Configuring A Cisco Router

Table of Contents
Table of Contents ................................................................................................................................. i

Chapter One: Internetworking ................................................................................................................ 1
Introduction ........................................................................................................................................ 1
Layers of the OSI reference model ..................................................................................................... 2
Physical layer .................................................................................................................................. 4
The Datalink Layer ......................................................................................................................... 4
Network Layer ................................................................................................................................ 5
Transport Layer ............................................................................................................................... 5
Session layer ................................................................................................................................... 7
Presentation layer ............................................................................................................................ 7
The Application Layer .................................................................................................................... 7
Networking Cables and Connectors.................................................................................................... 8
Ethernet Cabling ............................................................................................................................. 9
Straight-through Cable .............................................................................................................. 10
Crossover Cable ........................................................................................................................ 11
Connectors and the Climping tool ................................................................................................ 11
The Climping tool ..................................................................................................................... 13
Networking at Layer 1 and Layer 2 ................................................................................................... 13
Switches (Layer 2 Devices) .......................................................................................................... 15
Collision domain ........................................................................................................................... 16
Broadcast domain.......................................................................................................................... 17
Configure and verify VLANs .............................................................................................................. 18
VLAN Identification Methods ...................................................................................................... 18
Configuring VLANs ..................................................................................................................... 18
Assigning Switch Ports to VLANs ........................................................................................... 20
Chapter Two: IP Addressing ................................................................................................................. 24
Introduction ...................................................................................................................................... 24
Private IP addressing..................................................................................................................... 24
Classes of IP Addresses ................................................................................................................ 25
Identifying a class of an IP address ............................................................................................... 25
Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page i

Cell: 0966554000 / 0979554000
Subnetting ..................................................................................................................................... 25
Practice class C Subnetting ........................................................................................................... 26
Class B Subnetting ........................................................................................................................ 28
Subnetting Class A Addresses ...................................................................................................... 31
Chapter Three: Configuring a Cisco Router ......................................................................................... 34
Introduction ...................................................................................................................................... 34
The Command line ............................................................................................................................ 36
Common configurations done on a router..................................................................................... 37
1. Changing the Router Default name ................................................................................... 37
2. Securing console port ........................................................................................................ 37
3. Secure auxiliary port ......................................................................................................... 38
4. Enable telnet access on cisco router .................................................................................. 38
5. Secure privilege exec mode with password ...................................................................... 39
6. Login banner ..................................................................................................................... 39
7. Configure clock time zone ................................................................................................ 40
8. Assign hostname to IP Address ........................................................................................ 40
9. Disable automatic domain lookup..................................................................................... 40
10. Enable logging synchronous ......................................................................................... 41
11. Disable auto logout from console line .......................................................................... 41
12. Configure serial interface in router ............................................................................... 41
13. Configure FastEthernet Interface in router ................................................................... 42
14. Disable router interface ................................................................................................. 42
15. Saving running configuration in cisco router ................................................................ 43
16. Erasing configuration in cisco router ............................................................................ 43
Routing Protocols Configuration....................................................................................................... 45
Routing Information Protocol (RIP) ............................................................................................. 45
Routing Information Protocol (RIP) configuration in the command line ................................. 46
Open Shortest Path First (OSPF) .................................................................................................. 47
Configuring OSPF from the command line interface ............................................................... 48
Chapter 4 Questions and Answers ........................................................................................................ 49
Introduction ...................................................................................................................................... 49
Questions and Answers .................................................................................................................... 49
Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page ii

Cell: 0966554000 / 0979554000
Chapter One: Internetworking
Introduction
Welcome to the exciting world of internetworking. I am glad you here. My names are
Kabutu Chuunga and I love computers especially internetworking. My aim as of today if all
conditions remain the same, I want to pursue internetworking to a higher level by doing a
PHD in Computer Networks and Security. Internetworking is so critical to any organisation’s
operations as everyone in the organisation depends on the data that traverses the network.
Network failures and poor network design and administration have costed companies
thousands and millions of dollars worldwide. It could be a failure on the DNS, DHCP, file
server, router, WAN, MAN or LAN data link or physical layer connectivity or worse still, it
could be a failure due to natural disasters. It could also be a failure due to poor network
design and careless network administration practices. These normally arise due to installing
wrong equipment to given problems and also having poor or no backup policies to quickly
restore systems in case of a calamity. For these reasons and many more, I find myself
standing in the gap - resolving and finding better ways of providing stable and optimised
networks and data systems. Oh yes! I always want to be that gentleman or lady who is always
on call to resolve connectivity failures, yes, that person who is dependable to everyone who
he/she interacts with for installing and providing long lasting computer network and data
availability solutions to companies. Ooh! Let me end here before I bore you lest you call me
a joker or rhetoric person. I know you really want to do internetworking! Let us begin.
Let me start by defining exactly what internetworking is: Internetworking is the practice of
connecting a computer network with other networks through the use of gateways that provide
a common method of routing information packets between the networks. The resulting
system of interconnected networks is called an internetwork, or simply an internet. You
create an internetwork when you connect two or more networks via a router and configure a
logical network addressing scheme with a protocol such as IP or IPv6. Without wasting much
of your time I will delve direct into the OSI reference model where everything starts from.
We will start with a question from the CCNA certification exam from Cisco Inc.
Which of the following correctly describe steps in the OSI data encapsulation process?
(Choose two.)
A. The transport layer divides a data stream into segments and may add reliability and
flow control information.
B. The data link layer adds physical source and destination addresses and an FCS to the
segment.
C. Packets are created when the network layer encapsulates a frame with source and
destination host addresses and protocol-related control information.
D. Packets are created when the network layer adds Layer 3 addresses and control
information to a segment.
Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 1

Cell: 0966554000 / 0979554000
E. The presentation layer translates bits into voltages for transmission across the physical
link.
Answer: A, D
Explanation
The correct answers are A and D. Why? A becomes correct because it is true the transport
layer divides a data stream into segments and may add reliability and flow control
information. It is also true about D that packets are created when the network layer adds
Layer 3 addresses and control information to a segment. However, it is not true that the data
link layer adds physical source and destination addresses and an FCS to the segment. I have
underlined segment because that is where the answer for B got wrong. The segment is found
at the transport layer and not the data link layer portrayed by answer B. In addition to that,
source and destination physical addresses are known as MAC addresses which are added to
frames at the Data link layer. Answer D is wrong because it says the opposite. It should have
used decapsulation and not encapsulation. If it read that packets are created when the network
layer decapsulates a frame with source and destination host addresses and protocol-related
control information. Finally E is wrong because it is talking about the presentation translating
bits into volts an act that is done by the physical layer. It is the physical layer and not the
presentation layer that translates bits into voltages for transmission across the physical link.
Layers of the OSI reference model
The OSI reference is a set of guidelines that developers can use to create and implement
applications to run on a network. It also provides a framework for creating and implementing
networking standards, devices, and internetworking schemes. One of best gifts the OSI
specifications gives us is paving the way for the data transfer between disparate hosts running
different operating systems, like Unix hosts, Windows machines, Macs, smartphones, and so
on. And remember, the OSI is a logical model, not a physical one.
The OSI reference model has seven different layers, divided into two groups. The top three
layers define how the applications within the end stations will communicate with each other
as well as with users. The bottom four layers define how data is transmitted end to end. Here
are the seven layers of the OSI reference model starting from the first layer up to the seventh
one.
1. Physical layer
2. Data link layer
3. Network layer
4. Transport layer
5. Session layer
6. Presentation layer
7. Application layer

Cell: 0966554000 / 0979554000
For you not to forget the order of the layers starting from the seventh layer, I borrowed this
mnemonic from one of my best authors in computer networking. All People Seem To Need
Data Processing. Here we go!
All………………… Application layer
People……………… Presentation layer
Seem………………. Session layer
To………………….. Transport layer
Need……………….. Network layer
Data……………….. Data Link layer
Processing…………. Physical layer
Encapsulation and decapsulation process at the OSI reference model
Let us talk about each layer in detail so that should a question pop up in the exam on the OSI
reference model, we will not be caught off guard. We will start talking about the layers from
the bottom and go up to the application layer a process known as decapsulation when data is
being transmitted between two systems. Of course we know decapsulation is the opposed of
encapsulation.

Cell: 0966554000 / 0979554000
Physical layer
Physical layer (layer 1) is the lowest layer of all. It is responsible for sending bits from one
computer to another. This layer is not concerned with the meaning of the bits and deals with
the physical connection to the network and with transmission and reception of signals. This
layer defines electrical and physical details represented as 0 or a 1. How many pins a network
will contain, when the data can be transmitted or not and how the data would be
synchronized.
Functions of the physical layer
Representation of Bits: Data in this layer consists of stream of bits. The bits must be encoded
into signals for transmission. It defines the type of encoding i.e. how 0’s and 1’s are changed
to signal.
Data Rate: This layer defines the rate of transmission which is the number of bits per second.
Synchronization: It deals with the synchronization of the transmitter and receiver. The sender
and receiver are synchronized at bit level.
Interface: The physical layer defines the transmission interface between devices and
transmission medium.
Line Configuration: This layer connects devices with the medium: Point to Point
configuration and Multipoint configuration.
Topologies: Devices must be connected using the following topologies: Mesh, Star, Ring and
Bus.
Transmission Modes: Physical Layer defines the direction of transmission between two
devices: Simplex, Half Duplex, Full Duplex. Deals with baseband and broadband
transmission.
A hub and repeater are the two devices that operate at this layer
The Datalink Layer

The Data Link layer provides the physical transmission of the data and handles error
notification, network topology, and flow control. The Data Link layer formats the message
into pieces, each called a data frame, and adds a customized header containing the hardware
destination and source address. Protocols Data Unit (PDU) on Datalink layer is called frame.
According to the question below, the frame is damaged and discarded which will happen at
the Data Link layer. These protocols are necessarily concerned with the type of media in use.
Examples include: IEEE 802.3/802.2, HDLC, Frame Relay, PPP, FDDI, ATM, and IEEE
802.5/802.2.
Devices working at this layer: Switch and bridge

Cell: 0966554000 / 0979554000
Question from Cisco
A receiving host computes the checksum on a frame and determines that the frame is
damaged. The frame is then discarded. At which OSI layer did this happen?
A. session
B. transport
C. network
D. data link
E. physical
Answer: D
Network Layer
The Network Layer(layer 3) controls the operation of the subnet which are identifiable parts
of the network. It decides how the data will be sent to the recipient device. It defines end-to-
end delivery of packets and defines logical addressing to accomplish this. It also defines how
routing works and how routes are learned; and how to fragment a packet into smaller packets
to accommodate media with smaller maximum transmission unit sizes.
Examples include of protocols at this layer. IP, IPX, AppleTalk DDP, and ICMP. Both IP and
IPX define logical addressing, routing, the learning of routing information, and end-to-end
delivery rules. The IP and IPX protocols most closely match the OSI network layer (Layer 3)
and are called Layer 3 protocols because their functions most closely match OSI's Layer 3.
Any device capable of IP addressing e.g. Router, computer, smart phone and some printers
etc. operate at layer 3
Transport Layer
The transport layer is the fourth layer of the OSI model. The protocols operating at this layer
are TCP or Transmission Control Protocol and UDP or User Datagram Protocol. TCP is
connection oriented which means once a connection is established, data can be sent
bidirectional (to and forth). UDP is a simpler, connectionless Internet protocol. Multiple
messages are sent as packets in chunks using UDP.
Functions
1. It controls the flow of data.
2. It ensures that message is delivered error free.
3. It divides large message into small packets for efficient transmission. These packets are
reassembled, checked for error and acknowledged at receiving side. If there are errors in
transmission, the data is retransmitted.
Comparison of TCP and UDP
TCP UDP
1. TCP is a connection-oriented protocol. 1. UDP is a connectionless protocol
2. As a message makes its way across 2. Used in message transport or transfer.
the internet from one computer to This is not connection based which

Cell: 0966554000 / 0979554000
another through TCP it moves under a means that one program can send a load
connection based transfer. of packets to another and that would be
3. TCP is suited for applications that require the end of the relationship.
high reliability, and transmission time is 3. UDP is suitable for applications that need
relatively less critical. fast, efficient transmission, such as
4. Used by HTTP, HTTPs, FTP, SMTP, games. UDP's stateless nature is also
Telnet protocols useful for servers that answer small
5. TCP rearranges data packets in the order queries from huge numbers of clients.
specified. 4. Used by DNS, DHCP, TFTP, SNMP,
6. The speed for TCP is slower than UDP. RIP, VOIP protocols.
7. There is absolute guarantee that the data 5. UDP has no inherent order as all packets
transferred remains intact and arrives in are independent of each other. If ordering
the same order in which it was sent. is required, it has to be managed by the
8. TCP does error checking and error application layer.
recovery. Erroneous packets are 6. UDP is faster because error recovery is
retransmitted from the source to the not attempted. It is a "best effort"
destination. protocol.
7. There is no guarantee that the messages
or packets sent would reach at all.
8. UDP does error checking but simply
discards erroneous packets. Error
recovery is not attempted.

Cell: 0966554000 / 0979554000
Session layer
The session layer is the fifth layer of the OSI reference model. It defines how to start, control,
and end communication sessions. This includes the control and management of multiple
bidirectional messages so that the application can be notified if only some of a series of
messages are completed. This allows the presentation layer to have a seamless view of an
incoming stream of data. The presentation layer can be presented with data if all flows occur
in some cases. Examples include. RPC, SQL, NFS, NetBios names, AppleTalk ASP, and
DECnet SCP. Its job (function) is to establish, manage, and terminate user connections.
A practical example
A session is an exchange of message between computers. It synchronizes user tasks.

Synchronization involves the use of Checkpoints in data stream. If a failure occurs only the
data from the last checkpoint is retransmitted. Suppose we want to send 1000 pages of data.
Check point can be used after each 100 pages. If there is an error at page 320’ the pages from
301 will be retransmitted. Pages from 1 to 300 will not be retransmitted.
Presentation layer
This is sixth layer of the OSI model which deals with the syntax and semantics of the
information transmitted. It converts the data sent from the seventh layer into a standard
format that the layers can understand.
Functions
1. Data Reformatting: When two computers exchange data, the data is changed to bit
streams before it is transmitted. The computers may use different encoding techniques.
The presentation layer at sending computer changes data according to the sender’s
format. The presentation layer at receiving computer change data according to the
receiver’s format.
2. Encryption: The presentation layer encrypts data before transmission. It means that the
sender transforms the original information to another form and sends resulting message
over the network. The receiver again transforms the message back to its original form. It
is called decryption.
3. Compression: Data compression reduces the number of bits to be transmitted. The
presentation layer compresses a large amount of data into small size.
The Application Layer

The Application Layer (Layer 7) is the top-most layer of OSI model and refers to
communications services to applications and is the interface between the network and the
application.
Functions
1. It provides services directly to user applications.

2. It enables the applications to access the network.
3. It provides user interfaces and support for services such as email, remote file access and
transfer, shared database management and other types of distributed information services.

Cell: 0966554000 / 0979554000
Examples include of protocols working at this layer:- Telnet, HTTP, FTP, Internet browsers,
NFS, SMTP gateways, SNMP, X.400 mail, and FTAM.
Networking Cables and Connectors
When designing your LAN, it is really important for you to understand the different types of
Ethernet media available to you. Ethernet was first implemented by a group called DIX,
which stands for Digital, Intel, and Xerox. They created and implemented the first Ethernet
LAN specification, which the IEEE used to create the IEEE 802.3 committee. This was a 10
Mbps network that ran on coax and then eventually twisted-pair and fiber physical media.
The EIA/TIA (Electronic Industries Alliance and the newer Telecommunications Industry
Association) is the standards body that creates the Physical layer specifications for Ethernet.
The EIA/TIA specifies that Ethernet use a registered jack (RJ) connector on unshielded
twisted-pair (UTP) cabling (RJ45). But the industry is moving toward simply calling this an
8-pin modular connector.
Every Ethernet cable type that is specified by the EIA/TIA has inherent attenuation, which is
defined as the loss of signal strength as it travels the length of a cable and is measured in
decibels (dB). The cabling used in corporate and home markets is measured in categories. A
higher quality cable will have a higher-rated category and lower attenuation. For example,
category 5 is better than category 3 because category 5 cables have more wire twists per
centimetre and therefore less crosstalk. Crosstalk is the unwanted signal interference from
adjacent pairs in the cable. Here is a list of some of the most common IEEE Ethernet
standards, starting with 10 Mbps Ethernet:

Cell: 0966554000 / 0979554000
10Base-T (IEEE 802.3) 10 Mbps using category 3 unshielded twisted pair (UTP) wiring for
runs up to 100 meters. Unlike with the 10Base-2 and 10Base-5 networks, each device must
connect into a hub or switch, and you can have only one host per segment or wire. It uses an
RJ45 connector (8-pin modular connector) with a physical star topology and a logical bus.
100Base-TX (IEEE 802.3u) 100Base-TX, most commonly known as Fast Ethernet, uses
EIA/TIA category 5, 5E, or 6 UTP two-pair wiring. One user per segment; up to 100 meters
long. It uses an RJ45 connector with a physical star topology and a logical bus.
100Base-FX (IEEE 802.3u) Uses fiber cabling 62.5/125-micron multimode fiber. Point to-
point topology; up to 412 meters long. It uses ST and SC connectors, which are media
interface connectors.
1000Base-CX (IEEE 802.3z) Copper twisted-pair, called twinax, is a balanced coaxial pair
that can run only up to 25 meters and uses a special 9-pin connector known as the High Speed
Serial Data Connector (HSSDC). This is used in Cisco’s new Data Center technologies.
1000Base-T (IEEE 802.3ab) Category 5, four-pair UTP wiring up to 100 meters long and up
to 1 Gbps.
1000Base-SX (IEEE 802.3z) The implementation of 1 Gigabit Ethernet running over

multimode fiber-optic cable instead of copper twisted-pair cable, using short wavelength
laser. Multimode fiber (MMF) using 62.5- and 50-micron core; uses an 850 nanometer (nm)
laser and can go up to 220 meters with 62.5-micron, 550 meters with 50-micron.
1000Base-LX (IEEE 802.3z) Single-mode fiber that uses a 9-micron core and 1300 nm laser
and can go from 3 kilometers up to 10 kilometers.
1000Base-ZX (Cisco standard) 1000BaseZX, or 1000Base-ZX, is a Cisco specified standard

for Gigabit Ethernet communication. 1000BaseZX operates on ordinary single-mode fiber-
optic links with spans up to 43.5 miles (70 km).
10GBase-T (802.3.an) 10GBase-T is a standard proposed by the IEEE 802.3an committee to

provide 10 Gbps connections over conventional UTP cables, (category 5e, 6, or 7 cables).
10GBase-T allows the conventional RJ45 used for Ethernet LANs and can support signal
transmission at the full 100-meter distance specified for LAN wiring.
Armed with the basics covered so far in this section, you are equipped to go to the next level
and put Ethernet to work using various Ethernet cabling.
Ethernet Cabling
A discussion about Ethernet cabling is an important one, especially if you are planning on
taking the Cisco exams. You need to really understand the following three types of cables:
 Straight-through cable
 Crossover cable
 Rolled cable

Cell: 0966554000 / 0979554000
We will use category 5 Enhanced Unshielded Twisted Pair (UTP) cable the most common
Ethernet cable used today. The category 5 Enhanced UTP cable can handle speeds up to a
gigabit with a distance of up to 100 meters. Typically we’d use this cable for 100 Mbps and
category 6 for a gigabit, but the category 5 Enhanced is rated for gigabit speeds and category
6 is rated for 10 Gbps!
Straight-through Cable
The straight-through cable is used to connect the following devices:
 Host to switch or hub

 Router to switch or hub
Four wires are used in straight-through cable to connect Ethernet devices. It’s relatively
simple to create this type of cable and the picture below shows the four wires used in a
straight-through Ethernet cable.

Cell: 0966554000 / 0979554000
Notice that only pins 1, 2, 3, and 6 are used. Just connect 1 to 1, 2 to 2, 3 to 3, and 6 to 6 and
you will be up and networking in no time. However, remember that this would be a 10/100
Mbps Ethernet-only cable and would not work with gigabit, voice, or other LAN or WAN
technology.
Crossover Cable
The crossover cable can be used to connect the following devices:
 Switch to switch
 Hub to hub
 Host to host
 Hub to switch
 Router direct to host
 Router to router
The same four wires used in the straight-through cable are used in this cable we just connect
different pins together. The diagram below shows how the four wires are used in a crossover
Ethernet cable.
The same four wires used in the straight-through cable are used in the crossover cable we just
connect different pins together. Notice that instead of connecting 1 to 1, 2 to 2, and so on,
here we connect pins 1 to 3 and 2 to 6 on each side of the cable.
Connectors and the Climping tool

The connectors you will use will entirely depend on the technology your cables use. For
instance if you will be installing fiber optic cables, you will need to use a Straight tip or FC
(Ferrule Connector or Fiber Channel) or any other fiber connector of your choice. However,
because our course involves more of Twisted Pair cables (Cat 3, Cat 5, Cat 5e and Cat 6) as
discussed in the previous section on crossover and straight-through cables, we will only talk
about the RJ11 and RJ45. The RJ11 is common but its use is limited to phone and modem
connections. If you have a modem or phone at home or office connected from ZAMTEL,

Cell: 0966554000 / 0979554000
those connectors to your cable that you seat or insert in the ports of a modem or phone are
called RJ11. There is nothing special about them in terms of cable alignment when climping
the cable unto them, hence we will have nothing to talk about them here.
The connector of interest to us is the RJ45. The RJ stands for Registered Jack. The RJ45
connector is as standardized as the 8P8C modular connector often used with CAT5 and
CAT6 cables. This connector has eight (8) pins which provide a contact between the cable
and the Network Interface Card (NIC). The eight pins are the ones we use to make either a
straight-through or crossover cable. The connector is the one that actually implements the
straight-through and crossover mechanism in the two cable types we discussed earlier.
Let me show you the internal arrangement of cables inside the RJ45 connector. By the way, I
am showing you the pin-outs using the T-568B and T-568A standards. These two standards
are the ones that define straight-through and crossover cables. For instance, whenever you
connect both sides of a cable with the T-568B standard, you will be making a straight-
through cable and whenever you will be connecting one side with T-568B and the other side
with T-568A, you will be making a crossover cable. This is very simple and straight forward.
Here is a further illustration.
T-568B------------------------------------T-568B Straight-through cable
T-568B------------------------------------T-568A Crossover cable

Cell: 0966554000 / 0979554000
The Climping tool
The climping tool is a device or tool used to press the wires in the RJ45 so as to hold them
firmly and provide contacts between the wires in the Cat 3 or Cat 5 cable to the eight (8) pins
of the RJ45.
Networking at Layer 1 and Layer 2
Layer 1 (physical layer) and layer 2 (data link layer) under TCP/IP are grouped together and
known as Network Access Layer. As noted above when we were talking about the seven
layers, the hub and repeater are physical layer devices while the switch and bridge are data
link layer devices. A switch also called switching hub, bridging hub or officially MAC bridge
is a computer networking device that connects devices together on a computer network, by
using packet switching to receive, process and forward data to the destination device. Unlike
less advanced hubs, a switch forwards data only to one or multiple devices that need to
receive it, rather than broadcasting the same data out of each of its ports like a hub does. It is
very imperative that as a student of LANMAN Design and Administration 1 you understand
the detailed workings of a switch. The more solid your knowledge, the more expert you are
about these things and the better equipped you will be to configure and troubleshoot a Cisco
internetwork. Here is a photo of a switch:
Quickly before you lose the morale you have to learn switches, let me talk a little about hubs.
An Ethernet hub, active hub, network hub, repeater hub, multiport repeater, or simply hub is a
network hardware device for connecting multiple Ethernet devices together and making them
act as a single network segment. It has multiple input/output (I/O) ports, in which a signal
introduced at the input of any port appears at the output of every port except the original

Cell: 0966554000 / 0979554000
incoming. A hub works at the physical layer (layer 1) of the OSI model. Repeater hubs also
participate in collision detection, forwarding a jam signal to all ports if it detects a collision.
In addition to standard 8P8C ("RJ45") ports, some hubs may also come with a BNC or
Attachment Unit Interface (AUI) connector to allow connection to legacy 10BASE2 or
10BASE5 network segments. Let me make this point clear. There is no difference between a
switch and a hub in terms of appearance, size, shape and weight let alone the labelled names
on their outer surfaces distinguish one from another. Here is a photo of a hub.
The hub uses the same cable and connectors used by a switch. The only notable difference
between a hub and a switch is that, the hub operates at the physical layer dealing with
arriving and departing bits on the media while the switch operates at the data link layer where
it deals with physical source and destination addresses contained in the frame headers. This
point should be known by every network professional including you reading this sentence.
Below is a physical network indicating the physical topology formed by the hub
However, when you compare the internal operations to the outside appearance, it really
shows that despite looking like a star topology when viewed physically, a hub network is
simply a bus topology when viewed logically in terms of its operations. It is simply a single
wire connecting computers together. This means that, should one computer want to

Cell: 0966554000 / 0979554000
communicate with the other, all computers on the network will be contacted. It uses what we
call in social life as “to whom it may concern.” This kind of transmission causes so many
collisions of communication signals making the network slower whenever a new device is
introduced to the network. Hence, the more computers you add to the hub network, the
slower the network becomes. In addition to that, the hub network poses serious risk to
organisation data as security and forensic people can easily tap or intercept the packets
traversing the network. Furthermore, the hub cannot utilize full duplex (sending and receiving
at the same time) as it only uses half duplex (sending and receiving at different times). For
these reasons, the hub should not be used in today’s data intensive and security concerned
networks.
Switches (Layer 2 Devices)

A network switch (multiport bridge) is a computer networking device that connects devices
together on a computer network, by using packet switching to receive, process and forward
data to the destination device. Unlike less advanced network hubs, a network switch forwards
data only to one or multiple devices that need to receive it, rather than broadcasting the same
data out of each of its ports. The switch starts by creating an ARP (Address Resolution
Protocol) table which links the MAC address of each connected node to its IP address. This
allows it to use intelligence when sending by only forwarding the frame to the intended
recipient. This reduces congestion, improves security and increases data transfer speeds.
Hence you should use switches in LAN when setting up networks in SOHO (Small Office
Home Office) networks. There are three distinct functions of layer 2 switching that are vital
for you to remember: address learning, forward/filter decisions, and loop avoidance.
Address learning: Layer 2 switches remember the source hardware address of each frame
received on an interface and enter this information into a MAC database called a forward/
filter table.
Forward/filter decisions: When a frame is received on an interface, the switch looks at the
destination hardware address, then chooses the appropriate exit interface for it in the MAC
database. This way, the frame is only forwarded out of the correct destination port.

Cell: 0966554000 / 0979554000
Loop avoidance: If multiple connections between switches are created for redundancy
purposes, network loops can occur. Spanning Tree Protocol (STP) is used to prevent network
loops while still permitting redundancy.
Collision domain
A collision domain is a section of a network connected by a shared medium or through
repeaters where data packets can collide with one another when being sent. The collision
domain applies particularly when using early versions of Ethernet. A network collision
occurs when more than one device attempts to send a packet on a network segment at the
same time. Members of a collision domain may be involved in collisions with one another.
Devices outside the collision domain do not have collisions with those inside.
As noted earlier when we talked about hubs, the hub forwards packets in all directions when
transmitting a communication signal. Since all hosts whether intended to receive or not
receive the signal, it then means the entire hub is one collision domain.
However, since a switch does not flood all its ports with a signal but sends to a specific
recipient, it means that a switch breaks the collision domain into a number of individual
connections a switch has. For example, unlike a hub that creates one big collision domain by
sending the signal to all connected computers, the switch only forwards a signal or frame to
only one intended recipient. The switch does this by creating an ARP table which specifies
MAC addresses and IP address matches of the connected hosts. Hence a switch breaks a one
big collision domain into a number of collision domains depending on it ports or the
connected computers. The diagram below shows how a switch breaks collision domains. In
the diagram we see five collision domains. If it was a hub network, it would have been one
collision domain. Please master this concept of collision domains for the examinations.

Cell: 0966554000 / 0979554000
Broadcast domain
Now that we have understood what a collision domain is about on switches and hubs, let us
look at the broadcast domain. A broadcast domain is a logical division of a computer
network, in which all nodes can reach each other by broadcast at the data link layer. A
broadcast domain can be within the same LAN segment or it can be bridged to other LAN
segments.
In terms of current popular technologies: Any computer connected to the same hub or switch
is a member of the same broadcast domain. Further, any computer connected to the same set
of inter-connected switches/repeaters is a member of the same broadcast domain. Routers and
other higher-layer devices form boundaries between broadcast domains.
This is as compared to a collision domain, which would be all nodes on the same set of inter-
connected repeaters, divided by switches and learning bridges. Collision domains are
generally smaller than, and contained within, broadcast domains. While some layer two
network devices are able to divide the collision domains, broadcast domains are only divided
by layer 3 network devices such as routers or layer 3 switches. Separating VLANs divides
broadcast domains as well.

Cell: 0966554000 / 0979554000
Configure and verify VLANs
I know that saying one thing over and over tends to make it look vague. However, I keep
telling you this so you never forget it and here I go one last time: By default, switches break
up collision domains and routers break up broadcast domains. Okay, I feel better! Now we
can move on.
What is a VLAN? A VLAN (Virtual Local Area Network) is a logical grouping of network
users and resources connected to administratively defined ports on a switch. When you create
VLANs, you’re given the ability to create smaller broadcast domains within a layer 2
switched internetwork by assigning different ports on the switch to service different
subnetworks. A VLAN is treated like its own subnet or broadcast domain, meaning that
frames broadcast onto the network are only switched between the ports logically grouped
within the same VLAN.
So, does this mean we no longer need routers? Maybe yes; maybe no. It really depends on
what your particular networking needs and goals are. By default, hosts in a specific VLAN
cannot communicate with hosts that are members of another VLAN, so if you want
interVLAN communication, the answer is that you still need a router or Inter-VLAN Routing
(IVR) by implementing a trunk port or link between a router and a switch or depending on
your configuration. A trunk link is a 100, 1,000, or 10,000 Mbps point-to point link between
two switches, between a switch and router, or even between a switch and server, and it carries
the traffic of multiple VLANs—from 1 to 4,094 VLANs at a time.
VLAN Identification Methods
VLAN identification is what switches use to keep track of all those frames as they are
traversing a switch fabric. It’s how switches identify which frames belong to which VLANs,
and there’s more than one trunking method. Here are the two VLAN identification methods:
a) Inter-Switch Link (ISL)
b) IEEE 802.1q
Configuring VLANs
Now this may come as a surprise to you, but configuring VLANs is actually pretty easy. It is
just that figuring out which users you want in each VLAN is not, and doing that can eat up a
lot of your time! But once you’ve decided on the number of VLANs you want to create and
established which users you want belonging to each one, it’s time to bring your first VLAN
into the world.
To configure VLANs on a Cisco Catalyst switch, use the global config vlan command.
In the following example, I’m going to demonstrate how to configure VLANs on the S1
switch by creating three VLANs for three different departments. Again, remember that
VLAN 1 is the native and management VLAN by default:
Switch1(config)#vlan ?
WORD ISL VLAN IDs 1-4094
access-map Create vlan access-map or enter vlan access-map command mode
dot1q dot1q parameters
filter Apply a VLAN Map
group Create a vlan group
internal internal VLAN

Cell: 0966554000 / 0979554000
In this output above, you can see that you can create VLANs from 1 to 4094. But this is only
mostly true. As I said, VLANs can really only be created up to 1001, and you can’t use,
change, rename, or delete VLANs 1 or 1002 through 1005 because they’re reserved. The
VLAN numbers above 1005 are called extended VLANs and won’t be saved in the database
unless your switch is set to what is called VLAN Trunk Protocol (VTP) transparent mode.
You won’t see these VLAN numbers used too often in production.
Let us configure three vlans called Sales, Marketing and Accounting.

Switch1(config)#vlan 2
Switch1(config-vlan)#name Sales
Switch1(config-vlan)#vlan 3
Switch1(config-vlan)#name Marketing
Switch1(config-vlan)#vlan 4
Switch1(config-vlan)#name Accounting
Switch1(config-vlan)#end
Switch1#
After you create the VLANs that you want, you can use the show vlan command to check
them out. But notice that, by default, all ports on the switch are in VLAN 1. To change the
VLAN associated with a port, you need to go to each interface and specifically tell it which
VLAN to be a part of. Once the VLANs are created, verify your configuration with the show
vlan command.
Once the VLANs are created, verify your configuration with the show vlan command
(sh vlan for short):
This may seem repetitive, but it’s important, and I want you to remember it: You can’t
change, delete, or rename VLAN 1 because it’s the default VLAN and you just can’t change
that—period. It’s also the native VLAN of all switches by default, and Cisco recommends

Cell: 0966554000 / 0979554000
that you use it as your management VLAN. If you’re worried about security issues, then
change it!
Basically, any ports that aren’t specifically assigned to a different VLAN will be sent down to
the native VLAN—VLAN 1.
Assigning Switch Ports to VLANs

You configure a port to belong to a VLAN by assigning a membership mode that specifies
the kind of traffic the port carries plus the number of VLANs it can belong to. You can also
configure each port on a switch to be in a specific VLAN (access port) by using the interface
switchport command. You can even configure multiple ports at the same time with the
interface range command. In the next example, I will configure interface Fa0/3 to VLAN 3.
This is the connection from the Switch3 switch to the host device:
Switch3#config t
Switch3(config)#int fa0/3
Switch3(config-if)#switchport ?
access Set access mode characteristics of the interface
autostate Include or exclude this port from vlan link up calculation
backup Set backup for the interface
block Disable forwarding of unknown uni/multi cast addresses
host Set port host
mode Set trunking mode of the interface
nonegotiate Device will not engage in negotiation protocol on this interface
port-security Security related command
priority Set appliance 802.1p priority
private-vlan Set the private VLAN configuration
protected Configure an interface to be a protected port
trunk Set trunking characteristics of the interface
voice Voice appliance attributes voice
Well now, what do we have here? There’s some new stuff showing up in our output now. We
can see various commands. Let us start with setting an access port on Switch1, which is
probably the most widely used type of port you will find on production switches that have
VLANs configured:
Switch3(config-if)#switchport mode ?
access Set trunking mode to ACCESS unconditionally
dot1q-tunnel Set trunking mode to TUNNEL unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
private-vlan Set private-vlan mode
trunk Set trunking mode to TRUNK unconditionally
Switch3(config-if)#switchport mode access
Switch3(config-if)#switchport access vlan 3
By starting with the switchport mode access command, you’re telling the switch that this is a
nontrunking layer 2 port. You can then assign a VLAN to the port with the switchport access
command. Remember, you can choose many ports to configure simultaneously with the
interface range command.

Cell: 0966554000 / 0979554000
Let’s take a look at our VLANs now:
S3#show vlan
VLAN Name Status Ports
---- ------------------------ --------- -------------------------------
1 default active Fa0/4, Fa0/5, Fa0/6, Fa0/7
Fa0/8, Fa0/9, Fa0/10, Fa0/11,
Fa0/12, Fa0/13, Fa0/14, Fa0/19,
Fa0/20, Fa0/21, Fa0/22, Fa0/23,
Gi0/1 ,Gi0/2
2 Sales active
3 Marketing active Fa0/3
Notice that port Fa0/3 is now a member of VLAN 3. But, can you tell me where ports 1 and 2
are? And why are not they showing up in the output of show vlan? That’s right, because they
are trunk ports!
S3#sh int fa0/3 switchport

Name: Fa0/3
Switchport: Enabled
Administrative Mode: static access
Operational Mode: static access
Administrative Trunking Encapsulation: negotiate
Negotiation of Trunking: Off
Access Mode VLAN: 3 (Marketing)
The highlighted output shows that Fa0/3 is an access port and a member of VLAN 3
(Marketing). That’s it. Well, sort of. If you plugged devices into each VLAN port, they can
only talk to other devices in the same VLAN. But as soon as you learn a bit more about
trunking, we are going to enable inter-VLAN communication!
Configuring Trunk Ports

The 2960 switch only runs the IEEE 802.1q encapsulation method. To configure trunking on
a FastEthernet port, use the interface command switchport mode trunk. It is a tad different on
the 3560 switch. The following switch output shows the trunk configuration on interfaces
Fa0/15–18 as set to trunk:
Switch1(config)#int range f0/15-18
Switch1(config-if-range)#switchport trunk encapsulation dot1q
Switch1(config-if-range)#switchport mode trunk
If you have a switch that only runs the 802.1q encapsulation method, then you wouldn’t use
the encapsulation command as I did in the preceding output. Let’s check out our trunk ports
now:
Switch1(config-if-range)#do sh int f0/15 swi

Name: Fa0/15
Switchport: Enabled
Administrative Mode: trunk
Operational Mode: trunk

Cell: 0966554000 / 0979554000
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: On
Access Mode VLAN: 1 (default)
Trunking Native Mode VLAN: 1 (default)
Administrative Native VLAN tagging: enabled
Voice VLAN: none
Notice that port Fa0/15 is a trunk and running 802.1q. Let’s take another look:
Switch1(config-if-range)#do sh int trunk
Port Mode Encapsulation Status Native vlan
Fa0/15 on 802.1q trunking 1
Port Vlans allowed on trunk
Fa0/15 1-4094
Fa0/16 1-4094
Fa0/17 1-4094
Fa0/18 1-4094
Take note of the fact that ports 15–18 are now in the trunk mode of on and the encapsulation
is now 802.1q instead of the negotiated ISL. Here is a description of the different options
available when configuring a switch interface:
1. switchport mode access: I discussed this in the previous section, but this puts the
interface (access port) into permanent nontrunking mode and negotiates to convert the
link into a nontrunk link. The interface becomes a nontrunk interface regardless of
whether the neighboring interface is a trunk interface. The port would be a dedicated
layer 2 access port.
2. switchport mode dynamic auto: This mode makes the interface able to convert the link
to a trunk link. The interface becomes a trunk interface if the neighbouring interface is set
to trunk or desirable mode. The default is dynamic auto on a lot of Cisco switches, but
that default trunk method is changing to dynamic desirable on most new models.
3. switchport mode dynamic desirable: This one makes the interface actively attempt to
convert the link to a trunk link. The interface becomes a trunk interface if the
neighbouring interface is set to trunk, desirable, or auto mode. I used to see this mode as
the default on some switches, but not any longer. This is now the default switch port
mode for all Ethernet interfaces on all new Cisco switches.
4. switchport mode trunk: Puts the interface into permanent trunking mode and negotiates
to convert the neighbouring link into a trunk link. The interface becomes a trunk interface
even if the neighbouring interface isn’t a trunk interface.
5. switchport nonegotiate: Prevents the interface from generating DTP frames. You can
use this command only when the interface switchport mode is access or trunk. You must
manually configure the neighbouring interface as a trunk interface to establish a trunk
link.
Some people have said, “Practice makes perfect.” Yes I salute them. You can never be a well
prepared network professional if you do not use these commands. Use the packet tracer
software and try to read as much as possible even from CCNA books to widen your

Cell: 0966554000 / 0979554000
understanding of this course. I end here on layer 2 devices but believe me a lot more should
be done. We have not exhausted VLANs. Well, it is time we got promoted from using frames
to using packets. Yes I am talking about a promotion from the data link layer to the network
layer. Switches (MAC addresses) bye-bye and routers (IP Addresses) welcome!!!

Cell: 0966554000 / 0979554000
Chapter Two: IP Addressing
Introduction
Internet Protocol (IP) addresses are the unique numbers assigned to every computer or device
that is connected to the Internet. Among other important functions, they identify every device
connected to the Internet, whether it is a web server, smartphone, mail server, or laptop. After
years of rapid Internet expansion, the pool of available unallocated addresses for the original
Internet Protocol, known as IPv4, has been fully allocated to Internet Services Providers
(ISPs) and users. That’s why we need IPv6, the next generation of the Internet protocol that
has a massively bigger address space than IPv4.
“IP address” is a shorter way of saying “Internet Protocol address.” IP addresses are the
numbers assigned to computer network interfaces. Although we use names to refer to the
things we seek on the Internet, such as www.example.org, computers translate these names
into numerical addresses so they can send data to the right location. So when you send an
email, visit a web site, or participate in a video conference, your computer sends data packets
to the IP address of the other end of the connection and receives packets destined for its own
IP address.
IP addresses are the numbers that enable our computers, servers, telephones, cameras,
printers and sensors to communicate with each other. Without IP addresses, we would have to
copy data from device to device manually, using CDs, DVDs, hard disks or flash storage,
such as a USB drive. But more importantly, our devices could not send data to each other
without human intervention. Without the IP addresses assigned to our computers, we would
have to send paper letters and memos instead of sending emails. There would be no streaming
video sites. Instead, we would have to send each other discs and tapes. Worst of all, we
would not be able to order items online and would have to go to stores to buy them in person.
It would be horrific, like the 1970s all over again.
Private IP addressing
Private addresses are the addresses people use on private networks, such as many home and
office networks. At a protocol level there is no difference between the addresses, but
organizationally, private addresses are distinct because they can only be used within a single
administration and not on the wider Internet. This is because private addresses are set aside
for use by anyone without any global coordination. You can know an address is from a block
of private addresses if it:
 Begins with 10. (i.e. 10.0.0.0 through 10.255.255.255)

 Begins with 172.16. through 172.31.
 Begins with 192.168.
These addresses are the defaults used in a lot of plug’n’play networking equipment, like that
sold to residential Internet users. Unique addresses are different only in that their distribution
is managed by a set of registries. Because the registries manage the distribution of the other

Cell: 0966554000 / 0979554000
addresses, it is possible to know who an address is assigned to and how to get in contact with
them. These types of addresses allow data to be routed across the whole Internet.
If your computer is assigned a private address, but you can still access services over the
Internet, then your computer is probably behind a Network Address Translator (NAT), which
lets lots of computers share a single unique IP address.
All remaining IP addresses after removing the private ranges 10.x.x.x, 172.16 to 172.31 and
192.168.x.x are public IP addresses with an exclusion of 127.x.x.x (loopback address) and
169.254.x.x (APIPA address) addresses. Public IP addresses are the only IP addresses used
on the internet while private IP addresses apart from 127.x.x.x are limited to Local Area
Network usage.
Classes of IP Addresses
There are five classes of IP addresses. These are Class A, B, C, D and E. Our course
LANMAN Design and Administration just like many other entry networking courses
administered worldwide will only consider Class A, B and C.
Class IP Address Default Subnet Mask

Class A 10.111.222.22 255.0.0.0
Class B 172.16.0.4 255.255.0.0
Class C 192.168.6.8 255.255.255.0
Identifying a class of an IP address

IP address classes are determined from the size of the first octet. As you know that IP version
4 is a 32 bit number divided into four octet with each octet having 8 bits, it then means that
the changes in the arrangement of bits in the first octet determine what class of IP address
you have.
IP Address IP Address First Binary Identifying First Octet

Class Octet zero bit range
A 10.23.233.32 10 001010 0 1 - 126
B 172.17.255.12 172 10101100 10 128 -191
C 192.168.1.1 192 11000000 110 192.223
Note: Therefore all IP addresses with the first octet in the range of 1 to 126 is Class A, IP
addresses with the first octet in the range of 128 to 191 are class B and those with the first
octet in the range of 192 to 223 are class C. Please ensure you are able to identify ip
addresses from their classes. You will need that skill in the examinations and also in the
industry.
Subnetting
A subnetwork or subnet is a logical subdivision of an IP network. The practice of dividing a
network into two or more networks is called subnetting. Computers that belong to a subnet
are addressed with a common, identical, most-significant bit-group in their IP address. This

Cell: 0966554000 / 0979554000
results in the logical division of an IP address into two fields, a network or routing prefix and
the "rest" field or host identifier. The rest field is an identifier for a specific host or network
interface e.g. A subnet mask for class C would be like this:
11111111 . 11111111 . 11111111 00000000

Network identifier Host identifier
Practice class C Subnetting

The routing prefix may be expressed in CIDR notation written as the first address of a
network, followed by a slash character (/), and ending with the bit-length of the prefix. For
example, 192.168.1.0/24 is the prefix of the Internet Protocol Version 4 network starting at
the given address, having 24 bits allocated for the network prefix, and the remaining 8 bits
reserved for host addressing
If working things out in binary is too time consuming or that understanding the process in
laying things out in 1’s and 0’s is too tough… try a shortcut! Ask yourself the big five
questions. Oh you have forgotten the big five questions! Please if it is not in the examinations
room feel free to ask Mr. Chuunga. While with an IP address of 192.168.1.37, and a subnet
mask of 255.255.255.240, here are the big five questions:
1. What Network does the above IP address belong to?

2. What is the next Network address (next subnet)?
3. What is the total number of valid hosts on this network?
4. What is the first and last assignable host of the Network (valid IP range)?
5. What is the Broadcast address of the Network?
Let us fold the sleeves of our shirts and get into the mud we need to do some subnetting right
now. Kindly position yourselves I am excited to get into the mud and get dirty of subnetting.
What network does the above IP belong to?

Here is the formula 256 – subnet mask = block size
Hence 256-240 = 16
Take note that the 16 here is the network number for the second network and therefore the
first network is 0. Here is the order:
0 First network
16 Second network
32 Third network
48 Fourth network
64 Fifth network
80 Sixth network
96 Seventh network
112 continue up Eighth network and continue adding 16 up to the last network
to 255 depending just before 255. We will stop here because our question does
on the question not require reaching this far.

Cell: 0966554000 / 0979554000
Again let us show the ranges of each network by showing the network and broadcast address
of each network.
Network number for first Broadcast address (this is Valid range of hosts
network the number just before the
next network number)
0 15 1 - 14
16 31 17 - 30
32 47 33 - 46
48 63 49 - 62
64 End here
To answer the question about which network the IP address 192.168.1.37 belong to, we will
look at the range in our valid range hosts column and see where 37 belongs. While, 37
belongs to the range of 33 to 46 under the network number of 32. Hence, we will simply
replace 37 in our given IP address and put 32 where 37 was and that will be our network
number:
Answer for the first big one: 192.168.1.32 is the network number.
The next question is what is the next Network address (next subnet)? The Answer is simple.
Simply pick the number after 32 and put it on the last octet of the IP address:
Answer for the big two: 192.168.1.48 is the next subnet from 192.168.1.37’s range.
The third question is what is the total number of valid hosts per network?
Here is the formula: 2h-2 = number of hosts.
Our subnet mask is 11111111.11111111.11111111.11110000
Hence the Answer for the big three is 24-2 = 14 hosts
The fourth question is - what is the first and last assignable host of the Network (valid IP
range)? The network talked about here is still 192.168.1.32 and the answer is already in the
table 192.168.1.33 to 192.168.1.46
What is the Broadcast address of the Network? Also this one is already in the table. The
Answer is 192.168.1.47
Let us subnet one more class C address and then we will subnet two Class B and two Class A.
Here is the IP address we will use here - 223.45.100.57/26
Quickly let us ask the big five questions.
1. What network does the address shown belong too.

2. What is the fourth network?
3. What is the total number of valid hosts on this network?

Cell: 0966554000 / 0979554000
4. What is the valid host range for network two?
5. What is the broadcast address for the second network?
Her are the Calculations
1. Network where 223.45.100.57 belongs to is:
Subnet mask is 255.255.255.192 and remember 192 is equal to 11000000 which is /26
Hence 256 – 192 = 64
We know that 64 is where the second network starts from. We also know that before 64
there is zero as the first network. For this reason 57 occurs before 64 which is the second
network. Therefore the IP address 223.45.100.57 falls under network one which is
192.168.100.0
The answer is 192.168.100.0
What is the fourth network? We know that the first network is 0 and the second network
is 64. Hence, to get the third and fourth networks we need to keep adding 64 to itself.
This is what we have: 0, 64, 64+64=128, 128+64=192
Hence the fourth network is 223.45.100.192.
What is the total number of valid hosts on this network? Valid hosts is 2h-2=hosts
Hence 11000000 will give us 6 zeros equals to 26-2=62 the number of valid hosts
What is the broadcast address? The second network address is 223.45.100.64 and the last
address which is just before the network number is 127 hence the broadcast address is
223.45.100.127
Class B Subnetting
Before we dive into this, let’s look at all the possible Class B subnet masks first. Notice that
we have a lot more possible subnet masks than we do with a Class C network address:
255.255.0.0 (/16)
255.255.128.0 (/17) 255.255.255.0 (/24)
255.255.192.0 (/18) 255.255.255.128 (/25)
255.255.224.0 (/19) 255.255.255.192 (/26)
255.255.240.0 (/20) 255.255.255.224 (/27)
255.255.248.0 (/21) 255.255.255.240 (/28)
255.255.252.0 (/22) 255.255.255.248 (/29)
255.255.254.0 (/23) 255.255.255.252 (/30)

Cell: 0966554000 / 0979554000
We know the Class B network address has 16 bits available for host addressing. This means
we can use up to 14 bits for subnetting because we need to leave at least 2 bits for host
addressing. Using a /16 means you are not subnetting with Class B, but it is a mask you can
use!
The process of subnetting a Class B network is pretty much the same as it is for a Class C,
except that you have more host bits and you start in the third octet. Use the same subnet
numbers for the third octet with Class B that you used for the fourth octet with Class C, but
add a zero to the network portion and a 255 to the broadcast section in the fourth octet. The
following table shows you an example host range of two subnets used in a Class B 240 (/20)
subnet mask:
Practice Class B 145.214.7.8/17 Subnetting
145.214.7.8 = Network address
255.255.128.0 = Subnet mask
Subnets? 21 = 2 (same amount as Class C).
Hosts? 215 – 2 = 32,766 (7 bits in the third octet, and 8 in the fourth).
Valid subnets? 256 – 128 = 128. 0, 128. Remember that subnetting is performed in the third
octet, so the subnet numbers are really 0.0 and 128.0, as shown in the next table. These are
the exact numbers we used with Class C; we use them in the third octet and add a 0 in the
fourth octet for the network address.
Broadcast address for each subnet?
Valid hosts?
The table below answers the last two questions for broadcast address for each subnets and
valid hosts
Subnet 0.0 128.0
First host 0.1 128.1
Last host 127.254 255.254
Broadcast 127.255 255.255
Okay, notice that we just added the fourth octet’s lowest and highest values and came up with
the answers. And again, it is done exactly the same way as for a Class C subnet. We just used
the same numbers in the third octet and added 0 and 255 in the fourth octet pretty simple,
huh? I really can’t say this enough: it’s just not that hard. The numbers never change; we just
use them in different octets! Question: Using the above subnet mask, do you think
172.16.10.0 is a valid host address? What about 172.16.10.255? Can 0 and 255 in the fourth

Cell: 0966554000 / 0979554000
octet ever be a valid host address? The answer is absolutely, yes, those are valid hosts! Any
number between the subnet number and the broadcast address is always a valid host.
Practice Example #2B: 255.255.192.0 (/18)
255.255.192.0 = Subnet mask
Subnets? 22 = 4.
Hosts? 214 – 2 = 16,382 (6 bits in the third octet, and 8 in the fourth).
Valid subnets? 256 – 192 = 64. 0, 64, 128, 192. Remember that the subnetting is performed
in the third octet, so the subnet numbers are really 0.0, 64.0, 128.0, and 192.0,as shown in the
next table.
Valid hosts?
The following table shows the four subnets available, the valid host range, and the broadcast
address of each:
Subnet 0.0 64.0 128.0 192.0
First host 0.1 64.1 128.1 192.1
Last host 63.254 127.254 191.254 255.254
Broadcast 63.255 127.255 191.255 255.255
Practice Example #9B: 255.255.255.192 (/26)
Now, this is where Class B subnetting gets easy. Since the third octet has a 255 in the mask
section, whatever number is listed in the third octet is a subnet number. And now that we
have a subnet number in the fourth octet, we can subnet this octet just as we did with Class C
subnetting. Let’s try it out:
255.255.255.192 = Subnet mask
Subnets? 210 = 1024.
Hosts? 26 – 2 = 62.
Valid subnets? 256 – 192 = 64. The subnets are shown in the following table. Do these
numbers look familiar?

Cell: 0966554000 / 0979554000
Valid hosts?
The following table shows the first eight subnet ranges, valid hosts, and broadcast addresses:
Subnetting Class A Addresses

You don’t go about Class A subnetting any differently than Classes B and C, but there are 24
bits to play with instead of the 16 in a Class B address and the 8 in a Class C address. Let’s
start by listing all the Class A masks:
255.0.0.0 (/8)
255.128.0.0 (/9) 255.255.240.0 (/20)
255.192.0.0 (/10) 255.255.248.0 (/21)
255.224.0.0 (/11) 255.255.252.0 (/22)
255.240.0.0 (/12) 255.255.254.0 (/23)
255.248.0.0 (/13) 255.255.255.0 (/24)
255.252.0.0 (/14) 255.255.255.128 (/25)
255.254.0.0 (/15) 255.255.255.192 (/26)
255.255.0.0 (/16) 255.255.255.224 (/27)
255.255.128.0 (/17) 255.255.255.240 (/28)
255.255.192.0 (/18) 255.255.255.248 (/29)
255.255.224.0 (/19) 255.255.255.252 (/30)
That’s it. You must leave at least 2 bits for defining hosts. I hope you can see the pattern by
now. Remember, we are going to do this the same way as a Class B or C subnet. It’s just that,
again, we simply have more host bits and we just use the same subnet numbers we used with
Class B and C, but we start using these numbers in the second octet. However, the reason
class A addresses are so popular to implement is because they give the most flexibility. You
can subnet in the 2nd, 3rd or 4th octet. I will show you this in the next examples.

Cell: 0966554000 / 0979554000
Subnetting Practice Examples: Class A Addresses
When you look at an IP address and a subnet mask, you must be able to distinguish the bits
used for subnets from the bits used for determining hosts. This is imperative. If you’re still
struggling with this concept, please reread the section, “IP Addressing” . It shows you how to
determine the difference between the subnet and host bits and should help clear things up.
Practice Example #2A: 255.255.240.0 (/20)
255.255.240.0 gives us 12 bits of subnetting and leaves us 12 bits for host addressing.
Subnets? 212 = 4096.
Hosts? 212 – 2 = 4094.
Valid subnets? What is your interesting octet? 256 – 240 = 16. The subnets in the second
octet are a block size of 1 and the subnets in the third octet are 0, 16, 32, etc.
Valid hosts?
The following table shows some examples of the host ranges the first three subnets and the
last subnet:
Practice Example #3A: 255.255.255.192 (/26)
Let’s do one more example using the second, third, and fourth octets for subnetting:
Subnets? 218 = 262,144.
Hosts? 26 – 2 = 62.
Valid subnets? In the second and third octet, the block size is 1, and in the fourth octet, the
block size is 64.
Valid hosts?

Cell: 0966554000 / 0979554000
The following table shows the first four subnets and their valid hosts and broadcast addresses
in the Class A 255.255.255.192 mask:

Cell: 0966554000 / 0979554000
Chapter Three: Configuring a Cisco Routers
Introduction
This chapter explains how to configure Cisco router step by step.
By default two different IP networks cannot communicate with each other. They need a
mediator device that exchanges their packets. The device behind this task is a router. By the
way what is a Router? A router is a device that switches data packets between two different
networks e.g. Getting a packets from network 192.168.10.0/25 to 192.168.10.128/25 as we
saw on the first subnet on the class C addresses we subnetted in class as shown below:-
In this chapter, we will be using Cisco Routers. Cisco Routers just like any other router or
layer three device link two different networks successfully by taking packets from one
network and delivering them to another network. This process is called routing. Cisco router
configuration commands can be simulated in the packet tracer software as though one is
seated on a router console or screen. As a student of LANMAN Design and Administration 1,
you will find the packet tracer software so useful and cost saving as it will be able to provide
you a platform similar to a real Cisco Router (very expensive device) . In this hand out, I will
try to explain the common configurations you will find yourself working with in a cisco
network platform.
To acquire the skills to pass the exam and manage to work in the industry, we need to
perform a number of labs (practicals) for us to grasp the whole process of configuring Cisco
routers. We need to know that, before a router is used on a network unlike most switches that
are plug and play, it requires some initial configurations before it can start routing. In this
article we will explain these configurations.
We will be using Packet Tracer network simulator software for all our demonstrations. Please
ensure that you have this software installed on your computer. Be informed that, beside the
Packet Tracer software, you can also use any other network simulator software such as

Cell: 0966554000 / 0979554000
Boson, GNS or even better if you can afford, use a real Cisco device. No matter what option
you choose, till this uses Cisco IOS output will be same.
Create a network topology as illustrate in following figure:
I have created this topology to give you a better overview of commands. You can use a single
router if you are unable to replicate this topology in packet tracer. However, two routers, two
switches and two hubs have been used here for learning purposes. Using this diagram we will
need to identify the number of collision domains we have and also count the number of
broadcast domains we have so us to understand the way the devices we have in our network
work. This will help us understand what kind of network we have and the background kind of
protocols and communication taking place.
Starting from where we left after the introduction of the command line, we learnt that Cisco
IOS supports various command modes, among those following these are the main command
modes you will find yourself working with:
User EXEC Mode
Privileged EXEC Mode
Global Configuration Mode
Interface Configuration Mode
Sub Interface Configuration Mode

Cell: 0966554000 / 0979554000
Note: I have deliberately left the Setup Mode and ROM Monitor Mode.
The following points are very important to have in mind when you are working with the
command line:
1. IOS commands are not case sensitive; you can enter them in uppercase, lowercase, or
mixed case.
2. Password is case sensitive. Make sure you type it in correct case.
3. In any mode, you can obtain a list of commands available on that mode by entering a
question mark (?).
4. Standard order of accessing mode is:
User Exec mode => Privileged Exec mode => Global Configuration mode =>
Interface Configuration mode => Sub Interface Configuration mode
5. Router will enter in setup mode only if it fails to load a valid running configuration.
6. Router will enter in ROMMON mode only if it fails to load a valid IOS image file.
7. You can manually enter in ROMMON mode for diagnostics purpose
The Command line
Let us do some commands now so that we get to understand the command line.
We know that by default a router boots into user EXEC mode. The router would show a
greater than sign at the end of its name as follows:
Router>
To move to the privileged EXEC mode we need to enter the following command:
Router>enable
After typing the word enable, hit the Enter (Return) key. The router will immediately change
into privileged EXEC mode and show the following sign:
Router#
Cell: 0966554000 / 0979554000
To start configuring our router, we will use the Configure Terminal or config term or conf t
the router will understand and know that you want to use the configure terminal in all
instances. Type the command as follows:
Router#conf t
Upon hitting the enter key, the router will display the following output to show you that it has
gone into global configuration EXEC mode:
Router(config)#
This is how you move from one mode to another. At times you may be required to move back
and forth between modes just as it was explained in the introduction to the Cisco command
line lecture. To move from the global configuration EXEC mode you use the exit
(Router(config)#exit) command while moving from priviledge EXEC command to user
EXEC mode we use the disable (Router#disable) command. At times you may find yourself
or someone using the end and exit commands. However, let me make it clear that the end
command is only used to move from any higher level mode (global configuration and specific
interfaces such as interface and subinterface) above the priviledged EXEC mode back to the
privileged mode at once while the exit command is used to move from specific modes to the
global EXEC configuration mode and finally the privileged mode one step at a time.
Common configurations done on a router

In this section we will practice several commands that will help us configure Cisco routers
and also be able to understand and interpret questions in the examination.
1. Changing the Router Default name

By default Router name is configured on routers. We can configure any desired name on a
router. The hostname command is the one used to change the name of router to any name that
you want to give the router. For example, the following command will change the router’s
name to LusakaR from its name Router.
By the way the hostname command is executed in the global configuration mode. Hence this
is how the command should be typed:
Router(config)#hostname LusakaR
2. Securing console port

A router is a critical device of network. It supports multiple lines of connection. We need to
secure each line [port].
Router(config)#line console 0
Router(config-line)#password 1234
Router(config-line)#login
Router(config-line)#exit

Cell: 0966554000 / 0979554000
Router(config)#exit
Router#exit
3. Secure auxiliary port

Auxiliary port provides remote access to router. You can attach a modem in this port. Not all
devices support this port. If your router supports this port use the following commands to
secure it.
Router(config)#line aux 0
Router(config-line)#password AUXCNN
4. Enable telnet access on cisco router

Depending on the model number and IOS software version, the router may support a number
of VTY (Virtual Teletype) connections range from 5 to 1000. VTY is the standard name for
telnet and SSH connection. By default only first five VTYs connections are enabled. But you
cannot connect them. When you try to connect them remotely you will get following message
This message indicates that password is not set on VTY lines. Password is required to
connect VTYs. Following commands set password to TELCNN on VTYs line.
Router(config)#line vty 0 4
Router(config-line)#password TELCNN

Cell: 0966554000 / 0979554000
In the example above we set password on all five lines collectively but you can do this
separately if you need different passwords for different lines. Steps will be same.
line vty [line number] command will move into that specific line.
password [password] command will assign the desired password.
login command will enable that line to accept the connection.
5. Secure privilege exec mode with password

Along with access lines we can also secure privilege exec mode with password. We have two
commands to configure the password.
Switch(config)# enable password Privilege_EXEC_password
Switch(config)# enable secret Privilege_EXEC_password
Both commands will set the password on privilege exec mode. Difference between these
commands is the method of password storage. Enable password command will store
password in plain text while enable secret command will store password in encryption
format.
6. Login banner
We can configure two types of banner on routers; MOTD banner and Exec banner.
banner exec command is not available in packet tracer. You can practice with banner motd
command. Both commands work in same manner. Only the difference between these
commands is the place of display. MOTD (Message Of The Day) banner will display before
the login. An EXEC banner will display after the authentication process and before the exec
mode.
Router(config)#banner motd & ########## This Router is managed by Chuunga #######
Enter TEXT message. End with the character ‘&’.
************** Chuunga enter your password before you login ************** &
Router(config)#

Cell: 0966554000 / 0979554000
Both commands use delimiting character to specify the starting and ending of message. It
means command parser will terminate the message on delimiting character instead of the
Enter key. This feature allows us to span the message in multiple lines.
7. Configure clock time zone

Router allows us to localize the time zone. Following command will set time zone to +2 hour
of UTC [Universal Time Coordinated] (This is the Zambian time zone).
Router(config)#clock timezone UTC 02
8. Assign hostname to IP Address

Hostname are easy to remember. We can use host name instead of their IP address while
connecting with remote address. Router resolves IP address to hostname in two ways: static
and dynamic.
In static method we have to assign hostname to IP address.
In dynamic method we have to configure an external DNS server and need to configure its IP
address on router. Show hosts command will display the currently configured hosts with their
IP addresses. Following commands illustrate an example of static entry for hostname.
Router(config)#ip host LusakaR 10.125.44.2
Router(config)#exit
9. Disable automatic domain lookup

By default routers are configured to resolve every word that is not a command. It will first
look in static DNS table for an entry. If it fails to find an entry in static DNS table, it will try
with DNS server at address 255.255.255.255. If you are not going to use DNS server or
hostname facility, it is better to turn this off. It will save your time because every incorrectly
typed command will cost you a wait of minute or two.
no ip domain-lookup command is used to disable this feature.
LusakaR#showw = incorrect typed command
Translating "showw"...domain server (255.255.255.255)
Because of the wrong spelling the router, starts translating the name into an IP address
however, due to non-availability of the DNS server on the network, the translation takes long
and fails which is frustrating and wastes time. Hence the no ip domain-lookup command is
used to disable this feature. This is how you use it?
LusakaR(config)#no ip domain-lookup
After configuring this command, the next time you make a mistake by typing a wrong
command the following output will show and not the frustrating one.
LusakaR#showw

Cell: 0966554000 / 0979554000
Translating "showw" = incorrect typed command
% Unknown command or computer name, or unable to find computer address = No DNS

lookup
10. Enable logging synchronous

Whenever IOS has any kind of notification, it will display that on command prompt. It fines
until prompt is free. What if you are typing a command and notification line appears in the
middle of the command? This is really annoying. Luckily we can stop this behavior. logging
synchronous command will enable synchronization at command prompt.
LusakaR(config)#line console 0
LusakaR(Config-line)#logging synchronous
LusakaR(Config-line)exit
LusakaR(config)#
After this if IOS has anything to display it will move prompt and your typed command in
next line. Notification will not insert in the middle of command. If you continue typing, the
command will execute properly, even though it looks wrong at prompt.
11. Disable auto logout from console line

Cisco IOS has a great security feature to secure the console line. It automatically logs out
ideal connection in 10 minutes. You can disable this feature in lab environment. Exec-
timeout 0 0 command will disable this.
LusakaR(config)#line console 0
LusakaR(Config-line)#exec-timeout 0 0
LusakaR(Config-line)exit
LusakaR(config)#
Never use this command in real world. It could create security risk to your network.
12. Configure serial interface in router

Serial interface is used to connect wan network. Following command will configure serial
0/0/0 interface.
Router(config)#interface serial 0/0/0
Router(config-if)#description Connected to bhilwara
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router(config-if)#clock rate 64000
Router(config-if)#bandwidth 64

Cell: 0966554000 / 0979554000
Router(config-if)#no shutdown
Serial cable is used to connect serial interfaces. One end of serial cable is DCE while other
end is DTE. You only need to provide clock rate and bandwidth in DCE side.
13. Configure FastEthernet Interface in router

Usually FastEthernet connects local network with router. Following commands will
configure FastEhternet 0/0 interface.
Router(config)#interface fastethernet 0/0
Router(config-if)#description Development department
Router(config-if)#no shutdown
14. Disable router interface

By default all interfaces are administratively down (off) on start-up. We should also follow
this rule. For security reason, we should always disable unused interface on router. Shutdown
command is used to disable the interface.
Router(config)#interface fastEthernet 0/0
Router(config)#shutdown

Cell: 0966554000 / 0979554000
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to administratively down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to

down
Router(config-if)#exit
Router(config)#
15. Saving running configuration in cisco router

Router keeps configuration in RAM. All settings that we have made in this article will erase
once the router reboot. To preserve this configuration after reboot we must have to save this.
Following command will save running configuration in NVRAM.
Router#copy running-config startup-config
Destination filename [startup-config]
Building configuration…
[OK]
Router#
16. Erasing configuration in cisco router

We have done our practice now make it available for next round of practice. As we know that
routers load configuration file from NVRAM in startup. At the end of startup it takes
configuration file from NVRAM and parse it RAM. We need to erase this configuration file
from NVRAM to remove configuration. Following command will delete configuration file
from NVRAM.
LusakaR#erase startup-config
Erasing the nvram filesystem will remove all configuration files! Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
LusakaR#reload
Proceed with reload? [confirm]
System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fc1)
Copyright (c) 2000 by cisco Systems, Inc.

Cell: 0966554000 / 0979554000
PT 1001 (PTSC2005) processor (revision 0x200) with 60416K/5120K bytes of memory
Self decompressing the image :
##########################################################################
[OK]
Restricted Rights Legend
Use, duplication, or disclosure by the Government is
subject to restrictions as set forth in subparagraph
(c) of the Commercial Computer Software - Restricted
Rights clause at FAR sec. 52.227-19 and subparagraph
(c) (1) (ii) of the Rights in Technical Data and Computer
Software clause at DFARS sec. 252.227-7013.
cisco Systems, Inc.
170 West Tasman Drive
San Jose, California 95134-1706
Cisco Internetwork Operating System Software
IOS (tm) PT1000 Software (PT1000-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2005 by cisco Systems, Inc.
Compiled Wed 27-Apr-04 19:01 by miwang
PT 1001 (PTSC2005) processor (revision 0x200) with 60416K/5120K bytes of memory
Processor board ID PT0123 (0123)
PT2005 processor: part number 0, mask 01
Bridging software.
X.25 software, Version 3.0.0.
4 FastEthernet/IEEE 802.3 interface(s)
2 Low-speed serial(sync/async) network interface(s)

Cell: 0966554000 / 0979554000
32K bytes of non-volatile configuration memory.
63488K bytes of ATA CompactFlash (Read/Write)
--- System Configuration Dialog ---
Continue with configuration dialog? [yes/no]:
[End of output]
The reload command halts the system. If the system is set to restart on error, it reboots itself.
Use the reload command after configuration information is entered into a file and saved to the
startup configuration.
You cannot reload from a virtual terminal if the system is not set up for automatic booting.
This restriction prevents the system from using an image stored in the ROM monitor and
taking the system out of the remote user's control.
If you modify your configuration file, the system prompts you to save the configuration.
During a save operation, the system prompts whether you want to proceed with the save if the
CONFIG_FILE variable points to a startup configuration file that no longer exists. If you
respond "yes" in this situation, the system enters setup mode upon reload.
Routing Protocols Configuration
It is time now to turn our focus toward the core topic of the ubiquitous IP routing process.
This is the reason why we are learning LANMAN Design and Administration 1. It is integral
to networking because it pertains to all routers and configurations that use it, which is easily
the lion’s share. IP routing is basically the process of moving packets from one network to
another network using routers. And by routers I mean Cisco routers, of course! However, the
terms router and layer 3 device are interchangeable, and throughout this article when I use the
term router, I am referring to any layer 3 device.
Before jumping into the main arena of configurations, I want to make sure you understand the
difference between a routing protocol and a routed protocol. Routers use routing protocols to
dynamically find all networks within the greater internetwork and to ensure that all routers
have the same routing table. Routing protocols are also employed to determine the best path a
packet should take through an internetwork to get to its destination most efficiently. RIP,
RIPv2, EIGRP, and OSPF are great examples of the most common routing protocols.
Once all routers know about all networks, a routed protocol can be used to send user data
(packets) through the established enterprise. Routed protocols are assigned to an interface and
determine the method of packet delivery. Examples of routed protocols are IP and IPv6.
Routing Information Protocol (RIP)

Routing Information Protocol (RIP) is a true distance-vector routing protocol. RIP sends the
complete routing table out of all active interfaces every 30 seconds. It relies on hop count to
determine the best way to a remote network, but it has a maximum allowable hop count of 15

Cell: 0966554000 / 0979554000
by default, so a destination of 16 would be considered unreachable. RIP works okay in very
small networks, but it’s super inefficient on large networks with slow WAN links or on
networks with a large number of routers installed and completely useless on networks that
have links with variable bandwidths!
RIP version 1 uses only classful routing, which means that all devices in the network must
use the same subnet mask. This is because RIP version 1 does not send updates with subnet
mask information in tow. RIP version 2 provides something called prefix routing and does
send subnet mask information with its route updates. This is called classless routing. You
will rarely see RIPv1 used in today’s networks, and it is not considered in any CCENT and
CCNA exam objective by Cisco nowadays. Even RIPv2 does not get much attention in the
objectives. So why am I even telling you about them? We are going to talk about them here
for learning purposes. This is because it helps me explain routing protocols a little better
before we get into the much more advanced, and very much focused upon, OSPF protocol.
So, with that let’s configure our current network with RIPv2, before we move onto OSPF in
the next section.
To configure RIP routing, just turn on the protocol with the router rip command and tell the
RIP routing protocol the networks to advertise. Remember that with static routing, we always
configured remote networks and never typed a route to our directly connected networks?
Well, dynamic routing is carried out the complete opposite way. You would never type a
remote network under your routing protocol only enter your directly connected networks!
Here is how you do it on each connected router to the network:-
Routing Information Protocol (RIP) configuration in the command line

We will connect two networks of 192.168.10.0/25
Step 1: Enter privileged EXEC mode:
Router>enable <password> You will only need a password if you configured one
Step 2: Enter the configure terminal command to enter global configuration mode.
e.g. Router#config terminal
Step 3: Enter the router rip command
e.g. Router(config)#router rip
Step 4: Add the network number to use RIP and repeat this step for all the numbers.
Router(config-router)#network network-number
Example: Router(config-router)#network 192.168.10.0
Step 5 Configure the version of the RIP protocol you need to use on your router.
Corp(config-router)#version 2

Cell: 0966554000 / 0979554000
Note: To turn off RIP, use the no router rip command.
Router(config)#no router rip
Other useful commands
Specify a RIP Version
By default, the software receives RIP version 1 and version 2 packets, but sends only version
1 packets. To control which RIP version an interface sends, use one of the following
commands in interface configuration mode:
Open Shortest Path First (OSPF)

Open Shortest Path First (OSPF) is by far the most popular and important routing protocol in
use today. Open Shortest Path First is an open standard routing protocol that’s been
implemented by a wide variety of network vendors, including Cisco. And it’s that open
standard characteristic that’s the key to OSPF’s flexibility and popularity.
Most people opt for OSPF, which works by using the Dijkstra algorithm to initially construct
a shortest path tree and follows that by populating the routing table with the resulting best
paths. EIGRP’s convergence time may be blindingly fast, but OSPF is not that far behind,
and its quick convergence is another reason it’s a favourite. Another two great advantages
OSPF offers are that it supports multiple, equal-cost routes to the same destination, and like
EIGRP, it also supports both IP and IPv6 routed protocols. Here’s a list that summarizes
some of OSPF’s best features:
1. Allows for the creation of areas and autonomous systems

2. Minimizes routing update traffic
3. Is highly flexible, versatile, and scalable
4. Supports VLSM/CIDR
5. Offers an unlimited hop count
6. Is open standard and supports multi-vendor deployment
Because OSPF is the first link-state routing protocol that most people run into, it is a good
idea to size it up against more traditional distance-vector protocols like RIPv2 and RIPv1.

Cell: 0966554000 / 0979554000
Configuring OSPF from the command line interface
Configuring basic OSPF is not as simple as configuring RIP and EIGRP, and it can get really
complex once the many options that are allowed within OSPF are factored in. But that’s okay
because you really only need to focus on basic, single-area OSPF configuration at this point.
Coming up, I will show you how to configure single-area OSPF. The two factors that are
foundational to OSPF configuration are enabling OSPF and configuring OSPF areas.
Step 1: Enter privileged EXEC mode:
Router>enable <password> You will only need a password if you configured one
Step 2: Enter the configure terminal command to enter global configuration mode.
Router#config terminal
Step 3: Enter the router ospf command and follow by the process-id.
Router(config)#router ospf process-id
Pick the process-id which is not being used. To determine what ids are being used, issue the
show process command.
Router(config)#show process
Step 4: Add the network number, mask and area-id
Router(config-router)#network network-number mask area area-id
The network-number identifies the network using OSPF. The mask tells which bits to use
from the network-number, and the area-id is used for determining areas in an OSPF
configuration.
Example:
Router(config-router)#network 192.168.10.0 255.255.255.0 area 0.0.0.0
Repeat this step for all the network numbers.
To turn off OSPF, use the following command.
Router(config)#no router ospf process-id
Note: OSPF is a very dynamic and complex routing protocol. You need to read extensively
on it for you to be able to understand its operations and configuration. My example here is
just to show you how to enable OSPF on your router and also how to turn it off. Enough!
Otherwise, I will need to produce volumes of pages.

Cell: 0966554000 / 0979554000
Chapter 4 Questions and Answers
Introduction
This chapter is aimed at showing you how to approach the exam. Believe me, studying for an
examination that you are not sure of especially how questions come is a tedious undertaking.
My job is to lessen your burden and give you some questions while providing answers so that
you learn how to go about the LANMAN Design and Administration 1 examination. I love
computer networking and I love you all for being in the computer networking class.
Questions and Answers
1) Give two reasons why it is not ideal to use VLAN1 as the management VLAN (3 Marks)
i) It is on by default which poses a threat as hackers can use it to break the network.
ii) All ports of a switch are on and assigned to VLAN1 one by defaults a second
threat. This means anyone who connects has privileges to manage the switch.
iii) VLAN 1 is also used for other things like DTP, VTP and CDP frames and also
BPDU’s. Using VLAN 1 as a management VLAN is a bad idea – unless all access
ports are removed from it of course.
2) Give two differences between UDP and TCP (4 Marks)
(i) TCP is a connection oriented protocol while UDP is a connectionless oriented
protocol.
(ii) TCP provides error detection and correction while UDP only provides error
detection without correction.
(iii) UDP is faster than TCP
(iv) TCP guarantees reliable delivery of data while UDP does not offer reliability at
all.
3) Briefly explain Vlan and a trunk ports (4 Marks)
A virtual LAN (VLAN) is any broadcast domain that is partitioned and isolated in a
computer network at the data link layer (OSI layer 2). LAN is an abbreviation for local
area network. Since VLANs share bandwidth, a VLAN trunk can use link aggregation,
quality-of-service prioritization, or both to route data efficiently. VLANs allow network
administrators to group hosts together even if the hosts are not on the same network
switch. This can greatly simplify network design and deployment, because VLAN
membership can be configured through software. Without VLANs, grouping hosts
according to their resource needs necessitates the labour of relocating nodes or rewiring
data links.
A trunk port is a port that is assigned to carry traffic for all the VLANs that are accessible
by a specific switch, a process known as trunking. Trunk ports mark frames with unique
identifying tags – either 802.1Q tags or Interswitch Link (ISL) tags – as they move
between switches. Therefore, every single frame can be directed to its designated VLAN.
An Ethernet interface can either function as a trunk port or as an access port, but not both

Cell: 0966554000 / 0979554000
at the same time. A trunk port is capable of having more than one VLAN set up on the
interface. As a result, it is able to carry traffic for numerous VLANs at the same time.
4) Briefly explain IP addressing and subnetting (4 Marks)
IP addressing is the use of 32 bit dotted decimal numbers divided into four octets at the
network layer for device identification on a network. An Internet Protocol address (IP
address) is a numerical label of 32 bits assigned to each device (e.g., computer, printer)
participating in a computer network that uses the Internet Protocol for communication.
An IP address serves two principal functions: host or network interface identification and
location addressing.
A subnetwork or subnet is a logical subdivision of an IP network. The practice of dividing

a network into two or more networks is called subnetting. Computers that belong to a
subnet are addressed with a common, identical, most-significant bit-group in their IP
address. This results in the logical division of an IP address into two fields, a network or
routing prefix and the "rest" field or host identifier. The rest field is an identifier for a
specific host or network interface.
5) Briefly explain crossover and straight-through connections (4 Marks)
A crossover cable is a type of Ethernet cable used to connect computing devices together
directly. It is most often used to connect two devices of the same type: e.g. two computers
(via network interface controller) or two switches to each other. By contrast, patch cables
or straight through cables are used to connect devices of different types, such as a
computer to a network switch or hub.
6) Identify the network address for each of the following (6 Marks)

a) 116.27.123.32 255.255.0.0
b) 168.174.9.63 255.255.128.0
c) 147.125.177.12 255.255.255.0
Calculations
Question A of 6
116.27.123.32 255.255.0.0
The first thing you must be doing before doing your subnetting is to determine the class
of the IP address in question so that you know whether the subnet mask has been
modified or not. Here we go:
Class Range of first octect Bits if you need to use bits to identify
A 1 - 126 0
B 128 - 191 10
C 192 - 223 110

Cell: 0966554000 / 0979554000
Looking at the first octet, we find the number 116 which falls in the range of 1 – 126.
This makes our IP address 116.27.123.32 a Class A IP address. Hence, we know that the
Class A default subnet mask is 255.0.0.0 or 11111111.00000000.00000000.00000000.
However, the question shows a subnet mask of 255.255.0.0. This means that the subnet
mask has been modified a process we call subnetting. How many bits were modified to
make a change from 255.0.0.0 to 255.255.0.0? The answer is simple. It is the entire
second octet of 8 bits. There are eight bits that were borrowed from the network ID and
put on the host ID. Our task is to identify the network address of the IP address
116.27.123.32. We use this formula 256 – subnet mask change = block size.
Here we go.
256 - 255 = 1
This means that our second network is 1 and our first network is 0. Therefore, the second
octet will be changing the sequence from 0 to one up to 255 which is the last network.
Our IP address has a 27 on the second octet which means we arrived at it by following 0,
1, 2, 3, 4, 5 ……………., 27. Hence, this makes 116.27.123.32 an IP address in the 26th
network of the second octet of 27. Therefore if we AND 116.27.123.32 to the subnet
mask, we will get the network address. Here we go with ANDing!
IP Address 01110100 00011011 01111011 00100000

Subnet Mask 11111111 11111111 00000000 00000000
ANDed result 01110100 00011011 00000000 00000000
Network Address 116 27 0 0
Answer: the network address is 116.27.0.0
In the next two questions I will be fast by eliminating some procedures since I have already
shown you how the whole process is.
Question B of 6
b) 168.174.9.63 255.255.128.0
168 the first octet of the IP address is in between 128 to 191 which is a Class B IP address.
The default Class B subnet mask is 255.255.0.0 however the question has 255.255.128.0
This shows that the subnet mask has been modified or subnetted in the third octet.
The modification shows 128 which is equal to 10000000 is binary.
Hence we use this formula: 256 – 128 = 128
We know that this 128 is the second network and that 0 is the first network.

Cell: 0966554000 / 0979554000
Therefore any IP address with the third octet in the range of 0 to 127 will be in the first
network and any IP address with a number in the range of 128 to 255 will be in the second
network. Let us do the ANDing and see what network address we will have.
IP Address 10101000 10101110 00001001 00111111

Subnet Mask 11111111 11111111 10000000 00000000
ANDed result 10101000 10101110 00000000 00000000
Question C of 6
c) 147.125.177.12 255.255.255.0
Therefore any IP address with the third octet with 0 will be in the first network, with 1 will be
in the second network, with 2 will be in the third network up to the 177th network or 255th the
last network. Let us do the ANDing and see what network address we will have.
IP Address 10010011 01111101 10110001 00001100

Subnet Mask 11111111 11111111 11111111 00000000
ANDed result 10010011 01111101 10110001 00000000
7) Give the two basic functions of the following layers in the OSI model (6 Marks).
(i) Transport layer
(ii) Network layer
(iii) Data link layer
i) Transport layer
a) It controls the flow of data.
b) It ensures that message is delivered error free.
c) It divides large message into small packets for efficient transmission. These
packets are reassembled, checked for error and acknowledged at receiving side.
If there are errors in transmission, the data is retransmitted.

Cell: 0966554000 / 0979554000
ii) Network layer
a) It controls the operation of the subnet which are identifying parts of the
network.
b) It decides how the data will be sent to the recipient device.
c) It defines end-to-end delivery of packets and defines logical addressing to
accomplish this.
d) It also defines how routing works and how routes are learned and how to
fragment a packet into smaller packets to accommodate media with smaller
maximum transmission unit sizes.
iii) Data link layer

a) It provides the physical transmission of the data and handles error notification,
network topology, and flow control.
b) It formats the message into pieces, each called a data frame, and adds a
customized header containing the hardware destination and source address.
c) It adds the source and destination physical addresses (MAC addresses) to the
packet during encapsulation and makes it become a frame.
8) Write short notes on the following (12 Marks)

i) VTP
ii) NAT
iii) DHCP
iv) DNS
VTP: VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that propagates the
definition of Virtual Local Area Networks (VLAN) on the whole local area network.
To do this, VTP carries VLAN information to all the switches in a VTP domain.
NAT: Network Address Translation (NAT) is a method of remapping one IP address space
into another by modifying network address information in Internet Protocol (IP)
datagram packet headers while they are in transit across a traffic routing device.
DHCP: Dynamic Host Configuration Protocol (DHCP) is a client/server protocol that

automatically provides an Internet Protocol (IP) host with an IP address and other
related configuration information such as the subnet mask, DNS and default gateway.
DNS: The Domain Name System (DNS) is a hierarchical decentralized naming system for
computers, services, or any resource connected to the Internet or a private network. It
associates IP addresses and various other information with domain names assigned to
each of the participating entities. The exhibit below shows a ping request I performed
to www.google.com this morning when I was trying to troubleshoot why the Google
search engine and site was slow. I conducted a ping query on my computer’s
command prompt - check line 3 of the exhibit.

Cell: 0966554000 / 0979554000
Now get me right, my interest here is not how the ping behaves or how to use it no. My
interest is in line 4 where it is indicating: Pinging www.google.com [216.58.198.36] with 32
bytes of data:
What I typed in the command prompt is www.google.com but the computer brought out an IP
address of the Google website 216.58.198.36 as well. What happened was that the computer
understands numbers very well while myself I understand names. It is easier for me to
remember www.google.com than the IP address 216.58.198.36. Therefore I used
www.google.com to get to Google website. When the computer received the
www.google.com domain name for Google, it did not know where to go and hence it
contacted the DNS server which resolved the www.google.com domain name into the
associated IP address of 216.58.198.36 which the computer used to contact the Google
server.
9) Figure 1 displays a simple one-router network with two Ethernet LAN interfaces
connecting users on subnet 131.108.1.0/24 to the 131.108.2.0/24.
Figure 1: Physical topology

Cell: 0966554000 / 0979554000
Figure 2 displays the working configuration file on R1 numbered from line 1 to 25
Figure 2: R1’s full configuration.
a) There are a number of configured commands. What will display the Ethernet statistics
Ethernet interface labelled Ethernet 0/1(2 Marks)
Answer: show interface Ethernet 0/1
b) What commands were entered to configure the ip address on the interface shown in figure
2 above?(4 Marks)
Answer: Router>enable
Router#config terminal
Router(config)#interface Ethernet0/0
Router(config-if)#interface Ethernet0/1
Router(config-if)#exit
Router(config)#exit
Router#
c) What is the password of Router 1 that enables the network administrator to make
configuration changes? (2 Marks)
Answer: The password is $1$TBUVSod27CrEfa4UVICBtwvqo1/

Cell: 0966554000 / 0979554000
d) What is the VTY password required for Telnet clients logging into R1 (2 marks)
Answer: cisco
e) What does access list 1 accomplish in line 12? (4 Marks)
Answer: It permits traffic to enter the router from 131.108.0.0 255.255.0.0 network.
f) What Global IOS command would encrypt all passwords configured in Figure 2? (2
Marks)
Answer: service password-encryption
10) Given 172.16.12.20 255.255.255.0 Find the following. Show your steps.
a) Network Address (2 Marks)
b) Valid Host Address Range (2 Marks)
c) Broadcast Address (2 Marks)
a) Network Address of 172.16.12.20 and Subnet mask 255.255.255.0
Check the class of the IP address first.
Therefore any IP address with the third octet with 0 will be in the first network, with 1 will be
in the second network, with 2 will be in the third network up to the 12th network or 255th the
last network. Let us do the ANDing and see what network address we will have.
IP Address 10101100 00010000 00001100 00010100

Subnet Mask 11111111 11111111 11111111 00000000
ANDed result 10101100 00010000 00001100 00000000

Cell: 0966554000 / 0979554000
b) Valid Host Address Range
To determine the host range, we need to use this formula
256 - subnet mask = block size
The subnet mask is 255.255.255.0
256 – 255 = 1
The second network is 1 and the first network is 0
The IP addresses will be like this
172.16.0.0 ends at 172.16.0.255
172.16.1.0 ends at 172.16.1.255
172.16.2.0 ends at 172.16.2.255
172.16.3.0 ends at 172.16.3.255
Continued up to
172.16.12.0 ends at 172.16.12.255
Hence the valid host range after removing 172.16.12.0 the network address and
172.16.12.255 the broadcast address the valid range is 172.16.12.1 to 172.16.12.254.
Answer: Valid host range 172.16.12.1 to 172.16.12.254
c) Broadcast Address
The broadcast address is the last address in the range of
172.16.12.0 to 172.16.12.255 hence
Answer: the Broadcast Address is 172.16.12.255
11) Using a subnet mask of 255.255.255.192. Find the following for 172.16.12.20
a) Network Address (4 Marks)
b) Valid Host Range (4 Marks)
c) Broadcast Address (4 Marks)
d) Network Address
172.16.12.20 is a class B IP Address as 172 falls in the range 128 to 191
255.255.255.192 is a modified class B subnet mask as the default is 255.255.255.0
Let us AND the IP address to subnet mask
IP Address 10101100 00010000 00001100 00010100

Subnet Mask 11111111 11111111 11111111 11000000
ANDed result 10101100 00010000 00001100 00000000
e) Valid host range for subnet (4 marks)
Valid hosts we use 256 – 192 = 64

Cell: 0966554000 / 0979554000
We know that 64 is in the second network and 0 is the first network.
Therefore the last octet of the IP address 172.16.12.20 since subnetting took place in
the last octet is below 64 making it fall under network one.
The range of network one 0 to 63 since the number just before the second network
(64) is 63. The valid host range in the group of 172.16.12.0 to 172.16.12.63 will be
172.16.12.1 to 172.16.12.62 after eliminating 172.16.12.0 and 172.16.12.63 the
network address and broadcast address respectively.
Answer: Valid host range 172.16.12.1 to 172.16.12.62
d) Broadcast Address
The broadcast address is the last address in the range of
172.16.12.0 to 172.16.12.63 hence
Answer: the Broadcast Address is 172.16.12.63
12) Figure 3 shows that the running-config command was executed on Nova router.

Cell: 0966554000 / 0979554000
a) If this is all the information that you have, what IOS do you expect will be loaded
when the user reloads Nova?
b) What commands were typed to configure the router as shown above? (6 Marks)
c) Draw the network topology showing how a packet from a workshop with IP address
134.141.2.204 will reach its destination to a workstation with IP address
134.141.12.65 (6 Marks)
Topology diagram created by: Kabutu Chuunga
10.

Cell: 0966554000 / 0979554000
With reference to the Figure 4 Vlans and sub-interfaces cli commands.
Answers to the questions.
a) Ten (10) collision domains.

Explanation:
Switches and Routers break collision domains per interface card while hubs do not.
Therefore each hub and its connected computers including the link line to the router
or switch is one collision domain while for a router and a switch, each interface card
that connects a device makes collision domain.
b) Two (2) Broadcast domains.

Explanation:
Broadcasts can only be blocked at the network layer and are only understood by
routers. Since it is the router that understands broadcasts, there are only two
connections to the router which subsequently form broadcast domains. Switch rea
layer 2 devices that do not understand IP addressing just like hubs which is are layer 1
device that do not understand the IP addressing scheme. For this reason, they cannot
block broadcasts and simply form one broadcast no matter how many they are in one
segment or subnet.
c) Four (4) ports.

Explanation:
Hubs do not support full duplex. Therefore any port that connects to a hub from a
switch or router is limited to half duplex and cannot work in full duplex mode.
Considering the diagram above, we just have to remove the hub with its computers on
each switch and then count the remaining connections. Hence, each switch will have
four (4) ports (three computers and one connection to the router) running full duplex.
d) Design and configure the VLAN Trunking Protocol (VTP) on this network to enable
PC1, PC4, PC12 and PC14 to be in VLAN 1 while others in VLAN 2. (10 Marks)
Answer:
Create the two VLANs (VLAN1 and VLAN2)
We also know that all PCs belong to VLAN 1 by default.
Sw1>enable
Sw1#configure terminal
Sw1(config)#vlan 1
Sw1(config-vlan)#name vlan1
Sw1(config-vlan)#vlan 2
Sw1(config-vlan)#exit
Sw1(config)#

Cell: 0966554000 / 0979554000
Since all PCs belong to VLAN1 by default, VLAN2 will have no computers. Hence
we must now assign PC2, PC3, PC5, PC11, PC13 and PC15 to VLAN2
Sw1(config)#interface fa0/0
Sw1(config-if)#switchport mode access
Sw1(config-if)#switchport access VLAN2
Now that our computers are in VLANS we need to enable inter VLAN routing on our
router.
R1(config)#int range f0/1-2

R1(config-if-range)#switchport trunk encapsulation dot1q
S1(config-if-range)#switchport mode trunk
e) On Sw1 show the commands step by step how you would create vlan20
Answer:
Sw1>enable
Sw1(config)#vlan 20
Sw1(config-vlan)#exit
Sw1(config)#

Cell: 0966554000 / 0979554000
f) On the same Sw1, show step by step how you would assign PC2 (interface) to vlan 20
Answer:
Sw1>enable
Sw1(config)#interface fa0/1 (The interface that connects to PC2 from Sw1)
Sw1(config-if)#switchport access vlan 20
Sw1(config-if)#exit
Sw1(config)#
g) On R1 show step by step how you would configure10.0.1.2.224 on FA0 for the
default vlan 1
The result should be like this VLAN 1 = 10.0.1.224
Answer:
R1>enable
R1#configure terminal
R1(config)#interface fa0/0
R1(config-if)#ip address 10.0.1.224 255.255.255.240
R1(config-if)# encapsulation dot1q 1
R1(config-if)#exit
R1(config)#
h) On the R1 show step by step how you would configure a sub-interface on FAO for
vlan 20
Answer:
R1>enable
R1#configure terminal
R1(config)#interface fa0/0
R1(config-if)#interface fa0/0.1
R1(config-if)# encapsulation dot1q 20
R1(config-if)#ip address 192.168.10.17 255.255.255.240
R1(config-if)#exit
Thank you so much for reaching this last page. I know it has not been easy and still many
more things are still confusing to you. Keep studying this book and post a comment on the
Facebook page of this book known as Computer Networks. Remember you have to first make
a friendly request to my Facebook account Kabutu Chuunga and then I will add you to the
networking page. On that page, we will make all confusing things simple. Again thank you!!

Cell: 0966554000 / 0979554000

Configuring A Cisco Router

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Configuring A Cisco Router

Încărcat de

Drepturi de autor:

Formate disponibile

Table of Contents

Table of Contents ................................................................................................................................. i

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page i

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page ii

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 1

Layers of the OSI reference model

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 2

All………………… Application layer

People……………… Presentation layer

Seem………………. Session layer

To………………….. Transport layer

Need……………….. Network layer

Data……………….. Data Link layer

Processing…………. Physical layer

Encapsulation and decapsulation process at the OSI reference model

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 3

Functions of the physical layer

The Datalink Layer

Devices working at this layer: Switch and bridge

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 4

Comparison of TCP and UDP

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 5

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 6

A session is an exchange of message between computers. It synchronizes user tasks.

The Application Layer

1. It provides services directly to user applications.

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 7

Networking Cables and Connectors

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 8

1000Base-SX (IEEE 802.3z) The implementation of 1 Gigabit Ethernet running over

1000Base-ZX (Cisco standard) 1000BaseZX, or 1000Base-ZX, is a Cisco specified standard

10GBase-T (802.3.an) 10GBase-T is a standard proposed by the IEEE 802.3an committee to

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 9

 Host to switch or hub

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 10

Connectors and the Climping tool

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 11

Here is a further illustration.

T-568B------------------------------------T-568B Straight-through cable

T-568B------------------------------------T-568A Crossover cable

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 12

Networking at Layer 1 and Layer 2

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 13

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 14

Switches (Layer 2 Devices)

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 15

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 16

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 17

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 18

Let us configure three vlans called Sales, Marketing and Accounting.

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 19

Assigning Switch Ports to VLANs

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 20

S3#sh int fa0/3 switchport

Configuring Trunk Ports

Switch1(config-if-range)#do sh int f0/15 swi

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 21

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 22

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 23

 Begins with 10. (i.e. 10.0.0.0 through 10.255.255.255)

Prepared by Kabutu Chuunga Email: chuungatech@gmail.com Page 24

Class IP Address Default Subnet Mask

Identifying a class of an IP address