CN L1-L8[1].pdf

Full Transcript

Lecture 01
Introduction to Routers

Module Code | Module Name | Lecture Title | Lecturer
Module Delivery
Per Week
2hr Lecture
1hr Tutorial
2hr Practical session ( once in 2 weeks)

Module delivery clarifications
Within the lecture, tutorial and lab sessions

Panel of Lecturers
Mr.Dhammika De Silva - Metro

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Module Assessment Criteria

Continues Assessments – 40 %
Online practical Exam 1 - 1 hr - ( week 5) – 10 %
Online practical Exam 2 - 1 hr - ( week 12) – 10 %
Mid Online - 1 hr - ( week 8) - 20 %

Final Examination – 60%

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Recommended Books

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Lecture 1
Overview of Configuration of
Network Devices

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Network Devices –
Internal Components

CPU Buses
RAM ROM
Flash Interfaces
NVRAM
Power Supply
IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Cisco IOS Software

As with a computer, a network device cannot function
without an operating system.

Cisco calls its OS as the Cisco Internetwork Operating
System or Cisco IOS.

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Command Line Interface
(CLI)
The Cisco IOS software uses a command-line interface (CLI)
as the traditional console environment.
This environment is accessible through several connection
methods:
Console
AUX port
Telnet

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
 Dial-up Device
Modem

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
User Level Passwords

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Modes

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Modes

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Modes

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Modes

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Memory

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Memory cont.

RAM
- Store running or active configuration file
- Loses content when router is powered down
- A working storage

ROM
- Read-Only Memory
- Stores bootable IOS image and bootstrap program

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Memory cont.

NVRAM
- Provides storage for the startup configuration file
- Retains content when router is powered down

Flash memory
- Holds the fully functional IOS image
- Retains content when router is powered down
- Is a type of electronically erasable, programmable ROM
(EEPROM)

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Router Memory cont.

Bootup program
startup-config
Bootable IOS

running-config

IOS

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
Displaying configuration files
show running-config

show startup-config

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
 Managing configuration files

Copy Command
- copy files in a router (configuration file, new version of the IOS Software)
- Move configuration files among RAM, NVRAM, and TFTP server

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
 copy running-config startup-config
Router# copy startup-config running-config

During bootup

running-config
startup-config

Router# copy running-config startup-config

Changes to the router are put in the running-config file.
If the router loses power or reboots, everything in RAM is lost
including the running-config file.
To make sure the changes to the router’s configuration remain
saved, you must copy the running-config from RAM into the
startup-config into NVRAM:
Router# copy running-config startup-config
IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
copy running-config startup-config cont.
Router#copy running-config startup-config
Destination filename [startup-config]?
Building configuration...

Router#show startup-config
!
version 12.0
service timestamps debug uptime The startup-config file now identical
service timestamps log uptime
no service password-encryption
to running-config and the router will
! also have these changes if the router
hostname Router
! reboots.
!
ip subnet-zero
!
interface Ethernet0
no ip address
no ip directed-broadcast
shutdown
!

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
running-config

startup-config

IOS

copy tftp startup-config
copy tftp running-config

copy tftp flash

copy flash tftp

copy startup-config tftp

copy running-config tftp

IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
IT2050| Computer Networks | Introduction to Routers| Hansika Mahaadikara
IT2050 - COMPUTER NETWORKS
Lecture 2
IP Addressing

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Addressing with TCP/IP
Address

Physical Logical Port
Address Address Address

MAC Address IP Address Port Address

Identify a Computer Identify a Process

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Physical Address
Stored in the Network Interface Card (NIC)
A hardware setting set by the manufacturer of NIC.
Unchangeable
Ex :- MAC address
For Ethernet, the MAC address is a 48 bit or 12 Hex number
Ex : 5A:B3:87:F1:93:7C
5A-B3-87-F1-93-7C
MAC address operates in the Data Link Layer (Layer 2)

Ethernet Frame CRC/FCS DATA DA SA SOF Preamble

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Logical Address
Address scheme depends on the used protocol

Widely used protocol is TCP/IP
Ex :- IP Address
192.168.16.53
10.39.40.3

Logical address operates at the Network Layer (Layer 3)

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IP Address
Uniquely identifies devices

IP Version 4 (IPV4)
32 bit scheme
IP Addresses
IP Version 6 (IPV6) (IPng)
128 bit scheme

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IP Version 4 (IPV4)
The 32 bits are represented in following manner.
Byte 1. Byte 2. Byte 3. Byte 4
( 1 byte = 8 bits)

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IP Version 4 (IPV4) cont.

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IP Version 4 (IPV4) cont.
The minimum value of a byte
00000000 = 0
The maximum value of a byte
11111111 = 255
The minimum IP Address
0.0.0.0
The maximum IP Address
255.255.255.255

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Network ID and Host ID
IP Addresses  Network ID + Host ID

Class Net ID Host ID
A 1 Byte 3 Bytes
B 2 Bytes 2 Bytes
C 3 Bytes 1 Byte

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IPv4 Address Classes

10 Rick Graziani [email protected]
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classes of IP addresses cont.
Class D is introduced for Multicasting

Class E is reserved

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classes of IP addresses cont.
Class D Addresses
A Class D address begins with binary 1110 in the first octet.
First octet range 224 to 239.
Class D address can be used to represent a group of hosts called a host group, or
multicast group.

Class E Addresses
First octet of an IP address begins with 1111
Class E addresses are reserved for experimental purposes and should not be used
for addressing hosts or multicast groups.

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 Class A byte 1 0

Class B byte 1 1 0

Class C byte 1 1 1 0

Class Minimum Network ID Maximum Networks ID

0 0000000 0 1111111
A 0 127
10 000000.00000000 10 111111.11111111
B 128.0 191.255

C 110 00000.00000000.00000000 110 11111.11111111.11111111
192.0.0 223.255.255

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 Class A – 2^7
Class B – 2^14
Class C – 2^21

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Network Address and Broadcast Address

For the Network Address, the Host ID part of the IP Address will be
considered as All 0s
For the Broadcast Address, the Host ID part of the IP Address will be
considered as All 1
Ex : 103.58.35.1
This is a Class A address
Net ID is = 103
Host ID is = 58.35.1

Network Address  103.0.0.0
Broadcast Address  103.255.255.255

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 198. 8. 0. 1 Class C
1100 0110. 0000 1000. 0000 0000. 0000 0001

Network ID : 3 bytes (24 bits) Host ID : 1 byte (8 bits)

Both in Network ID and Host ID all 0s and all 1s are reserved for
special purposes.
The actual maximum no. of Hosts per Network
=28 - 2 = 254
Network Address :
1100 0110. 0000 1000. 0000 0000. 0000 0000 (198.8.0.0)
Broadcast Address :
1100 0110. 0000 1000. 0000 0000. 1111 1111 (198.8.0.255)
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classful Addressing - Subnet Mask

Net ID part : All 1’s
Host ID part : All 0’s

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Exercise
IP Address Class Subnet Actual Network Broadcast
Mask No.of Address Address
hosts

140.35.45.55
50.60.70.5
201.35.40.201
125.38.55.185
193.201.55.105

127.53.35.10

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IP address of a Router

A router has many ports. (LAN and WAN Ports)
An IP address is assigned to each port.
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Default Gateway IP Address
Network Address Gateway
IP Address
120.0.0.0 120.0.0.50
152.20.0.0 152.20.0.50
200.53.30.0 200.53.30.50
201.55.30.0 201.55.30.50
138.57.0.0 138.57.0.50
180.50.0.0 180.50.0.50

The IP address of router port which
is connected to a particular LAN is
called the “Gateway IP Address” of
the LAN

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Public IP Addresses
A public IP address is any valid address that can be accessed over the Internet

The Internet is a Public Computer Network which is spread all over the world.
Allocations of IP addresses are controlled by the Internet Assigned Number
Authority (IANA) which responsible for the IP address ranges allocation to different
countries.
CINTEC assigns different range of IP address to different Internet Service Providers
(ISPs)
The ISPs allocate IP addresses to their customers
Sri Lanka Telecom(SLT) provides allocates 8 IP addresses for each 64 kb/s leased
line.

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Private IP Addresses
A private IP address is address assigned to a device on a private LAN that is
accessible only within the LAN.

A network which is not connected to Internet can use any IP address range
without obtaining any permission
It is not advisable to use any IP address since the network may connect to Internet
in the future
To avoid such problems, IANA has reserved some IP address ranges for private use
Class Private Network Address No.of Networks
A 10.0.0.0 1
B 172.16.0.0 to 172.31.0.0 16
C 192.168.0.0 to 192.168.255.0 256

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IP special addresses
Net ID Host ID Remarks
Network Address Specific All 0’s None

Direct Broadcast Specific All 1’s Destination Address
Address
Limited Broadcast All 1’s All 1’s Destination Address
Address
This Host on this All 0’s All 0’s Source Address
Network
Specific host on this All 0’s Specific Destination Address
network
Loopback Address 127 Any Destination Address

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Network Address

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Direct Broadcast Address

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Limited Broadcast Address

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
This host on this network

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Specific host on this network

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Loopback address

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classful Addressing

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Masking Concept

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
AND Operation

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Subnetting – Classless Addressing
Suppose you are given a network address 150.100.0.0 /16 for your network.
10010110.01100100.00000000.00000000
You have the computers of Finance, Production and Administration Sections. In
order to enhance the efficiency of network you want divide this into three
networks. But you cannot get another two network addresses. This requirement
can be satisfied from the same network address by using the subnet concept.

Now the IP address is divided into three parts.
Net ID Subnet ID Host ID

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classless Addressing cont.
The original Net ID bits not changed.
Part of Host ID is allocated for “Subnet ID”.
Most significant bits allocated as Subnet ID.
XXXX XXXX. XXXX XXXX.. XXXX XXXX. XXXX XXXX
Net ID Subnet ID Host ID

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classless Addressing cont.
subnets can be written as
Subnet 0 10010110.01100100.00000000.00000000
Subnet 1 10010110.01100100.01000000.00000000
Subnet 2 10010110.01100100.10000000.00000000
Subnet 3 10010110.01100100.11000000.00000000

In dotted decimal, it can be written as,
Subnet 0 address 150.100.0.0 /18
Subnet 1 address 150.100.64.0 /18
Subnet 2 address 150.100.128.0 /18
Subnet 3 address 150.100.192.0 /18

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classless Addressing cont.
For the above example the Finance, Production and Administration Sections
can be put to three subnets as follows.
Consider the hosts in subnet
150.100.64.0
150.100.64.0
The IP addresses can be given as
150.100.64.1
R 150.100.64.2
150.100.128.0 150.100.64.3
150.100.64.4 etc.

150.100.192.0

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
Classless Addressing cont.
In classless addressing the number of bits for network address cannot be
decided.
Indicated with a “/” symbol.
The IP address is written as,
150.100.64.1 /18
150.100.64.2 /18
150.100.64.3 /18
the subnet mask will be,
11111111.11111111.11000000.00000000
255.255.192.0

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 Write the possible 12 subnet addresses of 150.72.0.0 / 16 network.

150.72.96.0 / 20
150.72.0.0 / 20
150.72.16.0 / 20 150.72.112.0 / 20

150.72.32.0 / 20 150.72.128.0 / 20

150.72.48.0 / 20 150.72.144.0 / 20

150.72.64.0 / 20 150.72.160.0 / 20

150.72.80.0 / 20 150.72.176.0 / 20

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 VLSM
Variable Length Sub-netting

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 An organization is granted the block 130.34.12.64/26.
The organization needs 4 subnets. What is the subnet
prefix length?

Solution
We need 4 subnets, which means we need to add two
more bits (log2 4 = 2) to the site prefix. The subnet
prefix is then /28.

40 TCP/IP Protocol Suite
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
VLSM
Variable Length subnet Masking

The number of devices are not equal in all the subnets

Prefixes vary for separate subnets

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 Class-full routing
– Only allows for one subnet mask for all networks

VLSM & Classless routing
– The process of subnetting a subnet
– More than one subnet mask can be used
– More efficient use of IP addresses as compared to classfull IP
addressing

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 An organization is granted a block of addresses with the
beginning address 14.24.74.0/24. There are 232−24= 256
addresses in this block. The organization needs to have 11
subnets as shown below:
a. 2 subnets, each with 64 addresses.
b. 2 subnets, each with 32 addresses.
c. 3 subnets, each with 16 addresses.
d. 4 subnets, each with 4 addresses.
Design the subnets.
44 TCP/IP Protocol Suite
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
TCP/IP Protocol Suite 45
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 VLSM Example using /30 subnets
207.21.24.0/24 network subnetted into eight /27 (255.255.255.224) subnets
This network has seven /27 subnets with 30 hosts each AND eight /30 subnets with 2
hosts each.
/30 subnets are very useful for serial networks.

207.21.24.192/27 subnet, subnetted into eight /30 (255.255.255.252) subnets

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 207.21.24.192/27 207.21.24. 11000000
/30 Hosts Bcast 2 Hosts
0 207.21.24.192/30 207.21.24. 110 00000 01 10 11.193 &.194
1 207.21.24.196/30 207.21.24. 110 00100 01 10 11.197 &.198
2 207.21.24.200/30 207.21.24. 110 01000 01 10 11.201 &.202
3 207.21.24.204/30 207.21.24. 110 01100 01 10 11.205 &.206
4 207.21.24.208/30 207.21.24. 110 10000 01 10 11.209 &.210
5 207.21.24.212/30 207.21.24. 110 10100 01 10 11.213 &.214
6 207.21.24.216/30 207.21.24. 110 11000 01 10 11.217 &.218
7 207.21.24.220/30 207.21.24. 110 11100 01 10 11.221 &.222

Rick Graziani
47
[email protected] IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 207.21.24.192/30
207.21.24.192/30 207.21.24.204/30
207.21.24.204/30
207.21.24.216/30
207.21.24.216/30
207.21.24.96/27 207.21.24.128/27
207.21.24.64/27
207.21.24.64/27
207.21.24.208/30
207.21.24.196/30
207.21.24.196/30 207.21.24.200/30
207.21.24.212/30

207.21.24.160/27 207.21.24.224/27 207.21.24.32/27 207.21.24.0/27
207.21.24.160/27 207.21.24.224/27

This network has seven /27 subnets with 30 hosts each AND seven /30 subnets with 2 hosts
each (one left over).
/30 subnets with 2 hosts per subnet do not waste host addresses on serial networks.
IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
VLSM and the Routing Table
Routing Table without VLSM
RouterX#show ip route
Displays one subnet mask for
207.21.24.0/27 is subnetted, 4 subnets all child routes. Classful
C 207.21.24.192 is directly connected, Serial0 mask is assumed for the
C 207.21.24.196 is directly connected, Serial1 parent route.
C 207.21.24.200 is directly connected, Serial2
C 207.21.24.204 is directly connected, FastEthernet0
Each child routes displays its own subnet mask.
Classful mask is included for the parent route.
Routing Table with VLSM
RouterX#show ip route
207.21.24.0/24 is variably subnetted, 4 subnets, 2 masks
C 207.21.24.192 /30 is directly connected, Serial0
C 207.21.24.196 /30 is directly connected, Serial1
C 207.21.24.200 /30 is directly connected, Serial2
C 207.21.24.96 /27 is directly connected, FastEthernet0
Parent Route shows classful mask instead of subnet mask of the child
routes.
Each Child Routes includes its subnet mask.

IT 2050| Computer Networks| IP addressing| Hansika Mahaadikara
 Computer Networks
Lecture 3

IPv6 Addressing
Why IPv6

 IPv4 has a theoretical maximum of 4.3 billion
addresses
 plus private addresses in combination with NAT
 NAT having limitations in peer-to-peer
communications
 With an Internet of things, devices other than
computers, tablets, and smartphones, sensors,
Internet-ready devices, automobiles, biomedical
devices, household appliances, natural ecosystems
etc… need to connect to the internet.
Why IPv6
How it looks like

 IPv6 has a larger 128-bit address space
 340 undecillion addresses. (That is the number 340, followed by 36
zeroes.)
 When the IETF began its development of a successor to IPv4, so it fix
the limitations of IPv4 and include additional enhancements
 Ex- 2001:0DB8:0000:1111:0000:0000:0000:0200
Hextet used to refer to a segment of 16 bits or four hexadecimals
 IPv4 and IPv6 Coexistence

 Dual Stack –dual stack allows IPv4 and IPv6 to
coexist on the same network segment. Dual
stack devices run both IPv4 and IPv6 protocol
stacks simultaneously.
 Tunneling –tunneling is a method of transporting
an IPv6 packet over an IPv4 network. The IPv6
packet is encapsulated inside an IPv4 packet,
similar to other types of data.
 Translation – Network Address Translation 64
(NAT64) allows IPv6-enabled devices to
communicate with IPv4-enabled devices using a
translation technique similar to NAT for IPv4. An
IPv6 packet is translated to an IPv4 packet and
vice versa.
Address formats
IPv6 Address - Rule 1 (Omitting Leading 0s)

 The first rule to help reduce the notation of IPv6 addresses is any leading 0s (zeros)
in any 16-bit section or hextet can be omitted
 01AB can be represented as 1AB
 09F0 can be represented as 9F0
 0A00 can be represented as A00
 00AB can be represented as AB
IPv6 Address -Rule 2 (Omitting All 0 Segments)

 A double colon (::) can replace any single, contiguous string of one or more 16-bit
segments (hextets) consisting of all 0’s
 Double colon (::) can only be used once within an address otherwise the address will
be ambiguous
 Known as the compressed format
 2001:0DB8::ABCD:0000:0000:1234
 2001:0DB8::ABCD:0000:0000:0000:1234
 2001:0DB8:0000:ABCD::1234
 2001:0DB8:0000:0000:ABCD::1234
IPv6 Address Types

 There are three types of IPv6 addresses:
 Unicast
 Multicast
 Anycast

*** IPv6 does not have broadcast addresses.
 IPv6 Unicast Addresses
 Global unicast
 Similar to a public IPv4 address.
 Globally unique, Internet routable addresses.
 Global unicast addresses can be configured statically or assigned dynamically.
 Currently, only global unicast addresses with the first three bits of 001 or 2000::/3 are
being assigned. (The first hextet has a range of (2000) to (3FFF).
 Link-local
 Link-local addresses are used to communicate with other devices on the same local
link. (The first hextet has a range of (FE80) to (FEBF).)
 Unique local
 Similar to the private addresses for IPv4, but there are significant differences.
 (FC00::/7 to FDFF::/7)

*** 2001:0DB8::/32 address has been reserved for documentation purposes
 Host Configuration
 Manually configuring the IPv6 address on a host is similar to configuring an
IPv4 address.
 the default gateway address configured for PC1 is 2001:DB8:ACAD:1::1. This
is the global unicast address of the Router GigabitEthernet interface on the
same network.
 the default gateway address can be configured to match the link-local
address of the GigabitEthernet interface of the router.
Dynamic Configuration - SLAAC
 Stateless Address Autoconfiguration (SLAAC) is a method that allows a
device to obtain its prefix, prefix length, default gateway address, and
other information from an IPv6 router without the use of a DHCPv6 server.
EUI-64 Process
 IEEE defined the Extended Unique Identifier (EUI) or modified EUI-64
process. This process uses a client’s 48-bit Ethernet MAC address,
and inserts another 16 bits in the middle of the 48-bit MAC address
to create a 64-bit Interface ID.

 Step 1: Divide the MAC address between the OUI and device identifier.
 Step 2: Insert the hexadecimal value FFFE, which in binary is: 1111 1111
1111 1110
 Step 3: Convert the first 2 hexadecimal values of the OUI to binary and
flip the U/L bit (bit 7). In this example, the 0 in bit 7 is changed to a 1
Questions ?
 IT2050 - Computer Networks

Lecture 3
Routing Protocols

Ms. Hansika Mahaadikara

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
What Is Routing?
To route, a router needs to do the following:
– Know the destination address.
– Identify the sources it can learn from.
– Discover possible routes.
– Select the best route.
– Maintain and verify routing information.
10.120.2.0 172.16.1.0

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
What Is Routing? (cont.)
10.120.2.0 172.16.1.0

E0
S0

Network Destination Exit
Protocol Network Interface

Connected 10.120.2.0 E0 Routed Protocol: IP
Learned 172.16.1.0 S0

Routers must learn destinations that are
not directly connected.
IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
 Identifying Static & Dynamic Routes
Static Route Dynamic Route

Uses a route that a network Uses a route that a network routing
administrator enters into the protocol adjusts automatically for
router manually topology or traffic changes

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
 Direct Delivery

Send a message to a machine in the SAME LAN

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Indirect Delivery

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Indirect Delivery cont.
To send a packet from source to destination, need to
go to the network
( packet should go from router to router )
All routers should maintain a routing table
IP packet is analyzed at the router and correct path is
selected form the routing table
The packet is sent though that path
Indirect delivery is done using the routing strategies

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Table

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Adaptive Routing
Routing Strategies
There are four routing strategies
- Fixed Routing
- Flooding
- Random Routing
-

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Adaptive Routing
Each router maintains a routing table
Routing table modifies itself according to the network changes
Advantages
- Network traffic is minimized
- Low latency
- The best route will be selected most
Disadvantages
- Router memory need to keep a routing table

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Methods used in
Adaptive Routing

Next hop routing
Host specific
Network specific

Default routing

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Host Specific Routing
Each router keeps one record/entry for each
Table entry has Host IP and the Interface
Host Address Interface
192.168.50.1 E0
192.168.50.6 E0
172.18.2.9 S1
172.18.5.96 S1

Disadvantages
Large number of records
Table updating is difficult and complex as it should be done for
each and every host (if the host IP changes)

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Network Specific Routing
Each router keeps a table entry for each network (one
record for one network)
Table entry has Network address and Interface

Network Address Interface
192.168.50.0 E0
172.18.0.0 S1

Advantages
Number of records are limited (Table updates are not for
each host but for a network)
Update is easy

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Table update Methods

Basic methods to update routing tables
- Connected
- Static
- Dynamic

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Connected
Once the router is connected to the network its
interfaces are given IP addresses
With that router automatically identifies the network
addresses to which it connected

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Connected cont.

R1#show ip route
Codes: C - connected, S - static,
Gateway of last resort is not set

172.16.0.0/24 is subnetted, 2 subnets
C 172.16.2.0 is directly connected, Serial0/0/0
C 172.16.3.0 is directly connected, FastEthernet0/0

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Static
Administrator can manually give routing table records

Router(config)#ip route

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Static cont.
R1(config)#
R1(config)#ip route 172.16.1.0 255.255.255.0 172.16.2.2
R1(config)#ip route 192.168.1.0 255.255.255.0 172.16.2.2
R1(config)#ip route 192.168.2.0 255.255.255.0 172.16.2.2
R1(config)#

R1#show ip route
Codes: C - connected, S - static
Gateway of last resort is not set

172.16.0.0/24 is subnetted, 3 subnets
S 172.16.1.0 [1/0] via 172.16.2.2
C 172.16.2.0 is directly connected, Serial0/0/0
C 172.16.3.0 is directly connected, FastEthernet0/0
S 192.168.1.0/24 [1/0] via 172.16.2.2
S 192.168.2.0/24 [1/0] via 172.16.2.2
IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Static cont.
Advantages:
Minimal CPU processing
Easier for administrator to understand and configure
Disadvantages:
Configuration and maintenance is time-consuming
Configuration is error-prone
Administrator should maintain changing route information
Does not scale well with growing networks; maintenance becomes complex
Requires complete knowledge of the whole network for proper implementation

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Default Routing
Last record in the routing table
Indicates the route/path to be taken, if any of the
records does not match with the IP packet destination
IP address
Stub networks only use default routing , Stub
networks have only one exit port out of the network

R(config)#ip route 0.0.0.0 0.0.0.0

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Default Routing cont.
B(config)#
B(config)#ip route 0.0.0.0 0.0.0.0 172.16.2.2
B(config)#

B#show ip route
Codes: C - connected, S - static

Gateway of last resort is 172.16.2.2 to network 0.0.0.0

172.16.0.0/24 is subnetted, 2 subnets
C 172.16.1.0 is directly connected, FastEthernet0/0
C 172.16.2.0 is directly connected, Serial2/0
S* 0.0.0.0/0 [1/0] via 172.16.2.2
B#

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Dynamic Routing Scenario

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Dynamic Routing Scenario

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Dynamic
Routing tables are updated automatically by using routing protocols

Routing tables have
Initially only connected records
Then add static’ records
Then automatic dynamic updates

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Dynamic cont.
Advantages:
Administrator has less work maintaining the configuration when adding or deleting
networks
Protocols automatically update, according to the topology changes.
Configuration is less error-prone
Suitable for More scalable, growing networks

Disadvantages:
Router resources are used (CPU cycles, memory and bandwidth)
More administrator knowledge is required for configuration, verification, and
troubleshooting

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Protocols

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
 Features of Routing Protocols
Network changes (addition or removal or fault) are automatically
updated in routing tables of all routers

When there are many routes to a destination, the best route should be
selected

Share the traffic through different routes

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
What Is a Routing Protocol?
Routing Protocols 10.120.2.0 172.16.1.0

allow routers to E0
S0
dynamically advertise
and learn routes,
determine which
routes are available
and which are the Network
Protocol
Destination
Network
Exit
Interface
172.17.3.0

most efficient routes Connected 10.120.2.0 E0
to a destination RIP 172.16.2.0 S0
EIGRP 172.17.3.0 S1

Routing Protocol: RIP, EIGRP,OSPF

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Protocols

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Protocols cont.
An autonomous system (AS) is a collection of routers under a common
administration
ex : a company's internal network
Interior Gateway Protocols (IGP) are used for
intra-autonomous system routing
(routing inside an autonomous system)
Exterior Gateway Protocols (EGP) are used for
inter-autonomous system routing
(routing between autonomous systems)

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Routing Protocols cont.

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Interior Gateway Protocols (IGP)

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
RIP
(Routing Information Protocol)

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
RIP (Routing Information Protocol)
A Distance-vector routing protocol
It sends the complete routing table out to all active interfaces in every 30
seconds
Only uses hop count to select best way to a remote network
RIP works well in small networks, but it is inefficient on large networks

There are two versions
RIP v1, RIP v2

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
RIP Configuration

Router(config)#router rip

Router(config-router)#network

< network-address>
Directly connected network addresses

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
RIP Configuration Example
Version 1
E0 S0 S1 S0 S1 E0
172.16.0.0 A 192.168.1.0
B C
172.16.0.1 10.0.0.1 10.0.0.2 11.0.0.1 11.0.0.2 192.168.1.1

router rip
2.3.0.0 router rip
2.3.0.0
network 172.16.0.0 network 192.168.1.0
network 10.0.0.0 network 11.0.0.0

router rip
network 10.0.0.0
Network 11.0.0.0

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Configure RIP V2
Classless
Sub-networks
Router(config)#router rip

Router(config)#version 2

Router(config-router)#network

< network-address> : Directly connected sub-network addresses

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
RIP Configuration Example
Version 2
E0 S0 S1 S0 S1 E0
172.16.64.0 A 192.168.1.128
B C
172.16.64.1 10.0.1.1 10.0.1.2 10.0.2.1 10.0.2.2 192.168.1.129

router rip router rip
Version 2 Version 2
No auto-summary No auto-summary
network 172.16.64.0 network 192.168.1.0
network 10.0.1.0 network 10.0.2.0
router rip
Version 2
No auto-summary
network 10.0.1.0
Network 10.0.2.0

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
 Displaying the IP Routing Table
10.0.1.2
E0 S0 S1 S0 S1 E0
172.16.64.0 A 192.168.1.128
B C
10.0.1.0 10.0.2.0

RouterA#sh ip route
Codes: C - connected, S - static, I - IGRP, R – RIP

172.16.0.0/16 is subnetted, 1 subnets
C 172.16.64.0 is directly connected, Ethernet0
10.0.0.0/8 is subnetted, 2 subnets
R 10.0.2.0/24 [120/1] via 10.0.1.2, 00:00:07, Serial0
C 10.0.1.0/24 is directly connected, Serial0
R 192.168.1.128/26 [120/2] via 10.0.1.2, 00:00:07, Serial2

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
RIP Timers
Periodic Timer
- A timer kept at each router for sending its routing table information
to its neighbors in every 30 seconds.

Expiration Timer
- If a router does not get the updates from a neighboring router for
a long time ,( means it is a problem with the neighboring router) the
main router removes the updates got from that neighboring router
- Is called expiration time ( 180 seconds )

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Problems with RIP
Slow Convergence
Routing tables are sent to neighbors every 30 seconds
When there are large number of routers in the network ,it will take some time
to get all the details to each and every router.There is a delay in getting an
updated routing table.

Solution
Triggered updates
Information that needed to be updated immediately is informed to the other routers
without waiting for the periodic time.

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Counting to infinity
Solution - Route Poisoning
When a network goes down the
router that is connected to that
network will get that information
first
So that router updates its table
saying this network is down
(unreachable )
In the routing table it says number
of hops for that particular network
as infinity (or in RIP as 16)

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Instability
Once a router (P) get some updates from other router (Q) router P will
updates it routing table and new routing table sent again to previous
router.
With time this will lead to having wrong updated tables in the routers and
ultimately to an unstable situation

Solution
Spilt Horizon - Do not send same information via the
link which that information came from

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
 Solutions
Split Horizon
When the router sends routing
table information to the neighbors,
it will not send the information
that it got from that particular
router
So the routing table information
will be selected and send

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Hold down Timer
Once a network goes down, that information will be immediately sent to
the other routers
Because of the network connections there is a possibility to get some
wrong information about that particular network from other routers
Therefore once a network down information is received, the router will
start the hold down timer, during which time any updates regarding that
particular network is ignored.

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Poison Reverse
In general split horizon will apply for information passing
But the split horizon will not be applied in the case of the information like
network is down

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
IGRP AD - 100
(Interior Gateway Routing Protocol )
A cisco proprietary distance-vector routing protocol

Maximum hop count is 255

Used in large networks

EIGRP is the enhanced version of IGRP

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
EIGRP

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
EIGRP
(Extended Interior Gateway Routing
Protocol )

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
Features
EIGRP was initially released in 1992 as a proprietary protocol available
only on Cisco devices.
In 2013, Cisco released a basic functionality of EIGRP as an open
standard to the IETF as an informational RFC.
Other networking vendors can now implement EIGRP on their
equipment to interoperate with both Cisco and non-Cisco routers
running EIGRP.

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
EIGRP Metric AD - 90
A ‘ Composite metric ‘ is used

EIGRP uses bandwidth and delay of the line by default as a
metric for determining the best route to an internetwork

Metric is a combination of bandwidth, delay of the line , Reliability, load
and Maximum Transmission Unit (MTU)

Reliability, load, and Maximum Transmission Unit (MTU) are not used by
default

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
EIGRP metric values
Bandwidth - The slowest bandwidth among all of the outgoing
interfaces, along the path from source to destination.

Delay - The cumulative (sum) of all interface delay along the path (in
microseconds).

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
EIGRP Configuration

Router(config)#router Eigrp

Router(config-router)#network

< network address > : Directly connected network addresses
< AS number > : Autonomous Systems Number

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
EIGRP Configuration Example
E0 S0 S1 S0 S1 E0
172.16.64.0 A 192.168.1.128
B C
172.16.64.1 10.0.1.1 10.0.1.2 10.0.2.1 10.0.2.2 192.168.1.129

router eigrp 100
router eigrp 100 No auto-summary
network 172.16.64.0 network 192.168.1.0
network 10.0.1.0 network 10.0.2.0
No auto-summary
router eigrp 100
No auto-summary
network 10.0.1.0
Network 10.0.2.0

IT2050| Computer Networks| Routing Protocols| Hansika Mahaadikara
IT2050 - Computer Networks
Lecture 5
Internet Protocol

Ms. Hansika Mahaadikara

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Overview of IP
IP is the network layer protocol of TCP/IP
No Error control, flow control and congestion control
Hence IP is an unreliable protocol
Combination TCP/IP is reliable
But UDP/IP is an unreliable combination

IP packets operate as datagram
IP packets originated from same source can travel through
different routes and reach the destination at different times
Therefore IP packets may reach the destination out of order

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Identification

Each IP packet is identified by a serial number called
“Identification”

This sequence will be helpful to the receiver to
reassemble the packets in the correct order, although they
may receive in out of order

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Maximum Transmission Unit (MTU)

Maximum amount of
data that can be
accommodated in a
frame

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Fragmentation
If the IP packet size is bigger than MTU, it should be fragmented

Ex : If the original packet has 6000 bytes of data

1. Separate data and Header of IP Packet
2. Break data part into MTUs (Fragments)
3. Add 20 byte header to each fragment

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Fragmentation offset
The identification of each fragmented IP packet is equal to
identification of original IP packet

Ex : If the identification of original IP packet is 2000,
identification of all five fragments is 2000

“ Fragmentation offset ” is an another parameter
used to identity the order of fragments

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Fragmentation offset cont.
If the original packet has 6000 bytes of data , the
numbering of data bytes are as follows
Fragment 1
0 1479

Fragment 2
1480 2959

Fragment 3
2960 4439

Fragment 4
4440 5919

Fragment 5
5920 5999
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Fragmentation offset cont.

Offset value of fragment 1 = 0 = 0
8
Offset value of fragment 2 = 1480 = 185
8
Offset value of fragments 3 = 2960 = 370
8
Offset value of fragment 4 = 4440 = 555
8
Offset value of fragment 5 = 5920 = 740
8

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Fragmentation offset cont.
Fragmented packets travel independently
They may travel through different routes to the destination
While it is traveling it can be further fragmented at another
intermediate network

Original Packet

Fragmented
packets
Fragmented
packets

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Fragmentation offset cont.

Fragmented packets reach to the destination out of order.

The fragmented packets are combined (defragmented) at the final
destination by using the OFFSET values.

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Time To Live (TTL)
IP packets travel through many routers in the network

Each router routes the packet according to information in
the routing table

If there is a problem in a routing table the packet may be
sent in a wrong direction and it can be randomly flow in
the network. This kind of IP packets can even overload the
network and finally crash the network

In order to avoid such a situation, a parameter called
“Time To Live” (TTL) is defined for each IP packet

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Time To Live (TTL) cont.
TTL value can be initialized to any value at the
transmitting router (A) (maximum is 255)

The TTL value is decremented at each router by 1

If the TTL value becomes zero at a router (B) , the
packet will be discarded and an ICMP message is sent
to the transmitted router(A) from the discarding
router (B)

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Time To Live (TTL) cont.

Suppose host A sends an IP packet to Host B
The TTL value is set to 6
If the packet goes through Host A → R1 →R2 → R3 → Host B,

Router TTL Value
R1 = 5
R2 = 4
R3 = 3
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Time To Live (TTL) cont.
Suppose there is a routing problem and the packet loops through
the routes R1 → R4 → R2 → R1→ R4 → R2 → R1 → R4 → R2

R1 R2 Router TTL Value Action
R1 6 -1 = 5
R4 5–1=4
R4
R2 4–1=3
R1 3–1=2
R4 2–1=1
R2 1–1=0 Discards the Packet
Send ICMP message to Host A

The TTL value becomes zero at router R2
Therefore IP packet is discarded
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IP header

32 bits

32 bits

32 bits

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Version (VER)

A field of 4 bits

Indicates the version of the using IP addresses in the IP
packet

IPv4 : 0100
IPv6 : 0110

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Header Length (HLEN)

A 4 bit field indicates the number of 4 bytes in the header
Header size in bytes = HLEN x 4

The standard header size = 20 bytes
20 = 5 x 4
HLEN = 5 ( 0101 )2
The standard header size = 60 bytes
60 = 15 x 4
HLEN = 15 ( 1111 )2
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Service Type
A 8 bit field
IETF has changed the name of this field as Differentiated Services

3 bits 4 bits
Precedence TOS Not used

 Precedence defines the priority of the packet

 Precedence is not used in IPv4

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Service Type cont.
A 4-bit field
Each bit has a special meaning
There are five types of services

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Service Type cont.

The application
can select a
specific type of
service

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Total length

A 16-bit field
Gives the total length of the IP packet.

Total length = data length + header length

If total length value is 300 and if this is a normal IP packet
Header length = 20 bytes
Data length = 300 – 20
= 280 bytes

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Identification

Each IP packet is identified by a serial number called
“Identification”

A 16 bit field

The identification of each fragmented IP packet is equal to
identification of original IP packet

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Flags

D = 1, means is not allowed to be fragmented
D = 0, means is allowed to be fragmented

M = 0, means that there are no more fragments;
The fragment is the last one.
Non fragmented packet is considered the last fragment
M = 1, The fragment is not the last one.
IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Fragmentation offset

A 13-bit field

This gives the offset value of the fragment

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Time To Live (TTL)

A 8 bit field

Defines the maximum number of hops the
packet can travel

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
 Protocol
The IP packet data can be UDP, TCP, ICMP, IGMP, EGP
Used to identify the type of data a special field called “protocol”
8-bit field which defines the protocol number

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Header Checksum
A 16-bit field

Checks the errors of the header only.

If errors are found in the header, the whole IP packet is
discarded.

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
Source IP Address

A 32-bit field
This gives the IP address of the source

Destination IP Address

A 32-bit field
This gives the IP address of the destination

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IP option

IT2050| Computer Networks| Internet Protocol| Hansika Mahaadikara
IT2050 – Computer Networks

Lecture 06
Switched Networks

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
 Switch

An intelligent device
Operates in layer 2 – layer2 switch
Operates in layer 3 – layer3 switch
IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
 Form Factors
Fixed Configuration
Modular Configuration
Stackable Configuration

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Business Considerations 0n Selecting switches
Cost
Speed and #of Interfaces , Supported Features
Expansion Capability
Port Density
#of devices on the Network
Power
Power access points , PoE , Redundant Power Supply
Reliability
24/7 Continues access
Port Speed
Ethernet , FastEthernet , GigabitEthernet
Scalability
Network growth

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Switch Functions

Address learning

Forward/filter decisions

Loop avoidance

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
 Mac Address Table
The switch learns the relationship of ports to devices, it builds a
table called a MAC address.

LAN switches determine how to handle incoming frames by
maintaining the MAC address table. Switch builds its MAC
address table by recording the MAC address of each device
connected to each of its ports.

The switch uses the information in the MAC address table to
send frames destined for a specific device out the port which has
been assigned to that device.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Address learning

Layer 2 switches and bridges remember the source MAC address of each
frame received on an interface, and they enter this information into a
MAC database called a MAC address table

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Address learning cont.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Forward/filter decisions
When a frame is received on an interface, the switch looks at the
destination MAC address and finds the exit interface in the MAC address
table Frame is only forwarded out the specified destination port

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Forward/filter decisions cont.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Loop Avoidance

If multiple connections between switches are created for
redundancy purposes, network loops can occur

Spanning Tree Protocol (STP) is used to stop network
loops while still permitting redundancy

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Switch Internal Processing

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Switch Internal Processing cont.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Frame Forwarding
Store-and-Forward Switching
Error Checking– After receiving the
entire frame, the switch compares
the frame-check-sequence (FCS)
value in the last field against its own
FCS calculations. Only error-free
frames are forwarded

Store-and-Forward is Cisco’s
primary LAN switching method.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Frame Forwarding
Cut-Through Switching
Cut – Through Switching ( Rapid Frame Forwarding ) –
The switch makes a forwarding decision as soon as it has looked up the destination MAC
address.
Frames with errors are forwarded.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
 Frame Forwarding
Fragment Free Switching

Fragment Free - modified form of cut-through switching. The switch waits for the
collision window (64 bytes) to pass before forwarding the frame.
Provides better error checking than cut-through, with practically no increase in latency.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Basic Switch Configurations
Each port/interface does not need an IP address because the switch is not
performing Layer 3 routing
Can assign IP address to manage the switch or else IP would not be
needed on the switch at all

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Configuring Basic Switch Management Access with
IPv4

exit

Important Concept

The default gateway is the router
address and is used by the switch
to communicate with other
networks.

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
Configure Switch Ports
Verifying Switch Port Configuration

IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
IT2050| Computer Networks| Basics of Switching| Hansika Mahaadikara
IT2050 - Computer Networks

Lecture 7
Securing Switched Networks

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
MAC Address Table
Dynamic MAC addresses
Sticky MAC addresses
Permanent MAC addresses

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
 Port security limits the number of valid MAC
addresses allowed to transmit data through a switch
port.
If a port has port security enabled and an unknown MAC
address sends data, the switch presents a security
violation.
Default number of secure MAC addresses allowed is 1.

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
 Methods use to configure MAC addresses within port
security:
Static secure MAC addresses – manually configure
switchport port-security mac-address mac-address
Dynamic secure MAC addresses – dynamically learned and
removed if the switch restarts
Sticky secure MAC addresses – dynamically learned and added
to the running configuration (which can later be saved to the
startup-config to permanently retain the MAC addresses)
switchport port-security mac-address sticky mac-address

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Dynamic MAC Addresses
MAC addresses are added to the MAC address table through
normal switch processing
When a frame is received, the source MAC of the frame is
associated with the incoming port/interface

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Permanent MAC addresses
A MAC address is associated with a port

Switch(config-if)#switchport mode access
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security mac-address 0200.1111.1111
IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
 Switch Port Security
Secure Unused Ports

The interface
range command
can be used to apply a
configuration to
several switch ports at
one time.

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Port Security
Limits the number of MAC addresses associated with a port (limits
number of sources that can forward frames into that switch port)

Switch(config)#interface
Switch(config-if)#switchport port-security maximum
IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Port Security cont.

Restrict port 0/1 so that only three MAC addresses can be learned
on port 0/1

Switch(config)#interface Ethernet 0/1
Switch(config-if)# switchport port-security maximum 3

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Address violation

What should the switch do when a fourth MAC
address sources a frame that enters E0/1?

An address violation occurs when a secured port receives
a frame from a new source address that, if added to
the MAC table, would cause the switch to exceed its
address table size limit for that port

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Switch Port Security
Port Security: Violation Modes
Protect
– data from unknown source MAC addresses are dropped; a security notification IS
NOT presented by the switch

Restrict –
data from unknown source MAC addresses are dropped; a security notification IS
presented by the switch and the violation counter increments.

Shutdown –
(default mode) interface becomes error-disabled and port LED turns off. The violation
counter increments. Issues the shutdown and then the no shutdown command on the
interface to bring it out of the error-disabled state.

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Switch Port Security
Port Security: Configuring

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Switch Port Security
Port Security: Configuring (Cont.)
Before configuring port-security features, place the port in access mode
and use the switchport port-security interface configuration command
to enable port security on an interface.

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Switch Port Security
Port Security: Configuring (Cont.)

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
Switch Port Security
Port Security: Verifying
Use the show port-security interface command to
verify the maximum number of MAC addresses
allowed on a particular port and how many of those
addresses were learned dynamically using sticky.
Dynamic Sticky

IT2050| Computer Networks | Securing Switched Networks | Hansika Mahaadikara
IT2050 – Computer Networks
Lecture 7
Virtual Local Area Networks (VLAN)

Ms.Hansika Mahaadikara

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Sections & Objectives
VLAN Segmentation
Explain the purpose of VLANs in a switched network.
Explain how a switch forwards frames based on VLAN configuration in a multi-switch environment.

VLAN Implementations
Configure a switch port to be assigned to a VLAN based on requirements.
Configure a trunk port on a LAN switch.
Troubleshoot VLAN and trunk configurations in a switched network.

Inter-VLAN Routing Using Routers
Describe the two options for configuring Inter-VLAN routing.
Configure Router-on-a-Stick Inter-VLAN Routing

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Segmentation

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Broadcast Domains

Three separate broadcast domains
Requires three switches

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 VLAN cont.

Each logical VLAN is like a separate physical switch
– Each VLAN is a separate broadcast domain (3 broadcast
domains)
– Each VLAN contains a separate MAC address table
– Computer in Blue VLAN will not be able to send a frame to
Black VLAN or Green VLAN
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 VLAN Definitions (cont.)
VLANs allow an administrator to segment networks
based on factors such as function, project team, or
application, without regard for the physical location of
the user or device.
VLANs enable the implementation of access and
security policies according to specific groupings of users.
A VLAN is a logical partition of a Layer 2 network.
Multiple partitions can be created, allowing for multiple
VLANs to co-exist.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 VLAN Definitions (cont.)
Each VLAN is a broadcast domain, usually with its own
IP network.
VLANs are mutually isolated, and packets can only pass
between them via a router.
The partitioning of the Layer 2 network takes place
inside a Layer 2 device, usually via a switch.
The hosts grouped within a VLAN are unaware of the
VLAN’s existence.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Benefits of VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Types of VLANs

Data VLAN – user generated traffic
Default VLAN – all switch ports become part of this VLAN
until switch is configured,
Management VLAN – used to access management
capabilities

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 VLANs in a Multi-Switched Environment

VLAN Trunks

The links between switches S1 and S2, and S1 and S3 are configured
to transmit traffic coming from VLANs 10, 20, 30 the network. This
network could not function without VLAN trunks.
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLANs in a Multi-Switched Environment

VLAN Trunks (cont.)
A VLAN trunk is a point-to-point link that carries
more than one VLAN.
A VLAN trunk is usually established between
switches so same-VLAN devices can communicate,
even if physically connected to different switches.
A VLAN trunk is not associated to any VLANs;
neither is the trunk ports used to establish the trunk
link.
Cisco IOS supports IEEE802.1q, a popular VLAN
trunk protocol.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN cont.

VLANs can span across multiple switches

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN cont.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN tagging for source identification

The process of adding an additional header to a LAN frame
Used to identify the VLAN to which the frame belongs
Cisco refers to this as TRUNKING
Trunks carry traffic for multiple VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLANs in a Multi-Switched Environment

Controlling Broadcast Domains with VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLANs in a Multi-Switched Environment

Controlling Broadcast Domains with VLANs

❖VLANs can be used to limit the reach of broadcast
frames.
❖A VLAN is a broadcast domain of its own.
❖A broadcast frame sent by a device in a specific VLAN is
forwarded within that VLAN only.
❖VLANs help control the reach of broadcast frames and
their impact in the network.
❖Unicast and multicast frames are forwarded within the
originating VLAN.
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Tagging Ethernet Frames for VLAN
Identification
Frame tagging is the process of adding a VLAN identification
header to the frame.
It is used to properly transmit multiple VLAN frames through a
trunk link.
Switches tag frames to identify the VLAN to which they belong.
Different tagging protocols exist; ISL , IEEE 802.1Q.
The protocol defines the structure of the tagging header added
to the frame.
Switches add VLAN tags to the frames before placing them into
trunk links and remove the tags before forwarding frames
through non-trunk ports.
When properly tagged, the frames can transverse any number of
switches via trunk links and still be forwarded within the correct
VLAN at the destination.
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Trunking

There are two types of VLAN Trunking:
- ISL (Inter-Switch Link) – Cisco Proprietary
- IEEE 802.1Q

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
ISL (Inter-Switch Link)

Full Ethernet frame is encapsulated with a ISL
Indicate the VLAN ID (12 bit) to identify the VLAN
CISCO proprietary

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
IEEE 802.1Q

The IEEE 802.1Q tag is inserted by the switch before sending the
frame across the trunk
Indicate the VLAN ID (12 bit) to identify the VLAN
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
802.1Q Tagging

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Trunks

Configuring IEEE 802.1q Trunk Links

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Trunks

Resetting the Trunk to Default State

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Troubleshoot VLANs and Trunks

▪ VLANs must be allowed in the trunk before their
frames can be transmitted across the link.
▪ Use the switchport trunk allowed vlan command to
specify which VLANs are allowed in a trunk link.
▪ Use the show interfaces trunk command to ensure
the correct VLANs are permitted in a trunk.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Inter-VLAN Routing Using
Routers

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Passing traffic between VLANs
 Each VLAN will have different IP subnets
 VLANs don’t send data frames to other VLAN
(Separate MAC address table for each VLAN)

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Inter-VLAN Routing

Layer 2 switches cannot forward traffic
between VLANs without the assistance of a
router.
Inter-VLAN routing is a process for
forwarding network traffic from one VLAN
to another, using a router.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Inter-VLAN Routing Operation

Legacy Inter-VLAN Routing
In the past:
Actual routers were used to route between VLANs.
Each VLAN was connected to a different physical
router interface.
Packets would arrive on the router through one
interface, be routed and leave through another.
Because the router interfaces were connected to
VLANs and had IP addresses from that specific
VLAN, routing between VLANs was achieved.
Large networks with large number of VLANs
required many router interfaces.
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Legacy Inter-VLAN Routing
G0/2 172.17.20.1/24

In this example, the router was configured with three separate
physical interfaces to interact with the different VLANs and perform
the routing.
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Passing traffic between VLANs cont.

10.1.0.0/16

10.2.0.0/16

- Three IP subnets 10.3.0.0/16
- Router with 3 LAN ports
- Waste of resources

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Inter-VLAN Routing Operation

Router-on-a-Stick Inter-VLAN Routing
The router-on-a-stick approach uses only one
of the router’s physical interface.
One of the router’s physical interfaces is
configured as a 802.1Q trunk port so it can
understand VLAN tags.
Logical sub-interfaces are created; one sub-
interface per VLAN.
Each sub-interface is configured with an IP
address from the VLAN it represents.
VLAN members (hosts) are configured to use the sub-
interface address as a default gateway.
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
 Passing traffic between VLANs cont.
 Solution
Router supports trunking (Inter VLAN routing)
- Single physical connection
- Single Fast Ethernet port

10.1.0.0/16

10.2.0.0/16

10.3.0.0/16

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Inter VLAN routing

Sub interfaces on a router can be used to divide a single
physical interface into multiple logical interfaces
Each physical interface can have up to 65,535 logical
interfaces

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Configure Router-on-a Stick:
VLAN trunking allows a single physical router interface to route traffic for multiple VLANs.
The physical interface of the router must be connected to a trunk link on the adjacent switch.
On the router, sub-interfaces are created for each unique VLAN.
Each sub-interface is assigned an IP address specific to its subnet or VLAN and is also configured to
tag frames for that VLAN.

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Configure Router-on-a Stick: Switch Configuration

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Configure Router-on-a Stick: Router
Subinterface Configuration

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Configure Router-on-a Stick: Verifying
Subinterfaces (cont.)

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN
Implementations

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Types of VLANs (cont.)

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Ranges on Catalyst Switches

Cisco Catalyst 2960 and 3560 Series switches
support over 4,000 VLANs.
VLANs are split into two categories:
Normal range VLANs
VLAN numbers from 1 to 1,005
Configurations stored in the vlan.dat (in the flash memory)
IDs 1002 through 1005 are reserved for Token Ring and Fiber Distributed Data
Interface (FDDI) VLANs, automatically created and cannot be removed

Extended Range VLANs
VLAN numbers from 1,006 to 4,096
Configurations stored in the running configuration (NVRAM)
VLAN Trunking Protocol (VTP) does not learn extended VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Ranges on Catalyst Switches
Normal Range VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Assignment

Creating a VLAN

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Assignment

Assigning Ports to VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Changing VLAN Port Membership
Remove VLAN Assignment

▪ Interface F0/18 was previously assigned to VLAN 20 which is still active, F0/18 reset to
VLAN1

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Assignment

Changing VLAN Port Membership (cont.)

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Deleting VLANs

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
VLAN Assignment

Verifying VLAN Information

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara
Verifying VLAN Information

IT2050 | Computer Networks| VLAN | Hansika Mahaadikara