data is forwarded.
If to be Checked 0
If to be ignored 1
Consider the following example,
In out
E0 R S0 S0 R E0
1 2
LAN1 LAN2
Out in
30.0.0.0 10.0.0.0
Assume a packet moves from LAN1 to LAN2. For R1 binding can be done at E0 or at
S0.If the packet is binded at E0, it is called as in-bound and if it binded at S0, it is called
the out-bound.
Similarly if packet moves from LAN2 to LAN1.For R1, the binding may be at S0(in-
bound) or at E0(out-bound).
How do ACLs work in Cisco Routers?
ACLs
Standard Extended
(1 99) (100 199)
Standard ACL Action ,ACL number,Source IP, SWCM(Source Wild Card

Mask) are the parameters considered. To configure standard ACL,
R1(config)#Access-list <A.l No> <Action> <SIP> <SWCM>
R1(config)#Access-list 5 deny 30.0.0.10 0.0.0.0
R1(config)#Access-list 5 permit 30.0.0.15 0.0.0.0
Once u specify the list binding should be done at the interface required.
R1(config)#int e 0
R1(config-if)#ip Access-group 5 in
Redefining the action for an IP is not possible in standard ACL.
Extended ACL Action ,ACL number,Source IP, SWCM(Source Wild Card

Mask), Destination IP, DWCM, Protocol, interface and the destination port
number are the parameters considered. To configure extended ACL,
R1(config)#Access-list 101 deny TCP 10.0.0.10 0.0.0.0 30.0.0.10 0.0.0.0 eq 80

R1(config)#Access-list 101 permit TCP 10.0.0.10 0.0.0.0 30.0.0.10 0.0.0.0 eq 23
R1(config)#Access-list 101 deny ICMP any any
R1(config)#Access-list 101 permit ICMP any any----------to ping any host
Once u specify the list binding should be done at the interface required.
R1(config)#int s 0
R1(config-if)#ip Access-group 101 in
To display the ACL
R1#sh Access-list
R1#sh ip Access-list
In Extended ACL
R1(config)#Access-list 101 deny TCP 10.0.0.10 0.0.0.0 30.0.0.10 0.0.0.0 eq ftp log
Port no. can be replaced by the port names.

Log gives information about the port no of source, number of packets send, number
of matches made etc.,
Note-1: The above given ACLs were numbered Extended ACLs.There is also named
ACLs, were u can access the ACL with the names
R1(config)#ip access-list extended R1ACL

R1(config)#deny TCP 10.0.0.10 0.0.0.0 30.0.0.10 0.0.0.0 eq www
R1(config)#permit TCP 10.0.0.10 0.0.0.0 30.0.0.10 0.0.0.0 eq telnet
R1(config)#deny ICMP any any
Note-2: For an interface at any time there are minimum of two binds(in and
out).Hence for 10 interfaces there will be a minimum of 20 binds.
7.NETWORK ADDRESS TRANSLATION(NAT)

T The process of network address translation (NAT, also known as network
masquerading or IP-masquerading) involves re-writing the source and/or destination
addresses of IP packets as they pass through a router or firewall. Most systems using
NAT do so in order to enable multiple hosts on a private network to access the Internet
using a single public IP address.
Consider,
Original NAT in Source

From To
10.0.0.10 30.0.0.20
30.0.0.20 10.0.0.10
Translated NAT in Router
To From
30.0.0.20 20.0.0.23
20.0.0.23 30.0.0.20
Source 10.0.0.10
Destination 30.0.0.20
When packet comes from the source to the router,it tranlates the original address
to 20.0.0.3(any IP that is public-should be purchased) and sends to the
destination.Now the destintion knew the source as 20.0.0.3 and replies to that
address. The router when it receives the packet it directs to the 10.0.0.10 by
checking to the NAT table.Port number is kept track.This process is called
Natting.
But if there are multiple sytems requesting from the same port there is a
problem.In this process the port number is translated into a random number and
packet is routed to the destination. This process is called the Patting.
NAT
Dynamic Static
-Many to one -one to one

-IP pool NAT
NAT table has the following format,
Original Translated
From To From port Router To port To From
10.0.0.10 30.0.0.20 1045 R1 10001 30.0.0.20 20.0.0.23
30.0.0.20 10.0.0.10 20.0.0.23 30.0.0.20
10.0.0.25 30.0.0.20 1045 R1 12678 30.0.0.20 20.0.0.23
30.0.0.20 10.0.0.25 20.0.0.23 30.0.0.20
NAT table is maintained by the router in the RAM. Without configuring RIP
router should be able identify all the websites(using NAT table).
Default network
R1(config)#Ip route 0.0.0.0 0 0.0.0.0 S0
R1(config)#access-list 15 permit 10.0.0.0 0.255.255.255
R1(config)#int e 0
R1(config-if)#ip NAT inside
R1(config)#int s 0
R1(config-if)#ip NAT outside
Consider the following figure
20.0.0.2
R I
1 R
Private
10.0.0.10 Public
30.0.0.20
Inside local Inside global
1. Dyanmic NAT configuring
R1(config)#IP NAT inside source list 15 int S0 overload
When a packet comes through (in)E0, check the source list 5(ACL) which
gives the source and SWCM, then forward with S0 interface address and
overload for all systems.
2. Pool NAT
R1(config)#IP NAT pool R1ACL 20.0.0.23 20.0.0.30 netmask 255.0.0.0

R1(config)#IP NAT inside source list 5 pool R1ACL overload
When a packet comes through (in)E0,check the source list 5(ACL) , got to the
pool R1ACL,check the address to be translated(20.0.0.23-20.0.0.30,any
address can be assigned to the source IP) and overload for all systems.
3. Static NAT
R1(config)#IP NAT inside source list static 10.0.0.10 20.0.0.23
When a packet comes from 10.0.0.10 through E0(in), then source is translated
to only one address always(20.0.0.23)
Once if u try to ping the Internet the output will be as,
NAT : S = 10.0.0.10 20.0.0.23, D = 30.0.0.20[47892]

S = 30.0.0.20, D = 20.0.0.23 10.0.0.10[47892]
47892 is the translated port.
To debug NAT
R1#debug ip NAT
To display translations
R1#sh ip nat translations
To clear translations
R1#clear ip NAT translations *
8.OSPF & EIGRP
OSPF- Open Shortest Path First

EIGRP-Enhanced Interior Gateway Protocol
Distane Vector Protocols Link State Protocol

Distance is considered BW,delay, load, MTU
Routing Table Broadcasted State of the Link is sent
Adjacent Routers are studied Entire topology is studied
SNO OSPF EIGRP

1 Link state Hybrid(DV + LS)
2 Open protocol Works only on the Cisco Routers
(Works on any routers)
3 Supports only IP protocol Supports multiple protocols like
IP,IPX,Apple Talk etc.,
4 Cost = 108 / Bandwidth Cost calculated based on the Bandwidth,
Delay etc.,
5 Link State Advertisement(LSA) is Routing Table is broacasted
made.
(State Link is broadcasted)
6 Uses Shortest Path First algorithm- Uses DUAL(Diffusing Update
Dijsktras algorithm to find the best Algorithm) is used to find the best path.
path(Shortest path)
7 For every 10 sec a Hello packet is send For every 5 sec a Hello packet is send
8 For every 30 min LSA is made(BC) Whenerver there is a change in the
Routing table it is broacasted.
9 When the Link goes down OSPF needs When the link goes down EIGRP
to run the SPF algorithm again proceeds with the Next Best Path.
10 Area is used for administrative Autonomous System is used for
convinience of a large network administrative convinience of a large
network
In router when RIP is configured, it sends the hop count to its adjacent routers.
But when OSPF is configured in a router,
1. A Hello signal is send to all the neighbors of a router in all possible
connections.They can talk if other routers configures with the same
protocol. With the received information a Neighbors Table is constructed.
RB S0 20.0.0.1
RC S1 30.0.0.1
At the end each router will knew about their neighbors.
2. Once the neighbors are found they are added in a topology table.Now the
link state is calculated and entered in the table.
Link State is calculated as
Cost =108/Bandwidth
Interface Cost
Ethernet Cost = 108/10*106 10
FastEthernet Cost = 108/100*106 1
Serial Cost = 108/1.544*106 64
After the table is fully constructed, a Link State Advertisement(LSA) is

made i.e the link state is advertised to all the routers in the network.Finalliy all the routers
will knew the entire topology of the network.(all neighbor routers will have identical
information).
Note: If two routers are said to have identical information, they are said to maintain
adjacency.
Based on this topology table a topology is being developed.

Each router keeps itself as the root and structures the tree(paths).
3. Based on the topology tree a Routing table is developed which has the best
path calculated from the Shortest Path First (SPF) algorithm.
In OSPF,if the link goes down, router tries to calculate the
alternative path and if it is not able to find,says to the neighbor that
the link is down. The best path is calculated again with the SPF
algorithm.
In EIGRP, there three distances maintained
Reported Distance Distance got from neighbors

(Received Distance)
Feasible Distance First best path
Feasible Successor Next best path(In the topology table)
When the link goes down, the router proceeds with the feasible
successor(i.e.the next best path).
Broadcast Multiaccess
Consider the following figure,
40.0.0.1 30.0.0.1
R R
1 2
10.0.0.1 10.0.0.2
50.0.0.1 20.0.0.1
R HUB/SWITCH R
3 6
10.0.0.6 10.0.0.3
10.0.0.05 10.0.0.4
R R
5 4
60.0.0.1 70.0.0.1
In the above figure, if the router sends its link state to its neighbor and the samis
done with all the routers.Finally all will receive multiple copies of the link and
results in a LSA Flooding.
To overcome this flooding election is being conducted among the routers and
Designated Router-DR
Back up Designated Router-BDR
Other BDRs.
But there are some issues in this election
1. Who will be the DR?
2. How to be elected and managed?
DR is elected based on the Priority and Router-ID.
For OSPF the priority is 1.
If the priority is same, the next criteria is the router-
id. The router that has the highest IP address will be elected the router-
id.
In some case if the router with the lowest IP address
wants to be the DR. Here we cant change the IP address but we can
assign a dummy IP address by Loopback.
R1(config)#int loopback 0
R1(config-if)#IP address 75.0.0.1 255.0.0.0
R1 is reassigned with the dummy address 75.0.0.1 which is the router-id.
Now the election is between the router-ids and R1 is elected the DR and (the
next highest router-id 70.0.0.1)R4 is elected the BDR.
Once when the election is over all the links are sent to DR/BDR and from there
are forwareded to the other BDRs.
Even when DR and BDR are elected there is and issue that how the link is
received by DR/BDR.
Multicast address
For OSPF 224.0.0.6 DR
224.0.0.5 BDR
For EIGRP 224.0.0.10
Even in point-to-point flooding takes place.
R
0
To solve this the network is divided into autonomous systems in EIGRP and areas
in the case of OSPF.
R
0
R0 Backnone Area. There should be one Backbone in a network.
Routers connected to the backbone area Area Border Router.
When the is broadcasted it is filtered and forwarded in the hierarchial structure.

Only routers in the same area will communicate.
Note: When two similar networks are seperated contiguous network.Because when
routing table is broadcasted subnetmask is not sent.So RIP cant differentiate between the
10.6.0.0/16 and 10.5.0.0/15, since it is a classfull protocol.
10.6.0.0/16 R 20.0.0.1 20.0.0.2 R 10.5.0.0/15

1 2
Here a classless protocol(OSPF,EIGRP,RIP V2) should be used,where the

subnetmask is sent along with the IP address.
Variable Length SubnetMask(VLSM):

In a network if there arise situation where large number of subnets and host are
wasted, the concept of VLSM is used where different subnet mask is used.
How to configure OSPF and EIGRP?
When there is a choice os OSPF and EIGRP, EIGRP is chosen considering the
administrative distance.Lower the distance better the performance.
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1

10.0.0.0 R R 30.0.0.0
1 2
OSPF
R1(config)#router OSPF <process-id>

[Process-id 1 to 65535]
R1(config-router)#network <NID> <WCM>area <areano>
R1(config)#router OSPF 15
R1(config-router)#network 10.0.0.0 0.255.255.255 area 0
R2(config)#router OSPF 12
There can be more than one processess in a OSPF protocol.

Between two OSPF routers the process-ids need not be the same.
The area numbers should be the same.
EIGRP
R1(config)#router EIGRP <autonomous-no>
[Process-id 1 to 65535]
R1(config-router)#network <NID>
R1(config)#router EIGRP 123

R2(config)#router EIGRP 123

The autonomous system numbers should be the same while communicating

between the EIGRPs.
For OSPF
Hello time 10 sec
Dead time 40 sec
Wait time 40 sec
Retransmit time 5 sec
sh ip ospf interface e 0
sh ip ospf int f 0
sh ip ospf int s 0
sh ip ospf neighbor shows neighbor router-id.
sh ip protocols
For OSPF
sh ip eigrp neighbors
sh ip eigrp topology
P Passive
A Active
U Update
R Reply
r Reply-state
Note: The advantage of EIGRP over OSPF is the feasible successor in the topology table.
Routing Information Protocol Version 2 (RIP V2).
The basic functionality of the protocol is very much similar to the RIP V1 protocol. The
RIP V2 protocol has some additional features that are not supported by RIP V1 protocol.
They are as listed below :
i. The RIP V2 is a Classless Protocol.

ii. Uses Multicast address instead of Broadcast address.
iii. Supports VLSM.
iv. Performs Auto-summarization.
v. Every routing table update can be authenticated.
1. RIP V2 is a classless protocol; RIP V1 is a classful protocol.
a. Classful Protocol :- Supports networks with default Subnet Mask.
b. Classless Protocol :- Supports subnetted networks, It carries the information of subnet mask
i.e, the no. of bits for network id.
2. RIP V2 uses Multicast Address; RIPV1 uses Broadcast Address. In RIPV1 Universal
Broadcast(255.255.255.255) is used to send routing table updates for every 30 secs, whereas
RIPV2 uses Multicast (224.0.0.9).
3. RIPV2 allows Authentication, it authenticates the source from which the routing updates are
originated, so that flooding of routing update can be avoided.
4. RIPV2 supports VLSM - it can be abbreviated as Variable Length Subnet Mask. VLSM is
used to conserve ip addresses and helps proper summarization. RIPV1 does not support this.
9.WAN PROTOCOLS
In a LAN all the systems are connected by the same cable and technology. The datalink
layer prepares data accorcing to the physical layer.(when there is a change in the physical
layer, preparation of data in the datalink layer also changes).
WAN operates at the datalink layer.
WAN technology operates at the physical layer and WAN software operates at the
datalink layer.
At the datalink layer data preparation is done by some protocols and some of them
are
HDLC High level DataLink Control
PPP Point-to-Point Protocol
Frame-Relay
PPP HDLC
Open to all network devices Works only on the Cisco devices
Supports multiple protocols Supports multiple protocols
User authentication is possible User authentication is not possible
Two protocols:
1.PAP-Password Authentication Protocol
2.CHAP-Challenge Handshake Authentication
Protocol.
NOTE: SLIP Serial Link Interface Protocol.
Open to all devices
Supports only to IP protocol
Not used anywhere at present
PAP:
HO BO
R R
My name is BOR.My password
is XXX.I want to talk
When the username and pwd are matched in the HOR Database,BOR is
allowed.It is Authentication Request.

Three-way Handshake:
Client Server
I want to talk to u(SYN)
S,u can(SYN/ACK)
Ok(ACK)
CHAP
BOR HOR
I want to talk to u
Give me password(Challenge)
Response(Password sent as Message Digest-MD)
Message Digest(Message Integrity) is one of the forms of Encryption

Eg: if packet sent is 1000.It is performed with Hash function(HF).
1000(pkt) + HF =Message Digest
Quality of MD:
1. MD I an one-way process.
2. It is always constant.
3. A small change will result in a big change in MD.
Once MD reaches the destination, HF is applied over the MD to get the
original message.
How to configure to PPP?
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1

10.0.0.0 R R 30.0.0.0
1 2
HOR(config)#int s 0
HOR(config-if)#encapsulation PPP
HOR(config-if)#exit
When encapsulation is done only in one router link state goes up and
down ie R1--- PPP, R2---HDLC.
BOR(config)#int s 0
BOR(config-if)#encapsulation PPP
BOR(config-if)#exit
Username HOR(config)#username BOR BOR(config)#username HOR

password 123 password 123
CHAP HOR(config)#int s 0 BOR(config)#int s 0
HOR(config-if)#PPP BOR(config-if)#PPP
authentication CHAP authentication CHAP
Username HOR(config)#username BOR BOR(config)#username HOR

password 123 password 321
PPP HOR(config)#int s 0 BOR(config)#int s 0
HOR(config-if)#PPP BOR(config-if)#PPP
authentication PAP authentication PAP
HOR(config-if)#PPP PAP sent- BOR(config-if)#PPP PAP sent-
username HOR password 321 username BOR password 123
To check the encapsulation in the serial interface
HOR#sh int s 0
To debug PPP athentication
HOR#debug PPP authentication
10.ISDN(Integrated Services Digital Network)
ISDN is an example for Circuit switching Network.Here the circuit doesnt exists
physically but get connected when required.When needed to transmit data the user can
dial-up, get connected ,finish the work and get disconnected.
Data and voice are integrated into one services digital network. So the user can
access the network and telephone at the same time.
X Y
LAN 1 LAN 2
Z
Modem Data
System
OR/AND
Service Provoiders
Voice
Digital Phone
Basic Rate Access(BRI):
Data For signall link purposes

Barer To telephone/System
Barer To telephone/System
Total bandwidth = 144
For voice/data = 128
16 For link purposes
Primary Access Data(PRI):
Data For link purposes
Barer For voice/data
Data - 1*64 = 64
Barer - 23*64 = 1472
NOTE:In Dedicated line there is a G703 switch in the telecom service provider.In ISDN
there is ISDN switch.
TE-1: Terminal Equipment type-1
4 pair 2 pair
Router R NT1
BRI0 S/T U
Network Terminal
Adapter-1
Service Proivder
Digital Phone TE1 Isdn Switch
TE-2(Terminal Equipment type-2)
Router R
TA
S/T
NT1
U
R
R
R
Digital Service Provider
Phone
System ISDN Switch

TE2
U User Mode
S/T Switch and Transfer
R Rate
TA Terminal Adapter
Demarcation Point: It is the point at which the adminstrative control of the

service provider stops and the administrative control of the user starts.
How to configure ISDN?
10.0.0.1 20.0.0.1 20.0.0.2 30.0.0.1

E0 BRI0 BRI0
HOR BOR
10.0.0.0 Service Provider 30.0.0.0
The link is up only if the ISDN switch is specified.

Dynamic routing is not used only static routing is used.
HOR(config)#ISDN switch-type basic-net3

HOR(config)#ip route 30.0.0.0 255.0.0.0 20.0.0.2 (sends pkt to BRI)
HOR(config)#Dialer-list <DLno> protocol <protocol> <Action>
(if ip pkt comes what action to do)
HOR(config)#Dialer-list 5 protocol ip permit
HOR(config)#int BRI 0
HOR(config-if)#Dialer-group <DLno>
HOR(config-if)#Dialer-group 5
HOR(config-if)#Dialer-String 08747389234
HOR(config-if)#Dialer idle-timeout 30
Dialer-list need not be same between two host.

Default idle-timeout is 120sec.(1 to 2147483).
int e0/0 Modular Router
In a network all the packets are IP packets and so all cant be receive them.
So the area of interest is limited to a certain area using Access-lists.
HOR(config)#Dialer-list 5 protocol ip list 123

HOR(config)#access-lists 123 permit tcp 10.0.0.0 0.0.0.0 30.0.0.0 0.0.0.0 eq ftp
For multiple phone calls single Dialer-list cant be used.In that case Dialer
mapping should be done by adding multiple routers.
HOR(config)#ip route 30.0.0.0 255.0.0.0 20.0.0.2

HOR(config)#ip route 40.0.0.0 255.0.0.0 20.0.0.3
HOR(config)#Dialer-list 5 protocol ip list 123
HOR(config)#access-lists 123 permit tcp 10.0.0.10 0.0.0.0 30.0.0.10 0.0.0.0 eq
ftp
HOR(config)#access-lists 123 permit tcp 10.0.0.10 0.0.0.0 40.0.0.10 0.0.0.0 eq
ftp
HOR(config-if)#Dialer map <protocol> <address> <phone-no>
HOR(config-if)#Dialer map ip 20.0.0.2 04230847389
HOR(config-if)#Dialer map ip 20.0.0.3 073648790834
To show ISDN status
HOR#sh ISDN status
To check whether ISDN call is active or not
HOR#sh ISDN active
To check ISDN call history
HOR#sh ISDN history
To use both the channels from the start
HOR(config-if)#Dialer load-threshold 1
Here both the links BRI 1 and BRI 2 are up.
11. FRAME-RELAY
Frame-relay is an example of a Packet Switched Network. This network

enables end-stations to dynamically share the connection and the available
bandwidth.
Here bandwidth is concentrated and not the connectivity.
The Frame Relay frame is transmitted to its destination by way of virtual
circuits (logical paths from an originating point in the network) to a
destination point.
TDM-Time Division Multiplexing-In this process users doesnt knew
whether others are sending data or not.Each user is allotted with a time
slot and are to transmit only in that time slot.
STDM-Statistical TDM-In this process all the users knew whether others
are sending information or idle.If they are idle that particular user in turn
can use the full bandwidth and transmit data.
CIR-Frame relay connections are often given a Committed Information
Rate (CIR) and an allowance of burstable bandwidth known as the
Extended Information Rate (EIR). The provider guarantees that the
connection will always support the CIR rate, and sometimes the EIR rate
should there be adequate bandwidth. Frames that are sent in excess of the
CIR are marked as "discard eligible" (DE) which means they can be
dropped should congestion occur within the frame relay network. Frames
sent in excess of the EIR are dropped immediately.
HUB
Broadcast Multiaccess Point-to-point
Non-Broadcast Multiaccess
Congestions in the network are reported by

1. FECN=Forward Explicit Congestion notification bit
2. BECN=Backward Explicit Congestion Notification bit
3. DE=Discard Eligibility bit- When there is congestion on the line, the
network must decide which frames to discard in order to free the line.
Discard Eligibility provides the network with a signal to determine which
frames to discard. The network will discard frames with a DE value of 1
before discarding other frames
DLCI-Data Link Connections Identifier.The DLCI serves to identify the virtual

connection so that the receiving end knows which information connection a frame
belongs to.(Range=16 to 1007)
20.0.0.2
200 300 BO
100
R
HO DLCI PVC-Permanent Virtual Circuit
20.0.0.1
R
In the above figure,data is sent from 20.0.0.1 to 20.0.0.2 through DLCI 100 and
data is sent from 20.0.0.2 to 20.0.0.1 through DLCI 300.
Inverse ARP carries the IP address between the devices with the help of DLCI.
The link between the frame-relay and the router is managed by LMI-Local
management Interface or Link management Interface.
How to configure Frame-relay?
BOR(config)#int s 0
BOR(config)#encapsulation frame-relay
If there is router that are two routers, one with S 0 and S 1 connected to the frame-
relay swtich.
20.0.0.2
R 200
2 S0 20.0.0.1 R
R 3
300 20.0.0.3 100 S0
1 S1
Frame-relay Switch
In the above figure R1 connected through S1 and R2 through S 0 interfaces to

the Frame relay switch.Since R1 has only S 1 interface, it requests to the frame-relay
switch to provide DLCI from through the same line that has been used to the R1
router. The above figure represents a Spoke & Hub(PartiallyMesh structure).
Connecting R1 and R2 is not possible(Fullr-meshed structure).
To solve this we go for Frame-relay mapping. This is another way of
configuring Frame-relay network.
R1(config)#int S 0
R1(config-if)#frame-relay map ip 20.0.0.3 200 broadcast
R1(config-if)#frame-relay map ip 20.0.0.2 200 broadcast
(If RIP, broadcast is optional )
Point-to-point is another way of configuring frame-relay.

Logically making serial interface into two point-point interface(dedicated).
R3(config)#int S 0
R3(config-if)#no ip address
R3(config-if)#exit
R3(config)#int S 0.5 point-to-point
R3(config-subif)#ip address 20.0.0.1 255.0.0.0
R3(config-subif)#frame-relay interface-DLCI 100
R3-----Identified as Multi-point if in
same network
R1 R2
(S0.x) (S0.y)
point-point point-point
In case of sub-interfaces DLCI no is mandatory to be specified.

In case of normal serial interfaces it finds automatically.
How to configure Frame-Relay Switch?
R1(config)#Frame-relay switching
R1(config)#int S 0
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay intf-type DCE
R1(config-if)#frame-relay route 100 int S 1 200
R1(config-if)#clock rate 64000
R1(config-if)#no shutdown
R1(config)#int S 1
R1(config-if)#encapsulation frame-relay
R1(config-if)#frame-relay route 200 int S 0 100
R1(config-if)#clock rate 64000
R1(config-if)#no shutdown
To show frame-relay LMI type
R1#sh frame-relay LMI
To show frame-relay PVC
R1#sh frame-relay PVC

To show frame-relay mapping
R1#sh frame-relay map
To stop auto mapping
R1(config-if)#no frame-relay inverse-arp
To clear frame-relay
R1#clear frame-relay-inarp
12. SWITCHING
Switch is a layer-2 component.

Hub is a layer-1 component.Hub and Repeater reduces the bandwidth.Hub doesnt
learn MAC address.But switch understands MAC addressa and maintains
MAC-ADD-TABLE.
MAC Address Port-No

0010abcd1234 0/1
0030abcd1237 0/2
In switch each port is an ethernet port. So for each port there are separate
collision domain(Area where collision is possible).
Router breaks up both collision and broadcast domains.
Switch-DL layer frame
Data
This frame contains all the headers and trailers from the application layer and
DataLink Layer adds its own header & trailer(MAC from & toAddress).
Switching uses 3 forwarding trends:

1. Store & forward-stores the full frame and at the end forwards if it is
correct.
2. Cut-through-Destination address is attached at the start of the
frame. So the frame is forwarded as soon it enters.
3. Fragment free(modified cut-through)-In this process the frame is
stored for 64 bytes and after that it is forwarded.(the first 64 bytes
consists of the headers and trailers and those are verified and
forwareded).
Most of the switch will come with store & forward trend.
Consider the following network,
Trunk Port
Trunk Link
Access-list
Here unneccessarily broadcast is done. To avoid this VLANs are created.
Modifiying the configured LAN setup is not possible.VLANs are created
without altering the physical setup.
VLAN(Virtual LAN):
VLANs are created by making some modifications in the configurations of
the actual LAN setup.
The ports in the swtiches are configured so that they come under different
VLANs.For eg consider the following figure,
VLAN1 VLAN2
Inter-VLAN communication is not possible. If required routers or layer-3

switches are used.
The default VLAN is VLAN1 and the whole VLAN setup is controlled by
VTP(VLAN Trunk Protocol). By default all the switches will have VTP.
Switches in the VLAN are accessed through
1. Console.
2. Telnet vty.
3. http(VSM-Visual Switch Manager).
How to configure switch?
Would you like to start intial configuration[yes/no]:no

Press return to get started
Switch>enable
Switch#configure terminal
Switch(config)#int vlan 1
Switch(config-if)#ip address 10.0.0.5 255.0.0.0
Switch(config-if)#no shutdown
Switch(config-if)#exit
Switch(config)#ip default gateway 10.0.0.1
Each component should be managed by the IP address.

By default all ports in the VLAN
Routers should be als configured.
To configure different VLANs,
Switch(config)#vlan <vlan-no>
Switch(config)#name < xxx>
VLAN-no ranges from 2 to 1001(Mandatory).
VLAN name(xxx) is optional.
Switch(config)#vlan 2
Switch(config-vlan)#name finance
Switch(config-vlan)#exit
Switch(config-vlan)#name production
Switch(config-vlan)#name marketting
To determine the ports to the VLAN, switch ports are to be configured.
Switch(config)#int f 0/1
Switch(config-if)#switchport access vlan <vlan-no>
Switch(config-if)#switchport access vlan 3
Switch(config-if)#switchport access vlan 2
It is not necessary for the ports to be allocated in the sequential order to

the VLANs.
As the ports, trunk port of the switch is also in VLAN1 by default. Hence
this trunk port is also needed to be configured so that it receives all the
other VLAN information and forwards it to the other.
Switch(config-if)#switchport mode trunk
If there are more than one swtich in the VLAN and if need them to
communciate routers should be used.
All the switches should be in the same domain.
Switch(config)#VTP domain <domain name>

Switch(config-if)#VTP domain IBM
Switches in the VLAN operate at 3 modes,

Server mode-By default all the switches are in server mode.
Client mode
Transparent mode
NOTE: There can be two servers but the configuration should be same on both the
switches.If two servers send the configuration details to other clients,now the decision is
made depending on the configuration revision number.
Switch can be configured to different mode as,
Switch(config)#VTP server/client/transparent
If a frame from aVLAN comes from a sytem to the switch,encapsulation is

done based indicating that the frame belongs to that particular VLAN. For
a switch to deliver that frame to the VLAN,there are two protocols,
1. ISL-InterSwitch Link
Works only on cisco devices
Overhead is more.
Data V3
2. Frame tagging-IEEE 802.1Q

Works on all devices.
Overhead is less than ISL.
Data V3
Bridge and Switch
BRIDGE SWITCH
Has less number of ports Has more number of ports
Slow Fast
Its a software Its a hardware
When u connect two bridges using switches then there is a possibility of
Broadcast loop or MAC address table loops
In this case one switch can be made to act as Root bridge and the other to
be the normal bridge. An election is conducted between the switches based
on the value obtained by adding the MAC address of the switch and
hexadecimal value of default priority- 32768. This value is called the
BPDU(Bridge Protocol Data Unit). Lesser the BPDU, is elected as the
root bridge.
To show the MAC address table
Switch#sh MAC-address-table
To show the VLAN
Switch#sh VLAN
To show VTP status
Switch#sh VTP status
To show spanning tree
Switch#sh spanning-tree
To clear vlan
Switch(conf)#no vlan <vlan-no>
13. BOOTING
Booting is the process of intializing the components. The hardwares associated

with the router are:
Processor
Memory
Interfaces E0,F0,S0 etc.,
Memory:
Flash IOS ,image(loaded)
RAM Running-config volatile
NVRAM Non-volatile RAM Startup-config Secondary
ROM Microcodes are present
POST Power On Self Test Makes sure that all components
are available and are properly working.
BOOTSTRAP-In this there is a configuration register number
which is 16-bit(hexadecimal,default value-0x2102). The last
field is called the boot field(2 to F).Once there is a 0 in the third
octet ,the booting process continues with the startup-config
where there is a bootsystem xxx. In case if there is a dual OS
this command is checked else the default OS is loaded(by flash).
if the router is newly configured
Would you like to start intial configuration[yes/no]:
if the router is a already configured
Press enter to get started
ROMMONITOR-similar to BIOS(0)
RxBOOT-Partial IOS(1)
If there is a problem in the booting process, the above two
booting takes place.
ROMMONITOR> ROUTER(boot)>
or
>
In case if the flash is corrupted, and when the router is not able to find the flash
of the image, it tries to find it in the network with the help of TFTP(Trivial File
Transfer Protocol). Router checks for the TFTP for 5 minutes. If it doesnt finds it
checks the 13th bit of the configuration revision number for if it is 1(default it is 0). If
1, boots from RxBOOT else if 0 boots from ROMMONITOR.
Copy commands:
To copy from router to system
R#copy run tftp
To copy from system to router
R#copy tftp run
To copy from flash to system
R#copy flash tftp
To copy from system to flash
R#copy tftp flash

For all the above copy commands to work TFTP server should be running and
the router should be able to ping that system.
To change the password,

1) Switch off and restart the router.
2) In the first 60 sec press (ctrl+pause).
3) Routers CMOS setup is ROMMON> or >
Routers>confreg 0x2142
or
>0x2142
Here 4 represents skip the NVRAM boot(Because configuration is saved

in it).
4) Restart the router
ROMMON>reset
5) Would you like to start intial configuration[ues/no]:

Press enter to get started
Router>enable
Router#copy start run
IBM#configure terminal
IBM(config)#enable secret xxx
IBM(config)#config-register 0x2102
IBM(config)#copy run start
NOTE:
1. All passwords are set during the configuration except the console
and auxillary password.
2. When running-config is copied from start-config, interface is
shutdown.
To show running and start configurations
R1#sh running-config
R1#sh start-config
To show versions
R1#sh version
To restart
R1#reload

Kumar Reddy CCNA Notes

Încărcat de

Informații document

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Kumar Reddy CCNA Notes

Încărcat de

Drepturi de autor:

Formate disponibile

CCNA TRAINING DOCUMENT

Network Connection of Computers

2. Point-to-point: Only two computers are connected. Address is not

Note: CCNA tells about

Computers will have two addresses:

E.g.: 0010ab 1234cd

IP ARP RARP ICMP IGMP

TCP Transmission Control Protocol

Quality of IP Address (Borrowed from the Human & Telecom networks)

Divided into 4 octets

0-255 0-255 0-255 0-255

Each octet is of,

MSB Most Significant Bit

128(MSB) is reserved for Class A as 0 always.

Thus Class A can have 1-126 networks.

E.g. 10.0.0.0 is a Class A Network

Two bits are reserved for Class B.

NID has 2 octets out of which two 2 bits are reserved.

E.g. 172.16.0.0 is a Class B network.

The last three bits are reserved for Class C.

NID has 3 octets out of which two 3 bits are reserved.

E.g. 202.14.0.0 is a Class C network.

E.g. : Let 190.16.4.9 be the IP address(Class B network).

190.16.4.9 ---- 10111110000100000000010000001001

190.16.255.255 ---- 10111110000100001111111111111111

Class N/w Host Range- I MSB No of No of FHID LHID BC Addr Subnet

B 16 16 127-191 10 216-2=214 216-2 X.Y.0.1 X.Y.255.254 X.Y.255.255 255. 255.0.0

C 24 8 192-223 110 224-3=221 28-2 X.Y.Z.1 X.Y.Z.254 X.Y.Z.255 255. 255.

4. OSI REFERENCE MODEL

Open Systems: Irrespective of the plaltform ,open to any platform.

The OSI Model comprises of 7 layers.

(International Standard Organisation)

Data Link Layer

Physical layer is about the physical connections/media between the networks.

Bandwidth Signal Length of the

Ethernet Cross over and Straight Through Cables

PIN N0 WIRE COLOR CROSSED-OVER STRAIGHT-THROUGH

Hub(Concentrator):Hubs operate on the physical layer.Hubs are nothing

DATA LINK LAYER

MAC Media Access Control: It is concerned with sharing the

Port Number MAC address

Packtes in the network layer contains the To and From IP address.

10.0.0.0 20.0.0.0 40.0.0.0 60.0.0.0

Router1 Router2 Router3

The connection may be connection oriented or connectionless.

1.Encapsulation-Give the right information to the right user.

2.Disdavantage of TCP/IP communication? Acknowledgement

E.g. Route add 30.0.0.0 MASK 255.0.0.0 10.0.0.1

50.0.0.2 70.0.0.1 90.0.0.1

Destination Host Unreachable

Request timed out

Interface: 9.184.45.180 --- 0x2

Tracing route to 9.184.45.148 over a maximum of 30 hops

Find the FHID, LHID, Broadcast and SubnetMask

CLASS NETWORK FHID LHID BroadCast SubnetMask

Divide the following network consisting of 2 subnets

CLASS NETWORK FHID LHID BroadCast SubnetMask

Therefore the subnets are,

Divide the following network consisting of 6 subnets

CLASS NETWORK FHID LHID BroadCast SubnetMask

Therefore the subnets are, 10.32.0.0

Class Subnet FHID LHID BroadCast SubnetMask

Divide the following network consisting of 14 subnets

CLASS NETWORK FHID LHID BroadCast SubnetMask