Handout CS407 - Routing and Switching PDF

**[Handouts for CS407: Routing and Switching]** **[Topic 1: Routing and Switching - Course Information]** This topic provides motivation to study this course. The focus of this course is ***education*** and to help you develop a real ***understanding*** of networking, not merely memorizing facts and commands. We have divided this course into three parts: 1. **Network Fundamentals** In this part, you will learn both the practical and conceptual skills that build the foundation for understanding basic networking. 2. **Routing Protocols an Concepts** The focus of this part is on learning the architecture, components, and operations of routers, and explains the principles of routing and routing protocols. 3. **Switching Techniques** The focus of this part is on learning the architecture, components, and operations of a converged switched network. By the end of this course, you will be able to build simple LANs, perform basic configurations for routers and switches, and implement IP addressing schemes. ***Figures and Materials used have been adapted from \"** **http://www.cabrillo.edu/\~rgraziani/\" unless stated otherwise.*** **[Topic 2: Components of a Network]** Among all of the essentials for human existence, the need to interact with others ranks just below our need to sustain life. Communication is almost as important to us as our reliance on air, water, food, and shelter. In today\'s world, through the use of networks, we are connected like never before. People with ideas can communicate instantly with others to make those ideas a reality. News events and discoveries are known worldwide in seconds. Individuals can even connect and play games with friends separated by oceans and continents. Networks connect people and promote unregulated communication. Everyone can connect, share, and make a difference. **Networks support the way we learn** Communication, collaboration, and engagement are fundamental building blocks of education. Institutions are continually striving to enhance these processes to maximize the dissemination of knowledge. Access to high quality instruction is no longer restricted to students living in proximity to where that instruction is being delivered. Online distance learning has removed geographic barriers and improved student opportunity. Online (e-learning) courses can now be delivered over a network. These courses can contain data (text, links), voice, and video available to the students at any time from any place. Online discussion groups and message boards enable a student to collaborate with the instructor, with other students in the class, or even with students across the world. Blended courses can combine instructor-led classes with online courseware to provide the best of both delivery methods. **Network Components: Clients and servers** All computers connected to a network that participate directly in network communication are classified as hosts or end devices. Hosts can send and receive messages on the network. In modern networks, end devices can act as a client, a server, or both. The software installed on the computer determines which role the computer plays. Servers are hosts that have software installed that enable them to provide information, like email or web pages, to other hosts on the network. Each service requires separate server software. For example, a host requires web server software in order to provide web services to the network. Clients are computer hosts that have software installed that enable them to request and display the information obtained from the server. An example of client software is a web browser, like Internet Explorer. **Peer to Peer** Client and server software usually runs on separate computers, but it is also possible for one computer to carry out both roles at the same time. In small businesses and homes, many computers function as the servers and clients on the network. This type of network is called a peer-to-peer network. The simplest peer-to-peer network consists of two directly connected computers using a wired or wireless connection. Multiple PCs can also be connected to create a larger peer-to-peer network but this requires a network device, such as a hub, to interconnect the computers. The main disadvantage of a peer-to-peer environment is that the performance of a host can be slowed down if it is acting as both a client and a server at the same time. The advantages of peer-to-peer networking: - Easy to set up - Less complexity - Lower cost since network devices and dedicated servers may not be required - Can be used for simple tasks such as transferring files and sharing printers The disadvantages of peer-to-peer networking: - No centralized administration - Not as secure - Not scalable - All devices may act as both clients and servers which can slow their performance **Networks Components** The network infrastructure contains three categories of network components: - Devices - Media - Services **End Devices** The network devices that people are most familiar with are called end devices, or hosts. These devices form the interface between users and the underlying communication network. Some examples of end devices are: - Computers (work stations, laptops, file servers, web servers) - Network printers - VoIP phones - TelePresence endpoint - Security cameras - Mobile handheld devices (such as smartphones, tablets, PDAs, and wireless debit/credit card readers and barcode scanners) **Intermediary Network Devices** Intermediary devices interconnect end devices. These devices provide connectivity and work behind the scenes to ensure that data flows across the network. Intermediary devices connect the individual hosts to the network and can connect multiple individual networks to form an internetwork. Examples of intermediary network devices are: - Network Access (switches and wireless access points) - Internetworking (routers) - Security (firewalls) The management of data as it flows through the network is also a role of the intermediary devices. These devices use the destination host address, in conjunction with information about the network interconnections, to determine the path that messages should take through the network. Processes running on the intermediary network devices perform these functions: - Regenerate and retransmit data signals - Maintain information about what pathways exist through the network and internetwork - Notify other devices of errors and communication failures - Direct data along alternate pathways when there is a link failure - Classify and direct messages according to Quality of Service (QoS) priorities - Permit or deny the flow of data, based on security settings **Networks Media** ![](media/image2.png) Communication across a network is carried on a medium. The medium provides the channel over which the message travels from source to destination. Modern networks primarily use three types of media to interconnect devices and to provide the pathway over which data can be transmitted. As shown in the figure above, these media are: - Metallic wires within cables - Glass or plastic fibers (fiber optic cable) - Wireless transmission The signal encoding that must occur for the message to be transmitted is different for each media type. Different types of network media have different features and benefits. Not all network media has the same characteristics and is appropriate for the same purpose. The criteria for choosing network media are: - The distance the media can successfully carry a signal - The environment in which the media is to be installed - The amount of data and the speed at which it must be transmitted - The cost of the media and installation **Network Representation** When conveying complex information such as displaying all the devices and medium in a large internetwork, it is helpful to use visual representations. Like any other language, the language of networking uses a common set of symbols to represent the different end devices, network devices, and media, as shown in the figure above. In addition to these representations, specialized terminology is used when discussing how each of these devices and media connect to each other. Important terms to remember are: **Network Interface Card **- A NIC, or LAN adapter, provides the physical connection to the network at the PC or other host device. The media connecting the PC to the networking device plugs directly into the NIC. **Physical Port **- A connector or outlet on a networking device where the media is connected to a host or other networking device. **Interface **- Specialized ports on an internetworking device that connect to individual networks. Because routers are used to interconnect networks, the ports on a router are referred to network interfaces. **Topology Diagrams** ![](media/image4.png) Physical Topology Topology diagrams are mandatory for anyone working with a network. It provides a visual map of how the network is connected. There are two types of topology diagrams including: **Physical topology diagrams **- Identify the physical location of intermediary devices, configured ports, and cable installation. **Logical topology diagrams **- Identify devices, ports, and IP addressing scheme. Logical Topology **[Topic 3: LANs, WANs, and the Internet]** **Types of Networks** Network infrastructures can vary greatly in terms of: - Size of the area covered - Number of users connected - Number and types of services available **Local Area Network (LAN) **- A network infrastructure that provides access to users and end devices in a small geographical area. **Wide Area Network (WAN) **- A network infrastructure that provides access to other networks over a wide geographical area. Other types of networks include: **Metropolitan Area Network (MAN) **- A network infrastructure that spans a physical area larger than a LAN but smaller than a WAN (e.g., a city). MANs are typically operated by a single entity such as a large organization. **Wireless LAN** **(WLAN) **- Similar to a LAN but wirelessly interconnects users and end points in a small geographical area. **Storage Area Network (SAN) **- A network infrastructure designed to support file servers and provide data storage, retrieval, and replication. It involves high-end servers, multiple disk arrays (called blocks), and Fiber Channel interconnection technology. **The Internet - A Network of Networks** ![](media/image6.png) Although there are benefits to using a LAN or WAN, most individuals need to communicate with a resource on another network, outside of the local network within the home, campus, or organization. This is done using the Internet. As shown in the figure above, the Internet is a worldwide collection of interconnected networks (internetworks or internet for short), cooperating with each other to exchange information using common standards. Through telephone wires, fiber optic cables, wireless transmissions, and satellite links, Internet users can exchange information in a variety of forms. The Internet is a conglomerate of networks and is not owned by any individual or group. Ensuring effective communication across this diverse infrastructure requires the application of consistent and commonly recognized technologies and standards as well as the cooperation of many network administration agencies. There are organizations that have been developed for the purpose of helping to maintain structure and standardization of Internet protocols and processes. These organizations include the Internet Engineering Task Force (IETF), Internet Corporation for Assigned Names and Numbers (ICANN), and the Internet Architecture Board (IAB), plus many others. **Internet Access Technologies** There are many different ways to connect users and organizations to the Internet. The figure above illustrates common connection options for small office and home office users, which include: **Cable **- Typically offered by cable television service providers, the Internet data signal is carried on the same coaxial cable that delivers cable television. It provides a high bandwidth, always on, connection to the Internet. A special cable modem separates the Internet data signal from the other signals carried on the cable and provides an Ethernet connection to a host computer or LAN. **DSL **- Provides a high bandwidth, always on, connection to the Internet. It requires a special high-speed modem that separates the DSL signal from the telephone signal and provides an Ethernet connection to a host computer or LAN. DSL runs over a telephone line, with the line split into three channels. One channel is used for voice telephone calls. This channel allows an individual to receive phone calls without disconnecting from the Internet. A second channel is a faster download channel, used to receive information from the Internet. The third channel is used for sending or uploading information. This channel is usually slightly slower than the download channel. The quality and speed of the DSL connection depends mainly on the quality of the phone line and the distance from your phone company\'s central office. The farther you are from the central office, the slower the connection. **Cellular **- Cellular Internet access uses a cell phone network to connect. Wherever you can get a cellular signal, you can get cellular Internet access. Performance will be limited by the capabilities of the phone and the cell tower to which it is connected. The availability of cellular Internet access is a real benefit in those areas that would otherwise have no Internet connectivity at all, or for those constantly on the go. **Satellite **- Satellite service is a good option for homes or offices that do not have access to DSL or cable. Satellite dishes require a clear line of sight to the satellite and so might be difficult in heavily wooded areas or places with other overhead obstructions. Speeds will vary depending on the contract, though they are generally good. Equipment and installation costs can be high (although check the provider for special deals), with a moderate monthly fee thereafter. The availability of satellite Internet access is a real benefit in those areas that would otherwise have no Internet connectivity at all. **Dial-up Telephone** - An inexpensive option that uses any phone line and a modem. To connect to the ISP, a user calls the ISP access phone number. The low bandwidth provided by a dial-up modem connection is usually not sufficient for large data transfer, although it is useful for mobile access while traveling. A modem dial-up connection should only be considered when higher speed connection options are not available. Many homes and small offices are more commonly being connected directly with fibre optic cables. This enables an Internet service provider to provide higher bandwidth speeds and support more services such as Internet, phone, and TV. The choice of connection varies depending on geographical location and service provider availability. **[Topic 4: Packet Tracer Basics - Part I]** In this topic, we will go through the basics of Packet tracer software. Packet Tracer is a networking learning tool that supports a wide range of physical and logical simulations. It also provides visualization tools to help you understand the internal workings of a network. **[Topic 5: Packet Tracer Basics - Part II]** This is the continuation of the previous topic about packet tracer basics. **[Topic 6: Rules of Communication]** **Establishing the Rules** Before communicating with one another, individuals must use established rules or agreements to govern the conversation. **Message Encoding** ![G:\\Virtual University Course\\Slides\\images\\6-2.PNG](media/image8.png) One of the first steps to sending a message is encoding it. Encoding is the process of converting information into another, acceptable form, for transmission. Decoding reverses this process in order to interpret the information. Encoding also occurs in computer communication, as shown in Figure above. Encoding between hosts must be in an appropriate form for the medium. Messages sent across the network are first converted into bits by the sending host. Each bit is encoded into a pattern of sounds, light waves, or electrical impulses depending on the network media over which the bits are transmitted. The destination host receives and decodes the signals in order to interpret the message. **Message Formatting and Encapsulation** When a message is sent from source to destination, it must use a specific format or structure. Message formats depend on the type of message and the channel that is used to deliver the message. A frame acts like an envelope; it provides the address of the intended destination and the address of the source host, as shown in Figure above. The format and contents of a frame are determined by the type of message being sent and the channel over which it is communicated. Messages that are not correctly formatted are not successfully delivered to or processed by the destination host. **Message Size** Another rule of communication is size. When people communicate with each other, the messages that they send are usually broken into smaller parts or sentences. **Message Timing** Another factor that affects how well a message is received and understood is timing. People use timing to determine when to speak, how fast or slow to talk, and how long to wait for a response. These are the rules of engagement. **Access Method** Access method determines when someone is able to send a message. **Flow Control** Timing also affects how much information can be sent and the speed that it can be delivered. If one person speaks too quickly, it is difficult for the other person to hear and understand the message. The receiving person must ask the sender to slow down. In network communication, a sending host can transmit messages at a faster rate than the destination host can receive and process. Source and destination hosts use flow control to negotiate correct timing for successful communication. **Response Timeout** If a person asks a question and does not hear a response within an acceptable amount of time, the person assumes that no answer is coming and reacts accordingly. **Message Delivery Options - Unicast** **Message Delivery Options - Multicast** **Message Delivery Options - Broadcast** **[Topic 7: Protocol Suits]** **TCP/IP Protocol Suite** ![](media/image11.png) A protocol suite is a set of protocols that work together to provide comprehensive network communication services. A protocol suite may be specified by a standards organization or developed by a vendor. The protocols IP, HTTP, and DHCP are all part of the Internet protocol suite known as Transmission Control Protocol/IP (TCP/IP). The TCP/IP protocol suite is an open standard, meaning these protocols are freely available to the public, and any vendor is able to implement these protocols on their hardware or in their software. The IP suite is a suite of protocols required for transmitting and receiving information using the Internet. It is commonly known as TCP/IP because the first two networking protocols defined for this standard were TCP and IP. The open standards-based TCP/IP has replaced other vendor proprietary protocol suites, such as Apple\'s AppleTalk and Novell\'s Internetwork Packet Exchange/Sequenced Packet Exchange (IPX/SPX). Today, the suite includes dozens of protocols, as shown in Figure above. They are organized in layers using the TCP/IP protocol model. TCP/IP protocols are included in the internet layer to the application layer when referencing the TCP/IP model. The lower layer protocols in the data link or network access layer are responsible for delivering the IP packet over the physical medium. These lower layer protocols are developed by standards organizations, such as IEEE. The TCP/IP protocol suite is implemented as a TCP/IP stack on both the sending and receiving hosts to provide end-to-end delivery of applications over a network. The 802.3 or Ethernet protocols are used to transmit the IP packet over the physical medium used by the LAN. **Standard Organizations** - Open standards encourage competition and innovation. - Guarantee that no single company's product can monopolize the market, or have an unfair advantage over its competition. Standards organizations include: **The Internet Society (ISOC)** - ISOC facilitates the open development of standards and protocols for the technical infrastructure of the Internet, including the oversight of the Internet Architecture Board (IAB). **The Internet Architecture Board (IAB)** - Responsible for overall management and development of Internet standards. - Oversight of the architecture for protocols and procedures used by the Internet. - 13 members, including the chair of the Internet Engineering Task Force (IETF). - IAB members serve as individuals and not representatives of any company, agency, or other organization. **Internet Engineering Task Force (IETF)** - Mission is to develop, update, and maintain Internet and TCP/IP technologies. - One of the key responsibilities is to produce Request for Comments (RFC) documents - Memorandum describing protocols, processes, and technologies for the Internet. - The IETF consists of working groups (WGs), the primary mechanism for developing IETF specifications and guidelines. **Internet Research Task Force (IRTF)** - Focused on long-term research related to Internet and TCP/IP - IETF focuses on shorter-term issues of creating standards - IRTF consists of research groups for long-term development efforts. Including: Anti-Spam Research Group (ASRG), Crypto Forum Research Group (CFRG), Peer-to-Peer Research Group (P2PRG), and Router Research Group (RRG). **Benefits of Layered Model** - Assists in protocol design, because protocols that operate at a specific and a defined interface to the layers above and below. - Fosters competition - Prevents technology or capability changes in one layer from affecting other layers above and below. - Provides a common language to describe networking functions and capabilities. **OSI Model** ![Osi-model.png](media/image13.png) Initially the OSI model was designed by the ISO to provide a framework on which to build a suite of open systems protocols. Ultimately, the speed at which the TCP/IP-based Internet was adopted, and the rate at which it expanded, caused the development and acceptance of the OSI protocol suite to lag behind. **TCP/IP Model** - Alternative model. - The architecture of the TCP/IP protocol suite follows the structure of this model. - Similar to OSI Model **[Topic 8: Packet Tracer -- Investigating the TCP/IP and OSI Models in Action ]** This simulation activity is intended to provide a foundation for understanding the TCP/IP protocol suite and the relationship to the OSI model. Simulation mode allows you to view the data contents being sent across the network at each layer. As data moves through the network, it is broken down into smaller pieces and identified so that the pieces can be put back together when they arrive at the destination. Each piece is assigned a specific name (protocol data unit \[PDU\]) and associated with a specific layer of the TCP/IP and OSI models. Packet Tracer simulation mode enables you to view each of the layers and the associated PDU. The following steps lead the user through the process of requesting a web page from a web server by using the web browser application available on a client PC. **[Topic 9: Internet Operating System (IOS):]** **Cisco IOS** - All networking equipment depend on operating systems: **Cisco Internetwork Operating System (IOS)** - Collection of network operating systems used on Cisco devices **Operating System** ![](media/image15.png)![](media/image17.png) All end devices and network devices connected to the Internet require an operating system (OS) to help them perform their function. When a computer is powered on, it loads the OS, normally from a disk drive, into RAM. The portion of the OS code that interacts directly with the computer hardware is known as the kernel. The portion that interfaces with the applications and user is known as the shell. The user can interact with the shell using either the command-line interface (CLI) or graphical user interface (GUI). When using the CLI, the user interacts directly with the system in a text-based environment by entering commands on the keyboard at a command prompt. The system executes the command, often providing textual output. The GUI interface allows the user to interact with the system in an environment that uses graphical images, multimedia, and text. Actions are performed by interacting with the images on screen. GUI is more user friendly and requires less knowledge of the command structure to utilize the system. For this reason, many individuals rely on the GUI environments. Many operating systems offer both GUI and CLI. The operating system on home routers is usually called firmware. The most common method for configuring a home router is using a web browser to access an easy to use GUI. Most home routers enable the update of the firmware as new features or security vulnerabilities are discovered. Infrastructure network devices use a network operating system. The network operating system used on Cisco devices is called the Cisco Internetwork Operating System (IOS). Cisco IOS is a generic term for the collection of network operating systems used on Cisco networking devices. Cisco IOS is used for most Cisco devices regardless of the type or size of the device. The most common method of accessing these devices is using a CLI. **IOS Functions** Cisco IOS routers and switches perform functions that network professionals depend upon to make their networks operate as expected. Major functions performed or enabled by Cisco routers and switches include: - Providing network security - IP addressing of virtual and physical interfaces - Enabling interface-specific configurations to optimize connectivity of the respective media - Routing - Enabling quality of service (QoS) technologies - Supporting network management technologies - Each feature or service has an associated collection of configuration commands that allow a network technician to implement it. - The services provided by the Cisco IOS are generally accessed using a CLI. **[Topic 10: Accessing an IOS Device:]** There are several ways to access the CLI environment. The most common methods are: **Console** ![](media/image19.png) The console port is a management port that provides out-of-band access to Cisco device. Out-of-band access refers to access via a dedicated management channel that is used for device maintenance purposes only. The advantage of using a console port is that the device is accessible even if no networking services have been configured, such as when performing an initial configuration of the networking device. When performing an initial configuration, a computer running terminal emulation software is connected to the console port of the device using a special cable. Configuration commands for setting up the switch or router can be entered on the connected computer. The console port can also be used when the networking services have failed and remote access of the Cisco IOS device is not possible. If this occurs, a connection to the console can enable a computer to determine the status of the device. By default, the console conveys the device startup, debugging, and error messages. After the network technician is connected to the device, the network technician can perform any configuration commands necessary using the console session. For many IOS devices, console access does not require any form of security, by default. However, the console should be configured with passwords to prevent unauthorized device access. In the event that a password is lost, there is a special set of procedures for bypassing the password and accessing the device. The device should also be located in a locked room or equipment rack to prevent unauthorized physical access. **Telnet** Telnet is a method for remotely establishing a CLI session of a device, through a virtual interface, over a network. Unlike the console connection, Telnet sessions require active networking services on the device. The network device must have at least one active interface configured with an Internet address, such as an IPv4 address. Cisco IOS devices include a Telnet server process that allows users to enter configuration commands from a Telnet client. In addition to supporting the Telnet server process, the Cisco IOS device also contains a Telnet client. This allows a network administrator to telnet from the Cisco device CLI to any other device that supports a Telnet server process. **SSH** The Secure Shell (SSH) protocol provides a remote login similar to Telnet, except that it uses more secure network services. SSH provides stronger password authentication than Telnet and uses encryption when transporting session data. This keeps the user ID, password, and the details of the management session private. As a best practice, use SSH instead of Telnet whenever possible. Most versions of Cisco IOS include an SSH server. In some devices, this service is enabled by default. Other devices require the SSH server to be enabled manually. IOS devices also include an SSH client that can be used to establish SSH sessions with other devices. **AUX** An older way to establish a CLI session remotely is via a telephone dialup connection using a modem connected to the auxiliary (AUX) port of a router. Similar to the console connection, the AUX method is also an out-of-band connection and does not require any networking services to be configured or available on the device. In the event that network services have failed, it may be possible for a remote administrator to access the **switch** or router over a telephone line. The AUX port can also be used locally, like the console port, with a direct connection to a computer running a terminal emulation program. However, the console port is preferred over the AUX port for troubleshooting because it displays startup, debugging, and error messages by default. **Terminal Emulation Program** Software available for connecting to a networking device (usually same as terminal/serial/console connection): - PuTTY - Tera Term - HyperTerminal - OS X Terminal **[Topic 11: IOS Modes of Operation:]** After a network technician is connected to a device, it is possible to configure it. The network technician must navigate through various modes of the IOS. The Cisco IOS modes are quite similar for switches and routers. The CLI uses a hierarchical structure for the modes. In hierarchical order from most basic to most specialized, the major modes are: C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\13.PNG The two primary modes of operation are user EXEC mode and privileged EXEC mode. As a security feature, the Cisco IOS software separates the EXEC sessions into two levels of access. The privileged EXEC mode has a higher level of authority in what it allows the user to do with the device. **User EXEC Mode** The user EXEC mode has limited capabilities but is useful for some basic operations. The user EXEC mode is at the most basic level of the modal hierarchical structure. This mode is the first mode encountered upon entrance into the CLI of an IOS device. The user EXEC mode allows only a limited number of basic monitoring commands. This is often referred to as view-only mode. The user EXEC level does not allow the execution of any commands that might change the configuration of the device. By default, there is no authentication required to access the user EXEC mode from the console. However, it is a good practice to ensure that authentication is configured during the initial configuration. The user EXEC mode is identified by the CLI prompt that ends with the \> symbol. This is an example that shows the \> symbol in the prompt: Switch\> **Privileged EXEC Mode** The execution of configuration and management commands requires that the network administrator use the privileged EXEC mode or a more specific mode in the hierarchy. This means that a user must enter user EXEC mode first, and from there, access privileged EXEC mode. The privileged EXEC mode can be identified by the prompt ending with the \# symbol. Switch\# By default, privileged EXEC mode does not require authentication. It is a good practice to ensure that authentication is configured. Global configuration mode and all other more specific configuration modes can only be reached from the privileged EXEC mode. In a later section of this chapter, we will examine device configuration and some of the configuration modes. Global configuration mode ![C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\13-1.PNG](media/image21.png) Global configuration mode and interface configuration modes can only be reached from the privileged EXEC mode. **Global Configuration Mode** The primary configuration mode is called global configuration or global config. From global configuration mode, CLI configuration changes are made that affect the operation of the device as a whole. The global configuration mode is accessed before accessing specific configuration modes. The following CLI command is used to take the device from privileged EXEC mode to the global configuration mode and to allow entry of configuration commands from a terminal: Switch\# **configure terminal** After the command is executed, the prompt changes to show that the switch is in global configuration mode. Switch(config)\# **Specific Configuration Modes** From the global configuration mode, the user can enter different sub-configuration modes. Each of these modes allows the configuration of a particular part or function of the IOS device. The list below shows a few of them: **Interface mode** - to configure one of the network interfaces (Fa0/0, S0/0/0) **Line mode** - to configure one of the physical or virtual lines (console, AUX, VTY) **Command Prompts** When using the CLI, the mode is identified by the command-line prompt that is unique to that mode. By default, every prompt begins with the device name. Following the name, the remainder of the prompt indicates the mode. For example, the default prompt for the global configuration mode on a switch would be: Switch(config)\# **Navigating between IOS Modes** C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\13-4.PNG **Moving Between the User EXEC and Privileged EXEC Modes** The **enable** and **disable** commands are used to change the CLI between the user EXEC mode and the privileged EXEC mode, respectively. In order to access the privileged EXEC mode, use the **enable** command. The privileged EXEC mode is sometimes called the enable mode. **[Topic 12: The Command Structure:]** **Basic IOS Command Structure** ![](media/image23.png) A Cisco IOS device supports many commands. Each IOS command has a specific format or syntax and can only be executed at the appropriate mode. The general syntax for a command is the command followed by any appropriate keywords and arguments. Some commands include a subset of keywords and arguments that provide additional functionality. Commands are used to execute an action, and the keywords are used to identify where or how to execute the command. As shown in Figure above, the command is the initial word or words entered in the command line following the prompt. The commands are not case-sensitive. Following the command are one or more keywords and arguments. After entering each complete command, including any keywords and arguments, press the Enter key to submit the command to the command interpreter. **Context-Sensitive Help** The context-sensitive help provides a list of commands and the arguments associated with those commands within the context of the current mode. To access context-sensitive help, enter a question mark, **?**, at any prompt. There is an immediate response without the need to use the Enter key. One use of context-sensitive help is to get a list of available commands. This can be used when you are unsure of the name for a command or you want to see if the IOS supports a particular command in a particular mode. **Command Syntax Check** ![C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\14-1.PNG](media/image25.png) When a command is submitted by pressing the Enter key, the command line interpreter parses the command from left to right to determine what action is being requested. The IOS generally only provides negative feedback, as shown in Figure above. If the interpreter understands the command, the requested action is executed and the CLI returns to the appropriate prompt. However, if the interpreter cannot understand the command being entered, it will provide feedback describing what is wrong with the command. There are three different types of error messages: Ambiguous command Incomplete command Incorrect command **Hot Keys and Shortcuts** The IOS CLI provides hot keys and shortcuts that make configuring, monitoring, and troubleshooting easier. The following are worthy of special note: **Down Arrow** - Allows the user to scroll forward through former commands **Up Arrow** - Allows the user to scroll backward through former commands **Tab** - Completes the remainder of a partially typed command or keyword **Ctrl-A **- Moves to the beginning of the line **Ctrl-E** - Moves to the end of the line **Ctrl-R** - Redisplays a line **Ctrl-Z** - Exits the configuration mode and returns to user EXEC **Ctrl-C** - Exits the configuration mode or aborts the current command **Ctrl-Shift-6** - Allows the user to interrupt an IOS process such as ping or traceroute **Abbreviated commands or keywords** Commands and keywords can be abbreviated to the minimum number of characters that identify a unique selection. For example, the **configure** command can be abbreviated to **conf** because **configure** is the only command that begins with **conf**. An abbreviation of **con** will not work because more than one command begins with **con**. Keywords can also be abbreviated. As another example, **show interfaces** can be abbreviated like this: Switch\# **show interfaces** Switch\# **show int** **IOS Examination Commands** C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\14-2.PNG One of the most commonly used commands on a switch or router is: Switch\# **show version** This command displays information about the currently loaded IOS version, along with hardware and device information. If you are logged into a router or switch remotely, the **show version** command is an excellent means of quickly finding useful summary information about the particular device to which you are connected. **[Topic 13: Packet Tracer - Navigating the IOS:]** In this activity, you will practice skills necessary for navigating the Cisco IOS, including different user access modes, various configuration modes, and common commands you use on a regular basis. **[Topic 14: Configuring Hostnames:]** Cisco switches and Cisco routers have many similarities. They support a similar modal operating system support similar command structures, and support many of the same commands. In addition, both devices have identical initial configuration steps when implementing them in a network. However, a Cisco IOS switch is one of the simplest devices that can be configured on a network. This is because there are no configurations that are required prior to the device functioning. At its most basic, a switch can be plugged in with no configuration, but it will still switch data between connected devices. A switch is also one of the fundamental devices used in the creation of a small network. By connecting two PCs to a switch, those PCs will instantly have connectivity with one another. Initial settings include setting a name for the switch, limiting access to the device configuration, configuring banner messages, and saving the configuration. **Device Names** When configuring a networking device, one of the first steps is configuring a unique device name, or hostname. Hostnames appear in CLI prompts, can be used in various authentication processes between devices, and should be used on topology diagrams. Hostnames are configured on the active networking device. If the device name is not explicitly configured, a factory-assigned default device name is used by Cisco IOS. The default name for a Cisco IOS switch is \"Switch.\" Some guidelines for naming conventions are that names should: - Start with a letter - Contain no spaces - End with a letter or digit - Use only letters, digits, and dashes - Be less than 64 characters in length Hostnames allow devices to be identified by network administrators over a network or the Internet. **Securing Privilege EXEC Mode** ![](media/image27.png) - use the **enable secret** command, not the older **enable** password command - **enable secret** provides greater security because the password is encrypted **Securing USER EXEC Mode** - **Console port** must be secured - Reduces the chance of unauthorized personnel physically plugging a cable into the device and gaining device access - **VTY lines** allow access to a Cisco device via Telnet **[Topic 15: Packet Tracer - Configuring Initial Switch:]** In this activity, you will perform basic switch configurations. You will secure access to the command-line interface (CLI) and console ports using encrypted and plain text passwords. You will also learn how to configure messages for users logging into the switch. These banners are also used to warn unauthorized users that access is prohibited. **[Topic 16: Packet Tracer - Implementing Basic Connectivity:]** In this activity, you will first perform basic switch configurations. Then you will implement basic connectivity by configuring IP addressing on switches and PCs. When the IP addressing configuration is complete, you will use various** show **commands to verify configurations and use the** ping **command to verify basic connectivity between devices. **[Topic 17: Packet Tracer - Implementing Basic Connectivity - 2:]** This activity is in continuation of previous topic. **[Topic 18: Packet Tracer - Configuring Switch Management Address:]** In this activity, you will first perform basic switch configurations. Then you will implement basic connectivity by configuring IP addressing on switches and PCs. When the IP addressing configuration is complete, you will use various** show **commands to verify configurations and use the** ping **command to verify basic connectivity between devices. **[Topic 19: Physical Layer Protocols:]** Whether connecting to a local printer in the home or to a web site in another country, before any network communications can occur, a physical connection to a local network must be established first. A physical connection can be a wired connection using a cable or a wireless connection using radio waves. The type of physical connection used is totally dependent upon the setup of the network. **Network Interface Cards (NICs)** Network Interface Cards (NICs) connect a device to the network. Ethernet NICs are used for a wired connection whereas WLAN (Wireless Local Area Network) NICs are used for wireless. An end-user device may include one or both types of NICs. A network printer, for example, may only have an Ethernet NIC, and therefore, must connect to the network using an Ethernet cable. Other devices, such as tablets and smart phones, might only contain a WLAN NIC and must use a wireless connection. There are three basic forms of network media. The physical layer produces the representation and groupings of bits for each type of media as: **Copper cable**: The signals are patterns of electrical pulses. **Fiber-optic cable**: The signals are patterns of light. **Wireless**: The signals are patterns of microwave transmissions. To enable physical layer interoperability, all aspects of these functions are governed by standard organizations. **Physical Layer Standards** ![](media/image29.png) **Bandwidth** Different physical media support the transfer of bits at different speeds. Data transfer is usually discussed in terms of bandwidth and throughput. Bandwidth is the capacity of a medium to carry data. Digital bandwidth measures the amount of data that can flow from one place to another in a given amount of time. Bandwidth is typically measured in kilobits per second (kb/s) or megabits per second (Mb/s). The practical bandwidth of a network is determined by a combination of factors: - The properties of the physical media - The technologies chosen for signaling and detecting network signals - Physical media properties, current technologies, and the laws of physics all play a role in determining available bandwidth. **Throughput** Throughput is the measure of the transfer of bits across the media over a given period of time. Due to a number of factors, throughput usually does not match the specified bandwidth in physical layer implementations. Many factors influence throughput including: - The amount of traffic - The type of traffic - The latency created by the number of network devices encountered between source and destination Latency refers to the amount of time, to include delays, for data to travel from one given point to another. In an internetwork or network with multiple segments, throughput cannot be faster than the slowest link of the path from source to destination. Even if all or most of the segments have high bandwidth, it will only take one segment in the path with low throughput to create a bottleneck to the throughput of the entire network. **Note**: There is a third measurement to measure the transfer of usable data that is known as goodput. Goodput is the measure of usable data transferred over a given period of time. Goodput is throughput minus traffic overhead for establishing sessions, acknowledgements, and encapsulation. **[Topic 20: Network Media:]** There are three main types of copper media used in networking: **Unshielded Twisted-Pair (UTP)** Unshielded twisted-pair (UTP) cabling is the most common networking media. UTP cabling, terminated with RJ-45 connectors, is used for interconnecting network hosts with intermediate networking devices, such as switches and routers. In LANs, UTP cable consists of four pairs of color-coded wires that have been twisted together and then encased in a flexible plastic sheath which protects from minor physical damage. The twisting of wires helps protect against signal interference from other wires. **Shielded Twisted-Pair (STP)** Shielded twisted-pair (STP) provides better noise protection than UTP cabling. However, compared to UTP cable, STP cable is significantly more expensive and difficult to install. Like UTP cable, STP uses an RJ-45 connector. STP cable combines the techniques of shielding to counter EMI and RFI and wire twisting to counter crosstalk. To gain the full benefit of the shielding, STP cables are terminated with special shielded STP data connectors. If the cable is improperly grounded, the shield may act like an antenna and pick up unwanted signals. **Coaxial** Coaxial cable, or coax for short, gets its name from the fact that there are two conductors that share the same axis. Coaxial cable consists of: - A copper conductor used to transmit the electronic signals. - The copper conductor is surrounded by a layer of flexible plastic insulation. - The insulating material is surrounded in a woven copper braid, or metallic foil, that acts as the second wire in the circuit and as a shield for the inner conductor. This second layer, or shield, also reduces the amount of outside electromagnetic interference. - The entire cable is covered with a cable jacket to protect it from minor physical damage. **Fiber Optic Cabling** Optical fiber cable has become very popular for interconnecting infrastructure network devices. It permits the transmission of data over longer distances and at higher bandwidths (data rates) than any other networking media. Optical fiber is a flexible but extremely thin transparent strand of very pure glass (silica) not much bigger than a human hair. Bits are encoded on the fiber as light impulses. The fiber-optic cable acts as a waveguide, or light pipe to transmit light between the two ends with minimal loss of signal. Unlike copper wires, fiber-optic cable can transmit signals with less attenuation and is completely immune to EMI and RFI. Fiber-optic cabling is now being used in four types of industry: **Enterprise Networks**: Fiber is used for backbone cabling applications and interconnecting infrastructure devices. **FTTH and Access Networks**: Fiber-to-the-home (FTTH) is used to provide always-on broadband services to homes and small businesses. FTTH supports affordable high-speed Internet access, as well as telecommuting, telemedicine, and video on demand. **Long-Haul Networks**: Service providers use long-haul terrestrial optical fiber networks to connect countries and cities. Networks typically range from a few dozen to a few thousand kilometers and use up to 10 Gb/s-based systems. **Submarine Networks**: Special fiber cables are used to provide reliable high-speed, high-capacity solutions capable of or surviving in harsh undersea environments up to transoceanic distances. Our focus is the use of fiber within the enterprise. **Wireless Media** C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\22-1.PNG The IEEE and telecommunications industry standards for wireless data communications cover both the data link and physical layers. **[Topic 21: Data Link Layer Protocols:]** The TCP/IP network access layer is the equivalent of the OSI: Data link (Layer 2) Physical (Layer 1) The data link layer is responsible for the exchange of frames between nodes over a physical network media. It allows the upper layers to access the media and controls how data is placed and received on the media. Specifically the data link layer performs these two basic services: - It accepts Layer 3 packets and packages them into data units called frames. - It controls media access control and performs error detection. The data link layer effectively separates the media transitions that occur as the packet is forwarded from the communication processes of the higher layers. The data link layer receives packets from and directs packets to an upper layer protocol, in this case IPv4 or IPv6. This upper layer protocol does not need to be aware of which media the communication will use. **Data Link Sublayers** The data link layer is actually divided into two sublayers: **Logical Link Control (LLC)**: This upper sublayer defines the software processes that provide services to the network layer protocols. It places information in the frame that identifies which network layer protocol is being used for the frame. This information allows multiple Layer 3 protocols, such as IPv4 and IPv6, to utilize the same network interface and media. **Media Access Control (MAC)**: This lower sublayer defines the media access processes performed by the hardware. It provides data link layer addressing and delimiting of data according to the physical signaling requirements of the medium and the type of data link layer protocol in use. Separating the data link layer into sublayers allows for one type of frame defined by the upper layer to access different types of media defined by the lower layer. Such is the case in many LAN technologies, including Ethernet. **Data Link Frame Fields** The frame header contains the control information specified by the data link layer protocol for the specific logical topology and media used. Frame control information is unique to each type of protocol. It is used by the Layer 2 protocol to provide features demanded by the communication environment. **Start Frame field**: Indicates the beginning of the frame. **Source and Destination Address fields**: Indicates the source and destination nodes on the media. **Type field**: Indicates the upper layer service contained in the frame. Different data link layer protocols may use different fields from those mentioned. For example other Layer 2 protocol header frame fields could include: **Priority/Quality of Service field**: Indicates a particular type of communication service for processing. **Logical connection control field**: Used to establish a logical connection between nodes. **Physical link control field**: Used to establish the media link. **Flow control field**: Used to start and stop traffic over the media. **Congestion control field**: Indicates congestion in the media. ![C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\25-1.PNG](media/image31.png) Data link layer protocols add a trailer to the end of each frame. The trailer is used to determine if the frame arrived without error. This process is called error detection and is accomplished by placing a logical or mathematical summary of the bits that comprise the frame in the trailer. Error detection is added at the data link layer because the signals on the media could be subject to interference, distortion, or loss that would substantially change the bit values that those signals represent. A transmitting node creates a logical summary of the contents of the frame. This is known as the cyclic redundancy check (CRC) value. This value is placed in the Frame Check Sequence (FCS) field of the frame to represent the contents of the frame. When the frame arrives at the destination node, the receiving node calculates its own logical summary, or CRC, of the frame. The receiving node compares the two CRC values. If the two values are the same, the frame is considered to have arrived as transmitted. If the CRC value in the FCS differs from the CRC calculated at the receiving node, the frame is discarded. C:\\Users\\user\\Desktop\\pen drive\\Virtual University Course\\Slides\\images\\25-4.PNG Therefore, the FCS field is used to determine if errors occurred in the transmission and reception of the frame. The error detection mechanism provided by the use of the FCS field discovers most errors caused on the media. **[Topic 22: Packet Tracer -- Connecting a Wired and Wireless LAN:]** When working in Packet Tracer (a lab environment or a corporate setting), you should know how to select the appropriate cable and how to properly connect devices. This activity will examine device configurations in Packet Tracer, selecting the proper cable based on the configuration, and connecting the devices. This activity will also explore the physical view of the network in Packet Tracer. **[Topic 23: Network Layer Protocols:]** The network layer, or OSI Layer 3, provides services to allow end devices to exchange data across the network. To accomplish this end-to-end transport, the network layer uses four basic processes: **Addressing end devices** - In the same way that a phone has a unique telephone number, end devices must be configured with a unique IP address for identification on the network. An end device with a configured IP address is referred to as a host. **Encapsulation - **The network layer receives a protocol data unit (PDU) from the transport layer. In a process called encapsulation, the network layer adds IP header information, such as the IP address of the source (sending) and destination (receiving) hosts. After header information is added to the PDU, the PDU is called a packet. **Routing - **The network layer provides services to direct packets to a destination host on another network. To travel to other networks, the packet must be processed by a router. The role of the router is to select paths for and direct packets toward the destination host in a process known as routing. A packet may cross many intermediary devices before reaching the destination host. Each route the packet takes to reach the destination host is called a hop. **De-encapsulation - **When the packet arrives at the network layer of the destination host, the host checks the IP header of the packet. If the destination IP address within the header matches its own IP address, the IP header is removed from the packet. This process of removing headers from lower layers is known as de-encapsulation. After the packet is de-encapsulated by the network layer, the resulting Layer 4 PDU is passed up to the appropriate service at the transport layer. Unlike the transport layer (OSI Layer 4), which manages the data transport between the processes running on each host, network layer protocols specify the packet structure and processing used to carry the data from one host to another host. Operating without regard to the data carried in each packet allows the network layer to carry packets for multiple types of communications between multiple hosts. There are several network layer protocols in existence; however, only the following two are commonly implemented: - Internet Protocol version 4 (IPv4) - Internet Protocol version 6 (IPv6) Other legacy network layer protocols that are not widely used include: - Novell Internetwork Packet Exchange (IPX) - AppleTalk - Connectionless Network Service (CLNS/DECNet) **Characteristics of IP Protocol** IP is the network layer service implemented by the TCP/IP protocol suite. IP was designed as a protocol with low overhead. It provides only the functions that are necessary to deliver a packet from a source to a destination over an interconnected system of networks. The protocol was not designed to track and manage the flow of packets. These functions, if required, are performed by other protocols in other layers. The basic characteristics of IP are: **Connectionless - **No connection with the destination is established before sending data packets. **Best Effort (unreliable) - **Packet delivery is not guaranteed. **Media Independent - **Operation is independent of the medium carrying the data. **[Topic 24: IPv4 Packet:]** ![](media/image33.png) An IPv4 packet has two parts: **IP Header - **Identifies the packet characteristics. **Payload - **Contains the Layer 4 segment information and the actual data. As shown in the figure above, an IPv4 packet header consists of fields containing important information about the packet. These fields contain binary numbers which are examined by the Layer 3 process. The binary values of each field identify various settings of the IP packet. Significant fields in the IPv4 header include: **Version - **Contains a 4-bit binary value identifying the IP packet version. For IPv4 packets, this field is always set to 0100. **Differentiated Services (DS) -**Formerly called the Type of Service (ToS) field, the DS field is an 8-bit field used to determine the priority of each packet. The first 6 bits identify the Differentiated Services Code Point (DSCP) value that is used by a quality of service (QoS) mechanism. The last 2 bits identify the explicit congestion notification (ECN) value that can be used to prevent dropped packets during times of network congestion. **Time-to-Live (TTL) - **Contains an 8-bit binary value that is used to limit the lifetime of a packet. It is specified in seconds but is commonly referred to as hop count. The packet sender sets the initial time-to-live (TTL) value and is decreased by one each time the packet is processed by a router, or hop. If the TTL field decrements to zero, the router discards the packet and sends an Internet Control Message Protocol (ICMP) Time Exceeded message to the source IP address. The** traceroute** command uses this field to identify the routers used between the source and destination. **Protocol - **This 8-bit binary value indicates the data payload type that the packet is carrying, which enables the network layer to pass the data to the appropriate upper-layer protocol. Common values include ICMP (0x01), TCP (0x06), and UDP (0x11). **Source IP Address - **Contains a 32-bit binary value that represents the source IP address of the packet. **Destination IP Address - **Contains a 32-bit binary value that represents the destination IP address of the packet. **[Topic 25: IPv4 Address and Subnet Mask:]** Understanding binary notation is important when determining if two hosts are in the same network. Recall that an IP address is a hierarchical address that is made up of two parts: a network portion and a host portion. But when determining the network portion versus the host portion, it is necessary to look, not at the decimal value, but at the 32-bit stream. Within the 32-bit stream, a portion of the bits makes up the network and a portion of the bits makes up the host. The bits within the network portion of the address must be identical for all devices that reside in the same network. The bits within the host portion of the address must be unique to identify a specific host within a network. Regardless of whether the decimal numbers between two IPv4 addresses match up, if two hosts have the same bit-pattern in the specified network portion of the 32-bit stream, those two hosts will reside in the same network. But how do hosts know which portion of the 32-bits is network and which is host? That is the job of the subnet mask. When an IP host is configured, a subnet mask is assigned along with an IP address. Like the IP address, the subnet mask is 32 bits long. The subnet mask signifies which part of the IP address is network and which part is host. The subnet mask is compared to the IP address from left to right, bit for bit. The 1s in the subnet mask represent the network portion; the 0s represent the host portion. Similar to IPv4 addresses, the subnet mask is represented in dotted decimal format for ease of use. The subnet mask is configured on a host device, in conjunction with the IPv4 address, and is required so the host can determine which network it belongs to. **Network Prefixes** The prefix length is another way of expressing the subnet mask. The prefix length is the number of bits set to 1 in the subnet mask. It is written in slash notation, a / followed by the number of bits set to 1. For example, if the subnet mask is 255.255.255.0, there are 24 bits set to 1 in the binary version of the subnet mask, so the prefix length is 24 bits or /24. The prefix and the subnet mask are different ways of representing the same thing - the network portion of an address. **IPv4 Subnet Mask** When an IPv4 address is assigned to a device, that device uses the subnet mask to determine what network address the device belongs to. The network address is the address that represents all the devices on the same network. When sending network data, the device uses this information to determine whether it can send packets locally, or if it must send the packets to a default gateway for remote delivery. When a host sends a packet, it compares the network portion of its own IP address to the network portion of the destination IP address, based on subnet masks. If the network bits match, both the source and destination host are on the same network and the packet can be delivered locally. If they do not match, the sending host forwards the packet to the default gateway to be sent on to the other network. **When an IPv4 address is assigned to a device, that device uses the subnet mask to determine what network address the device belongs to. The network address is the address that represents all the devices on the same network.** **When sending network data, the device uses this information to determine whether it can send packets locally, or if it must send the packets to a default gateway for remote delivery. When a host sends a packet, it compares the network portion of its own IP address to the network portion of the destination IP address, based on subnet masks. If the network bits match, both the source and destination host are on the same network and the packet can be delivered locally. If they do not match, the sending host forwards the packet to the default gateway to be sent on to the other network.** There are three types of addresses within the address range of each IPv4 network: - Network address - Host addresses - Broadcast address **Network Address** The network address is a standard way to refer to a network. The subnet mask or the prefix length might also be used when referring to network address. **Host Address** Every end device requires a unique address to communicate on the network. In IPv4 addresses, the values between the network address and the broadcast address can be assigned to end devices in a network. **Broadcast Address** The IPv4 broadcast address is a special address for each network that allows communication to all the hosts in that network. To send data to all hosts in a network at once, a host can send a single packet that is addressed to the broadcast address of the network, and each host in the network that receives this packet will process its contents. **First Host Address** The host portion of the first host address will contain all 0 bits with a 1 bit for the lowest order or right-most bit. This address is always one greater than the network address. In this example the first host address on the 10.1.1.0/24 network is 10.1.1.1. It is common in many addressing schemes to use the first host address for the router or default gateway address. **Last Host Address** The host portion of the last host address will contain all 1 bits with a 0 bit for the lowest order or right-most bit. This address is always one less than the broadcast address. The last host address on the 10.1.1.0/24 network is 10.1.1.254. **[Topic 26: IPv4 Unicast, Broadcast and Multicast:]** In an IPv4 network, the hosts can communicate one of three ways: **Unicast** - The process of sending a packet from one host to an individual host **Broadcast** - The process of sending a packet from one host to all hosts in the network **Multicast** - The process of sending a packet from one host to a selected group of hosts, possibly in different networks These three types of communication are used for different purposes in data networks. In all three cases, the IPv4 address of the originating host is placed in the packet header as the source address. **Unicast Traffic** In an IPv4 network, the unicast addresses applied to an end device is referred to as the host address. For unicast communication, the addresses assigned to the two end devices are used as the source and destination IPv4 addresses. During the encapsulation process, the source host places its IPv4 address in the unicast packet header as the source address and the IPv4 address of the destination host in the packet header as the destination address. Regardless of whether the destination specified a packet is a unicast, broadcast or multicast; the source address of any packet is always the unicast address of the originating host. IPv4 host addresses are unicast addresses and are in the address range of 0.0.0.0 to 223.255.255.255. However, within this range are many addresses that are reserved for special purposes. These special purpose addresses will be discussed later in this chapter. **Multicast Transmission** Multicast transmission is designed to conserve the bandwidth of an IPv4 network. It reduces traffic by allowing a host to send a single packet to a selected set of hosts that are part of a subscribing multicast group. Some examples of multicast transmission are: - Video and audio broadcasts - Routing information exchange by routing protocols - Distribution of software - Remote gaming **Multicast Addresses** IPv4 has a block of addresses reserved for addressing multicast groups. This address range is 224.0.0.0 to 239.255.255.255. The multicast address range is subdivided into different types of addresses: reserved link local addresses and globally scoped addresses. One additional type of multicast address is the administratively scoped addresses, also called limited scope addresses. **Multicast Clients** Hosts that receive particular multicast data are called multicast clients. The multicast clients use services requested by a client program to subscribe to the multicast group. Each multicast group is represented by a single IPv4 multicast destination address. When an IPv4 host subscribes to a multicast group, the host processes packets addressed to this multicast address and packets addressed to its uniquely allocated unicast address. **Broadcast Transmission** Broadcast traffic is used to send packets to all hosts in the network using the broadcast address for the network. With a broadcast, the packet contains a destination IP address with all ones (1s) in the host portion. This means that all hosts on that local network (broadcast domain) will receive and look at the packet. Many network protocols, such as DHCP, use broadcasts. When a host receives a packet sent to the network broadcast address, the host processes the packet as it would a packet addressed to its unicast address. Some examples for using broadcast transmission are: - Mapping upper layer addresses to lower layer addresses - Requesting an address Unlike unicast, where the packets can be routed throughout the internetwork, broadcast packets are usually restricted to the local network. This restriction is dependent on the configuration of the gateway router and the type of broadcast. There are two types of broadcasts: directed broadcast and limited broadcast. **Directed Broadcast** A directed broadcast is sent to all hosts on a specific network. This type of broadcast is useful for sending a broadcast to all hosts on a non-local network. For example, for a host outside of the 172.16.4.0/24 network to communicate with all of the hosts within that network, the destination address of the packet would be 172.16.4.255. Although routers do not forward directed broadcasts by default, they may be configured to do so. **Limited Broadcast** The limited broadcast is used for communication that is limited to the hosts on the local network. These packets always use a destination IPv4 address 255.255.255.255. Routers do not forward a limited broadcast. For this reason, an IPv4 network is also referred to as a broadcast domain. Routers form the boundary for a broadcast domain. As an example, a host within the 172.16.4.0/24 network would broadcast to all hosts in its network using a packet with a destination address of 255.255.255.255. **[Topic 27: Packet Tracer -- Investigate Unicast, Broadcast and Multicast Traffic :]** This activity will examine unicast, broadcast, and multicast behavior. Most traffic in a network is unicast. When a PC sends an ICMP echo request to a remote router, the source address in the IP packet header is the IP address of the sending PC. The destination address in the IP packet header is the IP address of the interface on the remote router. The packet is sent only to the intended destination. Using the** ping **command or the Add Complex PDU feature of Packet Tracer, you can directly ping broadcast addresses to view broadcast traffic. **[Topic 28: Types of IPv4 Addresses:]** Although most IPv4 host addresses are public addresses designated for use in networks that are accessible on the Internet, there are blocks of addresses that are used in networks that require limited or no Internet access. These addresses are called private addresses. **Private Addresses** The private address blocks are: 10.0.0.0 to 10.255.255.255 (10.0.0.0/8) 172.16.0.0 to 172.31.255.255 (172.16.0.0/12) 192.168.0.0 to 192.168.255.255 (192.168.0.0/16) **Public Addresses** Most IPv4 addresses are public IP addresses. These are reachable IPv4 addresses on the Internet. However, there are blocks of addresses that are private addresses and are never propagated on the Internet. Packets with a ***source or destination private IP address are not propagated by Internet routers***. Internet routers / firewalls block or translate these addresses. Private addresses are usually converted to public IP addresses using **NAT (Network Address Translation)** - Private addresses are defined in RFC 1918. - The private address blocks are: - **10.0.0.0 /8**: 10.0.0.0 to 10.255.255.255 - **172.16.0.0 /12**: 172.16.0.0 to 172.31.255.255 - **192.168.0.0 /16**: 192.168.0.0 to 192.168.255.255 **Special Addresses** There are certain addresses that cannot be assigned to hosts. There are also special addresses that can be assigned to hosts, but with restrictions on how those hosts can interact within the network. **Network and Broadcast Addresses** **Loopback** One such reserved address is the IPv4 loopback address 127.0.0.1. The loopback is a special address that hosts use to direct traffic to themselves. The loopback address creates a shortcut method for TCP/IP applications and services that run on the same device to communicate with one another. By using the loopback address instead of the assigned IPv4 host address, two services on the same host can bypass the lower layers of the TCP/IP stack. You can also ping the loopback address to test the configuration of TCP/IP on the local host. Although only the single 127.0.0.1 address is used, addresses 127.0.0.0 to 127.255.255.255 are reserved. Any address within this block will loop back to the local host. No address within this block should ever appear on any network. **Link-Local Addresses** IPv4 addresses in the address block 169.254.0.0 to 169.254.255.255 (169.254.0.0/16) are designated as link-local addresses. These addresses can be automatically assigned to the local host by the operating system in environments where no IP configuration is available. These might be used in a small peer-to-peer network or for a host that could not automatically obtain an address from a DHCP server. **TEST-NET Addresses** The address block 192.0.2.0 to 192.0.2.255 (192.0.2.0/24) is set aside for teaching and learning purposes. These addresses can be used in documentation and network examples. **Experimental Addresses** The addresses in the block 240.0.0.0 to 255.255.255.254 are listed as reserved for future use (RFC 3330). Currently, these addresses can only be used for research or experimentation purposes, but cannot be used in an IPv4 network. **Legacy Classful Addresses** **Assignment of IP Addresses** For a company or organization to have network hosts, such as web servers, accessible from the Internet, that organization must have a block of public addresses assigned. Remember that public addresses must be unique, and use of these public addresses is regulated and allocated to each organization separately. This is true for IPv4 and IPv6 addresses. **IANA and RIRs** Internet Assigned Numbers Authority (IANA) ([http://www.iana.org](http://www.iana.org/)) manages the allocation of IPv4 and IPv6 addresses. Until the mid-1990s, all IPv4 address space was managed directly by the IANA. At that time, the remaining IPv4 address space was allocated to various other registries to manage for particular purposes or for regional areas. These registration companies are called Regional Internet Registries (RIRs). The major registries are: AfriNIC (African Network Information Centre) - Africa Region[http://www.afrinic.net](http://www.afrinic.net/) APNIC (Asia Pacific Network Information Centre) - Asia/Pacific Region [http://www.apnic.net](http://www.apnic.net/) ARIN (American Registry for Internet Numbers) - North America Region[http://www.arin.net](http://www.arin.net/) LACNIC (Regional Latin-American and Caribbean IP Address Registry) - Latin America and some Caribbean Islands[http://www.lacnic.net](http://www.lacnic.net/) RIPE NCC (Reseaux IP Europeans) - Europe, the Middle East, and Central Asia [http://www.ripe.net](http://www.ripe.net/) **ISPs** RIRs are responsible for allocating IP addresses to the Internet Service Providers (ISPs). Most companies or organizations obtain their IPv4 address blocks from an ISP. An ISP will generally supply a small number of usable IPv4 addresses (6 or 14) to their customers as a part of their services. Larger blocks of addresses can be obtained based on justification of needs and for additional service costs. **[Topic 29: Using Windows Calculator with Network Addresses:]** In this activity, we will use windows calculator to calculate network addresses. **[Topic 30: Converting IPv4 Addresses to Binary:]** - **Convert IPv4 Addresses from Dotted Decimal to Binary** - **Bitwise ANDing** - **Network Address Calculation** **[Topic 31: Network Segmentation:]** In early network implementations, it was common for organizations to have all computers and other networked devices connected to a single IP network. All devices in the organization were assigned an IP address with a matching network ID. This type of configuration is known as a flat network design. In a small network, with a limited number of devices, a flat network design is not problematic. However, as the network grows, this type of configuration can create major issues. Consider how on an Ethernet LAN, devices use broadcasts to locate needed services and devices. Recall that a broadcast is sent to all hosts on an IP network. The Dynamic Host Configuration Protocol (DHCP) is an example of a network service that depends on broadcasts. Devices send broadcasts across the network to locate the DHCP server. On a large network, this could create a significant amount of traffic slowing network operations. The process of segmenting a network, by dividing it into multiple smaller network spaces, is called subnetting. These sub-networks are called subnets. Network administrators can group devices and services into subnets that are determined by geographic location (perhaps the 3rd floor of a building), by organizational unit (perhaps the sales department), by device type (printers, servers, WAN), or any other division that makes sense for the network. Subnetting can reduce overall network traffic and improve network performance. **Subnetting** Segmenting networks in subnets creates smaller groups of devices and services in order to: - Create smaller broadcast domains. - Limit the amount of traffic on the other network segments. - Provide low-level security. - A router is required to subnet a network. - Each router interface is on a different subnet. - Devices on a subnet use the router interface as the default gateway. **[Topic 32: Subnetting an IPv4 Network:]** ![](media/image38.png) Every network address has a valid range of host addresses. All devices attached to the same network will have an IPv4 host address for that network and a common subnet mask or network prefix. The prefix and the subnet mask are different ways of representing the same thing - the network portion of an address. IPv4 subnets are created by using one or more of the host bits as network bits. This is done by extending the mask to borrow some of the bits from the host portion of the address to create additional network bits. The more host bits borrowed, the more subnets that can be defined. For each bit borrowed, the number of subnetworks available is doubled. For example, if 1 bit is borrowed, 2 subnets can be created. If 2 bits, 4 subnets are created, if 3 bits are borrowed, 8 subnets are created, and so on. However, with each bit borrowed, fewer host addresses are available per subnet. Bits can only be borrowed from the host portion of the address. The network portion of the address is allocated by the service provider and cannot be changed. **[Topic 33: Calculating IPv4 Subnets:]** - **Calculate IPv4 Address Subnetting** **[Topic 34: Packet Tracer -- Subnetting Scenario:]** In this activity, you are given the network address of 192.168.100.0/24 to subnet and provide the IP addressing for the network shown in the topology. Each LAN in the network requires enough space for, at least, 25 addresses for end devices, the switch and the router. The connection between R1 to R2 will require an IP address for each end of the link. - **Design an IP Addressing Scheme** - **Assign IP Addresses to Network Devices and Verify Connectivity** **[Topic 35: Packet Tracer -- Subnetting Scenario - 2:]** Part 2 of the previous activity. **[Topic 36: Variable Length Subnet Masking (VLSM):]** VLSM allows a network space to be divided in unequal parts. With VLSM the subnet mask will vary depending on how many bits have been borrowed for a particular subnet, thus the variable part of the VLSM. VLSM subnetting is similar to traditional subnetting in that bits are borrowed to create subnets. The formulas to calculate the number of hosts per subnet and the number of subnets created still apply. The difference is that subnetting is not a single pass activity. With VLSM, the network is first subnetted, and then the subnets are subnetted again. This process can be repeated multiple times to create subnets of various sizes. Please refer to the slides for more understanding of VLSM with the help of an example. **[Topic 37: Anatomy of a Router:]** How does clicking a link in a web browser return the desired information in mere seconds? Although there are many devices and technologies collaboratively working together to enable this, the primary device is the router. Stated simply, a router connects one network to another network. Communication between networks would not be possible without a router determining the best path to the destination and forwarding traffic to the next router along that path. The router is responsible for the routing of traffic between networks. When a packet arrives on a router interface, the router uses its routing table to determine how to reach the destination network. The destination of the IP packet might be a web server in another country or an email server on the local area network. It is the responsibility of routers to deliver those packets efficiently. The effectiveness of internetwork communications depends, to a large degree, on the ability of routers to forward packets in the most efficient way possible. **Functions of a Router** - Routers are computers - Routers interconnects networks - Routers choose best paths - A router has access to four types of memory: RAM, ROM, NVRAM, and Flash. - RAM is used to store various applications and processes including: - **Cisco IOS - **The IOS is copied into RAM during bootup. - **Running configuration file - **This is the configuration file that stores the configuration commands that the router IOS is currently using. It is also known as the running-config. - **IP routing table - **This file stores information about directly-connected and remote networks. It is used to determine the best path to use to forward packets. - **ARP cache - **This cache contains the IPv4 address to MAC address mappings, similar to the Address Resolution Protocol (ARP) cache on a PC. The ARP cache is used on routers that have LAN interfaces, such as Ethernet interfaces. - **Packet buffer - **Packets are temporarily stored in a buffer when received on an interface or before they exit an interface. - Like computers, Cisco routers actually use dynamic random-access memory (DRAM). DRAM is a very common kind of RAM that stores the instructions and data needed to be executed by the CPU. Unlike ROM, RAM is volatile memory and requires continual power to maintain its information. It loses all of its content when the router is powered down or restarted. - By default 1941 routers come with 512 MB of DRAM soldered on the main system board (onboard) and one dual in-line memory module (DIMM) slot for memory upgrades of up to an additional 2.0 GB. Cisco 2901, 2911, and 2921 models come with 512 MB of onboard DRAM. Note that first generation ISRs and older Cisco routers do not have onboard RAM. - Cisco routers use ROM to store: - **Bootup instructions - **Provides the startup instructions. - **Basic diagnostic software - **Performs the power-on self-test (POST) of all components. - **Limited IOS - **Provides a limited backup version of the OS, in case the router cannot load the full featured IOS. - ROM is firmware embedded on an integrated circuit inside the router and does not lose its contents when the router loses power or is restarted. - NVRAM is used by the Cisco IOS as permanent storage for the startup configuration file (startup-config). Like ROM, NVRAM does not lose its contents when power is turned off. - Flash memory is non-volatile computer memory used as permanent storage for the IOS and other system related files. The IOS is copied from flash into RAM during the bootup process. - Cisco 1941 routers come with two external Compact Flash slots. Each slot can support high-speed storage densities upgradeable to 4GB in density. A Cisco 1941 router includes the following connections: **Console ports - **Two console ports for the initial configuration and command-line interface (CLI) management access using a regular RJ-45 port and a new USB Type-B (mini-B USB) connector. **AUX port - **An RJ-45 port for remote management access; this is similar to the Console port. **Two LAN interfaces - **Two Gigabit Ethernet interfaces for LAN access. **Enhanced high-speed WAN interface card (EHWIC) slots - **Two slots that provide modularity and flexibility by enabling the router to support different types of interface modules, including Serial, digital subscriber line (DSL), switch port, and wireless. The Cisco 1941 ISR also has storage slots to support expanded capabilities. Dual-compact flash memory slots are capable of supporting a 4 GB compact flash card each for increased storage space. Two USB host ports are included for additional storage space and secure token capability. Compact flash can store the Cisco IOS software image, log files, voice configuration files, HTML files, backup configurations, or any other file needed for the system. By default, only slot 0 is populated with a compact flash card from the factory, and it is the default boot location. The figure above identifies the location of these connections and slots. Cisco devices, routers, and switches typically interconnect many devices. For this reason, these devices have several types of ports and interfaces. These ports and interfaces are used to connect cables to the device. The connections on a Cisco router can be grouped into two categories: **Management ports - **These are the console and auxiliary ports used to configure, manage, and troubleshoot the router. Unlike LAN and WAN interfaces, management ports are not used for packet forwarding. **Inband Router interfaces - **These are the LAN and WAN interfaces configured with IP addressing to carry user traffic. Ethernet interfaces are the most common LAN connections, while common WAN connections include serial and DSL interfaces. **Router Interfaces** Similar to a Cisco switch, there are several ways to access the CLI environment on a Cisco router. The most common methods are: **Console** - Uses a low speed serial or USB connection to provide direct connect, out-of-band management access to a Cisco device. **Telnet or SSH** - Two methods for remotely accessing a CLI session across an active network interface. **AUX port** - Used for remote management of the router using a dial-up telephone line and modem. The console and AUX port are located on the router. In addition to these ports, routers also have network interfaces to receive and forward IP packets. Routers have multiple interfaces that are used to connect to multiple networks. Typically, the interfaces connect to various types of networks, which mean that different types of media and connectors are required. Every interface on the router is a member or host on a different IP network. Each interface must be configured with an IP address and subnet mask of a different network. The Cisco IOS does not allow two active interfaces on the same router to belong to the same network. Router interfaces can be grouped into two categories: **Ethernet LAN interfaces** - Used for connecting cables that terminate with LAN devices, such as computers and switches. This interface can also be used to connect routers to each other. Several conventions for naming Ethernet interfaces are popular: the older Ethernet, FastEthernet, and Gigabit Ethernet. The name used depends on the device type and model. **Serial WAN interfaces** - Used for connecting routers to external networks, usually over a larger geographical distance. Similar to LAN interfaces, each serial WAN interface has its own IP address and subnet mask, which identifies it as a member of a specific network. **[Topic 38: Packet Tracer -- Exploring Internetworking Devices:]** - **Identify Physical Characteristics of Internetworking Devices** - **Select Correct Modules for Connectivity** - **Connect Devices** In this activity, you will explore the different options available on internetworking devices. You will also be required to determine which options provide the necessary connectivity when connecting multiple devices. Finally, you will add the correct modules and connect the devices. **[Topic 39: Router Bootup:]** The Cisco IOS operational details vary on different internetworking devices, depending on the device\'s purpose and feature set. However, Cisco IOS for routers provides the following: - Addressing - Interfaces - Routing - Security - QoS - Resources Management The IOS file itself is several megabytes in size and similar to Cisco IOS switches, is stored in flash memory. Using flash allows the IOS to be upgraded to newer versions or to have new features added. During bootup, the IOS is copied from flash memory into RAM. DRAM is much faster than flash; therefore, copying the IOS into RAM increases the performance of the device. A router loads the following two files into RAM when it is booted: **IOS image file - **The IOS facilitates the basic operation of the device\'s hardware components. The IOS image file is stored in flash memory. **Startup configuration file - **The startup configuration file contains commands that are used to initially configure a router and create the running configuration file stored in in RAM. The startup configuration file is stored in NVRAM. All configuration changes are stored in the running configuration file and are implemented immediately by the IOS. The running configuration is modified when the network administrator performs device configuration. When changes are made to the running-config file, it should be saved to NVRAM as the startup configuration file, in case the router is restarted or loses power. **[Topic 40: Configuring Routers:]** Cisco routers and Cisco switches have many similarities. They support a similar modal operating system, similar command structures, and many of the same commands. In addition, both devices have similar initial configuration steps. When configuring a Cisco switch or router, the following basic tasks should be performed first: **Name the device **- Distinguishes it from other routers. **Secure management access **- Secures privileged EXEC, user EXEC, and Telnet access, and encrypts passwords to their highest level. **Configure a banner **- Provides legal notification of unauthorized access. One distinguishing feature between switches and routers is the type of interfaces supported by each. For example, Layer 2 switches support LANs and, therefore, have multiple FastEthernet or Gigabit Ethernet ports. Routers support LANs and WANs and can interconnect different types of networks; therefore, they support many types of interfaces. For example, G2 ISRs have one or two integrated Gigabit Ethernet interfaces and High-Speed WAN Interface Card (HWIC) slots to accommodate other types of network interfaces, including serial, DSL, and cable interfaces. To be available, an interface must be: **If using IPv4, configured with an address and a subnet mask **- Use the**ip address*** ip-address subnet-mask *interface configuration command. **Activated **- By default, LAN and WAN interfaces are not activated (**shutdown**). To enable an interface, it must be activated using the** no shutdown **command. (This is similar to powering on the interface.) The interface must also be connected to another device (a hub, a switch, or another router) for the physical layer to be active. Optionally, the interface could also be configured with a short description. It is good practice to configure a description on each interface. The description text is limited to 240 characters. On production networks, a description can be helpful in troubleshooting by providing information about the type of network to which the interface is connected. If the interface connects to an ISP or service carrier, it is helpful to enter the third party connection and contact information. **[Topic 41: Packet Tracer -- Configure Initial Router Settings:]** - **Verify the Default Router Configuration** - **Verify and Configure Initial Router Configuration** - **Save the Running Configuration File** In this activity, you will perform basic router configurations. You will secure access to the CLI and console port using encrypted and plain text passwords. You will also configure messages for users logging into the router. These banners also warn unauthorized users that access is prohibited. Finally, you will verify and save your running configuration. **[Topic 42: Packet Tracer -- Configuring IPv4:]** - Configure IPv4 Addressing and Verify Connectivity **[Topic 43: Verify Connectivity of Directly Connected Networks:]** There are several** show **commands that can be used to verify the operation and configuration of an interface. The following three commands are especially useful to quickly identify an interface status: **show ip interface brief **- Displays a summary for all interfaces including the IPv4 address of the interface and current operational status. **show ip route **- Displays the contents of the IPv4 routing table stored in RAM. In Cisco IOS 15, active interfaces should appear in the routing table with two related entries identified by the code C (Connected) or L (Local). **show running-config interface ***interface-id* - Displays the commands configured on the specified interface. The following two commands are used to gather more detailed interface information: **show interfaces **- Displays interface information and packet flow count for all interfaces on the device. **show ip interface **- Displays the IPv4 related information for all interfaces on a router. **[Topic 44: Switching Packets Between Networks:]** A primary function of a router is to forward packets toward their destination. This is accomplished by using a switching function, which is the process used by a router to accept a packet on one interface and forward it out of another interface. A key responsibility of the switching function is to encapsulate packets in the appropriate data link frame type for the outgoing data link. After the router has determined the exit interface using the path determination function, the router must encapsulate the packet into the data link frame of the outgoing interface. What does a router do with a packet received from one network and destined for another network? The router performs the following three major steps: **Step 1.** De-encapsulates the Layer 3 packet by removing the Layer 2 frame header and trailer. **Step 2.** Examines the destination IP address of the IP packet to find the best path in the routing table. **Step 3.** If the router finds a path to the destination, it encapsulates the Layer 3 packet into a new Layer 2 frame and forwards the frame out the exit interface. As shown in the figure above, devices have Layer 3 IPv4 addresses and Ethernet interfaces have Layer 2 data link addresses. For example, PC1 is configured with IPv4 address 192.168.1.10 and an example MAC address of 0A-10. As a packet travels from the source device to the final destination device, the Layer 3 IP addresses do not change. However, the Layer 2 data link addresses change at every hop as the packet is de-encapsulated and re-encapsulated in a new frame by each router. It is very likely that the packet is encapsulated in a different type of Layer 2 frame than the one in which it was received. For example, an Ethernet encapsulated frame might be received by the router on a FastEthernet interface, and then processed to be forwarded out of a serial interface as a Point-to-Point Protocol (PPP) encapsulated frame. Please refer to the slides for detail understanding with the help of an example. **[Topic 45: Path Determination:]** ![](media/image41.png) A primary function of a router is to determine the best path to use to send packets. To determine the best path, the router searches its routing table for a network address that matches the destination IP address of the packet. The routing table search results in one of three path determinations: **Directly connected network **- If the destination IP address of the packet belongs to a device on a network that is directly connected to one of the interfaces of the router, that packet is forwarded directly to the destination device. This means that the destination IP address of the packet is a host address on the same network as the interface of the router. **Remote network **- If the destination IP address of the packet belongs to a remote network, then the packet is forwarded to another router. Remote networks can only be reached by forwarding packets to another router. **No route determined **- If the destination IP address of the packet does not belong to either a connected or remote network, the router determines if there is a Gateway of Last Resort available. A Gateway of Last Resort is set when a default route is configured on a router. If there is a default route, the packet is forwarded to the Gateway of Last Resort. If the router does not have a default route, then the packet is discarded. If the packet is discarded, the router sends an ICMP unreachable message to the source IP address of the packet. The logic flowchart in the figure above illustrates the router packet forwarding decision process. Determining the best path involves the evaluation of multiple paths to the same destination network and selecting the optimum or shortest path to reach that network. Whenever multiple paths to the same network exist, each path uses a different exit int

Handout CS407 - Routing and Switching PDF

Document Details

Tags

Related

Summary

Full Transcript

Upgrade to continue