material of ccna and ccnp for quick reference

Click here to load reader

Upload: laasyasweet

Post on 05-May-2017

243 views

Category:

Documents


1 download

TRANSCRIPT

Summary of CCNA and CCNP for quick reference

1

NUMPAGES 1

NUMPAGES 1

NUMPAGES 1

NUMPAGES 1

NUMPAGES 1

(CCNA)

CREATED BY MUKESH KOTHARI

(CCNA&MCSE CERTIFIED)

CCNA and CCNP for quick reference

Why Cisco internetworking required?

To sort out the problems in LAN like

( Too many hosts in a broadcast domain,

Broadcast Storm

Multiplexing

Low Bandwidth

Routers, Switches, Bridges and Hubs are used

Routers are used to break the broadcast domain,

Routers can filter the network based on IP Address and forwards the packet to other network

Switch breaks collision domain (every port is collision domain), but one broadcast domain

Switches are used to optimize the performance of LAN,

Switch switches frames from one port to another, does not forward it to other network

More manageable with VLANS, STP etc. than Bridge

100s of ports available

Bridge breaks collision domain (each port is collision domain like switch), but one broadcast domain, same function as switch

16 ports maximum

Not manageable like switch

Hub does not break any domain. One Broadcast domain, one collision domain

Not manageable

Networking basics A network is, fundamentally, a system of senders and receivers a common feature of any communication system.

The sender, or source, is a computer which sends information to another.

The receiver, or destination computer, is the computer to which the information is sent.

Any machine capable of communicating on the network is a device or node In order to communicate the devices must be connected to each other.

Most networks are connected by cable.

Cables can use either copper or optical fibre to carry the signals

Radio and microwave transmission are becoming increasingly common.

If two or more networks are connected to each other this is known as an internet work.

A network which covers a single floor, or perhaps an entire building, is known as a Local Area Network (LAN).

LANs connected using high speed links across a metropolitan area is known as a MAN.

If the public switched telephone network is used to connect the networks this is known as a Wide Area Network, or WAN.

If a number of LANs are connected to a larger central network this is known as a Backbone Network, or BN (eg University of Wolverhampton).

Local Area Networks

Now an essential part of everyday functioning in schools, business, government etc

Saves time, resources, allows information to be held securely and centrally

Improves collaboration between colleagues

May be used for training capable of carrying audio and video Several devices connected via cable to a hub

Hubs are the most common device found on a network

Some organisations will have LANs on each floor of a building connected by a bridge or router All devices on the LAN communicate via network interface cards (NICsCharacteristics include:

Used in small geographical areas

Offer high-speed communications (>10Mbps)

Provide access to many devices

Use LAN-specific devices such as repeaters, hubs and network interface cards

Metropolitan Area Networks

Made up of LANs which are interconnected across a metropolitan area

Have become increasingly popular, eg among local government

Allows sharing of resources, plus the provision of a large-scale private phone service

Expensive to implement, provides high speed service (compared to WANs)

Requires use of high-performance cable and equipment to implement them

Also may appeal to regional businesses

Can span up to 75 miles

Gives access speeds in hundreds of megabits per second (or even gigabits speeds)

Uses a single connection point to connect LANs

As well as using routers will also use switches

Wide Area Networks

Interconnects two or more LANs or WANs

Uses slow connections leased from a Telco

Spans cities, countries or even continents

Requires co-ordination and expensive equipment

Speeds may be 56Kbps to 1.5 Mbps (speeds of 45Mbs are available)

Slow is comparative faster speeds are emerging for use in WANsCharacteristics include:

Cover large areas may span the world

Compared to LANs slow speed communication

Access to WANs is limited a LAN will access a WAN through a single point (often a bottleneck)

Will use devices such as routers, modems and WAN switches

1876 March 10 The telephone is invented 1982 February - The Mercury consortium received a licence to build and operate an independent network to compete across the full range of telecoms services.

1983 April - Mercury launched its first telecoms services in the City of London. May Licences were granted to Cellnet and Vodafone to provide national cellular radio networks.

1986 May - Mercury began offering basic network services

Early 1960s Advanced Research Projects Agency (ARPA) begins work on ARPAnet

First nodes connected to University of California

1971 23 nodes now connected

1974 - Packets and TCP established

1976 - The queen sends her first email

TCP/IP defines future communications

1986 - sees 5000 hosts and 241 newsgroups

1987 - sees 28000 hosts

1988 - Internet Relay Chat (IRC) developed

1989 - Military portion split off as DARPAnet, leaving public infrastructure now known as Internet

Success of Internet due to BSD UNIX

Major American universities form first backbone for the Internet known as NSFNET

1989 - hosts now over 100 000

1990 - First ISP The World comes on line

1991 - sees first commercial use of Internet

1991 - A Briton (Tim Berners-Lee) establishes World Wide Web (released by CERN)

1994 - Commercialisation Begins (3 million hosts, 10 000 WWW sites, 10 000 News Groups

1994 - First pizza from Pizza Hut online in US

1995 - 6.5 Million hosts, 100 000 web sites

1995 - Search Engines

1996 - Microsoft enter. Browser war begins

1997 - 20 Million hosts, 1 1 Million WWW sites

1997 onwards growth is exponential .

The Abilene Project (Internet 2), 95 universities, 12 regional gigaPOPs

SHAPE \* MERGEFORMAT

What is the OSI model ? Open Systems Interconnection model is fundamental to all communications between network devices.

Developed in 1974 by ISO after the American Department of Defence began using the TCP/IP suite of protocols.

Finally adopted in 1977. It is now the theoretical model for how communication takes place between network devices

Encapsulation

Layer NamealiasLayer FunctionType of Application / Protocols Used

ApplicationUpper

LayersProvides a User Interface / file, print, message, database and application servicesWWW, E-mail gateways (SMTP or X.400)

EDI (Electronic data interchange flow control of accounting, shipping, inventory tracking)

Special Interest bulleting boards chat rooms

Internet navigation utilities Google & Yahoo! Search engines, Gopher, WAIS

Financial transaction services currency exchange rates, market trading,commodities etc.

PresentationPresents Data, Handles processes of encryption, compression and translation servicesPICT, TIFF, JPEG, MIDI, MPEG, RTF, Quick Time (manages audio and video applications of Macintosh programmes)

SessionSetting up, managing and ending up sessions between presentation layer entities,

Keeps different applications data separate / Dialog ControlNFS, SQL, RPC, X Window (GUI based protocol like GUI interface in Linux), Apple Talk Session Protocol (ASP), Digital Network Architecture Session Control Protocol (DNA SC) DECnet session layer protocol

TransportLower

LayersEnd to End Connectivity / Provides reliable or unreliable deliver, Performs error correction before retransmit. Known as Communication Layer also(TCP/UDP) Flow Control: prevents buffer from overflowing in receiving host no loss of data, Connection Oriented Protocol, Windowing Acknowledgement

NetworkRouting / Provides logical addressing, which routers use for path determinationPasses User Data Packets routed protocols (IP/IPX)

Passes Route Update Packets routing protocols (RIP, IGRP, EIGRP, OSPF, BGP)

Routing Tables : Protocol-specific network address, Exit Interface, Metric (load, reliability, bandwidth, MTU, hop count distance), Access lists, VLAN Connections, QoS for specific network traffic

Data LinkFraming / Combines packets into bytes and bytes into frames, Provides access to media using MAC address, Performs error detection not correctionProvides physical transmission of data and handles error notification, network topology and flow control.

MAC Layer (802.3): Defines how packets are placed on media. Physical addressing, logical topologies (signal path through physical topology), line discipline, error notification (not correction), ordered delivery of frames, optional flow control.

LLC Layer (802.2): Identify the network layer protocols and then encapsulate them. Decides where to destined the packed when frame received (IP Protocol at the network layer), flow control and sequencing of control bits.

Layer 2 Switches and Bridges work here.

PhysicalPhysical topology / Moves bits between devices, specifies voltage, wire speed and pin-out of cablesSends / receives bits. (0s/1s). Different signaling methods for different type of medias. We can identify the interface between DTE (attached device) and DCE (located at service provider) DTE can be accessed through modem or CSU/DSU.

Lab Equipment

Although lab equipment is not needed to benefit from this book, having your own equipment is highly recommended. By being able to follow the commands outlined in this book, you will experience for yourself the process of configuring a network from the ground up. If you choose to obtain your own equipment, Table 1-3 lists all the needed equipment for this lab network.

Table 1-3. Lab Equipment

Hardware: Quantity

Catalyst 1900 series switch 1

Cisco 2501 3

Cisco 2504 2

Cisco 2514 1

Cisco 2523 1

Cisco 2511 1

Black Box ISDN Simulator 1

Cables:

Cat 5 straight-through cables with RJ-45 connectors (for ISDN ports) 2

Cat 5 Ethernet cables with RJ-45 connectors 6

Token Ring DB9toType 1 interface cable 2

Standard power cables 9

V.35 DTE-DCE back-to-back cables (DB60 to DB60) 4

Octal cable (For terminal server 2511) 1

Miscellaneous:

Ethernet AUItoRJ-45 Transceiver 6

Token Ring MAU 2

Power strips[1] ***

Ethernet Networking:

( A media access method that allows all hosts on a network to share the same bandwidth of a link

( It is scalable to Fast Ethernet and Giga Ethernet

( Easy to implement and troubleshoot

( Use Data Link and Physical layer specifications

( Uses CSMA/CD protocol to avoid collision of data being transferred by two devices at the same time

( Effect of CSMA/CD network sustaining heavy collision like Delay, Low throughput and Congestion

( Half Duplex (802.3) uses one pair of wire with a signal running in both directions on the wire

( Full Duplex uses two pairs of wire and sends and receives the data on separate pair makes data transfer faster

( Full Duplex can be used between Switch to host, Switch to Switch, Host to Host

( When powered on, first connects to remote end, negotiate with the other end (called auto detect mechanism method) which decides the exchange capability (10/100/1000 Mbps).

Ethernet at the Data Link Layer :MAC Addressing and data transfer takes place through the form of frames like Ethernet II frame, 802.3 Ethernet frame, 802.2 SNAP frame and 802.2 SAP frame.

10 Base 2 : 10 Mbps, baseband technology, 185 Mtrs. length, thinnet, supports up to 30 nodes on a single segment. Use BNC (British Naval Connector) and T-connectors. Use logical and physical bus with AUI (15 pins) connectors. (Attachment Unit Interface allows one bit-at-a-time transfer to the physical layer from data link media access method.)

10 Base 5 : 10 Mbps, baseband technology, 500 Mtrs. length, thicknet, up to 1024 users with 2500 meters with repeaters. Use logical and physical bus with AUI connectors.

10 Base T : 10 Mbps using Cat 3 UTP wiring, each device must connect to hub/switch so one host per segment or wire. Uses RJ-45 connector (8 pin modular connector) with physical star and logical bus topology.

100 Base TX : EIA/TIA Cat 5,6,or 7 UTP two-pair wiring. One user per segment, up to 100 Mtrs. long. RJ-45 Connector with a physical star and a logical bus topology. Use MII -- Media Independent Interface (uses nibble, defined as 4 bits) which provides 100 Mbps throughput.

100 Base FX : Use fiber cabling 62.5/125-micron multimode fiber. Point-to-point technology, up to 412 Mtrs. long, ST or SC connector which are MII.

1000 Base CX : Copper twisted-pair called twinax (a balanced coaxial pair) that can run up to only 25 meters. GMII interface.

1000 Base T : Cat 5 UTP four pair wiring up to 100 meters long.

1000 Base SX : MMF using 62.5/50 micron core, uses 850 nano-meter laser, and range is from 3 Kms to 10 Kms

The Cisco Three-Layer Hierarchical Model

The Core Layer

= Backbone

The Distribution Layer = Routing

The Access Layer

= Switching

The Core Layer:

( Responsible for transporting large amounts of traffic reliably and quickly

( Only purpose is to switch traffic as fast as possible

( If failure, every single user will be affected

( FDDI, Fast Ethernet and ATMs are suitable technologies

( Routing protocols with lower convergence time

The Distribution Layer:

( Referred to as Workgroup Layer also

( Communication point between core and access layers

( Provides routing, filtering and WAN access and how packets access to the core if needed

( Place where policies are defined for network like ----

Routing

Access lists, packet filtering, queuing

Security and network policies, including address translation and firewalls

Redistributing between routing protocols and static routing

Routing between VLANs

Definitions of broadcast and multicast domains

The Access Layer:

( Also known as Desktop Layer

( Controls user and workgroup access to inter network resources

( Layer where end user directly connects

( Continued access control and policies from distribution layer

( Creates separate collision domain

( Workgroup connectivity into the distribution layer

( DDR and Ethernet Switching technologies

TCP/IP & DoD Model

TCP/IP suit was created by the Department of Defense to ensure and preserve data integrity.

DoD ModelOSI ModelProtocols UsedFunction

Process/ ApplicationApplicationTelnet, FTP,

LPD, SNMP, TFTP, SMTP, NFS, X WindowDefines protocols for node-to-node application communication and also controls user-interface specifications.

Presentation

Session

Host-to-HostTransportTCP, UDPDefines protocols for transmission service, creates reliable end-to-end error free communication, handles packet-sequencing and maintains data integrity.

InternetNetworkICMP, ARP, IP RARP, EIGRP, IGRP, OSPFDesignates the packet for transmission over network, provides IP addresses to hosts and handles routing of packets among multiple networks.

Network AccessData link

PhysicalEthernet, Fast Ethernet, Token Ring, FDDIMonitors the data exchange between the host and the network. Oversees hardware addressing and defines protocols for physical transmission of data.

TCP Header Format

Bit 0

Bit 15 Bit16

Bit 31

Source Port (16)Destination Port (16)

Sequence Number (32)

Acknowledgement Number (32)

Header Length (4)Reserved (6)Code Bits (6)Window (16)

Checksum (16)Urgent (16)

Options (0 or 32 if any)

Data (varies)

The TCP header is 20 bytes long, or 24 bytes with options.

UDP Header Format

Bit 0 Bit 15 Bit 16 Bit 31

Source Port (16)Destination Port (16)

Length (16)Checksum (16)

Data (if any)

Differences:

TCPUDP

SequencedUn sequenced

ReliableUnreliable

Connection-orientedConnectionless

Virtual circuitLow overhead

AcknowledgementsNo acknowledgements

Windowing flow controlNo windowing or flow control

Port Numbers:TCP and UDP must use port numbers to communicate with upper layers, because they keeps track of different conversations crossing the network simultaneously. Source port numbers are assigned by the source host dynamically with port starting number 1024.

Port Numbers for TCP and UDP

Application Layer

Port Numbers

Transport LayerFTPTelnetDoomDNSTFTPPOP3News

TCPUDP

Port Numbers below 1024 are well-known ports and defined in RS 3232

1024 & above are used by upper layers to set up sessions with other hosts, and by TCP to use as source and destination addresses in TCP segment

IP Header

Bit 0

Bit 15 Bit 16

Bit 31

Version (4)Header Length (4)Priority and Type of Service (8)Total Length

(16)

Identification (16)Flags (3)Fragment Offset (13)

Time to Live (8)Protocol (8)Header Checksum (16)

Source IP Address (32)

Destination IP Address (32)

Options (0 or 32 if any)

Data (varies if any)

Protocol field in the IP header

Transport Layer

Protocol Number

Internet LayerTCPUDP

IP

In this example, protocol field tells IP header to send the data to either TCP (6) or UDP (17) port.

Possible protocols found in protocol field of the IP header

ProtocolProtocol Number

ICMP1

IGRP9

EIGRP88

OSPF89

Ipv641

GRE47

IPX in IP111

Layer 2 Tunnel (L2TP)115

ICMP

Internet Control Message Protocol works at the Network layer and is used by IP for many different services. ICMP is a management protocol and messaging service provider for IP.

Its messages are carried as IP datagrams.

Events of ICMP:Destination Unreachable: If router doesnt know about the destination for packet it received, it will send and ICMP-Destination Unreachable message back to the sending station.

Buffer Full: If a routers memory buffer for receiving incoming datagrams is full, it will send the message until the congestion abates.

Hops: Each IP datagram is allotted a certain number of routers, called hops, to pass through. If it reaches its limit of hops before arriving at its destination, the last router to receive that datagram deletes it.

Ping (Packet Internet Gropher): Uses ICMP echo messages to check the physical and logical connectivity of machines on an internetwork.

Traceroute: Using ICMP timeouts, traceroute is used to discover the path a packet takes as it traverses an internetwork.

ARP (Address Resolution Protocol)

( ARP finds hardware address from known IP address

( When IP has a packet to send, it must inform the Network Access Protocol (Ethernet or Token Ring) of the destinations hardware address on the local network.

( If IP doesnt find the destination hosts hardware address in the ARP cache, it uses ARP to find this information.

( ARP will work as IPs detective by interrogating the local network by sending out a broadcast with hosts IP address and asking for the hardware address.

RARP (Reverse Address Resolution Protocol)( Resolves MAC address into IP address

( When any machine without disks know its MAC address, not IP address, so it broadcast its MAC address to get its IP address to communicate to the network.

( Then this request go to the RARP Server through RARP request and that server will assign one IP address to the received MAC address and thus the sending host will receive the MAC and IP address from the server.

Binary to Decimal and Hexadecimal ConversionNibble Values (4 bits)

=8 4 2 1

Byte Values (8 bits)

=128 64 32 16 8 4 2 1

Hexa to Binary to Decimal Chart

Hexadecimal ValueBinary ValueDecimal Value

000000

100011

200102

300113

401004

501015

601106

701117

810008

910019

A101010

B101111

C110012

D110113

E111014

F111115

Example :

1)0x6A=(to convert hex value to binary/decimal, take 4 bits as a nibble)

Hexa use nibble (4 bits) to represent one character

Here two characters = 6 and A. (0x is a cisco style to know that they are a hex value, no any special meaning otherwise) So 6 = 0110 and A = 1010

Total 8 bits = 01101010 = binary

And decimal would be the total of binary, that is = 106

2)01010101 =(to convert from binary to hex value, take a byte and break it into nibble)

so it would be two nibble here like 0101 and 0101

now 0101 = 5 (see the table) and other 0101 is also = 5

so hex value would be 55 for 01010101 binary number (75 in binary)

IP Addressing( An IP address is a numeric identifier assigned to each machine on an IP network

( It designates the specific location of a device on the network

( It is a software (logical) address, not a hardware (physical) address like NIC

( It was designed to allow host on one network to communicate the with a host on other network regardless of the types of LANs the hosts are participating in

IP TerminologyBit

A bit is one digit; either a 1 or a 0

Byte

A byte is 7 or 8 bits, depending on whether parity is used. Mostly 8 bits.

Octet

Made up of 8 bits, same as byte

Network addressThe designation used in routing to send packets to a remote network

Example : 10.0.0.0, 172.16.0.0 and 192.168.0.0

Broadcast addressThe address used by the applications and hosts to send information to all nodes on a network is called the broadcast address.

Example : 255.255.255.255 which is all networks, all nodes on network

172.16.255.255 which is all subnets, all hosts on network 172.16.0.0

10.255.255.255 which broadcasts to all subnets and hosts on

network 10.0.0.0

The hierarchical IP Addressing Scheme

The IP address consists of 32 bits of information which are divided into 4 octets or bytes of 8 bits each. You can depict an IP address using one of the three methods:

1) Dotted-decimal, as in 172.16.30.56

2) Binary, as in 10101100.00010000.00011110.00111000

3) Hexadecimal, as in AC.10.1E.38

( All these examples represent the same IP address

( The Windows Registry key is a program that stores machines IP address in hex values

( Maximum 4.3 billion (4,29,49,67,296)

( It is a structured two-three layer numbering scheme which is based on telephone numbering system like one large geographical code, then prefix, narrows the scope to a local calling area and then the final segment zooms with direct customer number.

( Same in IP network and host, or network, subnet and host.

Network AddressingMedia Access Control address (MAC addressEthernet Hardware Address (EHA), hardware address, adapter address or physical address is a quasi-unique identifier assigned to most network adapters or network interface cards (NICs) by the manufacturer for identification. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identification number.

Three numbering spaces, managed by the Institute of Electrical and Electronics Engineers (IEEE), are in common use for formulating a MAC address: MAC-48, EUI-48, and EUI-64. The IEEE claims trademarks on the names "EUI-48" and "EUI-64", where "EUI" stands for Extended Unique Identifier.

In TCP/IP networks, the MAC address of a subnet interface can be queried with the IP address using the Address Resolution Protocol (ARP) for Internet Protocol Version 4 (IPv4) or the Neighbor Discovery Protocol (NDP) for IPv6. On broadcast networks, such as Ethernet, the MAC address uniquely identifies each node and allows frames to be marked for specific hosts. It thus forms the basis of most of the Link layer (OSI Layer 2) networking upon which upper layer protocols rely to produce complex, functioning networks.

The standard (IEEE 802) format for printing MAC-48 addresses in human-friendly form is six groups of two hexadecimal digits, separated by hyphens (-) or colons (:), in transmission order, e.g. 01-23-45-67-89-ab, 01:23:45:67:89:ab. This form is also commonly used for EUI-64. Other less common conventions use three groups of four hexadecimal digits separated by dots (.), e.g. 0123.4567.89ab; again in transmission order.

Address details

All three numbering systems use the same format and differ only in the length of the identifier. Addresses can either be "universally administered addresses" or "locally administered addresses."

A universally administered address is uniquely assigned to a device by its manufacturer; these are sometimes called "burned-in addresses" (BIA). The first three octets (in transmission order) identify the organization that issued the identifier and are known as the Organizationally Unique Identifier (OUI).[2] The following three (MAC-48 and EUI-48) or five (EUI-64) octets are assigned by that organization in nearly any manner they please, subject to the constraint of uniqueness. The IEEE expects the MAC-48 space to be exhausted no sooner than the year 2100; EUI-64s are not expected to run out in the foreseeable future[citation needed].

A locally administered address is assigned to a device by a network administrator, overriding the burned-in address. Locally administered addresses do not contain OUIs.

Universally administered and locally administered addresses are distinguished by setting the second least significant bit of the most significant byte of the address. In EUI-64 addresses, if the bit is 0, the address is universally locally administered. If it is 1, the address is locally globally administered. The bit is 0 in all OUIs. For example, 02-00-00-00-00-01. The most significant byte is 02h. The binary is 00000010 and the second least significant bit is 1. Therefore, it is a locally administered address.[3]If the least significant bit of the most significant byte is set to a 0, the packet is meant to reach only one receiving NIC. This is called unicast. If the least significant bit of the most significant byte is set to a 1, the packet is meant to be sent only once but still reach several NICs. This is called multicast.

The following technologies use the MAC-48 identifier format:

Ethernet

802.11 wireless networks

Bluetooth

IEEE 802.5 token ring

most other IEEE 802 networks

FDDI

ATM (switched virtual connections only, as part of an NSAP address)

Fibre Channel and Serial Attached SCSI (as part of a World Wide Name)

The distinction between EUI-48 and MAC-48 identifiers is purely semantic: MAC-48 is used for network hardware; EUI-48 is used to identify other devices and software. (Thus, by definition, an EUI-48 is not in fact a "MAC address", although it is syntactically indistinguishable from one and assigned from the same numbering space.)

The IEEE now considers the label MAC-48 to be an obsolete term which was previously used to refer to a specific type of EUI-48 identifier used to address hardware interfaces within existing 802-based networking applications and should not be used in the future. Instead, the term EUI-48 should be used for this purpose.

( It uniquely identifies each network

( Every machine on the same network shares that network address as part of its IP address

( In IP address 172.16.30.56, 172.16 is network number and 30.56 is node number

The networks are classified into three classes

Class A : small number of networks with large number of hosts

Class B : between very large networks and large hosts

Class C : numerous networks with small amount of hosts

Class ANetworkHostHostHost

Class BNetworkNetworkHostHost

Class CNetworkNetworkNetworkHost

Class DMulticast

Class EResearch

Defined heading bit for classes to make routing decision faster

Class A : 0, Class B : 10, Class C : 110

(which helps router to decide which class an IP address belongs and make faster routing decision)

Reserved IP Addresses

AddressFunction

Network address of all 0sthis network or segment

Network address of all 1sAll networks

Network 127.0.0.1Reserved for loopback tests. Designates the local node and allows that node to send a test packet to itself without generating network traffic

Node address of all 0sNetwork address or any host on specified network

Node address of all 1sAll nodes, on the specified network, for example, 128.2.255.255 means all nodes on network 128.2 (class B network)

Entire IP address set to all 0sUsed by Cisco routers to designate the default root. Could also mean any network

Entire IP address set to all 1s (same as 255.255.255.255)Broadcast to all nodes on the current network; sometimes called an all 1s broadcast or limited broadcast

Class A addresses:

Network.node.node.node

Range : 1.0.0.0 to 127.255.255.254

Class A Valid Host IDs

( All host bits off is the network address: 10.0.0.0

( All host bits on is the broadcast address: 10.255.255.255

( Valid hosts are between the network address and broadcast address: 10.0.0.1 through 10.255.255.254.

Class B addresses:

Network.network.node.node

Range: 128.0.0.1 to 191.255.255.254

Class B Valid Host IDs

( All host bits turned off is the network address: 172.16.0.0

( All host bits turned on is the broadcast address: 172.16.255.255

( Valid hosts between network and broadcast address: 172.16.0.1 through 172.16.255.254

Class C addresses:

Network.network.network.node

Range: 192.0.0.0 to 223.255.255.254

Class C Valid Host IDs

( All host bits turned off is the network ID: 192.168.100.0

( All host bits turned on is the broadcast address: 192.168.100.255

( Valid hosts between network and broadcast address:192.168.100.1 through 192.168.100.254

Private IP Addresses

( These addresses can be used on a private network, but they are not routable through the Internet

( This is designed for the purpose of creating a measure of well-needed security, but it also conveniently saves valuable IP address space

Reserved IP Address Space

Address ClassReserved Address Space

Class A10.0.0.0 through 10.255.255.255

Class B172.16.0.0 through 172.31.255.255

Class C192.168.0.0 through 192.168.255.255

Broadcast Addresses

Four types of broadcast address:

Layer 2 broadcasts

These are sent to all nodes on a LAN. (one to all comm.)

Layer 3 broadcasts

These are sent to all nodes on the network. (one to all comm..)

Unicast

These are sent to a single destination host. (one to one comm.)

MulticastThese are packets sent from a single source, and transmitted to many devices on different networks (sends message to group of users only one to many communication).

Router Components

Cisco routers have various components that are controlled by the Cisco IOS. These components include such things as memory, interfaces, and ports. Each component has a purpose that provides added functionality to a router. A review of these components will be useful in understanding each of their roles within a router.

Memory

A router contains different types of memory, where it can store images, configuration files, and microcode. The types of memory and their purposes are as follows:

RAM Often referred to as dynamic random-access memory (DRAM). RAM is the working area of memory storage used by the CPU to execute Cisco IOS software and to hold the running configuration file, routing tables, and ARP cache. The running configuration file (running-config) contains the current configuration of the software. Information in RAM is cleared when the router is power-cycled or reloaded.

ROM Sometimes referred to as erasable programmable read-only memory (EPROM). ROM is hard-wired read-only memory in the router. ROM contains power-on self-test (POST) diagnostics and the bootstrap or boot-loader software. This code allows the router to boot from ROM when it cannot find a valid Cisco IOS software image. This is known as ROM Monitor mode. This is a diagnostic mode that provides a user interface when the router cannot find a valid image.

Flash Available as EPROMs, single in-line memory modules (SIMMs), or PCMCIA cards. Flash is the default location where a router finds and boots its IOS image. On some platforms, additional configuration files or boot images can be stored in Flash. The contents of Flash are retained when the router is power-cycled or reloaded.

NVRAM Nonvolatile random-access memory. NVRAM stores the startup configuration file (startup-config), which is used during system startup to configure the software. In addition, NVRAM contains the software configuration register, a configurable setting in Cisco IOS software that determines which image to use when booting the router. The contents of NVRAM are retained when the router is power-cycled or reloaded.

Table 2-1 provides a summary of these memory types, their function, and useful Cisco IOS software commands when managing these different types of memory.

Table 2-1. Memory Types

Memory Type Contents Useful Cisco IOS Software Commands

RAM Running configuration file

Routing tables

ARP cache

Working memoryshow running-configshow ip routeshow arpshow memory

ROM POST

Bootstrap

ROM Monitor mode

Locate and load IOS

Flash IOS

Additional configuration files

Additional IOS imagesshow flash

NVRAM Startup configuration file

Configuration registershow startup-configshow version

An understanding of the different types of memory and their function within the router helps not only clarify where the IOS image and configuration files are stored, but also proves useful by allowing the user to manipulate these configuration files during the configuration process and understand what area of memory is being changed.

Interfaces and Ports

Routers contain different types of interfaces and ports. Interfaces assist the router in routing packets and bridging frames between network segments, and they provide a connection point to different types of transmission media. Ports, on the other hand, provide management access to the router.

Some common interface types are as follows:

Serial

Ethernet

Token Ring

Asynchronous

FDDI

The preceding types of interfaces are some of the most common; however, interface types are in no way static. Interface types are added as new technologies evolve and methods are needed to interconnect and integrate network devices. An example of this is the voice interface available in the Cisco 2600 series that connects to a private branch exchange (PBX) or standard analog phone.

Ports on the router enable a user to connect to the router for management and configuration purposes. You can connect either a terminal (DTE) or a modem (DCE) to these ports. Some of the common ports are:

Console

Auxiliary (AUX)

The console and auxiliary ports are physical ports on the router that provide management access to the router. In addition to these, there are also vty lines, which are software-defined lines that allow Telnet access to the router. The default vty configuration is vty lines 0 through 4, allowing five simultaneous Telnet sessions to the router. Passwords can be configured on each vty line to secure access to the router.

Command-Line Interface

CLI is the acronym used by Cisco to denote the command-line interface of the IOS. CLI is the primary interface used to configure, manage, and troubleshoot Cisco devices. This user interface enables you to directly execute IOS commands, and it can be accessed through a console, modem, or Telnet connection. Access by any of these methods is generally referred to as an EXEC session.

EXEC Levels or Modes

Two different EXEC sessions exist, user EXEC level and privileged EXEC level. Each level provides a different amount of access to the commands within the IOS. User EXEC provides access to a limited number of commands that allow basic troubleshooting and monitoring of the router. Privileged EXEC level allows access to all router commands, such as configuration and management settings. Password protection to the privileged EXEC level is highly recommended to prevent unauthorized configuration changes from being made to the router. Upon initiating an EXEC session on the router, a user is placed in user EXEC mode. This is denoted in the router with the > promptfor example:

Router>

To change to the privileged EXEC level, type in the command enable, as shown:

Router> enablePassword: [enable password]

If an enable password has been set, the router prompts you for it. When you enter the correct enable password, the prompt changes from Router> to Router#. This indicates that you have successfully entered into privileged EXEC mode, as shown:

Router>

Password: [enable password]

Router#

TIP

Enable passwords show up as clear text in the running configuration file. If this is undesirable for your environment, Cisco IOS software offers another optionencrypt the enable password using the enable secret command. Using the enable secret command ensures that the password is not displayed as clear text in the running configuration file.

IOS CLI Hierarchy

Cisco IOS software is structured in a hierarchical manner. It is important to understand this structure to successfully navigate within Cisco IOS software. As mentioned previously, there are two EXEC modes: user EXEC and privileged EXEC. Privileged EXEC mode is composed of various configuration modes:

Global configuration mode

Interface configuration mode

Router configuration mode

Line configuration mode

Figure 2-1 provides a visual breakdown of the configuration modes.

Figure 2-1. Cisco IOS Software CLI Hierarchy

Within each mode, certain commands are available for execution. Using the context-sensitive help, you can see a list of which commands are available. While navigating the CLI, the router prompt changes to reflect your current position within the CLI hierarchy. Table 2-2 summarizes the main command prompts within the CLI hierarchy.

Table 2-2. CLI Command Prompts by Mode

Command Prompt Mode IOS Command to Enter Command Mode Description

Router> User EXEC mode Default mode upon login Limited inspection of router information

Router # Privileged EXEC mode From Router>, type enable Detailed inspection, testing, debug, and configuration commands

Router(config)# Configuration mode From Router#, type config terminal High-level configuration or global configuration changes

Router (config-if)# Interface level (submenu of configuration mode) From Router(config)#, type interface [interface name]for example, Ethernet0 Interface-specific commands

Router (config-router)# Routing engine level (submenu of configuration mode) From Router(config)#, type router [routing protocol]for example, rip, igrp, and so forth Routing engine commands

Router (config-line)# Line level (submenu of configuration mode) From Router(config)#, type line [port]for example, aux0, console0, vty 0 4 Line-configuration commands

Context-Sensitive Help

In both user and privileged EXEC modes, you can see a listing of available commands by typing a question mark (?) at the Router> or Router# prompts. This is referred to as context-sensitive help. Example 2-1 shows context-sensitive help from user EXEC mode.

Example 2-1 Context-Sensitive Help from User EXEC Mode

Router>?Exec commands:

Session number to resume

access-enable Create a temporary Access-List entry

clear Reset functions

connect Open a terminal connection

disable Turn off privileged commands

disconnect Disconnect an existing network connection

enable Turn on privileged commands

exit Exit from the EXEC

help Description of the interactive help system

lat Open a lat connection

lock Lock the terminal

login Log in as a particular user

logout Exit from the EXEC

mrinfo Request neighbor and version information from a multicast

router

mstat Show statistics after multiple multicast traceroutes

mtrace Trace reverse multicast path from destination to source

name-connection Name an existing network connection

pad Open a X.29 PAD connection

ping Send echo messages

ppp Start IETF Point-to-Point Protocol (PPP)

--More--

Example 2-1 displays the commands available for execution from user EXEC mode. When the number of commands available exceed that which can be displayed on the screen, the IOS displays the --More-- prompt. Pressing the Spacebar presents the next page of commands, often followed by another --More-- until all remaining commands are displayed and you're returned to the Router> prompt, as demonstrated in Example 2-2.

Example 2-2 Hitting the Spacebar Continues the Context-Sensitive Help Listing and Returns You to the User EXEC Mode Prompt

Logout Exit from the EXEC

mrinfo Request neighbor and version information from a multicast

router

mstat Show statistics after multiple multicast traceroutes

mtrace Trace reverse multicast path from destination to source

name-connection Name an existing network connection

pad Open a X.29 PAD connection

ping Send echo messages

ppp Start IETF Point-to-Point Protocol (PPP)

resume Resume an active network connection

rlogin Open an rlogin connection

show Show running system information

slip Start Serial-line IP (SLIP)

systat Display information about terminal lines

telnet Open a telnet connection

terminal Set terminal line parameters

tn3270 Open a tn3270 connection

traceroute Trace route to destination

tunnel Open a tunnel connection

where List active connections

x3 Set X.3 parameters on PAD

xremote Enter XRemote mode

Router>

You can repeat the same process to get a list of available commands from privileged EXEC mode. The only difference is that more commands are available within privileged EXEC mode.

To find out what commands are available that begin with the letter c, you would type the letter c immediately followed by a ?. This is referred to as word help, and it is useful when you know what the command begins with, but not the exact syntax. Example 2-3 demonstrates this concept.

Example 2-3 Using Word Help to Find the Exact Syntax of a Command

Router#c?clear clock configure connect copy

As more letters are added to the command you need help for, the context-sensitive help feature narrows down the available commands to choose from. Example 2-4 demonstrates what you would see if you narrowed your search by adding additional letters such as co? or con?.Example 2-4 Adding Characters in a Command Immediately Followed by a ? Helps You Narrow Your Command Search

Router#c?clear clock configure connect copy

Router#co?configure connect copy

Router#con?configure connect

Suppose that you need more information on the syntax of the configure command. Command help is available to list arguments that are available with a given command by typing the command, followed by a space and a ?. For example, if you want to find out what commands were available to use with the configure command, you would type configure ?, as demonstrated in Example 2-5.

Example 2-5 Entering Characters in a Command Followed by ? Helps You Find the Exact Syntax of a Command

Router#configure ? memory Configure from NV memory

network Configure from a TFTP network host

overwrite-network Overwrite NV memory from TFTP network host

terminal Configure from the terminal

Finally, the command parser has the capability to distinguish erroneous commands that are entered incorrectly, as well as prompt you when more specific command arguments are needed. When an erroneous command is entered, the help feature returns the output shown in Example 2-6.

Example 2-6 Entering an Erroneous Command Generates a Message to Indicate the Syntax Error

Router#show rnning-config ^

% Invalid input detected at '^' marker.

The ^ marker indicates where the error in the syntax occurred. When a more specific command argument is needed to distinguish among multiple possibilities, the help feature returns %Ambiguous command:, as shown in Example 2-7.

Example 2-7 Entering a Command Requiring More Specific Parameters Generates an Ambiguous Command Message

Router#show access% Ambiguous command: "show access"

This is easily corrected by typing more of the command so that multiple possibilities no longer exist, as shown in Example 2-8.

Example 2-8 Entering a Command with the Required Arguments to Eliminate the Ambiguous Command Error

Router#show access-listsStandard IP access list 1

permit any

Each of these context-sensitive help features is useful in helping you determine whether the command syntax is incorrect.

Hot Keys

The CLI also provides hot keys for easier navigation within the IOS and provide shortcuts for editing functions. Table 2-3 provides a list of shortcuts that are available.

Table 2-3. CLI Hot Keys for Cisco IOS Software Command Editing Functions

Key Sequence Description

Ctrl-A Moves the cursor to the beginning of the current line

Ctrl-R Redisplays a line

Ctrl-U Erases a line

Ctrl-W Erases a word

Ctrl-Z Ends configuration mode and returns to privileged EXEC mode

Tab Finishes a partial command

Backspace Removes one character to the left of the cursor

Ctrl-P or Up Arrow Allows you to scroll forward through former commands

Ctrl-N or Down Arrow Allows you to scroll backward through former commands

Ctrl-E Moves the cursor to the end of the current line

Ctrl-F or right arrow Moves forward one character

Ctrl-B or left arrow Moves back one character

Esc+B Moves back one word

Esc+F Moves forward one word

Direct Access to Routers and Switches Through a Console Port

Most Cisco devices use a rollover cable connected to the console port on the router or switch. For exceptions, consult the product documentation to verify whether you should use a straight-through or rollover cable. The cable is then connected to an RJ-45toDB-9 or RJ-45toDB-25 terminal adapter that is attached to a serial communications port (COM1, COM2, or other COM port) on the PC. Figure 4-1 shows how this is done.

Figure 4-1. Connecting a Device with a Console Cable

Components of Routing Data

Routing Tables:router#sh ip route

R or I or D175.21.0.0/16 [120/1] or [100/1535548] via 10.10.10.1, 00:00:18, serial0/0

C

10.10.10.0 is directly connected, serial0/0

Where R means by which the entry was learned on this router. Here it is RIP. I means IGRP, D means EIGRP

175.21.0.0/16 is the network address and number of bits in subnet mask of the destination network

[120 or 100 is the administrative distance of the route.

/1 or /1535548 is the metric of the route specific to the routing protocol used to determine the route. RIP uses hops (max.15) as its metric. A hop is how many routers away the destination network is. And composite metric (with bandwidth, delay of line by default plus reliability, load, MTU in igrp, eigrp)

via 10.10.10.1 is the next hop address for the route. This is the address the packet will need to be sent to in order for the packet to reach its destination.

00:00:18 the length of the time since the route has been updated in the routing table. In this case the route was updated 18 seconds ago.

Serial0/0 the interface the route was learned through. This is also the interface the packet will be switched to I order for the packet to be forwarded toward its destination.

Statically Defined Routes

A statically defined route is one in which a route is manually entered into the router. A static route can be entered into the router with the following command in global configuration mode:

2501(config)#ip route prefix mask {address | interface} distance2501(config)#ip route 192.168.20.0 255.255.255.0 172.16.50.1

Default Route:ip route 0.0.0.0 0.0.0.0 172.16.50.1

Dynamic Routes:A dynamic routing is a process in which a routing protocol will find the best path in a network and maintain that route. It will discover all the possible routes to one destination, implement its predefined rules, and come up with the best route to the destination.

Dynamic Routing Protocols

Interior Gateway Protocol (IGP)

Exterior Gateway Protocol (EGP)

Border Gateway Protocol

Categorized into two categories:

1.Classful Routing Protocol

Classless Routing Protocol

RIPv1, IGRP

RIPv2, EIGRP, OSPF, IS-IS, BGP

2.Distance-Vector Routing Protocol

Link State Routing Protocol

RIP, IGRP, EGRP

OSPF, IS-IS

Distance-Vector Comparisons

CharacteristicRIPv1RIPv2IGRPEIGRP

Count to infinityXXX

Split horizon with poison reverseXXXX

Hold down timerXXX

Triggered update with route poisoningXXXX

Load balancing with equal pathsXXXX

Load balancing with unequal pathsXX

VLSM supportXX

Automatic SummarizationXXXX

MetricHopsHopsCompositeComposite

Hop count limit1616255 (100 by def.)255 (100 by def.)

Support for size of networkMediumMediumLargeLarge

IGRP & EIGRP are the only Cisco proprietary routing protocols.

Most distance-vector routing protocols have following characteristics:

Periodic Updates:The length of time before a router will send out an update. For RIP, its 30 seconds and for IGRP, its 90 seconds.

Neighbors:

Other routers on the same logical, or data link, connection.

Broadcast Updates:When a router becomes active it will send out a message to the broadcast address stating that it is alive. In return, neighboring routers participating in the same routing protocol will respond to this broadcast.

Full Routing Table Updates: Most d-v routing protocols will send their entire routing table to their neighbors. This occurs when the periodic update timer expires.

Routing by Rumor:A router will send its routing table to all of its directly connected neighbors. In return, all of the neighboring routers will send their routing tables to all of their directly connected neighbors. This will continue until all routers running the same distance-vector routing protocol are reached.

Invalid Timer: Determines the length of time that must elapse (180 seconds for RIP) before a router determines that a route has become invalid. It happens when a router interface not heard any updates about a particular route for that period.

Split Horizon: Prevents what is known as a reverse route. A reverse route occurs when a router learns a route from a neighbor and the router turns around and sends that route back to the neighbor that the router learned it from, causing an infinite loop. The split horizon prevents this by setting a rule that a route cannot be advertised out the same interface the route was learned out.

Counting to Infinity: In networks that are slow to converge, another type of routing loop can occur. This loop occurs when routers have multiple paths to the same destination. What happens in this case is the routing table is populated with the best route to the destination even though it has two routes to the e destination. So, when the destination network goes down, the updates about the destination being unreachable can arrive at the router at different times. The router in turn advertises out that it has another route to the destination. This will continue across the network, incrementing the hop count at each router it encounters. Even though the destination network is down, all of the routers participating in the routing process think they have an alternate route to the network, causing a loop. This issue has been corrected by enforcing maximum hop counts. When a route reaches the maximum hop count limit, the route is marked as unreachable and removed from the routers routing table.

Triggered Updates:It increases the speed of convergence on a network. Instead of the routers having to wait until the periodic update timer expires and sends out an update, a triggered update will send out an update as soon as a significant event occurs and speeding up convergence and cutting down on the risk of the network loops due to convergence issues.

Hold-down Timer: It is used when information about a route changes. When the new information is received or a route is removed, the router will place that route in a hold-down state. This means that the router will not advertise, nor will it accept advertisements about this route for the time period specified by the hold-down timer. After the time period expires, the router will start accepting and sending advertisements about the route.

ROUTING INFORMATION PROTOCOL (RIP)

RIPv1= Classful routing protocol (will not send a subnet mask in the routing update)

RIPv2= Classless routing protocol (will send a subnet mask in the routing update)

Authentication of routing updates through clear text or md5 (optional)

Multicast route updates

Next-hop addresses carried with each route entry

Router(config)#router rip, version 2 command to use RIPv2

Characteristics of RIP

Distance-Vector Routing Protocol

Use Bellman-Ford algorithm

Use hop count as metric, maximum 15, 16 is unreachable

Route update timer, periodic updates is set to 30 seconds by default

Route invalid timer is set to 180 seconds. This is the time it will take before a route will be marked as unreachable.

Route flush timer is 240 seconds. This is the time between the route being marked as unreachable and the route being removed from the routing table. In the time period between the invalid timer and the flush timer, neighboring routers will be notified about the routes unreachable.

Link-State Routing:

( In link-state routing, each router knows the exact topology of the network.

( This will limit the number of bad routing decisions that can be made because each router in the process has an

identical view of the network.

( Each router in the network will report on its state, the directly connected links, and the state of each link. The router

will then propagate this information to all routers in the network.

( It does not pass the entire routing table, only the changed information or a message of no change after a given period of time is passed. This is known as LSA (Link state advertisement).

( Each LSA will include an identifier for the link, the state of the link and a metric for the link.( Use of LSA will reduce the bandwidth utilization.

( But more complex to configure than distance-vector routing protocol

( OSPF and IS-IS (Integrated Intermediate System to Intermediate System) LSR protocols

How LSR works:

( When router becomes active, it has to form adjacency with its directly connected neighbors

( After forming adjacencies, the router then sends out link-state advertisements to each of its neighbors. After receiving

and copying the information from the LSA, the router forwards, or floods, the LSA to each of its neighbors.

( All of the routers then store the LSAs in their own database. This means all routers have the same view of the network

topology.

( Each router then uses the Dijkstra algorithm to compute its best route to a destination.Link-State Comparisons

EIGRP is a hybrid protocol, contains the characteristics from both d-v and l-s routing protocols.

CharacteristicOSPFIS-ISEIGRP

Hierarchical topology neededXX

Retains knowledge of all possible routesXXX

Manual route summarizationXXX

Automatic route summarizationX

Event-triggered announcementXXX

Load balancing with unequal pathsX

Load balancing with equal pathsXXX

VLSM supportXXX

MetricCostCostComposite

Hop count limitUnlimited1024100 by def.

Support for size of networkLargeVery largeLarge

Default Administrative Distance

Source of RouteDefault ADSource of RouteDefault AD

Connected Interface0IS-IS115

Static Route1RIP120

EIGRP Summary5EGP140

External BGP20External EIGRP170

EIGRP90Internal BGP200

IGRP100Unknown255

OSPF110

Verifying routes:

2501>sh ip route

Testing and troubleshooting:ping, traceroute

Network Address Translation:

NAT (Network Address Translation) and PAT (Port Address Translation) are used to extend the current address space by translating one address to another and help to alleviate shortage.

NAT Terminology:

( NAT can be broken into two types, NAT and PAT.

( NAT is the one-to-one translation of IP addresses from an inside local IP address to an outside global IP address that is unique and routable on the Internet.

( PAT is sometimes referred to as NAPT (Network Address and Port Translation). It is a many-to-one translation because it can take multiple inside local IP addresses and translate them to one inside global IP address.

Inside local: The inside local address is the IP address used by a host on the private side of the network.

Inside Global: The inside global address is the public IP address into which the inside local address will be translated. This is typically a globally unique and routable IP address, which hosts on the outside network would use to communicate with the inside local IP address.

Outside global: The outside global address is the actual IP address of a host that resides on the outside public network and is usually a globally unique and routable IP address.

Outside local: The outside local address is the IP address used to translate an outside global IP address. This may or may not be a registered IP address, but it must be routable on the inside of your network.

How NAT works:

( Traffic that is sourced on the inside of the network from inside host (Inside Host), coming to an interface marked as inside, will have an inside local address as its source IP address (SA Inside Local) and an outside local address as the destination IP address (DA Outside Local).

( When that traffic reaches the NAT process and is switched to the outside network, going out an interface marked as outside, the source IP address will be known as the inside global address (SA Inside Global) and the destination IP address will be known as the outside global address (DA Outside Global).

( When traffic is sourced on the outside of the network from outside host (Outside Host), coming to an interface marked as outside, the source IP address is known as the outside global address (SA Outside Global), while the destination IP address is known as the inside global address (DA Inside Global).

( When the traffic reaches the NAT process and is switched to the inside network, going out an interface marked as an inside, the source IP address will be known as the outside local address (SA Outside Local) and the destination IP address will be known as the inside local address (DA Inside Local).

Advantage of NAT:

( NAT allows you to incrementally increase or decrease the number of registered IP addresses without changing devices (hosts, switches, routers etc.) in the network. But sometimes you need to change the device with NAT.

( NAT can be used either statically or dynamically:

( Static translations are manually configured to translate a single global IP address to a single local IP address and vice versa. This transaction always exists in the NAT table until it is manually removed. Optionally, this translation could be configured between a single inside IP address and port pair to a single outside IP address and port pair using either TCP or UDP. These port values neednt be the same value.

( Dynamic mappings are configured on the NAT border router by using a pool of one or more registered IP addresses. Devices on the inside of the network that wish to communicate with a host on the outside network can use these addresses in the pool. This allows multiple internal devices to utilize a single pool of IP addresses. You can also use a single IP address by configuring overloading, which will translate both the IP address and port number.

( NAT can be configured to allow the basic load sharing of packets among multiple servers using the TCP load distribution feature. TCP load distribution uses a single outside IP address, which is mapped to multiple internal IP addresses. Incoming connections are distributed in a round robin fashion among the IP addresses in the internal pool. The packets for each individual connection, or flow, are sent to the same IP address to ensure proper session communications.

( If you switch Internet Service Providers and need to change the registered IP addresses you are using, NAT makes it so you dont have to renumber every device in your network. The only change is the addresses that are being used in the NAT pool.

( You can configure NAT on the border router between your routing domain to translate the address from one network to the other and vice versa.

Disadvantage of NAT:( NAT increases latency (delay)

( NAT hides end-to-end IP addresses that render some applications unusable.

( Since NAT changes IP addresses, there is a loss in the ability to track an IP flow end-to-end.

( NAT also makes troubleshooting or tracking down where malicious traffic is coming from more troublesome.

( A host needs to be accessed from the outside network will have two IP addresses, one inside and one outside, this creates a problem called split DNS. You need to setup two DNS servers, one for external addresses and one for internal addresses. This can lead to administrative nightmares and problems if internal hosts are pointing to the external DNS server.

Supported NAT Traffic Types:( TCP/UDP traffic that does not carry source and destination IP addresses inside the application stream

( HTTP, TFTP, NFS, ICMP, NTP (Network Time Protocol), FTP (FTP PORT and PASV command)

( Archie, which provides lists of anonymous FTP archives

( Finger, a tool that determines whether a person has an account on a particular computer

( Many of the r* Unix utilities (rlogin, rsh, rcp)

( NetBIOS over TCP (datagram, name and session services)

( Progressive Networks RealAudio, White Pines CusSeeMe, Xing Technologies Stream Works

( DNS A and PTR queries

( H.323 (IOS releases 12.0(1)/12.0(1)T or later), VDOLive (IOS releases 11.3(4)/11.3(4)T or later)

( NetMeeting (IOS releases 12.0(1)/12.0(1)T or later), Vxtreme (IOS 11.2(4)/11.3(4)T or later)

( IP Multicastsource address translation only (IOS releases 12.0(1)T or later)

( PPTP support with Port Address Translation (PAT) (IOS releases 12.0(2)T or later)

( Skinny Client Protocol, IP Phone to Cisco CallManager (IOS releases 12.0(5)T or later)

Unsupported Traffic Types:

( Routing protocols, DNS zone transfers, BOOTP / DHCP, Talk, Ntalk, SNMP, Netshow

NAT Operations:

1. Translating inside local addresses

2. Overloading inside global addresses

3. Using TCP load distribution

4. Overlapping networks

Configuring NAT:

Border(config)#interface e0

Border(config)#interface s0

Border(config-if)#ip nat inside

Border(config-if)#ip nat outside

Border(config-if)#exit

Border(config-if)#exit

Static NAT:

Border(config)#ip nat inside source static 10.1.2.25 200.1.1.25

Border(config)#

This creates a permanent entry in the NAT table, and now when traffic is sent to IP address 200.1.1.25 from the outside network, it will be translated to 10.1.2.25 on the inside of the network and vice versa.

Optionally, you can configure just a certain port to be translated. Adding a protocol and port numbers to the above command does this.

Border(config)#ip nat inside source static tcp 10.1.2.25 80 200.1.1.25 80

Border(config)#ip nat inside source static tcp 10.1.2.24 80 200.1.1.25 81

Border(config)#Dynamic NAT:Dynamic NAT is used to map inside IP addresses to outside IP addresses on the fly from a pool of available IP addresses. Again, you must have IP addresses assigned to the interfaces on the router that will be participating in the NAT process.

Border(config)#int e0

Border(config-if)#ip nat inside

Border(config-if)#exit

Border(config)#int s0

Border(config-if)#ip nat outside

Border(config-if)#exit

Border(config)#access-list 12 permit 10.1.2.0 0.0.0.255

Border(config)#ip nat pool outbound 200.1.1.2 200.1.1.254 prefix- length 24

Ip nat pool pool name (outbound/inbound) start ip end ip(200.1.1.2 200.1.1.254) netmask net-mask or prefix-length length (prefix- length 24=CIDR/subnet bits)

Border(config)#ip nat inside source list 12 pool outbound

Border(config)#

( When source wants to send packet to host on the Internet, the nat border router receives a packet from an interface NAT inside.

( Then any access lists or policy routing will be applied to the packet. So the routing will take place.

( The next step is to configure a pool of IP addresses that will be allocated to outbound sessions.

( Then the router will choose an available IP address from the pool and assign it to the NAT table entry. Then that same IP will not be allocated to another translation entry until that entry times out or is manually removed.

( Finally, you need to tie the access list and pool together with the ip nat inside source command.

Configuring NAT Using Overloading

( Once all IP addresses in a pool have been allocated, any new connection attempts will fail. So if your ISP allocated you only 14 IP addresses, then only the first 14 users will be able to access the Internet unless any existing user entry expires and release the IP address. This is not very efficient manner.

( So, configuring overloading allows the router to reuse each IP address in the pool. Because it changes not only the IP address but also the port number. This is called Port Address Translation (PAT) or Network Address and Port Translation (NPAT). The router will add the protocol and port information for each translation entry, which allows more inside IP addresses to access the outside network than there are IP addresses in the pool.

Border(config)#ip nat inside source list 12 pool outbound overloadThe pool of addresses can even be just one IP address in size, but it can support approximately 64,000 inside users, using a single protocol by varying the outbound port numbers.

Border(config)#ip nat inside source list 12 interface ethernet1 overload (if DHCP used on outbound interface)

Configuring TCP Load Distribution

( This allows a host that is heavily used, such as a web server, be able to handle the load of incoming requests by spreading the load among several hosts. Destination addresses that match an access list are replaced with addresses from a pool that has been designated as a rotary pool by adding the type rotary keyword in the command.

Border(config)#int e0

Border(config-if)#ip nat inside

Border(config-if)#exit

Border(config)#int s0

Border(config-if)#ip nat outside

Border(config-if)#exit

Border(config)#ip nat pool web-hosts 10.1.1.1 10.1.1.9 netmask 255.255.255.0 type rotary

Border(config)#access-list 12 permit 10.1.1.254

Border(config)#ip nat inside destination list 12 pool web-hosts

Border(config)#

Configuring NAT for Overlapping Addresses

( Configuring NAT for overlapping address translation is similar to configuring dynamic NAT. The --difference is that you must create and apply a pool of IP addresses for the traffic to the inside of the network, as well as a pool for the outbound traffic.

( You still need to create an access list to identify the traffic to NAT, but you need to create second pool. Then you need to use the ip nat outside source command to tie the access list and second pool to NAT traffic coming from the outside interface.

Border(config)#access-list 12 permit 10.1.1.0 0.0.0.255

Border(config)#ip nat pool insidepool 10.1.2.1 10.1.2.254 netmask 255.255.255.0

Border(config)#ip nat pool outsidepool 200.1.1.2 200.1.1.254 prefix- length 24

Border(config)#ip nat inside source list 12 pool insidepool

Border(config)#ip nat outside source list 12 pool outsidepool

Border(config)#

Troubleshooting and Verifying NAT Configuration

( show ip nat translations

( show ip nat translations verbose

( ip nat statistics

( debug ip nat

IGRP(Interior Gateway Routing Protocol)

( IGRP was developed by Cisco to overcome the limitations of RIP in mid-1980s.

( Instead of hop count used by RIP, it uses composite metric of bandwidth, delay, load and reliability, MTU to decide best path.

( IGRP does not use hop count as a metric, it only tracks hop count. It can travel up to 100 hops by default, which can be changed to accommodate up to 255 hops.

( IGRP is Cisco proprietary protocol. It will not run on other routers.

( IGRP is a Classful distance-vector routing protocol, not scale well for large internetworks (does not support VLSM)

Features and Operation:( IGRP sends out periodic broadcasts of its entire routing table

( Upon initialization, IGRP broadcast a request out all IGRP-enabled interfaces.

( Then it performs a check on received update with the previous update and confirm that it is of same subnet

( Each router will then use the learned routes to determine the best route to every destination network

( IGRP recognizes three types of routes within its updates:

Interior:Network directly connected to a router interface

System:Routes advertised by other IGRP neighbors within the same IGRP AS

Exterior:Routes learned via GIFP from a different IGRP AS, which provides information used by the router to set the gateway of last resort. The gateway of last resort is the path a packet will take if a specific route isnt found on the router.

IGRP Timers:

Update Timer = 90 seconds

Invalid Timer = 270 seconds

Hold down Timer = 280 seconds

Flush Timer = 630 seconds

IGRP Metrics:Metrics are the mathematics used to select a route. Use Bellman-Ford algorithm to calculate metric. Lower metric route is the desirable route. K values are metrics.

K1=Bandwidth (Be), K2=Delay (Dc), K3=Reliability(r ), K4=Load (utilization on path), K5=MTU

Metric = [K1 x BW) + [(K2 x Bw) / (256 Load)] + (K3 x Delay)] + [K5/(Rel + K4)]

By default: K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0.

If necessary, you can adjust metrics within the router configuration interface after enabling IGRP on a router with the command: metric weights tos K1 K2 K3 K4 K5Default metric is 100, you can change it with distance 1-255

Default-metric bandwidth delay reliability load MTU

(bandwidth-0 to 4294967295 kbps, delay=0-4294967295 in 10-microsecond units,

reliability=0-255 (255 is the most reliable), load=0-255 (255 means the link is completely loaded)

MTU = 0-4294967295 kbps.

Load Balancing: It is a way a router can send traffic over multiple paths to the same direction.

Maximum-paths number of paths (IGRP/EIGRP can load balance across unequal-cost paths)

The unequal-cost load balancing can occur is because of a variance. Variance is a multiplier that is used to determine what the acceptable metric for a route is for it to be included in the routing table.

Variance multiplierThe path with the lowest metric is entered into the routing table. The variance is then applied to the lowest metric to determine what other routes can be included in the routing table. Routes with a lower metric than the product of the lowest metric and variance are known as feasible successor routes. A feasible successor is a predetermined route to use should the optimal path be lost. These routes are then added to the routing table. Once the paths have been selected, the traffic is then divided up according to the metric of each path.

IGRP Redistribution: It is a process in which routes known to one routing protocol are shared with another routing protocol. If you have Router1 with IGRP 100 and Router3 with EIGRP 150 AS, then Router2 l knows about all the routes in both IGRP 100 and EIGRP 150. So, we need to able Router1 and Router3 to have all routes of both the protocol. For that, we redistribute IGRP 100 into EIGRP 150 and EIGRP 150 into IGRP 100 on Router2. So now all routes will be known to all routers.

IGRP Configuration:Router IGRP AS#,network a.b.c.d,neighbor x.x.x.x

Passive-interface: As IGRP is the Classful routing protocol, it will advertise the interface status in the broadcast. When you dont want to do the same, use this command.

Passive-interface interface (on router configuration mode)

The passive-interface command will allow an interface to be advertised in IGRP, but the interface will not listen to or send IGRP updates itself.

Router1>enable

Router1#config t

Router1(config)#router IGRP 100

Router1(config-router)#passive-interface E0

Sh ip route, sh ip protocol, sh int s2/0.1, debub ip igrp events, debug ip igrp transactions.

EIGRP (Enhanced Interior Gateway Routing Protocol)

( EIGRP allows for incremental routing updates, and formal neighbor relationships

( Uses DUAL (Diffusing Update Algorithm) for metric calculation, which allows the following:

( Backup route determination if one is available, VLSM support, Dynamic route recoveries, Querying neighbors for unknown alternate routes, Sending out queries for an alternate route if no route can be found

( Have features of both link-state and distance-vector routing protocol.

( Use protocol-dependent modules (PDMs) that is used on layer 3 for IP, IPX and AppleTalk, Reliable Transport Protocol (RTP) which allows for guaranteed delivery in sequential order of EIGRP routing updates), Neighbor discovery/recovery, DUAL.

( It reduces bandwidth by sending updates only when a topology change occurs which requires a path or metric change to the routers require to receive the updates

( Can run only on cisco routers and route switch processors

Route Tagging: It is used to distinguish routes learned by the different EIGRP sessions. With different AS number, EIGRP can run multiple sessions on a single router. With same AS numbers speak to each other and share routing information, which includes the routes learned and the advertisement of topology changes.

Neighbor Relationships and Route Calculation and Redundant Link Calculation: Uses Hello multicast message every 5 seconds (224.0.0.10) (for x.25, Frame Relay and ATM with less than speed of T1, the hello packet will be unicast every 60 seconds) (do not broadcast) to establishes and maintains neighbor relationships with neighboring routers. Hello packet will contain EIGRP version number, the AS number, K-values and hold time. To form the adjacencies, they must use the same AS number and K-values). When Hello packets are sent out, replies to it will be sent to neighboring routers topology table (which is diff from the routing table and can store up to 6 routes to a destination network means six redundant route information. Out of these six paths, router will decide the best path or primary and standby or secondary paths to forward the data, the path with the lowest metric will become the successor or the primary path and be added to the routing table. Any route that has an advertised distance lower than the successors feasible distance will become a feasible successor route). The path-cost decision will be made with the bandwidth and delay from the local and adjacent routers from routing table, using this the composite metric is calculated, the local router adds its cost to the cost advertised by the adjacent router, the total cost is the metric) and include each routes metric information. Then the Acknowledgement message will be sent out from the receiving router and the routing table will be updated. Then this table will be advertised to the new router which will come online. Then the route calculation process will begin. EIGRP uses 32-bit format for updates (IGRP uses 24-bit format). Then it exchanges route information. When two new neighbors start working, they will exchange full routing table, after that only updates.

Neighbor Table: directly connected neighbors, neighboring routers IP address, hold time interval, smooth round-trip timer (SRTT) and queue information which helps determine the topology changes need to be propagated to neighboring routers.

Update and Changes:

An IP frame showing the protocol type to be EIGRP 6500136Frame HeaderIP HeaderProtocol (88=EIGRP)Packet PayloadCRC

Frame Payload

EIGRP uses RTP and pacing (in order to prevent routing updates from consuming too much bandwidth on lower speed links. Pacing allows EIGRP to regulate the amount of traffic it sends to a portion of the interfaces bandwidth. The traffic contains Hello packets, routing updates, queries, replies and acknowledgements. The default setting for pacing in EIGRP is 50 percent of the bandwidth on any given interface. This can be changed on the interface config mode with the following command:

Ip bandwidth-percent eigrp as-number percent

Diffusing Update Algorithm: DUAL is the algorithm by which all computation of routes for EIGRP occurs. If a feasible successor not found, then DUAL will start recalculating to find a new successor.

There are three instances that will cause DUAL to recalculate:

( An alternate route is not found, ( the new best route still goes through the original successor, ( The new best route doesnt go through a feasible successor.

EIGRP Metrics: EIGRP utilizes several databases or tables of information to calculate routes:

( The route database (routing table) where the best routes are stored, ( The topology database (topology table) where all route information resides, ( A neighbor table that is used to house information concerning other EIGRP neighbors.

Each of these databases exists separately for IP, IPX and AppleTalk sessions if all there in router.

IP-EIGRP, IPX-EIGRP, AT-EIGRP

Metric = 256 x [K1 x Bw + (K2 x Bw) / (256 load) + K3 x Delay] + [K5 / (Rel + K4)]

The only difference between IGRP and EIGRP metric is the first multiplication of 256 for EIGRP.

EIGRP Tuning: (in router config mode) metric weights tos K1 K2 K3 K4 K5 (Same command in IGRP / EIGRP)

By default, administrative distance is 90 for EIGRP you can change it with distance 1-255 command.

RouterA(config-if)#int s0

RouterA(config-if)#ip hello-interval eigrp AS# seconds (default hello time = 60 seconds for low-speed NBNA network and 5 seconds for all other networks)

RouterA(config-if)#ip hold-time eigrp AS# seconds

Redistribution: If another routing protocol is being redistributed into EIGRP, EIGRP will accept routes that have implemented VLSM and routes that havent implemented VLSM.

Configuring EIGRP

Dallas>enable, Dallas#configure terminal, Dallas(config)#router EIGRP 100

Dallas(config-router)#network 172.20.0.0, Dallas(config-router)#network 192.168.24.0

Dallas(config-router)#no auto-summary (will show u the route information with show route command, by default, auto summary is on so it will show u only one route)

Can change the summary information with this command also:

Dallas(config-router)#ip summary-address eigrp AS# address mask

Other Commands: sh ip route, sh ip route eigrp, sh ip eigrp topology, sh ip protocols, sh ip eigrp interfaces, sh ip eigrp neighbor/detail, debug eigrp neighbors, debug ip eigrp, debug eigrp packets, sh ip eigrp traffic, sh ip eigrp events.

OSPF Operation in a Single Area

OSPF is an open standard link-state routing protocol. It utilizes Dijkstras Shortest Path First (SPF) algorithm which allows faster convergence. It is more popular because it supports Multi-Protocol Label Switching (MPLS). (OSPF and IS-IS). OSPF can be used on multi vendor platforms.

Advantage of OSPF:

( Supports hierarchical network design through the use of areas

( The use of link-state databases reduces the chances of routing loops

( Full support of classless routing behavior

( Decrease size in routing tables through the use of route summarization

( Sends the routing information only when needed, decreasing the use of the network bandwidth

( Utilization of multicast packets decreases the impact on routers not running OSPF and end stations.

( Support of authentication, which allows the user to implement more secure networks

OSPF Terminology:

Neighbor: A neighbor is found via Hello packet, it is a connected (adjacent) router running OSPF process within the same area.

Adjacency: It is a logical connection between a router and its corresponding designated routers and backup designated routers.

Link: In OSPF, a link refers to a network or router interface assigned to any given network. It is a synonymous of interface.

Interface: It is a logical or physical interface on a router. OSPF will consider it as a link. OSPF will build link database on this basis.

Link-state Advertisement: LSA is an OSPF data packet containing link-state and routing information that is shared among OSPF routers.

Designated Router: A DR is only used when the OSPF router is connected to a broadcast (multi-access) network. It will receive and send the information to the broadcast network or link.

Backup Designated Router: A BDR is a hot standby for the DR on broadcast (multi-access) networks. It receives all routing updates from OSPF adjacent routers but does not flood LSA updates.

OSPF Areas: It is similar to AS of EIGRP. It is used to establish hierarchical network. Four types of areas are there.

Internal Router: An internal router is a router that has all of its interfaces participating in one area.

Area Border Router: It is a router with multiple area assignments with multiple interfaces.

Autonomous System Boundary Router: ASBR is a router with an interface connected to an external network or a different AS like EIGRP. An ASBR is responsible for injecting route information learned by routing protocol into OSPF.

Non-broadcast Multi Access: NBMA networks are networks like Frame Relay, X.25 and ATM. This network allows for multi-access but has no broadcast ability like Ethernet.

Broadcast (multi-access): Network such as Ethernet allow multiple-access as well as provide broadcast ability. A DR and BDR must be elected for multi-access broadcast network.

Point-to-Point: This type of network connection consists of a unique NBMA configuration. The network can be configured using Frame Relay and ATM to allow point-to-point connectivity. This eliminates the need for DRs and BDRs.

Router ID: It is an IP used to identify the router. If router id is not configured, the highest IP address of all configured loopback interfaces will be considered as router id. If no loopback addresses are configured, OSPF will choose the highest IP address of all configured interfaces.

OSPF Operation: (In three categories)

1. Neighbor and adjacency initialization, 2. LSA Flooding, 3. SPF Tree calculation.

Before detailed operation, step-by-step short operation is as under:

( OSPF routers send Hello packets out all interfaces participating in the OSPF process. If the router on the other side of the connection agrees on the parameters set forth in the Hello packet, both the routers form neighbor relationship.

( Some of the neighbors form adjacencies. It depends upon the Hello packets send by the router and receiving router participating in the type of networks.

( The router will send link-state advertisements (LSAs), which contain description of the routers links and the state of each link to the adjacent router.

( The routers that receive the LSAs will add the link-state information into its database and forwards the same to the other connected router which allows all routers have the same view of the network.

( After learning all LSAs, each router will run Dijkstra SPF algorithm to learn the shortest path to all the known destinations. All routers will use this information to build their SPF tree and will be used to populate the routing table.

Detailed information about all categories:

1. Neighbor and Adjacency Initialization:

( The Hello packets are used to discover neighbors and establish adjacencies. Hello packets are multicast out every interface on a 10-second interval by default.

OSPF Hello Packet information

Originating Router CharacteristicsDescription

Router IDThe configured router id OR highest loopback IP OR highest interface IP

Area IDThe area to which the originating router interface belongs

Authentication InformationThe authentication type and corresponding information

Network MaskThe IP mask of the originating routers interface IP address

Hello IntervalThe period between Hello packets

OptionsOSPF options for neighbor formation

Router PriorityAn 8-bit value used to aid in the election of the DR and BDR (not set on point-to-point links)

Router Dead IntervalThe length of time allotted for which a Hello packet must be received before considering the neighbor down--four times the Hello packet, if not changed

DRThe router ID of the current DR

BDRThe router ID of the current BDR

Neighbor router IDsA list of the router IDs for all the originating routers neighbors

Neighbor States: There are a total of eight states for OSPF neighbors:

Down: No hello packets have been received from the neighbor

Attempt: Neighbors must be configured manually. It applies to the NBMA connections only.

Init: A hello packet has been received from another router, but the local router has not seen itself in the other routers hello packets. Bi-directional communication has not yet been established.

2Way: Hello packets have been received that include their own Router ID in the neighbor field. Bi-directional communication has been established.

ExStart: Master/Slave relationship is established in order to form an adjacency by exchanging Database Description (DD) packets. (The router with the highest router id becomes the master).

Exchange: Routing information is exchanged using DD and LSR packets.

Loading: Link-state request packets are sent to neighbors