Documente Academic
Documente Profesional
Documente Cultură
Router Configuration
RAM. Most of the configuration commands deal with moving information into
and out from RAM.
3. What do the prompts for 'User EXEC' mode, 'Privileged EXEC' mode,
and 'Global configuration' mode look like?
used for one-line commands and commands that change the entire
you enter this command, the EXEC prompts for the source of the
Interfaces Router(config-if)#
Subinterfaces Router(config-subif)#
Controller Router(config-controller)#
Map-list Router(config-map-list)#
Map-class Router(config-map-class)#
Line Router(config-line)#
Router Router(config-router)#
IPX-router Router(config-ipx-router)#
Route-map Router(config-route-map)#
If you type "exit" the router will back out one level, pressing "Control-Z"
leaves configuration mode completely and returns to privileged EXEC
mode.
4. When configuring routers with Release 11.x methods, once you have typed
'show running-config' and displayed a desired configuration, what
commands do you use to save changes to backup?
(1) Password configuration and (2) naming the router (router identification
configuration).
You can use the "copy running-config tftp" command to store the current
configuration in RAM on a network TFTP server. To do so, complete the
following tasks:
2. Enter the IP address of the host you want to store the configuration
file.
3. Enter the name you would like to assign to the configuration file.
Router(config)# router?
4
Router(config-router)# ?
information
distance
updates
configuration mode
Configuration Methods:
2. Save the changes to a backup the router will use when it starts up
Password can be further protected from display through the use of the
"service password-encryption" command. The encryption algorithm does
not match the Data Encryption Standard (DES).
The default source for Cisco IOS software depends on the hardware platform, but
most commonly the router looks to the 'configuration commands' saved in NVRAM.
You can specify other sources where the router should look for software, or the
router will use its own "fall back sequence" as necessary to load software. Settings
in the "configuration register" enable alternatives for where the router will
bootstrap Cisco IOS software.
However, if NVRAM lacks boot system commands the router can use; the system
has its own 'fall back alternatives':
1. the router will fall back and use defalut Cisco IOS in Flash memory.
2. If Flash memory is empty, the router will try its next TFTP
alternative. ...The router uses the configuration register value to
form a filename from which to boot a default system image stored on
a network.
2. What important command displays information about the Cisco IOS software
that is currently running on the router, including the 'configuration register'
setting?
"show version"
The order in which the router looks for system bootstrap information depends on
the 'boot field' setting in the "configuration register". You can change the default
7
The "configuration register" is a 16-bit register in NVRAM. The lowest four bits of
the configuration register (bits 3, 2, 1, and 0) form the 'boot field'. Configuration
register values (bits 3, 2, 1, and 0):
To check the boot field setting, for example, to verify the config-register command,
you must use the "show version" command. Note: You will not see evidence of any
config-register setting in output from either the "show running-config" or "show
startup-config comands".
3. If both flash memory is corrupted and the network server fails to load the
software image, what is the final software bootstrap option?
A 'TFTP server' can be another router, or it can be a host system. The TFTP host
can be any system (Unix, DOS, Windows) with TFTP loaded and is able to contain
files on the TCP/IP network. You will be copying software between the TFTP host
and Flash memory in the router.
4. What comand would you use to make sure that you can see and write into Flash
and verify that the router has sufficient room in Flash to accomodate the Cisco IOS
software image you want to load?
"show flash"
With Cisco IOS Release 11.2, the naming convention for Cisco IOS contains three
parts:(Ex. igs-inr-1, c4500-aj-m, gs7-k-mz)
1. The first part of the image name contains the platform on which the
image runs. (ex. cpa25, igs, c4500, gs7)
8
2. The second part of the image name identifies the special capabilities
of the image. A letter or series of letters identifies the feature sets
supported in the image. (Ex. 1, cg, inr, aj, k)
3. The third part of the image name specifies where the image runs
and if it has been 'zip' compressed. (Ex. 1, m, mz)
5. What two related commands are useful for transferring Cisco IOS images
between tftp server and flash memory?
Provides for a backup copy of the current Cisco IOS software image.
2. "copy tftp flash" - Download the new image from the TFTP server.
This command begins operation by requesting the 'IP address' of the remote host
that will act as a TFTP server. Next you are prompted for the 'image name' of the
update image. Following an opportunity to confirm your entries, the procedure asks
if you are willing to 'erase Flash'. Each exclamation point (!) means that one User
Datagram Protocol (UDP) segment has successfully transferred. The series of Vs
indicates successful check run verification of a segment.
Use the "show flash" command to view the file and to compare its size with that of
the original on the server before changing the 'boot system commands' to use the
updated image. Following a successful copy, the "reload" command boots up the
router as specified with the boot system system using the updated image.
Fundamentals of TCP/IP
3. Briefly describe everything you know about the fields in a TCP 'segment'.
Both TCP and UDP us eport (or socket) numbers to pass information to the upper
layers. Port numbers are used to keep track of different conversations crossing the
network at the same time. Application software developers agree to use well-known
port numbers that are defined in RFC1700.
Some ports are reserved in both TCP and UDP, but applications might not be
written to support them. Port numbers have the following assigned ranges:
End systems use port numbers to select the proper application. Originating source
port numbers are dynamically assigned by the source host, usually some number
greater than 1023.
Both ends of the connection are synchronized with a three-way handshake /open
connection sequence. Exchanging beginning sequence numbers during the
connection sequence ensures that lost data can be recovered if problems occur later.
Host-A Host-B
------ ------
1. Send SYN (seq=x)
Receive SYN (seq=x)
"Window size" - Refers to the number of messages that can be transmitted while
awaiting an acknowledgment. TCP uses 'expectational acknowledgments', meaning
that the acknowledgment number refers to the octet expected next.
3. Time-To-Live
5. Header checksum
8. Data
5. Briefly distinguish between IP, ICMP, ARP, and RARP (Internet layer).
Several protocols operate at the TCP/IP Internet layer, which corresponds to the
OSI 3-Network layer:
12
If a router receives a packet that it is unable to deliver to its destination, the router
sends an ICMP :destination unreachable" message to the source and the router
discards the message. The message might be undeliverable because of an invalid IP
address or there is no known route to the destination. Undeliverable ICMP messages
are discarded to prevent flooding of the network.
ICMP uses the following types of defined messages. Others exist that are not
included on this list:
Time Exceeded
Parameter Problem
Source Quench
Redirect
Timestamp
Timestamp Reply
Information Request
Information Reply
Address Request
Address Reply
"ARP" (Address Resolution Protocol) determines the 2-Data link layer address for a
known IP address. Internet protocol is used to map an IP address (network address)
13
The term "local ARP" is used to describe resolving an address when both the
requesting host and the destination host share the same media or wire. Prior to
issuing the ARP, the "subnet mask" was consulted. The mask determined that the
nodes are on the same subnet.
RARP relies on the presence of a RARP server with a table entry or other means to
respond to these requests. On the local segment, RARP can be used to initiate a
remote operating system load sequence
Each node using the TCP/IP protocol suite has a unique '32-bit logical address'. This
address is known as the "IP address".
Each company listed on the internetwork is seen as a 'single unique network' that
must be reached before an 'individual host' within that company can be contacted.
Each company network has an address; the hosts that live on that network share
that same "network address", but each host is identified by the unique "host
address" on the network.
"Broadcast" - Data packet that will be sent to all nodes on a network. Broadcasts
are identified by a "broadcast address" a 'host address' of all ones in the 'IP
address'.
"Network Addresses" - An address of all zeros means 'this network' or 'the wire
itself'. The "routing table" contains entries for the 'wire' or 'network addresses'; it
usually does not contain any information about hosts.
3. It specifies a range of addresses that share the cable with the device.
1. If a router has:
and if all interfaces use a mask of 255.255.25.0, find the subnet (wire) number for
each interface.
This command establishes the 'logical network address' (ip-address) and subnet-
mask of the specified interface. Specifically, it (1) assigns an address and a subnet-
mask and (2) starts IP processing on that interface.
Command used to specify the format of network masks for the current session.
Format options are:
15
Bit count
Hexdecimal
The 'ip host' command makes a "static name-to-address entry" in the router's
configuration file. Hosts and interfaces then become selctable by either their 'name'
or their 'IP address'.
Command used to define which hosts can provide the 'name service'. A maximum of
six IP addresses can be specified as name servers in a single command.
"Router(config)# ip domain-lookup"
"Router(config)# no ip domain-lookup"
This command displays host names, their associated IP addresses, and type and time
status indicators about how and why the host name became associated with those IP
addresses (Cache of host name-to-address mappings).
The Cisco IOS software maintains a 'cache' of 'host name-to-address mappings' for
use by EXEC commands. This cache speeds the process of converting names to
addresses.
5. Distinguish amongst the three commands which allow you to 'verify address
configuration' in your internetwork.
3.
4. Character Definition
5. ! Successful receipt of an echo reply
6. . Times out waiting for datagram reply
7. U Destination unreachable error
8. C Congestion-experienced packet
9. I Ping interupted (Ctrl-Shift-6 x)
10. ? Packet type unknown
11. & Packet Time To Live exceeded
"Extended Ping" is supported only from privileged EXEC mode. You can
use the extended command mode of the ping command to specify the
supported internet header options. To enter the extended mode, enter 'Y' at
the extended commands prompt.
When the trace reaches the target destination, an asterisk (*) is reported at the
display. This normally is caused by the receipt of a port -unreachable packet and the
time out in responce to the probe packet. Other responses include:
"RIP" (Routing Information Protocol) - IGP supplied with UNIX BSD systems. The
most common IGP in the Internet. RIP uses hop count as a routing metric.
17
Each 'interface' on the router must be configured with a unique 'IP address' and
'subnet mask'. Information that relates an IP address to a router is called the
"routing table".
(Note: The "ip route" command is used to set up 'static routes'. The "ip default-
network" command is used to set up 'default routes')
(1)"Static routes" - Manually defined by the system administrator as the only path
to the destination (stub network). Route that is explicitly configured and entered
into the routing table. Static routes take precedence over routes chosen by dynamic
routing protocols. Useful for controlling security and reducing traffic. The "ip
route" command is used to setup a static route.
Routing updates are not sent on a link if only defined by a 'static route', thereby
conserving bandwidth.
network:
Such as autonomous system, which is used with those protocols that require an
autonomous system, such as IGRP.
network-number:
At the "Internet layer" of the TCP/IP suite of protocols, a router can use the IP
routing protocol to accomplish routing through the implementation of a specific
routing algorithm. Examples of the IP routing protocols include:
RIP:
IGRP:
OSPF:
Enhanced IGRP:
The selection of IP as a routing protocol involves the setting of both global and
interface parameters.
RIP (Routing Information Protocol) is primarily concerned with the 'hop count'.
Key characteristics of RIP include the following:
advertise networks for a particular autonomous system. The following are some key
characteristics of IGRP:
"show ip protocol" - (1) Command that displays values about routing timers and
network information associated with the entire router. (2) Command that displays
parameters, filters, and network information about the entire router. Use this
information to indentify a router that is suspected of delivering bad routing
information.
"show ip route" - Command that displays the contents of the IP routing table.
The 'routing table' contains entries for all known networks and subnetworks and
contains a 'code' that indicates how that information was learned.
"show ip interface" - Command that displays the status and global parameters
associated with an interface.
The Cisco IOS software automatically enters a directly connected route in the
routing table if the 'interface' is one through which software can send and receive
packets. Such an 'interface' is marked 'up'. If the interface is unusable, it is removed
from the routing table. Removing the entry allows implementation of backup routes,
if they exist.
"debug ip rip" - Command that displays RIP routing updates as they are sent and
received
"Access list" - (1) List kept by Cisco routers to control access to or from the router
for a number of services (for example, to prevent packets with a certain IP address
from leaving a particular interface on the router). (2) Command that creates an
entry in a standard traffic filter list.
Standard
Extended
"Access lists" offer another powerful tool for network control. These lists add the
flexibility to filter the packet flow that flows in or out of router interfaces. "Access
lists" perform several functions within a Cisco router including:
"Access lists" also process packets for other security features to:
The OSI model is the very heart of networking with every layer performing a specific task
in order to facilitate data communications. In the world of networking the first four (4)
layers are the focus. They define the following:
Reduces complexity
Standardizes interfaces
Facilitates modular engineering
Ensures interoperable technology
Accelerates evolution
Simplifies teaching and learning
The OSI model - seven numbered layers indicate distinct functions. In the Transmission
Control Protocol/Internet Protocol (TCP/IP), the distinct functions fit into five named
layers. This separation of networking functions is called "layering".
The application layer provides network services to user applications. For example, a
word processing application is serviced by file transfer services at this layer.
This layer provides data representation and code formatting. It ensures that the
data that arrives from the network can be used by the application, and it ensures
that information sent by the application can be transmitted on the network.
This layer segments and reassembles data into a data stream. This layer uses the
TCP protocol.
This layer determines the best way to move data from one place to another. The
router operates at this layer. This layer uses the IP addressing scheme.
This layer provides physical transmission across the medium. It handles error
notification, network topology, and flow control. This layer uses the Media Access
Control (MAC) address.
This layer provides the electrical, mechanical, procedural, and functional means for
activating and maintaining the physical link between systems. This layer uses the
physical media like twisted pair, coaxial, and fiber-optic cable.
Each layer uses its own 'layer protocol' to communicate with its peer layer in the other
system. Each layer's protocol exchanges information, called protocol data units (PDUs),
between peer layers. A given layer can use a more specific name for its "PDU".
7, 6, 5. ------ [data]
4. Transport--- segments [segment header][data]
3. Network----- packets [network header][data segment]
2. Data Link--- frames [frame header][network packet][frame
trailer]
1. Physical---- bits [binary 1's & 0's]
This peer-layer protocol communication is achieved by using the services of the layers below
it. The layer below any current layer provides its services to the current layer. Each lower-
layer service takes upper-layer information as part of the lower-layer PDUs it exchanges
with its layer peer.
The 10Base5 and 10Base2 standards provide access for several stations on the same LAN
segment. Stations are attached to the segment by a cable that runs from an attachment unit
interface (AUI) in the station to a transceiver that is directly attached to the Ethernet
coaxial cable.
Because the 10Base-T standard provides access for a single station only, stations attached to
an Ethernet LAN by 10BaseT are almost always connected to a hub or a LAN switch. In
this arrangement, the hub or LAN switch is the same as an Ethernet segment.
Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI
Network layer:
Best-effort delivery - Describes a network system that does not use a sophisticated
acknowledgment system to guarantee reliable delivery of information.
[TCP/IP addresses]
25
Each company listed on the internetwork is seen as a single unique network that must be
reached before an individual host within that company can be contacted. Each company
network has an address; the hosts that live on that network share that same network
address, but each host is identified by the unique host address on the network.
Routers determine the destination network using the 'subnet address', limiting the amount
of traffic on the other network segments.
"Routing services" use network topology information when evaluating network paths. This
information can be configured by the network administrator or collected through dynamic
processes running in the network.
The 3-Network layer interfaces to networks and provides best effort end-to-end packet
delivery services to its user, the 4-Transport layer. The 3-Network layer sends packets from
the source network to the destination network based on 'IP routing table' (contains:
'Destination network' addresses & 'Next Hop' (outgoing interface) pairs).
After the router determines which path to use, it can proceed with "switching the packet";
taking the packet it accepted on one interface and forwarding it to another interface or port
that reflects the best path to the packet's destination.
Using IP addresses, the 3-Network layer can provide a 'relay connection' that interconnects
independent networks. By using 'consistent end-to-end addressing' to represent the path of
media connections, the 3-Network layer can find a path to the destination without
unnecessarily burdening the devices or links on the internetwork with broadcasts.
The Network address identifies a path part used by the router within the network cloud.
The router uses the network address to identify the source or destination network of a
packet within an internetwork. For some network-layer protocols, this relationship is
established by a network administrator who assigns network addresses according to some
preconceived internetwork addressing plan. For other network-layer protocols, assigning
addresses is partially or completely dynamic.
The ICMP is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams
and are used to send error and control messages. ICMP uses the following types of defined
messages. Others exist that are not included on this list:
Destination Unreachable
Time Exceeded
Parameter Problem
Source Quench
Redirect
Echo
Echo Reply
Timestamp
Timestamp Reply
Information Request
Information Reply
Address Request
Address Reply
If a router receives a packet that it is unable to deliver to its ultimate destination, the router
sends an ICMP host unreachable message to the source. The message might be
undeliverable because there is no known route to the destination.
An ICMP 'echo reply' is a successful reply to a "ping" command (ICMP echo request);
however, results could include other ICMP messages, such as unreachable and timeouts.
ARP is used to resolve or map a known IP address to a MAC sublayer address to allow
communication on a multiaccess medium such as Ethernet. To determine a destination
address for a datagram, FIRST, the ARP cache table is checked. If the address is not in the
table, ARP sends a broadcast (ARP request) looking for the destination station. Every
station on the network receives the broadcast (ARP request). When the destination station
replies (ARP reply) only the original station (now the destination) receives the ARP replay
and updates it's ARP cache.
The term "local ARP" is used to describe resolving an address when both \ the requesting
host and the destination host share the same media or wire. Prior to issuing the ARP, the
subnet mask was consulted. The mask determined that the nodes are on the same subnet.
Services located in the 4-Transport layer allow users to break apart or 'segment' several
upper-layer application data onto the same Layer 4 data stream. These same services allow
27
users to reassemble the same upper-layer applications data. The Layer 4 data stream
provides transport services from the host to the destination. Services such as these are
sometimes referred to as "end-to-end services". The Layer 4 data stream is a 'logical
connection' between the endpoints of a network.
As the Transport layer sends its data segments, it can also ensure the integrity of the data.
One method of doing this is called "flow control". Flow control avoids the problem of a host
at one side of the connection overflowing the buffers in the host at the other side. Transport
layer services also allow users to request reliable data transport between hosts and
destinations. To obtain such reliable transport of data, a connection-oriented relationship is
used between the communicating end systems.
One reason for different layers in the OSI model is so that multiple applications can share
the same transport connection. Transport functionality is accomplished segment by
segment. This means that different applications can send data segments on a first-come,
first-served basis. Such segments can be intended for the same destination or for many
different destinations
One user of the 4-Transport layer must establish a connection-oriented session with its peer
system.
When datagrams arrive too quickly for a host or gateway to process, they are stored in
memory temporarily (buffer). If the traffic continues, the host or gateway eventually
exhausts its memory and must discard additional datagrams that arrive. Instead of allowing
28
data to be lost, the transport function can issue a 'not ready' (Window size=0) indicator to
the sender. Acting like a stop sign, this indicator signals the sender to stop sending data.
When the receiver can handle additional data, the receiver sends a 'ready' (Window size >0)
transport indicator, which is like a go signal.
If the sender has to wait for an acknowledgment after sending each segment, throughput
will be low. Because time is available after the sender finishes transmitting the data packet
and before the sender finishes processing any received acknowledgment, the interval is used
for transmitting more data. The number of data packets the sender is allowed to have
outstanding - without yet receiving an acknowledgment - is known as the "window" or
window size.
Reliable delivery guarantees that a stream of data sent from one machine will be delivered
through a data link to another machine without duplication or data loss. (PAR) "Positive
Acknowledgment with Retransmission" is one technique that guarantees reliable delivery of
data streams. Positive acknowledgment requires a recipient to communicate with the
source, sending back an acknowledgment (ACK x+1) message when it receives data. The
sender keeps a record of each data packet it sends and waits for an acknowledgment before
sending the next data packet. The sender also starts a timer when it sends a segment, and it
retransmits a segment if the timer expires before an acknowledgment arrives.
Routing
Routers generally relay a packet from one data link to another. To relay a packet, a router
uses two basic functions:
2. a switching function.
A router is responsible for passing the packet to the next network along the path. The router
uses the 'network portion' of the address to make 'path selections'. The 'switching function'
allows a router to accept a packet on one interface and forward it on a second interface. The
'path determination' function enables the router to select the most appropriate interface for
forwarding a packet. The 'node portion' of the address refers to a specific port on the router
that leads to an adjacent router in that direction.
'Routed protocol' - Protocol that can be routed by a router. A router must be able to
interpret the logical internetwork as specified by that routed protocol. Any network
protocol that provides enough information in its network layer address to allow a packet to
be forwarded from host to host based on the addressing scheme. Routed protocols define the
format and use of the fields within a packet.
29
IGP (Interior Gateway Routing Protocol) supplied with UNIX BSD systems. The
most common IGP in the Internet. RIP uses hop count as a routing metric. Key
characteristics of RIP include the following:
IGP developed by Cisco to address the problems associated with routing in large,
heterogeneous networks.
router connected to the network containing the destination host, the packet is again
encapsulated in the destination LAN's 2-Data-link frame type and delivered to the
destination host.
"Static Route" - uses a protocol route that a network administrator enters into the router.
Route that is explicitly configured and entered into the routing table. Static routes take
precedence over routes chosen by dynamic routing protocols.
"Dynamic Route" - uses a route that a network routing protocol adjusts automatically for
topology or traffic changes. Routing that adjusts automatically to network topology or
traffic changes. Also called adaptive routing.
"Default route" - Routing table entry that is used to direct frames for which a next hop is
not explicitly listed in the routing table.
"Distance vector" routing algorithm - Class of routing algorithms that iterate on the
'number of hops' in a route to find a shortest-path spanning tree. Distance vector routing
algorithms call for each router to send its entire 'routing table' in each periodic update, but
only to its neighbors and in the process accumulate 'distance vectors'. Distance vector
routing algorithms can be prone to routing loops, but are computationally simpler than
'link state' routing algorithms. Also called Bellman-Ford routing algorithm. Distance vector
algorithms do not allow a router to know the exact topology of an internetwork.
"Link state" (also called shortest path first) routing algorithm - Routing algorithm in which
each router broadcasts or multicasts information regarding the 'cost of reaching each of its
neighbors' to all nodes in the internetwork. 'Link state' algorithms create a consistent view
of the network (they maintain a complex database of topology information) and are
therefore not prone to routing loops, but they achieve this at the cost of relatively greater
computational difficulty and more widespread traffic (compared with distance vector
routing algorithms). Link-state routing uses link-state advertisements (LSAs), a topological
database, the SPF algorithm, the resulting SPF tree, and finally, a routing table of paths and
ports to each network.
31
The "Balanced hybrid" approach combines aspects of the 'link-state' and 'distance vector'
algorithms.
Router Configuration
1. Global Configuration
2. Interface Configutation
Use the "ip address" command to establish the logical network address of this interface.
Use the "term ip netmask-format" command to specify the format of network masks for the
current session. Format options are:
- Bit count
- Hexadecimal
The "router rip" command that selects RIP as the routing protocol.
The "network" command assigns a NIC-based address to which the router is directly
connected. The routing process will associate interfaces with the proper addresses and will
begin packet processing on the specified networks.
Example:
router rip Selects RIP as the routing protocol.
network 1.0.0.0 Specifies a directly connected network.
network 2.0.0.0 Specifies a directly connected network.
33
The Cisco router interfaces connected to networks 1.0.0.0 and 2.0.0.0 will send and receive
RIP updates. These routing updates allow the router to learn the network topology.
2. LAN Switching
src="file:///C:%5CDOCUME%7E1%5Cdejain%5CLOCALS%7E1%5CTemp
%5Cmsohtml1%5C01%5Cclip_image001.gif" v:shapes="_x0000_i1029" height="32"
width="50">Top 10 Graphics:
2. Multimedia Scalability
4. Bridging Table
Ethernet:
a shared-medium technology
all the devices are connected to the same delivery media
media uses a data frame broadcast method
goal is to provide a best effort delivery service
allows all devices to transmit on an equal basis
inherent problem with CSMA/CD technology is collision
CSMA/CD - Carrier sense multiple access with collision detect: Media-access mechanism
where devices listen for a carrier before transmitting; if no carrier is sensed for a specific
period of time, a device can transmit. If two devices transmit at once, a collision occurs and
is detected by all colliding devices. Collisions delay retransmission for a random length of
time. CSMA/CD access is used by Ethernet and IEEE 802.3.
IEEE 802.3 - IEEE LAN protocol that specifies an implementation of the physical layer and
the MAC sublayer of the data link layer. IEEE 802.3 uses CSMA/CD access over a variety
of physical media. Extensions to the IEEE 802.3 standard specify implementations for Fast
Ethernet (IEEE 802.3u). Variations of the original IEEE 802.3 specification include
10Base2, 10Base5, 10BaseF, 10BaseT, 10Broad36, 100BaseTX, 100BaseT4, and 100BaseFX.
34
Latency:
1. Delay between the time a device requests access to a network and the time it is
granted permission to transmit.
2. Delay between the time when a device receives a frame and the time that frame is
forwarded out the destination port.
Repeater - Layer 1 device that regenerates and propagates electrical signals between two
network segments.
Bandwidth - The difference between the highest and lowest frequencies available for
network signals. The term is also used to describe the rated throughput capacity of a given
network medium or protocol.
Congestion - Traffic in excess of network capacity. This can be seen in slower response times,
longer file transfers and network users becoming less productive due to network delays.
Propagation delay comes from the amount of time it takes a data frame to travel across the
physical media and from the time it takes for a frame to pass through a network device such
as a repeater. This latency is the total of all the delays caused by the network devices and
media as the frame moves from on device to another.
The 'transmission time' is the time it takes the frame or packet to move from the data link
layer - the data being placed into a packet or frame, to the physical layer - onto the physical
cabling of the network. Each Ethernet bit has a 100ns window for transmission. A byte is
equal to eight bits. Therefore, one byte takes a minimum of 800ns to transmit (8 bits at
100ns per equals 800ns). A 64 byte frame takes 51,200ns or 51.2 microseconds to transmit
(64 bytes at 800ns equals 51,200ns, 51,200ns/1000 equals 51.2 microseconds).
Attenuation - Loss of communication signal energy. The signal weakens as it travels through
the network from the resistance found in the medium.
35
An Ethernet repeater is a physical layer device on the network that boosts or regenerates the
signal on an Ethernet LAN.
repeaters are a Layer 1 device that cleans up and boosts, and passes the signal on
repeaters allow longer end-to-end distances
repeaters increase the collision domain size
repeaters increase the broadcast domain size
repeaters can't filter traffic
This will also compound the issue of broadcasts and collisions and have a negative effect on
the overall performance of the shared media LAN.
1. Generally, a term used to describe a device that serves as the center of a star-
topology network.
Segment:
Full duplex:
Fast Ethernet:
qualities as frame format, MAC mechanisms, and MTU. Such similarities allow the
use of existing 10BaseT applications and network management tools on Fast
Ethernet networks. Based on an extension to the IEEE 802.3 specification.
Collision domain - In Ethernet, the network area within which frames that have collided are
propagated. Repeaters and hubs propagate collisions; LAN switches, bridges and routers do
not.
Bridge - Device that connects and passes packets between two network segments that use
the same communications protocol. Bridges are passive on the network and operate at the 2-
Data link layer (layer 2) of the OSI reference model. In general, a bridge will filter, forward,
or flood an incoming frame based on the MAC address of that frame.
Store and forward packet switching - Packet-switching technique in which frames are
completely processed before being forwarded out the appropriate port. This processing
includes calculating the CRC and checking the destination address. In addition, frames
must be temporarily stored until network resources (such as an unused link) are available to
forward the message.
Interface:
Router - operates at the 3-Network layer and bases all of its forwarding decision between
segments on the Layer 3 protocol address. It accomplishes this by examining the destination
address on the data packet and looking in its routing table for forwarding instructions. 3-
Network layer device that uses one or more metrics to determine the optimal path along
which network traffic should be forwarded. Routers forward packets from one network to
another based on network layer information. Occasionally called a gateway (although this
definition of gateway is becoming increasingly outdated).
Routers create the highest level of segmentation because of their ability to make
exact determinations of where the data packet should be forwarded.
Acknowledgment - Notification sent from one network device to another to acknowledge that
some event (for example, receipt of a message) has occurred. Sometimes abbreviated ACK.
Protocols that require an 'acknowledgement' from the receiver to the sender for every
packet as it is delivered (known as acknowledgement oriented protocols) have a loss of
throughput of 30-40%. Protocols that require minimal acknowledgements (sliding window
protocols) suffer a 20-30% loss of throughput.
Switch - Network device that filters, forwards, and floods frames based on the destination
address of each frame. The switch operates at the 2-Data link layer of the OSI model. A
LAN which uses a switched Ethernet topology creates a network that behaves like it only
has two nodes - the sending node and the receiving node.
Because of the switching employed, the MAC address of the destination device is read and
the switch begins transmitting the packet before the total packet arrives in the switch. This
more than makes up for the inherent latency found in the switch.
Full-duplex Ethernet: Full duplex Ethernet allows the transmission of a packet and the
reception of a different packet at the same time. This simultaneous transmission and
reception requires two pairs of cables and a switched connection between each node. This
connection is considered point-to-point and is nearly collision free. Since both nodes can
transmit and receive at the same time there are no negotiations for bandwidth. Full duplex
Ethernet can use an existing shared media as long as the media meets minimum Ethernet
standards.
The Full-Duplex Ethernet Switch (FDES) takes advantage of the two pairs of required
cables in this configuration by creating a direct connection between the transmit (TX) at
one end of the circuit to the receive (RX) end of the other circuit. The same holds true for
the opposite circuits on each end. With these two stations connected this way a collision free
domain is created. Both stations are not sharing the same wiring pair to transmit and
receive.
Standard Ethernet usually can only use 50-60% of the 10Mbps available bandwidth. This is
due to collisions and latency. Full duplex Ethernet offers 100% of the bandwidth in both
directions. This produces a potential 20Mbps throughput - 10Mbps TX and 10Mbps RX.
LAN switches are considered 'multiport bridges' with no 'collision domain' because of
'microsegmentation'. Data is exchanged at high speeds by switching the packet to its
destination.
multiport bridge
one broadcast domain
no collision domain
transparent to upper layers
switching and filtering based on Layer 2 MAC addresses
forwards packets based on a forwarding table
enables dedicated access
eliminates collisions and increases capacity
supports multiple conversations at a time
Microsegmentation - Division of a network into smaller segments, usually with the intention
of increasing aggregate bandwidth to network devices.
Ethernet switching increases the bandwidth available on a network. It does this by creating
dedicated network segments (point-to-point connections) and connecting those segments in
a virtual network within the switch. This virtual network circuit exists only when two nodes
need to communicate.
Virtual circuit - Logical circuit created to ensure reliable communication between two
network devices. A virtual circuit is defined by a VPI/VCI pair, and can be either permanent
(a PVC) or switched (an SVC). Virtual circuits are used in Frame Relay and X.25. In ATM,
a virtual circuit is called a virtual channel. Sometimes abbreviated VC .
Even though the LAN switch eliminates 'collision domains', all hosts connected to the switch
are still in the same 'broadcast domain' . Therefore a broadcast from one node will still be
seen by all other nodes connected through the LAN switch.
Addresses are learned 'dynamically' - as new addresses are read they are learned and stored
in 'content addressable memory' (CAM). Each time an address is stored it is time stamped
and stored for a set period of time. Each time an address is referenced or found in the CAM,
it receives a new time stamp. Addresses that are not referenced during set period of time are
removed from the list. By removing aged or old addresses the CAM maintains an accurate
and functional forwarding database.
Parallelism - Indicates that multiple paths exist between two points in a network. These
paths might be of equal or unequal cost. Parallelism is often a network design goal: if one
path fails, there is redundancy in the network to ensure that an alternate path to the same
point exists.
Provides switched connections between like bandwidths (all 10 or all 100 Mbps)
Optimized for even distribution of network traffic across the entire network such as
in a 'Peer-to-Peer' environment.
1. port based memory buffering (packets are stored in queues that are linked to
specific incoming ports), or
2. shared memory buffering (deposits all packets into a common memory buffer that
is shared by all the ports on the switch).
'Store and forward' packet switching - Packet-switching technique in which frames are
completely processed before being forwarded out the appropriate port. This processing
includes calculating the CRC and checking the destination address. In addition, frames
must be temporarily stored until network resources (such as an unused link) are available to
forward the message.
'Cut-through' packet switching - Packet switching approach that streams data through a
switch so that the leading edge of a packet exits the switch at the output port before the
packet finishes entering the input port. A device using cut-through packet switching reads,
processes, and forwards packets as soon as the destination address is looked up, (first 16
bytes) and the outgoing port determined. Also known as on-the-fly packet switching.
fragment. 'Fragment Free' packet switching does not add appriciably to switching
latency.
'Spanning-Tree Protocol' (STP) - Bridge protocol that utilizes the spanning-tree algorithm,
enabling a learning bridge to dynamically work around loops in a network topology by
creating a spanning tree. Bridges exchange bridge protocol data unit (BPDU) messages with
other bridges to detect loops, and then remove the loops by shutting down selected bridge
interfaces. Refers to both the IEEE 802.1 Spanning-Tree Protocol standard and the earlier
Digital Equipment Corporation Spanning-Tree Protocol upon which it is based. The IEEE
version supports bridge domains and allows the bridge to construct a loop-free topology
across an extended LAN.
A switch uses STP on all Ethernet and Fast Ethernet-based VLANs. STP detects and breaks
loops by placing some connections in a standby mode, which are activated in the event of an
active connection failure. A separate instance of STP runs within each configured VLAN,
ensuring Ethernet topologies that conform to industry standards throughout the network.
3. Determine the status, cost, and priority of ports and VLANs using the 'show
spantree' command.
Broadcast - Data packet that will be sent to all nodes on a network. Broadcasts are identified
by a broadcast address.
Multicast - Single packets copied by the network and sent to a specific subset of network
addresses. These addresses are specified in the destination address field.
VLAN
41
Virtual Local Area Networks (VLANs) are a grouping of network devices or users that is not
restricted to a physical switch segment. A VLAN is a logical grouping of devices or users. A
VLAN creates a single broadcast domain that is not restricted to a physical segment and is
treated like a subnet.
VLAN setup is done in the switch via software. VLANs are not standardized and require the
use of proprietary software from the switch vendor.
1. Introduction to VLANs
3. Frame Filtering
4. Frame Tagging
9. Static VLANs
A group of devices on a LAN that are configured (using management software) so that they
can communicate as if they were attached to the same wire, when in fact they are located on
a number of different LAN segments. Because VLANs are based on logical instead of
physical connections, they are extremely flexible. VLANs logically segment the physical
LAN infrastructure into different subnets (broadcast domains for Ethernet) so that
broadcast frames are switched only between ports within the same VLAN.
VLANs
Broadcast domain - The set of all devices that will receive broadcast frames originating from
any device within the set. Broadcast domains are typically bounded by routers because
routers do not forward broadcast frames.
Virtual LAN (VLAN) technology is a cost effective and efficient way of grouping network
users into 'virtual workgroups' regardless of their physical location on the network.
Microsegmentation - Division of a network into smaller segments, usually with the intention
of increasing aggregate bandwidth to network devices.
Switches (the core of VLANs) - Network device that filters, forwards, and floods frames
based on the destination address of each frame. The switch operates at the data link layer of
the OSI model.
VLANs provide an effective mechanism for controlling changes and reducing much of the
cost associated with hub and router reconfigurations. Users in a VLAN can share the same
network "address space" (IP subnet) regardless of their location.
Static VLANs
Dynamic VLANs
Broadcast - Data packet that will be sent to all nodes on a network. Broadcasts are identified
by a broadcast address.
Multicast - Single packets copied by the network and sent to a specific subset of network
addresses. These addresses are specified in the destination address field.
When no routers are placed between switches, broadcasts (Layer 2 transmissions) are sent
to every switched port. This is commonly referred to as a "flat" network where there is one
broadcast domain across the entire network.
VLANs are an effective mechanism for extending firewalls from the routers to the switch
fabric and protecting the network against potentially dangerous broadcast problems while
maintaining all of the performance benefits of switching. Broadcast traffic within one
VLAN is not transmitted outside the VLAN. You can easily control the size of the broadcast
domain by regulating the overall size of its VLANs, restricting the number of switch ports
within a VLAN and restricting the number of users residing on these ports and lower the
overall vulnerability of the network to broadcast storms.
Broadcast storm - Undesirable network event in which many broadcasts are sent
simultaneously across all network segments. A broadcast storm uses substantial network
bandwidth and, typically, causes network time-outs.
VLANs thus provide 'security firewalls', restrict individual user access and flag any
unwanted intrusion to a network manager. Further security enhancements can be added
using router 'access lists' which are especially useful when communicating between VLANs.
On the secured VLAN, the router restricts access into the group as configured on both the
switches and the routers.
Access list -
45
1. List kept by Cisco routers to control access to or from the router for a number of
services (for example, to prevent packets with a certain IP address from leaving a
particular interface on the router).
Routers remain vital for switched architectures configured as VLANs because they provide
the communication between logically defined workgroups (VLANs). Layer 3
communication, either embedded in the switch or provided externally, is an integral part of
any high-performance switching architecture.
Microsegmentation - Division of a network into smaller segments, usually with the intention
of increasing aggregate bandwidth to network devices.
VLAN Implementation
Static VLANs
Dynamic VLANs
Important to any VLAN architecture is the ability to transport VLAN information between
interconnected switches and routers that reside on the corporate backbone.
4. LAN Design
5. Layer 2 Switching
One of the most critical steps to insure a fast and stable network is the design of the
network. This design activity is truly an in-depth process, which includes:
Functionality - the network must work with reasonable speed and reliability.
Scalability - the network must be able to grow without any major changes to the
overall design.
Adaptability - the network must be designed with an eye toward future technologies,
and should include no element that would limit implementation of new technologies
as they become available.
47
Design Methodology
1. Analyse requirements
Step 1... - Analyze Requirements (of the network and its users)
Business issues
Technology issues
Administrative issues
Gather Data -
o Corporate Structure
o Business information flow
o Applications in use
o Current topology
o Performance characteristics of current network
o Determine if documented policies are in place
o Mission-critical data
o Mission-critical operations
o Approved protocols and platforms
o Control versus distributed authority
Business requirements
Technical requirements
New applications or business operations
Availability requirements -
o Throughput
o Response time
o Access to resources
Design Rule: First and foremost you must understand the customer.
Client/Server applications
Host/terminal applications
Routing protocols
Reqularly scheduled services, such as file backup
Estimate worst-case traffic load during the busiest times for users and during
regularly scheduled network services
48
Star topology -
VLAN (Virtual LAN) - Group of devices on a LAN that are configured (using management
software) so that they can communicate as if they were attached to the same wire (media),
when in fact they are located on a number of different LAN segments. Because VLANs are
based on logical instead of physical connections, they are extremely flexible.
Media contention
o too many devices, all with a high demand for the network segment
Excessive broadcasts
o client packets looking for services
o too many server packets announcing services
o too many routing table updates
Need to transport new payloads
o voice and video network services
Need for more bandwidth
Overloaded backbone
49
Ethernet Technology
Collision domain (bandwidth domain) - In Ethernet, the network area within which frames
that have collided are propagated (everything associated with one port on a bridge or
switch). Repeaters and hubs propagate collisions; LAN switches, bridges and routers do
not.
Broadcast domain - The set of all devices that will receive broadcast frames originating from
any device within the set. Broadcast domains are typically bounded by routers because
routers do not forward broadcast frames (everything associated with one port on a router).
All broadcasts from any host in the same broadcast domain are visible to all other hosts in
the same broadcast domain. Broadcasts must be visible to all hosts in the broadcast domain
in order to establish connectivity.
The scalability of the collision domain depends on total traffic, and the scalability for a
broadcast domain depends on total broadcast traffic.
Network Design
The major pieces of this topology design can be broken into three unique categories of the
OSI model...
Design Goal: Build this layer of the OSI model with speed and expansion capabilities.
Design Goals:
o Create a concentration point within the MDFs or IDFs where end host can be
grouped at Layer 1 to form a physical LAN segment.
50
Design Goals:
o Build a path between LAN segments that will filter the flow of data packets.
o Isolate ARP protocol broadcast
o Isolation of collisions between segments.
o Filtering of Layer 4 services between segments.
The Physical layer controls the way data is transmitted between source and destination
node.
Physical layer - Layer 1 of the OSI reference model. The physical layer defines the electrical,
mechanical, procedural and functional specifications for activating, maintaining, and
deactivating the physical link between end systems.
Media - Plural of medium. The various physical environments through which transmission
signals pass. Common network media include twisted-pair, coaxial and fiber-optic cable,
and the atmosphere (through which microwave, laser, and infrared transmission occurs).
Sometimes called physical media.
Electrical (copper)
o coaxial
o twisted pair
Fiber-optic
o multimode
o single-mode
Wiring configurations
o Star / Extended Star
o Distance limitations
EIA/TIA-568 - Standard that describes the characteristics and applications for various
grades of UTP cabling.
Category 5 (CAT5) cabling - One of five grades of UTP cabling described in the EIA/TIA-
568B standard. Category 5 cabling is used for running CDDI and can transmit data at
speeds up to 100 Mbps.
In a simple star with only one wiring closet, the main distribution facility (MDF) will include
one or more horizontal cross connect (HCC) patch panels. HCC patch cables will be used to
connect the Layer 1 'horizontal cabling' with the Layer 2 LAN switch ports. The uplink port
of the LAN switch will be connected to the Ethernet port of the Layer 3 router using 'patch
cable' also. At this point the end host will have a complete physical connection to the router
port. The quantity of horizontal cable run and the size (number of ports) of the HCC patch
panels will be determined by the user's requirements.
Design Hint: Review the user’s requirements to determine what the user expects for the
number of horizontal cable runs to each room that the MDF or IDF will be servicing in its
catchment area.
All vertical cabling is connected to the MDF to create a single LAN segment
Vertical cabling - (Backbone cabling) Cabling that provides interconnections between wiring
closets, wiring closets and the POP, and between buildings that are part of the same LAN.
Catchment areas - Zone that falls within area that can be served by an internetworking
device such as a hub.
MDF - Main Distribution Facility. Primary communications room for a building. Central
point of a star networking topology where patch panels, hub, and router are located.
o The type and quantity of cabling used to interconnect the IDFs with the
MDF, along with how many spare cables are available for increasing the
bandwidth between the wiring closets.
o Detailed documentation of all cable runs, what the identification number is
and which port on the HCC or VCC that run is terminated on. This is called
a 'cut sheet'.
The purpose of Layer 2 (Data Link Layer) devices in the network are to provide 'flow
control', 'error detection & correction', and 'reduce congestion' in the network. The two most
common Layer 2 devices (other than the NIC, which every host on the network has to have)
are Bridges and LAN switches.
LAN switchs (Layer 2 Switch) can allocate bandwidth on a per port basis thus allowing
more bandwidth to vertical cabling, uplinks and servers.
Asymmetric Switching -
Microsegmentation - Division of a network into smaller segments, usually with the intention
of increasing aggregate bandwidth to network devices.
By installing LAN switching at the MDF and IDFs we can start to look at the size of our
collision domains and the speed for each horizontal cable and vertical cable run. Since the
vertical cable will be carrying all of the data traffic between the MDF and the IDFs, the
capacity of this run must be larger.
In a pure switch LAN environment, the size of the collision domain is between two
host.
When using hubs, the size of the collision domain increases and bandwidth is
shared.
53
A shared LAN hub is a multiport repeater and therefore is a collision domain. All hosts
connected to the shared LAN hub share the same collision domain and the bandwidth.
Layer 3 - Routing
Implementation of Layer 3 (Network Layer) devices such as routers allow for segmentation
of the LAN into unique networks both physical and logical. Routers also allow for
connectivity to wide area networks (WANS) such as the Internet.
Routers permit greater scalability because they serve as firewalls for broadcasts (broadcast
domains). With bridges and switches, all unknown addresses must be flooded out every
port. The router also is the central point in the LAN for traffic destination of the WAN port.
One of the keys to designing a successful network is to understand the data traffic network.
The Applications (servers) can be categorized into two distinct classes - (1) 'enterprise
servers' and (2) 'workgroup servers'. Within the MDF and IDFs, the Layer 2 LAN switches
must have high speed (100MBps) ports allocated for these servers.
Enterprise network - Large and diverse network connecting most major points in a company
or other organization. Differs from a WAN in that it is privately owned and maintained.
Enterprise servers - support all of the users on the network such as E-mail or DNS. Work
Group servers - support a specific set of users.
Since everyone on the network needs access to the enterprise servers, it should be connected
to the MDF. This way traffic to these type of services only have to travel to the MDF and
will not be transmitted across other networks.
54
The Workgroup servers should be placed in the IDF closest to the users accessing these
applications. By doing this, traffic to these servers will only have to travel network
infrastructure to that IDF and will not affect other users on that network segment.
What to Document:
A standard should be set in the addressing of important hosts on the network. This
addressing scheme should be kept consistent throughout the entire network.
Reasons to Document:
2. Multiprotocol Routing
Review:
enables the router to select the most appropriate interface for forwarding a packet.
Routed protocol
Routing protocol
Routed protocol - Protocol that can be routed by a router. A router must be able to interpret
the logical internetwork as specified by that routed protocol. Examples of routed protocols
include AppleTalk, DECnet, and IP.
RIP (Routing Information Protocol) - IGP supplied with UNIX BSD systems. The most
common IGP in the Internet. RIP uses hop count as a routing metric.
IGRP (Interior Gateway Routing Protocol) - IGP developed by Cisco to address the problems
associated with routing in large, heterogeneous networks.
OSPF (Open Shortest Path First) - Link-state, hierarchical IGP routing protocol proposed as
a successor to RIP in the Internet community. OSPF features include least-cost routing,
multipath routing, and load balancing. OSPF was derived from an early version of the ISIS
protocol.
57
Multiprotocol Routing:
routers that are capable of supporting multiple independent routing protocols and
maintaining routing tables for several routed protocols concurrently. This capability
allows a router to deliver packets from several routed protocols such as IP and IPX
over the same data links.
Static route:
a route that is explicitly configured and entered into the routing table. Static routes
take precedence over routes chosen by dynamic routing protocols. Use a protocol
route that a network administrator enters into the router. Fixed route to address (as
in a 'stub' network) reflects administrators knowlege. Useful for controlling security
and reducing traffic.
Dynamic routing:
Default route:
routing table entry (manually defined by the system administrator) that is used to
direct frames for which a next hop is not explicitly listed in the routing table.
Distance vector routing algorithm - Class of routing algorithms that iterate on the number of
hops in a route to find a shortest-path spanning tree. Distance vector routing algorithms call
for each router to send its entire routing table in each update, but only to its neighbors.
Distance vector routing algorithms can be prone to routing loops, but are computationally
simpler than link state routing algorithms. Distance vector algorithms do not allow a router
to know the exact topology of an internetwork. Also called Bellman-Ford routing algorithm.
Pass periodic copies of routing table to neighbor routers and accumulate distance
vectors
Routers discover the best path to destination from each neighbor
Updates proceed step-by-step from router to router
Link state routing algorithm - (also called Shortest Path First) Routing algorithm in which
each router broadcasts (floods) or multicasts information regarding the cost of reaching
each of its neighbors to all nodes in the internetwork. Link state algorithms create a
consistent view of the network and are therefore not prone to routing loops, but they
achieve this at the cost of relatively greater computational difficulty and more widespread
traffic (compared with distance vector routing algorithms).
Autonomous System (AS) - consists of routers, run by one or more operators, that present a
consistent view of routing to the external world. (Routers under a common administration).
The Internet Network Information Center (InterNIC) assigns a unique autonomous system
to enterprises. This autonomous system is a 16-bit number. A routing protocol such as
Cisco's Interior Gateway Routing Protocol (IGRP) requires that you specify this unique,
assigned autonomous system number in your configuration.
Global Configuration:
o Select a routing protocol, RIP or IGRP.
o Assign IP network numbers without specifying subnet values.
Interface Configuration
o Assign network/subnet addresses and subnet mask
Configuring IGRP
IGRP is a distance vector routing protocol developed by Cisco. IGRP sends routing updates
at 90-second intervals that advertise networks for a particular autonomous system.
Bandwidth
Delay
Load
Reliability
Maximum transmission unit (MTU)
EXAMPLE:
The table contains a list of all known networks and subnets and the metrics
associated with each entry.
Extended Access Lists allow filtering on address, protocol, and applications. Access lists are
used to limit broadcast traffic.
o Standard access lists for IP check the 'source address' of packets that could
be routed.
o The result permits or denies output for an 'entire protocol' suite, based on
the network/subnet/host address.
o Extended access lists check for both 'source' and 'destination' packet
addresses. They also can check for 'specific protocols', 'port numbers', and
other parameters.
Access lists express the set of rules that give added control for packets that enter inbound
interfaces, packets that relay through the router, and packets that exit outbound interfaces
of the router. Access lists do not act on packets that originates in the router itself.
Access list statements operate in sequential, logical order. They evaluate packets from the
top down. If a packet header and access list statement match, the packet skips the rest of the
statements. If a condition match is true, the packet is permitted or denied. There can be
only one access list per protocol per interface.
NOTE: For logical completeness, an access list must have conditions that test true for all
packets using the access list. A final implied statement covers all packets for which
conditions did not test true. This final test condition matches all other packets. It results in a
deny. Instead of proceeding in or out an interface, all these remaining packets are dropped.
Step 1: Set parameters for this access list test statement (which can be one of several
statements). The access list process contains global statements:
This global statement identifies the access list, usually an access list number. This
number refers to the type of access list this will be. In Cisco IOS Release 11.2 or
newer, access lists for IP may also use an access list name rather than a number.
The permit or deny term in the global access list statement indicates how packets
that meet the test conditions will be handled by Cisco IOS. Permit usually means the
packet will be allowed to use one or more interfaces that you will specify later.
The final term or terms specifies the test conditions used by this access list
statement. The test can be as simple as checking for a single source address, but
usually test conditions are extended to include several test conditions. Use several
63
global access list statements with the same identifier to stack several test conditions
into a logical sequence or list of tests.
Step 2: Enable an interface to become part of the group that uses the specific acces list. The
access list process uses an interface command. All the access list statements identified by the
access-list number associate with one or more interfaces. Any packets that pass the access
list test conditions can be permitted to use any interface in the access group of interfaces.
* IP Standard 1 - 99
* IP Extended 100-199
For TCP/IP packet filters, Cisco IOS access lists check the packet and upper-layer headers
for:
Source IP addresses using standard access lists; identify these with a number in the
range 1 to 99.
Destination and source IP addresses or specific protocols using extended access lists;
identify these with a number in the range 100 to 199.
Upper-level TCP or UDP port numbers in addition to the other tests in extended
access lists; also identify these with a number in the range 100 to 199.
For all of these TCP/IP access lists, after a packet is checked for a match with the
access list statement, it can be denied or permitted to use an interface in the access
group.
Standard lists (1-99) test conditions of all IP packets from source address
Extended lists (100-199) can test conditions of:
o Source and destination address
o Specific TCP/IP-suite protocols
o Destination ports
64
Wildcard bits indicate how to check the corresponding address bits (0=check,
1=ignore)
Wildcard mask - 32-bit quantity used in conjunction with an IP address to determine which
bits in an IP address should be ignored when comparing that address with another IP
address. A wildcard mask is specified when setting up access lists.
NOTE: Wildcard masking for access lists operates differently from an IP subnet mask. A
zero in a bit position of the access list mask indicates that the corresponding bit in the
address must be checked; a one in a bit position of the access list mask indicates the
corresponding bit in the address is not 'interesting' and can be ignored.
* Abbreviate the wildcard using the key word "host" followed by the IP address
Access list -
1. List kept by Cisco routers to control access to or from the router for a number of
services (for example, to prevent packets with a certain IP address from leaving a
particular interface on the router).
NOTE: To remove an access list, first enter the 'no ip access-group' command, including
'list number', for each interface where the list had been used, then enter the 'no access-list'
command (with list number).
21 - FTP program
23 - Telnet
IP access-group - Command that links an existing access list to an outbound interface. Only
one access list per port per protocol is allowed.
A feature for Cisco IOS Release 11.2 or newer, Named IP access lists can be used to delete
individual entries from a specific access list. This enables you to modify your access lists
without deleting and then reconfiguring them. Use named IP access lists when:
NOTE: Most of the commonly used IP access list commands accept named IP access lists.
Router(config {std-|ext-}nacl)#
{permit|deny} {ip access list text cond}
Router(config {std-|ext-}nacl)#
{permit|deny} {ip access list text cond}
Router(config {std-|ext-}nacl)#
no {permit|deny} {ip access list text cond}
* Permit or deny statements have no prepended number
* "no" removes the specified tests from the named access list
An access lists can act as a firewall. A firewall filters packets and eliminates unwanted
traffic at a destination. Where the administrator places an access list statement can reduce
unnecessary traffic. Traffic that will be denied at a remote destination should not use
network resources along the route to that destination.
13 DAYTIME Daytime
15 NETSTAT Who is Up or NETSTAT
17 QUOTE Quote of the Day
19 CHARGEN Character Generator
20 FTP-DATA File Transfer Protocol (data)
21 FTP File Transfer Protocol
23 TELNET Terminal Connection
25 SMTP Simple Mail Transfer Protocol
37 TIME Time of Day
39 RLP Resource Location Protocol
42 NAMESERVER Host Name Server
43 NICNAME Who Is
53 DOMAIN Domain Name Server
67 BOOTPS Bootstrap Protocol Server
68 BOOTPC Bootstrap Protocol Client
69 TFTP Trivial File Transfer Protocol
75 Any Private Dial-out Service
77 Any Private RJE Service
79 FINGER Finger
95 SUPDUP SUPDUP Protocol
101 HOSTNAME NIC Host Name Server
102 ISO-TSAP ISO-TSAP
113 AUTH Authentication Service
117 UUCP-PATH UUCP Path Service
123 NTP Network Time Protocol
133-159 Unassigned
160-223 Reserved
224-241 Unassigned
242-255 Unassigned
43 NICNAME Who Is
53 DOMAIN Domain Name Server
67 BOOTPS Bootstrap Protocol Server
68 BOOTPC Bootstrap Protocol Client
69 TFTP Trivial File Transfer Protocol
75 Any Private Dial-out Service
77 Any Private RJE Service
79 FINGER Finger
123 NTP Network Time Protocol
133-159 Unassigned
160-223 Reserved
224-241 Unassigned
242-255 Unassigned
7. Novell IPX
Novell IPX is similar to TCP/IP and will operate within the same network implementation
and the same route - provided you have a multiprotocol route. Some of its' characteristics
are:
The NetWare protocol stack supports all common media access protocols. The data link and
physical layers are accessed through the Open Data Link (ODI) interface.
Access lists and filters for IPX, RIP, SAP, and NetBIOS
SAP output filter can be imployed to conserve bandwidth
Scalable routing protocols, including Enhanced IGRP and NLSP
Configurable RIP and SAP updates and packet sizes
Serverless LAN support
Rich diagnostics, management, and troubleshooting features
NetWare - Popular distributed NOS developed by Novell. Provides transparent remote file
access and numerous other distributed network services.
IPX (Internetwork Packet Exchange) - NetWare network layer (Layer 3) protocol used for
transferring data from servers to workstations. IPX is similar to IP and XNS.
SAP (Service Advertisement Protocol) - IPX protocol that provides a means of informing
network clients, via routers and servers, of available network resources and services.
GNS (Get Nearest Server) - Request packet sent by a client on an IPX network to locate the
nearest active server of a particular type. An IPX network client issues a GNS request to
solicit either a direct response from a connected server or a response from a router that tells
it where on the internetwork the service can be located. GNS is part of the IPX SAP.
NetBIOS (Network Basic Input/Output System) - API used by applications on an IBM LAN
to request services from lower-level network processes. These services might include session
establishment and termination, and information transfer.
NLSP (NetWare Link Services Protocol) - Link-state routing protocol based on IS-IS. The
Cisco implementation of NLSP also includes MIB variables and tools to redistribute routing
and SAP information between NLSP and other IPX routing protocols.
2. Use a Cisco IOS command (CDP) to check on the neighbor Cisco router
NOTE: Assign the same IPX network number(s) to the router that are in use by the IPX
devices connected to that router, whether the interface is a LAN or WAN connection.
CDP (Cisco Discovery Protocol) - Media and protocol independent device discovery
protocol that runs on all Cisco manufactured equipment including routers, access servers,
bridges, and switches. Using CDP, a device can advertise its existence to other devices and
receive information about other devices on the same LAN or on the remote side of a WAN.
Runs on all media that support SNAP, including LANs, Frame Relay, and ATM media.
NetWare allows multiple different Layer 2 frame structures (encapsulations) for Novell IPX
packets. Cisco routers support all of these the framing variations.
Tunneling - Architecture that is designed to provide the services necessary to implement any
standard point-to-point encapsulation scheme.
Note: Multiple encapsulations can be specified on an interface, but only if multiple network
numbers have also been assigned. Although several encapsulation types can share the same
interface, clients and servers with different encapsulation types cannot communicate
directly with each other.
Cisco Encapsulations:
[ Novell IPX Name ][ Cisco IOS Name ]
Ethernet Ethernet_802.3 novell-ether
Ethernet_802.2 sap
Ethernet_II arpa
Ethernet_SNAP snap
Token Ring Token-Ring sap
Token-Ring_SNAP snap
FDDI FDDI_SNAP snap
FDDI_802.2 sap
FDDI_Raw novell-fddi
Specify encapsulation type when you configure IPX networks
Make sure the encapsulations on the clients, servers, and routers all match
The default encapsulation types on Cisco router interfaces and their keywords are:
Ethernet - novell-ether
Token Ring - sap
FDDI - snap
Note: The default Ethernet encapsulation type on Cisco routers does not match the default
Ethernet encapsulation type on Novell servers after NetWare 3.11.
Novell uses Novell RIP for routing. Novell RIP checks its two distance vector metrics by first
comparing the ticks for path alternatives. If two or more paths have the same tick value,
Novell RIP compares the hop count. If two or more paths have the same hop count, the
router will load share based on the IPX maximum-paths command.
Uses ticks (about 1/18 sec) and hop count (maximum of 15 hops)
Broadcasts routing information to neighbor routers every 60 seconds
74
SAP (Service Advertizements Protocol) - All servers and routers keep a complete list of the
services available throughout the network in server information tables. SAP uses an aging
mechanism to identify and remove table entries that become invalid.
Global Configuration
o Start IPX routing process
o Enable Load sharing (if appropriate)
Interface Configuration
o Assign unique Network numbers
o Set the (optional) Encapsulation type
Monitoring Commands:
Troubleshooting Commands:
5. Layer 2 Switching
Balance depends on having enough bandwidth to meet the needs of the users and the
applications
Bandwidth - The difference between the highest and lowest frequencies available for
network signals. The term is also used to describe the rated throughput capacity of a given
network medium or protocol.
Segment -
3. Term used in the TCP specification to describe a single transport layer unit of
information.
CSMA/CD - Carrier sense multiple access collision detect. Media-access mechanism wherein
devices ready to transmit data first check the channel for a carrier. If no carrier is sensed
for a specific period of time, a device can transmit. If two devices transmit at once, a
collision occurs and is detected by all colliding devices. This collision subsequently delays
retransmissions from those devices for some random length of time. CSMA/CD access is
used by Ethernet and IEEE 802.3.
Collision - In Ethernet, the result of two nodes transmitting simultaneously. The frames
from each device impact and are damaged when they meet on the physical media.
Collision domain - In Ethernet, the network area within which frames that have collided are
propagated. Repeaters and hubs propagate collisions; LAN switches, bridges and routers do
not.
Ethernet LAN data passed between segments is transmitted on the backbone of the network
using a:
78
1. Bridge - Device that connects and passes packets between two network segments
that use the same communications protocol. Bridges operate at the data link layer
(layer 2) of the OSI reference model. In general, a bridge will filter, forward, or
flood an incoming frame based on the MAC address of that frame.
2. Switch - Network device that filters, forwards, and floods frames based on the
destination address of each frame. The switch operates at the data link layer of the
OSI model.
3. Router - Network layer device that uses one or more metrics to determine the
optimal path along which network traffic should be forwarded. Routers forward
packets from one network to another based on network layer (layer 3) information.
A LAN which uses a switched Ethernet topology creates a network that behaves like it only
has two nodes - the sending node and the receiving node.
Microsegmentation - Division of a network into smaller segments, usually with the intention
of increasing aggregate bandwidth to network devices.
Latency -
1. Delay between the time a device requests access to a network and the time it is
granted permission to transmit.
2. Delay between the time when a device receives a frame and the time that frame is
forwarded out the destination port.
Broadcast domain - The set of all devices that will receive broadcast frames originating from
any device within the set. Broadcast domains are typically bounded by routers because
routers do not forward broadcast frames.
Virtual circuit - Logical circuit created to ensure reliable communication between two
network devices.
79
An Ethernet Switch learns the address of each device on the network by:
Symmetric Switch - provides switched connections between ports with the same bandwidth,
such as all 10 Mbps or all 100 Mbps ports. Multiple simultaneous conversations increase
throughput. (Optimized for peer-to-peer network traffic)
Asymmetric LAN Switch - provides switched connections between ports of unlike bandwidth,
such as a combination of 10 Mbps and 100 Mbps ports. Also called 10/100 switching.
Requires the switch to use memory buffering. (Optimized for 'client-server' network traffic
flows where multiple clients are simultaneously communicating with a server, requiring
more bandwidth dedicated to the switch port that the server is connected to.)
Store and Forward packet switching - Packet-switching technique in which frames are
completely processed before being forwarded out the appropriate port. This processing
includes calculating the CRC and checking the destination address. In addition, frames
must be temporarily stored until network resources (such as an unused link) are available to
forward the message.
Cut-through packet switching - Packet switching approach that streams data through a
switch so that the leading edge of a packet exits the switch at the output port before the
packet finishes entering the input port. A device using cut-through packet switching reads,
processes, and forwards packets as soon as the destination address is looked up, and the
outgoing port determined. Also known as on-the-fly packet switching.
Virtual LANs
VLAN (Virtual LAN) - Group of devices on a LAN that are configured (using management
software) so that they can communicate as if they were attached to the same wire, when in
fact they are located on a number of different LAN segments. Because VLANs are based on
logical instead of physical connections, they are extremely flexible.
LAN Switch (Layer 2 Switch) - High-speed switch that forwards packets between data-link
segments. Most LAN switches forward traffic based on MAC addresses. This variety of
LAN switch is sometimes called a 'frame switch'. LAN switches are often categorized
according to the method they use to forward traffic: cut-through packet switching or store-
and-forward packet switching. Multilayer switches are an intelligent subset of LAN switches.
Frame - Logical grouping of information sent as a data link layer unit over a transmission
medium. Often refers to the header and trailer, used for synchronization and error control,
that surround the user data contained in the unit.
Broadcast storm - Undesirable network event in which many broadcasts are sent
simultaneously across all network segments. A broadcast storm uses substantial network
bandwidth and, typically, causes network time-outs.
You can easily control the size of the 'broadcast domain' by regulating the overall size of its
VLANs, restricting the number of switch ports within a VLAN and restricting the number
of users residing on these ports.
Static VLANs:
81
Dynamic VLANs:
LAN Design
Design Methodology:
1. Analyze requirements
1. Media contention
2. Excessive broadcasts
5. Overloaded backbone
Layer 1 Design Goal: (Physical Layer) Build this layer of the OSI model with speed and
expansion capabilities.
82
Physical layer - Layer 1 of the OSI reference model. The physical layer defines the electrical,
mechanical, procedural and functional specifications for activating, maintaining, and
deactivating the physical link between end systems.
Media (Plural of medium) - The various physical environments through which transmission
signals pass. Common network media include twisted-pair, coaxial and fiber-optic cable,
and the atmosphere (through which microwave, laser, and infrared transmission occurs).
Sometimes called physical media.
EIA/TIA-568 - Standard that describes the characteristics and applications for various
grades of UTP cabling.
Vertical cabling (Backbone cabling) - Cabling that provides interconnections between wiring
closets, wiring closets and the POP, and between buildings that are part of the same LAN.
Catchment areas - Zone that falls within area that can be served by an internetworking
device such as a hub.
MDF (Main distribution facility) - Primary communications room for a building. Central
point of a star networking topology where patch panels, hub, and router are located.
VCC (Vertical Cross Connect) - This VCC is used to interconnect the various IDFs to the
central MDF. Since the vertical cable lengths are typically longer than the 100 meter limit
for CAT 5 UTP cable, fiber-optic cabling is normally used.
Design Hint: Since the vertical cabling will be carrying all data traffic between the IDFs and
MDFs, the speed of this connection should be designed to be the fast link in the network. In
most cases this link should be at least 100 megabits/second. Also additional vertical cable
runs should be installed to allow for future growth in the network.
Create a concentration point within the MDFs or IDFs where end host can be
grouped at Layer 1 to form a physical LAN segment.
Install LAN switching devices that use microsegmentation in order to reduce the
collision domain size.
83
Create a point (at Layer 2) of the topology where users can be grouped into virtual
workgroups (VLANs) and unique broadcast domains.
1. bridges and
2. LAN switches.
In a structured Layer 1 wiring scheme, the creation of multiple physical networks is very
easy to create by simply patching the horizontal cabling and vertical cabling into the
appropriate Layer 2 switch using patch cables.
1. Build a path between LAN segments that will filter the flow of data packets.
Traffic between the two networks can be controlled at the router. The router also is the
central point in the LAN for traffic destination of the WAN port.
Distance Vector routing algorithm - Class of routing algorithms that iterate on the number
of hops in a route to find a shortest-path spanning tree. Distance vector routing algorithms
call for each router to send its entire routing table in each update, but only to its neighbors.
Distance vector routing algorithms can be prone to routing loops, but are computationally
simpler than link state routing algorithms. Also called Bellman-Ford routing algorithm.
Pass periodic copies of routing table to neighbor routers and accumulate distance
vectors
Link State routing algorithm - (Shortest path first) Routing algorithm in which each router
broadcasts or multicasts information regarding the cost of reaching each of its neighbors to
all nodes in the internetwork. Link state algorithms create a consistent view of the network
and are therefore not prone to routing loops, but they achieve this at the cost of relatively
greater computational difficulty and more widespread traffic (compared with distance
vector routing algorithms).
IGRP configuration:
Access Lists
Access list -
85
1. List kept by Cisco routers to control access to or from the router for a number of
services (for example, to prevent packets with a certain IP address from leaving a
particular interface on the router).
NOTE: With Cisco IOS Release 11.2 and later you can also identify a standard or extended
IP access list with an alphanumeric string (name) instead of the current numeric (1 to 199)
representation.
Wildcard mask - 32-bit quantity used in conjunction with an IP address to determine which
bits in an IP address should be ignored when comparing that address with another IP
address. A wildcard mask is specified when setting up access lists. (0=check, 1=ignore)
IPX Routing
Access lists and filters for IPX, RIP, SAP, and NetBIOS
Scalable routing protocols, including Enhanced IGRP and NLSP
Configurable RIP and SAP updates and packet sizes
Serverless LAN support
Rich diagnostics, management, and troubleshooting features
86
IPX (Internetwork Packet Exchange) - NetWare network layer (Layer 3) protocol used for
transferring data from servers to workstations.
SAP (Service Advertisement Protocol) - IPX protocol that provides a means of informing
network clients, via routers and servers, of available network resources and services.
NetBIOS (Network Basic Input/Output System) - API used by applications on an IBM LAN
to request services from lower-level network processes. These services might include session
establishment and termination, and information transfer.
The NetWare protocol stack supports all common media access protocols. The data link and
physical layers are accessed through the Open Data Link (ODI) interface.
Each interface retains its own address. The use of the MAC address in the logical IPX
address eliminates the need for an Address Resolution Protocol (ARP).
When you configure Cisco IOS software for Novell IPX, use the Cisco name for the
appropriate encapsulation. Make sure the encapsulations on the clients, servers, and routers
all match. The default encapsulation types on Cisco router interfaces and their keywords
are:
Ethernet - novell-ether
Token Ring - sap
FDDI - snap
Novell RIP - a distance vector routing protocol. Novell RIP uses two metrics to make routing
decisions: ticks (a time measure) and hop count (a count of each router traversed).
Broadcasts to neighbors every 60 seconds.
GNS (Get Nearest Server) - Request packet sent by a client on an IPX network to locate the
nearest active server of a particular type. An IPX network client issues a GNS request to
solicit either a direct response from a connected server or a response from a router that tells
it where on the internetwork the service can be located. GNS is part of the IPX SAP.
Cisco routers will not respond to the GNS request. If there are no NetWare servers
on the local network, the Cisco router will respond with a server address from its
own SAP table.
Global configuration:
o Start the IPX routing process
o Enable load sharing (if appropriate)
Interface configuration:
o Assign unique network numbers to each interface
o Set the optional encapsulation type
Monitoring Commands:
Troubleshooting Commands: