amit ccna updated

8/8/2019 Amit Ccna Updated

1/32

Company Profile

Centre for Electronic Governance (CEG):

Centre for Electronic Governance is an Autonomous body of the Government of Rajasthan under

the Department of Technical Education. Foundation stone of CEG was laid down on 8th

December 2006 at Khaitan Polytechnic College Jaipur by Honble Ministers for Technical

Education.

The CEG has been established with a sole aim to provide a conducive environment for creating

industry employable IT professionals by the way of arranging seminars lecturers, vocational

trainings and industry relevant software trainings.

Features:

To promote interaction between the Government, Technical Institutes and the Industries

To empower students living in the rural areas so as to bridge the urban - Rural gap

To produce industry ready IT professionals

To help in updating the Curriculum as per the needs of the Industries

Aims and Objectives are:

Campus Placement Mission (CPM)

Campus Placement Related Skills (CPRS)

Graduate Placement Mission (GPM)

Training for Student

1


2/32

INTRODUCTION TO NETWORKING

Definition:-

A network is a system that transmits any combination of voice, video and/or data

between users. A network can be defined by its geographical dimensions and by which the users

PC access it.

A network consists of a:

The network operating system (Windows NT/2000TM/Xp) on the users PC (client) and

server

The cables connecting all network devices (users PC, server,peripherals,etc.)

All supporting network components (hubs, routers and switches,etc.)

Computer Network means an interconnected collection of autonomous computers.

Requirement of Networking

Resource sharing- To make all programs, equipment, and especially data available to anyone on

the network without regard to the physical location of the resource and the user.

High reliability- As all files could be replicated on two or three machines, so if one of them is

unavailable (due to hardware failure), the other copies could be used.

Scalability- It is the ability to increase system performance gradually as the workload grows just

by adding more processors. A computer network can provide a powerful communication

medium along widely separated employees.

The use of networks to enhance human-to-human communication will probably prove more

important than technical goals such as improved reliability.

These are the reasons that forced the inventors to invent the networking devices, models and

protocols etc.

The birth of Networking took place in 1844 when for the first time Samuel Morse sent the first

telegraph message.

TYPES OF NETWORKS

1) LAN (LOCAL AREA NETWORK)

2) WAN (WIDE AREA NETWORK)

2


3/32

LAN (LOCAL AREA NETWORK)

These are privately owned networks within a single building or campus of up to a few kilometers

in size.

LANs are distinguished from other networks by three characteristics:

1) Their size

2) Their transmission technology

3) Their topology

LANs are restricted in size, which means that the worst-case transmission time is bounded and

known in advance.

LANs often use a transmission technology consisting of a single cable to which all the machines

are attached.

LANs run at speeds of 10 to 100 Mbps, have low delays, and make very few errors.

Fig: LAN NETWORK

LAN SETUP

IEEE has produced several standards for LANs. These standards collectively known as IEEE 802

IEEE802.3 (Ethernet), IEEE802.4 (Token Bus), IEEE802.5 (Token Ring)

3


4/32

WAN (WIDE AREA NETWORK)

It is a Computer network that spans a relatively large geographical area, often a country or

continent. Typically a WAN consists of two or more Local Area Network.

Computers connected to WAN are often connected through public networks such as telephone

systems. They can also be connected through leased lines or satellites. The largest WAN in

existence is Internet. WANs run at speed of maximum 2 to 10 Mbps.

WAN SETUP

For most WANs, the long distance bandwidth is relatively slow: on the order of kilobits per

second (kbps) as opposed to megabits per second (Mbps) for local-area networks (LANs). For

example, an Ethernet LAN has a 10 Mbps bandwidth; a WAN using part or all of a T1 carrier

has a bandwidth of 1.544 Mbps.

Three types of approaches are used to connect WANs:

1) Circuit switching, which provides a fixed connection (at least for the duration of a call or

session), so that each packet takes the same path. Examples of this approach include ISDN,

Switched 56, and Switched T1

2) Packet switching, which establishes connections during the transmission process so that

different packets from the same transmission may take different routes and may arrive out of

sequence at the destination. Examples of this approach are X.25, frame relay, and ATM.

3) Leased lines, which can provide a dedicated connection for private use

NETWORK MODELS

Many benefits can be gained from the process of breaking up the functions or tasks of

networking into smaller chunks, called layers, and defining standard interfaces between these

layers. The layers break a large, complex set of concepts and protocols into smaller pieces,

making it easier to talk about, to implement with hardware and software, and to troubleshoot.The following list summarizes the benefits of layered protocol Specifications:

Humans can more easily discuss and learn about the many details of a protocol

specification

Standardized interfaces among layers facilitate modular engineering

4


5/32

A better environment for interoperability is created. One vendor can write software that

implements higher layersfor example, a Web browserand another can write software

that implements the lower layersfor example, Microsofts built-in TCP/IP software in

its operating systems

Reduced complexity allows easier program changes and faster product evolution

One layer uses the services of the layer immediately below it. Therefore, remembering

what each layer does is easier. (For example, the network layer needs to deliver data from

end to end. To do this, it uses data links to forward data to the next successive device

along that end-to-end path.)

OSI NETWORK MODEL

The OSI model describes how information makes its way from application programs through a

network medium to another application program in other computer. It divides one big problem in

to seven smaller problems. Each problem is addressed by one of the seven layers of the OSI

model.

OSI MODEL

APPLICATION

PRESENTATION

SESSION

TRANSPORT

NETWORK

DATA LINNK

PHYSICAL

Fig: NETWORK LAYERS

Functions of Network Layers:-

5


6/32

PHYSICAL LAYER

Transmits raw bit stream over physical cable

Defines cables, cards, and physical aspects

Defines NIC attachments to hardware, how cable is attached to NIC

Defines techniques to transfer bit stream to cable

DATA LINK LAYER

Turns packets into raw bits 100101 and at the receiving end turns bits into packets

Handles data frames between the Network and Physical layers

The receiving end packages raw data from the Physical layer into data frames for

delivery to the Network layer

Responsible for error-free transfer of frames to other computer via the Physical Layer

This layer defines the methods used to transmit and receive data on the network. It

consists of the wiring, the devices use to connect the NIC to the wiring, the signaling

involved to transmit / receive data and the ability to detect signaling errors on the

network media

Logical Link Control

Error correction and flow control

Manages link control and defines SAPs

NETWORK LAYER

Translates logical network address and names to their physical address

(e.g. computer name ==> MAC address)

Responsible for addressing and determining routes for sending

Managing network problems such as packet switching, data congestion and routing

If router cant send data frame as large as the source computer sends, the network layer

compensates by breaking the data into smaller units. At the receiving end, the network

layer reassembles the data

Think of this layer stamping the addresses on each train car

IP; ARP; RARP, ICMP; RIP; OSFP

6


7/32

TRANSPORT LAYER

Additional connection below the session layer

Manages the flow control of data between parties across the network

Divides streams of data into chunks or packets; the transport layer of the receivingcomputer reassembles the message from packets

Provides error-checking to guarantee error-free data delivery, with on losses or

duplications

Provides acknowledgment of successful transmissions; requests retransmission if some

packets dont arrive error-free

SESSION LAYER

Establishes, maintains and ends sessions across the network Responsible for name recognition (identification) so only the designated parties can

participate in the session

Provides synchronization services by planning check points in the data stream => if

session fails, only data after the most recent checkpoint need be transmitted

Manages who can transmit data at a certain time and for how long

PRESENTATION LAYER

Translates from application to network format and vice-versa

All different formats from all sources are made into a common uniform format that the

rest of the OSI model can understand

Responsible for protocol conversion, character conversion, data encryption / decryption,

expanding graphics commands, data compression

Sets standards for different systems to provide seamless communication from multiple

protocol stacks

Not always implemented in a network protocolAPPLICATION LAYER

Used for applications specifically written to run over the network

Allows access to network services that support applications

Directly represents the services that directly support user applications

7


8/32

Handles network access, flow control and error recovery

PASSIVE COMPONENTS

Passive components are those devices which are used to provide connectivity between different

networking devices.It includes

Cables

Patch Panel

Patch Cord

I/O box

CABLES

There are different Cabling options depending on the access method :

Twisted pair

Fig: TWISTED PAIR CABLE

The wires are twisted around each other to minimize interference from other twisted pairs in the

cable. Twisted pair cables are available unshielded (UTP) or shielded (STP). UTP is the most

8


9/32

common type and uses a RJ-45 Connector. Typical lengths are up to 100m.Twisted pair network

uses a star topology.

Coaxial Cable

Fig: COAXIAL CABLE

Coaxial cable uses BNC connectors. The maximum cable lengths are around 500m.Coaxial

networks use a single bus topology

Fiber Optic

Fig: FIBER OPTIC CABLE

UTP and Co-axial cables are not capable for driving the data signals for long distance i.e. UTP is

capable of transmitting up to a distance 100 meters only By using the Fiber cables it is possible

to send the data about 10 kilometers. Fiber optic cable uses SC, ST, LC connectors (most

common in use is SC connector). In fiber cables the data is converted to light signals and the

signal is made to propagate through the fiber cable.

There are two types of Fiber optic cable available.

1. Single mode: In this mode typical length is up to 12km and data rate is 1000Mbps. The core

diameter is about 9.25 nm cable is known as 1000 base LX cable.

9


10/32

2. Multi mode: This mode is further categorised in two:

1) SX: Typical length is up to 500m and data rate is 1000Mbps

2) FX: Typical length is up to 220m and data rate is 100Mbps

PATCH PANEL

A patch panel provides a convenient place to terminate (connect) all of the cable coming from

different locations into the wiring closet. We connect the cables coming from various locations

willing to connect to switch through the patch panel.

NEED OF PATCH PANEL:

We can label the patch panel so we know that which wire belongs to which location. Without a

patch panel, it is chaotic. If we want to disconnect a station from the switch, it's a lot easier if

there's a label. But sometimes we need to cross-wire some of the pairs between switch and

station, like with a cable modem or cross-wire to connect two switches. With a patch panel, all of

this cross-wiring is done in the patch cable. If you have to make any changes, like moving a

station or switch, you just move the patch cable with it, instead of having to re-terminate the

cable run.

NETWORKING DEVICES

Networking devices are used for various kinds of jobs like:

Transferring the data to signals

Providing connectivity to different network devices

Transferring the data in form of packets or frames form one device to other

Networking Devices are many types like:

Network interface card (NIC)

Hub

Switch

Router

These are the central connections for all the network equipments and handle data type known as

frame or packet. Actually frames/ packet contain data and the destination address of where it is

10


11/32

going. When a frame is received, it is amplified and then transmitted on to port of destination

PC. But different networking components do this job in diff form at diff layers

NETWORK INTERFACE CARD

Fig: WIRELESS NETWORK INTERFACE CARD

A Network Interface Card (NIC) is a circuit board that plugs into both clients and servers

and controls the exchange of data between them (A specific software driver must be installed

depending on the make of the NIC. A physical transmission medium, such as twisted pair or

coaxial cable interconnects all network interface cards to network hubs or switches. Ethernet and

Token Ring are common network interface cards. Todays cards supports 10baseT and 100baseT

with automatic recognition

HUB

When interconnecting more than 2 devices together then a device known as hub comes to

picture. Basically hub is a layer one device i.e. it operates on the physical layer of the OSI

model. It is designed to do broadcasting i.e. when it gets any frame it broadcasts it to every port

irrespective that whether it is destined for that port or not. Broadcasting results in lot of traffic on

the network which leads to poor network response. If, however, multiple PCs are broadcasting,

then that bandwidth will need to be divided between all of these systems, which will degrade the

performance. They are usually half-Duplex in nature.

SWITCH

11


12/32

Fig: SWITCHES

Hubs are capable of joining more than two PC but having some demerits like if two PC would

want to communicate at a time then there would be a collision and the both PC would have to

send the data once again. This shortcoming of Hub is overcome by Switches. Switches are

intelligent devices which work on the Layer2 of the OSI model.

Working Principle of Switch.1. At the time of initializing the switch the MAC address table is yet to be built up. When a

frame is send by some of the PC, it recognises the source MAC address and update the MAC

address table

2. If the destination is available in the MAC table then forward to the corresponding PC

ROUTER

Switch and the Hub can only interconnect devices in a single LAN. For interconnecting two

LAN or two or more different networks anther device known as router is used. Its main job is to

route (sends) packets to other networks and to do the routing (establishing paths between

networks) it uses the IP address. Routers are located at gateways, the places where two or more

networks connect. Routers to determine the best path for forwarding the packet are using

forwarding tables. It is a layer 3 device i.e it operates at network layer of OSI model.

12


13/32

Fig: ROUTER

The working principle of the router is totally different from a switch. Router makes a table

known as routing table, which contains all the IP address in the network, the information for IP

address router obtains directly (all configured IP address on it) or indirectly (from neighbour

routers). When a packet is received it compares the destination IP address of the packet with the

available IP addresses in its Routing table. If the IP address is not available in the routing table

then it simply discard the packet instead of flooding in all the ports like a switch.

Comparison between Hub, Bridge, Switch & Router

Feature HUB BRIDGE SWITCH ROUTER

No. of broadcast Domains Segment 1 1 1/Router Interface

No. of collision Domains 1 1 / Bridge

Port

1/Switch

Port

1/Router Interface

Forward LAN Broadcasts 1 Yes Yes No

Forward LAN Multicasts N/A Yes Yes No

OSI Layer used When

making forward Decision

N/A Layer 2 Layer 2 Layer 3

Frame Per Packet

Fragmentation allowed?

N/A No No Yes

IP ADDRESSING

Introduction

Every machine on the internet has a unique identifying number, called an IP

Address. A typical; IP address looks like this: 216.27.61.45

IP ADDRESS is a 32-bit number, usually written in dotted decimal form that uniquely identifies

an interface of some computer. This 32-bit number is divided into 4 octets each separated by a

decimal. Out so many values certain values are restricted for use as typical IP address. For e.g.

the IP address 0.0.0.0 is reserved for the default network and the address 255.255.255.255 is

used for broadcast.

13


14/32

Each IP address is split into 2 sections:

1) Network address

2) Host address

Individual IP address in same network all have a different value in the host part of address, but

they have identical value in network part, just as in town there are different street address but

same ZIP code.

There are five IP classes:

Class A This class is for very large networks, such as a major international company. IP

addresses with a first octet from 1 to 126 are part of this class. The other three octets are each

used to identify each host.

Net Host or Node

54. 24.54.43

Loopback- The IP address 127.0.0.1 is used as the loopback address. This means that it is used

by the host computer to send a message back to itself. It is commonly used for troubleshooting

and network testing.

Class B- Class B is used for medium-sized networks. A good example is a large college campus.

IP addresses with a first octet from 128 to191 are part of this class. Class B addresses also

includes the second octet as part of the Net identifier. The other two octets are used to identify

each host.

Net Host or Node

145.24 53.198

Class C- Class C addresses are commonly used for small to mid-size business. IP addresses

with a first octet from192 to 223 are part of this class. Class C addresses also include the second

and third octets as part of Net identifier. The last octet is used to identify each host.

Net Host or Node

196.54.34 86

Class D- It is used for multicast. It has first bit value of 1, second bit value of 1, third bit value of

1 and fourth bit value of 0. The other 28 bits are used to identify the group of computers the

multicast messages is intended for.

Net Host or Node

224 24.54.145

14


15/32

Class E- It is used for experimental purpose only.

Net Host or Node

240. 23.45.105

Private IP : It is not necessary that every time we make a network we are connected to some

ISP (Internet Service Provider).So in that case require some private IP also which can be used in

indigenous network.

In each class a range of IP addresses have been defined for this purpose

CLASS A 10.0.0.1 to 10.255.255.254

CLASS B 172.16.0.1 to 172.34.255.254

CLASS C 192.168.0.0/16

MASKING

Computer use a mask to define size of network and host part of an address Mask is a 32-bit

number written in a dotted decimal form. It provides us the network address when we perform a

Boolean AND of mask with the IP address. It also defines number of host bits in an address.

Class of

Address

Size of Network part

of address in bits

Size of Host part

of address in bits

Default Mask for each

Class of Network

A 8 24 255.0.0.0

B 16 16 255.255.0.0

C 24 8 255.255.255.0

SUBNETTING

Basically it is a process of subdividing networks into smaller subnets. In case we have 2-3 small

networks but we cant buy IP address for each and every network. So here we use the basic

concept of SUBNETTING i.e. using one public IP address we will give them IP address and

make them independent networks. For this we take some bits of host address and use them for

network address so we have different independent networks.

Address Format when Subnetting Is Used:

NETWORK SUBNET HOST

CLASS A 8 24-X X

15


16/32

CLASS B 16 16-X X

CLASS C 24 8-X X

Example

If subnet mask is 255.255.240.0 and an IP address for a computer is given as 142.16.52.4

142.16.0.0 is network address 0.0.48.0 is the subnet address 0.0.4.4 is the host address of the

computer

10001110.00010000.00110100.00000100 is ANDed with

11111111.11111111.11110000.00000000

and output is 10001110.00010000.00110000.00000000

Here first two octets represent Network address and third octet represents subnet address.

It can be compared with a postal address as there is only one ZIP code (Network address),

different streets (Subnet address), and different house number (Host address).

Some terminologies those are used with networking models:

Collision Domain- It is the group of PCs in which collision will occur when two PC will

transmit data simultaneously.

Broadcast Domain- It is the group of PCs those will receive same broadcast message.

CSMA/CD (Carrier Sense Multiple Access/ Collision Detection)- In this protocol when a PC

wants to transmit any packet it sense the carrier i.e. the path ,if no other PC is using the carrier

then only it sends. If two PCs start sending data simultaneously collision will occur. Both PCs

will wait for some random time and then initiate the same process.

MAC (Media Access Control)- The IEEE 802.3 (Ethernet) and 802.5 (Token Ring) are the

MAC sub layers of these two LAN data- link protocols.

Burned-in address- The 6-byte address assigned by the vendor making the card. It is usually

burned in to a ROM or EEPROM on the LAN card and begins with a 3-byte organizationally

unique identifier (OUI) assigned by the IEEE.

16


17/32

LAN SOLUTION

CUSTOMER REQUIREMENT

There is a company, which has 2 offices. And the offices are 200 meters apart. The connectivity

between these two offices is the main requirement to be fulfilled.In each office there are three

different departments each department at different floor.

In building I

At each floor there are 20 users and also at 3rd floor there are 2 Servers.

In building II

At floor 1st and 2nd there are 20 users each. And at 3rd floor there are 40 users.

The bandwidth requirement of each user is 100 Mbps while the bandwidth requirement for the

server is 1 GBPS.

All floors must be connected to a central switch to be placed at IInd floor in office 2nd. And

connectivity should be via optical fiber.

Everywhere there should be structured cabling.

SOLUTION

By looking at the requirement it is clear that we require a switch that has got 20 ports and also 2

GBIC slots (one for optical fiber connectivity and one free slot is demanded for future use).

Keeping this point into consideration we can use HCL 24 Port Managed Stackable Switch as this

switch has got 24 ports and 2 GBIC slots and this switch is managed switch also.

And with this 24 port switch we will use 24 port HCL made Patch Panel and for connectivity of

patch panel with switch we require 3 ft Patch Cord. As structured cabling is must so we require

UTP cable and I/O box and to connect PCs with I/O box we require 7ft Patch Cord.

Here we will use Cat5e UTP cable because bandwidth requirement is 100 Mbps. This trend of

connecting the users to the switch will be followed at each and every floor but at floor 3 rd of

building II there are 40 users so here instead of 1 switch we require 2 switches.

At 3rd

floor of building 1st

2 servers are also present whose bandwidth requirement is

1Gbps. So now we have two options either to connect with UTP cable or Fiber optic cable. But

here we will use fiber optic as we are already using it so thee is no need to waste money on UTP

Cat 6 Cable. So here we will simply use the fiber optic patch cord to connect the server to

switch.

17


18/32

Now only one thing is left i.e. connection of switches to a central switch placed at 2nd floor of

IInd building.

As the connection requirement is via optical fiber so we at central location we require a switch

having all its ports as GBIC slots and no of ports should not be more than 8 as there are only 7

24 port switches in use (one optical cable line from each switch)

Now here as the distance between the two offices is only 200 meters so here we will use

multimode optical fiber and that too FX type and as the cable is to be laid in open so outdoor

armored cable will be use.

ROUTER

ROUTER INTERNAL COMPONENTS

Like a computer, a router has a CPU that varies in performance and capabilities depending upon

router platform. It has typically 4 types of memory in it.:

ROM- It is used to store the routers bootstrap startup program, operating system software, and

power-on diagnostic tests programs. We can also upgrade our ROM

FLASH MEMORY- It holds operating systems image(s). Flash memory is erasable,

reprogrammable ROM. Our IOS software is present in this memory and we can upgrade it also.

Flash content is retained even when we switch off or restart the router.

RAM- It is used to store operational information such as routing tables, routers running

configuration file. RAM also provides caching and packet buffering capabilities. Its content is

lost when we switch off or restart the router. When we configure the router at that time actually

we are writing in RAM.

NVRAM- It is used to store the routers startup configuration file. It does not lose data when

power is switched off. So the contents of startup configuration files are maintained even when

we switch off or restart the router.

ROUTERS NETWORK INTERFACES

Ethernet or Token Ring interface are configured to allow connection to a LAN.

Synchronous serial interfaces are configured to allow connections to WANs.

ISDN BRI interfaces are configured to allow connection to an ISDN WAN.

18


19/32

All Cisco routers have a console port that provides an EIA/TIA-232 asynchronous serial

connection. Console port can be connected to computers serial connection to gain terminal

access to router.

Most routers also have an auxiliary port that is very similar to console port but, is typically used

for modem connection for remote router management.

CONFIGURING THE ROUTER

There are three methods for configuring the router:

1) Through console port-The console port is used for configuring a router locally with the

help of a PC or a Laptop. The console port of the router is connected to the serial i.e.

COM port of the router. The detailed configuration is given in the section.

2) Through the AUX port- The aux (auxiliary) port is accessed from a modem located

faraway from a router through the PSTN (Public Switched Telephone Network) and the

configuration is done.

3) Through Telnet:- Line vty (virtual terminal) 0 to 4 are used for the configuring the

router by telnet.

ROUTING PROTOCOLS TCP/IP PROTOCOLS

TCP/IP is not really a protocol, but a set of protocols a protocol stack, as it is most commonly

called. Its name, for example, already refers to two different protocols, TCP (Transmission

Control Protocol) and IP (Internet Protocol). There are several other protocols related to TCP/IP

like FTP, HTTP, SMTP and UDP & many more.

19


20/32

Fig: TCP/IP ARCHITECTURE

Fig: TCP/IP ARCHITECTURE

TCP/IP has four layers.

20

Application

Layer

HTTP FTP Telnet Finger SSH

DNS

POP3/IMAP SMTP Gopher BGP

Time/NTP Whois TACACS+ SSL

DNS SNMP

RIP

RADIUS Archie

Traceroute tftp

Ping

Transport

LayerTCP UDP ICMP OSPF

Internet

LayerIP ARP

Network

Interface

Layer

Ethernet/802.3 Token Ring (802.5) SNAP/802.2 X.25 FDDI ISDN

Frame Relay SMDS ATM Wireless (WAP, CDPD, 802.11)

Fibre Channel DDS/DS0/T-carrier/E-carrier SONET/SDH DWDM

PPP HDLC SLIP/CSLIP xDSL Cable Modem (DOCSIS)


21/32

Programs talk to the Application layer. On the Application layer you will find Application

protocols such as SMTP (for e-mail), FTP (for file transfer) and HTTP (for web browsing). Each

kind of program talks to a different Application protocol, depending on the program purpose.

After processing the program request, the protocol on the Application layer will talk to another

protocol from the Transport layer, usually TCP. This layer is in charge of getting data sent by

the upper layer, dividing them into packets and sending them to the layer below, Internet. Also,

during data reception, this layer is in charge of putting the packets received from the network in

order (because they can be received out-of-order) and also checking if the contents of the packets

are intact. On the Internet layer we have the IP (Internet Protocol), which gets the packets

received from the Transport layer and adds virtual address information, i.e., adds the address of

the computer that is sending data and the address of the computer that will receive this data.These virtual addresses are called IP addresses.

Then the packet is sent to the lower layer, Network Interface. On this layer packets are called

datagrams. The Network Interface will get the packets sent by the Internet layer and send them

over the network (or receive them from the network, if the computer is receiving data).Packets

transmitted over the network are called frames.

ROUTING INFORMATION PROTOCOL (RIP):RIP is a dynamic, distance vector routing protocol. RIP uses UDP port 520 for route updates.

RIP calculates the best route based on hop count. This makes RIP very fast to converge

RIP sends full table updates at regular intervals specified by the route-update timer (30 seconds

is the default). This means that a RIP router summarizes all routes it knows along classful

boundaries and sends the summary information to all other RIP routing devices. RIP updates can

contain up to 25 messages.

RIP TIMERS

TIMER DEFAULT CONTROLS

Update 30 sec. Interval between route update advertisements

21


22/32

Timeout 180 sec. Interval a route should stay 'live' in the routing

table. This counter is reset every time the route

hears an update for this route.

Flush 240 sec. How long to wait from the time the route was

Received to delete a route.(60 seconds after

Time out)

The routing-update timer controls the time between routing updates. Default is usually 30

seconds, plus a small random delay to prevent all RIP routers from sending updates

simultaneously.

The route-timeout timer controls when a route is no longer available. The default is usually 180

seconds.

If a router has not seen the route in an update during this specified interval, it is dropped from the

router's announcements. The route is maintained long enough for the router to advertise the route

as down (hop count of 16).

The route-flush timer controls how long before a route is completely flushed from the routing

table. The default setting is usually 120 seconds.

BASIC RIP CONFIGURATION

According to the recollection of InetDaemon, configuring a Cisco router for a basic RIP

configuration would look something like this:

router> enable

Password:

router# conf t

router (config)#interface ethernet 0router(config-if)# ip address 192.168.42.1

router(config-if)# interface ethernet 1

router(config-if)# ip address 192.168.43.1

router(config-if)# exit

router(config)# router rip

22


23/32

router(config-router)# network 192.168.42.0

router(config-router)# network 192.168.43.0

router(config-router)# exit

router(config-router)# ^z

router#

The example above assumes that the interfaces that will be running RIP have IP addresses on

them that fall within the 192.168.42.0, and 192.168.43.0 class C ranges.

IGRP (Interior Gateway Routing Protocol)

IGRP is a distance-vector routing protocol that considers a composite metric which, by default,

uses bandwidth and delay as parameters instead of hop count. IGRP is not limited to the 15-hop

limit of RIP.

IGRP has a maximum hop limit of 100, by default, and can be configured to support a network

diameter of 255.With IGRP, routers usually select paths with a larger minimum-link bandwidth

over paths with a smaller hop count. Links do not have a hop count. They are exactly one hop.

IGRP will load-balance traffic if there are several paths with equal cost to the destination

IGRP sends its routing table to its neighbors every 90 seconds. IGRP's default update period of

90 seconds is a benefit compared to RIP, which can consume excessive bandwidth when sending

updates every 30 seconds. IGRP uses an invalid timer to mark a route as invalid after 270seconds (three times the update timer). As with RIP, IGRP uses a flush timer to remove a route

from the routing table; the default flush timer is set to 630 seconds (seven times the update

period and more than 10 minutes).

If a network goes down or the metric for the network increases, the route is placed in hold down.

The router accepts no new changes for the route until the hold down timer expires. This setup

prevents routing loops in the network. The default hold down timer is 280 seconds (three times

the update timer plus 10 seconds).

IGRP Timer Default Time

Update 90 seconds

Invalid 270 seconds

Hold down 280 seconds

Flush 630 seconds

23


24/32

IP ACCESS LIST

IP access lists cause a router to discard some packets based on criteria defined by the network

engineer. The goal of these filters is to prevent unwanted traffic in the networkwhether to

prevent hackers from penetrating the network, or just to prevent employees from using systems

that they should not be using.

Key features of access lists:

Packets can be filtered as they enter an interface, before the routing decision

Packets can be filtered before they exit an interface, after the routing decision

Deny is the term used in Cisco IOS software to imply that the packet will be filtered

Permit is the term used in Cisco IOS software to imply that the packet will not be filtered

The filtering logic is configured in the access list. At the end of every access list is an

implied deny all traffic statement

Therefore, if a packet does not match any of your access list statements, it is blocked.

Access lists have two major steps in their logic: matching and action. Matching logic examines

each packet and determines whether it matches the access-list statement. As soon as an access-

list statement is matched, there are two actions to choose from: deny and permit. Deny means to

discard the packet, and permit implies that the packet should continue on its way.

FIREWALL

As the limits of networking is increasing unfolded so the danger of information leaking in and

leaking out increases. So a mechanism is required to keep good bits in and bad bits out. And for

this we use FIREWALL.

24


25/32

Fig: FIREWALL PROCEDURE

A firewall is a device of some kind that separates and protects our network - in most cases, from

the Internet. It restricts traffic to only what is acceptable, and monitors that what is happening.

Every firewall has at least two network interfaces, one for the network it is intended to protect,

and one for the network it is exposed to. A firewall sits at the junction point or gateway between

the two networks, usually a private network and a public network such as the Internet. It may be

a hardware device or a software program running on a secure host computer.

Hardware device means a physical devise connected at the gateway which checks every

incoming or outgoing packet.

Software program means that software is loaded in computer that determines as what to allow

and what to reject.

A firewall examines all traffic routed between the two networks to see if itmeets certain criteria.

A firewall filters both inbound and outbound traffic.

Technologies

There are three different types of firewall technologies:

1) Packet Filtering

2) Proxy

3) Stateful Inspection

Packet Filtering:

A packet filtering firewall simply inspects incoming traffic at the transport layer of the OSI

model. The packet filtering firewall analyzes TCP or UDP packets and compares them to a set of

25


26/32

established rules called as Access Control List (ACL). Packet filtering inspects packet for

following elements

Source IP address

Source Port

Destination IP address

Destination Port

Protocol

Proxy

When a firewall is installed then no PC makes direct connection to the outside world. In that case

they use proxy i.e. each PC first of all sends request to proxy which then forwards the request to

the internet or outside world for connection or data transfer

Fig: Example Of Proxy Server

Stateful Inspection

It is a combination of Packet filtering and proxy services. This is the most secure technology and

provides the most functionality because connections are not only applied to ACL, but are logged

into a static table. After a connection is established, all session data is compared to the static

table. If the session data does not match the state table information for that connection, then

connection is dropped.

CONFIGURING THE FIREWALL

Five basic commands are used to do a basic configuring of the firewall.

26


27/32

interface

nameif

ip-address

nat globalInterface Command

The interface command identifies the interface hardware card, sets the speed of the interface

and enables the interface all in one command.

nameif command

It is used to name an interface and assign security level from 1 to 99.The outside and inside

interfaces are named by default and have default security values of 0 and 100, respectively. By

default, the interfaces have their hardware ID. Ethernet 0 is the outside interface, and Ethernet 1

is the inside interface

ip address command

It is used to configure IP addresses on the interfaces. The ipaddress command binds a logical

address (IP address) to the hardware ID.

nat Command

The nat (Network Address Translation) command translates a set of IP addresses to

another set of IP addresses.

Netmask

Network mask for the local IP address.There are two types of NATing:

1) Static: For ex. There is a google server and we dont want to make its IP address public

so we change its IP address using nat command in firewall and now user will logon to

this new IP . This results in more security as every time it has to pass through firewall.

2) Dynamic: If there are lots of PCs in a network and all want to access the internet , it is

not easy that every PC is being provided with independent public IP so at firewall level

we change every PCs pvt Ip with public IP.global Command

It is use to define the address or range of addresses that addresses defined by the nat command

are translate into. The nat_id pairs the IP Address defined by the global or nat commands so that

network translation can take place.

27


28/32

INTRUSION DETECTION SYSTEM (IDS)

An IDS is a security counter measure. It monitors network traffic and monitors for suspicious

activity and alerts the system or network administrator. In some cases the IDS may also respondto anomalous or malicious traffic by taking action such as blocking the user or source IP address

from accessing the network

A firewall simply blocks openings into your network/system but cannot distinguish between

good/bad activity. Therefore, if you need to allow an opening to a system (like a web-server),

then a firewall cannot protect against intrusion attempts against this opening. In contrast,

intrusion detection systems can monitor for hostile activity on these openings.

HIDS

Host Intrusion Detection Systems run on individual hosts or devices on the network. A HIDS

monitors the inbound and outbound packets from the device only and will alert the user or

administrator of suspicious activity if detected

NIDS

Network Intrusion Detection Systems are placed at a strategic point or points within the

network to monitor traffic to and from all devices on the network. Ideally you would scan all

inbound and outbound traffic; however doing so might create a bottleneck that would impair the

overall speed of the network.

When an unauthorized user logs in successfully, or attempts to log in, they are best tracked with

host-based IDS. However, detecting the unauthorized user before their log on attempt is best

accomplished with network-based IDS.

There are three basic techniques used to detect intruders:

1) Anomaly detection

2) Misuse detection (signature detection)

3) Target monitoring

28


29/32

Integrated Services Digital Network (ISDN)

ISDNs primary goal is the integration of voice and non-voice services.

ISDN is actually a set of communication protocols proposed by telephone companies that

allows them to carry a group of digital services that simultaneously convey data, text,

voice, music, graphics, and video to end users, and it was designed to achieve this over the

telephone systems already in place.

Channels of ISDN:

1) B channel

2) D channel

B channel

Bearer channels (B channels) are used to transport data. B channels are called bearer channels

because they bear the burden of transporting the data. B channels operate at speeds of up to 64

kbps.

D channel

D channels are used for signaling. They are used to establish the session before the data is

actually transferred.

ISDN INTERFACES

Types of ISDN interfaces:

1) Basic Rate Interface (BRI)

2) Primary Rate Interface (PRI).

Both BRI and PRI provide multiple digital bearer channels over which temporary connections

can be made and data can be sent.

BRI: ISDN Basic Rate Interface (BRI, also known as 2B+1D) service provides two B channels

and one D channel. The BRI B-channel service operates at 64Kbps and carries data, while the

BRI D-channel service operates at 16Kbps and usually carries control and signaling information.

PRI: According to American standards , the ISDN Primary Rate Interface (PRI, also known as

23B+D1) service delivers 23 64Kbps B channels and one 64Kbps D channel for a total bit rate of

29


30/32

up to 1.544Mbps.And according to European standards, ISDN provides 30 64Kbps B channels

and one 64Kbps D channel for a total bit rate of up to 2.048Mbps.

30


31/32

Conclusion

Cisco is the king of routing, switching and security, Microsoft of the internetworking world.The

Cisco certification reach beyond the popular certification, such as MCSE, to provide you with an

indispensible factor in understanding todays network-incite into the Cisco world ofinternetworking.

By deciding that you want to become Cisco certified, you are saying that you want to be the best

at routing and the best in switching.This report will lead you in that direction.

1. Networking

2. Devices

3. Routing

4. Firewell

5. IDS

6. IDSN

31


32/32

amit ccna updated

Documents