Simplest Book On Ccna

1
Router Configuration
1. The commands 'configure terminal', 'configure memory', and 'copy tftp

running-config' all load configuration information into_____?
RAM. Most of the configuration commands deal with moving information into
and out from RAM.
2. The commands 'copy running-config tftp' and 'copy running-config

startup-config' store the currently running configuration from RAM
to_____and_____, respectively.
A network tftp server and NVRAM, respectively.
3. What do the prompts for 'User EXEC' mode, 'Privileged EXEC' mode,
and 'Global configuration' mode look like?
'User EXEC' mode: Router>
'Privileged EXEC' mode: Router#
(used for copying and managing entire configuration files)
"Global configuration' mode: Router(config)#
used for one-line commands and commands that change the entire
router (affect the system as a whole). Use the privileged EXEC
command "configure" to enter global configuration mode. When
you enter this command, the EXEC prompts for the source of the
configuration commands. You can then specify the terminal,

2
NVRAM, or a file stored on a network server as the source.
Specific Configuration Modes:
Interfaces Router(config-if)#
Subinterfaces Router(config-subif)#
Controller Router(config-controller)#
Map-list Router(config-map-list)#
Map-class Router(config-map-class)#
Line Router(config-line)#
Router Router(config-router)#
IPX-router Router(config-ipx-router)#
Route-map Router(config-route-map)#
If you type "exit" the router will back out one level, pressing "Control-Z"
leaves configuration mode completely and returns to privileged EXEC
mode.
4. When configuring routers with Release 11.x methods, once you have typed
'show running-config' and displayed a desired configuration, what
commands do you use to save changes to backup?
Use 'copy running-config startup-config' and 'copy running-config tftp'.
5. What are two basic tasks when first configuring a router?
(1) Password configuration and (2) naming the router (router identification
configuration).
The router provides a "host name", "a banner", and "interface

descriptions" to aid in identification.
Configuration command summary:
 "configure terminal" - Configure manually from the console

terminal.
 "configure memory" - Load configuration information from

NVRAM to RAM.
3
 "copy tftp running-config" - Load configuration information from a

network TFTP server to RAM.
 "copy running-config startup config" - Store the current

configuration in RAM into NVRAM.
 "copy running-config tftp" - Store the current configuration in

RAM on a network TFTP server.
 show startup-config" - Display the saved configuration, which is the

contents of NVRAM.
 "erase startup-config" - Erase the contents of NVRAM.
You can use the "copy running-config tftp" command to store the current
configuration in RAM on a network TFTP server. To do so, complete the
following tasks:
1. Enter the 'copy running-config tftp' command.
2. Enter the IP address of the host you want to store the configuration
file.
3. Enter the name you would like to assign to the configuration file.
4. Confirm your choices by answering "Yes".
These commands manage the contents of NVRAM:
 "configure memory" - Load configuration information from

NVRAM to RAM.
 "erase startup-config" - Erase the contents of NVRAM.
 "copy running-config startup-config" - Store the current

configuration in RAM (the running configuration) into NVRAM (as
the startup configuration).
 "show startup-config" - Display the saved configuration, which is

the contents of NVRAM.
IP Routing Protocol Mode:
Router(config)# router?
4
bgp Border Gateway Protocol (EGP)
egp Enterior Gateway Protocol (EGP)
eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)
igrp Interior Gateway Routing Protocol (IGRP)
isis ISO IS-IS
iso-igrp IGRP for OSI networks
mobile Mobile routes
odr On Demand stub Routes
ospf Open Shortest Path First (OSPF)
rip Routing Information Protocol (RIP)
static Static routes
After a routing protocol is enabled by a global command, the router

configuration mode prompt Router(config-router)# is displayed. Type a
question question mark (?) to list the router configuration commands.
Router(config)# router rip
Router(config-router)# ?
Router configuration commands:
default-information Control distribution of default
information
distance Define an administrative
distance
distribute-list Filter networks in routing
updates
exit Exit from routing protocol

5
configuration mode
Many features are enabled on a per-interface basis. Interface configuration

commands modify operation of an Ethernet, Token Ring, or serial port.
Interface subcommands always follow an interface command; the interface
command defines the interface type.
Configuration Methods:
1. Enter configuration statements
2. Save the changes to a backup the router will use when it starts up
3. Examine the changes you have made
4. If necessary, modify or remove configuration statements
You can secure your system by using passwords to restsrict access.

Passwords can be established both on individual lines and in the privileged
EXEC mode.
The "line console 0" command establishes a password on the console

terminal.The "line vty 0 4" command establishes password protection on
incoming Telnet sessions.
The "enable-password" command restricts access to the privileged EXEC

mode.
The "enable-secret password" from the System Configuration Dialog to

setup global parameters uses a Cisco-proprietary encryption process to alter
the password character string.
Password can be further protected from display through the use of the
"service password-encryption" command. The encryption algorithm does
not match the Data Encryption Standard (DES).
The "banner mode" command is used to configure a message of the day

which is displayed at login and is useful for conveying messages that affect
all network users, such as impending system shutdowns.
6
Semester 2, Lesson 10 Notes:
Sources for Cisco IOS Software
The default source for Cisco IOS software depends on the hardware platform, but
most commonly the router looks to the 'configuration commands' saved in NVRAM.
You can specify other sources where the router should look for software, or the
router will use its own "fall back sequence" as necessary to load software. Settings
in the "configuration register" enable alternatives for where the router will
bootstrap Cisco IOS software.
You can specify "enabled config-mode boot" (Router(config)# boot...) system

commands to enter fall back sources for the router to use in sequence. Save these
statments in NVRAM to use during the next startup with the command "copy
running-config startup-config". The router will use these commands as needed, in
sequence, when it restsarts.
However, if NVRAM lacks boot system commands the router can use; the system
has its own 'fall back alternatives':
1. the router will fall back and use defalut Cisco IOS in Flash memory.
2. If Flash memory is empty, the router will try its next TFTP
alternative. ...The router uses the configuration register value to
form a filename from which to boot a default system image stored on
a network.
2. What important command displays information about the Cisco IOS software
that is currently running on the router, including the 'configuration register'
setting?
"show version"
The order in which the router looks for system bootstrap information depends on
the 'boot field' setting in the "configuration register". You can change the default
7
"configuration register" setting with the 'enabled config-mode command', "config-

register" (Router(config)# config-register 0x10F^Z).
The "configuration register" is a 16-bit register in NVRAM. The lowest four bits of
the configuration register (bits 3, 2, 1, and 0) form the 'boot field'. Configuration
register values (bits 3, 2, 1, and 0):
0x100 ROM monitor mode boot field 0-0-0-0

0x101 Boot from ROM boot field 0-0-0-1
0x102 - 0x10F Examine NVRAM boot field 0-0-1-0-1-1-1-1
To check the boot field setting, for example, to verify the config-register command,
you must use the "show version" command. Note: You will not see evidence of any
config-register setting in output from either the "show running-config" or "show
startup-config comands".
The command "copy running-config startup-config" saves the command in

NVRAM.
3. If both flash memory is corrupted and the network server fails to load the
software image, what is the final software bootstrap option?
(3)Booting from ROM.
A 'TFTP server' can be another router, or it can be a host system. The TFTP host
can be any system (Unix, DOS, Windows) with TFTP loaded and is able to contain
files on the TCP/IP network. You will be copying software between the TFTP host
and Flash memory in the router.
4. What comand would you use to make sure that you can see and write into Flash
and verify that the router has sufficient room in Flash to accomodate the Cisco IOS
software image you want to load?
"show flash"
1. Command used to verify that you have sufficient memory on your

system for the Cosci IOS software you want to load.
2. Command used to learn the name of the system image file.
With Cisco IOS Release 11.2, the naming convention for Cisco IOS contains three
parts:(Ex. igs-inr-1, c4500-aj-m, gs7-k-mz)
1. The first part of the image name contains the platform on which the
image runs. (ex. cpa25, igs, c4500, gs7)
8
2. The second part of the image name identifies the special capabilities
of the image. A letter or series of letters identifies the feature sets
supported in the image. (Ex. 1, cg, inr, aj, k)
3. The third part of the image name specifies where the image runs
and if it has been 'zip' compressed. (Ex. 1, m, mz)
5. What two related commands are useful for transferring Cisco IOS images
between tftp server and flash memory?
1. "copy tftp flash" - Copy the system image to a TFTP server.
Provides for a backup copy of the current Cisco IOS software image.
2. "copy tftp flash" - Download the new image from the TFTP server.
This command begins operation by requesting the 'IP address' of the remote host
that will act as a TFTP server. Next you are prompted for the 'image name' of the
update image. Following an opportunity to confirm your entries, the procedure asks
if you are willing to 'erase Flash'. Each exclamation point (!) means that one User
Datagram Protocol (UDP) segment has successfully transferred. The series of Vs
indicates successful check run verification of a segment.
Use the "show flash" command to view the file and to compare its size with that of
the original on the server before changing the 'boot system commands' to use the
updated image. Following a successful copy, the "reload" command boots up the
router as specified with the boot system system using the updated image.
Fundamentals of TCP/IP
TCP/IP - "Transmission Control Protocol/Internet Protocol". Common name for

the suite of protocols developed by the U.S. DOD in the 1970s to support the
construction of worldwide internetworks. TCP and IP are the two best-known
protocols in the suite.
TCP - "Transmission Control Protocol". Connection-oriented 'transport layer'

protocol that provides reliable full-duplex data transmission. TCP is part of the
TCP/IP protocol stack.
IP - "Internet Protocol". 'Network layer' protocol in the TCP/IP stack offering a

connectionless internetwork service. IP provides features for addressing, type-of-
service specification, fragmentation and reassembly, and security. Documented in
RFC 791.
The TCP/IP protocol stack has the following components:

9
 Protocols to support file transfer, e-mail, remote login, and other

'application protocols'. Network management is also supported at
the Application layer. (layer 7)
 Reliable and "unreliable" transports (layer 4)
 Connectionless datagram delivery at the Network layer (layer 3)
 ICMP provides control and message functions at the Network layer

(layer 3).
1. How do the TCP/IP 'Conceptual layers' relate to the 'OSI layers'?
1. TCP/IP groups the OSI 7-Application, 6-Presentation, and 5-Session

layers into an "Application Layer".
2. The OSI 4-Transport layer maps exactly to the TCP/IP "Transport

Layer".
3. TCP/IP renames the OSI 3-Network layer as an "Internet Layer".
4. TCP/IP calls the OSI 2-Data link and 1-Physical layers

the "Network Interface Layer".
2. Compare and contrast TCP and UDP Transport Layer).
1. TCP (Transmission Control Protocol) is a connection-oriented,

'reliable protocol'. It is responsible for breaking messages into
'segments', reassembling them at the destination station, resending
anything that is not received, and reassembling messages from the
segments. TCP supplies a 'virtual circuit' between end-user
applications.
2. UDP (User Datagram Protocol) is a connection-less, "unreliable"

protocol. Although UDP is responsible for transmitting messages, no
software checking for segment delivery is provided at this layer;
hence the description 'unreliable'.
The "Transport layer" performs two functions:
1. Flow control provided by sliding windows
2. Reliability provided by sequence numbers and acknowledgmenmts
3. Briefly describe everything you know about the fields in a TCP 'segment'.
TCP field segments include:

10
1. Source and destination ports (what services are being requested)
2. Sequence numbers, Acknowledgment numbers, and Header length

(keeping track of segments)
3. Code bits (setup and termination of sessions)
4. Window (number of octets that the sender is willing to accept)
5. Checksum (number of header and data fields, for error correction)
6. Data (upper-layer protocol data)
Both TCP and UDP us eport (or socket) numbers to pass information to the upper
layers. Port numbers are used to keep track of different conversations crossing the
network at the same time. Application software developers agree to use well-known
port numbers that are defined in RFC1700.
Some ports are reserved in both TCP and UDP, but applications might not be
written to support them. Port numbers have the following assigned ranges:
 Numbers below 255 are for public applications.
 Numbers from 255 to 1023 are assigned to companies for sealable

applications.
 Numbers above 1023 are unregulated.
End systems use port numbers to select the proper application. Originating source
port numbers are dynamically assigned by the source host, usually some number
greater than 1023.
TCP "Three-Way Handshake" (Open Connection)
Both ends of the connection are synchronized with a three-way handshake /open
connection sequence. Exchanging beginning sequence numbers during the
connection sequence ensures that lost data can be recovered if problems occur later.
Host-A Host-B
------ ------
1. Send SYN (seq=x)
Receive SYN (seq=x)
Send SYN (seq=y, ack=x+1)

2. Receive SYN (seq=y, ach=x+1)
11
3. Send ACK (ack=y+1)

Receive ACK (ack=y+1)
"Window size" - Refers to the number of messages that can be transmitted while
awaiting an acknowledgment. TCP uses 'expectational acknowledgments', meaning
that the acknowledgment number refers to the octet expected next.
"Par" (Positive Acknowledgment and Retransmission) - TCP provides

"sequencing" of segments with a "forward reference acknowledgment". Each
datagram is numbered before transmission. At the receiving station, TCP
reassembles the segments into a complete message. If a sequence number is missing
in the series, that segment is retransmitted. Segments that are not acknowledged
within a given time period result in retransmission.
"UDP (User Datagram Protocol) uses no windowing or acknowledgments.

Application-layer protocols can provide for reliability. UDP is designed for
applications that do not need to put sequencses of segments together. Protocols that
use UDP include TFTP, SNMP, Network File System (NFS), and Domain Name
System (DNS).
4. Briefly describe everything you know about the fields in an IP 'datagram'.
IP datagram fields include:
1. Version number and header length
2. Type of service and total length of datagram
3. Time-To-Live
4. Which upper-layer Protocol has sent the Datagram (TCP or UDP)
5. Header checksum
6. Source and Destination IP addresses
7. IP options (testing, debugging, security)
8. Data
5. Briefly distinguish between IP, ICMP, ARP, and RARP (Internet layer).
Several protocols operate at the TCP/IP Internet layer, which corresponds to the
OSI 3-Network layer:
12
"IP" (Internet protocol) provides 'connectionless', 'best-effort routing' of datagrams

[packets]. It is not concerned with their content; it is looking for ways to move the
datagrams to their destination. IP provides features for addressing, type-of-service
specification, fragmentation and reassembly, and security.
"ICMP" (Internet Control Message Protocol) provides control and messaging

capabilities. Network layer Internet protocol that reports errors and provides other
information relevant to IP packet processing.
If a router receives a packet that it is unable to deliver to its destination, the router
sends an ICMP :destination unreachable" message to the source and the router
discards the message. The message might be undeliverable because of an invalid IP
address or there is no known route to the destination. Undeliverable ICMP messages
are discarded to prevent flooding of the network.
An "echo reply" is a successful reply to a "ping" command; however, the results

could include other ICMP mesages, such as unreachables and timeouts.
ICMP uses the following types of defined messages. Others exist that are not
included on this list:
 Destiantion (Host) Unreachable
 Echo Request (Ping)
 Echo Reply (Ping Reply)
 Time Exceeded
 Parameter Problem
 Source Quench
 Redirect
 Timestamp
 Timestamp Reply
 Information Request
 Information Reply
 Address Request
 Address Reply
"ARP" (Address Resolution Protocol) determines the 2-Data link layer address for a
known IP address. Internet protocol is used to map an IP address (network address)
13
to a MAC sublayer address. To determine a destination address for a 'datagram' the

"ARP cache" table is checked. If the address is not in the table, ARP sends a
'broadcast' looking for the destination station. Every station on the network receives
the broadcast.
The term "local ARP" is used to describe resolving an address when both the
requesting host and the destination host share the same media or wire. Prior to
issuing the ARP, the "subnet mask" was consulted. The mask determined that the
nodes are on the same subnet.
"RARP" (Reverse Address Resolution Protocol) determines network addresses (IP

addresses) when data link layer addresses are known. Protocol in the TCP/IP stack
that provides a method for finding IP addresses based on MAC addresses.
RARP relies on the presence of a RARP server with a table entry or other means to
respond to these requests. On the local segment, RARP can be used to initiate a
remote operating system load sequence
TCP/IP Address Overview and Configuring Router Addresses
Each node using the TCP/IP protocol suite has a unique '32-bit logical address'. This
address is known as the "IP address".
Each company listed on the internetwork is seen as a 'single unique network' that
must be reached before an 'individual host' within that company can be contacted.
Each company network has an address; the hosts that live on that network share
that same "network address", but each host is identified by the unique "host
address" on the network.
"Broadcast" - Data packet that will be sent to all nodes on a network. Broadcasts
are identified by a "broadcast address" a 'host address' of all ones in the 'IP
address'.
The Cisco IOS software supports two kinds of broadcasts:
1. "Directed broadcasts" - Broadcasts directed into a specific network

are allowed and are forwarded by the router. These directed
broadcasts contain all ones in the host portion of the address.
14
2. "Flooding" - 'Flooding broadcasts' (255.255.255.255) are not

propagated, but are considered local broadcasts.
"Flooding" - Traffic passing technique used by 'switches' and 'bridges' in which

traffic received on an interface is sent out to all of the interfaces of that device
except the interface on which the information was originally received.
"Network Addresses" - An address of all zeros means 'this network' or 'the wire
itself'. The "routing table" contains entries for the 'wire' or 'network addresses'; it
usually does not contain any information about hosts.
An 'IP address' and 'subnet mask' on an interface achieves three purposes:
1. It enables the system to process the receipt and transmission of

packets.
2. It specifies the device's local address.
3. It specifies a range of addresses that share the cable with the device.
1. If a router has:
A serial interface SO with IP address 172.16.1.2
An Ethernet interface EO with IP address 172.31.4.1
A Token Ring interface TO with IP address 172.31.16.1
and if all interfaces use a mask of 255.255.25.0, find the subnet (wire) number for
each interface.
SO: 172.16.1.0 (172.16.1.2 AND 255.255.255.0)

EO: 172.31.4.0 (172.31.4.1 AND 255.255.255.0)
TO: 172.31.16.0 (172.31.16.1 AND
255.255.255.0)
2. What is the result of the command:
"Router(config-if)# ip address ip-address subnet-mask"
This command establishes the 'logical network address' (ip-address) and subnet-
mask of the specified interface. Specifically, it (1) assigns an address and a subnet-
mask and (2) starts IP processing on that interface.
"Router(config)# term ip netmask-format"
Command used to specify the format of network masks for the current session.
Format options are:
15
Bit count
Dotted decimal (the default)
Hexdecimal
What does the following command do?
"Router(config)# ip host name ip-address"
The 'ip host' command makes a "static name-to-address entry" in the router's
configuration file. Hosts and interfaces then become selctable by either their 'name'
or their 'IP address'.
"Router(config)# ip name-server server-address [...]"
Command used to define which hosts can provide the 'name service'. A maximum of
six IP addresses can be specified as name servers in a single command.
"Router(config)# ip domain-lookup"
The DNS (name service) is enabled by default with a server address of

255.255.255.255, which is a local broadcast.
"Router(config)# no ip domain-lookup"
Command used to turn off name-to-address translation in the router.
4. What type of information is obtained from the command:
"Router# show hosts"
This command displays host names, their associated IP addresses, and type and time
status indicators about how and why the host name became associated with those IP
addresses (Cache of host name-to-address mappings).
The Cisco IOS software maintains a 'cache' of 'host name-to-address mappings' for
use by EXEC commands. This cache speeds the process of converting names to
addresses.
5. Distinguish amongst the three commands which allow you to 'verify address
configuration' in your internetwork.
1. "Telnet" (a layer 7 test) verifies the allplication layer software

between source and destination stations (this is the most complete
test mechanism available).
2. "Ping" (a layer 3 test) uses the IMCP protocol to verify the

hardware connection and the logical address of the network layer
16
(this is a very basic testing mechanism). The 'ping' command sends

ICMP echo packets and is supported in both user and privileged
EXEC mode. These are the commands that may be returned by the
"ping" test (ICMP Echo Request):
3.
4. Character Definition
5. ! Successful receipt of an echo reply
6. . Times out waiting for datagram reply
7. U Destination unreachable error
8. C Congestion-experienced packet
9. I Ping interupted (Ctrl-Shift-6 x)
10. ? Packet type unknown
11. & Packet Time To Live exceeded
"Extended Ping" is supported only from privileged EXEC mode. You can
use the extended command mode of the ping command to specify the
supported internet header options. To enter the extended mode, enter 'Y' at
the extended commands prompt.
12. "Trace" uses Time-To-Live (TTL) values to generate messages from

each router used along the path (this is very useful for locating path
failures). 'Host names' are shown if the addresses are translated
dynamically or via static host table entires. The 'times' listed
represent the time required for each of three probes to return.
When the trace reaches the target destination, an asterisk (*) is reported at the
display. This normally is caused by the receipt of a port -unreachable packet and the
time out in responce to the probe packet. Other responses include:
!H - The probe was received by the router,

but not forwarded, usually due to an
access list.
P - The protcol was unreachable.
N - The network was unreachable.
U - The port was unreachable.
* - Time out.
Router configuration and Routing Protocols: RIP and IGRP
"IGP" (Interior Gateway Protocol) - Internet protocol used to exchange routing

information within an autonomous system. Examples of common IGPs include
IGRP, OSPF, and RIP.
"RIP" (Routing Information Protocol) - IGP supplied with UNIX BSD systems. The
most common IGP in the Internet. RIP uses hop count as a routing metric.
17
"IGRP" (Interior Gateway Routing Protocol) - IGP developed by Cisco to address

the problems associated with routing in large, heterogeneous networks.
Each 'interface' on the router must be configured with a unique 'IP address' and
'subnet mask'. Information that relates an IP address to a router is called the
"routing table".
Routers learn paths to destinations three different ways:
(Note: The "ip route" command is used to set up 'static routes'. The "ip default-
network" command is used to set up 'default routes')
(1)"Static routes" - Manually defined by the system administrator as the only path
to the destination (stub network). Route that is explicitly configured and entered
into the routing table. Static routes take precedence over routes chosen by dynamic
routing protocols. Useful for controlling security and reducing traffic. The "ip
route" command is used to setup a static route.
Router(config)# ip route network [mask] {address/interface) [distance]
network Destination 'network' or subnet mask

Subnet mask
address IP address of next hop router
interface Name of interface to use to get to

destination network
distance The administrative distance
"Administrative distance" - a rating of the trustworthiness of a routing information

source expressed as a numeric value from 0 to 255. The higher the number, the
lower the trustworthiness rating.
A 'static route' allows manual configuration of the routing table. No dynamic

changes to this table entry will occur as long as the path is active. A static route may
reflect some special knowledge of the networking situation known to the network
administrator. Manually entered 'administrative distance' values for static routes
are usually low numbers.
Routing updates are not sent on a link if only defined by a 'static route', thereby
conserving bandwidth.
(2)"Default routes" - Manually defined by the system administrator as the path to

take when no route to the destination is known. Routing table entry that is used to
direct frames for which a next hop is not explicitly listed in the routing table.
'Default routes' are configured using the 'ip default route' command, while at the
'Router (config)# prompt.
18
Router(config)# ip default-network network-number
Network-number: IP network number or subnet number defined as the default.
(3)"Dynamic routing" - Router learns of paths to destinations by receiving periodic

updates from other routers. Routing that adjusts auotmatically to network topology
or traffic changes. Also called adaptive routing. Dynamic routing uses 'broadcasts'
and 'multicasts' to communicate with other routers. The "router" command starts a
routing process.
Router(config)# router protocol [number/word]
protocol RIP, IGRP, OSPF, or Enhanced IGRP.
number autonomous-number for IGRP
An "Autonomous System" (AS) is a group of routers under a common

administration, An 'autonomous system' consists of touters, run by one or more
operators, that present a consistent view of routing to the external world. As
numbers are used to prevent updates from different Autonomous Systems being
propagated amongst each other.
The "Network Information Center" (NIC) assigns a unique 'autonomous system' to

enterprises. This autonomous system is a 16-bit number. A routing protocol, such as
Cisco's "Interior Gateway Routing Protocol" (IGRP) requires that you specify this
unique, assigned autonomous system number in your configuration.
Router(config-router)# network network-number
network:
Such as autonomous system, which is used with those protocols that require an
autonomous system, such as IGRP.
network-number:
Specifies a directly connected network.
The "network" command is required because it allows the routing process to

determine which interfaces will participate in the sending and receiving of routing
updates. The "network number" must be based on the NIC network numbers, not
subnet numbers or individual addresses. The network command assigns a NIC-
based address to which the router is directly connected. The routing process will
associate interfaces with the proper addresses and will begin packet processing on
the specified networks.
"Exterior routing protocols" are used to communicate between 'autonomous

systems'. "Interior routing protocols" are used to communicate within a single
Autonomous System.
19
At the "Internet layer" of the TCP/IP suite of protocols, a router can use the IP
routing protocol to accomplish routing through the implementation of a specific
routing algorithm. Examples of the IP routing protocols include:
RIP:
A 'distance vector' routing protocol.
IGRP:
Cisco's 'distance vector' routing protocol.
OSPF:
A 'link-state' routing protocol.
Enhanced IGRP:
A 'balanced hybrid' routing protocol.
The selection of IP as a routing protocol involves the setting of both global and
interface parameters.
Global configuration tasks:
1. Select a routing protocol, RIP or IGRP.
2. Assign IP network numbers without specifying subnet

values.
Interface configuration task:
1. assign network/subnet addresses and the appropriate subnet

mask.
RIP (Routing Information Protocol) is primarily concerned with the 'hop count'.
Key characteristics of RIP include the following:
 It is a distance vector routing protocol.
 Hop count is used as the metric for path selection.
 The maximum allowable hop count is 15.
 Routing updates are broadcast every 30 seconds by default.
IGRP (Interior Gateway Routing Protocol) is a distance vector routing protocol

developed by Cisco. IGRP sends routing updates at 90-second intervals that
20
advertise networks for a particular autonomous system. The following are some key
characteristics of IGRP:
 IGRP is a distance vector routing protocol.
 A composite metric (including bandwidth, delay, load,

reliability, and MTU) is used for path selection.
 It is versatile, flexable, and scalable, allowing for more

complex topologies and large networks.
 Routing updates are broadcast every 90 seconds.
 Speed is the primary concern of IGRP.
"MTU" (Maximum transmission unit) - Maximum packet size, in bytes, that a

particular interface can handle.
"show ip protocol" - (1) Command that displays values about routing timers and
network information associated with the entire router. (2) Command that displays
parameters, filters, and network information about the entire router. Use this
information to indentify a router that is suspected of delivering bad routing
information.
"show ip route" - Command that displays the contents of the IP routing table.
The 'routing table' contains entries for all known networks and subnetworks and
contains a 'code' that indicates how that information was learned.
"show ip interface" - Command that displays the status and global parameters
associated with an interface.
The Cisco IOS software automatically enters a directly connected route in the
routing table if the 'interface' is one through which software can send and receive
packets. Such an 'interface' is marked 'up'. If the interface is unusable, it is removed
from the routing table. Removing the entry allows implementation of backup routes,
if they exist.
"debug ip rip" - Command that displays RIP routing updates as they are sent and
received
Router Access Lists, Security, and Firewalls

21
"Access list" - (1) List kept by Cisco routers to control access to or from the router
for a number of services (for example, to prevent packets with a certain IP address
from leaving a particular interface on the router). (2) Command that creates an
entry in a standard traffic filter list.
 Standard
-Simpler address specifications
-Generally permits or denies entire protocol suites
 Extended
-More complex address specifications
-Generally permits or denies specific protocols
"Access lists" offer another powerful tool for network control. These lists add the
flexibility to filter the packet flow that flows in or out of router interfaces. "Access
lists" perform several functions within a Cisco router including:
 Impliment security/access procedures
 Act as a protocol "firewall"
"Extended Access lists" allow 'filtering' on address, protocol, and applications.

Access lists are used to 'limit broadcast traffic'.
You can also use "Access lists" to:
 Identify packets for priority or custom queing
 Restrict or reduce the contents of routing updates
"Access lists" also process packets for other security features to:
 Provide IP traffic dynamic access control with enhanced user

authentication using the lock-and-key feature
 Identify packets for encryption
 Identify Telnet access allowed to the router virtual terminals
"DDR" (Dial-on-demand routing) Technique whereby a Cisco router can

automatically initiate and close a 'circuit-switched session' as transmitting stations
demand. The router 'spoofs keepalives' so that end stations treat the session as
active. DDR permits routing over ISDN or telephone lines using an external ISDN
terminal adaptor or modem.
22
The OSI model is the very heart of networking with every layer performing a specific task
in order to facilitate data communications. In the world of networking the first four (4)
layers are the focus. They define the following:
 What type and speed of LAN and WAN media to be implemented

 How data is sent across the media
 What type of addressing schemes will be used.
 How data will be reliably sent across the network and how flow control will be
accomplished
 What type of routing protocol will be implemented
Why a Layered Network Model ?
 Reduces complexity
 Standardizes interfaces
 Facilitates modular engineering
 Ensures interoperable technology
 Accelerates evolution
 Simplifies teaching and learning
The OSI model - seven numbered layers indicate distinct functions. In the Transmission
Control Protocol/Internet Protocol (TCP/IP), the distinct functions fit into five named
layers. This separation of networking functions is called "layering".
OSI Layer Functions:
7. APPLICATION (Network processes to applications)
The application layer provides network services to user applications. For example, a
word processing application is serviced by file transfer services at this layer.
6. PRESENTATION (Data representation)
This layer provides data representation and code formatting. It ensures that the
data that arrives from the network can be used by the application, and it ensures
that information sent by the application can be transmitted on the network.
5. SESSION (Interhost communication)
This layer establishes, maintains, and manages sessions between applications.
4. TRANSPORT (End-to-end connections)
This layer segments and reassembles data into a data stream. This layer uses the
TCP protocol.
3. NETWORK (Addresses and best path)

23
This layer determines the best way to move data from one place to another. The
router operates at this layer. This layer uses the IP addressing scheme.
2. DATA LINK (Access to media)
This layer provides physical transmission across the medium. It handles error
notification, network topology, and flow control. This layer uses the Media Access
Control (MAC) address.
1. PHYSICAL (Binary transmission)
This layer provides the electrical, mechanical, procedural, and functional means for
activating and maintaining the physical link between systems. This layer uses the
physical media like twisted pair, coaxial, and fiber-optic cable.
[Host Layers] (layers 7, 6, 5, & 4)

Provide for accurate data delivery between computers
[Media Layers] (layers 3, 2, & 1)

Control physical delivery of messages over the network
Each layer uses its own 'layer protocol' to communicate with its peer layer in the other
system. Each layer's protocol exchanges information, called protocol data units (PDUs),
between peer layers. A given layer can use a more specific name for its "PDU".
7, 6, 5. ------ [data]
4. Transport--- segments [segment header][data]
3. Network----- packets [network header][data segment]
2. Data Link--- frames [frame header][network packet][frame
trailer]
1. Physical---- bits [binary 1's & 0's]
This peer-layer protocol communication is achieved by using the services of the layers below
it. The layer below any current layer provides its services to the current layer. Each lower-
layer service takes upper-layer information as part of the lower-layer PDUs it exchanges
with its layer peer.
[1-Physical Layer] (bits)

The Ethernet and IEEE 802.3 standards define a bus-topology LAN that operates at a
baseband signaling rate of 10 Mbps.
1. 10Base2 - Known as 'thin Ethernet', allows network segments up to 185 meters on

coaxial cable.
2. 10Base5 - Known as 'thick Ethernet', allows network segments up to 500 meters on

coaxial cable.
3. 10Base-T - Carries Ethernet frames on inexpensive twisted-pair wiring.

24
The 10Base5 and 10Base2 standards provide access for several stations on the same LAN
segment. Stations are attached to the segment by a cable that runs from an attachment unit
interface (AUI) in the station to a transceiver that is directly attached to the Ethernet
coaxial cable.
Because the 10Base-T standard provides access for a single station only, stations attached to
an Ethernet LAN by 10BaseT are almost always connected to a hub or a LAN switch. In
this arrangement, the hub or LAN switch is the same as an Ethernet segment.
[2-Data Link Layer] (physical addressing)

The Ethernet and 802.3 data links provide data transport across the physical link joining
two devices Devices can be directly attached to each other over the Ethernet LAN.
Computers have MAC addresses used by the data-link layer. The router also uses MAC
addresses for each of its LAN side interfaces. For indicating the 802.3 interface on the
router, you will use the Cisco IOS interface type abbreviation E followed by an interface
number (for example, E0).
[3-Network Layer] (Path determination)

Which path should traffic take through the cloud of networks? Path determination occurs
at Layer 3, the 'Network layer'. The path determination function enables a router to
evaluate the available paths to a destination and to establish the preferred handling of a
packet.
Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI
Network layer:
 IP (Internet Protocol) provides connectionless, best-effort delivery routing of

datagrams. It is not concerned with the content of the datagrams. Instead, it looks
for a way to move the datagrams to their destination.
 ICMP (Internet Control Messages Protocol) provides control and messaging
capabilities. ICMP - Network layer Internet protocol that reports errors and
provides other information relevant to IP packet processing.
 ARP (Address Resolution Protocol) determines the data link layer address for
known IP addresses. Internet protocol used to map an IP address to a MAC address.
 RARP (Reverse Address Resolution Protocol) determines network addresses when
data link layer addresses are known. Protocol in the TCP/IP stack that provides a
method for finding IP addresses based on MAC addresses.
[TCP/IP Network Layers]
-[DoD TCP/IP Model]- -[OSI 7-Layer Model]-

4. Application (7-Application, 6-Presentation, & 5-Session)
3. Transport (4-Transport)
2. Internet (3-Network)
1. Network Interface (2-Data Link & 1-Physical)
Best-effort delivery - Describes a network system that does not use a sophisticated
acknowledgment system to guarantee reliable delivery of information.
[TCP/IP addresses]
25
 Unique addressing allows communication between 'end stations'

 Path choice is based on location
 Location is represented by an 32-bit address (IP address)
Each company listed on the internetwork is seen as a single unique network that must be
reached before an individual host within that company can be contacted. Each company
network has an address; the hosts that live on that network share that same network
address, but each host is identified by the unique host address on the network.
[Addressing with subnets]

With subnets, the network address use is more efficient. There is no change to how the
outside world sees the network, but within the organization, there is additional structure.
Routers determine the destination network using the 'subnet address', limiting the amount
of traffic on the other network segments.
"Routing services" use network topology information when evaluating network paths. This
information can be configured by the network administrator or collected through dynamic
processes running in the network.
The 3-Network layer interfaces to networks and provides best effort end-to-end packet
delivery services to its user, the 4-Transport layer. The 3-Network layer sends packets from
the source network to the destination network based on 'IP routing table' (contains:
'Destination network' addresses & 'Next Hop' (outgoing interface) pairs).
After the router determines which path to use, it can proceed with "switching the packet";
taking the packet it accepted on one interface and forwarding it to another interface or port
that reflects the best path to the packet's destination.
Using IP addresses, the 3-Network layer can provide a 'relay connection' that interconnects
independent networks. By using 'consistent end-to-end addressing' to represent the path of
media connections, the 3-Network layer can find a path to the destination without
unnecessarily burdening the devices or links on the internetwork with broadcasts.
The Network address identifies a path part used by the router within the network cloud.
The router uses the network address to identify the source or destination network of a
packet within an internetwork. For some network-layer protocols, this relationship is
established by a network administrator who assigns network addresses according to some
preconceived internetwork addressing plan. For other network-layer protocols, assigning
addresses is partially or completely dynamic.
 Network address - Path part used by the router

 Host address - Specific port or device on the network
26
ICMP - Internet Control Messages Protocol
The ICMP is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams
and are used to send error and control messages. ICMP uses the following types of defined
messages. Others exist that are not included on this list:
 Destination Unreachable
 Time Exceeded
 Parameter Problem
 Source Quench
 Redirect
 Echo
 Echo Reply
 Timestamp
 Timestamp Reply
 Information Request
 Information Reply
 Address Request
 Address Reply
If a router receives a packet that it is unable to deliver to its ultimate destination, the router
sends an ICMP host unreachable message to the source. The message might be
undeliverable because there is no known route to the destination.
An ICMP 'echo reply' is a successful reply to a "ping" command (ICMP echo request);
however, results could include other ICMP messages, such as unreachable and timeouts.
ARP - Address Resolution Protocol
ARP is used to resolve or map a known IP address to a MAC sublayer address to allow
communication on a multiaccess medium such as Ethernet. To determine a destination
address for a datagram, FIRST, the ARP cache table is checked. If the address is not in the
table, ARP sends a broadcast (ARP request) looking for the destination station. Every
station on the network receives the broadcast (ARP request). When the destination station
replies (ARP reply) only the original station (now the destination) receives the ARP replay
and updates it's ARP cache.
The term "local ARP" is used to describe resolving an address when both \ the requesting
host and the destination host share the same media or wire. Prior to issuing the ARP, the
subnet mask was consulted. The mask determined that the nodes are on the same subnet.
[4-Transport Layer] (End-to-end connections)
 segments upper-layer applications

 establishes an end-to-end connection
 sends segments from one end host to another
 optionally, ensures data reliability
Services located in the 4-Transport layer allow users to break apart or 'segment' several
upper-layer application data onto the same Layer 4 data stream. These same services allow
27
users to reassemble the same upper-layer applications data. The Layer 4 data stream
provides transport services from the host to the destination. Services such as these are
sometimes referred to as "end-to-end services". The Layer 4 data stream is a 'logical
connection' between the endpoints of a network.
As the Transport layer sends its data segments, it can also ensure the integrity of the data.
One method of doing this is called "flow control". Flow control avoids the problem of a host
at one side of the connection overflowing the buffers in the host at the other side. Transport
layer services also allow users to request reliable data transport between hosts and
destinations. To obtain such reliable transport of data, a connection-oriented relationship is
used between the communicating end systems.
Reliable transport can accomplish the following:
 Ensure that segments delivered will be acknowledged back to the sender.

 Provide for retransmission of any segments that are not acknowledged.
 Put segments back into their correct sequence at the destination.
 Provide congestion avoidance and control.
One reason for different layers in the OSI model is so that multiple applications can share
the same transport connection. Transport functionality is accomplished segment by
segment. This means that different applications can send data segments on a first-come,
first-served basis. Such segments can be intended for the same destination or for many
different destinations
One user of the 4-Transport layer must establish a connection-oriented session with its peer
system.
Sender --- synchronize ------------------> Receiver

Sender <------ negotiate connection -----> Receiver
Sender <------------------ synchronize --- Receiver
Sender --- acknowledge ------------------> Receiver
----- connection established -----
Sender <- data transfer (send segments) -> Receiver
TCP/IP 3-way Handshake
(1) Send SYN(seq=x) -----\

\--> Receive SYN(seq=x)
(2) /--- Send SYN(seq=x, ack=y+1)
Receive SYN(seq=y) <-/
ACK(x+1)
(3) Send ACK(ack=y+1) ---\
\--> Receive ACK(ack=y+1)
When datagrams arrive too quickly for a host or gateway to process, they are stored in
memory temporarily (buffer). If the traffic continues, the host or gateway eventually
exhausts its memory and must discard additional datagrams that arrive. Instead of allowing
28
data to be lost, the transport function can issue a 'not ready' (Window size=0) indicator to
the sender. Acting like a stop sign, this indicator signals the sender to stop sending data.
When the receiver can handle additional data, the receiver sends a 'ready' (Window size >0)
transport indicator, which is like a go signal.
If the sender has to wait for an acknowledgment after sending each segment, throughput
will be low. Because time is available after the sender finishes transmitting the data packet
and before the sender finishes processing any received acknowledgment, the interval is used
for transmitting more data. The number of data packets the sender is allowed to have
outstanding - without yet receiving an acknowledgment - is known as the "window" or
window size.
Windowing is a method to control the amount of information transferred end-to-end. Some

protocols measure information in terms of the number of packets; TCP/IP measures
information in terms of the number of bytes. Windowing is an end-to-end agreement
between sender and receiver.
Reliable delivery guarantees that a stream of data sent from one machine will be delivered
through a data link to another machine without duplication or data loss. (PAR) "Positive
Acknowledgment with Retransmission" is one technique that guarantees reliable delivery of
data streams. Positive acknowledgment requires a recipient to communicate with the
source, sending back an acknowledgment (ACK x+1) message when it receives data. The
sender keeps a record of each data packet it sends and waits for an acknowledgment before
sending the next data packet. The sender also starts a timer when it sends a segment, and it
retransmits a segment if the timer expires before an acknowledgment arrives.
Routing
Routers generally relay a packet from one data link to another. To relay a packet, a router
uses two basic functions:
1. a path determination function, and
2. a switching function.
A router is responsible for passing the packet to the next network along the path. The router
uses the 'network portion' of the address to make 'path selections'. The 'switching function'
allows a router to accept a packet on one interface and forward it on a second interface. The
'path determination' function enables the router to select the most appropriate interface for
forwarding a packet. The 'node portion' of the address refers to a specific port on the router
that leads to an adjacent router in that direction.
 Network portion of address used to make path selections

 Node portion of address refers to router port to the path
'Routed protocol' - Protocol that can be routed by a router. A router must be able to
interpret the logical internetwork as specified by that routed protocol. Any network
protocol that provides enough information in its network layer address to allow a packet to
be forwarded from host to host based on the addressing scheme. Routed protocols define the
format and use of the fields within a packet.
29
Examples of routed protocols include AppleTalk, DECnet, and IP.
'Routing protocol' - Protocol that accomplishes routing through the implementation of a

specific routing algorithm. Supports a routed protocol by providing mechanisms for sharing
routing information. Routing protocol messages move between the routers. A routing
protocol allows the routers to communicate with other routers to update and maintain
tables.
Examples of routing protocols include IGRP, OSPF, and RIP.
RIP - Routing Information Protocol
IGP (Interior Gateway Routing Protocol) supplied with UNIX BSD systems. The
most common IGP in the Internet. RIP uses hop count as a routing metric. Key
characteristics of RIP include the following:
 It is a distance vector routing protocol.
 Hop count is used as the metric for path selection.
 The maximum allowable hop count is 15.
 Routing updates are broadcast every 30 seconds by default.
IGRP - Interior Gateway Routing Protocol
IGP developed by Cisco to address the problems associated with routing in large,
heterogeneous networks.
EIGRP - Enhanced Interior Gateway Routing Protocol
Advanced version of IGRP developed by Cisco. A 'balanced hybrid' routing

protocol. Provides superior convergence properties and operating efficiency, and
combines the advantages of link state protocols with those of distance vector
protocols.
OSPF - Open Shortest Path First
Link-state, hierarchical IGP routing protocol proposed as a successor to RIP in the

Internet community. OSPF features include least-cost routing, multipath routing,
and load balancing. OSPF was derived from an early version of the ISIS protocol.
[Network-Layer Protocol Operations]

When a host application needs to send a packet to a destination on a different network, a 2-
Data-link frame is received on one of a router's interfaces. The 3-Network layer process
examines the header to determine the destination network and then references the routing
table that associates networks to outgoing interfaces. The packet is again encapsulated in
the 2-Data-link frame for the selected interface and queued for delivery to the next hop in
the path. This process occurs each time the packet switches through another router. At the
30
router connected to the network containing the destination host, the packet is again
encapsulated in the destination LAN's 2-Data-link frame type and delivered to the
destination host.
"Static Route" - uses a protocol route that a network administrator enters into the router.
Route that is explicitly configured and entered into the routing table. Static routes take
precedence over routes chosen by dynamic routing protocols.
 For security when appropriate to hide parts of an internetwork

 Point-to-point or circuit-switched connection
 Stub network (network that has only a single connection to a router)
 Only a single network connection with no need for routing updates (Fixed route to
address reflects administrators knowledge)
"Dynamic Route" - uses a route that a network routing protocol adjusts automatically for
topology or traffic changes. Routing that adjusts automatically to network topology or
traffic changes. Also called adaptive routing.
The success of "dynamic routing" depends on two basic router functions:
1. Maintenance of a routing table, and
2. Timely distribution of knowledge in the form of routing updates to other routers.
Dynamic routing relies on a 'routing protocol' to share knowledge. A 'routing protocol'

defines the set of rules used by a router when it communicates with neighboring routers.
"Default route" - Routing table entry that is used to direct frames for which a next hop is
not explicitly listed in the routing table.
"Distance vector" routing algorithm - Class of routing algorithms that iterate on the
'number of hops' in a route to find a shortest-path spanning tree. Distance vector routing
algorithms call for each router to send its entire 'routing table' in each periodic update, but
only to its neighbors and in the process accumulate 'distance vectors'. Distance vector
routing algorithms can be prone to routing loops, but are computationally simpler than
'link state' routing algorithms. Also called Bellman-Ford routing algorithm. Distance vector
algorithms do not allow a router to know the exact topology of an internetwork.
"Link state" (also called shortest path first) routing algorithm - Routing algorithm in which
each router broadcasts or multicasts information regarding the 'cost of reaching each of its
neighbors' to all nodes in the internetwork. 'Link state' algorithms create a consistent view
of the network (they maintain a complex database of topology information) and are
therefore not prone to routing loops, but they achieve this at the cost of relatively greater
computational difficulty and more widespread traffic (compared with distance vector
routing algorithms). Link-state routing uses link-state advertisements (LSAs), a topological
database, the SPF algorithm, the resulting SPF tree, and finally, a routing table of paths and
ports to each network.
31
'LSA' - Link-state advertisement. Broadcast packet used by 'link-state' protocols that

contains information about neighbors and path costs. LSAs are used by the receiving
routers to maintain their routing tables. Sometimes called a link-state packet (LSP).
The "Balanced hybrid" approach combines aspects of the 'link-state' and 'distance vector'
algorithms.
'Convergence' - The speed and ability of a group of internetworking devices running a

specific routing protocol to agree on the topology of an internetwork after a change in that
topology. (The knowledge needs to reflect an accurate, consistent view of the new topology.)
When all routers in an internetwork are operating with the same knowledge, the
internetwork is said to have 'converged'.
[ Distance Vector Routing ] [ Link-State (SPF) Routing ]

* Views net topology from * Gets common view of entire
neighbor's perspective network topology
* Adds distance vectors * Calculates the shortest

from router to router path to other routers
* Frequent, periodic up- * Event-triggered updates:

dates: slow convergence faster convergence
* Passes copies of routing * Pass link-state routing

table to neighbor routers updates to other routers
 "Exterior routing protocols" are used to communicate between autonomous

systems.
 "Interior routing protocols" are used within a single autonomous system.
Router Configuration
IP routing configuration tasks:
1. Global Configuration
o Select routing protocols (RIP, IGRP)
o Specify network(s) (assign IP network numbers)
2. Interface Configutation
o assign network/subnet addresses & subnet masks
Use the "ip address" command to establish the logical network address of this interface.
Router(config-if)# ip address ip-address subnet-mask

32
 assigns an address and subnet mask

 starts IP processing on an interface
Use the "term ip netmask-format" command to specify the format of network masks for the
current session. Format options are:
- Bit count
- Dotted decimal (the default)
- Hexadecimal
Router(config)# term ip netmask-format
 sets format of network mask as seen in show commands
The "router" command starts a routing process.
Router(config)# router protocol [keyword]
 defines an IP routing protocol
 the network subcommand is a mandatory configuration command for each IP

routing process
The "router rip" command that selects RIP as the routing protocol.
Router(config)# router rip
 starts the RIP routing process
 selects participating attached networks
The "network" command assigns a NIC-based address to which the router is directly
connected. The routing process will associate interfaces with the proper addresses and will
begin packet processing on the specified networks.
Example:
router rip Selects RIP as the routing protocol.
network 1.0.0.0 Specifies a directly connected network.
network 2.0.0.0 Specifies a directly connected network.
33
The Cisco router interfaces connected to networks 1.0.0.0 and 2.0.0.0 will send and receive
RIP updates. These routing updates allow the router to learn the network topology.
2. LAN Switching
src="file:///C:%5CDOCUME%7E1%5Cdejain%5CLOCALS%7E1%5CTemp
%5Cmsohtml1%5C01%5Cclip_image001.gif" v:shapes="_x0000_i1029" height="32"
width="50">Top 10 Graphics:
1. Half Duplex Ethernet Design
2. Multimedia Scalability
3. Segmentation with Bridges
4. Bridging Table
5. Segmentation with Routers
6. Segmentation with LAN Switches
7. Microsegmentation of the Network
8. Layer 2 LAN Switch
9. LAN Switch Operation
10. Switching Table
Ethernet:
 a shared-medium technology
 all the devices are connected to the same delivery media
 media uses a data frame broadcast method
 goal is to provide a best effort delivery service
 allows all devices to transmit on an equal basis
 inherent problem with CSMA/CD technology is collision
CSMA/CD - Carrier sense multiple access with collision detect: Media-access mechanism
where devices listen for a carrier before transmitting; if no carrier is sensed for a specific
period of time, a device can transmit. If two devices transmit at once, a collision occurs and
is detected by all colliding devices. Collisions delay retransmission for a random length of
time. CSMA/CD access is used by Ethernet and IEEE 802.3.
IEEE 802.3 - IEEE LAN protocol that specifies an implementation of the physical layer and
the MAC sublayer of the data link layer. IEEE 802.3 uses CSMA/CD access over a variety
of physical media. Extensions to the IEEE 802.3 standard specify implementations for Fast
Ethernet (IEEE 802.3u). Variations of the original IEEE 802.3 specification include
10Base2, 10Base5, 10BaseF, 10BaseT, 10Broad36, 100BaseTX, 100BaseT4, and 100BaseFX.
34
The performance of a shared media Ethernet/802.3 LAN can be negatively effected by

several factors:
 The data frame broadcast delivery nature of Ethernet/802.3 LANs

 CSMA/CD access methods allow only one station to transmit at a time.
 Network congestion due to increased bandwidth demands from multimedia
applications such as video and the Internet.
 Normal latency (propagation delay) of frames as they travel across the LAN layer 1
media and pass through layer 1, 2 and 3 networking devices.
 Extending the distances of the Ethernet/802.3 LANs using Layer 1 repeaters.
Latency:
1. Delay between the time a device requests access to a network and the time it is
granted permission to transmit.
2. Delay between the time when a device receives a frame and the time that frame is
forwarded out the destination port.
Repeater - Layer 1 device that regenerates and propagates electrical signals between two
network segments.
Half-Duplex Ethernet Design (Standard Ethernet)
 Ethernet physical connector provides several circuits

 Most important are receive (RX), transmit (TX), and collision detection
Bandwidth - The difference between the highest and lowest frequencies available for
network signals. The term is also used to describe the rated throughput capacity of a given
network medium or protocol.
Congestion - Traffic in excess of network capacity. This can be seen in slower response times,
longer file transfers and network users becoming less productive due to network delays.
Propagation delay comes from the amount of time it takes a data frame to travel across the
physical media and from the time it takes for a frame to pass through a network device such
as a repeater. This latency is the total of all the delays caused by the network devices and
media as the frame moves from on device to another.
The 'transmission time' is the time it takes the frame or packet to move from the data link
layer - the data being placed into a packet or frame, to the physical layer - onto the physical
cabling of the network. Each Ethernet bit has a 100ns window for transmission. A byte is
equal to eight bits. Therefore, one byte takes a minimum of 800ns to transmit (8 bits at
100ns per equals 800ns). A 64 byte frame takes 51,200ns or 51.2 microseconds to transmit
(64 bytes at 800ns equals 51,200ns, 51,200ns/1000 equals 51.2 microseconds).
Attenuation - Loss of communication signal energy. The signal weakens as it travels through
the network from the resistance found in the medium.
35
An Ethernet repeater is a physical layer device on the network that boosts or regenerates the
signal on an Ethernet LAN.
 repeaters are a Layer 1 device that cleans up and boosts, and passes the signal on
 repeaters allow longer end-to-end distances
 repeaters increase the collision domain size
 repeaters increase the broadcast domain size
 repeaters can't filter traffic
This will also compound the issue of broadcasts and collisions and have a negative effect on
the overall performance of the shared media LAN.
Hub (multiport repeater)
1. Generally, a term used to describe a device that serves as the center of a star-
topology network.
2. Hardware or software device that contains multiple independent but connected

modules of network and internetwork equipment. Hubs can be active (where they
repeat signals sent through them) or passive (where they do not repeat, but merely
split, signals sent through them).
3. In Ethernet and IEEE 802.3, an Ethernet multiport repeater, sometimes referred to

as a concentrator.
Improving LAN performance
 Segmenting the network (bridges, routers, switches)
Segment:
Section of a network that is bounded by bridges, routers, or switches. Each segment

is considered its own collision domain.
o isolate traffic between segments

o achieve more bandwidth per user by creating smaller collision domains
 move to Full-duplex
Full duplex:
Capability for simultaneous data transmission between a sending station and a

receiving station.
 upgrade to Fast Ethernet
Fast Ethernet:
Any of a number of 100-Mbps Ethernet specifications. Fast Ethernet offers a speed

increase ten times that of the 10BaseT Ethernet specification, while preserving such
36
qualities as frame format, MAC mechanisms, and MTU. Such similarities allow the
use of existing 10BaseT applications and network management tools on Fast
Ethernet networks. Based on an extension to the IEEE 802.3 specification.
Collision domain - In Ethernet, the network area within which frames that have collided are
propagated. Repeaters and hubs propagate collisions; LAN switches, bridges and routers do
not.
Bridge - Device that connects and passes packets between two network segments that use
the same communications protocol. Bridges are passive on the network and operate at the 2-
Data link layer (layer 2) of the OSI reference model. In general, a bridge will filter, forward,
or flood an incoming frame based on the MAC address of that frame.
 segmentation provides fewer users per segment

 bridges 'store and forward' all frames based on Layer 2 (MAC) addresses
 Layer 3 protocol independent
 Increase Latency on the network (by 10-30%)
 Bridges "learn a network’s" segmentation by building address tables that contain
the address of each network device and which segment to use to reach that device.
Store and forward packet switching - Packet-switching technique in which frames are
completely processed before being forwarded out the appropriate port. This processing
includes calculating the CRC and checking the destination address. In addition, frames
must be temporarily stored until network resources (such as an unused link) are available to
forward the message.
Interface:
1. Connection between two systems or devices.
2. In routing terminology, a network connection.
3. In telephony, a shared boundary defined by common physical interconnection

characteristics, signal characteristics, and meanings of interchanged signals.
4. The boundary between adjacent layers of the OSI model.
Router - operates at the 3-Network layer and bases all of its forwarding decision between
segments on the Layer 3 protocol address. It accomplishes this by examining the destination
address on the data packet and looking in its routing table for forwarding instructions. 3-
Network layer device that uses one or more metrics to determine the optimal path along
which network traffic should be forwarded. Routers forward packets from one network to
another based on network layer information. Occasionally called a gateway (although this
definition of gateway is becoming increasingly outdated).
 more managable, greater functionality, multiple active ports

 smaller collision domains
 operates at Layer 3 and 4
 operate with a higher rate of latency due to acknowledgements
37
 Routers create the highest level of segmentation because of their ability to make
exact determinations of where the data packet should be forwarded.
Acknowledgment - Notification sent from one network device to another to acknowledge that
some event (for example, receipt of a message) has occurred. Sometimes abbreviated ACK.
Protocols that require an 'acknowledgement' from the receiver to the sender for every
packet as it is delivered (known as acknowledgement oriented protocols) have a loss of
throughput of 30-40%. Protocols that require minimal acknowledgements (sliding window
protocols) suffer a 20-30% loss of throughput.
Switch - Network device that filters, forwards, and floods frames based on the destination
address of each frame. The switch operates at the 2-Data link layer of the OSI model. A
LAN which uses a switched Ethernet topology creates a network that behaves like it only
has two nodes - the sending node and the receiving node.
 a switch eliminates the impact of collisions through microsegmentation

 low latency (21 msec) and high frame-forwarding rates at each interface port
 works with existing 802.3(CSMA/CD) compliant network interface cards and
cabling
 in a switched Ethernet implementation the available bandwidth can reach closer to
100%.
Because of the switching employed, the MAC address of the destination device is read and
the switch begins transmitting the packet before the total packet arrives in the switch. This
more than makes up for the inherent latency found in the switch.
Full-duplex Ethernet: Full duplex Ethernet allows the transmission of a packet and the
reception of a different packet at the same time. This simultaneous transmission and
reception requires two pairs of cables and a switched connection between each node. This
connection is considered point-to-point and is nearly collision free. Since both nodes can
transmit and receive at the same time there are no negotiations for bandwidth. Full duplex
Ethernet can use an existing shared media as long as the media meets minimum Ethernet
standards.
 significant performance improvement over shared, half-duplex Ethernet

 bidirectional traffic (both directions)
 uses point-to-point connections - no hubs
 collision free
The Full-Duplex Ethernet Switch (FDES) takes advantage of the two pairs of required
cables in this configuration by creating a direct connection between the transmit (TX) at
one end of the circuit to the receive (RX) end of the other circuit. The same holds true for
the opposite circuits on each end. With these two stations connected this way a collision free
domain is created. Both stations are not sharing the same wiring pair to transmit and
receive.
 transmit circuit connects directly to receive circuit

 no collisions
 significant performance improvement
38
 eliminates contention on Ethernet point-to-point link

 uses a single port for each full-duplex connection
Standard Ethernet usually can only use 50-60% of the 10Mbps available bandwidth. This is
due to collisions and latency. Full duplex Ethernet offers 100% of the bandwidth in both
directions. This produces a potential 20Mbps throughput - 10Mbps TX and 10Mbps RX.
Layer 2 LAN Switch
LAN switches are considered 'multiport bridges' with no 'collision domain' because of
'microsegmentation'. Data is exchanged at high speeds by switching the packet to its
destination.
 multiport bridge
 one broadcast domain
 no collision domain
 transparent to upper layers
 switching and filtering based on Layer 2 MAC addresses
 forwards packets based on a forwarding table
 enables dedicated access
 eliminates collisions and increases capacity
 supports multiple conversations at a time
Microsegmentation - Division of a network into smaller segments, usually with the intention
of increasing aggregate bandwidth to network devices.
Ethernet switching increases the bandwidth available on a network. It does this by creating
dedicated network segments (point-to-point connections) and connecting those segments in
a virtual network within the switch. This virtual network circuit exists only when two nodes
need to communicate.
Virtual circuit - Logical circuit created to ensure reliable communication between two
network devices. A virtual circuit is defined by a VPI/VCI pair, and can be either permanent
(a PVC) or switched (an SVC). Virtual circuits are used in Frame Relay and X.25. In ATM,
a virtual circuit is called a virtual channel. Sometimes abbreviated VC .
Even though the LAN switch eliminates 'collision domains', all hosts connected to the switch
are still in the same 'broadcast domain' . Therefore a broadcast from one node will still be
seen by all other nodes connected through the LAN switch.
An Ethernet switch 'learns' addresses by:
1. reading the 'source address' of each packet transmitted
2. noting the port where the frame was heard
3. addind this information to its 'forwarding database'

39
Addresses are learned 'dynamically' - as new addresses are read they are learned and stored
in 'content addressable memory' (CAM). Each time an address is stored it is time stamped
and stored for a set period of time. Each time an address is referenced or found in the CAM,
it receives a new time stamp. Addresses that are not referenced during set period of time are
removed from the list. By removing aged or old addresses the CAM maintains an accurate
and functional forwarding database.
Parallelism - Indicates that multiple paths exist between two points in a network. These
paths might be of equal or unequal cost. Parallelism is often a network design goal: if one
path fails, there is redundancy in the network to ensure that an alternate path to the same
point exists.
Symmetrical LAN Switch:
 Provides switched connections between like bandwidths (all 10 or all 100 Mbps)
 Optimized for even distribution of network traffic across the entire network such as
in a 'Peer-to-Peer' environment.
Asymmetric LAN Switch:
 Provides switching between unlike bandwidths (10/100 Mbps)

 Requires the switch to use memory buffering
 Optimized for 'Client-Server' environments
Memory Buffering - An Ethernet switch may use a buffering technique to store-and-forward

packets to the correct port or ports. This memory buffer can make use of two methods for
forwarding packets
1. port based memory buffering (packets are stored in queues that are linked to
specific incoming ports), or
2. shared memory buffering (deposits all packets into a common memory buffer that
is shared by all the ports on the switch).
'Store and forward' packet switching - Packet-switching technique in which frames are
'Cut-through' packet switching - Packet switching approach that streams data through a
switch so that the leading edge of a packet exits the switch at the output port before the
packet finishes entering the input port. A device using cut-through packet switching reads,
processes, and forwards packets as soon as the destination address is looked up, (first 16
bytes) and the outgoing port determined. Also known as on-the-fly packet switching.
'Fragment Free' packet switching is a variation of 'Cut-through' packet switching

with the difference of reading more of the leading edge of the incomming packet
(first 64 bytes), enough to be sure the packet is not a bad formatted packet or packet
40
fragment. 'Fragment Free' packet switching does not add appriciably to switching
latency.
'Spanning-Tree Protocol' (STP) - Bridge protocol that utilizes the spanning-tree algorithm,
enabling a learning bridge to dynamically work around loops in a network topology by
creating a spanning tree. Bridges exchange bridge protocol data unit (BPDU) messages with
other bridges to detect loops, and then remove the loops by shutting down selected bridge
interfaces. Refers to both the IEEE 802.1 Spanning-Tree Protocol standard and the earlier
Digital Equipment Corporation Spanning-Tree Protocol upon which it is based. The IEEE
version supports bridge domains and allows the bridge to construct a loop-free topology
across an extended LAN.
 Switches forward broadcast frames

 Prevents loops that can cause 'broadcast storms',
(expotentially proliferate frames)
 Allows redundant links
 Prunes topology to a minimum spanning tree
 Resilient to topology changes and device failures
A switch uses STP on all Ethernet and Fast Ethernet-based VLANs. STP detects and breaks
loops by placing some connections in a standby mode, which are activated in the event of an
active connection failure. A separate instance of STP runs within each configured VLAN,
ensuring Ethernet topologies that conform to industry standards throughout the network.
The supported STP states are as follows:
 Blocking - No frames forwarded, BPDUs heard

 Listening - No frames forwarded, listening for frames
 Learning - No frames forwarded, learning addresses
 Forwarding - Frames forwarded, learning addresses
 Disabled - No frames forwarded, no BPDUs heard
1. States initially set, later modified by STP
2. Server ports can be configured to immediately enter STP forwarding mode
3. Determine the status, cost, and priority of ports and VLANs using the 'show
spantree' command.
Unicast - Message sent to a single network destination.
Broadcast - Data packet that will be sent to all nodes on a network. Broadcasts are identified
by a broadcast address.
Multicast - Single packets copied by the network and sent to a specific subset of network
addresses. These addresses are specified in the destination address field.
VLAN
41
An Ethernet switch is designed to physically segment a LAN into individual collision

domains. However, each segment is still part of one broadcast domain. The total number of
segments on a switch equals one broadcast domain. This means that a broadcast from a
node on one segment is seen by all nodes on all other segments.
Virtual Local Area Networks (VLANs) are a grouping of network devices or users that is not
restricted to a physical switch segment. A VLAN is a logical grouping of devices or users. A
VLAN creates a single broadcast domain that is not restricted to a physical segment and is
treated like a subnet.
VLAN setup is done in the switch via software. VLANs are not standardized and require the
use of proprietary software from the switch vendor.
. Virtual LANs (VLANs)
1. Introduction to VLANs
2. What is a Virtual LAN (VLAN)?
3. Frame Filtering
4. Frame Tagging
5. Adding, Moving, or Changing User Locations
6. VLANs Establish Broadcast Domains
7. Tightening Network Security
8. Remove the Physical Boundaries
9. Static VLANs
10. Dynamic VLANs
VLAN - Virtual LAN:
A group of devices on a LAN that are configured (using management software) so that they
can communicate as if they were attached to the same wire, when in fact they are located on
a number of different LAN segments. Because VLANs are based on logical instead of
physical connections, they are extremely flexible. VLANs logically segment the physical
LAN infrastructure into different subnets (broadcast domains for Ethernet) so that
broadcast frames are switched only between ports within the same VLAN.
VLANs
 A group of ports or users in the same broadcast domain

42
 group can be based on port ID, MAC address, protocol, or application

 LAN switches and network management software provide a mechanism to create
VLANs
 Frames tagged with VLAN ID
 Logical networks independent of their members' physical location

 Administratively defined broadcast domain
 Users reassigned to different VLAN using software
Broadcast domain - The set of all devices that will receive broadcast frames originating from
any device within the set. Broadcast domains are typically bounded by routers because
routers do not forward broadcast frames.
Virtual LAN (VLAN) technology is a cost effective and efficient way of grouping network
users into 'virtual workgroups' regardless of their physical location on the network.
 VLANs work at Layer 2 and Layer 3 of the OSI model

 VLANs provide a method of controlling network broadcast
 Which users are part of a VLAN is controlled by the network administrator
 VLANs can increase network security by defining which network nodes can
communicate with each other
Why create VLANs ?
 Simplify moves, adds, and changes

 Reduce administrative costs
 Better control of broadcasts
 Tighten network security
 Microsegment with scalability
 Distribute traffic load
 Relocate servers into secure locations
Switches (the core of VLANs) - Network device that filters, forwards, and floods frames
based on the destination address of each frame. The switch operates at the data link layer of
the OSI model.
 Are entry points for end-station devices into switched fabric

 Provide intelligence to:
o Group users, ports, or logical addresses
o Make filtering and forwarding decisions
 sent
 filter
 broadcast
o Communicate with other switches and routers
 Use frame filtering or frame tagging (identification)
 Switching and filtering based on the Layer 2 (bridging) and Layer 3 (routing)
address
43
Frame Filtering (similar to scheme used by routers)
 A filtering table is developed for each switch

 Switches share address table information
 Table entries are compared with frames
 Switch takes appropriate action (send, filter, broadcast)
 not very scalable (because each frame has to be referenced to a lookup table)
Frame Tagging (more scalable solution)
 Specifically developed for multi-VLAN, interswitched communications

 Places unique identifier in header of each frame as it travels across the network
backbone (vertical cabling)
 Identifier removed before frame exits switch on nonbackbone links (horizontal
cabling)
 Functions at Layer 2 (Data Link)
 Requires little processing or administrative overhead
 Logical segmentation across the backbone
 IEEE 802.1q
VLANs provide an effective mechanism for controlling changes and reducing much of the
cost associated with hub and router reconfigurations. Users in a VLAN can share the same
network "address space" (IP subnet) regardless of their location.
Static VLANs
 Assigned ports on a switch (port-centric)

 Maintain their assigned VLAN configurations until you change them
 Static VLANs are secure, easy to configure and monitor
 Works well in networks where moves are controlled and managed
Dynamic VLANs
 VLANs assigned using centralized VLAN management applications

 VLANs based on MAC address, logical address, or protocol type
 Less administration in the wiring closet
 Notification when unrecognized user is added to the network
Broadcasts need Boundaries
 Broadcast traffic can result from multimedia applications, faulty devices

 Broadcasts (from one segment) can bring down a network
 Firewalls segment a network (commonly provided by a router)
 VLANs plus routers bound broadcasts to domain of the original
Preventive measures need to be taken to ensure against broadcast-related problems. One

effective measure is to properly segment the network with protective firewalls that prevent
as much as possible, problems on one segment from damaging other parts of the network.
44
Broadcast - Data packet that will be sent to all nodes on a network. Broadcasts are identified
by a broadcast address.
Multicast - Single packets copied by the network and sent to a specific subset of network
addresses. These addresses are specified in the destination address field.
Unicast - Message sent to a single network destination.
Firewall - Router or access server, or several routers or access servers, designated as a

buffer between any connected public networks and a private network. A firewall router uses
access lists and other methods to ensure the security of the private network. Firewall
segmentation provides reliability, and minimizes the overhead of broadcast traffic, allowing
for greater throughput of application traffic.
When no routers are placed between switches, broadcasts (Layer 2 transmissions) are sent
to every switched port. This is commonly referred to as a "flat" network where there is one
broadcast domain across the entire network.
VLANs are an effective mechanism for extending firewalls from the routers to the switch
fabric and protecting the network against potentially dangerous broadcast problems while
maintaining all of the performance benefits of switching. Broadcast traffic within one
VLAN is not transmitted outside the VLAN. You can easily control the size of the broadcast
domain by regulating the overall size of its VLANs, restricting the number of switch ports
within a VLAN and restricting the number of users residing on these ports and lower the
overall vulnerability of the network to broadcast storms.
Broadcast storm - Undesirable network event in which many broadcasts are sent
simultaneously across all network segments. A broadcast storm uses substantial network
bandwidth and, typically, causes network time-outs.
Tightening Network Security
 Segment network into multiple 'broadcast groups'

 Restrict the number of users in a VLAN group
 Disallow users from joining without first receiving approval from the VLAN
network management application
 Use VLANs and router 'access lists' based on:
o Station address
o Application types
o Protocol types
VLANs thus provide 'security firewalls', restrict individual user access and flag any
unwanted intrusion to a network manager. Further security enhancements can be added
using router 'access lists' which are especially useful when communicating between VLANs.
On the secured VLAN, the router restricts access into the group as configured on both the
switches and the routers.
Access list -
45
1. List kept by Cisco routers to control access to or from the router for a number of
services (for example, to prevent packets with a certain IP address from leaving a
particular interface on the router).
2. Command that creates an entry in a standard traffic filter list.
VLANs remove physical boundaries
 Group users by department, team, or application (VLAN organizations)

 Routers provide communication between VLANs
Routers remain vital for switched architectures configured as VLANs because they provide
the communication between logically defined workgroups (VLANs). Layer 3
communication, either embedded in the switch or provided externally, is an integral part of
any high-performance switching architecture.
Switches and Hubs
Network managers are leveraging their investments by connecting switches to the

backplanes of the hubs. Each hub segment connected to a switch port can be assigned to
only one VLAN. The more the shared hub can be broken into smaller groups, the greater
the microsegmentation and the greater the VLAN flexibility for assigning individual users
to VLAN groups.
VLAN Implementation
VLAN Membership by 'port' maximizes forwarding performance because:
 Users are assigned by port

 VLANs are easily administered
 Maximizes security between VLANs
 Packets do not 'leak' into other domains
 VLANs and membership are easily controlled across network
Static VLANs
 Assigned ports on a switch (port-centric)

 works well in networks where moves are controlled and managed
Dynamic VLANs
 VLANs assigned using a centralized management application

 Less administration in the wiring closet
46
Important to any VLAN architecture is the ability to transport VLAN information between
interconnected switches and routers that reside on the corporate backbone.
 VLAN transport enables enterprise-wide VLAN communications.

o transport capabilities remove the physical boundaries between users
o configuration flexibility of a VLAN solution when users move
o provide for interoperability between backbone system components
4. LAN Design
1. Developing Layer 1 LAN topology
2. Cabel Types Characteristics
3. Extended Star Topology
4. Extended Star Topography in a Multi-Building Campus
5. Layer 2 Switching
6. Layer 2 Switch with Hubs
7. Layer 2 - Migrate to Higher Bandwidth
8. Use Routers to Impose Logical Structure
9. Layer 3 Router Implementation
10. Layer 3 Router for Segmentation
One of the most critical steps to insure a fast and stable network is the design of the
network. This design activity is truly an in-depth process, which includes:
 Gathering the users requirements and expectations

 Determining data traffic patterns now and in the future based on growth and Server
placements
 Defining all of the layer 1, 2 &3 devices and along with LAN and WAN topology
 Document the physical and logical network implementation
LAN Design Goals:
 Functionality - the network must work with reasonable speed and reliability.
 Scalability - the network must be able to grow without any major changes to the
overall design.
 Adaptability - the network must be designed with an eye toward future technologies,
and should include no element that would limit implementation of new technologies
as they become available.
47
 Manageability - the network would be designed to facilitate network monitoring and

management.
Design Methodology
1. Analyse requirements
2. Develop LAN structure (topology)
3. Set up addressing (and naming conventions) and routing
Step 1... - Analyze Requirements (of the network and its users)
 Business issues
 Technology issues
 Administrative issues
 Gather Data -
o Corporate Structure
o Business information flow
o Applications in use
o Current topology
o Performance characteristics of current network
o Determine if documented policies are in place
o Mission-critical data
o Mission-critical operations
o Approved protocols and platforms
o Control versus distributed authority
 Business requirements
 Technical requirements
 New applications or business operations
 Availability requirements -
o Throughput
o Response time
o Access to resources
Design Rule: First and foremost you must understand the customer.
Design Rule: Find out what availability means to your customer.
Step 1... - Analyse Network Load Requirements
 Client/Server applications
 Host/terminal applications
 Routing protocols
 Reqularly scheduled services, such as file backup
 Estimate worst-case traffic load during the busiest times for users and during
regularly scheduled network services
48
Design Rule: Before developing an internetwork structure and provisioning hardware,

determine the network traffic load.
Design Rule: Evaluate applications that cause traffic problems (congestion).
Step 2... - Develop LAN Topology
 LAN topology that will satisfy Step 1 requirements

 Star Topology
 Extended Star Topology
Star topology -
1. A LAN topology in which end points on a network are connected to a common

central hub/switch by point-to-point links.
2. A ring topology that is organized as a star, implements a unidirectional closed-loop

star (star wired ring), instead of point-to-point links.
Step 3... - Layer 3 Addressing
 The router divides subnets and networks

 The router structures an internetwork
 Logical addressing should be mapped to the physical network
 Develop and document the IP addressing scheme to be used in the network
Step 3... - Setting Up VLAN Implementation
 Group users by department, team, or application

 Provide broadcast containment and security
 Routers provide communiocation between VLANs (and security)
VLAN (Virtual LAN) - Group of devices on a LAN that are configured (using management
software) so that they can communicate as if they were attached to the same wire (media),
when in fact they are located on a number of different LAN segments. Because VLANs are
based on logical instead of physical connections, they are extremely flexible.
What problems are you trying to solve?
 Media contention
o too many devices, all with a high demand for the network segment
 Excessive broadcasts
o client packets looking for services
o too many server packets announcing services
o too many routing table updates
 Need to transport new payloads
o voice and video network services
 Need for more bandwidth
 Overloaded backbone
49
 Network-layer addressing issues

o running out of IP addresses
o need for physically separate subnets
o other issues dependent on the protocols
Ethernet Technology
Segmentation - Bridging and switching are both used for segmentation
 Results in multiple collision domains

 Still a single broadcast domain
 Stations can get dedicated bandwidth
Collision domain (bandwidth domain) - In Ethernet, the network area within which frames
that have collided are propagated (everything associated with one port on a bridge or
switch). Repeaters and hubs propagate collisions; LAN switches, bridges and routers do
not.
routers do not forward broadcast frames (everything associated with one port on a router).
All broadcasts from any host in the same broadcast domain are visible to all other hosts in
the same broadcast domain. Broadcasts must be visible to all hosts in the broadcast domain
in order to establish connectivity.
The scalability of the collision domain depends on total traffic, and the scalability for a
broadcast domain depends on total broadcast traffic.
Network Design
The major pieces of this topology design can be broken into three unique categories of the
OSI model...
 Layer 1 - Physical Layer

Includes wire media type such as CAT5 UTP and fiber-optic cable along with
EIA/TIA 568 Standard for layout and connection of wiring schemes.
Design Goal: Build this layer of the OSI model with speed and expansion capabilities.
 Layer 2 - Data Link Layer

Includes selection of Layer 2 devices such as bridges or LAN switches used to
interconnect the Layer 1 media to for a LAN segment. Devices at this layer will
determine the size of the collision and broadcast domains.
Design Goals:
o Create a concentration point within the MDFs or IDFs where end host can be
grouped at Layer 1 to form a physical LAN segment.
50
o Install LAN switching devices that use microsegmentation in order to reduce

the collision domain size.
o Create a point (at Layer 2) of the topology where users can be grouped into
virtual workgroups (VLANs) and unique broadcast domains.
 Layer 3 - Network Layer

Includes selection of layer 3 devices such as routers which are used to create unique
LAN segments and allow communication between segments based on layer 3
addressing such as IP addressing.
Design Goals:
o Build a path between LAN segments that will filter the flow of data packets.
o Isolate ARP protocol broadcast
o Isolation of collisions between segments.
o Filtering of Layer 4 services between segments.
Layer 1 Media and Topology
The Physical layer controls the way data is transmitted between source and destination
node.
Physical layer - Layer 1 of the OSI reference model. The physical layer defines the electrical,
mechanical, procedural and functional specifications for activating, maintaining, and
deactivating the physical link between end systems.
Media - Plural of medium. The various physical environments through which transmission
signals pass. Common network media include twisted-pair, coaxial and fiber-optic cable,
and the atmosphere (through which microwave, laser, and infrared transmission occurs).
Sometimes called physical media.
Topology - Physical arrangement of network nodes and media within an enterprise

networking structure.
Cable Plant types:
 Electrical (copper)
o coaxial
o twisted pair
 Fiber-optic
o multimode
o single-mode
 Wiring configurations
o Star / Extended Star
o Distance limitations
Star Topology using CAT5 (UTP):
 Specified by EIA/TIA 568 standard

51
 The MDF is the center of the star

 The MDF is the Point of Presence (POP) for outside services from the WAN
provider
EIA/TIA-568 - Standard that describes the characteristics and applications for various
grades of UTP cabling.
Category 5 (CAT5) cabling - One of five grades of UTP cabling described in the EIA/TIA-
568B standard. Category 5 cabling is used for running CDDI and can transmit data at
speeds up to 100 Mbps.
In a simple star with only one wiring closet, the main distribution facility (MDF) will include
one or more horizontal cross connect (HCC) patch panels. HCC patch cables will be used to
connect the Layer 1 'horizontal cabling' with the Layer 2 LAN switch ports. The uplink port
of the LAN switch will be connected to the Ethernet port of the Layer 3 router using 'patch
cable' also. At this point the end host will have a complete physical connection to the router
port. The quantity of horizontal cable run and the size (number of ports) of the HCC patch
panels will be determined by the user's requirements.
Design Hint: Review the user’s requirements to determine what the user expects for the
number of horizontal cable runs to each room that the MDF or IDF will be servicing in its
catchment area.
Extended Star Topology:
 Specified by EIA/TIA standards
 Creates multiple catchment areas interconnected with vertical cabling
 All vertical cabling is connected to the MDF to create a single LAN segment
Vertical cabling - (Backbone cabling) Cabling that provides interconnections between wiring
closets, wiring closets and the POP, and between buildings that are part of the same LAN.
Catchment areas - Zone that falls within area that can be served by an internetworking
device such as a hub.
MDF - Main Distribution Facility. Primary communications room for a building. Central
point of a star networking topology where patch panels, hub, and router are located.
IDF - Intermediate Distribution Facility. Secondary communications room for a building

using a star networking topology. The IDF is dependent on the MDF.
Layer 1 Documentation (Logical Diagram)
 Logical diagram is a snapshot view of over all LAN implementation

 Useful in troubleshooting problems and implementing expansion in the future
 Elements of the Logical Diagram Include:
o Exact locations of MDF and IDF's wiring closets
52
o The type and quantity of cabling used to interconnect the IDFs with the
MDF, along with how many spare cables are available for increasing the
bandwidth between the wiring closets.
o Detailed documentation of all cable runs, what the identification number is
and which port on the HCC or VCC that run is terminated on. This is called
a 'cut sheet'.
Layer 2 - LAN Switching
The purpose of Layer 2 (Data Link Layer) devices in the network are to provide 'flow
control', 'error detection & correction', and 'reduce congestion' in the network. The two most
common Layer 2 devices (other than the NIC, which every host on the network has to have)
are Bridges and LAN switches.
LAN switchs (Layer 2 Switch) can allocate bandwidth on a per port basis thus allowing
more bandwidth to vertical cabling, uplinks and servers.
Note: The theoretical maximum bandwidth for a Layer 2 Switch is:
Theoretical No-of-ports * Bandwidth

Maximum = -----------------------
Bandwidth 2
Asymmetric Switching -
 Provides switching between unlike bandwidths (10/100 Mbps)

 Requires the switch to use memory buffering
Use Switches to reduce congestion:
 Avoid congestion on a LAN by using microsegmentation to eliminate collision

domains
 Cascade switches and hubs
 Tailor availability to the needs of the device
By installing LAN switching at the MDF and IDFs we can start to look at the size of our
collision domains and the speed for each horizontal cable and vertical cable run. Since the
vertical cable will be carrying all of the data traffic between the MDF and the IDFs, the
capacity of this run must be larger.
Layer 2 Switch Collision Domains:
 In a pure switch LAN environment, the size of the collision domain is between two
host.
 When using hubs, the size of the collision domain increases and bandwidth is
shared.
53
A shared LAN hub is a multiport repeater and therefore is a collision domain. All hosts
connected to the shared LAN hub share the same collision domain and the bandwidth.
Layer 2 Switch with Hubs:
 use hubs to supply more connection points for hosts
Layer 2 Migrating to higher bandwidth:
 migration to higher bandwidth is as simple as patch to higher speed port or adding

additional high speed ports
 double the capacity in the vertical cabling by bringing up another link
Layer 3 - Routing
Implementation of Layer 3 (Network Layer) devices such as routers allow for segmentation
of the LAN into unique networks both physical and logical. Routers also allow for
connectivity to wide area networks (WANS) such as the Internet.
 Routers serve as broadcast firewalls

 Routers consolidate for scalable internetworks
 Network protocol addressing and routing provides built-in scaling
Use Routers to Impose Logical Structure
 One router divides subnets and networks

 One router structures an internetwork
 Routers serve as broadcast firewalls
Routers permit greater scalability because they serve as firewalls for broadcasts (broadcast
domains). With bridges and switches, all unknown addresses must be flooded out every
port. The router also is the central point in the LAN for traffic destination of the WAN port.
File Servers and Traffic Patterns
One of the keys to designing a successful network is to understand the data traffic network.
The Applications (servers) can be categorized into two distinct classes - (1) 'enterprise
servers' and (2) 'workgroup servers'. Within the MDF and IDFs, the Layer 2 LAN switches
must have high speed (100MBps) ports allocated for these servers.
Enterprise network - Large and diverse network connecting most major points in a company
or other organization. Differs from a WAN in that it is privately owned and maintained.
Enterprise servers - support all of the users on the network such as E-mail or DNS. Work
Group servers - support a specific set of users.
Since everyone on the network needs access to the enterprise servers, it should be connected
to the MDF. This way traffic to these type of services only have to travel to the MDF and
will not be transmitted across other networks.
54
Workgroup - Collection of workstations and servers on a LAN that are designed to

communicate and exchange data with one another.
The Workgroup servers should be placed in the IDF closest to the users accessing these
applications. By doing this, traffic to these servers will only have to travel network
infrastructure to that IDF and will not affect other users on that network segment.
Documenting Your Network
What to Document:
 Physical Network Maps (cutsheet)

 Logical Network Map (IP addressing scheme)
 Addressing Maps (snapshot view of network)
A standard should be set in the addressing of important hosts on the network. This
addressing scheme should be kept consistent throughout the entire network.
Reasons to Document:
 Dramatically decreases problem resolution time

 Networks with the most problems, have the least documentation
 Networks with good documentation drastically reduce problem load
 The more documentation the better
5. Interior Gateway Routing Protocol (IGRP)
1. Routed versus Routing Protocols
2. Multiprotocol Routing
3. Representing Distance with Metrics
4. Distance Vector Concept
5. Distance Vector Network Discovery
6. Distance Vector Topology Changes
7. Interior or Exterior Routing Protocols
8. Interior IP Routing Protocols
9. IP Routing Configuration Tasks

55
10. IGRP Configuration Example
Review:
 Internetworking functions of the 3Network Layer include 'network addressing' and

'best path selection' for traffic.
 'Network addressing' uses one part to identify the path used by the router and one
part for ports or devices on the net.
 'Routed protocols' carry user traffic, while 'Routing protocols' work between routers
to maintain path tables.
 Network discovery for 'Distance vector' involves exchange of routing tables;
problems can include 'slower convergence'.
 For 'Link-state', routers calculate the shortest paths to other routers; problems can
include 'inconsistent updates'.
 'Balanced hybrid' routing uses attributes of both link-state and distance vector,
applying paths to several protocols.
Network Layer (Path Determination)
 Layer 3 functions to find the best path through the internetwork

 Routing services use network topology information
 Provides best effort end-to-end packet delivery services to its user, the Transport
layer
 Sends packets from the source network to the destination network based on IP
routing table
 After the router determines which path to use, it can proceed with 'switching' the
packet
Network Layer (Communicate Path)
 Addresses represent the path of media connections

 Provide a relay connection that interconnects independent networks
 Consistent end-to-end addressing improves the use of bandwidth by preventing
unnecessary broadcasts
Routing Table (Destination Network Address & Next Hop

pairs)
------------------------------------------------------------
[ Interface ][ Desirability ][ Next Hop ][ Destination ]
----------- -------------- ---------- -----------------
[ E0 ][ + ][ Router C ][ 111.222.333.444 ]
[ E1 ][ - ][ Router B ][ 192.168.130.123 ]
[ S0 ][ * ][ Router D ][ Default Gateway ]
------------------------------------------------------------
 IP routing specifies that IP datagrams travel through internetworks one hop at a
time
 At each stop, the next destination is calculated by matching the datagrams
destination network address with an outgoing interface
 If no match is found, the datagram is sent to the Default router
56
Router 'path determination' function:
enables the router to select the most appropriate interface for forwarding a packet.
Router 'switching' function:
allows a router to accept a packet on one interface and forward it on a second

interface.
Addressing ( Network & Host)
 Network Addrress - Location part used by the router

 Host Address - Specific port or device on the network
 Destination Address AND Subnet Mast = Destination Network
 During AND operation, the Host portion is removed
 Network portion of address used to make path selections
 Node portion refers to a specific device in the network
Routed vs Routing Protocols
Routed protocol
used between routers to carry user traffic (Ex. IP,IPX)
Routing protocol
used between routers to maintain tables (Ex. RIP,IGRP)
Routed protocol - Protocol that can be routed by a router. A router must be able to interpret
the logical internetwork as specified by that routed protocol. Examples of routed protocols
include AppleTalk, DECnet, and IP.
Routing protocol - Protocol that accomplishes routing through the implementation of a

specific routing algorithm. Examples of routing protocols include IGRP, OSPF, and RIP.
RIP (Routing Information Protocol) - IGP supplied with UNIX BSD systems. The most
common IGP in the Internet. RIP uses hop count as a routing metric.
IGRP (Interior Gateway Routing Protocol) - IGP developed by Cisco to address the problems
associated with routing in large, heterogeneous networks.
EIGRP (Enhanced Interior Gateway Routing Protocol) - Advanced version of IGRP

developed by Cisco. Provides superior convergence properties and operating efficiency, and
combines the advantages of link state protocols with those of distance vector protocols.
OSPF (Open Shortest Path First) - Link-state, hierarchical IGP routing protocol proposed as
a successor to RIP in the Internet community. OSPF features include least-cost routing,
multipath routing, and load balancing. OSPF was derived from an early version of the ISIS
protocol.
57
Network Layer (Protocol Operations)
 Each router provides its services to support upper-layer functions

 Routers pass traffic from all routed protocols over the internetwork
 Adaptive to topology changes
 Routing protocols maintains and distributes routing information
 Information used to select the best path for routing
Multiprotocol Routing:
routers that are capable of supporting multiple independent routing protocols and
maintaining routing tables for several routed protocols concurrently. This capability
allows a router to deliver packets from several routed protocols such as IP and IPX
over the same data links.
Static route:
a route that is explicitly configured and entered into the routing table. Static routes
take precedence over routes chosen by dynamic routing protocols. Use a protocol
route that a network administrator enters into the router. Fixed route to address (as
in a 'stub' network) reflects administrators knowlege. Useful for controlling security
and reducing traffic.
Dynamic routing:
routing that adjusts automatically to network topology or traffic changes. Also

called adaptive routing. Uses a route that a network routing protocol adjusts
automatically for topology or traffic changes. The success of dynamic routing
depends on two basic router functions:
1. Maintenance of a routing table
2. Timely distribution of knowledge in the form of routing updates to other

routers
Default route:
routing table entry (manually defined by the system administrator) that is used to
direct frames for which a next hop is not explicitly listed in the routing table.
A routing protocol describes:
 How updates are sent

 What knowledge is contained in these updates
 When to send this knowledge
 How to locate recipients of the updates
Representing distances with Metrics:

58
 Bandwidth - Data capacity of a link. For instance, normally, a 10-Mbps Ethernet

link is preferable to a 64-kbps leased line.
 Delay - Length of time required to move a packet from source to destination.
 Load - Amount of activity on a network resource such as a router or link.
 Reliability - Usually refers to the error rate of each network link.
 Hop count - Number of routers a packet must pass through.
 Ticks - Delay on a data link using IBM PC clock ticks (approximately 55
milliseconds).
 Cost - Arbitrary value, usually based on bandwidth, dollar expense, or other
measurement, that is assigned by a network administrator.
Distance vector routing algorithm - Class of routing algorithms that iterate on the number of
hops in a route to find a shortest-path spanning tree. Distance vector routing algorithms call
for each router to send its entire routing table in each update, but only to its neighbors.
Distance vector routing algorithms can be prone to routing loops, but are computationally
simpler than link state routing algorithms. Distance vector algorithms do not allow a router
to know the exact topology of an internetwork. Also called Bellman-Ford routing algorithm.
Distance Vector Routing:
 Pass periodic copies of routing table to neighbor routers and accumulate distance
vectors
 Routers discover the best path to destination from each neighbor
 Updates proceed step-by-step from router to router
Link state routing algorithm - (also called Shortest Path First) Routing algorithm in which
each router broadcasts (floods) or multicasts information regarding the cost of reaching
each of its neighbors to all nodes in the internetwork. Link state algorithms create a
consistent view of the network and are therefore not prone to routing loops, but they
achieve this at the cost of relatively greater computational difficulty and more widespread
traffic (compared with distance vector routing algorithms).
Convergence - The speed and ability of a group of internetworking devices running a

topology.
 Convergence occurs when all routers use a consistent perspective of network

topology (When all routers in an internetwork are operating with the same
knowledge)
 After a topology changes, routers must recompute routes, which disrupts routing
 The process and time required for router reconvergence varies in routing protocols
Autonomous System (AS) - consists of routers, run by one or more operators, that present a
consistent view of routing to the external world. (Routers under a common administration).
The Internet Network Information Center (InterNIC) assigns a unique autonomous system
to enterprises. This autonomous system is a 16-bit number. A routing protocol such as
Cisco's Interior Gateway Routing Protocol (IGRP) requires that you specify this unique,
assigned autonomous system number in your configuration.
Exterior routing protocols

59
are used to communicate between autonomous systems.
Interior routing protocols
are used within a single autonomous system.
Interior IP Routing Protocols:
 RIP - A distance vector routing protocol.

 IGRP - Cisco’s distance vector routing protocol. (supports multipath routing)
 OSPF - A link-state routing protocol.
 Enhanced IGRP - A balanced hybrid routing protocol.
IP Routing configuration tasks:
 Global Configuration:
o Select a routing protocol, RIP or IGRP.
o Assign IP network numbers without specifying subnet values.
 Interface Configuration
o Assign network/subnet addresses and subnet mask
Dynamic Routing configuration
Router(config)# router-protocol [keyword]
 Defines an IP routing protocol (starts a routing process)

 protocol - RIP,IGRP,OSPF,EIGRP
 keyword - autonomous system
 The network subcommand is a mandatory configuration command for each IP

routing process (allows the routing process to determine which interfaces will
participate in the sending and receiving of routing updates)
 network-number - specifies a directly connected network (must be based on the NIC
network numbers, not subnet numbers or individual addresses)
Configuring IGRP
IGRP is a distance vector routing protocol developed by Cisco. IGRP sends routing updates
at 90-second intervals that advertise networks for a particular autonomous system.
 Composite metric selects the path

 Speed is the primary consideration
 Supports multi-path routing
 Supports Equal-cost and Unequal-cost load balancing
 Versatility to automatically handle indefinite, complex topologies.
 Flexibility for segments having different bandwidth and delay characteristics.
 Scalability to function in very large networks.
60
Variables IGRP uses include:
 Bandwidth
 Delay
 Load
 Reliability
 Maximum transmission unit (MTU)
MTU (Maximum transmission unit) - Maximum packet size, in bytes, that a

particular interface can handle.
Router(config)# router igrp autonomous-system
 Defines/selects IGRP as an IP routing process/protocol

 autonomous-system (AS) - Identifies the IGRP router processes that will share
routing information
 Specifies any participating attached networks

 network-number - Specifies a directly connected network: a network number, not a
subnet number or individual address
EXAMPLE:
Router(config)# router igrp 109
 Selects IGRP as the routing protocol for AS 109.
Router(config-router)# network 1.0.0.0
 Specifies a directly connected network.
Router(config-router)# network 2.0.0.0
 Specifies a directly connected network.
Router> show ip protocol
 show ip protocol - Displays IP routing protocol, routing timers and network

information associated with the entire router. The algorithm used to calculate the
routing metric for IGRP is also shown as well as information about routing metrics
(like hop count) and routing filters.
Router> show ip route
 show ip route - Command that displays the contents of an IP routing table.

61
 The table contains a list of all known networks and subnets and the metrics
associated with each entry.
6. Access Control Lists (ACLs)
1. What are Access Lists?
2. How Access Lists Work
3. A Lists of Tests: Deny or Permit
4. Testing Packets with Access Lists
5. Key Concepts for IP Access Lists
6. Standard Access List - Example 1
9. Extended Access List - Example 1
10. Where to Place IP Access Lists
Access Lists perform serveral functions within a cisco router, including:
 Implement security / access procedures

 Act as a protocol "firewall"
Extended Access Lists allow filtering on address, protocol, and applications. Access lists are
used to limit broadcast traffic.
Why use Access Lists:
 Deny traffic you do not want based on packet tests

(for example, addressing or traffic type)
 Identify packets for priority or custom queuing
 Restrict or reduce the contents of routing updates
 Provide IP traffic dynamic access control with enhanced user authentication using
the lock-and-key feature
 Identify packets for encryption
 Identify Telnet access allowed to the router virtual terminals
 Specify packet traffic for dial-in remote sites using dial-on-demand routing (DDR)
Dial-on-demand routing (DDR) - technique whereby a Cisco router can automatically

initiate and close a circuit-switched session as transmitting stations demand. The router
spoofs keepalives so that end stations treat the session as active. DDR permits routing over
ISDN or telephone lines using an external ISDN terminal adaptor or modem.
62
The two main types of access lists are:
1. Standard access lists
o Standard access lists for IP check the 'source address' of packets that could
be routed.
o The result permits or denies output for an 'entire protocol' suite, based on
the network/subnet/host address.
2. Extended access lists
o Extended access lists check for both 'source' and 'destination' packet
addresses. They also can check for 'specific protocols', 'port numbers', and
other parameters.
o Packets can be 'permitted' or 'denied' output based on where the packet

originated and on its destination.
o Generally permits or denies 'specific protocols'
Access lists express the set of rules that give added control for packets that enter inbound
interfaces, packets that relay through the router, and packets that exit outbound interfaces
of the router. Access lists do not act on packets that originates in the router itself.
Access list statements operate in sequential, logical order. They evaluate packets from the
top down. If a packet header and access list statement match, the packet skips the rest of the
statements. If a condition match is true, the packet is permitted or denied. There can be
only one access list per protocol per interface.
NOTE: For logical completeness, an access list must have conditions that test true for all
packets using the access list. A final implied statement covers all packets for which
conditions did not test true. This final test condition matches all other packets. It results in a
deny. Instead of proceeding in or out an interface, all these remaining packets are dropped.
Access List command overview
Step 1: Set parameters for this access list test statement (which can be one of several
statements). The access list process contains global statements:
 This global statement identifies the access list, usually an access list number. This
number refers to the type of access list this will be. In Cisco IOS Release 11.2 or
newer, access lists for IP may also use an access list name rather than a number.
 The permit or deny term in the global access list statement indicates how packets
that meet the test conditions will be handled by Cisco IOS. Permit usually means the
packet will be allowed to use one or more interfaces that you will specify later.
 The final term or terms specifies the test conditions used by this access list
statement. The test can be as simple as checking for a single source address, but
usually test conditions are extended to include several test conditions. Use several
63
global access list statements with the same identifier to stack several test conditions
into a logical sequence or list of tests.
Router(config)# access-list acl-number {permit|deny} {conditions}
Step 2: Enable an interface to become part of the group that uses the specific acces list. The
access list process uses an interface command. All the access list statements identified by the
access-list number associate with one or more interfaces. Any packets that pass the access
list test conditions can be permitted to use any interface in the access group of interfaces.
Router(config-if)# {protocol} access-group acl-number
Access lists are numbered (for IP, numbered or named)
How to identify Access Lists:
* IP Standard 1 - 99
* IP Extended 100-199
Named (Cisco IOS 11.2 and later)
* IPX Standard 800 - 899

* IPX SAP filters 1000 - 1099
* Apple Talk 600 - 699
* Number identifies the protocol and type

* Other number ranges for most protocols
For TCP/IP packet filters, Cisco IOS access lists check the packet and upper-layer headers
for:
 Source IP addresses using standard access lists; identify these with a number in the
range 1 to 99.
 Destination and source IP addresses or specific protocols using extended access lists;
identify these with a number in the range 100 to 199.
 Upper-level TCP or UDP port numbers in addition to the other tests in extended
access lists; also identify these with a number in the range 100 to 199.
 For all of these TCP/IP access lists, after a packet is checked for a match with the
access list statement, it can be denied or permitted to use an interface in the access
group.
Key Concepts for IP Access Lists:
 Standard lists (1-99) test conditions of all IP packets from source address
 Extended lists (100-199) can test conditions of:
o Source and destination address
o Specific TCP/IP-suite protocols
o Destination ports
64
 Wildcard bits indicate how to check the corresponding address bits (0=check,
1=ignore)
Wildcard mask - 32-bit quantity used in conjunction with an IP address to determine which
bits in an IP address should be ignored when comparing that address with another IP
address. A wildcard mask is specified when setting up access lists.
 A wildcard mask bit 0 means "check the corresponding bit value."

 A wildcard mask bit 1 means "do not check (ignore) that corresponding bit value."
NOTE: Wildcard masking for access lists operates differently from an IP subnet mask. A
zero in a bit position of the access list mask indicates that the corresponding bit in the
address must be checked; a one in a bit position of the access list mask indicates the
corresponding bit in the address is not 'interesting' and can be ignored.
How to use Wildcard mask bits -
 IP access list test conditions:
Check for IP subnets: 172.30.16.0 to 172.30.31.0
* address and wildcard mask: 172.30.16.0 0.0.15.255
 Test condition: Ignore all the address bits (match any)
Accept any address: 0.0.0.0 255.255.255.255 (ignore all)
* abbreviate the expression using the key word "any"
 Test condition: Check all the address bits (match all)
Check for an IP host: 172.30.16.29 0.0.0.0 (check all bits)
* Abbreviate the wildcard using the key word "host" followed by the IP address
Standard IP Access List configuration
Access list -
 Standard access lists filter based on a 'source address' and mask.

 Standard access lists permit or deny the entire TCP/IP protocol suite.
Router(config)# access-list acl-number {permit|deny} source [mask]

65
 Sets parameters for this list entry

 IP standard access list 'acl-number' uses 1 - 99
 permit|deny - does this entry allow or block the specified address
 source - source IP addresses
 mask - 0s = must match, 1s = don’t care positions
IP access-group - Command that links an existing access list to an outbound interface.
Router(config-if)# ip access-group acl-number {in|out}
 Activates the list on an interface

 acl-number - the number of the access list to be linked to this interface
 in|out - Selects whether the access list is applied to the incoming or outgoing
interface. If in or out is not specified, out is the default
NOTE: To remove an access list, first enter the 'no ip access-group' command, including
'list number', for each interface where the list had been used, then enter the 'no access-list'
command (with list number).
Standard Access List examples:
(1.) Allow only traffic from a specific source network
Router(config)# access-list 1 permit 172.16.0.0 0.0.255.255
(implicit deny any - not visable in the list)

(access-list 1 deny 0.0.0.0 255.255.255.255)
Router(config)# interface ethernet 0

Router(config-if)# ip access-group 1 out
Router(config-if)# ip access-group 1 out
(2.) Deny a specific host
Router(config)# access-list 1 deny host 172.16.4.13

Router(config)# access-list 1 permit 0.0.0.0 255.255.255.255

(access-list 1 deny 0.0.0.0 255.255.255.255)

Router(config-if)# ip access-group 1
(3.) Deny a specific subnet
Router(config)# access-list 1 deny 172.16.4.0 0.0.0.255

66
Router(config)# access-list 1 permit any

(access-list 1 deny 0.0.0.0 255.255.255.255)

Extended IP Access List configuration
Allow more precise filtering conditions:
 Check source and destination IP address

 Specify an optional IP (TCP or UDP) protocol port number
 Use access list number range 100 - 199
Well-Known IP Protocol Port Numbers (Decimal):
20 - File Transfer Protocol (FTP) data
21 - FTP program
23 - Telnet
25 - Simple Mail Transport Protocol (SMTP)
69 - Trivial File Transfer Protocol (TFTP)
53 - Domain Name System (DNS)
Router(config)# access-list acl-number {permit|deny} protocol

source source-mask destination destination-mask
[operator operand] [established]
 Sets parameters for this list entry
 IP uses a acl-list number in range 100 - 100
 permit|deny - does this entry allow or block the specified address
 protocol - IP, TCP, UDP, ICMP, GRE, IGRP
 source and destination - source and destination IP addresses
 masks - Wildcard mask; 0s = must match, 1s = don’t care positions
 operator and operand - lt, gt, eq, neq (not equal), and a port number
 established - Allows TCP traffic to pass if packet uses an established connection (for
example, has ACK bits set)
IP access-group - Command that links an existing access list to an outbound interface. Only
one access list per port per protocol is allowed.
Router(config-if)# ip access-group acl-number {in|out}

 Activates the extended list on an interface
67
 acl-number - the number of the access list to be linked to this interface

 in|out - Selects whether the access list is applied to the incoming or outgoing
interface. If in or out is not specified, out is the default
Extended Access List examples:
(1.) Deny FTP for E0
Router(config)# access-list 101 deny tcp 172.16.4.0 0.0.0.255

172.16.3.0 0.0.0.255 eq 21
Router(config)# access-list 101 permit ip 172.16.4.0 0.0.0.255
0.0.0.0 255.255.255.255

(access-list 101 deny ip 0.0.0.0 255.255.255.255
0.0.0.0 255.255.255.255)

(2.) Allow only SMTP for E0
Router(config)# access-list 101 permit tcp 172.16.4.0 0.0.0.255

any eq 25

(access-list 101 deny ip 0.0.0.0 255.255.255.255
0.0.0.0 255.255.255.255)

Using Named IP Access Lists
A feature for Cisco IOS Release 11.2 or newer, Named IP access lists can be used to delete
individual entries from a specific access list. This enables you to modify your access lists
without deleting and then reconfiguring them. Use named IP access lists when:
 You want to intuitively identify access lists using an alphanumeric name

 You have more than 99 simple and 100 extended access control lists to be configured
in a router for a given protocol.
NOTE: Most of the commonly used IP access list commands accept named IP access lists.
Router(config)# ip access-list {standard|extended} name

* Alaphanumeric name string must be unique
68
Router(config {std-|ext-}nacl)#
{permit|deny} {ip access list text cond}
{permit|deny} {ip access list text cond}
no {permit|deny} {ip access list text cond}
* Permit or deny statements have no prepended number
* "no" removes the specified tests from the named access list
Router(config-if)# ip access-group {name|1-199 {in|out}}

* Activate the IP named access list on an interface
Where to 'place' IP Access Lists
An access lists can act as a firewall. A firewall filters packets and eliminates unwanted
traffic at a destination. Where the administrator places an access list statement can reduce
unnecessary traffic. Traffic that will be denied at a remote destination should not use
network resources along the route to that destination.
 Place standard access lists close to the destination

 Place extended access lists close to the source

access lists and other methods to ensure the security of the private network.
Router> show ip interface
* Command that displays IP interface information and indicates

whether any access lists are set. (Monitor Access Lists)
Router> show access-lists
* Command that displays the contents of all access lists.

This Cisco IOS command provides more details about the
access list statements. By entering the access list name
or number as an option for this command, you can see a
specific list. (Monitor Access List statements)
Reserved TCP Port Numbers

-------------------------------------------------
Decimal Keyword Description
------- ------------ -------------------------
0 Reserved
1-4 Unassigned
5 RJE Remote Job Entry
7 ECHO Echo
9 DISCARD Discard
11 USERS Active Users
69
13 DAYTIME Daytime
15 NETSTAT Who is Up or NETSTAT
17 QUOTE Quote of the Day
19 CHARGEN Character Generator
20 FTP-DATA File Transfer Protocol (data)
21 FTP File Transfer Protocol
23 TELNET Terminal Connection
25 SMTP Simple Mail Transfer Protocol
37 TIME Time of Day
39 RLP Resource Location Protocol
42 NAMESERVER Host Name Server
43 NICNAME Who Is
53 DOMAIN Domain Name Server
67 BOOTPS Bootstrap Protocol Server
68 BOOTPC Bootstrap Protocol Client
69 TFTP Trivial File Transfer Protocol
75 Any Private Dial-out Service
77 Any Private RJE Service
79 FINGER Finger
95 SUPDUP SUPDUP Protocol
101 HOSTNAME NIC Host Name Server
102 ISO-TSAP ISO-TSAP
113 AUTH Authentication Service
117 UUCP-PATH UUCP Path Service
123 NTP Network Time Protocol
133-159 Unassigned
160-223 Reserved
224-241 Unassigned
242-255 Unassigned
Reserved UDP Port Numbers

-------------------------------------------------
Decimal Keyword Description
------- ------------ -------------------------
0 Reserved
1-4 Unassigned
5 RJE Remote Job Entry
7 ECHO Echo
9 DISCARD Discard
11 USERS Active Users
13 DAYTIME Daytime
15 NETSTAT Who is Up or NETSTAT
17 QUOTE Quote of the Day
19 CHARGEN Character Generator
20 FTP-DATA File Transfer Protocol (data)
21 FTP File Transfer Protocol
23 TELNET Terminal Connection
25 SMTP Simple Mail Transfer Protocol
37 TIME Time of Day
39 RLP Resource Location Protocol
42 NAMESERVER Host Name Server
70
43 NICNAME Who Is
53 DOMAIN Domain Name Server
67 BOOTPS Bootstrap Protocol Server
68 BOOTPC Bootstrap Protocol Client
69 TFTP Trivial File Transfer Protocol
75 Any Private Dial-out Service
77 Any Private RJE Service
79 FINGER Finger
123 NTP Network Time Protocol
133-159 Unassigned
160-223 Reserved
224-241 Unassigned
242-255 Unassigned
7. Novell IPX
1. Novell NetWare Protocol Suite
2. Key Novell NetWare Features
3. Novell IPX Addressing
4. Multiple Novell Encapsulations
5. Cisco Encapsulation Names
6. Novell uses RIP for Routing
7. SAP Service Advertisements
8. Novel IPX Global Configuration
9. Novel IPX Interface Configuration
10. Novell IPX Configuration Example
Novell IPX is similar to TCP/IP and will operate within the same network implementation
and the same route - provided you have a multiprotocol route. Some of its' characteristics
are:
 Used in a client / server environment

(network access transparent to users)
 IPX address is 80 bits (32-bits network + 48-bits node)
(each device has a unique address)
71
 Interface MAC address is part of the logical address (node)

(eliminates the need for an Address Resolution Protocol (ARP))
 Multiple LAN data-link encapsulations per interface
(multiple logical networks on an individual interface; each network requires a single
encapsulation type)
 Default routing protocol is Novell RIP
(Novell RIP uses the distance vectors of ticks and hops)
 SAPs and GNS broadcasts function to connect clients and servers.
(Novell services are advertised using SAP)
(NetWare clients find servers with GNS (Get Nearest Server) packets)
The NetWare protocol stack supports all common media access protocols. The data link and
physical layers are accessed through the Open Data Link (ODI) interface.
Cisco routers offer the following features in Novell environments:
 Access lists and filters for IPX, RIP, SAP, and NetBIOS
 SAP output filter can be imployed to conserve bandwidth
 Scalable routing protocols, including Enhanced IGRP and NLSP
 Configurable RIP and SAP updates and packet sizes
 Serverless LAN support
 Rich diagnostics, management, and troubleshooting features
NetWare - Popular distributed NOS developed by Novell. Provides transparent remote file
access and numerous other distributed network services.
IPX (Internetwork Packet Exchange) - NetWare network layer (Layer 3) protocol used for
transferring data from servers to workstations. IPX is similar to IP and XNS.
 Datagram, connectionless protocol that does not require an acknowledgment for

each packet.
 Layer 3 protocol that defines the internetwork and internode addresses.
SPX (Sequenced Packet Exchange) - Reliable, Transport Layer (Layer 4) connection-

oriented protocol that supplements the datagram service provided by Network layer (Layer
3) protocols. Novell derived this commonly used NetWare transport protocol from the SPP
of the XNS protocol suite.
 Service for Layer 4 connection-oriented services
SAP (Service Advertisement Protocol) - IPX protocol that provides a means of informing
network clients, via routers and servers, of available network resources and services.
GNS (Get Nearest Server) - Request packet sent by a client on an IPX network to locate the
nearest active server of a particular type. An IPX network client issues a GNS request to
solicit either a direct response from a connected server or a response from a router that tells
it where on the internetwork the service can be located. GNS is part of the IPX SAP.
NCP (NetWare Core Protocol) - Provides client-to-server connections and applications.

(network access transparent to users)
72
NetBIOS (Network Basic Input/Output System) - API used by applications on an IBM LAN
to request services from lower-level network processes. These services might include session
establishment and termination, and information transfer.
NLSP (NetWare Link Services Protocol) - Link-state routing protocol based on IS-IS. The
Cisco implementation of NLSP also includes MIB variables and tools to redistribute routing
and SAP information between NLSP and other IPX routing protocols.
How to determine the IPX address:
1. Ask the NetWare administrator
2. Use a Cisco IOS command (CDP) to check on the neighbor Cisco router
o The CDP command summarizes protocols and addresses on target
3. Test the Application Later using 'Telnet'
o Telnet to the neighbor router and use the

'show protocols' or
'show IPX interface' command
o Can the remote router be accessed?
4. Use a NetWare command to check on the NetWare file server/router
o Attach or log in and use the NetWare config utility
NOTE: Assign the same IPX network number(s) to the router that are in use by the IPX
devices connected to that router, whether the interface is a LAN or WAN connection.
CDP (Cisco Discovery Protocol) - Media and protocol independent device discovery
protocol that runs on all Cisco manufactured equipment including routers, access servers,
bridges, and switches. Using CDP, a device can advertise its existence to other devices and
receive information about other devices on the same LAN or on the remote side of a WAN.
Runs on all media that support SNAP, including LANs, Frame Relay, and ATM media.
NetWare allows multiple different Layer 2 frame structures (encapsulations) for Novell IPX
packets. Cisco routers support all of these the framing variations.
[ Novell Name ][ Framing Structure ]

---------------- -------------------
1. Ethernet_802.3 [802.3][IPX] (raw Ethernet)
- default for NetWare 3.11 or earlier)
2. Ethernet_802.2 [802.3][802.2 LLC][IPX] (OSI routing)
- default for NetWare 3.12 or later)
3. Ethernet_II [Ethernet][IPX]
(Used with TCP/IP)
73
4. Ethernet_SNAP [802.3][802.2 LLC][SNAP][IPX]

(Used with TCP/IP and AppleTalk)
Encapsulation - The wrapping of data in a particular protocol header. For example,

Ethernet data is wrapped in a specific Ethernet header before network transit. Also, when
bridging dissimilar networks, the entire frame from one network is simply placed in the
header used by the data link layer protocol of the other network.
Tunneling - Architecture that is designed to provide the services necessary to implement any
standard point-to-point encapsulation scheme.
Note: Multiple encapsulations can be specified on an interface, but only if multiple network
numbers have also been assigned. Although several encapsulation types can share the same
interface, clients and servers with different encapsulation types cannot communicate
directly with each other.
Cisco Encapsulations:
[ Novell IPX Name ][ Cisco IOS Name ]
Ethernet Ethernet_802.3 novell-ether
Ethernet_802.2 sap
Ethernet_II arpa
Ethernet_SNAP snap
Token Ring Token-Ring sap
Token-Ring_SNAP snap
FDDI FDDI_SNAP snap
FDDI_802.2 sap
FDDI_Raw novell-fddi
 Specify encapsulation type when you configure IPX networks
 Make sure the encapsulations on the clients, servers, and routers all match
The default encapsulation types on Cisco router interfaces and their keywords are:
 Ethernet - novell-ether
 Token Ring - sap
 FDDI - snap
Note: The default Ethernet encapsulation type on Cisco routers does not match the default
Ethernet encapsulation type on Novell servers after NetWare 3.11.
Novell uses Novell RIP for routing. Novell RIP checks its two distance vector metrics by first
comparing the ticks for path alternatives. If two or more paths have the same tick value,
Novell RIP compares the hop count. If two or more paths have the same hop count, the
router will load share based on the IPX maximum-paths command.
 Uses ticks (about 1/18 sec) and hop count (maximum of 15 hops)
 Broadcasts routing information to neighbor routers every 60 seconds
74
SAP (Service Advertizements Protocol) - All servers and routers keep a complete list of the
services available throughout the network in server information tables. SAP uses an aging
mechanism to identify and remove table entries that become invalid.
 SAP packets advertize all NetWare network services

 Service Advertisements occur at 60-second intervals
 Adding, finding, and removing services on the internetwork is dynamic because of
SAP advertisements
 Can add excessive broadcast traffic to the network
 Routers do not forward SAP broadcasts. Instead, each router builds its own SAP
table and forwards the SAP table to other routers. By default this occurs every 60
seconds but the router can use access lists to control the SAPs accepted or
forwarded.
Each SAP service is an object type identified by a hexadecimal number:
 4 NetWare file server

 7 Print server
 24 Remote bridge server (router)
GNS Get Nearest Server protocol (SAP query):
 GNS is a broadcast from a client needing a server

 NetWare servers and Cisco routers get this SAP packet
 NetWare servers provide GNS response
 Cisco router will not respond to the GNS request. If there are no NetWare servers
on the local network, the Cisco router will respond with a server address from its
own SAP table.
Novell IPX configuration Tasks:
 Global Configuration
o Start IPX routing process
o Enable Load sharing (if appropriate)
 Interface Configuration
o Assign unique Network numbers
o Set the (optional) Encapsulation type
Router(config)# ipx routing [node address]

 enables Novell IPX routing
 If no node address is specified, the Cisco router uses the MAC address of the
interface
 If a Cisco router has only serial interfaces, an address must be specified
Router(config)# ipx maximum-paths paths

 Configures round-robin load sharing over multiple equal metric paths
 paths - Maximum number of parallel paths to the destination; the default is 1 and
the maximum is 512
75
Router(config-if)# interface type number.subinterface-number

Router(config-if)# ipx network network [encapsulation encap-type]
 Specify a subinterface, then enable IPX routing with encapsulation type

[secondary]
 Assign primary and secondary network number and encapsulation
Subinterface - One of a number of virtual interfaces on a single physical interface:
 Allows a single physical interface to support multiple logical interfaces or networks.

 Several logical interfaces or networks can be associated with a single hardware
interface.
 Each subinterface must use a distinct encapsulation, and the encapsulation must
match that of the clients and servers using the same network number.
Novell IPX Configuration example:
Router(config)# ipx routing

 Selects IPX for routing, and starts IPX RIP
Router(config)# ipx maximum-paths 2

 Allows load sharing over parallel metric paths to the destination. The number of
parallel paths used is limited to two
Router(config-if)# interface ethernet 0.1

 Indicates the first subinterface on interface E0
Router(config-if)# ipx encapsulation novell-ether

 Specifies that Novell's unique frame format is used on this network segment. Cisco's
keyword is novell-ether; Novell's terminology is Ethernet_802.3
Router(config-if)# ipx network 9e

 Network number assigned to subinterface E0.1
Router(config-if)# interface ethernet 0.2

 Indicates the second subinterface on interface E0
Router(config-if)# ipx network 6c encapsulation sap

 Network number assigned to subinterface E0.2
76
Router(config-if)# interface ethernet 1

Router(config-if)# ipx network 4a encapsulation sap
 Specifies that Ethernet 802.2 frame format is used on this network segment. Cisco's
keyword is sap
Router(config-if)# interface serial 0

Router(config-if)# ipx network 1
Verfying IPX operation:
Monitoring Commands:
 show ipx interface (IPX status and IPX parameters configured)

 show ipx route (IPX Routing table contents)
 show ipx servers (IPX server list - discovered through SAP)
 show ipx traffic (Number and type of packets received/transmitted)
Troubleshooting Commands:
 debug ipx routing activity (Information about RIP update packets)

 debug ipx routing sap (Information about SAP update packets)
SAP responses may be one of these types:
0x1 - General query
0x2 - General response
0x3 - Get Nearest Server request
0x4 - Get Nearest Server response
1. Review (of the first 3 Semesters)
1. Developing Layer 1 LAN Topology
2. Cable Types Characteristics
3. Extended Star Topology
4. Extended Star Topography in a Multi-Building Campus
5. Layer 2 Switching
6. Layer 2 Switch with Hubs
7. Layer 2 - Migrate to Higher Bandwidth

77
8. Use Routers to impose Logical Structure
9. Layer 3 Router Implementation
10. Layer 3 Router for Segmentation
LAN Switching (Congestion vs Bandwidth)
Balance depends on having enough bandwidth to meet the needs of the users and the
applications
Bandwidth - The difference between the highest and lowest frequencies available for
network signals. The term is also used to describe the rated throughput capacity of a given
network medium or protocol.
Congestion - Traffic in excess of network capacity.
Segment LANs to:
 Isolate traffic between segments

 Achieve more bandwidth per user by creating smaller collision domains
Segment -
1. Section of a network that is bounded by bridges, routers, or switches.
2. In a LAN using a bus topology, a segment is a continuous electrical circuit that is

often connected to other such segments with repeaters.
3. Term used in the TCP specification to describe a single transport layer unit of
information.
CSMA/CD - Carrier sense multiple access collision detect. Media-access mechanism wherein
devices ready to transmit data first check the channel for a carrier. If no carrier is sensed
for a specific period of time, a device can transmit. If two devices transmit at once, a
collision occurs and is detected by all colliding devices. This collision subsequently delays
retransmissions from those devices for some random length of time. CSMA/CD access is
used by Ethernet and IEEE 802.3.
Collision - In Ethernet, the result of two nodes transmitting simultaneously. The frames
from each device impact and are damaged when they meet on the physical media.
Collision domain - In Ethernet, the network area within which frames that have collided are
propagated. Repeaters and hubs propagate collisions; LAN switches, bridges and routers do
not.
Ethernet LAN data passed between segments is transmitted on the backbone of the network
using a:
78
1. Bridge - Device that connects and passes packets between two network segments
that use the same communications protocol. Bridges operate at the data link layer
(layer 2) of the OSI reference model. In general, a bridge will filter, forward, or
flood an incoming frame based on the MAC address of that frame.
2. Switch - Network device that filters, forwards, and floods frames based on the
destination address of each frame. The switch operates at the data link layer of the
OSI model.
3. Router - Network layer device that uses one or more metrics to determine the
optimal path along which network traffic should be forwarded. Routers forward
packets from one network to another based on network layer (layer 3) information.
Segmenting with LAN Switches
A LAN which uses a switched Ethernet topology creates a network that behaves like it only
has two nodes - the sending node and the receiving node.
 A switch eliminates the impact of collisions through microsegmentation

 Low latency and high frame-forwarding rates at each interface port
 Works with existing 802.3(CSMA/CD) compliant network interface cards and
cabling
 In a switched Ethernet implementation the available bandwidth can reach closer to
100%
 Enables dedicated access
 Eliminates collisions and increases capacity
 Supports multiple conversations at a time
 Creating dedicated network segments (point to point connections) and connecting
those segments in a virtual circuit within the switch
 Still have one broadcast domain
Latency -
1. Delay between the time a device requests access to a network and the time it is
granted permission to transmit.
2. Delay between the time when a device receives a frame and the time that frame is
forwarded out the destination port.
routers do not forward broadcast frames.
Virtual circuit - Logical circuit created to ensure reliable communication between two
network devices.
79
An Ethernet Switch learns the address of each device on the network by:
 Reading the 'source address' of each packet transmitted

 Noting the port where the frame was heard
 Storing learned addresses in content addressable memory (CAM)
 Sends out all ports (except the ports that the frame entered from) when the
destination address is a broadcast, multicast, or an unknown address
 Forwards when the destination is located on a different interface
 Filters when the destination is located on the same interface
Symmetric Switch - provides switched connections between ports with the same bandwidth,
such as all 10 Mbps or all 100 Mbps ports. Multiple simultaneous conversations increase
throughput. (Optimized for peer-to-peer network traffic)
Asymmetric LAN Switch - provides switched connections between ports of unlike bandwidth,
such as a combination of 10 Mbps and 100 Mbps ports. Also called 10/100 switching.
Requires the switch to use memory buffering. (Optimized for 'client-server' network traffic
flows where multiple clients are simultaneously communicating with a server, requiring
more bandwidth dedicated to the switch port that the server is connected to.)
Store and Forward packet switching - Packet-switching technique in which frames are
Cut-through packet switching - Packet switching approach that streams data through a
switch so that the leading edge of a packet exits the switch at the output port before the
packet finishes entering the input port. A device using cut-through packet switching reads,
processes, and forwards packets as soon as the destination address is looked up, and the
outgoing port determined. Also known as on-the-fly packet switching.
Virtual LANs
VLAN (Virtual LAN) - Group of devices on a LAN that are configured (using management
software) so that they can communicate as if they were attached to the same wire, when in
fact they are located on a number of different LAN segments. Because VLANs are based on
logical instead of physical connections, they are extremely flexible.
 A group of ports or users in the same 'broadcast domain'

 Can be based on port ID, MAC address, protocol, or application
 LAN switches and network management software provide a mechanism to create
VLANs
 Fram tagged with VLAN ID
 VLANs plus routers bound broadcasts to domain of origin
 VLANs are an effective mechanism for extending 'firewalls' from the routers to the
switch fabric
 Lowers the overall vulnerability of the network to 'broadcast storms'
80
LAN Switch (Layer 2 Switch) - High-speed switch that forwards packets between data-link
segments. Most LAN switches forward traffic based on MAC addresses. This variety of
LAN switch is sometimes called a 'frame switch'. LAN switches are often categorized
according to the method they use to forward traffic: cut-through packet switching or store-
and-forward packet switching. Multilayer switches are an intelligent subset of LAN switches.

access lists and other methods to ensure the security of the private network.
Frame Filtering (similar to the scheme used by routers)
 A filtering table is developed for each switch

 Switches share address table information
 Table entries are compared with frames
 Switches take appropriate action
Frame Tagging (Frame identification)
 Specifically developed for multi-VLAN, interswitched communications

 Places unique identifier in header of each frame as it travels across the network
backbone (vertical cabling)
 Identifier is removed before frame exits switch on non-backbone links (horizontal
cabling)
 Functions at Layer 2
 Requires little processing or administrative overhead
Frame - Logical grouping of information sent as a data link layer unit over a transmission
medium. Often refers to the header and trailer, used for synchronization and error control,
that surround the user data contained in the unit.
Broadcast storm - Undesirable network event in which many broadcasts are sent
simultaneously across all network segments. A broadcast storm uses substantial network
bandwidth and, typically, causes network time-outs.
You can easily control the size of the 'broadcast domain' by regulating the overall size of its
VLANs, restricting the number of switch ports within a VLAN and restricting the number
of users residing on these ports.
VLAN Membership by 'Port' maximizes forwarding performance because:
 Users are assigned by port

 VLANs are easily administered
 Maximizes security between VLANs
 Packets do not 'leak' into other domains
 VLANs and membership are easily controlled across network
 All nodes attached to the same switch port must be in the same VLAN
Static VLANs:
81
 Assigned by port (port-centric)

 Works well in networks where moves are controlled and managed
Dynamic VLANs:
 VLANs assigned using centralized VLAN management application

 Less administration in wiring closet
LAN Design
LAN Design goals:
1. Functionality - The network must work.
2. Scalability - The network must be able to grow.
3. Adaptability - The network must be designed for future technologies.
4. Manageability - The network would be designed to facilitate network monitoring

and management.
Design Methodology:
1. Analyze requirements
2. Develop LAN structure (topology)
3. Set up addressing and routing
What problems are you trying to solve:
1. Media contention
2. Excessive broadcasts
3. Need to transplant new payloads
4. Need for more bandwidth
5. Overloaded backbone
6. Network-layer addressing issues
Layer 1 Design Goal: (Physical Layer) Build this layer of the OSI model with speed and
expansion capabilities.
82
Physical layer - Layer 1 of the OSI reference model. The physical layer defines the electrical,
mechanical, procedural and functional specifications for activating, maintaining, and
deactivating the physical link between end systems.
Media (Plural of medium) - The various physical environments through which transmission
signals pass. Common network media include twisted-pair, coaxial and fiber-optic cable,
and the atmosphere (through which microwave, laser, and infrared transmission occurs).
Sometimes called physical media.
Topology - Physical arrangement of network nodes and media within an enterprise

networking structure.
EIA/TIA-568 - Standard that describes the characteristics and applications for various
grades of UTP cabling.
Vertical cabling (Backbone cabling) - Cabling that provides interconnections between wiring
closets, wiring closets and the POP, and between buildings that are part of the same LAN.
Catchment areas - Zone that falls within area that can be served by an internetworking
device such as a hub.
IDF (Intermediate distribution facility) - Secondary communications room for a building

using a star networking topology. The IDF is dependent on the MDF.
MDF (Main distribution facility) - Primary communications room for a building. Central
point of a star networking topology where patch panels, hub, and router are located.
VCC (Vertical Cross Connect) - This VCC is used to interconnect the various IDFs to the
central MDF. Since the vertical cable lengths are typically longer than the 100 meter limit
for CAT 5 UTP cable, fiber-optic cabling is normally used.
Design Hint: Since the vertical cabling will be carrying all data traffic between the IDFs and
MDFs, the speed of this connection should be designed to be the fast link in the network. In
most cases this link should be at least 100 megabits/second. Also additional vertical cable
runs should be installed to allow for future growth in the network.
Extended Star Topology:
 Specified by EIA/TIA 568 standards

 Created multiple catchment areas interconnected with vertical cabing
 All vertical cabling is connected to the MDF to create a LAN segment
Layer 2 Design Goals: (Data Link Layer)
 Create a concentration point within the MDFs or IDFs where end host can be
grouped at Layer 1 to form a physical LAN segment.
 Install LAN switching devices that use microsegmentation in order to reduce the
collision domain size.
83
 Create a point (at Layer 2) of the topology where users can be grouped into virtual
workgroups (VLANs) and unique broadcast domains.
Purpose of Layer 2 (Data Link) devices in the network:
1. Provide Flow control
2. Error detection and correction
3. Reduce congestion in the network.
The two most common Layer 2 devices:

(other than the NIC, which every host on the network has to have)
1. bridges and
2. LAN switches.
In a structured Layer 1 wiring scheme, the creation of multiple physical networks is very
easy to create by simply patching the horizontal cabling and vertical cabling into the
appropriate Layer 2 switch using patch cables.
Layer 3 Design Goals: (Network Layer)
1. Build a path between LAN segments that will filter the flow of data packets.
2. Isolate ARP protocol broadcast
3. Isolation of collisions between segments.
4. Filtering of Layer 4 services between segments.
Traffic between the two networks can be controlled at the router. The router also is the
central point in the LAN for traffic destination of the WAN port.
The success of 'dynamic routing' depends on two basic router functions:
1. Maintenance of a routing table
2. Timely distribution of knowledge in the form of routing updates to other routers
3. Routing protocols maintain and distribute routing information
The metrics most commonly used by routers follow:

(information used to select the 'best path')
 Bandwidth (Data capacity of a link)

 Delay (time required to move a packet )
 Load (activity on a network resource)
84
 Reliability (error rate)

 Hop count (Number of routers a packet must pass through)
 Ticks (Delay on a data link - approximately 55 milliseconds)
 Cost (Arbitrary value assigned by a network administrator)
Distance Vector routing algorithm - Class of routing algorithms that iterate on the number
of hops in a route to find a shortest-path spanning tree. Distance vector routing algorithms
call for each router to send its entire routing table in each update, but only to its neighbors.
Distance vector routing algorithms can be prone to routing loops, but are computationally
simpler than link state routing algorithms. Also called Bellman-Ford routing algorithm.
 Pass periodic copies of routing table to neighbor routers and accumulate distance
vectors
Link State routing algorithm - (Shortest path first) Routing algorithm in which each router
broadcasts or multicasts information regarding the cost of reaching each of its neighbors to
all nodes in the internetwork. Link state algorithms create a consistent view of the network
and are therefore not prone to routing loops, but they achieve this at the cost of relatively
greater computational difficulty and more widespread traffic (compared with distance
vector routing algorithms).
Convergence - The speed and ability of a group of internetworking devices running a

topology.
Exterior routing protocols - used to communicate between autonomous systems.
Interior routing protocols - used within a single autonomous system.
 RIP - A distance vector routing protocol.

 IGRP - Cisco's distance vector routing protocol.
 OSPF - A link-state routing protocol.
 EIGRP (Enhanced IGRP) - A balanced hybrid routing protocol
IGRP configuration:
Router(config)# router igrp autonomous-system

 Defines IGRP as an IP routing process

 Selects participating attached networks
Access Lists
Access list -
85
Standard Access Lists:
 Simpler address specifications (source address)

 Generally permit or deny entire protocol suite
 acl-number in the range of 1-99
Extended Access Lists:
 More complex address specifications

 Generally permit or deny specific protocols
 acl-number in the range 100-199
NOTE: With Cisco IOS Release 11.2 and later you can also identify a standard or extended
IP access list with an alphanumeric string (name) instead of the current numeric (1 to 199)
representation.
Wildcard mask - 32-bit quantity used in conjunction with an IP address to determine which
bits in an IP address should be ignored when comparing that address with another IP
address. A wildcard mask is specified when setting up access lists. (0=check, 1=ignore)
IP Access List test conditions:
 Check for IP subnets:

o IP-address wildcard-mask (0=check, 1=ignore)
 Ignore all the address bits (match any)
o Accept any address: 0.0.0.0 255.255.255.255
o Abrivate using the keyword 'any'
 Check all the address bits (match all)
o Host-address 0.0.0.0 (wildcard mask)
o Abbreviate using the keyword 'host' then the IP address
 Place Standard Access-Lists close to the destination
 Place Extended Access-Lists close to the source
IPX Routing
Cisco's routers offer the following features in Novell network environments:
 Access lists and filters for IPX, RIP, SAP, and NetBIOS
 Scalable routing protocols, including Enhanced IGRP and NLSP
 Configurable RIP and SAP updates and packet sizes
 Serverless LAN support
 Rich diagnostics, management, and troubleshooting features
86
IPX (Internetwork Packet Exchange) - NetWare network layer (Layer 3) protocol used for
transferring data from servers to workstations.
SAP (Service Advertisement Protocol) - IPX protocol that provides a means of informing
network clients, via routers and servers, of available network resources and services.
 SAP packets advertise all NetWare network services

 Can add excessive broadcast traffic to the network
 Service advertisements occur at 60-second intervals
 Routers do not forward SAP broadcasts. Instead, each router builds its own SAP
table and forwards the SAP table to other routers. By default this occurs every 60
seconds but the router can use access lists to control the SAPs accepted or
forwarded.
NetBIOS (Network Basic Input/Output System) - API used by applications on an IBM LAN
to request services from lower-level network processes. These services might include session
establishment and termination, and information transfer.
SPX (Sequenced Packet Exchange) - Reliable, Layer 4 connection-oriented protocol that

supplements the datagram service provided by network layer (Layer 3) protocols. Novell
derived this commonly used NetWare transport protocol from the SPP of the XNS protocol
suite.
The NetWare protocol stack supports all common media access protocols. The data link and
physical layers are accessed through the Open Data Link (ODI) interface.
Each interface retains its own address. The use of the MAC address in the logical IPX
address eliminates the need for an Address Resolution Protocol (ARP).
When you configure Cisco IOS software for Novell IPX, use the Cisco name for the
appropriate encapsulation. Make sure the encapsulations on the clients, servers, and routers
all match. The default encapsulation types on Cisco router interfaces and their keywords
are:
 Ethernet - novell-ether
 Token Ring - sap
 FDDI - snap
Novell RIP - a distance vector routing protocol. Novell RIP uses two metrics to make routing
decisions: ticks (a time measure) and hop count (a count of each router traversed).
Broadcasts to neighbors every 60 seconds.
GNS (Get Nearest Server) - Request packet sent by a client on an IPX network to locate the
nearest active server of a particular type. An IPX network client issues a GNS request to
solicit either a direct response from a connected server or a response from a router that tells
it where on the internetwork the service can be located. GNS is part of the IPX SAP.
 GNS is a broadcast from a client needing a server

 NetWare servers and Cisco routers get the SAP packet
 NetWare servers provide GNS response
87
 Cisco routers will not respond to the GNS request. If there are no NetWare servers
on the local network, the Cisco router will respond with a server address from its
own SAP table.
Novell IPX Configuration tasks -
 Global configuration:
o Start the IPX routing process
o Enable load sharing (if appropriate)
 Interface configuration:
o Assign unique network numbers to each interface
o Set the optional encapsulation type
Router(config)# ipx routing [node address]

 enables Novell IPX routing
 If no node address is specified, the Cisco router uses the MAC address of the
interface
 If a Cisco router has only serial interfaces, an address must be specified
Router(config)# ipx maximum-paths paths

 Configures round-robin load sharing over multiple equal metric paths
 paths - Maximum number of parallel paths to the destination; the default is 1 and
the maximum is 512
Router(config-if)# interface type number.subinterface-number

 Specify a subinterface, then enable IPX routing with encapsulation type

[secondary]
 Assign primary and secondary network number and encapsulation
Subinterface - One of a number of virtual interfaces on a single physical interface:
 Allows a single physical interface to support multiple logical interfaces or networks.

 Several logical interfaces or networks can be associated with a single hardware
interface.
 Each subinterface must use a distinct encapsulation, and the encapsulation must
match that of the clients and servers using the same network number.
Verfying IPX operation
Monitoring Commands:
* show ipx interface (IPX status and IPX parameters configured)

88
* show ipx route (IPX Routing table contents)

* show ipx servers (IPX server list - discovered through SAP)
* show ipx traffic (Number and type of packets
received/transmitted)
Troubleshooting Commands:
* debug ipx routing activity (Information about RIP update

packets)
* debug ipx routing sap (Information about SAP update
packets)
2. Wide Area Networks (WANs)

Simplest Book On Ccna

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Simplest Book On Ccna

Încărcat de

Drepturi de autor:

Formate disponibile

1

1. The commands 'configure terminal', 'configure memory', and 'copy tftp

2. The commands 'copy running-config tftp' and 'copy running-config

A network tftp server and NVRAM, respectively.

'User EXEC' mode: Router>

'Privileged EXEC' mode: Router#

(used for copying and managing entire configuration files)

"Global configuration' mode: Router(config)#

router (affect the system as a whole). Use the privileged EXEC

command "configure" to enter global configuration mode. When

configuration commands. You can then specify the terminal,

NVRAM, or a file stored on a network server as the source.

Specific Configuration Modes:

Use 'copy running-config startup-config' and 'copy running-config tftp'.

5. What are two basic tasks when first configuring a router?

The router provides a "host name", "a banner", and "interface

Configuration command summary:

 "configure terminal" - Configure manually from the console

 "configure memory" - Load configuration information from

 "copy tftp running-config" - Load configuration information from a

 "copy running-config startup config" - Store the current

 "copy running-config tftp" - Store the current configuration in

 show startup-config" - Display the saved configuration, which is the

 "erase startup-config" - Erase the contents of NVRAM.

1. Enter the 'copy running-config tftp' command.

4. Confirm your choices by answering "Yes".

These commands manage the contents of NVRAM:

 "configure memory" - Load configuration information from

 "erase startup-config" - Erase the contents of NVRAM.

 "copy running-config startup-config" - Store the current

 "show startup-config" - Display the saved configuration, which is

IP Routing Protocol Mode:

bgp Border Gateway Protocol (EGP)

egp Enterior Gateway Protocol (EGP)

eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)

igrp Interior Gateway Routing Protocol (IGRP)

isis ISO IS-IS

iso-igrp IGRP for OSI networks

mobile Mobile routes

odr On Demand stub Routes

ospf Open Shortest Path First (OSPF)

rip Routing Information Protocol (RIP)

static Static routes

After a routing protocol is enabled by a global command, the router

Router(config)# router rip

Router configuration commands:

default-information Control distribution of default

distance Define an administrative

distribute-list Filter networks in routing

exit Exit from routing protocol

Many features are enabled on a per-interface basis. Interface configuration

1. Enter configuration statements

3. Examine the changes you have made

4. If necessary, modify or remove configuration statements

You can secure your system by using passwords to restsrict access.

The "line console 0" command establishes a password on the console

The "enable-password" command restricts access to the privileged EXEC

The "enable-secret password" from the System Configuration Dialog to

The "banner mode" command is used to configure a message of the day

Semester 2, Lesson 10 Notes:

Sources for Cisco IOS Software

You can specify "enabled config-mode boot" (Router(config)# boot...) system

"configuration register" setting with the 'enabled config-mode command', "config-