CCNA (CISCO CERTIFIED NETWORK ASSOCIATE)

I) networking essentials notes

1) Network orientation
• No dedicated server or hierarchy, also called a workgroup
• Usually 10 or fewer workstations
• User act in same general area and limited growth
2) Server based networks
• 10 or more users
• Employers specialized servers
1. File and print
2. Application
3. Mail
4. Fax
5. Communication (Gateways)
3) Combination Networks: - combination the features of both peer to peer and server
based networks. User can share resources among themselves as well as access server
based resources.
II) Network Topologies
Q) What is Topologies?
Ans:-when you are cabling up our computer and networking devices, various types of
topologies can be used. A topology defines how the devices are connected.
Fig no.1

PC1 PC2

Point-to-point topologies have a single connection between two devices. In this

topology, two devices can directly communicate interface from other devices. These
types of connections are not common when many devices need to be connected together.
Point to point topology is when we connect two routers across on dedicated WAN circuit

1
Fig no. 2
Star and extended star

PC1 PC3

SERVER

PC2 PC4

In a star topology a central devices has many point-to-point connection to other

devices .Star topology are used in environment where many devices need to be
connected. a media type that user a star topology is 10 Base T Ethernet. when connecting
devices together we connect our computer to hub or switch (the center of the topology)an
extended star topology is basically multiple star topologies interconnected.
Fig.no. 3

PC1 PC2 PC3

A bus topology uses a single connection or wire to connect all devices. Certain media
type like 10 base 5 and 10 base 2 Ethernet use bus topology typically special types of
connectors or Tran receivers are used to connects the cables in order to provide the bus
topology. in base 2 , for example each devices connects to a single strand of coaxial cable
via a vampire tap. This devices taps into the single strand of coaxial cable and provide the
physical connection from a networking device to the single strand of cable.

2
SINGLE AND DUAL RING

PC1 PC2

PC1 PC2

A ring topology device one connects to device two devices two connects to devices
three and so on until last devices, which connect back to devices one ring topologies can
be implemented with a single ring or a dual ring. Dual ring are typically used when you
need redundancy. For example if one of the devices fails in the ring , the ring can wrap
itself as shown fig -3 to provide single functional ring. Fiber distributed data interface
(FDDI) is an example of a media technology that uses dual ring to connect computers
devices

PC1 PC1

PC2 PC4 PC2 PC4

PC3 PC3
Partical mesh Full Mesh

3
Mash generally describes how devices are connected together. There are two types of
mashed topologies
1) Partial
2) Full
Partial topology:- in a partially mashed environment, every devices is not connected to
every other devices. The topologies in the preceding section, partial and full mesh can be
seen from both a physical and logical. For example in a physical bus topology, all the
devices are fully mesh. Since they are all connected to the same piece of wire- this is both
a physical and logical fully meshed topology. This is common in LAN topology. WANs
on the other hand because of their cost commonly use partially meshed topologies to
reduce the cost of connected devices for example in the partially meshed network devices
can all communicate via the devices on the right-hand side this communication
introduces a delay in the transmission , but it reduces the cost since not as many
connections are needed.
Example of physical and logical topology

Media Type Physical Topology Logical topology

Ethernet bus, star, or point to point Bus
(10 to 1.2 GBPS)
FDDI Ring Ring
(100MBPS)
Token ring Star Ring
(16 MBPS)

III) SIGNAL AND INFORMATION TYPE

1) Unicast: - Represents a single devices on a segment
2) Broadcast: - Represents every device on a segment.
3) Multicast: - Represents a group of devices on a segment.

1)Unicast :- a frame with a destination unicast Mac Address is intended for just
one devices on a segment in this example PC-A create an Ethernet frame with a
destination MAC address that contain PC-C ‘s address .when PC-A place this data link
layer frame on the wire . all the devices on the segment received it .each of the NIC ‘s of
PC-B. PC-CD & PC-D examine the destination MAC address in the frame ,in this

4
instance only PC-C’s NIC will process the frame, since the destination MAC address in
the frame matches the MAC address of its NIC . PC-B will ignore the frame.

PC-A PC-B PC-C PC-D

2)Multicast:- unlike the Unicast address , a Multicast address represents a group

of devices on a segment the multicast group can contain anywhere from on devices to
every device on a segment one of the interesting is the membership of a group is
dynamic- devices can join and leave as they please . the detailed process of multicasting
is beyond the scope of their book whenever.
PC-A PC-B PC-C PC-D

In this example PC-A sends data link layer frame to a multicast group on its
segment. Currently only PC-A, PC-C and PC-D are member of this group. When each of
the PC receives the frame, its NIC examines the destination MAC address in the data link
layer frame. In this example, PC-B ignores the frame. Since it’s not a member of the
group. However, PC-C and PC-B will process the frame.

3) Broadcast: - A Broadcast is a data layer frame that is in tented for every

networking devices on the same segment

5
 PC-A PC-B PC-C PC-D

In this example PC-A puts a broadcast address in the destination field of the data
link layer frame for MAC address broadcast , all of the bit position in the address are
enable making the address ffff.ffff.ffff.ffff. In hexadecimal. This frame is then placed on
the wire when PC-B, PC-C and PC-D received the frame they all process it

ETHERNET:- Ethernet is a LAN media type that functions at the data link layer.
Ethernet uses the Carrier Sense Multiple Access/Collision Detection (CSMA/CD)
mechanism to send information in a share environment .Ethernet was initially developed
with the idea that many devices would be connected to the same physical piece of wiring.
The acronym CSMA/CD describes the actual process of how Ethernet functions. in a
traditional or hub –based , Ethernet environment only one NIC can successfully send a
frame at a time
Note:- for more detail open CCNA study guide page no. 35

CONNECTING NETWORK COMPONENTS

Primary Cables Types
• Coaxial Cable
• Twisted-Pair
1) UTP- Unshielded Twisted Pair
2) STP-Shielded Twisted Pair
• Fiber –Optic

6
Coaxial Cable
1) Consists of a solid or standed copper core surrounded by insulation, a braided shield
and insulating packet

2) Braided shield prevents noise and crosstalk.

3) More resistant to interference and attenuation than twisted pair cabling.
4) Both thin and thick cable can use
BNC cable connectors
BNC barrel connectors
BNCT connectors
BNC terminators
Thinnet –RG-58 cables
• 0.25” thick
• Uses connectors
BNC twist connectors
BNC barrel connectors
BNCT connectors
50-ohm terminators
• Can carry signals 185 meters or 607 feet.
Coaxial cable types-
RG-8 and RG-11 Thick net (50 ohms)
RG-58 Family
RG-58/U Solid Copper (50 ohms)
RG-58 A/U Thinnet, standed copper (50 ohms)
RG-58 C/U Thinnet, military grade(50 ohms)
RG-59 Broadband/ cable TV (75 ohms)
RG-62 A/U ARC NET CABLE (93 ohm) RG-62 A/U is the stand ARC net
cable ARC net can use fiber optic or twisted pair.

Limitation of 10 base 2 Ethernet

7
• Length of trunk segment may be up to 607 feet
• A maximum of 30 workstations are allowed per trunk
• There may be no more than 1029 workstation per network
• The minimum cable length between workstation in 20 inches
• The Ethernet -5-4-3 rules for connecting segment is 5 trunk segments can be
connected , with 4 repeaters or concentrators with no more than 3 populated
segments (no coaxial cable)
Thicknet- RG-8 and RG-11 coaxial cable
• 0.5” thick - transmits at 10 mbps.
• Used for 10 base 5 networks linear bus topology.
• Used DIX or AUI (Attachment Unit Interface) connector also know as DB-15
connector to connect to external transceiver.
• Vampire taps are used to attach a transceiver to the thick net trunks.
• Can carry signals 500 meters or 1646 feet.
• Much less flexible and far more bulky and harder to install than thinnet.
• Better security than thinnet.
• Better resistance to electrical interference than thinnet.
• More expensive than thinnet
Twisted pair cable:-
• Consists of two insulated copper wires twisted around each other
• Twisting cancels out electrical noise from adjacent (crosstalk) and external
source.
• User RJ-45 telephone type connector’s (larger than telephone and consist of eight
wires where as telephone has 4 wire)
• Generally inexpensive and easy to install
Unshielded Twisted Pair UTP
• Maximum cable length is 100 meters or 328 (10 base T)
• Types
1. Cat 1 voice grade telephone cable

8
 2. Cat2 Data grade up to 4 Mbps ,four twisted pair .category 3 and above is
needed for Ethernet network .Cat3, 4,5, uses RJ-45 Connectors
3. Cat 3 Data grade up to 10 Mbps , four twisted pair
4. Cat 4 data grade up to 16 Mbps four twisted pair
5. Cat 5 data grade up to 100 Mbps four twisted pair.
Limitation of 10 bases T
• Workstations maybe no more than 328 feet from the concentrator port.
• 1023 stations are allowed on a segment without bridging.
• The minimum cable length between workstation is 8 feet.
Other drawback
• UTP is particularly susceptible to crosstalk, which is when signal from one line
get mixed up with signal from another.
• Easily tapped (because there is no shielding)
• 100 meters is shortest distance – attenuation is the biggest.
shielded twisted pair(STP)
• Uses a woven copper braid jacket and higher quality protective jacket. Also uses
foil wrap between and around the wire pairs.
• Much less susceptible to interface and supports higher transmission rate than
UTP
• Shielded makes it some what harder to install
• Some 100 meters limit as UTP
• Used in Apple talk and taken ring network.
Fiber optic cable
LAN typically use either copper or fiber optic cabling copper cabling is discussed
in more depth in the section Ethernet. fiber optic cabling uses Light Emitting
Diode(LED) and LASER to transmit data. With this transmission, light is used to
represents binary 1’s & 0’s ,if there is light on the wire represents a 1 ,if there is no light
this represent a 0 . Fiber optic cable is good for very high speed long distance data
transmission. it cant be tapped and data stolen – high security. For example: - speeds of

9
100Gbps and distance of over 10 kilometers are achievable through the used of fiber
optic-copper cannot come close to these feats
Disadvantages of fiber optic:-
• It is expensive
• Difficult to troubleshoot
• Difficult to install and reliable than copper.
Two types of fiber are used for connections
1. Multimode 2. single mode

Stealth Cladding center model

Conductor Dispersion
Type of UTP cables
UTP SPEED CONNECTORS
CAT-1 1 Mbps RJ-11
CAT-2 4 Mbps RJ-45
CAT-3 16 Mbps RJ-45
CAT-4 20 Mbps RJ-45
CAT-5 10/100 Mbps RJ-45 (wildly used)
CAT-6 155 Mbps RJ-45
CAT-7 10 to 1.2 Gbps RJ-45
CAT-5e 1.2 Gbps RJ-45(least)
UTP COLOUR PAIR
1) ORANGE PAIR ORANGE
WHITE ORANGE
2)GREEN PAIR GREEN
WHITE GREEN
3)BLUE PAIR BLUE
WHITE BLUE
4)BROWN PAIR BROWN
WHITE BROWN
Type of UTP cables

10
 1. Straight cable
2. crossover cable
3. rolled cable
STRAIGHT CABLE
568 A PIN LEVEL PIN LEVEL 568 B
GREEN WHITE 1 TX+ 1 RX+ ORANGE WHITE
GREEN 2 TX- 2 RX- ORANGE
ORANGE WHITE 3 RX+ 3 TX+ GREEN WHITE
BLUE 4 NC 4 NC BLUE
BLUE WHITE 5 NC 5 NC BLUE WHITE
ORANGE 6 RX- 6 TX- GREEN
BROWN WHITE 7 NC 7 NC BROWN WHITE
BROWN 8 NC 8 NC BROWN

NOTE:- TX+ RX+

TX- RX-

CROSSOVER CABLE:-
PIN LEVEL PIN LEVEL
1 TX+ 1 TX+
2 TX- 2 TX-
3 RX+ 3 RX+
4 NC 4 NC
5 NC 5 NC
6 RX- 6 RX-
7 NC 7 NC
8 NC 8 NC

NOTE:TX+ RX-
TX- RX+
ROLLED CABLE
HOST ROUTER/SWITCH
1 1
2 2

11
3 3
4 4
5 5
6 6
7 7
8 8

TYPES OF PORTS
1)X PORT(hub port, switch port)
2)NON X PORT (uplink port of hub, switch, NIC port, router Ethernet port)
RULES:-
1. X port to X port there are used cross cable
2. Non x port to Non X port there are used cross cable
3. non X port to X port there are used straight cable
4. MDI port to normal port there are used straight cable or normal to normal cross cable
NOTE:- X =CROSS
IEEE’S Version of Ethernet(Institute of Electrical and Electronic Engineers)
There are actually two variants of Ethernet. IEEE implementation and the DIX.
Ethernet was developed by three different companies in the year 1980’s .digital ,intex and
Xerox or DIX for short this implementation of Ethernet has evolved over time . its
current version is called Ethernet II devices running TCP/IP typically use the Ethernet II
implementation
The second version of Ethernet was developed by IEEE and standardized in the
IEEE 802.2 and 802.3 standards .IEEE has split the data link layer in to components,
MAC (Media Access Control) and LLC (Logical Link Control) the top part of data link
layer is the LLC and its function is performed in software. The bottom part of the data
link layer is the MAC and its function is performed in hardware.
Ethernet
1. Normal Ethernet 10Mbps-IEEE 802.3
2. fast Ethernet 100Mbps-IEEE 802.3u
3. Gigibit Ethernet 1000bps-IEEE 802.3q

12
 a. Optical standard IEEE 802.32
b. Electrical standard IEEE 802.3ab
4. Tara bit Ethernet 10Gbps-IEEE 802.3ae
Normal Ethernet transmitted name AUI (Attachment Unit Interface)
AUI- 1 bit at a time transfer to the physical layer from data link media access method.
MII- 4 bit at a time transfer to the physical layer from data link media access method.
Gigi-MII- 8 bit at a time transfer to the physical layer from data link media access
Method.
BIT - one binary digit 1 or 0, eight bit make a byte.

IEEE 802.3
STANDARD CABLE USED MAX.SEGMENT LENGTH
10 BASE 2 50 ohm’s thin coaxial cable 185 Meters
10 BASE 5 50 ohm’s think coaxial cable 500 Meters
10 BROAD 35 75 ohm’s thin coaxial cable 1800 Meters
10 BASE FX Multimode fiber optic cable 2000 Meters
10 BASE FP Multimode fiber cabling passive topology 2000 Meters
10 BASE T Cat 3,4, UTP Cable 100 Meters

IEEE 802.3U
STANDARD CABLE USED MAX. SEGMENT LENGTH
100BASE T CAT 5,5E,6 100 Meters
100BASE TX CAT 5,5E,6 ,UTP&STP cable 100 Meters
100BASE T4 CAT 5,5E,6, UTP 100 Meters
100BASE FX Multimode Fiber Optical 400 Meters TO 2 KM
100BASE FX Single Mode Fiber 10 KM

IEEE 802.3Q
STANDARD CABLE USED MAX. SEGMENT LENGTH
1000 BASE T CAT 6,7, 5E 100 Meters
1000 BASE CX Copper Shielded Pair(STP) 25 Meters

ELECTRICAL
STANDARD CABLE USED MAX. SEGMENT LENGTH
1000 BASE SX Multimode fiber cable 2000 Meters
1000 BASELX Long wave length Single mode 10 KM

13
 fiber

NOTE:- 10 is the speed

Base (base band) a feature of a network technology that uses only one carrier
frequency
S – Maximum segment length
CABLE TYPE COMPARISONS:-
CABLE DISTANCE DATA-RATE COMPARISON
UTP 100 Meters 10-100 Mbps Easy to install but is susceptible to
interference
STP 100 Meters 10-100 Mbps Is difficult to install
(Shielded twisted pair)
COAXIAL 500 Meters 10-100 Mbps Easy to install but is difficult to
troubleshoot
FIBER OPTICAL 10 KM 10 Mbps-100Gbps Is difficult & expensive to install
,difficult to troubleshoot, but can
span very long distance

Define the CSMA/CD

Carrier senses multiple accesses with collision detection, a technology defined by the
Ethernet IEEE 802.3 committee. each device sense the cable for a digital signal before
transmitting also CSMA/CD allows all devices on the network to share the same cable,
but one at a time, if two devices transmit at the same time a frame collision will occur
and a jamming pattern will be sent, the devices will stop transmitting, wait a
predetermined as well as self – imposed random amount of time and then try to transmit
again

CD
CD
BD

CD
CD

14
One CD = One LAN Segment.
1. CD can break to domain
2. number of machine in CD decrease
3. fever delay time
4. decrease the collision
5. network speed increase

DEVICES COLLISION DOMAIN BROADCAST DOMAIN

Repeater X X
Hub X X
Bridge X
Switch X
Router
MLS(Multi Layer Switch)
NOTE:-A broadcast domain must have a unique network identification number

THE 802 PROJECT MODEL (not in CCNA)

IEEE 802 PROJECT WORKED
802.1 Internet working
802.2 Division of data link layer in to sub layers
1.LLC(Logical Link Layer) 2.MAC (Media Access Control)
802.3 CSMA/CD – Ethernet
802.4 Token bus LAN (ARL NET)
802.5 MAN(Metropolitan Area Network)
802.6 Token ring LAN
802.7 Broad band technical advisory group
802.8 Fiber optical technical advisory group
802.9 Integrated voice / data network
802.10 Network security
802.11 Wireless networks
802.12 Demand priority Access LAN 100 Base, any LAN

CSMA/CD

15
Back off algorithm- back off is a retransmission
1. 1-2sec x ½ millisecond
2. 1-4sec x ½ millisecond
3. 1-8sec x ½ millisecond
4. 1-16sec x ½ millisecond
5. 1-32sec x ½ millisecond …………..Till 16 th time
After 16 attempts if they flash to transmit the signal then it will be called time out
BROADCAST DOMAIN
1. fever number of machine in each and every BD
2. Maximize the rate of broadcast in the network, which will effectively maximize the
channel of framing in network.
3. Maximize the machine throughput.
4. maximize the delay time
1broadcast domain-1lan/ 1 subnet/1 network.
What are protocols
A protocol is a rules or set of rules and standards for communicating that
computer use when they send data back and forth , both the sender and receiver included
in the data transfer must recognize and observe the same protocols to exchange data, the
sending and the receiving computer also called lusts must agree on what the data will
look like. When one host is sending to another lost a whole bunch of 1’s & 0’s ,both host
have to agree on the meaning and placement of each 1 & each 0 .part of the information
that is send represent address and part is data each host has a unique address. Just as you
have a unique address on your street and just like a letter being delivered to your address ,
data is delivered to the appropriate host based on its address the host that send the
information must understand how to find correct address among the data so that the data
can be routed to its destination

WHAT IS TCP/IP?
TCP/IP is a set of protocols that enable communication between computers .there
was a time when it was not important for computer to communicate with each other there

16
was no need for common protocols but as computer becomes networked. The need arise
for computer to agree on certain protocol.
Apart of the reason is that TCP/IP is the protocol of choices on the internet- the
worlds largest network .if you want a computer to communicate on the internet it will
have to use TCP/IP.
Another reason for TCP/IP popularity is that it is compatible with almost every
computer in the world. The TCP/IP stack is support by current versions of all the major
operating system and network operating system including Windows 95/98, WIN NET,
WIN 2000, WIN XP.WIN 2003, LINUX, UNIX, & NETWARE.
Example: - if companies that have products that work with TCP/IP include
Microsoft, Novell, IBM, Apple Suse and Red hat. Many other companies also support the
TCP/IP protocols suite
Note:-TCP/IP is sometime referred to as the language of the internet

BIRTH OF TCP/IP
The language spoken by host on the ARPA net(Advance Research Project
Agency) in 1969 was called NCP(Network Control Protocol)however NCP had too many
limitations and was not robust enough for the super network ,which was beginning to
grow out of control. The limitation of NCP and the growth of ARPA net led to research
and development of a new network language.
In 1974, vint cery and bob kahn, two internet pioneers published “a protocol for
packet network interconnection” this paper describes the transmission control protocol
(TCP) which is a protocol in the protocol suite that would eventually replace NCP
The TCP protocol describes the host to host portion of a communication TCP
explain how two host can setup this communication and how they can stay in touch with
each other as data is being transferred .NCP did not resolve these issues to the extent that
TCP was able to. TCP is responsible for making sure that the data get through to the other
host. It keeps track of what is send and retransmits anything’s that did not get through if
any message is too large for one package TCP splits the message into several package

17
and makes sure that the they all arrive correctly after they have arrived . TCP at the order
end put all the package back together in the proper order.
By 1978 ,testing and further development of this language led to a new suite of
protocols called Transmission Control Protocol /Internet Protocol(TCP/IP).IN 1982,Ii
was decided that TCP/IP would replace NCP as the standard language of the ARPA net.
RFC 801 (Request For Comments by IETF-Internet Engineering Task Force) describe
how and why the transition from NCP to TCP was to take place. On January 1, 1983,
ARPA net switch over to TCP/IP and the network continued to grow exponentially.
In 1990, the ARPA net ceased to exit, the internet has since grow from ARPA
net’s root and TCP/IP has evolved to meet the changing requirement of the internet.

Why use TCP/IP?

TCP/IP offers many advantages over other network protocols and protocol suites .here is
a summary of some of the benefits of using TCP/IP protocol suite.
• Widely published , open standard :- TCP/IP is not a secret ,it is not a proprietary or
owned by any corporation ,because it is a published protocol with no secrets ,any
computer engineer is able to improve or enhance to protocol by publishing an RFC
• Compatible with different computer system: - TCP/IP enables any system to
communicate with any other system .if is like a universal language that would enable
people from any country to communicate effectively with people from any other
country.
• Work on different hardware and network configurations:- TCP/IP is accepted and can
be configured for virtually every network created.
• Routable protocols:- TCP/IP can figure out the path of every price of data as it moves
through the network because TCP/IP is a routable protocol the size of any TCP/IP
network is virtually unlimited.
• Reliable, efficient data delivery:-TCP/IP can guarantee that the data is transferred to
another host.
• Something extra
• Internetwork:- several smaller network connected together
• Packet:-a unit of data that is prepared for transmission in to a network.

18
• Network control protocol :-the protocol use before TCP/IP
• Network administrator:- a person who installs monitor and troubleshoots a networks.
• Protocols stack :- protocol that send and receive data.
• Encapsulation :-the wrapping of packet in to the appropriate package or format and
also peer layer communication

TCP/IP AND DOD MODEL

The TCP/IP protocols suite was developed before the OSI model (Open Standard
Interconnection) was published as a result. it does not use the OSI model as a reference.
TCP/IP was developed using the department of defense (DOD) reference model. It is
important to be familiar with the OSI model through, because OSI is to compare the
TCP/IP suite with other protocols suites, unlike the OSI model. The DOD reference
model has four layers.

THE FOUR LAYER OF THE DOD MODEL ARE:-

APPLICATION:-covers the same topics as application presentation and session layer in
the OSI model.
TRANSPORT:-cover the topics of transport from the OSI .
INTERNET:-cover the topic of network from the OSI.
NETWORK INTERFACE LAYER:-cover the topic of data link and physical from the
OSI model.
OSI model TCP/IP AND DOD MODEL
Application Layer Application/process Layer
Presentation Layer
Session Layer
Transport Layer Transport Layer
Network Layer Internet Layer
Data link Layer Network interface layer
Physical Layer

THE TCP/IP PROTOCOL SUITE

DOD MODEL

19
 Process/Application Telnet FTP LPD SNMP

TFTP SMTP NFS X-Window

Host to Host/ TCP UDP

Transport Layer

internet ICMP ARP RARP

IP

Network Access Ethernet Fast Token ring FDDI

Ethernet

I)THE PROCESS / APLICATION LAYER PROTOCOL-

It will describe the different application and services typically used in IP
network . the different protocol and application covered in this section the following
1. TENTET 2.FTP
3. TFTP 4.NFS
5. SMTP 6.LPD
7. X-WINDOW 8.SNMP
9. DNS 10.DHCP/BOOT P
1. TELNET:- telnet is the chameleon of protocol- its specialty is terminal emulation
.it allows a user on a remote client machine called the telnet client ,to access the
resources of another machine the telnet server. This projection is actually a
software image a virtual terminal that can interact with the chosen remote host
2. FILE TRASNFER PROTOCOL (FTP) Ftp is the protocol that actually lets us
transfer files and it can accomplish this between any two machines using it. But
FTP is not just a protocol, it also a program operating as a protocol, FTP is used
by application as a program, it is employed by user to perform file task by hand.
FTP also allows for access to both directories and files and can accomplish certain
type of directory operations such as relocating in to different ones FTP teams up
with telnet to transparently log you in to the ftp server and than provides for the
transfer of files.

20
3. TRIVIAL FILE TRANSFER PROTOCOL (TFTP) TFTP is the stripped –
down, stock version of ftp, but it is the protocol of choice if you know exactly
what you want and where to find it, plus it is so easy to use and it’s fast too. It
does not give you the abundance of function that ftp does, though TFTP has no
directory browsing abilities, it can do nothing but send and receive files. This
compact little protocol also skimps in the data department, sending much smaller
block of data than FTP and there no authentication as with FTP so its insecure
.few sites support it because of the inherent security risks.
4. NETWORK FILE SYSTEM (NFS) is a jewel of the protocol specializing in file
sharing. It’s allowed two different types of files to interoperate. It works like this,
suppose NFS server software is running on NT 2000, 2003server and the NFS
client software is running on a Unix host. NFS allows for a portion of the RAM
on the 200 server to transparently store Unix or Linux files much , which can in
turn be used by Unix and Linux user even though the 2000 or NT file system and
Unix or Linux file system are unlike- they have different case sensitivity .file
name length, security and so on both Unix user and NT user can access that same
file with their normal file system in their normal way.
5. SIMPLE MAIL TRANSFER PROTOCOL (SMTP)answering our ubiquitous
cell to e-mail, uses a spooled or queued, method of mail delivery .once a message
has been sent to a destination, the message is spooled to a device –usually sdisk .
the server software at the destination posts a vigil, regularly checking this queue
for messages .when its detects them. it proceeds to deliver them to their
destination. SMTP is use to send mail, POP3 is used to receive the mail.
6. LINE PRINTER DAEMON (LPD) LPD is protocol is designed for printer
sharing. The LPTD along with the (line printer) LPR program. allows prints jobs
to be spooled and sent to the networks printer using TCP/IP.
7. X-WINDOW Designed for client –server operations X window defined a
protocol for writing client/server application based on a graphical user
interface(GUI) the idea is to allow a program called a client a client to run on one
computer and have it display thing through a window server on another computer.

21
8. SIMPLE NETWORK MANAGEMENT PROTOCOL.(SNMP) SNMP
collects and manipulates this valuable network information it gather data by
polling the device on the network from a management station at fixed or random
intervals. Requiring them to disclose certain information when all is well. SNMP
receive something call a baseline-a report delimiting the operational traits of a
healthy network. This network can also stand as watchdogs over the network
quickly notifying managers of any sudden turn of event. These network
watchdogs are called agents and when aberration occurs, agent send an alert
called a trap to the management station.
9. DOMAIN NAME SERVER (DNS) resolves hostname – specifically internet
name, such as WWW.LASER.COM, you do not have to use DNS, you can just
type in the ip address of any machine you want to communicate with. An ip
address identifies host on a network and the internet as well, however DNS was
designed to make our lives easier. think about this what would change to move
your web page to a different service provider? The IP address would change and
no one would know what the new one was. DNS allows you to use a domain
name to specify an IP address you can change the IP address as often as you want
and no one will know the difference
DNS is used to resolve Fully Qualified Domain Name (FQDN) for example
WWW.LASER.COM, MAIL.LASER.COM. An FQDN is a hierarchy that can
logically locate a system based on its domain identifier.
If you want to resolve the name “LASER”, you either must type in the
FQDN of laser. mail.com or have a device such as a pc or router add the suffix for
you for example- on a Cisco router you can use the command IP domain-name
laser.com to each request with the laser.com domain .if you do not do that, you
will have to type in the FQDN to get DNS resolve the name.

10. DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) / BOOTP

(BOOTSTRAP PROTOCOL)

22
 Gives IP address to hosts. It allows easier administration and works well in small-to-
even-very large network environment; all types of hardware can be used as a DHCP
server including a Cisco router
DHCP differs from Bootp in that bootp gives an IP address to a host but the host
hardware must be entered manually in a bootp table. You can think of DHCP as a
dynamic bootp .but remember that bootp is also used to send an operating system that
a host can boot from DHCP cant do that.
But there is a lot of information a DHCP server can provide to a host when the host is
requesting an IP address from the DHCP server, here a list of the information a
DHCP server provide
• IP address
• Subnet mask
• Domain name
• Default gateway
• DNS
• WINS information
II) THE HOST TO HOST/ TRANSPORT LAYER PROTOCOL
The TCP/IP transport or host-to-host layer is responsible for providing a logical
connection between to devices and can provide these two functions
1. Flow control (through the use of windowing and acknowledgements)
2.Reliable connections(through the use of sequence number and
acknowledgements)
the host to host or transport layer package application layer data into segment to send to a
destination devices .the remote destination is responsible for taking the data from
segment and forwarding it to the correct application .TCP/IP has two transport layer
Transmission Control Protocol(TCP)and user datagram protocol(UDP).these protocol are
discussed in the following sections
TCP- TCP means main responsibility is to provide a provide a reliable connection-
oriented logical service between two devices .it can also use windowing to implement
flow control so that a source device does not over them a destination with the too many
segment.

23
TCP Segment- TCP transmits information between devices in a data unit called a
segment

TCP SEGMENT FORMAT

Bit0 bit1bit2 ………………….bit15 bit16……………………………….bit31
SOURCE PORT (16) DESTINATION PORT(16)
SEQUENCE NUMBER (32)
ACKNOWLEDGEMENT NUMBER (32)
HEADER RESER CODE WINDOW (16)
LENGTH(4) VED(6) BIT(6)
CHECKSUM(16) URGEENT(16)
OPTIONS(0 OR 32 ANY)
DATA (VARIES)
24 BYTES

The TCP header is 20 Bytes long, or up to 24 bytes with options ,you need to understand
what each field in the TCP segment is .the TCP segment contain the following fields
1) Source port:-the port number of the application on the host sending the data.
2) Destination:- the port number of the application requested on the destination host.
3) Sequence number: - puts the data back in the correct order or retransmits missing or
damaged data, a process calls sequencing.
4) Acknowledgement number: - define which TCP octet is expected next.
5) Header length:-the number of 32-bit words in the TCP header this indicates where
the data begin. The TCP header (even one including option) is an integral number of
32 bits in length.
6) Reserved: - always set to zero.
7) Code bits: - control function use to setup and terminate a session.
8) Checksum:-the Cyclic Redundancy Check (CRC) because TCP does not trust the
lower layer and check everything the CRC checks the Header and data field.
9) Window:-the window size the sender is willing to accept in octets.
10) urgent:-A valid field only if the urgent pointer in the code bit set ,if so ,this value
indicate that offset from the current sequence number in octets, where the first
segment of non-urgent data begins.

24
11) options:-may be 0 or a multiple of 32 bits , if any what this means is that no option
have to be present (option size of 0) however, if any option are used that do not cause
the option field to total a multiple of 32 bit, padding of 0’s must be used to make sure
the data begin on 32 –bit boundary.
12) Data:- handed down to the TCP protocol at the transport layer , which includes the
upper layer header.
TCP’S MULTIPLEXING FUNCTION:-TCP and UDP, provide a multiplexing
function for a device .this allow multiple application to simultaneously send and receive
data. With this protocol, port number are used to differentiate the connection. Port
number are broken in to two basic categories well-know port number (some time called
reserved port number) and source connection port number, each application is assigned a
well-know port number that is typically between 1 to 1023. Any time you want to make a
connection to a remote application your application program will use the appropriate
well-know port number
Port number are assigned by the internet assigned network authority
(IANA).when a vendor develops a new commercial application and want a reserved
(well-know) port number, he applies for one to this organization.
Some common TCP application and port number
FTP 20 &21 HTTP 80
SMTP 25 TELNET 23
WINDOWING:-TCP allow the regulation of the flow of segment, ensuring that one
device does not flood another device with too many segment. TCP uses a sliding
windowing mechanism to assist with flow control. Example – if you have a window size
of 1, a device can send only one segment, and then must wait for a corresponding
acknowledgment before sending the next segment, if the window size is 20 a device can
sent 20 segment and then has to wait to for an acknowledgement before sending
additional segment.
The large the window size is for a connection, the less acknowledgement that are
sent thus making the connection more efficient. too small a window size can affect
through put , since a device has to sent a small number of segment, wait for an
acknowledgement , sent another bunch of small segment and wait again. The trick is to

25
figure out an optimal window size one that allows for the best efficient based on the
current conditions in the network and on the two devices.
A nice feature of this process is that the window size can be dynamically changed
through the lifetime of the connection. That is important because many more connection
may come in to device with varying bandwidth needs. therefore , as a device becomes
returned with segment from many connections , it can assuming that these connection are
using TCP, lower the window size to slow of segment coming in to it .

UDP: - Where TCP provides a reliable connection UDP provide an unreliable

connection. UDP does not go through A -3-way hand shake to setup a connection –it just
begins sending its information. Likewise. UDP does not check to see if sent segment
were received by a destination, in other words, it does not have an acknowledgement
process. Typically, if an acknowledgement process is necessary the transport layer (UDP)
would not provide it. Instead the application itself at the application layer, will provide
this verification
Given these deficiencies UDP does not have an advantages over TCP, it has less
over head for example:- if you only need to sent one segment and received one segment
back and that’s is the end of the transmission, it makes no sense to go through a 3-way
handshake to first establish a connection and than send and receive the two segment, this
is not very efficient. DNS queries are a good example where the use of UDP makes
sense. If you are sending a large amount of data to a destination and need to verify that, it
was received than TCP would be a better transport mechanism.

UDP segment Format: - it is important for you to understand what each field in the UDP
segment is, the UDP segment contain following field.
Figure UDP
Bit 0..........................................bit 15 bit 16…………………………..bit 31
8 Source Port (16) Destination(16)

Length(16) Checksum(16)

Data (if any)

26
b
y
t
e
s s

1) Source Port: - Port number of the application on the host sending the Data
2) Destination Port: - Port number of the application requested on the Destination host.
3) Length: - Length of UDP header and UDP data.
4) Checksum: - Checksum of both the UDP header and UDP data fields.
5) Data: - Upper layer data.

Feature of TCP and UDP

TCP UDP

Reliable Unreliable
Connection –oriented Connection less
Virtual-circuit Low –overhead
Acknowledgement No acknowledgement
Windowing flow control No Windowing or flow control
The internet layer protocols:-Layer 3 of the TCP/IP protocol stack is called the internet
layer. The corresponding layer in the OSI reference model is the network Layer . the
internet protocol(IP) is just one of the common in the industry to hear people refer to
TCP/IP as just “IP” however . This is a misnomer since IP is just one of many protocols
within TCP/IP. Other IP protocol include
ARP Address Resolution Protocol
RARP Reserve Address Resolution Protocol
ICMP Internet Control Message Protocol
OSPF Open Short List Path First
And other………….
Network Addressing-
Network Addressing are divided in to two part.
1) Physical Address /Hardware Address
2) Logical Address /TCP/IP Address
1. Physical Address /Hardware Address:-with in every packet of data is a header
that contain addressing information this header enable the packet to arrive at the

27
 correct location. This addressing information comes from a physical address that is
burned in to every network interface card when card is manufactured. This address
will not change for the life of the card. This burned in address can be called any of the
following
• Hardware Address
• Media Access Control(MAC) Address
• Ethernet address
• Physical address
• Network interface card (NIC) address
The Hardware Address is unique to all the network cards ever manufactured, it is a 12 –
character hexadecimal address
00:aa:90:0f:92:54
The three most common numbering system used in the computer industry are binary,
decimal, hexadecimal. The hexadecimal numbering system uses the same 0 to 9 digits as
decimal, than uses A ,B, C, D , E , and F to represent 10 ,11, 12, 13, 14, and 15. The
decimal represented in hexadecimal as 10.
The first six of these hexadecimal characters represent the manufacturer and are
unique to the network cards. The last six character from a unique serial number that that
card’s manufacturer has assigned to it.
Therefore, if a network card manufacturer does not use the same serial number twice
and or two manufacturers use the same manufacturer ID, no two-network cards will ever
have the same hardware address. In the same way that a social security number uniquely
identifies a person, a hardware address uniquely identifies a network card

Ethernet addressing using MAC addresses

24 bits 24 bits
47 46
Organizationally unique
I/G G/L Identifier (OUI) Assigned by Vendor Assigned
IEEE

28
 For all TCP/IP communication to occur, the sender builder of the packet must know
the destination hardware address.
2. Logical addressing/ Internet Protocol (IP):- The inter protocol is the primary
protocol at the internet layer of the TCP/IP stack. This protocol is responsible for
determining the source and destination IP address of every packet.
The network administrator assigns every lost on a network a unique IP address.
Where as the hardware address refer to the physical address that the network
administrator has assigned to the host. Every host on a TCP/IP network has a unique
IP address for exp: - 192.168.0.1.100
This logical address is assigned by the administrator to the host and must be unique
on its network. A portion of the IP address describes the TCP/IP network that the host
is on and a portion describes the unique host address on that network.
This street address where you are living is like a logical address. A letter that is
addressed to you will be delivered to your house because of this logical address , if you
move to another house, your address will change and letter to you will have to be sent so
this new address but the one who the letter is being delivered to you is still the same.
As a packet is being passed down the TCP/IP stack, a source and target IP address
are put into an IP header. IP determines whether destination is local or remote as compare
to the source host. The target is local if IP determines that the target is on same network
and if is remote if the target is on another network. IP can make determination based on
the IP address of the target and the subnet mask of the source host.
The subnet mask is the required parameter of Every TCP/IP address that is use to
separate the network and host portion of the address
HOW TO GIVES IP ADDRESS
Logical address – logical addressing is the two part addressing schema.
IP = network ID + Host ID
There are 32 bit logical address and every IP address are divided in to 8 bits
IP Address = Octet. Octet. Octet. Octet.
Octet - maximum – 255 (11111111)
Minimum - 0 (00000000)
BINARY TO DECIMAL FOR BYTES VALUES

29
BIT POSITION 8 7 6 5 4 3 2 1
128 64 32 16 8 4 2 1
DECIMAL VALUE
BINARY VALUE 1 1 1 1 1 1 1 1

IP ADDRESS CLASSES:-IP address are divided in to five classes class A, class B, class
C, class D and class E. all address are placed in a particular class based on the decimal
value of their first octets . in the first octets an IP address can start with a decimal value
between 1 and 255.
The system of a class address has been setup ensures assignment of unique IP address,
let us take a look at these class are divided and who gets the IP address in each category.
CLASS –A (AVAILABLE)
OCTET. OCTET. OCTET. OCTET.

Network Host/Nodes

X= Network section host

Y= Host section host
In class A network address first bit of the first bytes must always be zero (0) so, Class A
network must between 0 to 126
Class A = 0XXXXXXX.YYYYYYYY.YYYYYYYY.YYYYYYYY
Number of network
(2)7 -1 = 126
Number of hosts
(2)24 = 16,777,214
128 64 32 16 8 4 2 1
0 0 0 0 0 0 0 0 =0
0 0 0 0 0 0 0 1 =1
0 0 0 0 0 0 1 0 =2
Till…
0 1 1 1 1 1 1 0 = 126
0 1 1 1 1 1 1 1 = 127
It is rule 0

30
 Of the 127, class A network address. One address was reserved for testing the network
address 127.X.Y.Z was reserved as a loopback address. No host can ever use 127- dot
anything as its address because it has been reserved for diagnostic purpose. When testing
a TCP/IP installation. For exp- if a network administrator is testing a TCP/IP installation,
testing 127.0.0.1 would refer to the host that is being tested because the 127.0.0.0
network is used only for testing and is not available for addressing purpose, it means that
there are not 127 networks available.
CLASS B ADDRESS (AVAILABLE)
The designer of the IP address scheme said that the first bit of the bytes must always be
one (1) but second bit must always be off or zero (0)

OCTET. OCTET. OCTET. OCTET.

Network Host/Nodes

CLASS-B = 10XXXXXX.XXXXXXXX.YYYYYYYY.YYYYYYYY

Number of network
(2)14 = 16384
Number of hosts
(2)16 -2 = 65,534
NETWORK ID
128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 = 128.0
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 1 = 128.1
TILL ………………
1 0 1 1 1 1 1 1 . 1 1 1 1 1 1 1 0 = 191.254
HOST ID
128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1
0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 1 = 0.1
0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 2 0 = 0.2
TILL…………….
1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 0 = 255.254
CLASS C ADDRESS (AVAILABLE)

31
The IP designer of the addressing schema said that the first two bit of the first bytes must
always on but third bit must always be off.

CLASS C OCTET. OCTET. OCTET. OCTET.

Network Host/Nodes

CLASS C = 110XXXXX.XXXXXXXX.XXXXXXXX.YYYYYYYY

Number of network
(2)21 = 2097152
Number of hosts
(2)8 -2 = 254

CLASS D ADDRESS –(MULTICAST)

Class D addresses have decimal values from 224 to 239 in the first octet. In the first octet,
the first bit is 1110. These addresses are called multicast address and they are invalid for
any workstation or host to use.
The purpose of a multicast address is to enable a server somewhere to send data to a
class D address that on one host has so that several host can listen to that address at the
same time. when you are watching TV on the internet or listening to he radio on the
internet, your is listening to a class D address. No server is sending , sending data directly
to your workstation, instead a server is sending data to the multicast address .any host can
use software to listen for data at that address and many hosts can be listening at once.
Multicast: - A communication between a single sender and multiple receiver on a
network, no one host can have this address but several can receive data by listening to it.

CLASS E ADDRESS (RESEARCH)

The last class of address is Class E , class E address range from 240 to 255 in the first
octet and the 4 leftmost bits are 1111.

32
Class E address are reserved address and are invalid host address. They used for
experimental purposes by the IETF (Internet Engineering Task Force)

EXTRA
OCTET BIT FORMAT DECIMAL VALUE
1 0 0 0 0 0 0 0 128
1 1 0 0 0 0 0 0 192
1 1 1 0 0 0 0 0 224
1 1 1 1 0 0 0 0 240
1 1 1 1 1 0 0 0 248
1 1 1 1 1 1 0 0 252
1 1 1 1 1 1 1 0 254
And if all are the 1’s 255

WHAT IS SUBNET MASKING?

Subnet mask comes along with in IP an address. It is used to find out the network part
and the host part from the given IP address.
SUBNET MASK (32 BITS)

(1) (0)
Network part bit of the Host part bit of the
Corresponding IP address corresponding IP address

IP address – 192.168.0.3
Subnet -- 255.255.255.0
Bit wise adding process
It is the process through out which we can find out the network ID if the IP address and
subnet mask is given.
NOTE:- there are using AND GATE ture table

33
 0101
0011
0001

11000000.10101000.00000000.00000000
11111111.11111111.11111111.00000000
11000000.10101000.00000000.00000000

Ans = 192.168.0.0 is the network ID

Subnet mask
1) Default subnet mask
2) Subnet mask for subnetting
Default subnet mask: - it is the framework through which we can form the subnet
mask for subnetting. We can not create subnet by the use of default subnet mask
Following are the list of default subnet mask.
CLASS OF IP DEFAULT MASK
Class--A 255.0.0.0
Class – B 255.255.0.0
Class – C 255.255.255.0
Default subnet mask
1) Network part bit always 1’s
2) Host part bit always 0’s
Whenever default subnet is used that represented the network is single network. There is
no subnet mask under that network.

SUBNET MASK FOR SUBNETTING

1) Network part bit (1)
2) Subnet bit (1)
3) Host bit (0)

SUBNET MASK

34
 Default Subnet Mask Subnet Mask for subnetting

Network part of Bit(1) Host part of Bit(0) Network part bit(1) Subnetbit(1) Host(0)

Exp: - 8 8 8 2
11111111.11111111.11111111.11000000
Subnet bit or
Mask bit (2)

Host bit,
Unmasked bit (6)

So /26 or /x = prefix notation or CIDR

SUBNETTING:-With out hampering the network section bit a user or Administrator can
certain number of the host part as per as the requirement to find out the number of
network and the number of per host
MASKED BIT:-Number of up bit from the section octet of given subnet mask
UNMASKED BIT:- number of off bit on the host section octet of given subnet mask.
NUMBER OF BIT SUBNETTED: - Total number of up bit of the inter subnet mask.
IT REPRESENT AS: - OCTET: OCTET: OCTET: OCTET:/X
/X = prefix notation or CIDR (Classless Inter Domain Routing)
CIDR: - it allows a group of IP networks to appear to other network as a unified, large
entity. In CIDR, IP address and their subnet masks are written a four dotted followed
by a forwarded slash and the number of masking bit.(a from of subnet notation short
hand)
8 24-N N

A = NETWORK BIT SUBNET BIT HOST BIT

16 16-N N

NETWORK BIT SUBNET BIT HOST BIT

35
B =
24 8-N N
C = NETWORK BIT SUBNET BIT HOST BIT

RULES OF SUBNETTING:-
1) You must have at least two-masked bit to calculate the subnet. So the subnet mask
of 255.255.255.128 for class C IP address is illegal. It is called one bit masking or
IP subnet zero.
2) You must have at least two unmasked bit to calculate the host within the subnet,
so the subnet of 255.255.255.254 of all class IP address is illegal.
3) When calculate valid subnet ID all the must bit cannot be the UP or down at the
same time.
4) When the calculate the host ID is with in specific subnet all the unmasked bit
cannot be up and down at the same time. When all the unmasked bit are up they
represent the broadcast ID that subnet. When the all unmasked down they
represent the subnet ID.
Class C
SUBNET MASK NO.OF MASK BIT NO.OF UNMASK BIT
255.255.255.0 0 8
255.255.255.128 1 7
255.255.255.192 2 6
255.255.255.224 3 5
255.255.255.240 4 VALID 4
255.255.255.248 5 3
255.255.255.252 6 2
255.255.255.254 7 1
Class B
SUBNET MASK NO.OF MASK BIT NO.OF UNMASK BIT
255.255.0.0 0 16
255.255.128.0 1 15
255.255.192.0 2 14

36
 255.255.224.0 3 13
255.255.240.0 4 12
255.255.248.0 5 11
255.255.252.0 6 10
255.255.254.0 7 9
255.255.255.0 8 8
255.255.255.128 9 7
255.255.255.192 10 6
255.255.255.224 11 5
255.255.255.240 12 4
255.255.255.248 13 3
255.255.255.252 14 2
255.255.255.254 15 1

VALID SUBNET MASK

MASK VALUES
00000000 = 0
10000000 = 128
11000000 = 192
11100000 = 224
11110000 = 240
11111000 = 248
11111100 = 252
11111110 = 254
11111111 =255

Class A
SUBNET MASK NO.OF MASK BIT NO.OF UNMASK BIT
255.0.0.0 0 24
255.128.0.0 1 23
255.192.0.0 2 22

37
 255.224.0.0 3 21
255.240.0.0 4 20
255.248.0.0 5 19
255.252.0.0 6 18
255.254.0.0 7 17
255.255.0.0 8 16
255.255.128.0 9 15
255.255.192.0 10 14
255.255.224.0 11 13
255.255.240.0 12 12
255.255.248.0 13 11
255.255.252.0 14 10
255.255.254.0 15 9
255.255.255.0 16 8
255.255.255.128 17 7
255.255.255.192 18 6
255.255.255.224 19 5
255.255.255.240 20 4
255.255.255.248 21 3
255.255.255.252 22 2
255.255.255.254 23 1

SHORTCUT RULES OF SUBNETTING (ONLY FOR CLASS -C)

1) Number of subnet
(2)no.of masked bit – 2
= no. of subnet
2) number of host /subnet
=(2)no.of unmasked bit -2
3) Power of “2 ” rules
8th 7th 6th 5 th 4 th 3rd 2nd 1st
0/1 0/1 0/1 0/1 0/1 0/1 0/1 0/1

38
 2 2 2 2 2 2 2 2
= (2)8 = 256 this is the based figure to find out the subnet IP and subnet
range.
4) to find out subnet ID and subnet range, 256- value of the host octet of subnet
mask
Q1 192.168.10.0
255.255.255.192 (2&6) (128+64=192)
Find out
1) number of subnet
2) number of host/network
3) broadcast ID of each subnet
ANS:-
1) Number of subnet.
(2)2 - 2 = 4 -2 = 2
2) Number of host/network.
(2)6 – 2 = 64, 64 – 2 = 62
3) Broadcast ID of each subnet.
256-192 = 64
So, 1st IP is 64, than 64 + 64 = 128, 128 + 64 = 192
192.168.10.0./26

192.168.10.64 192.168.10.128
192.168.10.65 192.168.10.129

192.168.10.126 192.168.10.190
192.168.10.127 192.168.10.191

Q.2 IP = 192.168.0.10.0
Subnet = 255.255.255.224 ( 3 , 5)

39
ANS:-
1) number of subnet
(2)3 - 2 = 6
2) Number of host/network.
(2)5 – 2 = 30
3) Broadcast ID of each subnet.
Rule :- 256- 224 = 32,
32+32 = 64, 64 + 32 = 96, 96 + 32 = 128, 128 + 32 = 160, 160 + 32 = 192

192.168.10.0/27 or 224
192.168.10.32 192.168.10.64 192.168.10.96 192.168.10.128 192.168.10.160 192.168.10.192
192.168.10.31 192.168.10.65 192.168.10.97 192.168.10.129 192.168.10.161 192.168.10.191

192.168.10.62 192.168.10.94 192.168.10.126 192.168.10.158 192.168.10.190 192.168.10.222

192.168.10.63 192.168.10.95 192.168.10.127 192.168.10.159 192.168.10.191 192.168.10.223

BINARY METHOD OF SUBNETTING

Q3 192.168.10.0
255.255.255.192
ANS
128 64 32 16 8 4 2 1 = 255
1 1 0 0 0 0 0 0 = 192
0 1 0 0 0 0 0 0 = 64
1 0 0 0 0 0 0 0 = 128
VALID HOST WITHIN THE SUBNET “64”
128 64 32 16 8 4 2 1
0 1 0 0 0 0 0 0 = 64
0 1 0 0 0 0 0 1 = 65
0 1 1 1 1 1 1 0 = 126
0 1 1 1 1 1 1 1 = 127
VALID HOST , WITH IN THE SUBNET “128”
1 0 0 0 0 0 0 0 = 128
1 0 0 0 0 0 0 1 = 129

40
 1 0 1 1 1 1 1 0 = 190
1 0 1 1 1 1 1 1 = 191

Q 4 192.168.10.0
255.255.255.254 (3 , 5)
128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
0 0 1 0 0 0 0 0 = 32
0 1 0 0 0 0 0 0 = 64
0 1 1 0 0 0 0 0 = 96
1 0 0 0 0 0 0 0 = 128
1 1 0 0 0 0 0 0 = 192
1 0 1 0 0 0 0 0 = 160

HOST WITH ON THE 32 SUBNET

128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
0 0 1 0 0 0 0 1 = 33
0 0 1 1 1 1 1 0 = 62
0 0 1 1 1 1 1 1 = 63
HOST WITH ON THE 64 SUBNET
128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
0 1 0 0 0 0 0 1 = 65
0 1 0 1 1 1 1 0 = 94
0 1 0 1 1 1 1 1 = 95
VALID HOST WITH ON THE 96 SUBNET
128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
0 1 1 0 0 0 0 1 = 97
0 1 1 1 1 1 1 0 = 126

41
 0 1 1 1 1 1 1 1 = 127
VALID HOST WITH ON THE 128 SUBNET
128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
1 0 0 0 0 0 0 1 = 129
1 0 0 1 1 1 1 0 = 158
1 0 0 1 1 1 1 1 = 159
VALID HOST WITH ON THE 160 SUBNET
128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
1 0 1 0 0 0 0 0 = 161
1 0 1 1 1 1 1 0 = 190
1 0 1 1 1 1 1 1 = 191

VALID HOSTS WITH ON THE 192 SUBNET

128 64 32 16 8 4 2 1
1 1 1 0 0 0 0 0 = 224
1 1 0 0 0 0 0 1 = 193
1 1 0 1 1 1 1 0 = 222
1 1 0 1 1 1 1 1 = 223
Q 5 172.16.0.0
255.255.192.0
ANS
128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1
1 1 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 = 192.0
0 1 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 = 64.0
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 = 128 . 0

VALID HOST WITH ON THE 64 SUBNET

128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1
0 1 0 0 0 0 0 0 . 0 0 0 0 0 0 0 1 = 64.1
0 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 0 = 127.254

42
 0 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 = 127.255
VALID HOST WITH ON THE 128 SUBNET
128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 1 = 128.1
1 0 1 1 1 1 1 1 . 1 1 1 1 1 1 1 0 = 191.254
1 0 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 = 191.255

172.16.0.0

172.16.128.0.
172.16.128.1

172.16.127.254 172.16.191.254
172.16.127.255 172.16.191.255

Q 6 172.16.0.0
255.255.255.0
128 64 32 16 8 4 2 1 . 128 64 32 16 8 4 2 1
1 1 1 1 1 1 1 1 . 0 0 0 0 0 0 0 0 = 255.0
0 0 0 0 0 0 0 1 . 0 0 0 0 0 0 0 0 = 1.0
0 0 0 0 0 0 1 0 . 0 0 0 0 0 0 0 0 = 2.0
0 0 0 0 0 0 1 1 . 0 0 0 0 0 0 0 0 = 3.0
Till………..
1 1 1 1 1 1 1 0 . 0 0 0 0 0 0 0 0 = 254.0

172.16.0.0

172.16.1.1 172.16.2.0 172.16.254.0

172.16.1.1 172.16.2.1 172.16.254.1

172.16.1.254 172.16.2.254 172.16.254.254

43
 172.16.1.255 172.16.2.255 172.16.254.255

Q6. 10.0.0.0
255.192.0.0
ANS
128 64 32 16 8 4 2 1 .128 64 32 16 8 4 2 1 .128 64 32 16 8 4 2 1
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 =192.0.0
0 1 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 =64.0.0
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 =128.0.0
VALID HOST WITH ON THE 64.0.0 SUBNET
128 64 32 16 8 4 2 1 .128 64 32 16 8 4 2 1 .128 64 32 16 8 4 2 1
0 1 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 1 = 64.0.
0 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 0 1 =
0 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 = 127.2
VALID HOST WITH ON THE 128.0.0 SUBNET
128 64 32 16 8 4 2 1 .128 64 32 16 8 4 2 1 .128 64 32 16 8 4 2 1
1 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 0 . 0 0 0 0 0 0 0 1 = 128.0
1 0 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 0 = 191.2
1 0 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 . 1 1 1 1 1 1 1 1 = 191.

Q 7.Lab written- 172.16.1.1

255.255.255.192
Note- find out first 6 subnet

OSI Reference Model

The International Organization for Standardization (ISO) developed the Open
System Interconnection (OSI) reference model to describe how information is transferred
from one machine to another, from the point when a user enter information using a
keyboard and mouse to when that information is converted to electrical or light signals
transferal along a pieces of wire or radio waves transferred through the air . it is
important to understand that the OSI Reference Model describes concept and terms in a

44
general manner, and that many network protocols such as IP and IPX, fail to fit nicely in
to the schema explained in ISO Model therefore the OSI Reference model is most often
used as a teaching and troubleshooting tools. By understanding the basics of the OSI
reference model , you can apply these to real protocols to gain a better understanding of
them as well as to more easily troubleshoot problems.
ADVANTAGES:-
ISO developed the seven-layer model to help vendors and network administrators gain
a better understanding of flow data is handled and transported between networking
devices, as well as to provides a guideline for the implementation if new networking
standards and technologies to assist in this process. The OSI reference model breaks the
network communication process in to seven simple steps
• Defines the process for connecting two layers. Plug and play multi vendor
intergradations.
• It will break up the computer network operation in to more manageable layers so its
very helpful to troubleshoot the network problems.
• Change in the one layer without effecting the function of another layers
7 Application layer H1 Messages Application layer 7
6 Presentation layer H2 Messages Presentation Layer 6
5 Session Layer H3 Messages Session Layer 5
4 Transport Layer H4 Segments Transport Layer 4
3 Network Layer H5 Datagram or packets Network Layer 3
2 Data Link Layer H6 Frames CRC Data Link Layer 2
1 Physical Layer Bits 10101101010 Physical Layer 1

• Each and every layer OSI model, it will act as a peer means the function of the one
layer of an OSI reference model. it will be understand by same layer of another OSI
reference model
• For example
Network Layer--------to ----- Network Layer
Transport Layer ------to ------Transport Layer
Note :- Top to down

45
 All People Seems To Need Data Processing.
PUD – Protocol Data Unit
The process at each layer of the OSI model, PUD at the transport layer are called
segment, PUD at the network Layer are called packet or datagram’s, and PUD at the Data
Link Layer are called frames. The physical Layer uses bits.
LAYERS PUD (PROTOCOL DATA UNIT)
APPLICATION
PRESENTATION DATA/ MESSAGES
SESSION
TRANSPORT SEGMENT
NETWORK PACKET/DATAGRAM
DATA LINK FRAME
PHYSICAL BITS
TUNNELING:-Its means the process of sending the information one network system
and put it thorough the another network system.

APPLICATION LAYER:-The seventh layer or top most layer of the OSI reference
model is the application layer, it provides the interface that a person uses to interact with
the application. This interface can be command-line based or graphic based .Cisco ISO
routers and switches have a command –line interface (CLI).where as web browser uses a
graphics interface the application layer refer to application that are network aware . There
are thousands of computers application but not all these can transmit information across a
network. The application layer is also responsible for identifying and establishing the
availability of the indented communication partner and determining whether sufficient
resources for the indented communication exits.
These task are important because computer application sometime more than only
desktop resources. They will write communicating components from more than one
network application. Prime examples are file transfer and e-mail, as well as enabling,
remote access, network management activities, client/server process and information
location. Many network application provide services for communication over enterprise
network, but for the present and future internetworking, the is fast developing to reach

46
beyond the limits of current physical networking. Today transaction and information
exchange between organization are broadening to require internetworking application
such as the following
• World Wide Web (WWW):-connects countless server (the number seems to grow
with each passing day) presenting diverse formats. Most are multimedia and can
include graphics, text, video and sound (and as pressure to keep up the pace
mounts ,websites are only getting slicker and snappier, keep in mind ,the snazzier the
site the more resources it requires ,you will why I mention this later ) net serape
navigator and IE, opera, firebox etc, simplify accessing and viewing websites .
• E-mail gateways- Versatile, can use Simple Mail Transfer Protocol (SMTP) or the
x.400 standard to deliver message between different e-mail application
• Electronic data interchange- A composite of specialized standards and process
that facilities the flow of tasks such as accounting, shipping / receiving and order
and inventory tracking between business
• Special interest bulletin boards – Include the many internet chat room where
people can”meet” (connect) and communicate with each other either by posting
messages or by typing a live conversation. They can also share public-domain
software.
• Internet navigation utilities – include application such as gopher and WAIS, as
well as search engines such as Google and yahoo, which help user locate the
resources and information they need on the internet.
• Financial transaction services – target the financial community, they gather and
sell information pertaining to investment, market trading, commodities, currency
exchange rates and credit data to their subscribers.
THE PRESENTATION LAYER-
The sixth layer of the OSI reference mode; is the presentation layer. The presentation
layer is responsible for defining how information is presented to the user in the interface
that they are using. This layer defines how various forms of text, graphics, video and/or
audio information are presented to the user. For example, text is represented in two
different forms ASCII & EBCDIC-ASCII (The American Standard Code for Information
Interchange, used by most devices today) uses seven bits to represent characters.

47
EBCDIC (Extended Binary-Coded Decimal Interchange Code Developed by IBM) is still
used in mainframe environment to represent characters, text can also be shaped by
different element, such as font, underline, italic and bold. The OSI has protocol standard
that defines how standard data should be formatted. Task like data compression,
decompression, encryption and decryption are associated with its layers. Some
presentation layer standards are involved in multimedia operation too. The following
serve to direct graphic and visual image presentation
• PICT- A picture format used by Macintosh programs for transferring
quick draw graphic.
• TIFF- Tagged Image File Format , standard graphics format for high-
resolution, bit mapped images
• JPGG –Photo standards brought to use by the joint photographic experts
group, other standards guide movies and sound.
• MPEG – Increasingly popular moving picture experts group standard for
the compression and coding of motion video for CD. It provides digital storage
and bit rates up to 1.5mbps.
• MIDI- Musical Instrument Digital Interface (some time called Musical
Instrument Devices Interface) used for digitized music.
• QUICK TIME- for use with Macintosh programs audio and video
application
• RTF- Rich Text Format, a file format that lets you exchange text files
between different word processors, even in different operating system.
Another example of a ture presentation layer protocol is external DATA
Representation (XRD) un micro systems used this protocol in its client / server – based
network file system (NFS) implementations NFS uses XDR which is actually
incorporated into the programming code, to provide platform independence.
The presentation layer can also provide encryption to secure data from the application
layer, however this is not common with today’s methods of security since this type of
encryption is performed in software and requires a lot of CPU cycles to perform.
SESSION LAYER –

48
 The fifth layer of OSI reference model is the session layer. The session layer manages
and setup session a session consists of dialog between presentation layer on two or more
system. This layer also handles the request for different services between systems and
manages. The responses to those requests between two application on different hosts and
manages data streams.
The efficiency of dialog control between hosts in the session layer depends on whether
the communication mode is half-duplex or full-duplex. In a half –duplex configuration.
Only devices can communicate or transmit at a time all other are in standby mode
awaiting their turns, each side must wait until the other process has finished sending and
then responded with a separate acknowledgement conversely a full-duplex
communication can send and receive at the same time and is there fore much more
efficient than half-duplex communication full-duplex accomplishes its efficiency by
piggy backing or including data with in the same frame.
The following are some example of session layer protocol and interface (according to
CISCO)
• Network File System (NFS) - Developed by micro system and used with TCP/IP
and UNIX workstation to allow transparent access to remote resources.
• Structure Query Language (SQL) – Developed my IBM to provide user with a
simpler way to define their information requirement on both local and remote
systems.
• Remote Protocol Cell (RPC) – A broad client / server redirection tool used for
disparate service environments. Its procedure are created on client and performed
on servers.
• X-Window - Widely used by intelligent terminals for communicating with remote
UNIX computers allowing them to operate as though they ware locally attached
monitors.
• Apple Talk Session Protocol (ASP)- Another client / server mechanism , which
both established and maintain session between Apple talk client server machines.
• Digital network Architecture Session Control Protocol- A decent session Layer
protocol an example of a session layer protocol you might be familiar with is the
Network Basic Input Output System (NETBIOS). NETBIOS setup a session

49
 between two Windows NT or Windows 95 machines NETBIOS, which IBM
developed about 20 years ago for use on flat- bridged network, is a ture session
layer protocol used by Microsoft and provides name services and session
management between two devices using simple naming. Originally, NETBIOS
was used in combination with NETBIOS extended user interface (NET BEUI)
which, like NETBIOS is a non-routable protocol. These protocols can be
confusing because they were implemented together into firmware. If you were
using NETBIOS , you were running it over NET BEUI , if you were using it with
NETBIOS, in other words , no distinction existed , so most people say that neither
one is routable, which is ture. However if you transport NETBIOS over a routable
protocol, such as IP or Internetwork Packet Exchange(IPX), NETBIOS is routable
if you install it on NT work station or windows products, it gives you the option of
installing IP , IPX and /or NETBEUI
Sun micro systems developed NFS to facilitate access to file and print services on
UNIX hosts. The session layer, IBM developed structure query language (SQL) which is
client/server based language that provide a set of common and the capability to
manipulate data stored in database. The information is compiled in SQL, which is a
standard from various manufacture, additionally the data based, that use it are the favored
web site data management.

TRANSPORT LAYER-
The fourth layer of the OSI reference model is the transport layer. The transport layer
is responsible for the proper sequencing of data and its error- free delivery
The transport layer does the following-
• Control end-to-end communication between two process running-on different
hosts
• Provide connection –oriented or connection less services to upper layer.
• Uses client and server port address to identify process running with a host.
• Segment data for upper-layer applications
The transport layer is typically know for providing the following transport- oriented
services

50
 • Reliable, guaranteed delivery
• Error control
• Sequencing
• Acknowledgement
• Connection setup and tear down
• Recovery
• Retransmission
Note: - however that you also can have protocols at the transport layer that do not provide
reliable services
The transport layer is responsible for identifying which processes are communicating on
each host and providing either connection-oriented services and reliable transport or
speed of delivery it manages that data for flow and deals with flow control in a
connection-oriented session.
The best –know protocols at the transport layer are
• TCP (Transmission Control Protocol)
• UDP (User Data Gram Protocol)
Other include
• NCP (Network Core Protocol)
• SPX (Sequenced Packet Exchange)
• ATP (Apple Talk Transport Protocol)
The transport layer also handles addressing with ports and sockets, which are address
that identify which upper-layer program or process is communicating on a particular
devices. The transport layer can provide both connections oriented and connectionless
services to an upper- layer protocol.
As part of the data stream sequence of the OSI, the transport layer has the task of
segmenting the data handed down by upper layer application. To govern the tracking and
management of the various segments. The transport layer user port number for each
application
This layer can be confusing to people because when they think about the transport
layer, they envision guaranteed ,reliable transport and connection –oriented services. In

51
fact this depends on what your vendor implements. If a vendor who is writing an
application (an upper-level services) wants to provide reliable transport, it will use a
reliable transport protocol such as TCP in the TCP/IP suite. If that same vendor prefers
speed to reliability. it will implement a connection less protocol at the transport layer ,
such as UDP in the TCP/IP suite
This transport layer , whether connection- oriented or connection less, deals with
ports, sockets and process address. Client-based and server based addresses such as TCP
and UDP ports are used to identify the process running within a host.
Ports falls in the three categories
Ports Description
Well-known ports these defines well-known program used in the
industry and have become de facto standards
for addressing such programs. They fall in to
the range of 0-255
Less well-know these ports are reserved and can be
implemented by vendors on an as needed basis.
They range from 256-1023.
Client these are variable (or ethereal) ports available
each time a client process begins and open a
new port. The range is 1024 – 65535.
Example of application port addresses
TCP/IP Application Logical Port no. Transport layer
Web service / HTTP 80 TCP
Telnet 23 TCP
SMTP 25 TCP
POP3 110 TCP
FTP 20- FTP CONTROL TCP
21- FTP DATA TCP
DHCP 56, 57 UDP
TFTP(Trivial ftp server) 69 UDP
SNMP 59 UDP

52
 Application are two types
• Socket base (WINSOCK)
• Net BT (Net Bios OVER TCP/IP)
Transport layer used a unique socket number for each application running in to
the machine.
Socket= IP address of the m/c + logical port no. at the application+ transport
protocol.
Exp – Socket = 192.168.01.10+ 80 + TCP
When you open a client session such as a client telnet connection, that session open up
a unique port, which is a variable or made-up port. The connection uses this port to reach
a telnet server, when you connect to the host or server, typically, you are connection to a
well-know, for example, telnet uses well- known port 23.

telnet server (23) client port (3001)

Client ports are randomly selected; where as server processes use well- known ports.
NETWORK LAYER
The third layer of the OSI reference model is the network layer,. The network layer
provides quite a few functions ,first it provide a logical topology for your network using
logical or layer 3 address these address are used to group machine together. These
address have two components, a network component are a host component. The network
component is used to group devices together. The layer 3 address allowed devices that
are on the same or different media types to communicate to each other. Media type
defines types of connections such as Ethernet, token ring or serial.
Router (layer 3 devices) is specified at the network layer and provide a routing
services within an Internetwork.

53
 It happen like this first, when a packet is received on a router interface, the destination
IP address is checked if the packet is not destined for that particular router it will look up
the destination network address in the routing table. Once the router chooses an exit
interface to be framed and send out on the local network, if the router can’t find an entry
for the packet’s destination network in the routing table, the router drops the packet
Two types of packet are used at the network layer data and route updates.
Data packets- used to transport user data through the Internetwork, protocol used to
support data traffic are called routed protocol, for example of routed protocols are IP and
IPX
Route update packet- used to update neighboring router about the networks connected
to all route with in the Internetwork. Protocols that send route update packet are called
routing protocol, example of some common ones are RIP (Routing Information Protocol)
EIGRP (Enhance Interior Getaway Routing Protocol) and OSPF (Open Short Path First)
route update packet are used to help build and maintain routing tables on each routes.
Network address – Protocol- specific network address. A router must maintain a routing
table for individual routing protocol because each routing protocol keeps track of network
with a different addressing schema
Metric- The distance to the remote network. Different routing protocols use different
way of computing this distance “I am going to cover routing protocol”
Fragmentation and reassembly- Data frames that exceed the legal size of network
media you are accessing must always be broken down in to manageable portions during
transmission. Even through the object is supposed to maximize the amount of data sent
over the media any frame deemed to large for any media on the network automatically
undergoes fragmentation to reduce the frame to an acceptable size. In any given network,
the maximum frame to size can only equal capacity of the smallest routing medium
Network media that can handle large frames have the advantages of saving overhead,
CPU cycles and time. Conversely if a router must break down the transmission. the result
is added time and latency
At the receiving end of the transmission, the destination host reassembles the data and
passes it up to the higher layer

54
For example- if you attempt to send 1 MB of data over the wire in a system that
accommodates a maximum transmission unit (MTU) of 512 KB through any piece of its
media., you would in theory over whelms the system. As a result, the router fragment the
data in to frames no larger than 512 KB while transmitting to the host receiver when the
data arrives the reassemble it in to its total framework and sends it to the next higher
layer of the OSI
The network layer protocols include-
• IP,IPX –protocols that deal with logical network address
• RARP,ARP,BOOTP & DHCP –protocols that perform address resolution or
configuration
• ICMP- diagnostic and control protocol
• RIP and OSPF – routers and routing protocols
Routers use logical addressing from a source and destination to ensure that data is
passed from one network to another, routing protocols also function at the network
layer .OSPF is a link static protocol that also can provide routing services.
DATA LINK LAYER-
The second layer in the OSI reference model is the data link layer. Whereas the network
layer provides for logical address for devices. The data link layer provides for physical or
hardware address. These hardware addresses are commonly called media access control
(MAC) address. The data link layer also defines how a network device accesses the
media that it is connected as well as defining the media frame type. This communication
is only for devices on the same data link layer media type (or same pieces of wire) to
media type, Ethernet to token ring. For instance, typically a router is used.
The data link layer is also responsible for taking bits (binary 1’s and 0’s) from the
physical layer and reassembling them into the original data link layer frame. The data
link layer does error detection and will discard bad frames. It typically does not perform
error correction, as TCP/IP’s TCP protocol does; however, some data link layer protocols
do support error correction functions. The OSI data link layers function is to send and
receive data over the wire, as well as identify what upper layer protocol is being carried
within a frame.

55
The data link layer adds both a header at the front and a four-byte trailer at the end of
each frame prior to transmission, thereby forming a frame around the data. The term
pocket to forming layer to the formation of such frame sequences,
DATA
H T
Frame
1500 bytes.
Ethernet at the Data Link Layer
Ethernet at the Data Link Layer is responsible for Ethernet addressing, commonly
referred to as hardware addressing or MAC addressing Ethernet is also responsible for
framing packets received from the network payer and preparing them for transmission on
the local network through the Ethernet contention media access method. there are four
different type Ethernet frames available.
• Ethernet-II (DIX or Digital Intel Xerox)
• IFFF 802.3 (Novell proprietary)
• IFFF 802.3 (eth 802.3 and eth 802.2)
• SNAP 802.3 ( Subnet Network Access Protocol)
Ethernet Frames - The Data Link Layer is responsible for combining bits into bytes into
frames, frames are used at the DATA Link Layer to encapsulate pockets handed down
from the network for transmission on a type of media access. These are three of media
access methods. Contention (Ethernet), token posing (token ring and FDDI) and polling
(IBM mainframes and 100 VG and LAN)
The function of Ethernet stations is to pass data frames between each other using a Group
of bite knows as a MAC frame format. This provides error detection from a cyclic
redundancy check (CRC). But remember this is error detection, not error correction. The
802.3 frames and Ethernet frame are shown.
Ethernet II

Preamble DA SA Types DATA FCS

8 bytes 6 bytes 6 bytes 2 bytes 4 bytes

56
 802.3 Ethernet
Preamble DA SA Length DATA FCS
8 bytes 6 bytes 6 bytes 2 bytes
Encapsulating a frame within a different type of frame is called tunneling.-
Preamble- An alternating 1,0 Patten provides a 5MH2 clock at the start of each pocket .
which allow the receiving devices to lock the incoming bit stream.
Start frame delimiter (SFD)/synch –The preamble is seven octet and the SFD is one
octet(synch), the SFD is 10101011, where the last pair of 1’s allows the receiver to come
into the alternating 1,0 pattern somewhere in the middle and still sync up and defect the
beginning of the data.
Destination Address (DA) –This transmits a 48 bit value using the least significant bit
(LSB) first. The DA is used by receiving station to determine whether an in coming
pocket is addressed to a particular note. The destination address can be individual address
or a broadcast or multicast MAC address. Remember that a broadcast is all 1’s (or Fs in
hex) and is sent to all device, but a multicast is sent only to a similar subset of modes on a
network.
Source Address (SA)- The SA is a 48- bit MAC address used to identify the transmitting
device and it uses the LSB first. Broadcast and multicast address formats are illegal
within the SA field.
Length or type- 802.3 uses a length field, but the Ethernet frame uses a type field to
identify the network layer protocol and must be used with a proprietary LAN-IPX, for
exp
Data- This is a pocket sent down to the size can vary from 6y to 1500 bytes.
Frame check sequence (FCS)- FCS is a field at the end of the frame that’s used to store
the CRC.
802.2 and SNAP- since to 802.3 Ethernet frame cannot by itself identify the upper layer
(network) protocol. It obviously need some help. The IFFF defined the 802.2 LCC
specifications to provide this function and more. The IFFF 802.3 with LLC (802.2) and
the sub network access protocol (SNAP) frame types.

1 1 1 to 2 3 2 variable

57
 Dest. Source Ctrl 03 Oui id type Data
SAP AA SAP AA

1 1 1 to 2 variable
Dest. SAP Source SAP Ctrl DATA
802.2 (SAP)
PHYSICAL LAYER-
The Physical layer deals with 1’s and 0’s, which are the bits that make up a frame. Bits
are encoded as electrical or light pulse. This layer also deals with electrical and
mechanical characteristics and voltage level. Additionally, the physical layer for topology
and physical connection (point-to-point) or multi-point) signal encoding and bit
synchronization. The four main physical topologies are bus, ring star and mash.
The physical layer includes-
• Electrical and mechanical characteristics
• Signal encoding
• Bit synchronization
• Components
• Distance limitations
• 1’s and 0’s
• Physical connector specifications
• Timing
• Activation and deactivation of physical circuits.
Network components or devices
HUB- Its function as the physical layer and provide a logical bus structure for Ethernet
.device connected to the hub have the illusion that they are all connected to the same
physical piece of wire. PC connected to a hub are in the same collision domain. Since
hubs are repeater and they repeat any physical layer signal that they receive. Cisco has
many hub products including the following 1500 micro hub; 1528 10/100 micro hub
100,200,300 and 400 fast hubs. HUB is nothing but a multiport repeater.

58
 1x 2x 3x 4x 5x 6x 7x 8x

A B C D E F G H
A repeater receives a digital signal and reamplifies or regenerates that signal and than
forwards, the digital signal out all active ports without looking at any data an active hub
does the same thing. Any digital signal received from a segment on a hub port, is
regenerated or reamplifies and transmitted out all ports on the hub, this means all devices
plugged in to a hub are in the same collision domain as well as in the same broadcast
domain.
Hub, like repeaters don’t examine any of the traffic as it enters and is then transmitted
out to the other part of the physical media. Every devices connected to the hub, or hubs,
must listen if a devices transmits. A physical star network where hub is the central
devices and cable extends in all direction out from it is the types of topology a hub
creates, virtually , the design really does resemble star, whereas Ethernet network run a
logical bus topology, meaning that the signal has to run from end to end of the network
BRIDGES
A bridge is a layer 2 mechanism that enable two segment of a LAN to be linked
together because bridges operate at layer 2. they do not recognize the higher layer
protocol that are embedded in the frames they forward , they forward these frames based
on a MAC address, for example- the bridge “learn” which MAC address are connected to
the network on its various ports. Whenever a bridge receive a frame with a MAC address
that does not reside on the LAN segment on which it was generated, the bridge look up
that address in its bridging table(a compilation of MAC address, by port number) and
forwards the frame to the correct LAN segment for delivery.
Stringing several brides together or even just using them in an environment that’s
characterized by MAC broadcasts, is a good way to find the limitation of these devices,

59
they have for the most part, failed to keep with the increasing demands placed on
network devices and have become little more than a obsolete curiosity.
Ff:9d:ac:f9:ab:6c
MAC address
SWITCH
Switches, like bridges operate at the data link layer. The three main function of a bridge
are also true of a switch, they learn forward and remove loops. However switch have
many more features than bridge for instance they make there switching decision in
hardware by using Application Specific Integrated Circuits (ASIC). ASIC are specialized
processors built to perform very few specific tasks because they do only few things ASIC
are much more cost effective than a generic processor, like the one found in your PC
CISCO , like most networking vendors , extensively uses ASIC s thought it s switching
products. Bridges as well as switches are used to solve bandwidth and collision problem
ROUTER
A router is not a layer 2 Ethernet devices, its is a layer 3 packet- forwarding mechanism,
nevertheless, router do support interface for all standard LAN technologies the primary
used of a router is to connect the LAN with the network beyond the LAN’s domain, this
has three important implication for network design
First the wide area network (WAN) is clearly beyond the LAN’s domain, routers
remain the technology that must be used to interconnect LAN that are dispersed across
large enough geographic regions as to warrant using long- haw transmission technologies
such technologies include dedicated leased lines and switched circuits.
Second, multiple LAN domain may coexist in relatively close proximity. In fact a
single office premises may contain numerous LANs that are dedicated to individual
work-groups. Concerns over security may warrant some degree of separation yet not
produce interconnection. In such cases bridging the LANs together would be undesirable
routers provide a letter more security through mechanisms such as Access Control List
and can effectively Internetwork LANs while preserving the integrity of there 2 collision
and broadcast domains.
The third implication is borne of performance requirement. Ethernet can become large
enough to start collapsing under their own mass. For example – a building may contain

60
an Ethernet that is approaching 1024 devices in size. If the application supported by this
LAN use layer 2 broadcasts.
It is quite possible that segmenting the LAN with bridges or switches will not improve
performance. In effect, the LAN will have had its collision domain segmented but not its
broadcast domain. In this situation, a router may be your only viable option.

ROUTER
THE CISCO THREE – LAYER HIERARCHICAL MODEL-
• The core (backbone) layer provides optimal transport between sites.
• The distribution layer provides policy- based connection.
• The local – access layer provides work group/ user access to the network.
Core layer
• Responsible for transporting large amount of traffic reliably and quickly
• Only purpose is to switch traffic as fast as possible (speed and latency are factors)
• Failure at the core layer can affect every user
• Design for fault tolerance at this level
Don’t do at this layer
• Don’t use access list , packet filtering or virtual or VLAN Routing
• Don’t support workgroup access here.
• Don’t expand (i.e. more router) upgrade devices instead (faster with more capacity)
Do at this layer
• Design for high reliability (FDDI Fast Ethernet with redundant link or ATM)
• Design for speed and low latency.
• Use routing protocol with low convergence times.
Distribution layer
• Also called workgroup layer, this is the communication point between the access and
core layer.
• Primary function include, filtering. WAN access and determining how packets can
access the core layer if necessary.

61
• Determines forest/ best path and sends request to the core layer, core layer will than
quickly transport the request to the correct service.
• Place to implement network policies
Distribution layer function
• Access list, packet filtering, querying
• Security and network polices, such as address translation and firewalling.
• Re-distribution between routing protocols including static routing
• Routing between VLANs and other workgroup support functions.
• Department of workgroup access
• Definition of broadcast and multicast domains
• Any media translations that need to occur.
ACCESS LAYER
• Control local and user access to Internetwork resources
• Also called desktop layer
• The resource most users need will be available locally.
• Distribution layer handles traffic for remote services.
• Continued use of access list and filter.
• Creation of separate collision domain (segmentation)
• Workgroup connectivity at distribution layer.
• Technologies such as DDR and Ethernet switching are seen in the access layer
• Static routing is here.

LAN SEGMENTATION
This topic will discuss the advantages of LAN segmentation and will describe LAN
segmentation using bridges, switching and routers. Also description will be benefit of
using each of the three internetworking devices.
Describe the advantages of LAN segmentation-
When separate network are needed or if a network has reached its physical limitations
segmentation is used. Segmenting a LAN can extend the network reduce congestion,
isolate network problem and improve security.

62
• Extending the network- when the maximum physical limitation of a network has
been reached, router may be added to create new segments to allow, additional hosts
into the LAN.
• Reduce congestion- as the number of hosts on a single network increases, the
bandwidth required also increases, by same segmenting the LAN you can reduce the
number of hosts per network, if traffic consists of communication between hosts on a
same segment than bandwidth usage is substantially reduced.
• Isolate network problems- by dividing the network into smaller segment, you
reduce the overflow of problem from one segment to next. Hardware and software
failures are some of the problem that can be reducing to affect smaller portion of the
network.
• Improve security- by utilizing segments, a network administrator can ensure that the
internal structure of the network will not be visible from an outside source. Privileged
packets will only be broadcast on the subnet it originated from not throughout the
network.

DESCRIBE LAN SEGMENTATION USINFG BRIDGES.

The term bridging refers to a technology in which a device (known as a bridge)
connects two or more segments. A bridge transmit datagram’s from one segment to their
destination on other segments
Bridges are capable of filtering frames based on any layer 2 fields. A bridge –for
example can be programmed to reject (not forward) all frames sourced from a particular
network, because link-layer information often includes a reference to upper- layer
protocol, bridge usually can filter on this parameters , further more , filter can be helpful
in dealing with unnecessary broadcast and multicast packet. Because only a certain
percentage o traffic is forwarded. A bridge or switch diminishes the traffic experienced
by devices on all connected segment. The bridge or switch will act as a firewall for some
partially damaging network errors and both accommodate communication between a

63
large number of devices than would be supported on any signal LAN connected to the
bridge.

DESCRIBE LAN SEGMENTATION USING ROUTERS.

Because routers use layer 3 address, which typically have structure, router can use
techniques (such as address summarization )to build network that maintain performance
and responsiveness as they grow in size segments are interconnected by router to enable
communication between LANs while of disparate LAN and WAN technologies while
also implementing broadcast filters and logical firewalls . in general if you need advanced
internetworking services , such as broadcast firewalling and communication between
dissimilar LAN router are necessary.

DESCRIBE LAN SEGMENTATION USING SWITCHES.

Switches are data link layer devices that like bridges enable multiple physical LAN
segments to be interconnected in to single layer network. Similar to bridges, switches
forwarded and flood traffic based on MAC address, because switching is performed in
hardware instead of in software, however it is significantly faster, switches use either
store or forward switching or cut though switching when wording traffic.

Segmenting shared-media LANs divides the users in to two or more separate LAN
segments reducing the number of users contending for bandwidth. LAN switching
technology, which builds open this trend employs micro segmentation, which further
segment the LAN to fewer users and ultimately to a single user with a dedicted LAN
segment, each switch port provides a dedicted, 10 MB Ethernet segment. Segments are
interconnected by internetworking devices that enable communication between LANs
while blocking other types of traffic. Switches have the intelligence to monitor traffic and
compile address tables, which then allows them to forward packets directly to specific
ports is the LAN. Switches also usually provide non0blocking service, which allows
multiple conversation (traffic between two port) to occur simultaneously.
LAN switching can be used to segment networks into logically defined virtual
workgroup (VLAN’s) this logical segmentation, commonly referred to as VLAN

64
communication after a fundamental change is how LAN are designed , administered and
managed logical segmentation provides substantial benefits in LAN administration,
security and management of network broadcast across the enterprise.
Superior throughput performance, high port density, lower per-port cost and greater
flexibility have contributed to the emergence of switches as replacement technology for
bridges and as complements to routing technology.

DESCRIBE THE BENEFITS OF NETWORK SEGMENTATION WITH

BRIDGES.
Transparent bridges successfully isolate intra segment traffic, thereby reducing the traffic
seen on each individual segment. This usually improves response times as seen by the
user.
• Bridges and switches extends the effective length of a LAN, permitting the
attachment of distant station that ware not previously permitted.
• Bridge can connect more than two LAN’s and use the spanning tree algorithm to
eliminate loops while still allowing connectivity and redundancy between them.
• Bridge can compensate for speed discrepancies of WAN and LAN connections by
using its buffering capabilities. This is done by storing the incoming data in on-board
buffers and sending it over the serial link at a rate that the serial can accommodate.
• Some bridges are MAC layer bridges , which between homogeneous network (for
example IEEE 802.3 and IEEE 802.3) while other can translate between different
link-layer protocols ( for example IEEE 802.3 and IEEE 802.5)
DESCRIBE THE BENEFITS OF NETWORK SEGMENTATION WITH
ROUTERS
Routers off the following benefits in LAN segmentation
• Media transition –router are use to connect networks of different media types ,
taking care of the layer3 address translation and fragmentation requirements.
• Broadcast control – by default routers don’t pass broadcasts and therefore restrict
the broadcast domain. In addition to preventing broadcasts from radiating throughout
the network. Routers are also responsible for generating services to each LAN

65
 segment. The following are examples of services that the router provides to the
network for a variety of protocols
 IP proxy ARP and internet control message protocol (ICMP)
 IPX SAP table updates
 Apples TALK ZIP tables updates
 Network management SNMP queries.
• Packet filtering- router can filter packet either inbound or outbound between LAN
segment and LAN or WAN segment.
• VLAN communication- router remain vital for switches architectures configured as
VLAN because they provide the communication between VLAN’s
• Large packets- router can handle large packets by fragmenting them into smaller
pieces, sending them across the network, and reassembling them where as bridges
discard frames that are tool large.

DESCRIBE THE BENEFITS OF NETWORK SEGMENTATION WITH

SWITCHES
Layer 2 switches offer some or all of the following benefit.
 Unlike hub and repeater, switch allowed multiple data streams to pass
simultaneously.
 LAN switches are use to interconnect multiple LAN segment, LAN switching
provides dedicated collision – free communication between network devices with
support for multiple simultaneous conversations.
 Collisions – switches reduce collision on network segments because they provide
dedicated bandwidth to each network segment and each connected segment is in a
separate collision domain.
 Bandwidth – LAN switches provides excellent performance for individual users by
allocating dedicated bandwidth to each switch port (for exp each network segment)
this technique is known as micro segmenting .an Ethernet LAN switch provides
bandwidth by separating collision domain and selectively forwarding traffic to the
appropriate segments.

66
 Dedicated bandwidth - switches deliver dedicated bandwidth to user through high
density group switched and switched 10 Base T or 100 Base T Ethernet
 VLAN’s – LAN switches can group individual ports in to logical switches
workgroups, called VLAN’s there by restricting the broadcast domain to designated
VLAN member ports, VLAN are also know a switched domain and autonomous
switching domain . Communication between VLAN requires routers.

ROUTER USER INTERFACE

….
The Cisco Internetwork Operating System (IOS) is the kernel of Cisco’s router and most
…
of their switches
…
…
Cisco IOS software is used to:-
…
• Carry network protocol and functions.
…
…
• Connect high-speed traffic between devices.
…
• Add security, control access and stop unauthorized network access.
…
…
• Promote scalability for network growth and redundancy
…
•
…
Supply network reliability for connecting to network resources
…
…
…
…
…
…
…
Background of router
…
…
…..
…
…
…
… ON
AUI RJ-45 RJ-45 AUX ISDN DB-60(F)
… OFF
fast Ethernet CONSOLE(I) (BRIS/T) SERIAL 0
…
…
AUI- attachment Unit Interface, its has been supported only 10 MBPS. There are used 15
…
…
pin male connector this are used for 10 MBPS LAN connectivity.
…
Ethernet (RJ -45) 10/100 Base Ethernet will be used for LAN connectivity.
…
…
…
…
…
… 67
…
…
 …
…
…
…
…
…
AUX- AUX (Auxiliary port) its same as console port and can be used in same way.
Typically used by having a modem you use to dial in to the router with, useful for
configuring a remote router you don’t have physical access to, if a remote router stops
responding. It can still be accessed if it has a modem on its auxiliary port.
Console port- Connect using a RJ -45 port on the back of the router, cable is wired
straight through but reversed on one side (Rolled cable). Cable connect to RJ -45 to DB-9
adapter and the PC uses a terminal emulation program set to 9600 band, 8 bits, N parity 1
stop bit, console port has no password by default.
ISDN- BRI (S/T) - this port is used for ISDN connectivity with using BRI interface
(Basic Rate Interface). BRI interface provide remote access through ISDN network and
are frequently used as a backup link for point to point dedicated links in case of primary
link failures.
Serial 0- Synchronous serial interface used for WAN connectivity such as lease line or
frame relay and used as a non-ISDN interface if BRI is not present, required terminal
adaptor.

POWERING UP A CISCO ROUTER.

1. first runs POST (Power On Self Test)
2. if POST passes, if load the IOS from flash memory if present (flash memory is
EEPROM – Electronically Erasable Programmable Read-Only Memory)
3. IOS will than load the configuration file called startup- configuration, stored in
NVRAM (Non- Volatile Random Access Memory) by default.
4. if no configuration file present, the router will bring up setup mode (a step- by step
process to help you configure a router , it can be run any time by entering setup at the
global configuration, command line prompt)
MANAGING A CISCO ROUTER-(ROUTER INTERFACE)

68
CABLING THE WIDE AREA NETWORK
There are a couple of things that you need to know in order to connect your WAN.
The WAN physical layer implementation provided by Cisco and you must be familiar
with the various types of WAN serial connectors.
Cisco serial connectors supports almost any type of WAN services, the typical WAN
connections are dedicated leased line using HDLC (High Level Data Link Control) PPP
(Point To Point) ISDN (Integrated Service Digital Network and frame relay)
Typical speeds run at anywhere from 2400bps to 45 MBPS (T3). HDLC, PPP and
frame relay can use the same layer specification but ISDN has different pinouts and
specifications at the physical layer.
Cisco router use a proprietary 60 pin serial connector that you must get from Cisco or
a provider of Cisco equipment. Cisco also has a new smaller proprietary serial connector
that is about one tenth the size of the 60- pin basic serial cable this is called the smart –
serial, for some reason and you have to make sure you have the right type of interface in
your router before using this cable connector. The type of connector you have on the
other end of the cable depend on tour service provider or end device equipment.

The Different Ends Of Cables

ROUTER (DTE) DCE STANDARDS
60 –PIN CONNECTOR EIA/TIA-232 UTP to 64 kbps data rates, uses a DB
connector, supports both.
60 –PIN CONNECTOR EIA/TIA-449, Replacement standard for EIA/TIA-232,
support data rate up to 2.048 MBPS DB- 37 connector as
DTE or DCE.
60 –PIN CONNECTOR U-35 up to 2 MBPS data rates .required a DB-34 connector
as DTE or DCE.
60 –PIN CONNECTOR EIA 530, enhancement to EIA/TIA 449 standard up to 2
MBPS through a DB -25 connector in DTE mode only.

69
 Serial link are described in frequency or cycles per second (Hertz). The amount of data
that can be carried within these frequencies is called bandwidth; bandwidth is the amount
of data in bits per second that the serial channel can carry.

DATA TERMINAL EQUIPMENT AND DATA COMMUNICATION

EQUIPMENT.

Router interface are by default Data Terminal Equipment (DTE), and they connect
into Data Communication Equipment (DCE) - for example a channel service unit /data
service unit (CSU/DSU). The CSU/DSU then plug into a demarcation location (demark)
and is the service providers last responsibility. Most of the time, the demark is a jack that
has an RJ-45 (8-pin modular) female connector located in a telecommunication closed.
You may have heard a demarks if you we ever had the glorious experience of
reporting a problem to your service providers they will always tell you that it test fine up
to the demark and that the problem must be the (PE, or customer Premises Equipment)

70
 The idea behind a WAN is to be able to connect two DTE network together through a
DCE network. The DCE network includes the CSU/DSU, through the providers wiring
and switches all the way to the CSU/DSU at the other end. The network‘s DCE device
(CSU/DSU) provides clocking to the DTC-connected interface (the routers serial
interface).
As mentioned the DCE network provides clocking to the router; this is the CSU/DSU.
If you have a non- production network and using a WAN crossover type as cable and do
not have a CSU/DSU, then you need to provide clocking on the DCF end of the cable by
using by clock rate demand.
SETUP MODE
Setup mode has two modes, basic management and extended setup.
Basic Management-
• Only gives you enough configurations to allow connectivity to the router.
• Configures only enough connectivity for management of the system.

Extended Setup-
• Allows you to configure some global parameters as well as interface configure
parameters
• Prompts you to configure each interface on the system.
• Prompts for
o Hostname
o Secret Password
o Enable Password

71
 o V TY password (used for telnet sessions)
o IP routing (RIP, IGRP.EIGRP.RIPV2)
o Bridging
o If ISDN BRI is present, it prompts for switch type.
o Configure interface, including IP address and network mask.
o The running-config is show after the interface are configured.
o The last option in setup is a menu of three choices
1. Discard configuration and go to command line.
2. To start setup mode over
3. To save setup to NVRAM to be used at boot up
Command line Interface
If you choose to skip setup mode, you will be taken to the command line and the status of
all the interfaces will be shown to the screen.
Logging in the Router-
Depending on the port are using, we might have to press enter to get the prompt to appear
(console port). The first prompt will look like rourtername> the greater than sign at the
prompt tells you that you are in usermode. In user mode, you can only view limited
statistics of the router. To change configurations we first need to enter privileged EXEC
mode. This is done by typing enable at the routername> prompt, the prompt then
change to routername#. This mode support testing commands debugging command and
commands to manage the router configuration files. To go back to user mode type
disable at the routername# prompt. If you want to leave completely, type logout at the
user mode prompt. You can also exit from the router while in privileged mode by typing
exit or logout at the routername # prompt.
LAB- Scenario
Routername Con0 is now available
Press RETURN to get started.
Routername>enable
Routername#
Routername# disable
Routername>

72
 Banners- There are four of banner: exec, in cimming login and motd. The banner are
set in global configuration mode with the command.
Syntax-: Routername (config)# banner mold #< mgs>#

LAB –Scenario
Routername Con0 is now available
Press RETURN to get started.
Well –come to laser world.
Routername>enable
Routername#config terminal
Enter configuration commands, one per line. End with CNTL /Z.
Routername(config)#banner motd # well –come to LASER world #
Routername(config) #exit
Routername#exit

Cisco Help and Editing

Enter? At any prompt to see a complete listing as available command that can be used
at the prompt level, we can also do partial a word to see available commands that start
with letter before? (E.g. s? cl? eth?)
When entering commands you don’t have to complete the entire word just enough to
make it recognizable to the IOS from any other command. For exp- instead of using the
show command, we can use sh in place of show ans it will work the same.

LAB- Scenario
Routername Con0 is now available
Press RETURN to get started.
Routername>enable
Routername#configure terminal
Enter configuration commands, one perline. End with CNTL/Z.
Routername(config) #int
Routername(config) #interface ?

73
ASYNC ASYNC interface
BVI Bridge- Group Virtual interface
Dialer Dialer interface
Ethernet IEEE 802.3
Group- Async Async Group interface
Lex Lex interface
Loopback Loopback interface
Null Null interface
Port-channel Ethernet channel of interfaces
Serial Serial
Tunnel Tunnel interface
Virtual- Template Virtual Template interface
Virtual- TokenRing Virtual Token Ring
Routername(config)# interface Ethernet ?
<0-0> Ethernet interface number
Routername (config) # interface Ethernet 0
Routername (config-if) #
Use the (space bar) to scroll another page if available command is longer than one page
use the (enter) key to scroll one line at a time. It help page is scrolled, press any key to
return the command line.

Command line editing commands

COMMAND MEANING
Ctrl+A Moves beginning of the line.
Ctrl+E Moves cursor to the end of the line
Ctrl+B Moves one character/ word.
Ctrl+F Moves forward one character/word
Ctrl+D Deletes a single character at the cursor
BACKSPACE Delete a single character.
Ctrl+R Redisplays the command prompt
Ctrl+U Erase a line

74
 Ctrl+W Erase a word
Ctrl+Z Ends configuration mode and returns to exit
TAB Finished typing a command for you

ROUTER COMMAND HISTORY

COMMAND MEANING
Ctrl+P or up arrow Show last command entered
Ctrl+N or down arrow Show previous command entered
Show history Show last 10 commands entered by default
Show terminal Show terminal configuration and history buffer size
Terminal history size (0-256) Change buffer size (Max 256)

Setting Router Passwords-

The router has number of ports that allow access to the router, on each of there ports we
can specify passwords to provide a layer of security to the router. There is also the option
of disabling login password checking to any of the port by entering the command to get
the router (config-line) # section of the port and entering the no login command for
example – the password is set to laser with the enable secret Password set to Laser123

Setting the password and enable secret password

Lab scenario
Routername Con0 is now available
Press RETURN to get started.
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername(config)#enable password laser
Routername(config)#enable secret laser123
Routername(config)#exit
Routername#

75
The enable secret password is the password you use to gain access to enable mode and to
the global configuration mode on the router and encrypted, the enable password is used
when you do not specify a enable secret password. The enable password should be
different from the enable secret password
Setting the auxiliary port password
Routername Con0 is now available
Press RETURN to get started.
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername(config)#line aux 0
Routername (config-line)#login
Routername(config-line)#password laser123
The auxiliary ports is on the back of the router and is commonly used to connect a
modem to, it is used to allow a remote used access to the configuration of the router. If a
modem is connected to the port, it should definitely have a password specified for it.

Setting the console password

The console port is also on the back of the router
Routername Con0 is now available
Press RETURN to get started.
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername(config)#line console 0
Routername(config-line)#login
Routername(config-line)#password laser123

Router is used to directly connect a console to the router for configuring the router.
The console is usually a PC running a program like Hyper Terminal set 8 NI. The PC
connects to the console port from the PC’s COM port. The COM port uses a 9 pin to RJ-
45 connector. The connector uses a rolled CAT 5 cable (reserve on one side) to connect

76
the RJ-45 port on the back of the router. This port should allow login with password if the
router is physically secured. The port should be disabling if it is not regularly used or the
router is not securable. This port can be very useful especially when configuring a new
router or corrupted router, as we don’t have to rely on IP addressing being correct or the
interface being UP.

Setting the virtual terminal (telnet) password

The VTYports are specified with the command line VTY 0 4 depending on your router
you might have than five (0, 1, 2, 3, 4,) virtual terminal available.
Routername Con0 is now available
Press RETURN to get started.
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername(config)#line vty 0 4
Routername(config-line)#login
Routername(config-line)password laser123

That case use the command line vty 0 X where X is the number of terminal -1, we can
also specify les the maximum, which will limit the number of session that can exits on
the router, the Virtual Terminal ports are just that virtual, as we can’t physically see them.
They are the ports that allow users to remotely access the router, if they are enabled than
any one on any of the networks that the router knows about can attempt to login. If they
are not going to be doing remote configuration on the router own self, the VTY port
should be disable and the console port should be enabled, we can also apply a standard IP
access list to the vty ports.

ROUTER INTERFACE
Router can have many different types of connectors , from Ethernet , fast Ethernet and
token ring to serial and ISDN ports, some of the available configurable item are logical
addresses (IP IPX) media types, bandwidth and administrative commands, interface are
configured in interface mode which we to from global configuration mode logging in.

77
Logging in to router
Depending on port we are using, we might have to press enter to get the prompt to appear
(console port). The first prompt will look like Router> the greater than sign at the
prompt tell we that we are in usermode. In user mode, we can only view limited statistics
of the router in this mode. To change configurations we first need to enter privileged exe
mode. This is done by typing enable at the router> prompt, the prompt the changes to
router#. This mode support testing command, debugging commands and commands to
router configuration file. To go back user mode, type disable at the router# prompt. If
we want to leave completely, type logout at the user mode prompt. We can also exit from
the router while in privileged mode by typing exit or logout at the router# prompt.

Global configuration mode.

Enter this mode from the privileged mode by typing configure terminal or conf (for
short). The prompt will change to routername(config)# . A change made is this mode
change the running-config file in DRAM. Use configure memory to change the
startup-config in NVRAM. Using config network allows you to change the
configuration file on a TFTP server. If you change the memory or network config files
the router has to put them in to memory (DRAM) in order to work with them, so this will
change our router’s current running-config file.
Interface mode
While in global configuration mode we can make changes to individual interface with the
command routername(config)#interface Ethernet or fast Ethernet, this enter the
interface configuration made for Ethernet port 0 and changes the prompt to look like
routername(config-if)#.

Bringing up interface
If an interface is shown administratively down when the show interface command is
given in privileged exe mode, use the command no shut down to enable the interface
while in interface configuration mode.
Subinterfaces

78
In global configuration mode we can create virtual interface, so at the prompt
routername (config) # type int e0.1 and the prompt will change to router(config-
subif)#. For all practical purpose, there is not a limit to the amount of Subinterfaces an
interface can have
Lines:- in global configuration mode we can enter line (aux, vty, console) to enter
commands for the line type, changes the prompt to routername(config-line)# in line
mode we can set password, inactivity timeout times and numbers of available lines (vty)
Routing protocol
In global configuration mode enter router followed by one the following protocols.
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername(config)#router ?
Bgp Border Gateway Routing Protocol (BGP)
Eigprp Enhance Interior Gateway Routing Protocol (EIGRP)
Isis ISO IS-IS
Iso-igrp IGRP for SI network
Mobile Mobile routesOdr On Demand Stub Routes
Ospf Open Short Path First (OSPF)
Rip Routing Information Protocol (RIP)
Routername(config)#router
Setting IP address-
In global configuration mode enter the interface configuration mode
routername(config)#int e 0 use the command routername(config-if)#ip address [ip
address ] [network mask]. if is the first time using the interface, also use the no
shutdown to enable and bring up the interface.
Routername(config)#int Ethernet 0/fastethernet 0
Routername(config-if)#ip address 192.168.1.1 255.255.255.0
Routername(config-if)#no shutdown
Secondary IP addresses
We can add another IP address to an interface with the secondary command. The syntax
is the same as setting an IP address except we add secondary to the end of it. Using

79
secondary interfaces, if allows we to specify 2 IP addresses for 1 interface. Use
Subinterfaces instead; since they allow for more than 2 IP addresses on an interface and
secondary will probably be replace soon.
Subinterfaces
In global configuration mode we can create virtual interfaces (Subinterfaces) so at the
prompt routername(config)#type int e0.1 and the prompt will change to
routername(conf-subif)#. For all purposes, there is not a limit to the amount of
Subinterfaces an interface can have.

Show interface
To view information about an interface, use the command
Router_2#show interface e0
Ethernet 0 is up, line protocol is up
Hardware is Lance, address is 0000.cc34.ec7d (bia 0000.cc34.ec7d )
Internet address is 192.168.1.1/24
MTU 1500 bytes , BW 10000 Kbit, DLY 1000 usec, rely 255/255, load
1/255
Encapsulation ARPA, loopback not set, keepalive set (10 sec)
ARP type: ARPA, ARP Timeout 04:00:00
Last input never, output 00:00:07, output hang never
Last clearing of “show interface” counters never
Queueing strategy: fifo
Output queue 0/40, 0 drops; input queue 0/75, 0 drops
5 minute input rate 0 bits/sec, 0 packet/sec
5 minute output rate 0 bits/sec, 0 packet/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 input packet with dribble condition detected
614 packet output, 58692 bytes, 0 underruns
0 output errors, 0 collisions, 2 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier

80
 0 output buffer failures, 0 output buffers swapped out

Serial interface
The serial interface is usually attached to a line that is attached to a CSU/DSU that
provides clocking rate for the line. However if two router are connected together one of
the serial interface must act as the DCE device and provide clocking. The DCE end of the
side of the cable that has a female connector where it connects to other cable. The
clocking rate on the DCE devices is set in interface configuration mode with the
commands

Routername(config)#int s0
Routername(config-if)#clock rate ?
Speed (bits per second)
1200
2400
4800
9600
19200
38400
56000
64000
72000

81
125000
148000
150000
500000
800000
100000
1300000
2000000
4000000
<300-8000000> choose clock rate from list above
Routername(config-if)#clock rate 64000

Bandwidth
Cisco router ship with T1 (1.544mbps) bandwidth rates on their serial interface. Some
routing protocols use the bandwidth of links to determine the best route. The bandwidth
setting is irrelevant with RIP routing; bandwidth is set with the bandwidth command and
ranges from 1- 10000000 kilobits per second.

Routername(config)#int s0
Routername(config-if)#bandwidth ?
<1-10000000> bandwidth in kilobits
Routername(config-if)#bandwidth 10000000

Gathering basic routing information

The show version command will provide basic configuration for the system hardware
as well as the software version, the names and sources of configuration files and the boot
images. The command is-

82
Routername>enable
Routername#show version
Cisco Internetwork Operating System Software
IOS (tm) C1700 Software (c1700-y-m), version 12.3(la), RELEASE
SOFTWARE (fcl)
Copyright (c) 1986-2003 by Cisco system, Inc.
Compiled Fri. 06-jun-03 20:01 by dchih
Image text-base: 0x80008120, data-base: 0x809da464

RM: System Bootstrap, version 12.2(7r)XML, RELEASE SOFTWARE (fcl)

Router uptime is 24 minutes
System returned to ROM by power-on
System restarted at 10:31:41 UTC Wed Dec 23 2005
System image file is “flash:c1700-ymz.123-la.bin”

Cisco 1721 (MPC860P) processor (version 0x200) with 54299k/1123k

bytes of memory.
Processor board ID FOC07450RYF (2228040479), with hardware
revision 0000
MPC60P processor: part number 5, mask 2
Bridging software.
X.25 software, version 3.0.0.
1 Fast Ethernet /IEEE 802.3 interface(s)
1 Serial (sync/async) network interface(s)
32K bytes of non-volatile configuration memory.
32768K bytes of processor broad system flash (Read/Write)

Configuration register is 0X2102

Routername#

Saving changes
Any time we make changes and want them saved over the next reboot we need to copy
the running-config to the startup-config in NVRAM. The using command:-

83
• Routername#copy running-config startup-config
To erase the startup file use the command:-
• Routername#erase startup-config

ROUTING PROTOCOLS:-
Routing is the process of directing packets from a source node to a destination node on a
different network, getting packets to their next hop requires a router to perform two basic
activities: path determination and packet switching.

Path determination: - involves all paths to a destination network and choosing the
optimal route. To determine the optimal route. Information is put in a route table, which
includes information such as destination network the next hop and an associated metric.
Packet switching:- involves changing a packet’s physical destination address to that of
the next hope (the packet logical destination and source address will stay the same).

Information a Router needs to know to route a packet

• Destination address
• Neighbor router
• Possible router to all remote networks
• The best route to each network
• How to maintain and verify routing information
Types of routers
A router can learn a route via one of two methods: static and dynamic. A static
route is a route that is manually configured on the router. There are two ways that a
router can learn a static route. First a router will look at its active interfaces examining
the address configured on the interface and determine the corresponding network and
populate the routing table with this information. This is commonly called a connected
route; the second way that a router can learn a static route is for you to manually
configure it.
Dynamic router is routes that a router learn by running a routing protocol. Touting
protocols will learn about router from other neighboring routers running the same routing

84
protocol. Dynamic routing protocols share network numbers a router knows about and
reachability information concerning there networks, though this sharing process
eventually a router will learn about all of the reachable network numbers in the network.
There is a difference between the terms routed protocol and routing protocol. A routing
protocol learn about routers for a routed protocol. A routed is layer -3 protocol, like IP or
IPX. A router protocol carries user traffic such as e-mail file transfer and web downloads.
This is focus on routing for IP traffic and cover the basic of the RIP,IGRP,OSPF and
EIGRP Routing protocols.
Autonomous System
Some routing protocols understand the concept an autonomous system and some do
not, an autonomous system (AS) is a group of network under a single administrative
control, which could be our company a division within our company or a group of
companies.
An interior Gateway protocol (IGP) refers to a routing protocol that handles routing
within a single autonomous system. IGP’s includes RIP.IGRP< EIGRP, OSPF and IS-IS,
an exterior Gateway protocol (EGP) handle routing between different autonomous
system. Today there is only one active EGP: the Border Gateway Protocol (BGP). BGP is
used to route traffic across the internet backbone between autonomous systems. Not
every routing protocol understands the concept of an AS, an AS can distinct boundaries
for a routing protocol and thus provides some advantages, for instance, we can control
how far a network can be propagated by router. Plus we control what route we will
advertise to other autonomous system and what routes we will accept from these systems.
To distinguish one autonomous system from another ,an AS can be assigned a unique
number from 1 to 65.535. the Internet Assigned Numbers Authority(IANA) is
responsible for assigning these number just like the public and private IP address AS
number, if you will be connected to the internet backbone are running BGP and want to
accept BGP router from the internet, we will need a public AS number, however, if you
only need to break up your internal network in to different system we only need to use
the private number, routing protocols that understand the concept of an AS are IGRP
EIGRP,OSPF, IS-IS and BGP. RIP doesn’t understand autonomous system, while OSPF

85
does .but OSPF doesn’t require you to configure the AS number other protocols such as
IGRP and EIGRP.

Administrative distance
Used to not the reliability of routing information received on a router from neighbor
router. Ads range from 0.255, 0 is the most trusted and 255 means the route would not be
used.
ROUTE SOURCE DEFAULT DISTANCE
Connected interface 0
Static route 1
EIGRP 90
IGRP 100
OSPF 110
RIP 120
External EIGRP 170
UNKNOW 255

THE THREE CLASSES OF ROUTING PROTOCOLS

Distance vector- used the distance to remote network to find the best path each time a
packet goes through a router it is called a hop. The route with the least number of hops is
determined to be the best, exp of distance vector are RIP and IGRP
Link state- typically used shortest path first, each router create three tables. 1 tracks
directly attached neighbor, 1 determines the entire network topology and 1 is used for
routing table, for example of link state is OSPF
Hybrid- Uses part of DV and LS.
LINK STATE ROUTING PROTOCOLS
Link state protocols require each router to send the state of its own interface to every
router in the Internetwork to every router in the Internetwork. Link state protocol
converge more quickly, but they use more of the router’s CPU and memory resources
link state protocol rely on network events to address topology changes in the network,. If
a router detect a network event (new router or router down) it triggers an update.
Link state overview

86
1. Routers broadcast and receive link state protocols to and from other routers via the
network, link state packets contain the status of a router’s link or network interfaces.
2. the router builds a topology database of the network
3. the router runs the shortest path first algorithm against the data base and generates a
SPF tree of the network with itself as the root of the tree
4. The router populates it route table with optimal path and ports to transmit data
through to reach each network.
Link state problems
1. CPU and memory usage when maintaining routing tables on large networks. This
affects the router’s ability to move user data packet though the networks
2. Large amount of network bandwidth used during convergence- affects the amount of
bandwidth that is available to uses during this time. Occurs with network unitization
or when several routers start-up.
3. if one part of the network receivers route information before amount part,
convergence may take longer or SPF tree and route tables may store in accurate
information.

Link state remedies

1. minimize router resource usage by lengthring update frequency route summaries
2. Coordinate update with time stamps or sequence numbers.
Distant vector routing protocols
Several distance vector routing algorithms are still in use today. Each one has its
advantages and disadvantages, but all share the same basic characteristics. The best-
know IP routing protocol is the Routing Information Protocols (RIP) which supports only
IP traffic. Cisco router support a more flexible routing protocol know as the Interior
Gateway Routing Protocol (IGRP), which enable multiple protocols (such as IP , IPX and
Apple talk) route information to be managed through one routing protocol rather than
three.
In an IPX environment, the most common routing protocol is IPX, RIP. Although it
bears the same name as IP’s RIP, it is compatible, finally AppleTalk has its own distance
vector routing protocol called the routing table maintenance protocol (RTMP). With

87
distance vector, routing good news travels quickly and bad new travels slowly. Router
blast a route broadcast out using timed intervals, including their entire route tables,
regardless of whether anything has change. This constant broadcasting of unchanged
routing tables wastes bandwidth, route updates are exchanged only between routers
connected to the same physical segment (neighbor router). Router learns all route
information through communication from a neighbor router. Distance vector routing gets
its name because these protocols base best path selection on help or distance. This can
lead to problems when redundant paths exits that have vastly different bandwidth values
For example- suppose station laser wants to communicate with station NAZI

RED PATH- from router A to router (across a 19.2kbps link and then to the destination
LAN segment (3hops).
Green path- from router A to router B across a 10 mbps LAN segment then from router
B to router C across a T1 link at 1.544 mbps and then on to the destination LAN segment
(4hops)
Distance vector protocols always will choose the path with the lowest hop count (path
A) which in this case would cause traffic to be sent over a slower link. Most distance
vector protocols base their path selection on hop counts (distance) and not various costs.
Convergence-

88
 When routers using first startup. They send their routing tables to each other and the
time it takes for them to synchronize is called network convergence RIP has a slow
convergence time, which can cause routing loops.
Routing loops- Occur in part because of slow convergence time. Router using distance
vector routing protocols send theirs routing tables at set intervals. When a router’s
network goes down. It broadcasts as message that updates its neighbors. The neighboring
router will gradually update their neighbors (convergence). However; if one of the distant
router. Who hasn’t received the update about the downed network. Send out its normal
update packet, which states the downed network is reachable through it; it will create a
routing loops. Its path really points to its neighbors who are closer to the downed network
and know the network is down. But they will see the downed network as being available
through the distant router.
They will send the distant. Router who will in turn send the packet along the path that
it originally had to the downed network neighbors) the neighbor to the downed network
knows its connection to the downed network is not available so its send the packet to the
distant router (thinking that it is a new path) who still believes the original path is
available. This will repeat itself continuously; the neighbor sends it to the distant router
and the distant router sends it to the neighbor of the downed network who in turn sends it
back to the distant router, each thinks that is the others has a connected path. This is
called counting to infinity.

SOLUTIONS TO ROUTING LOOPS-

Maximum hop count- Distance vector (RIP) permits not count of up to 15. so a packet
that is caught in a routing loop will only travel 115 hop, on the 15th the network is
deemed unreachable and the packet is discarded.

Split Horizons- specify that a router cannot send information about router back out the
interface they originated from. Would not send data about downed networks.

89
Router poisoning- If a router is connected network goes down. It sets its hop count to
unreachable (16 for RIP) for the network. The neighboring router will receive
information about the unreachable network and would not try to send packets to it even if
it receives outdated data from a distant router.

Hold-downs - Prevent regular update message from reinstalling a route that is down.
Also, prevent router from changing too rapidly by allowing time for the downed network
to come backup or the network to stabilize before changing to the next best route. Also
tells the router to restrict changes for a specific time any changes that would affect
recently removed routers. If a router receives an update with a better metric, the timer is
removed and packets are passed. However, if an update arrives from a neighbor router
before the hold down timer expires and it has a lower metric than the previous route, the
timer keeps going. This allows for convergence. Hold downs use triggered updates that
are sent immediately to neighboring routers and contains a new routing table.

Routing protocols RIP and IGRP

In global configuration mode, enter to see the available routing protocols.
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername(config)#router ?
Bgp Border gateway protocol (BGP)
Egp Exterior gateway protocol EGP)
Eigrp Enhanced interior gateway routing protocol (IGRP)
Isis ISO IS –IS
Iso-igrp IGRP for OSI networks
Mobile mobile routers
Odr on demand stub routers
Ospf open shortest path first (OSPE)
Rip routing information protocol (RIP)
Static static routes

90
Routing Information Protocol (RIP)
The routing information protocol that uses hop count as it metric RIP is widely used
for routing traffic in the global internet and is an IGP (Interior Gateway Protocol, which
mean that it performs routing within a single autonomous system. RIP only uses hop
count of 15, 16 is deemed unreachable. RIP works well in small internet. But is
inefficient for large network. RIP is susceptible to all the problem normally associated
with distance vector routing protocol. It is slow to converge and forces router to learn
network information only from neighbors. RIP version /uses classful routing (all device
in the network must use the same subnet mask because RIP version 1 doses not send
updates with subnet information). RIP version 2 uses classless routing and doses send
subnet mask information with route updates. RIP networks need the same hop count to
local balance multiple links.
Routing updated- RIP sends its complete routing table out to all active interface at
regular intervals (every 30 seconds) and when the network topology changes. When a
router receive a routing update that includes changes to entry , it updates its routing table
to reflect the mew route. The metric value for the path is increased by one and the sender
is indicated as the next hop.
RIP router maintain only the best route.(the route with the lowest metric value) to a
destination. After updating its routing table the router immediately begins transmitting
routing update to inform other network router of the change. These updates are sent
independently of the regularly scheduled updates that rip router send.

RIP Routing Metric

RIP uses a single routing metric (hop count) to measure the distance between the source
and a destination network. Each hop in a path from source to destination is assigned a
hop- count value, which is typically1. When a router receives a routing update that
contains a new or changed destination network entry, the router adds one to the metric
value indicated in the update and enters the network in the routing table. The IP address
of the sender is used as the next hop.

91
 RIP prevent routing loops from continuing indefinitely by implementing a limit on the
number of hops allowed in a path from the source to a destination (15hops). If a router
receives a routing update that contains a new or changed entry and if increasing the
metric value by one cause, the metric b. to be infinity (that is 16) the network destination
is considered unreachable.
Stability feature- To adjust for rapid network- topology changes, RIP specifics a number
of stability features that are common to many routing protocol. RIP for expimplements
the split horizon and hold down mechanisms to prevent incorrect routing information
from being propagated in addition, the RIP hop count limit prevents routing loops from
continuing indefinitely.
RIP Timers-
1) router update timer-Its is usually set to 30 seconds
2) route invalid timer-The route invalid timer determines(90sec)
Using the sample network below, we will enable RIP routing for the network.

The network’s configuration is as follows:

ROUTER INTERFACE ADDRESS
Routername 1 Eo-172.20.10.1/24
S0-172.20.1.1/24
Routername 2 E0-172.20.20.1/24
S0-172.20.1.2/24
S1-172.20.2.1/24
N/W TO NEXT HOP ROUTER
Routername 1 to Routername 2
172.20.1.0/24
Routername 2 to Routername1
172.20.1.0/24
Routername 2 to Routername 3
172.20.2.0/24

92
Routername 3 E0-172.20.30.1/.24 Routername 3 to Routername 2
E1-172.20.35.1/24 172.20.2.0/24
S0-172.20.2.2/24

Use the command router rip and tell the RIP protocol which network to advertise
(network<network) router send RIP version 1 by default and RIP v.1 is classful which
means all the devices in the network need to use the same subnet mask. The network is
entered in using the classful boundary and RIP will find the subnets to advertise since all
the network are using the same subnet mask (124). Below is the actual configuration for
the above sample network, the interface configuration are also shown for completeness.
ROUTERNAME 1
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Routername1(config)# interface e0
Routername1(config-if)#ip address 172.20.10.1 255.255.255.0
Routername1(config-if)#no shutdown
Routername1(config-if)#exit
Routername1(config)#interface s0
Routername1(config-if)#ip address 172.20.1.1 255.255.25.0
Routername1(config-if)#no shutdown
Routername1(config-if)#exit
Routername1(config)router rip
Routername1(config-router)# network 172.20.0.0
ROUTERNAME 2
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

Routername2(config)#interface e0
Routername2(config-if)#ip address 172.20.20.1 255.255.255.0
Routername2(config-if)#no shutdown
Routername2(config-if)#exit

93
Routername2(config)#interface s0
Routername2(config-if)#ip address 172.20.1.2 255.255.255.0
Routername2(config-if)#no shutdown
Routername2(config-if)#exit

Routername2(config)#interface s1
Routername2(config-if)#ip address 172.20.2.1 255.255.255.0
Routername2(config-if)#no shutdown
Routername2(config-if)#exit
Routername2(config)#router rip
Routername2(config-router)#network 172.20.0.0

ROUTERNAME 3
Routername>enable
Routername#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

Routername3(config)#interface e0
Routername3(config-if)#ip address 172.20.30.1 255.255.255.0
Routername3(config-if)#no shutdown
Routername3(config-if)#exit

Routername3(config)#interface e1
Routername3(config-if)#ip address 172.20.35.1 255.255.255.0
Routername3(config-if)#no shutdown
Routername3(config-if)#exit

Routername3(config)#interface s0
Routername3(config-if)#ip address 172.20.2.2 255.255.255.0
Routername3(config-if)#no shutdown
Routername3(config-if)#exit
Routername3(config)#router rip

94
Routername3(config-router)#network 172.20.0.0

Viewing the routing table

We can use the #show ip route command to view the router’s table
Routername3# show ip route
Codes;
C – connected, S- static, I – IGRP, R- RIP, M – mobile, B - BGP
D- EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2, EIGRP
I- IS-IS, L1- IS-IS level-1, 2- IS-IS Level-2 *-
candidate default
U – per- user static route, o – ODR
Gateway of last resort is not set
172.20.0.0/24 is subnetted , 6 subnets
R 172.20.1.0 [120/2] VIA 172.20.2.1, 00:00:04, serial0
R 172.20.10.0 [120/2] VIA 172.20.2.1, 00:00:04, serial0
R 172.20.20.0 [120/2] via 172.20.2.1, 00:00:04, serial0
C 172.20.2.0 is directed connected , serial0
C 172.20.35.0 is directed connected, ethernet1
C 172.20.30.0 is directed connected, ethernet0

95
INTERIOR GATEWAY ROUTING PROTOCOL (IGRP)
The Interior Gateway Routing Protocol (IGRP) is a Cisco –proprietary routing protocol
for IP like IP RIP V1, it is a distance vector protocol. However, it scales better then RIP
because of these advantages.
• It used metric based on bandwidth and delay.
• It uses triggered updates to speed-up convergence
• It supports unequal –cost load balancing to a single destination.
IGRP uses a composite metric, which includes bandwidth delay, reliability, MTU
(Maximum Transmission Unit) and load when choosing path to a destination, by
default, the algorithm uses only bandwidth and delay. But the other metric component
can be enabled. Reliability and load are measured 1 – 255.IGRP has a maximum hops
counts of 255 with a default of 100. this is helpful in large networks and solve the
problem of 15 hops being the maximum possible in a RIP network.

IGRP Timers
IGRP includes the following times with default setting:-
IGRP RIP
Can be used in the large internetworks Works best in smaller networks
Uses an autonomous system for activation Does not used autonomous system number
IGRP an administrative distance of 100 RIP has administrative distance of 120
Uses bandwidth and delay of the line a Uses only hop count to determine the best
metric with a maximum hop count of 255 path to a remote network with 15 hops
being the maximum

IGRP update Timers- these specify how frequently routing-update message s should be
sent. The default is 90 seconds
Invalid Timers- these specify how long a router should wait before declaring a route
invalid if it doesn’t receive a specific update about it. The default is three time the the
update period.
Hold down timers- these specify the hold down period the default is three timers the
update timer period plus 10 second.

96
Flash Timers- these indicate how much time should pass before a router should be
flashed from the routing table. The default is seven times the routing update period. If the
update time is 90 seconds by default, then 7X90 = 630 second elapse before a route will
be flashed from the route table.

Routername3>enable
Routername3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.

Routername3(config)#router IGRP ?
<1-65535> Autonomous system number
Routername3(config)#router IGRP 10
Routername3(config-router)#network 172.30.0.0

OPEN SHORTEST PATH FIRST (OSPF)

Open Shortest Path First (OSPF) network partcipal in what are called areas, which
represent separate routing domain. All routers with in an area maintain the same
information. This separation of area guarantees that route changes with in each area do
not affect router in other area. It also keeps routers from needlessly running distress
Shortest Path First (SPF) algorithm and recalculating their route tables each time change
occurs in same remote network, causing additional overhead and slow convergence.
When multiple area exits, you define a core areas as area 0, this is the transit area for
all router and all other areas must in some way connect to area 0.
OSPF routers and multicast link state advertisement (LSA s) known as hello packets.
To learn about and exchange route information. Each OSPF router maintain three
separate database, the adjacency database (a list of all OSBF neighbor routers) the link
state database (which stores the topology map along with a list of all the routers with in
the area )and forwarding database (which contain a list of the best routes) for example
OSPF routers to exchange information they form a neighbor relationship with the other
OSPF routers have established the neighbor adjacency each multi-access segment
appoints routers to serve two roles designated router (BDR).

97
 The DR builds maintains and disseminates the link state database, one the other
hand the BDR remains in stand by mode until the DR becomes unavailable or fail to
perform its duties.
After a DR and BDR are chosen, all routers within the area send updates through a
process known a flooding. They then receive updates from the routers, building a
complete topology map of the area (link state database). Router with in an OSPF area
maintain the same link state database and react only to changes within their area
From the link state database, each router performs an SPF algorithm, derives the
best routes to all networks throughout the Internetwork and places these routes in their
forwarding database (route table). When changes with in as area occur the router that
detect the change floods out this change immediately then, all routers computes the SPF
algorithm in parallel update their tables, converge and begin to route this rapid
identification and reaction to changes results in faster convergence times then routing
protocols that use periodic updates can produce.
Configuring OSPF
The configuring OSPF is slightly different from configuring RIP or IGRP when configure
OSPF use the following syntax.
Routername(config)#router Ospf <process ID>
Routername (config-router)#network IP address – wild card – mask area
The process ID is locally significant and is used to differentiate between different OSPF
process. Router might be a boundary router between two OSPF autonomous systems, and
to differentiate them on our router we will give them unique process IDs. Note that these
numbers do not need to match between different routers and that have nothing to do with
autonomous system numbers.

Routername3>enable
Routername3#config terminal
Routername3(config)#router Ospf 101
Routername3(config-router)#network 10.0.0.0 255.255.0.0 area 0
Routername3(config-router)#network 172.10.0.0 0.0.255.255 area 0

98
Enhance Interior Gateway Routing Protocol (EIGRP)
EIGRP is classless, enhanced distance –vector protocol that gives as a real edge over
another Cisco proprietary protocol. IGRP, that’s basically why it’s called enhanced
IGRP, like IGRP, EIGRP uses the concept of an autonomous system to describe the set of
contiguous router that run the same routing protocol and share routing information.
EIGRP is sometimes referred to as a hybrid routing protocol because it has
characteristics of both distance-vector and link state protocols for example- Eigrp
doesn’t send link state packets as OSPF does, instated it send traditional distance-vector
updates containing information about network plus the cost of reaching them from the
perspective of the advertising router and EIGRP has link state as OSPF does, instead, it
sends traditional distance vector updates containing information about network plus the
cost of reaching them from the perspective of the advertising router.
EIGRP has link-state characteristics as well –it synchronizes routing Tables between
neighbors at startup and then sends specific updates only when topology changes occur
this makes EIGRP suitable for very large network EIGRP has a maximum hop count of
255

There are a number of powerful features that make EIGRP a real standout from IGRP and
other protocol, the main ones are here.
• Supports for IPX,IP and Apple Talk via protocol dependent modules
• Considered classless (same as RIP V2 and OSPF)
• Supports for VLSM/CIDR
• Communication via reliable transport protocol(RTP)
• Best path selection Via defusing update algorithm (DUAL)

Router(config)#router Eigrp 200

Router(config-router)#network 172.10.0.0
Router (config-router) #network 10.0.0.0

99
ACCESS LISTS-
What are access list?
Access list are a set of rules defined within a list that a router uses to determine
whether to accept or deny traffic on an interface. Administrators can apply there rules to
inboard and outboard interface traffic. Access list enable you to filter traffic from s
particular host, subnet, protocol or port type. An administrator manually define the access
lists and applies them to router interface based on inboard or outboard direction.
Two main types of IP access lists are available. Standard and extended. Both type
enable you to fitter traffic passing through the router. But not traffic generated by the
router. We can use the router access lists to control other types of access, such as limiting
incoming and outgoing telnet session on VTY ports and defining an interesting traffic
criterion to activate Dial on Demand Routing (DDR) link.
A router passes each line of the access list starting from the top and working down
comparing each incoming or outgoing datagram to the list until it find a match. After it
find a match. The router stops the comparison process and applies the rules of the
matching line. To this datagram either forwarding or blocking it. The router must
scrutinize each datagram and compare it in real time to the interface access list as it
comes in or before it goes out, which adds more CPU overhead and delay to the routing
process.
Because of the additional CPU overhead and delay, building our list hierarchically with
the most specific and frequently applied rules at the top is important. This prevents the
router from wasting time by having to go through a long list of rules before it finds a
match that might ultimately cause he router to drop the datagram anyway. Also note that
because the router performs this process on the FTP we should not try to edit the access
list while it is running in memory. This can cause unexpected and disastrous results. It
also should be noted that unless our rules are ordered properly, the router also might
accidentally apply a more general rule to a frame and never reach the specific rule. In
addition, the last line of every access list defined or not is an implied e\deny statement.
This implied deny causes any datagram that has not been matched to any of the access list
rules to be denied. Because this default adding the specific statement is unnecessary. But

100
be aware that all unmatched frames will be discarded as a result. To override this default
statement. You must end your access list with an explicit permit statement.
Access list do not enable you to insert or delete lines in the middle after you have
already built a list. New lines are always added to the end . and you can delete only the
last line while editing on your router. This is another reason why editing on your router.
This is another reason why editing access list offline is a necessary.

Building Access lists-

Keep in mind that the purpose of an access list is not just to filter unwanted traffic, but
to forward specific traffic. This dual purpose make it a challenging yet effective way to
secure your network and eliminate excess traffic. No matter what type of access list you
are building. You must follow two basic steps.
1) Build the list using the access list command at global configuration mode.
2) Bind the list to an interface by using interface configuration mode.

Access list have two steps- Building the access list and binding it to the interface.
Access list have a general rule. We can have one access list per protocol. Per interface
applied in on direction for example, you can bind only one IP access list to ethernet0 in
an inbound direction we can not apply another IP access list to that same interface in the
same direction however we can have another IP access list or even the same one applied
to the same interface but in another direction (assuming of course that the rules within
the list make sense when they are applied in the opposite direction). Otherwise , you must
create a new list and apply it to the same interface, but in the opposite direction.

101
 The direction we apply the access list determines what the router will do with the
frame as it comes in or goes out of the interface. For exp. Inbound access lists determine
whether a router will accept and forward or drop a frame through this receiving interface.
This avoids the router having to process a frame when it will ultimately be discarded.
Outbound access list define whether frames already received through some other
interface will be subsequently forwarded out on interface outboard access list are used
when a router needs to forward data grams out one subnet of its interface but not others.

Access list types-

The following are the two main access list types.
• Standard access lists- Provide simple filter based on network layer address only.
• Extended access lists- Enables router to filter based on network layer through
application layer information.
Standard and extended access list rules and criteria very based on the protocol type,
such as IP, IPX, Apple talk, and so on. Each access list created has a defined value range
identifying the access list type and protocol.
Router uses the number following the access list to determine the type of access list.
For exp- if you wanted to create an IP extended access list you would issue the command
Ip access list followed by a number from 100 to 199. In addition to the two main access
list types. We can use other access list to filter specific types of traffic such as routing
updates and service advertisements.

Provides a list of access list types and their respective numbered ranges.
Access list types Access list range
Standard IP access list Access list number 1-99
Extended IP access list Access list number 100-99
Standard IPX access list Access list number 800-899
Extended access IPX access list Access list number 900-999
IPX SAP filter Access list number 1000-1099

Block diagram of ACL

102
 Routing
Logical Out bound ACL

Permit
deny

In
boun deny
d Bit bucket
ACL

How to create the ACL?

IP standard ACL
Routername(config)#access-list<ACLNo.><action><source IP address>
<A-99> <permit/deny>
Hostname or A-B-C-D
(any every can access) (A specific network or host)
Host (only a specific host address to match)

For exp. We need to deny the 172.16.1.0 network?

103
Routername (config)# access list 7 deny 172.16.1.0
Routername (config)# access list 7 permit any
Routername (config)# interface e0
Routername (config-if)# Ip access- group 7 out

Editing access lists- Two ways exist to edit access list we can create or edit access list
using the router command at global configuration mode, which takes effect immediately
conversely, you can edit or credit offline, which you apply dater to the router.
To edit or create an access list offline, you simple use any text editing tool, such as
notepad and create a new list or modify an existing list then you copy it to the clipboard
and paste into your router session. If you make a mistake. Simply change the notepad
version. Copy it again and repaste it without having to retype the whole access list; keep
in mind , though, that you should always test your list rules might not work the way you
had anticipated when you created or edited them.
Because the defining your list with the most specific entries at the top. Router block
datagram not matching any of the rules within the list because the last rule, whether
defined or not is to deny all traffic through an implicit deny all.

Wildcard masks- When specifying source and destination address of hosts, subnet, or
network within an access list you can use a wildcard mask. Wildcard masks enable you to
apply a filter to multiply hosts on a subnet or multiple subnets with a single access list
line. Rather than having to define a separate access list line for each. The use of wildcard
enables you to reduce the number of lines an access list has cutting down the amount of
time a router must take to parse the list in search of a match line.
Wildcard mask share similarities with regular mask in that they use to representation
of 1s to show bit position that can be variable. 0s represent values that are static and
should always match however, wildcard mask, mask bit in the opposite direction of
regular masks, starting from right to left. Therefore, you sometimes will hear wildcard
masks referred to as reverse mask.
Access-list[list#][permit/deny][source address][source wildcard mask]
Wild Card Mask (32 bits)

104
 0 1
(value must be exact match) (value can be any thing)
192.168.10.1 0. 0. 0. 255

Standard IP access list with wild mask.

Standard IP access list filter network traffic based on the source IP address. Using a
standard access list. We can filter traffic by a host IP address, subnet, or a network
address. In order standard IP access list. You must first create the access list and then
apply it to can interface using the following syntax.
VARIABLE DEFINATION
[LIST#] Standard IP access list are represented by a number range 1-99.
[permit/deny] Used to specified the nature of access list.
[sour e address] The IP address of the source.
[source wildcard mask] A wildcard mask or inverse mask applied to determine which
bit.

Wildcard mask are the inverse of the subnet, 0’s are significant and the 1’s are not
significant. If you compare the source address to the wildcard mask, the source address
bit that matches up with the 0’s specifies the network (only one) and the source address
bits that the 1’s are all the hosts to which the list applies.

Exp. Of Standard IP Access Lists

Router(config)#access-list 1 deny host 192.168.10.4
Router(config)#access-list 1 permit 0.0.0.0 255.255.255.255
Router(config)#interface e0
Router(config-if)#ip access-group 1 out
This access list allowed traffic from 192.168.10.4 to enter the router but the access list
denies if from exiting on interface Ethernet 0. the deny statement uses the default
wildcard of 0.0.0.0 the 0.0.0.0 255.255.55.255 cab be replaced with the word any. The
list is applied to the outbound of the interface as opposed to the inbound. This will

105
prevent the host being blocked from other network on the router that might not have been
intended since traffic from 192.168.10.4 can enter the router and be switched to other
network on interface other than Ethernet 0. we should apply the standard ip access list as
close to the destination network as possible or you could inadvertently block access to
portions of other network. Use the command show access-lists to see the access list on
your router, for just IP access list as the command show ip access-list.
Extended
Extended IP access lists-
Extended IP access lists can filter based on source IP address , destination IP address
protocol type and application destination and source port number. Whereas standard IP
access list only filter only filter only filter source address. We also configure extended IP
access list by creating the list and applying it to an interface using the following syntax.
Access-list[list#][permit/deny][protocol][source IP add][source wildcard mask][operator]
[Port][Destination IP address][Destination wild card mask][Operator][Port][Log]
VARIABLE DEFINATION
[list#] Extended IP access list represented by a member ranging
from 100-199 or text names with IOS 11.2 greater.
[permit/deny] Used to specify the nature of access list either a permit or
deny statement.
[protocol] The IP protocol to be filtered can be (included all protocol
in the TCP/IP suite) TCP,UDP, ICMP
[source address] The IP address of the source
[source wildcard mask] A wild card mask or inverse mask applied to determined
which bits of source address are significant.
[operator] Can contain lt (less than) gt(greater than)
[port] If necessary, the source port number or name of the
protocol to be filter
[destination] The IP address of the destination
[destination wildcard mask] A wild card mask or inverse mask applied to determined
which bits of destination address are significant.
[port] If necessary to destination port number or name of the
protocol to be filter
[log] Turn on login of access list activity.
[operator] Can contain lt (less than) gt(greater than)
Exp.

106
This access list will block 192.168.1.10 from accessing TCP port www(http{80})on host
192.168.2.2 the host keyword is a shortcut for the 0.0.0.0 wildcard mask. since extended
IP access list a close to the source as possible to reduce unnecessary traffic on the
network.
Routername(config)#access-list 100days TCP host 192.168.1.10
Host 192.168.2.2 eq. WWW
Routername(config)#access-list 100permit any any
Routername(config)#interface e0
Routername(config-if)#ip access-group 100 in

To remove the access list use the command no ip access-group [list#]. Use the same
commands to monitor an extended IP access list as a standard access list show access-list
or show ip access–list extended IP access list show the number of matches per line of the
access list, to clear these counters, use the command clear access-list counter [list#].
Controlling VTY access
You can control access to VTY port by applying a standard access list to the VTY lines.
Routername2#configure terminal
Enter configuration commands, one per line. End with CNTL/z
Routername2(config)#access-list 15 permit host
192.168.1.71
Routername2(config)#line vty 0 4
Routername2(config-line)#access-class 15 in

This will stop all host except 192.168.1.71 from tenting in to the router. This is
accomplished by only allowing one host and then not permitting any other hosts since
there is an implicit deny at the end of all access list.
LAYER 2 SWITCHING
1. Layer2 switching is hardware based; it uses the host’s media access control (MAC)
address.
2. Switches use Application Specific Integrated circuits (ASIC) to build and maintain
filter tables.

107
3. switches tend to be faster than router because they don’t’ look at the logical address
(Network Layer Address) they instead use the hardware address definition at the data
link (MAC)layer to decide whether to forward ,or discard the frame.
4. uses layer 2 switch for network connectivity and network segmentation each port is a
separate collision domain
5. Be careful how you segment your network ensure that the spend 80% of their time on
their local segment, and all the segment of a switch are still in the same broadcast
domain. Use router to split up broadcast domain.

Benefit of LAN switches (Layer 2 services)

• Bandwidth: - LAN switches provides excellent performance for individual by
allocating dedicated bandwidth to each switch port (for ex. Each network segment)
this technique is known as micro segmenting.
• VLAN’s:- LAN switches can group individual port into logical switched workgroups
called VLAN. There by restricting the broadcast domain to designated VLAN
members port VLAN’s are also know as switched domain and autonomous switching
domain communication between VLAN’s requires a router.
• Automated packet recognition and translation:- Cisco’s unique Automatic Packet
Recognition and Translation (APRRT) technology recognizes and converts a variety
of Ethernet protocol formats in to industry-standard FDDI format . with no changes
needed in either client or server end stations. The catalyst solution can provide an
easy migration to 100mbps server access while preserving the user’s investing exiting
share 10 base-t LAN’s
THREE FUNCTIONS OF LAYER2 SWITCHING
1. Address learning:- Layer 2switches retain in their interface tables , the source
hardware address and port interface it was received on.
2. Forward/filter decision:- when a frame is received, the switch looks at destination
hardware address and finds the interface it is on in the filter table, if the address is
unknown , the frame is broadcast on all interface except the one it was received on.

108
3. Loop avoidance: - if multiple connection between switches exist for redundancy
network loop can occur spanning tree protocol is uses to stop loop while still allowing
redundancy.
LAN SWITCHING BANDWIDTH
LAN switches also can be characterized according to he proportion of bandwidth
allocated to each port. Symmetric switching provides evenly distributed bandwidth to
each port, while asymmetric switching provides unlike, or unequal bandwidth
An asymmetric LAN switch provides switched connection between port of unlike
bandwidth , such as a combination of 10 base T and 100 base T. this type of switching is
called 10/100 switching. Asymmetric switching is optimized, for client-server traffic flow
where multiple client simultaneously communicated with a server, requiring more
bandwidth dedicated to the server port the prevent that port.
A symmetric switch provides switched connections between ports with the same
bandwidth, such as all 10 bases T or all 100 base T. symmetric switching is optimized for
a reasonably distributed traffic load such as a peer-to-peer desktop environment.

LAN SWITCHING SUMMARY

LAN switching technology improve the performance of traditional Ethernet, FDDI and
Token ring technologies without requiring costly wiring upgrades or time –consuming
host reconfiguration. The low price port allows the deployment of LAN switches so that
they decrease segment size and increase available bandwidth VLAN make it possible to
extend the benefit of switching over a network of LAN switches and other switching
devices.

CONFIGURING A CATALYST 2950 SWITCH

Setting, hostname. IP address and DFGW
Hostname
Switchname>enable
Switchname# configure terminal
Enter configuration commands, one per line. Each with CNTL/Z

109
Switchname(config)# hostname Switchname
Switchname(config)# ip address 192.168.1.75 255.255.255.224
Switchname(config)# ip default-gateway 192.168.1.65
Switchname(config)# ip domain-name foo.org

Viewing the information

Use the show ip uses exec command to display global internet (IP) configuration
information.
Switchname# show ip
IP address: 192.168.1.75
Subnet mask: 255.255.255.224
Default Gateway: 192.168.1.65
Management VLAN: 1
Domain name :foo.org
Name Server 1: 192.168.1.70
Name Server 2:0.0.0.0
HTTP server :Enable
HTTP port : 80
RIP : enabled

Setting Passwords
Use the enable <1-15> global configuration command to set unencrypted user Exec
privileged Exec password. Level 1- 14 is for user Exec privileges while level 15 is for
privileges Exec. The password is a non case sensitive string of between 4 and 8 character,
spaces and punctuations (except double quotas) password strings wit blank spaces must
be enclosed in double quotes.
Switchname(config)#enable password level 1 “ccNa2.0”
Switchname(config)#enable password level 15 cisCo123
Enable secret password
Use the enable secret global configuration command to set encrypted user Exec or
privileged Exec passwords. The enable secret password if it is set since the enable secret
password is encrypted and therefore more secure.

110
 Switchname (config)#enable secret laser123

Interface
Use the interface type slot/port global configuration command to choose an interface
type and to enter interface configuration mode.

Switchname(config)#interface fastethernet 0/5

Switchname(config-if)#

SETTING THE INTERFACE DESCRIPTION

While in interface configuration mode we can use the “description string” command to
set a description for an interface. The description can be from 1 to 80 alphanumeric
characters. Use double quota to enclose string with spaces
Switchname (config-if) #description “marketing VLAN”

Set the port’s duplex

Use the duplex auto/full/full-control/half interface configuration command to enable
duplex mode for an interface.
Syntax Description
Auto Auto-negotiation of duplex mode
Full Full-duplex mode
Full-flow-control Force-full-duplex mode with flow control
Half Half duplex mode

Show version
This command shows how to display the switch hardware and firmware version
accessible from privileged Exec mode for the catalyst 2950 switch.
Switchname# show version
Cisco Internetwork Operating System Software
IOS (tm) c2950 Software (c2950-I6Q4L2-m), Version 12.1(13) EA1,
RELEASE SOFTWARE
(fcl)

111
Copyright (c) 1986-2003 by Cisco System , Inc.
Compiled Tue 04 –Mar-03 02:14 yenanh
Image text base: 0X80010000, data-base: 0x805A8000

ROM: Bootstrap program is CALHOUN boot Loader

Switchname uptime is 70 minutes
System returned to ROM by power-on
System Image file is “flash:/c2950-i6q412-mz.121-13.EA1.bin”

Cisco WS-c2950-24 (RC32300) processor (revision J0) with 20839K

bytes of memory

Processor board ID FOC0716Z3GB

Last reset from system –reset
Running standard image
24 FastEthernet/IEEE 802.3 interface(s)

32k bytes of flash-simulated non-volatile configuration memory.

Base Ethernet MAC address 00:0c:ce:83:62:40
Motherboard assembly number 73-0965-01
Motherboard serial number : FOCO7170920
Power supply serial number :PHI071101LT
Model revision number :J0
Motherboard revision number : A0
Model number: WS-C2950-24
System serial number: FOCO716Z3GB
Configuration register is 0XF
Switchname#

MAC address tables

Since layer 2 switches use MAC addresses to filter network traffic, it stands to reason
that we can control MAC related function. A catalyst 2950 switch can store up to 1024
MAC address in its filter table, when the filter table is full, the switch will flood the

112
network with all new incoming frames until one of the existing addresses in the table
expires and is removed to view the table of MAC address, use the following command.

Switch# show Mac-address-table

Number of permanent addresses :0
Number of restricted static addresses :0
Number of dynamic addresses :9
Address Dest Interface Type Source
Interface
00D0.5868.F583 Fastethernet 2 Dynamic All
00E0.1E74.6ADA Fastethernet 1 Dynamic All
00E0.1E74.6AC0 Fastethernet 1 Dynamic All
0060.475D.2770 Fastethernet 2 Dynamic All
00D0.5868.C8C0 Fastethernet 2 Dynamic All
00D0.5868.EF00 Fastethernet 2 Dynamic All
00E0.1E746.080 Fastethernet 2 Dynamic All
00D0.C0F5.5B80 Fastethernet 2 Dynamic All

CLEARING THE MAC ADDRESS TABLE

If clear Mac –address-table is invoking with no option, all dynamic address are
removed. If you specify an address but do not specify an address, all address on the
specified interface are removed.
Switchname# clear Mac-address-table

Setting permanent MAC address.

Use the Mac-address-table permanent global configuration command to associate
a permanent unicast or multicast MAC address with a particular switched port interface
(specified by type and modal/port) use the no mac-address-table permanent command
to delete a permanent MAC address . This exp show how to specify that packets with the
multicast destination address 0150.80ca.2f07 should forward on the fast Ethernet
interface.

113
 Switchname(config)#mac-address-table permanent 01.50.80.ca.2f.07 fastethernet 0/27

VLAN (VIRTUAL LOCAL AREA NETWORK)

What is a VLAN?
A Virtual Local Area Network(VLAN) may be defined as a group of LANs that have
different physical connection, but which communicate as if they are connected on a
single network segment. VLAN’s were created because IT administrators realized that
there was a need for a network segmenting solution, since network traffic increase with
network size.
Typical routed network

To understand VLANS, it is first necessary to have an understanding of LANs. A local

Area Network (LAN) can generally be defined, as a collision domain Hubs, bridges or
switch in the same physical segment or segment connect all end node devices End nodes
can communicate with each other without the need for a routing communication with
devices on other LAN segments requires the use of a router. In that figure show a typical
LAN environment connected by router.
Each LAN is separated from the other by a router. The individual LANs and broadcast
domain are representing by the areas bounded by the dotted lines and numbered 1
through 5 for future reference. Note that the router interface for each LAN is included as
part of the LAN and broadcast domain.
As network expand, more router are needed to separate uses into broadcast and
collision domain and provide connectivity to other LANs in figure 1 LAN 2and 3

114
illustrate the use of a router to separate users in a single building into multiple broadcast
domains.
One drawback to this design is that routers add latency, which essentially delays the
process involved in routing data from one LAN to another. A router must use more of the
data packet to determine destination and route the data to the appropriate and node.
Virtual LANs (VLAN’s) can be viewed a group of devices on different physical LAN
segment, which can communicate with each other as if they ware all on the same physical
LAN segment.
VLAN –Benefits-
As we have seen, there are several benefits to using VLAN’s to summarize, VLAN
architecture benefits include:-
• Increase performance
• Improve manageability
• Network tuning and simplification of software configurations physical topology
intendance.
• Physical topology independence
• Increase security options

Increase performance:-
Switched network by nature will increase performance over shared media devices in use
today, primarily by reducing the size of collision will also increase performance by
limiting broadcast traffic to uses performing similar functions or with in individual
workgroup additionally , less traffic will need to be routed and the latency added by
router will be reduced.
Improve manageability:-
VLAN’s provide an easy flexible , less costly way to modify logical group in changing
environment, LAN make large network more manageable by allowing centralized
configuration of devices located in physically devices locations

Network tuning and simplification of software configurations:-

115
VLAN’s will allow LAN administrators to “fine tune ” their networks by logically
grouping uses. Software configuration can be made uniform across machines with the
consolidation of department resources in to a single subnet IP address, subnet masks and
local network protocols will be more consistent across the entire VLAN. Fever
implementations DHCP will be needed in this environment. These services can be more
effectively deployed when they spam building within a VLAN.
Physical topology independence:-
VLAN’s provide independence from the physical topology of the network by allowing
physically diverse workgroups to be logically connected with in a single broadcast
domain. If the physical infrastructure is already in place , it now become a simple matter
to add ports in new locations to existing VLAN’s , if a department expands or relocates
these assignment can take place in advance of the move and it is than a simple matter to
move devices with their existing configuration from one location to another,. The old port
can then be “decommissioned” for future use, or reused by t5he department for new uses
on the VLAN.
Increase security options:-
VLAN’s have the ability provide additional security not available in a shared media
networks environment. By nature, a switched network delivers frames only to the
intended recipients and broadcast frames only to other members of the VLAN. This
allows the network administrator to segment users requiring access to sensitive
information in to separate VLAN’s from the rest of the general user community
regardless of physical to location. In addition, monitoring of a port with a traffic analyzer
will only view the traffic associated with that particular port, making discreet monitoring
of network traffic more difficult it should be noted that the enhanced security an absolute
safe guard against security infringements what this provides is additional ”safeguards
against casual ” but unwelcome attempts to view network traffic.

VLAN LIMITATION
There are few limitation to using VLAN’s, some of the more notable being:-
• Broadcast limitation
• Device limitation

116
• Port constraints
Broadcast limitation:-
In order to handle broadcast traffic in an ATM VLAN environment it is necessary to have
a special server that is an integrated part as the ATM infrastructure. This server has
limitations in the number of broadcast that may be forwarded some network protocols
that will be running within individual VLAN’s such as IPX and Apple Talk., make
extensive use of broadcast traffic. This has the potential of impacting thresholds on the
switches or broadcast server and may require special consideration when determining
VLAN size and configuration.
Device limitation:-
The network of Ethernet address that can be supported by each device is 500. This
represent a distribution of about 20 devices per port. These number are actual technical
limitations that could be further reduced due to performance requirements of attached
devices.
These limitations are above recommended. Levels for high performance networking
from a pure performance standpoint, the ideal end user device to port ration would be one
device per port from a practical point of view, a single port could be shared by a number
of device that do not require a great deal of bandwidth and belong to some VLAN. An
exp of this would be a desktop computer printer and laptop computer for an individual
user.
Port constraints:-
If a departmental hub or switch is connected to a port, every on that hub must belong to
the same VLAN, hubs do not have the capability to provide VLAN to individual ports
and VLAN cannot be extended beyond the edge divided ports even if a switch capable of
supporting VLAN is attached.
VLAN increase overall network performance grouping users and resources that
communicate most frequently with each other. This means that the use of unicast or
broadcast data transmission is limited and traffic is reduced, if software based solution
and allow IT administrator to adapt to networking changes.

TYPES OF VLAN’S

117
According to Laser Corporation in general there are three basic models for determining
and controlling how a packet get assigned to a VLAN
Port-based VLAN’s:- In this implementation , the administrator assigns each port of a
switch to VLAN for exp port 1-3 might be assigned to assigned to the sales VLAN, port
4-6 to the Engineering VLAN and port 7-9 to the Administrative VLAN. The switch
determines the VLAN membership of each packet by noting the port on which it arrives.
DIG 10

1x 2x 3x 4x 5x 6x 7x 8x 9x 10x

SALES ENGINEERING ADMINISTRATIVE

In a port –based VLAN, each of a switch can be assigned to particular VLAN.

When a user is moved to a different port of the switch the administrator can simply
reassign the new port to the user’s old VLAN. The network changes are then completely
transparent to the wiring closet. However, this method has one significant drawback, if a
repeater is attached to port on the switch all of the user connected to that repeater must be
member of the same VLAN.

MAC address –based VLANs:-

The VLAN membership of a packet in this case is determined by its source or destination
MAC address. Each switch maintains a table of MAC addresses and their corresponding
VLAN membership a key advantage of this method is that switch does not need to be
configured when a user moves to a different port.

118
 However assigning VLAN membership to each MAC address can be a time
consuming task, also a single MAC address cannot easily a member of multiple VLANs
this can be a significant limitation, making it difficult to share resources between more
than one VLANs (171 through a MAC address can the cortically be assigned to multiple
VLANs this can cause serious problem with exiting and routing, producing confusion in
switch forwarding tables)

LAYER 3 (OR PROTOCOL)-BASED VLANS

With the method, the VLAN membership of a packet is based on protocols
(IP.IPX.NETBIOS etc) and layer3 address. This is the most flexible method and provides
the most logical groping of uses. An IP subnet or an IPX network For exp each can be
assigned their own VLAN. Additionally, protocol-based membership allows the assigned
their own VLAN additionally, protocol based membership allows the administrator to
assign non-routable protocols such as NETBIOS or DECnet. To larger VLANs than
routable protocols like IPX or IP, this maximizes the efficiency gains that are possible
with VLANs
Another important distinction between VLANs implementation is the method used to
indicate membership when a packet travels between switches two methods exist-implicit
and explicit
1. Implicit: - VLAN membership is indicated by the MAC address. In this case
all switches , that support a particular VLAN must share a table of member
MAC address
2. Explicit: - A tag is added to the packet to indicate VLAN membership,
Cisco ISL and IEEE 802.1q VLAN specification both use this method.
To summarize , when a packet enters its local switch, the determination of its VLAN
membership can be post-based, MAC-based or protocol-based when the packet travels to
other switches, the determination of VLANs membership for that packet can be either
implicit (using the MAC address) or explicit tagging as their preferred indication method.
MAC –based VLAN are almost always implicit
The bottom line is that the IEEE 802.1q specification is going to support port-based
membership and explicit tagging, so these will be the default VLAN model in the future.

119
REQUIREMENT TO SETUP VLANs
The following requirement must be satisfied before setting up VLAN in a network.
• The switches deployed in the network either must comply with IEEE802.1q standard
or must have a vendor-specific implementation of VLANs
• For an end-station to support multiple VLANs. it must be able to dynamically register
or must be statically configured to belong to a VLAN, if an end-station cannot
register or cannot be configured to belong to a VLAN, the end –station can belong
only to one VLAN. This VLAN is configured on the switch port to which the end-
station connects.
COMMUNICATION IN A VLAN
When a computer on a VLANs sends packets, they are only flooded to the members of
the VLAN. If there is communication between VLANs than the packet will need to go
through a router. The diagram below illustrates how communication occur between
geographically dispersed VLAN member, here VLAN 10(engineering) VLAN 20
(marketing) and VLAN 30 (finance) span three floors of a building, if a member of
VLAN 10 or floor 1 wants to communicate with a member of VLAN 10 on floor 3, the
communication occur without going through the router and packet flooding is limited to
port 1 of switch 2 and switch3 even if the destination MAC address to switch 2 and
switch3 is not know.

Configuring VLANs
Before you begin creating VLANs, you should determine whether the switch will
participate in a VTP configuration with the rest of the network, you must also enable a
trunk connection if you want to use VLANs across multiple switches.

120
Steps to configure a VLAN are
1. Enable VTP (optional)
2. Enable trunking (optional)
3. create VLANs
4. Assign VLAN to ports
Verifying VLANs
1. Verifying the VLAN configuration
2. Verifying VLAN membership
3. Prevent VLAN from crossing a trunking link
4. Prevent individual VLANs from crossing a trunk link
5. Verifying trunk link
6. Verifying VTP information
7. Enable VTP pruning

121
Enable VTP
When adding a new switch to an existing domain it is good idea if on VTP client
mode. This will prevent the switch from propagation any incorrect VLAN information to
other switch. In this example we will setup new VTP domain and place to switch in to
server mode. The password puts VTP into secure mode every in the management domain
must have a password assigned to if for the management domain to function properly in
secure mode.

Switch1# configure terminal

Enter configuration commands, one per line. End with CNTL/Z
Switch1(config)# vtp server
Switch1(config)# vtp domain ciscotest
Switch1 (config)#vtp password ccna

Enable trunking:-
The next step is to create a trunk connection with the other switch that will be sharing
VLAN information, to enable trunking on a port enter interface configuration mode for
the desired port and than use the trunk command with the appropriate option.
Switch1# configure terminal
Switch1(config)#interface f 0/26
Switch1(config-if)#trunk on

Create VLAN
To create a VLAN, enter global configuration mode and use the VLAN command with
the VLAN identifier (1-1005) and its name.

Switchname# configure terminal

Switchname(config)#VLAN 5 name accounting
Switchname(config)#VLAN 6 name management

122
Assign VLAN to ports
Now that the VLAN has been created, you can statically assign which port will be
members of the VLAN. A port can only belong to one VLAN at a time and by default all
port are members of VLAN1. to assign a VLAN to a port interface configuration mode
for the port and use the VLAN-membership command.
Switchname# configure terminal
Switchname(config)#interface e 0/4
Switchname(config-if)#VLAN membership static 4
Switchname(config)#interface e 0/5
Switchname(config-if)#VLAN membership static 5
Switchname(config)#interface e 0/6
Switchname(config-if)#VLAN membership static 6

Verifying the VLAN configuration

To view the Vlan configuration on the switch, use the SHOW VLAN command
Switchname1#show VLAN
Valn name status port
-----------------------------------------------------------------
--
1 default enabled 1-3, 7-24, AUI,A,B
5 accounting enabled 4, 5
6 management enabled
Optionally we view an individual VLAN to see how it’s configuration by using the show
VLAN(#)
Switchname1#show VLAN 5
VLAN name status port
-----------------------------------------------------------
5 accounting enable 2
----------------------------------------------------------
Vlan Type SAID MTU Parent Ring No Bridge.No Stp Trans1 Trans2
5 Ethernet 100005 1500 0 1 1 Unkn 0 0

123
Verifying Vlan membership
To view which port are assigned to VLAN use the following command
Switchname1#show Vlan –membership
Port VLAN Membership
1 1 static
2 1 static
3 1 static
4 5 static
5 5 static
6 6 static
7 1 static
8 1 static
(Output cut)
Prevent VLAN from crossing a trunk
All VLAN are configured on a trunked link unless we clear it manually. Use the
following command if you don’t want a trunk to carry VLAN information.
Switchname1(config)#int f0/ 26
Switchname1(config-if)#clear trunk-vlan 5

Prevent individual VLAN from crossing a trunk link

We can clear individual VLAN from crossing trunk link by using the following command
Switchname1(config)#int fa/26
Switchname1(config-if)#no trunk-Vlan 5

Verifying trunk link

To verify a trunk port use the show trunk [a][b] command. The a is for port fa/26 while
b represent f0/27.

Switchname1#show trunk a
DISL state: Auto, trunking: on, Encapsulation type: ISL

124
Switchname1#show trunk allowed-Vlan
1-4, 6-1004
Enabling UTP Pruning
If we enable VTP pruning on a VTP server we will enable if for the entire domain enable
VTP pruning with the command
Switchname1(config)#VTP pruning enable
Disable VTP pruning with
Switch(config)#VTP pruning disable.

Verifying UTP information.

After VTP has been enable and configured, we can view the configuration with the
following command
Switchname1#show VTP
VTP Version : 2
Configuration revision : 2
Maximum VLANs supported locally : 1005
Number of exiting VLANs : 2
VTP operating mode : server
VTP password : ccna
VTP Domain name : ciscotest
VTP Pruning mode : disable
VTP V2 mode : disable
VTP Traps Generation : Enable
MD5 digest : 0xb9 0xc7 0xb3 0xd4 0xba 0x94
0x03

FRAME-RELAY
Frame-relay is a high performance WAN protocol that operates at the physical and Data
link layer of the OSI model. Frame relay originally was designed for use across ISDN
interface. Today its used over a Varity of other interface as well.
Frame relay is an example of a packet switched technology. Packet-switched networks
enable and stations to dynamically share the network medium and the network medium

125
and the available bandwidth, variable-length packets are these packets then are switched
between the various network segments until the destination is reached- statistical
multiplexing techniques control network access in a packet-switched network the
advantage of this technique is that it accommodates more flexibility and more efficient
use of bandwidth.
Frame relay after is described as a streamlined version of x.25 offering fever of the
robust capabilities such as windowing and retransmissions of lost data , that are offered in
x-25 this is because frame relay typically operates over WAN facilities that after more
reliable connection services and a higher degree of reliability that the facilities available
during the late 1970’s and early 1980’s that served as the common platforms for x-25
WAN frame relay is strictly a layer 2 protocol suite, where x-25 provides service at layer
3 as well. This enables frames relay to offer a higher performance and greater
transmission efficiency that x-25 and makes frames relay suitable for current WAN
application such as LAN interconnection.
A major development in frame relay’s history occurred in 1990 when cisco system
Strata com Northern Telecom and DEC formed a consortium to focus on frame relay
technology development this consortium development a specification that conformed to
the basic frame relay protocol that was being discussed in CCITT(now called TIU-T) but
extended the protocol with features that provide additional capabilities for complex
internetworking environment. These frame relay extension are standardized their own
variations of the original LMI specification and these standardized specification now are
more commonly used than the original version.
Frame relay information
• Frame relay is a both a data link layer encapsulation type implementation on the
router and a physical service provided by telecommunication company.
• Frame relay is a packet switching and encapsulation technology that function at the
data link and physical layer of the OSI modal and run on nearly any type of serial
interface
• Access to frame relay network is made through private leased line at speeds ranging
from 56 kbps to 45 mbps

126
• Frame relay is a connection oriented packet switching mechanism that establishes
user’s between end point
• The ITU-T and AMSI define frame relay as a connection between the DTE (Data
Terminating Equipment) and the DCE (Data Communication Equipment)
• DCE is switching equipment, supplied by a telecommunication provider, that servers
as a connection to the Public Date Network (PDN)
• DTE is also known as customer premise equipment (CPE) because it is the equipment
that belongs to and is maintained by the PDN customers.
• If you connect your Cisco router to frame relay switch (provide by the phone
company) the Cisco router is the CPE(DTE) and the frame relay switch is the DCE

Physical connection
The physical equipment can very between organization some network may use router
with separate CSU/DSUs (Channel Service Unit/Data Service Unit) and same may use
router with built in CSU/DSU is located at the customer location of the digital
connection, and is used for encoding filtering and translating communication to end from
the digital line. In frame relay connections the network device that connects to and frame
relay switch is know as a frame relay access device (FRAD) also called a frame relay
Assembler/disassemble:-
The frame relay switch is also called the frame relay network device (FRND)pronounced
”friend” the network administrator typically handles the local connection up to the point
that it enter the PDN item that are part of the PDN, including the frame relay switch, fall
under control of and responsibility. of the telecommunication provider frame relay is
used over a variety of network interface.

Cisco frame relay support the following protocol

• IP
• DECNET
• Apple Talk
• Xerox Network Service

127
 • Novell IPX
• Connection less network Service (CLNS)
• International Organization for Standards (ISO)
• Banyan Vines
• Transparent bridging
Virtual circuits
Frame relay can be used with nearly any serial interface communication in a frame relay
network are connection oriented and a defined communication path must exits between
each pair of DTE devices. Virtual circuits provider a bi-directional communications path
from one DTE device to another and are uniquely identified by a Data Link Connection
Identifier (DLCI). The technology used in frame relay allows it to multiplex several data
flows over the same physical media.
Frame relay separates each data stream in to logical (software maintain) connections
called Virtual Circuits which carry the data transferred on the connection between two
DTE devices. Two types of virtual circuits, SVC’s (Switched Virtual Circuit) and PVC;s
(permanent Virtual Circuits) connect frame relay port. Switched virtual circuit allow
access through a frame relay network by setting up a path to the destination and point
only when it is no longer needed . permanent virtual circuits are permanent established
connections that are used for frequent and consistent data transfers between DTE devices,
across the frame relay network SVC’s and PVC’s can coeixist on the same sites and
router for exp router at remote branch offices might setup PVC’s to the central
headquarters for frequent communication, but set up SVC;s with each other as needed for
intermittent communication

Data Link Connection Identifier (DLCI)

Frame relay virtual circuits are identified by data link connection identifiers (DLCI). A
DLCI server as the addressing schema within a frame relay network. DLCI values
typically are assigned by the frame relay provider (e.g. Telephone Company). Frame
relay DLCI’s have local significant, which means that the values themselves are not
unique in the frame relay WAN for exp. Two DTE devices connection the service
provider assigns a DLCI for each VC, which are used by frame relay to distinguish

128
between different virtual circuits on the network, since many virtual circuit can be
terminated on one multipoint frame relay interface many DLCI are offer affiliated with it.
For the IP devices on each end of a virtual circuit to communicate, their IP address
need to be mapped to DLCI’s . this mapped can function as multipoint device one that
can identify to the frame relay network that appropriate destination virtual for each
packet that is sent over the single physical interface. The mapping can be done
dynamically with LARP or manually with the frame relay map command.
Every DLCI can have local or global meaning everywhere within the frame relay
network DLCI are usually assigned by the provider and start with 16. the following
command apply a DLCI number to an interface.
Routername3(config-if)#frame-relay interface-dlci ?
<16-1007> define a DLCI as part of the current Subinterface
Routername3(config-if)#frame-relay interface-dlci 16
%FR-5-DLCICHANGE: Interface Serial0 – DLCI 16 state
Changed to ACTIVE
Routername3(config-fr-dlci)#

Local management interface

The local management interface (LMI) is a set of enhancements to the frame relay
protocol specification. The LMI was developed in 1990 by four companies know as the
“Gange – of -four” Cisco system, Strantacom, Northern telecom, and DEL. It after a
number of features called extensions for managing complex Internetwork key frame
relay LMI extensions include global addressing, Virtual Circuit status messages and
multicasting. LMI was designed to exchange information about PVC status and to ensure
that link between two points was operating correctly LMI is a standard signaling
mechanism between CPE (usually a router) and the frame relay connection.
The global addressing extensions given frame relay DLCI value global rather than
local significance. DLCI become DTC address that are unique in the frame relay WAN.
Providing DLCI number that are globally rather than just locally significant makes
automatic configuration of the frame relay map possible, with LMI DLCI value are
unique within a frame relay network, and standard address resolution protocols as ARP

129
and reverse ARP and discovery protocol can be used to identify nodes with in the
network.
The LMI multicasting extension allows multicast group to be assigned. Multicasting
saves bandwidth by allowing routing update and address resolution messages to be sent
only to specific groups of router. The extension also transmits report on the status of
multicast groups in the update message
LMI uses keep live packets (sent every 10 second by default) to verify the frame relay
link and to ensure the flow of data. The frame relay connectivity devices the status of all
virtual circuit that the devices can utilize, each virtual circuit represented by its DLCI
number can have one of the three connection states.
Active:- the connection is working and routers can use it to exchange data.
Inactive:- The connection from the local router to the switch is working, but the
connection to the remote router is not available
Deleted:- No LMI information is being received from the relay switch: this can indicate
that the connection between the CPE and DCE is not functional.

The frame relay switch reports this status information to the frame relay map on the
local router. The status information is used by the frame relay connectivity device to
determine whether data can be transmitted over the configured virtual circuit. The LMI
messages can provides information about the following
• Keep a lives:- verifies that data is flowing
• Multicasting:- provides the network server with its local DLCI and the multicast
DLCI.
• Global addressing:- gives DLCI global rather than local significance in frame relay
networks
• Status of virtual circuits:- provides an ongoing status report on the DLCI know to
the switch.
LMI –Auto Sence
Beginning with Cisco IOS release 11.2, the software supports local management interface
(LMI) Auto sence, which enable the interface to determine the LMI types supported by
the switch. Support for LMI auto sence means that you are no longer required to

130
configure the Local Management Interface (LMI) explicitly. If the frame relay responds
with more than one type, the Cisco router will automatically configure itself to use the
last LMI types received. We can Tran off LMI auto sence by explicitly configuring an
LMI type. The LMI type must be written into NVRAM so that the next configuring an
LMI type.
The LMI type must be written into NVRAM so that the next time the router powers
up, LMI auto sence will be inactive, at the end of auto install. A frame-relay LMI type
xxx statement is included within the interface configuration
Explicitly Configuring LMI Type:-
The default type is Cisco, but we can manually change it to ANSI or Q.933A. if we
configure the LMI type manually, we can deactivate LMI auto sence. If router is attached
to a public data network (PDN), the LMI type must match the type used on the public
network, otherwise the LMI type can be suit the needs of your private frame network . the
following command change the LMI to ANSI and explicitly set the keepalive time
interval.
Routername3 (config)#int sl
Routername3 (config-if)#ip address 192.168.1.55.2 255.255.255.0
Routername3 (config-if)#encapsulation frame-relay
Routername3 (config-if)#bandwidth 64
Routername3 (config-if)#frame-relay lmi-type ?
Cisco
Ansi
Q933a
Routername3 (config-if)#frame-relay lmi-type ansi
Routername3 (config-if)#keepalive 8
Routername3 (config-if)#exit

Keepalives:-
A keepalives interval must be set to configure the LMI. By default, this interval is 10
second (can be from 0 to 32768) and, per the LMI protocol, must be less than the
corresponding interval on the switch on network that do not utilize LMI.

131
LMI types:-
• Cisco:- LMI defined by the gang of four (default). It allow for 992 virtual circuits
address and uses DLCI 1023 as a management circuit, which transfer link and DLCI
status messages.
• ANSI: - ANSI Standard T1 .617 annex D provides for 976 virtual circuit addresses
and uses DLCI 0 as the management circuits.
• Q.933a:- FTU-T Q.933 Annex A, similar to Ansi T1.617 Annex D. Uses DLCI) as a
management circuit.
Frame relay that conform to the LMI specification have one the following message types.
• Status Inquiry Message:- allow a user device to inquire about the status of the
network
• Status message:- responds to status inquiry message. Status messages include
keepalive and PVC status messages
The LMI virtual circuit status message provide communication and synchronization
between frame relay DTE and DCE devices. These message are used to periodically
report on the status of PVCs which prevent the data from being sent over PVCs that no
longer exist. Information in status messages includes all / some of the following.
• New: - used if a new DLCI connection has been configured.
• Active: - used to indicate whether the virtual circuit is a available for data transfer.
• Receiver not ready:- used for flow control to indicate that the virtual circuit is
congested. This option is not available for the q.933a LMI type.
• Minimum bandwidth:- indicates the minimum available bandwidth.
• Global addressing:- used to give DLCI global significance.
• Multicasting:- used to configured a group of destination address rather than a single
address. The IEEE has reserved DLCI member. 1019 through 1022 for this purpose
frame relay device use multicasting to make. DLCI number globally significant by
advertising them across the frame relay network.
Split Horizons

132
 Split horizons is a routing technique that reduces the change of routing loops on a
network. A split horizons implementation prevents routing update information received
on one physical interface from being re-broadcast to other device through the same
physical interface. Although split horizon is good for reducing routing loops, it can cause
problem for frame relay routing updates.
Consider three router called A,B and C that have one physical connection between
them (e.g. A-B-C) routername A can communicate with routername B and routername B
can communicate with router C and routername B can talk to both A an B C. on a LAN ,
A could talk to C, but not in frame relay, unless router A had a PVC to routername C. the
best solution is to configure Subinterface for each virtual connection, because the
individual virtual circuits can be maintained and split horizon can remain on. Routing
update information that is received through one Subinterface can be propagated to other
Subinterfaces, dividing the serial 0 interface on routername B into s0.1 and s0.2
Subinterface allows a different subnet identifier to be assigned to each virtual circuit, this
allow router updates to go from routername C to routername A and vice versa.

Two types of Subinterfaces

1. Point to point: - used when a single virtual circuit connect one router to another.
Each point to point Subinterface remains its own subnet
2. Multipoint:-used when the router is the center of a star of virtual circuits. Uses a
single subnet for all the router’s serial interface connected to the frame switch.
Subject split horizon rule.
Configuring Subinterfaces on frame relay
• point to point connections:- we first set the encapsulation type on the serial
interface, than we can define the Subinterface . this example set three Subinterfaces
and the DLCI associated with the virtual circuits.
Routername3(config)#interface serial 0
Routername3(config-if)#no ip address
Routername3(config-if)#encapsulation frame –relay
Routername3(config-if)#exit
Routername3(config)#interface serial 0.1 point to point

133
Routername3(config-subif)# ip address 192.168.10.1 255.255.255.0
Routername3(config-subif)#bandwidth 64
Routername3(config-subif)#frame-relay interface-dlci 20 b
Routername3(config-if)#exit
Routername3(config)# interface serial 0.2 point to point
Routername3(config-subif)# ip address 192.168.20.1 255.255.255.0
Routername3(config-subif)#bandwidth 64
Routername3(config-subif)#frame-relay interface-dlci 300 b
Routername3(config-if)#exit
Routername3(config)#interface serial 0.3 point to point
Routername3(config-subif)# ip address 192.168.30.1 255.255.255.0
Routername3(config-subif)#bandwidth 64
Routername3(config-subif)#frame-relay interface-dlci 400 b
Routername3(config-if)#exit
Routername3(config)#router igrp 110
Routername3(config-router)#network 192.168.10.0
Routername3(config-router)#network 192.168.20.0
Routername3(config-router)#network 192.168.30.0

Multipoint connections:-
For the following notice how each DLCI mapping is on the same subnet, this is for a
multipoint connection. The bit for enabling broadcast updates to the to the specific virtual
circuit. Instead of using a frame-relay map command for every virtual circuit we use the
frame relay inverse –arep function dynamic mapping of the ip address to the DLCI
member. Frame relay inverse ARP is on by default and is only disable if you explicit
disable if. When the frame –relay map command is used, inverse ARP is automatically
disabled for the specified protocol on the specified DLCI
Routername3 (config)#interface serial 1
Routername3 (config-if)#no ip address
Routername3 (config-if)#encapsulation frame-relay
Routername3 (config-if)#exit
Routername3 (config)#interface serial 1.2 multipoint
Routername3 (config-subif)#ip address 172.16.1.1 255.255.0.0

134
Routername3 (config-subif)#frame-relay interface-dlci 100 b
Routername3 (config-subif)#bandwidth 64
Routername3 (config-subif)#frame-relay map ip 172.16.1.2 200 b
Routername3 (config-subif)#frame-relay map ip 172.16.1.3 300 b
Routername3 (config-subif)#frame-relay map ip 172.16.1.4 400 b
Routername3 (config-subif)#exit
Routername3 (config)#router igrp 222
Routername3 (config-router)#network 172.16.1.0

135