Post on 22-Jan-2018
transcript
Page | 1
Industrial Training Report
“CCNA Exploration: Network Fundamentals”
“CISCO NETWORKING ACADEMY”
Submitted in partial fulfillment of the
Requirements for the award of
Degree of Bachelor of Computer Science and Engineering
Submitted By
Name: Monika Lagwal Introduction to
Networking
Page | 2
CERTIFICATE
This is to certify that Ms.MONIKA LAGWAL has partially completed the 45-Days Industrial
Training during the period from _______ to _______ in our Organization as a Partial Fulfillment
of Degree of Bachelor of Engineering in Computer Science Engineering. He trained in the field
of Networking.
Signature & Seal of Training Manager
Page | 3
DECLARATION
I hereby declare that the Industrial Training Report entitled ("CCNA Exploration: Network
Fundamentals ") is an authentic record of my own work as requirements of 45-Days Industrial
Training during the period from _______ to _______ for the award of degree of Bachelor of
Engineering (Computer Science & Engineering).
Date
Monika Lagwal
Certified that the above statement made by the student is correct to the best of our knowledge
and belief.
Signatures
Examined by:
Head of Department
(Signature and Seal)
Page | 4
ACKNOWLEDGEMENT
I would like to make my deepest appreciation and gratitude to ……………….for his invaluable
guidance, constructive criticism and encouragement during the industrial training.
Thanks to ………….for being uniformly excellent advisor. She was always open, helpful and
provided strong broad idea.
I have taken efforts in this project. However, it would not have been possible without the kind
support and help of many individuals and organizations. I would like to extend my sincere thanks
to all of them.
I wish to express my sincere thanks to Managing Director ……………….for providing a unique
academic environment in college. My thank goes to our principal ……………..for his moral
support. A Special thank is also given to my respected Sir ……………………..for his
motivation and encouragement towards this project. Last but not the least, my thanks goes to the
entire member who supported me. This acknowledgement is just a small token of help in our
Endeavour.
We remain indebted to our friends, family members and teachers for their blessings &
encouragement in developing the project and people who have willingly helped me out with their
abilities.
Page | 5
Date:
Monika Lagwal
“About CISCO”
Cisco Networking Academy
Cisco Networking Academy, a global education initiative from Cisco Systems, offers
networking programs, like the (Cisco Certified Network Associate) CCNA and (Cisco Certified
Network Professional) CCNP courses, which prepare students for the certification exams of the
same name, and other computer-related courses. Also see History of virtual learning
environments for how Cisco Networking Academy has developed since 1997 relative to others
within the VLE community.
Courses are available in approximately 9,000 local academies, in over 165 different countries.
As of 2010, there were over 900,000 active students (defined as students currently enrolled,
students enrolled in a future course, and students who were enrolled in a course during the last
five months).
Background
In 1993, Cisco embarked on an initiative to design practical, cost-effective networks. It quickly
became apparent that designing and installing the networks was not enough, schools also needed
some way to maintain the networks after they were up and running. Cisco Senior Consulting
Engineer George Ward developed training for teachers and staff for maintenance of school
networks. The students in particular were eager to learn and the demand was such that it led to
the creation of Cisco Networking Academy.
Cisco Networking Academy, established in 1997, teaches students networking and other
information technology-related skills, preparing them for jobs as well as for higher education in
Page | 6
engineering, computer science and related fields. Since its launch, the program has grown to
more than 9,000 Academies in 50 U.S. states and more than 165 countries with a curriculum
taught in 16 different languages. More than 900,000 students participate in Academies operating
in colleges and universities, technical schools, community-based organizations, and other
educational programs around the world. Networking Academy blends face-to-face teaching with
web-based curriculum, hands-on lab exercises, and Internet-based assessment.
Networking courses
Networking Academy offers a variety of courses in networking, such as CCNA (Cisco Certified
Network Associate), CCNP (Cisco Certified Network Professional), Wireless Networking and
Network Security, among others. The CCNA is offered in two models; Discovery provides
general networking theory and offers a hands-on career-oriented approach. Exploration is for
more advanced learners and covers protocols and theory in depth, each is divided into four
courses. Both the Exploration and Discovery tracks lead to industry-recognized CCNA
certification. CCNP courses follow from the CCNA and are offered as three separate certificated
courses.
The latest revision of the Networking courses, entitled "Routing and Switching", released in
2013, re-combines the Discovery and Exploration tracks. The first two courses, Network Basics
and Routing and Switching Essentials, are designed to map to the CCENT (Cisco Certified
Entry-level Network Technician) competencies. There are additional courses in development to
map fully to the new CCNA competencies.
The Networking Academy also offers curriculum mapped to the CompTIA A+ competencies.
The IT Essentials curriculum was also updated in 2013 to reflect the updated A+ competencies.
Teaching Tools
With Cisco Networking Academy expanding into many different nations, some without the
infrastructure present in western nations, Cisco has worked with a business partner to create a
remote access router system (Net lab+) as well as collaborating with over 200 academies
worldwide to test and aid the development of the Packet Tracer application, which offers
students and education centers a free networking education tool.
These are available in addition to the in-class practical labs for the Cisco courses.
Page | 7
References
1. ^ "Packet Tracer Collaboration Portal". Cisco Systems. Retrieved 2008-06-08.
2. ^ "Example of collaborative site". Andrew Smith. Retrieved 2008-06-08.
SNO. CONTENTS PAGE NO. 1 Introduction 5-7 1.1 Introduction to Networking 5
1.2Types of Network 6
1.2.1 Peer to Peer Networks
1.2.2 Client/Server Networks 7
2. Theoretical consideration 814
2.1 OSI model 2.2 IP Addressing 13
2.2.1 Subnet Mask 13 2.2.2 Default Gateway 14
2.2.3 Default Gateway Countdown 14
3 Materials and Methods 15-18
3.1 Software Used 15
3.1.1 CISCO Packet Tracer 16
3.1.2 Hubs 15 3.1.3 Bus . 15
3.1.4Switches 16
3.1.5 Routers 17 3.1.6
Gateway 18
3.2 Methodology 19-67
3 3.2.6.a RIP Version 1 19
4 3.2.6.b RIP Version 2 20
5 3.2.7.aInterior Gateway Routing Protocol
6 3.2.7.b Enhanced Gateway Routing Protocol 39
7 3.2.8.Open Shortest Path First 46
8 3.2.9.Virtual LAN 60
9 3.2.10 Encapsulation 62
10 3.2.11 TELNET 64
Page | 8
11 3.2.12 Network Address Translation 65
12 3.2.13 Password Authentication Protocol 66
13 3.2.14 Internet Protocol Version 6 67
14
INTRODUCTION TO NETWORKING
CHAPTER 1:
Introduction to networking , Types of network
A network is a group of interconnected computers that allows you to share information and
resources (such as printers) from one computer to another. A network with the right software
helps you increase employee productivity and reduce costs.
For example, in a network with Windows® Small Business Server 2008 (SBS 2008), multiple
employees can access the Internet or company e-mail at the same time, or share the same fax
machine or other office equipment. A network with SBS 2008 can help you save time and
money, protect your business data, and increase efficiencies in your business. Businesses that use
networks find that the investment pays for itself quickly through increased productivity. Studies
have shown increased employee productivity and reduced operating costs help pay for software
and hardware, and installation and support costs.
TYPES OF NETWORK
The two most common types of networks are peer-to-peer and client/server. Both networks serve
the same purpose. They allow users to share information or resources.
Peer-to-Peer Networks
Page | 9
The most basic way to allow multiple users to share information or resources, such as printers
and fax machines, is to connect multiple computers in a peer-to-peer network. A common
method for setting up a peer-to-peer network is to connect computers running workgroup or
client software, such as the Windows Vista® operating system, to a hub or to use a wireless
access point.While this is a simple, low-cost solution, peer-to-peer networks are limited in what
they can do. For example, peer-to-peer networks have no centralized security safeguards.
Information and resources are shared from each computer, and if one computer shuts down, loses
Power, or loses data, it is impossible to access the information on that computer. Peer-to-peer
networks also tend to slow down when more than five computers are connected.
Client/Server Networks
In a client/server network, a single computer (the server hardware) is used to store and manage
information and resources in a central location. That computer is loaded with server software that
is designed to perform specific tasks and provide specific services such as file sharing, print
processing, Internet connectivity, and e-mail for each of the network’s “client” computers. The
clients in the client/server network can be individual computers, printers, or other remote devices
(for example, Windows Mobile® phones).Client/server networks provide tools and services that
can help your business achieve dramatic time and cost savings, revolutionizing the way you do
your work. For example, with a client/server network you can use fewer printers and distribute
faxes electronically, which results in lower hardware costs and increased productivity. The server
can back up information, which can save you time and prevent data loss.
Page | 10
Also, because the server acts as a single access point, your Internet connection can be monitored
and controlled, which enhances your network security. The computers in your business may
show markedly improved performance in a client/server network because they don’t have to
perform functions for other computers, such as storing large amounts of data or running heavy
software applications; the server takes on all this heavy lifting. With one centralized access point
for information and resources, users are not dependent on information housed on each other’s
computers, as they are in a peer-to-peer network. In addition, servers can enhance the security of
your business data by providing controlled access to files and data such as financial information,
documents, and business presentations.
Page | 11
CHAPTER 2: OSI model
Open Systems Interconnection (OSI) model (ISO/IEC 7498-1) is a conceptual model that
characterizes and standardizes the internal functions of a communication system by partitioning
it into abstraction layers. The model is a product of the Open Systems Interconnection project at
the International Organization for Standardization (ISO).
OSI Model
Data unit Layer Function
Page | 12
CHAPTER 3: CISCO PACKET TRACER Cisco® Packet Tracer is a powerful network simulation program that allows students to
experiment with network behavior and ask “what if” questions. As an integral part of the
Networking Academy comprehensive learning experience, Packet Tracer provides
Simulation, visualization, authoring, assessment, and collaboration capabilities to facilitate
The teaching and learning of complex technology concepts.
Packet Tracer supplements physical equipment in the classroom by allowing students to create a
network with an almost unlimited number of devices, encouraging practice, discovery, and
trouble shooting. The simulation-based learning environment helps students develop 21st century
Skills such as decision making, creative and critical thinking, and problem solving. Packet Tracer
Host
layers
Data
7. Application Network process to application
6. Presentation Data representation, encryption and decryption, convert
machine dependent data to machine independent data
5. Session Innermost communication, managing sessions between
applications
Segments 4. Transport Reliable delivery of packets between points on a
network.
Media
layers
Packet/Datagram 3. Network Addressing, routing and (not necessarily reliable)
delivery of datagrams between points on a network.
Bit/Frame 2. Data link A reliable direct point-to-point data connection.
Bit 1. Physical A (not necessarily reliable) direct point-to-point data
connection.
Page | 13
Complements the Networking Academy curricula, allowing instructors to easily teach and
demonstrate complex technical concepts and networking systems design. Instructors
Can customize individual or multiuser activities, providing hands-on lessons for students that
offer value and relevance in their classrooms. Students can build, configure, and troubleshoot
Networks using virtual equipment and simulated connections, alone or in collaboration
With other students. Packet Tracer offers an effective, interactive environment for learning
networking concepts and protocols. Most importantly, Packet Tracer helps students and
instructors create their own virtual “network worlds “for exploration, experimentation, and
explanation of networking concepts and technologies.
Figure 1. Packet Tracer’s drag-and-drop interface allows students to configure
And validate system architecture
Page | 14
Key Features
Packet Tracer Workspaces: Cisco Packet Tracer has two workspaces—logical and physical. The
logical workspace allows users to build logical network topologies by placing, connecting, and
clustering virtual network devices. The physical workspace provides a graphical physical
Dimension of the logical network, giving a sense of scale and placement in how network
devices such as routers, switches, and hosts would look in a real environment. The physical view
also provides geographic representations of networks, including multiple cities, buildings, and
wiring closets.
Page | 15
Figure 3. The physical workspace provides a graphical view of the logical network
Packet Tracer Modes:
Cisco Packet Tracer provides two operating modes to visualize the behavior of a network—real-
time mode and simulation mode. In real-time mode the network behaves as real devices do, with
immediate real-time response for all network activities. The real-time mode gives students a
viable alternative to real equipment and allows them to gain configuration practice before
working with real equipment. In simulation mode the user can see and control time intervals, the
Inner workings of data transfer, and the propagation of data across a network. This helps students
understand the fundamental concepts behind network operations. A solid understanding of
network fundamentals can help accelerate learning about related concepts.
Page | 16
Protocols:
Cisco Packet Tracer supports the following protocols:
CHAPTER-3: IP-ADDRESSING, Subnet-mask, default gateway
Page | 17
IP ADDRESSING
Everything that is connected to the internet will have an internet protocol (IP) address, a
numerical label that acts much like any address, in that it enables the correct delivery of
something – in this case, data. It is what allows you to connect to the right web page when typing
a URL into your browser (the numerical IP address is translated to and from the alphabetical
URL by the Domain Name System, or DNS for short) and for email to reach you when someone
hits send.
The public IP address you are allocated by your ISP may be permanent (static) or temporary
(dynamic), the latter being picked from a pool of available addresses owned by the ISP for the
duration of your session. Businesses tend to have a static IP so that they can easily set up servers
and remote connections; home users are more likely to have a dynamic IP. Every bit of
connected kit behind your router will have a private IP address, but it's the public one that the
router uses when making that internet connection that leaves an online footprint.
An Internet Protocol (IP) address is a numerical identification that is assigned to devices
Participating in a computer network utilizing the Internet Protocol for communication between
its nodes.
• The format of an IP address is a 32-bit numeric address written as four numbers separated by
Periods. Each number can be zero to 255.
• Mine is 10.2.201.72
SUBNET MASK
• A portion of the network's computers and network devices that have a common, designated IP
address routing prefix.
• A mask used to determine what subnet an IP address belongs to.
• An IP address has two components, the network address and the host address
• Hostel-2 subnet is 255.255.0.0, so allowed ip-addresses are 10.2.xxx.xxx
DEFAULT GATEWAY
• A node (a router) on a computer network that serves as an access point to another network.
Page | 18
• Viewed simply as an entry point and an exit point in a network.
• A default gateway is used by a host when an IP packet's destination address belongs to
Some place outside the local subnet.
• Hostel-2 has a computer: 10.2.250.1
DEFAULT GATEWAY CONTD
CHAPTER 4: Hub, Switches ,Bridges,Routers,Gateway
HUB
Networks using a Star topology require a central point for the devices to connect. Originally this
device was called a concentrator since it consolidated the cable runs from all network devices.
The basic form of concentrator is the hub.
Page | 19
As shown in Figure; the hub is a hardware device that contains multiple, independent ports that
match the cable type of the network. Most common hubs interconnect Category 3 or 5 twisted-
pair cable with RJ-45 ends, although Coax BNC and Fiber Optic BNC hubs also exist. The hub
is considered the least common denominator in device concentrators. Hubs offer an inexpensive
option for transporting data between devices, but hubs don't offer any form of intelligence. Hubs
can be active or passive.
An active hub strengthens and regenerates the incoming signals before sending the data on to its
destination.
Passive hubs do nothing with the signal.
SWITCHES
Switches are a special type of hub that offers an additional layer of intelligence to basic,
physical-layer repeater hubs. A switch must be able to read the MAC address of each frame it
receives. This information allows switches to repeat incoming data frames only to the computer
or computers to which a frame is addressed. This speeds up the network and reduces congestion.
Page | 20
Switches operate at both the physical layer and the data link layer of the OSI Model.
BRIDGES
A bridge is used to join two network segments together, it allows computers on either segment
to access resources on the other. They can also be used to divide large networks into smaller
segments. Bridges have all the features of repeaters, but can have more nodes, and since the
network is divided, there is fewer computers competing for resources on each segment thus
improving network performance.
Bridges can also connect networks that run at different speeds, different topologies, or different
protocols. But they cannot, join an Ethernet segment with a Token Ring segment, because these
use different networking standards. Bridges operate at both the Physical Layer and the MAC
sublayer of the Data Link layer. Bridges read the MAC header of each frame to determine on
which side of the bridge the destination device is located, the bridge then repeats the
transmission to the segment where the device is located.
ROUTERS
Routers are networking devices used to extend or segment networks by forwarding packets from
one logical network to another. Routers are most often used in large internetworks that use the
TCP/IP protocol suite and for connecting TCP/IP hosts and local area networks (LANs) to the
Internet using dedicated leased lines.
Page | 21
Routers work at the network layer (layer 3) of the Open Systems Interconnection (OSI) reference
model for networking to move packets between networks using their logical addresses (which, in
the case of TCP/IP, are the IP addresses of destination hosts on the network). Because routers
operate at a higher OSI level than bridges do, they have better packet-routing and filtering
capabilities and greater processing power, which results in routers costing more than bridges.
Routing tables
Routers contain internal tables of information called routing tables that keep track of all known
network addresses and possible paths throughout the internetwork, along with cost of reaching
each network. Routers route packets based on the available paths and their costs, thus taking
advantage of redundant paths that can exist in a mesh topology network.
Because routers use destination network addresses of packets, they work only if the configured
network protocol is a routable protocol such as TCP/IP or IPX/SPX. This is different from
bridges, which are protocol independent. The routing tables are the heart of a router; without
them, there's no way for the router to know where to send the packets it receives.
Unlike bridges and switches, routers cannot compile routing tables from the information in the
data packets they process. This is because the routing table contains more detailed information
than is found in a data packet, and also because the router needs the information in the table to
process the first packets it receives after being activated. A router can't forward a packet to all
possible destinations in the way that a bridge can.
Static routers: These must have their routing tables configured manually with all network
addresses and paths in the internetwork.
Dynamic routers: These automatically create their routing tables by listening to network traffic.
Page | 22
Routing tables are the means by which a router selects the fastest or nearest path to the next
"hop" on the way to a data packets final destination. This process is done through the use of
routing metrics.
Routing metrics which are the means of determining how much distance or time a packet will
require to reach the final destination. Routing metrics are provided in different forms.
Hop is simply a router that the packet must travel through.
GATEWAYS
A gateway is a device used to connect networks using different protocols. Gateways operate at
the network layer of the OSI model. In order to communicate with a host on another network, an
IP host must be configured with a route to the destination network. If a configuration route is not
found, the host uses the gateway (default IP router) to transmit the traffic to the destination host.
The default t gateway is where the IP sends packets that are destined for remote networks. If no
default gateway is specified, communication is limited to the local network. Gateways receive
data from a network using one type of protocol stack, removes that protocol stack and
repackages it with the protocol stack that the other network can use.
Examples
E-mail gateways-for example, a gateway that receives Simple Mail Transfer Protocol (SMTP) e-
mail, translates it into a standard X.400 format, and forwards it to its destination
Gateway Service for NetWare (GSNW), which enables a machine running Microsoft Windows
NT Server or Windows Server to be a gateway for Windows clients so that they can access file
and print resources on a NetWare server
Gateways between a Systems Network Architecture (SNA) host and computers on a TCP/IP
network, such as the one provided by Microsoft SNA Server
A packet assembler/disassembler (PAD) that provides connectivity between a local area network
(LAN) and an X.25 packet-switching network.
CHAPTER 6: RIP Version 1, RIP version 2
RIP version 1
The original specification of RIP, defined in RFC 1058, uses classful routing. The periodic
routing updates do not carry subnet information, lacking support for variable length subnet
Page | 23
masks (VLSM). This limitation makes it impossible to have different-sized subnets inside of the
same network class. In other words, all subnets in a network class must have the same size.
There is also no support for router authentication, making RIP vulnerable to various attacks.
RIPv1 Operation
RIP defines two types of messages.
1. Request Message
2. Response Message
When a RIP router comes up, it sends a broadcast Request Message on all of its RIP enabled
interfaces. All the neighboring routers which receive the Request message respond back with the
Response Message containing their Routing table. The Response Message is also gratuitously
sent when the Update timer expires. On receiving the Routing table, the router processes each
entry of the routing table as per the following rules
1. If there are no route entry matching the one received then the route entry is added to the
routing table automatically, along with the information about the router from which it
received the routing table
2. If there are matching entry but the hop count metric is lower than the one already in its
routing table, then the routing table is updated with the new route.
3. If there are matching entry but the hop count metric is higher than the one already in its
routing table, then the routing entry is updated with hop count of 16 (infinite hop). The
packets are still forwarded to the old route. A Hold-down timer is started and all the
updates for that from other routers are ignored. If after the Hold-down timer expires and
still the router is advertising with the same higher hop count then the value is updated
into its routing table. Only after the timer expires, the updates from other routers are
accepted for that route.
RIP VERSION 2
Due to the deficiencies of the original RIP specification, RIP version 2 (RIPv2) was developed in
1993 and last standardized in 1998.It included the ability to carry subnet information, thus
supporting Classless Inter-Domain Routing (CIDR). To maintain backward compatibility, the
Page | 24
hop count limit of 15 remained. RIPv2 has facilities to fully interoperate with the earlier
specification if all Must Be Zero protocol fields in the RIPv1 messages are properly specified. In
addition, a compatibility switch feature allows fine-grained interoperability adjustments.
In an effort to avoid unnecessary load on hosts that do not participate in routing,
RIPv2 multicasts the entire routing table to all adjacent routers at the address 224.0.0.9, as
opposed to RIPv1 which uses broadcast. Unicast addressing is still allowed for special
applications. Route tags were also added in RIP version 2. This functionality allows for routes to
be distinguished from internal routes to external redistributed routes from EGP protocols.
Lab experiment for rip protocol connection
Lab Prerequisites
If you are using GNS3 than load the Free CCNA Workbook GNS3 topology than start
devices; R1, R2 and R3.
Establish a console session with devices R1, R2 and R3 than load the initial
configurations provided below by copying the config from the textbox and pasting it into
the respected routers console.
!##################################################
!# Free CCNA Workbook Lab 7-2 R1 Initial Config #
!##################################################
!
enable
configure terminal
Page | 25
!
hostname R1
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.10.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.122 point-to-point
description ### FRAME RELAY LINK TO R2 ###
ip address 10.70.12.1 255.255.255.252
frame-relay interface-dlci 122
!
interface Serial0/0
no shut
!
interface Serial0/1
description ### PPP Link TO R2 ###
ip address 10.70.21.1 255.255.255.252
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut
!
exit
Page | 26
!
router rip
network 10.0.0.0
!
end
!##################################################
!# Free CCNA Workbook Lab 7-2 R2 Initial Config #
!##################################################
!
enable
configure terminal
!
hostname R2
!
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.20.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.221 point-to-point
description ### FRAME RELAY LINK TO R1 ###
ip address 10.70.12.2 255.255.255.252
frame-relay interface-dlci 221
!
interface Serial0/0.223 point-to-point
Page | 27
description ### FRAME RELAY LINK TO R3 ###
ip address 10.70.23.1 255.255.255.252
frame-relay interface-dlci 223
!
interface Serial0/0
no shut
exit
!
interface Serial0/1
description ### PPP LINK TO R1 ###
ip address 10.70.21.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut
exit
!
router rip
network 10.0.0.0
!
End
!##################################################
!# Free CCNA Workbook Lab 7-2 R3 Initial Config #
!##################################################
!
enable
configure terminal
!
hostname R3
!
Page | 28
interface Loopback0
description ### SIMULATED NETWORK ###
ip address 10.70.30.1 255.255.255.0
!
interface Serial0/0
description ### PHYSICAL FRAME RELAY INTERFACE ###
no ip address
encapsulation frame-relay
serial restart-delay 0
no frame-relay inverse-arp
!
interface Serial0/0.322 point-to-point
description ### FRAME RELAY LINK TO R2 ###
ip address 10.70.23.2 255.255.255.252
frame-relay interface-dlci 322
!
interface Serial0/0
no shut
exit
!
router rip
network 10.0.0.0
!
End
R1>enable
R1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#end
R1#
Page | 29
R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#end
R2#
R3>enable
R3#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#end
R3#
Objective 2. – Verify that all routes are propagating properly in the network from R1 to R2 and
from R3 to R2 using show ip route. Verify IP connectivity using ping sourced from the
10.70.20.0/24 network to the 10.70.10.0/24 and 10.70.30.0/24 networks
R2#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 7 subnets, 2 masks
C 10.70.12.0/30 is directly connected, Serial0/0.221
C 10.70.23.0/30 is directly connected, Serial0/0.223
Page | 30
C 10.70.21.0/30 is directly connected, Serial0/1
R 10.70.30.0/24 [120/1] via 10.70.23.2, 00:00:04, Serial0/0.223
C 10.70.20.0/24 is directly connected, Loopback0
R 10.70.10.0/24 [120/1] via 10.70.21.1, 00:00:27, Serial0/1
[120/1] via 10.70.12.1, 00:00:21, Serial0/0.221
R 10.56.10.0/30 [120/1] via 10.70.21.1, 00:00:27, Serial0/1
[120/1] via 10.70.12.1, 00:00:21, Serial0/0.221
R2#ping 10.70.10.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.70.10.1, timeout is 2 seconds:
Packet sent with a source address of 10.70.20.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/54/144 ms
R2#ping 10.70.30.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.70.30.1, timeout is 2 seconds:
Packet sent with a source address of 10.70.20.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/60/128 ms
R2#
Page | 31
CHAPTER7:Interior-Gateway-Routing-Protocol(IGRP), Enhanced Interior Gateway Routing Protocol(EIGRP)
INTERIOR GATEWAY ROUTING PROTOCOL (IGRP)
is a distance vector interior routing protocol (IGP) invented by Cisco. It is
used by routers to exchange routing data within an autonomous system.
IGRP is a proprietary protocol. IGRP was created in part to overcome the limitations
of RIP (maximum hop count of only 15, and a single routing metric) when used within large
networks. IGRP supports multiple metrics for each route,
including bandwidth, delay, load, MTU, and reliability; to compare two routes these metrics are
combined together into a single metric, using a formula which can be adjusted through the use of
pre-set constants. By default, the IGRP composite metric is a sum of the segment delays and the
lowest segment bandwidth. The maximum hop count of IGRP-routed packets is 255 (default
100), and routing updates are broadcast every 90 seconds (by default). IGRP uses port number 9
for communication.[
IGRP is considered a classful routing protocol. Because the protocol has no field for a subnet
mask, the router assumes that all subnetwork addresses within the same Class A, Class B, or
Class C network have the same subnet mask as the subnet mask configured for the interfaces in
question. This contrasts with classless routing protocols that can use variable length subnet
masks. Classful protocols have become less popular as they are wasteful of IP address space.
The following diagram shows our lab setup. We have three routers, three switches and three
hosts connected as below. The host names, IP addresses and the interfaces of the routers are
shown in diagram. The IP addresses of the hosts are also shown in the diagram.
Page | 32
Hostname and IP address configuration in Router 01
Connect to Router01 console and use the following IOS commands to configure host name as
Router01.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname Router01
Router01(config)#
Use the following IOS commands to open the fast ethernet interface Fa0/0 configuration mode
on Router01 and configure IP address as 172.16.0.1/16.
Router01>enable Router01#configure terminal Enter configuration commands, one per line. End
with CNTL/Z.
Router01(config)#interface fa0/0
Router01(config-if)#ip address 172.16.0.1 255.255.0.0
Router01(config- if)#no shutdown
Page | 33
Use the following IOS commands to open the serial interface S0/0 configuration mode on
Router01 and configure IP address as 172.17.0.1/16. You have to set a clock rate also using the
"clock rate" command on S0/0 interface, since this is the DCE side.
Router01>enable
Router01#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router01(config)#interface s0/0
Router01(config- if)#clock rate 64000
Router01(config- if)#ip address 172.17.0.1 255.255.0.0
Router01(config- if)#no shutdown
Do remember to run the "copy running-config startup-config" command from enable mode, if
you want to save the changes you have made in the router.
Hostname and IP address configuration in Router02
Connect to Router02 console and use the following IOS commands to configure host name as
Router02.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname Router02
Router02(config)#
Page | 34
Use the following IOS commands to open the fast ethernet interface Fa0/0 configuration mode
on Router02 and configure IP address as 172.18.0.1/16.
Router02>enable
Router02#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router02(config)#interface fa0/0
Router02(config- if)#ip address 172.18.0.1 255.255.0.0
Router02(config- if)#no shutdown
Use the following IOS commands to open the serial interface S0/0 configuration mode on
Router02 and configure IP address as 172.17.0.2/16.
Router02>enable
Router02#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router02(config)#interface s0/0
Router02(config- if)#ip address 172.17.0.2 255.255.0.0
Router02(config- if)#no shutdown
Use the following IOS commands to open the serial interface S0/1 configuration mode on
Router02 and configure IP address as 172.19.0.1/16. You have to set a clock rate also using the
"clock rate" command on S0/1 interface, since this is the DCE side.
Router02>enable
Router02#configure terminal
Page | 35
Enter configuration commands, one per line. End with CNTL/Z.
Router02(config)#interface s0/1
Router02(config- if)#clock rate 64000
Router02(config- if)#ip address 172.19.0.1 255.255.0.0
Router02(config- if)#no shutdown
Do remember to run the "copy running-config startup-config" command from enable mode, if you
want to save the changes you have made in the router.
Hostname and IP address configuration in Router03
Connect to Router03 console and use the following IOS commands to configure host name as
Router03.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname Router03
Router03(config)#
Use the following IOS commands to open the fast ethernet interface Fa0/0 configuration mode
on Router03 and configure IP address as 172.20.0.1/16.
Router03>enable
Router03#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Page | 36
Router03(config)#interface fa0/0
Router03(config- if)#ip address 172.20.0.1 255.255.0.0
Router03(config- if)#no shutdown
Use the following IOS commands to open the serial interface S0/1 configuration mode on
Router03 and configure IP address as 172.19.0.2/16.
Router03>enable
Router03#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router03(config)#interface s0/1
Router03(config- if)#ip address 172.19.0.2 255.255.0.0
Router03(config- if)#no shutdown
Do remember to run the "copy running-config startup-config" command from enable mode, if
you want to save the changes you have made in the router.
Interior Gateway Routing Protocol (IGRP) configuration in Router01
Connect to Router01 console and use the following IOS commands to configure Interior
Gateway Routing Protocol (IGRP) in Router01. Please refer the beginning of this lesson to view
the Interior Gateway Routing Protocol (IGRP) configuration IOS command.
In the IOS "network" command, shown below, we specify only the directly connected networks
of this router.
Router01>enable
Page | 37
Router01#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router01(config)# router igrp 1
Router01(config-router)# network 172.16.0.0
Router01(config-router)# network 172.17.0.0
Router01(config-router)#exit
Router01(config)#exit
Router01#
Do remember to run the "copy running-config startup-config" command from enable mode, if
you want to save the changes you have made in the router.
Interior Gateway Routing Protocol (IGRP) configuration in Router02
Connect to Router02 console and use the following IOS commands to configure Interior
Gateway Routing Protocol (IGRP) in Router02. Please refer the beginning of this lesson to view
the Interior Gateway Routing Protocol (IGRP) configuration IOS command.
In the IOS "network" command, shown below, we specify only the directly connected networks
of this router.
Router02>enable
Router02#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router02(config)# router igrp 1
Page | 38
Router02(config-router)# network 172.17.0.0
Router02(config-router)# network 172.18.0.0
Router02(config-router)# network 172.19.0.0
Router02(config-router)#exit
Router02(config)#exit
Router02#
Do remember to run the "copy running-config startup-config" command from enable mode, if
you want to save the changes you have made in the router.
Interior Gateway Routing Protocol (IGRP) configuration in Router03
Connect to Router03 console and use the following IOS commands to configure Interior
Gateway Routing Protocol (IGRP) in Router03. Please refer the beginning of this lesson to view
the Interior Gateway Routing Protocol (IGRP) configuration IOS command.
In the IOS "network" command, shown below, we specify only the directly connected networks
of this router.
Router03>enable
Router03#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router03(config)# router igrp 1
Router03(config-router)# network 172.19.0.0
Page | 39
Router03(config-router)# network 172.20.0.0
Router03(config-router)#exit
Router03(config)#exit
Router03#
Do remember to run the "copy running-config startup-config" command from enable mode, if
you want to save the changes you have made in the router.
How to view the routing table in Router01
After the network is converged after the initial configuration and Interior Gateway Routing
Protocol (IGRP) configuration, we can use the "show ip route" to view the routing table in
Router01, as shown below.
Router01>enable
Router01#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Page | 40
Gateway of last resort is not set
C 172.16.0.0/16 is directly connected, FastEthernet0/0
C 172.17.0.0/16 is directly connected, Serial0/0
I 172.18.0.0/16 [120/1] via 172.17.0.2, 00:00:22, Serial0/0
I 172.19.0.0/16 [120/1] via 172.17.0.2, 00:00:22, Serial0/0
I 172.20.0.0/16 [120/2] via 172.17.0.2, 00:00:22, Serial0/0
The "I" character at the beginning of a line in routing table shows that it is a route discovered
byInterior Gateway Routing Protocol (IGRP) and "C" character shows that it is a directly
connected network.
How to view the routing table in Router02
When the network is converged after the initial configuration and Interior Gateway Routing
Protocol (IGRP) configuration, we can use the "show ip route" to view the routing table in
Router02, as shown below.
Router02>enable
Router02#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
Page | 41
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
172.16.0.0/16 [120/1] via 172.17.0.1, 00:00:07, Serial0/0
C 172.17.0.0/16 is directly connected, Serial0/0
C 172.18.0.0/16 is directly connected, FastEthernet0/0
C 172.19.0.0/16 is directly connected, Serial0/1
I 172.20.0.0/16 [120/1] via 172.19.0.2, 00:00:20, Serial0/1
I 172.16.0.0/16 [120/1] via 172.17.0.1, 00:00:20, Serial0/0
The "I" character at the beginning of a line in routing table shows that it is a route discovered by
Interior Gateway Routing Protocol (IGRP) and "C" character shows that it is a directly connected
network.
How to view the routing table in Router03
When the network is converged after the initial configuration and Interior Gateway Routing
Protocol (IGRP) configuration, we can use the "show ip route" to view the routing table in
Router03, as shown below.
Router03>enable
Router03#show ip route
Page | 42
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
I 172.16.0.0/16 [120/2] via 172.19.0.1, 00:00:02, Serial0/1
I 172.17.0.0/16 [120/1] via 172.19.0.1, 00:00:02, Serial0/1
I 172.18.0.0/16 [120/1] via 172.19.0.1, 00:00:02, Serial0/1
C 172.19.0.0/16 is directly connected, Serial0/1
C 172.20.0.0/16 is directly connected, FastEthernet0/0
The "I" character at the beginning of a line in routing table shows that it is a route discovered by
Interior Gateway Routing Protocol (IGRP) and "C" character shows that it is a directly connected
network.
connectivity between networks using the ping command
To verify the Interior Gateway Routing Protocol (IGRP) routes and the connectivity between
networks, run the ping command from Host01 (IP address: 172.16.0.10/16) to Host03 (IP
address: 172.20.0.10/16).
Page | 43
C:\>ping 172.20.0.10
Pinging 172.20.0.10 with 32 bytes of data:
Reply from 172.20.0.10: bytes=32 time=172ms TTL=125
Reply from 172.20.0.10: bytes=32 time=188ms TTL=125
Reply from 172.20.0.10: bytes=32 time=157ms TTL=125
Reply from 172.20.0.10: bytes=32 time=188ms TTL=125
Ping statistics for 172.20.0.10:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 157ms, Maximum = 188ms, Average = 176ms
The ping reply from Host03 (IP address: 172.20.0.10/16) shows that the Interior Gateway
Routing Protocol (IGRP) is configured well in three routers and there is network connectivity
between different networks.
ENHANCED INTERIOR GATEWAY ROUTING PROTOCOL
(EIGRP) Enhanced Interior Gateway Routing Protocol (EIGRP) is an advanced distance-vector
routing protocol designed by Cisco Systems. It is an enhanced version of Cisco's earlier Interior
Gateway Routing Protocol (IGRP). In March 2013, Cisco claimed that EIGRP would be made an
open standard.[1]
EIGRP differs from many other distance-vector routing protocols by providing incremental
routing updates and backwards compatibility with Cisco's IGRP. It is optimised to reduce routing
instability (this often occurs after topology changes), the amount of bandwidth consumed by
routing updates and the processing power used by the router. Most of the routing optimizations
are based on the Diffusing Update Algorithm (DUAL) work from SRI, which guarantees loop-
free operation and provides mechanisms for fast convergence. EIGRP determines the metric of a
path based on load, delay, reliability and MTU.
Page | 44
Dynamic routes using internal EIGRP have a default administrative distance of 90 and external
EIGRP routes have a default administrative distance of 170.
To configure any router double click on it and select CLI.To configure this topology use this step
by step guide.
(1841Router0) Hostname R1
To configure and enable eigrp routing on R1 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R1
R1(config)#interface fastethernet 0/0
R1(config- if)#ip address 10.0.0.1 255.0.0.0
R1(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config- if)#exit
R1(config)#interface serial 0/0/0
R1(config- if)#ip address 20.0.0.1 255.0.0.0
R1(config- if)#clock rate 64000
Page | 45
R1(config- if)#bandwidth 64
R1(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to down
R1(config- if)#exit
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
R1(config)#router eigrp 1
R1(config-router)#network 10.0.0.0
R1(config-router)#network 20.0.0.0
R1(config-router)#exit
R1(config)#
(2620XM-Router1) Hostname R2 To configure and enable eigrp routing on R2 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#interface serial 0/0
R2(config- if)#ip address 20.0.0.2 255.0.0.0
R2(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R2(config- if)#exit
R2(config)#interface fastethernet 0/0
R2(config- if)#ip address 30.0.0.1 255.0.0.0
R2(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
R2(config- if)#exit
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2(config)#router eigrp 1
R2(config-router)#network 20.0.0.0
R2(config-router)#network 30.0.0.0
Page | 46
R2(config-router)#exit
R2(config)#
(2620XM-Router2) Hostname R3 To configure and enable eigrp routing on R3 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R3
R3(config)#interface fastethernet 0/0
R3(config- if)#ip address 30.0.0.2 255.0.0.0
R3(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R3(config- if)#interface serial 0/0
R3(config- if)#ip address 40.0.0.1 255.0.0.0
R3(config- if)#clock rate 64000
R3(config- if)#bandwidth 64
R3(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to down
R3(config- if)#exit
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R3(config)#router eigrp 1
R3(config-router)#network 30.0.0.0
R3(config-router)#network 40.0.0.0
R3(config-router)#exit
R3(config)#
(2811Router3) Hostname R4 To configure and enable eigrp routing on R4 follow these commands exactly.
Router>enable
Page | 47
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface serial 0/0/0
Router(config- if)#ip address 40.0.0.2 255.0.0.0
Router(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
Router(config- if)#exit
Router(config)#interface fastethernet 0/0
Router(config- if)#ip address 50.0.0.1 255.0.0.0
Router(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config- if)#exit
R3(config)#router eigrp 1
R3(config-router)#network 30.0.0.0
R3(config-router)#network 40.0.0.0
R3(config-router)#exit
R3(config)#
PC-1
PC>ipconfig
IP Address......................: 10.0.0.2
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 10.0.0.1
PC>ping 50.0.0.2
Pinging 50.0.0.2 with 32 bytes of data:
Reply from 50.0.0.2: bytes=32 time=156ms TTL=124
Page | 48
Reply from 50.0.0.2: bytes=32 time=127ms TTL=124
Reply from 50.0.0.2: bytes=32 time=156ms TTL=124
Reply from 50.0.0.2: bytes=32 time=140ms TTL=124
Ping statistics for 50.0.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 127ms, Maximum = 156ms, Average = 144ms
PC>
PC-2
PC>ipconfig
IP Address......................: 50.0.0.2
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 50.0.0.1
PC>ping 10.0.0.2
Pinging 10.0.0.2 with 32 bytes of data:
Reply from 10.0.0.2: bytes=32 time=140ms TTL=124
Reply from 10.0.0.2: bytes=32 time=141ms TTL=124
Reply from 10.0.0.2: bytes=32 time=157ms TTL=124
Reply from 10.0.0.2: bytes=32 time=156ms TTL=124
Ping statistics for 10.0.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 140ms, Maximum = 157ms, Average = 148ms
R4#show ip protocols
Routing Protocol is "ospf 4"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 50.0.0.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Page | 49
Maximum path: 4
Routing for Networks:
50.0.0.0 0.255.255.255 area 0
40.0.0.0 0.255.255.255 area 0
Routing Information Sources:
Gateway Distance Last Update
40.0.0.1 110 00:01:26
Distance: (default is 110)
R4#
You can use show ip route command to troubleshoot eigrp network. If you did not see
information about any route checks the router attached with that network.
R4#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
O 10.0.0.0/8 [110/1564] via 40.0.0.1, 00:02:37, Serial0/0/0
O 20.0.0.0/8 [110/1563] via 40.0.0.1, 00:02:37, Serial0/0/0
O 30.0.0.0/8 [110/782] via 40.0.0.1, 00:02:37, Serial0/0/0
C 40.0.0.0/8 is directly connected, Serial0/0/0
C 50.0.0.0/8 is directly connected, FastEthernet0/0
R4#
Page | 50
CHAPTER 8: Open Shortest Path First(OSPF)
OPEN SHORTEST PATH FIRST(OSPF)
OSPF is an interior gateway protocol that routes Internet Protocol (IP) packets solely within a
single routing domain (autonomous system). It gathers link state information from available
routers and constructs a topology map of the network. The topology determines the routing table
presented to the Internet Layer which makes routing decisions based solely on the destination IP
address found in IP packets. OSPF was designed to support variable-length subnet
masking (VLSM) or Classless Inter-Domain Routing (CIDR) addressing models.
OSPF detects changes in the topology, such as link failures, and converges on a new loop-free
routing structure within seconds. It computes the shortest path tree for each route using a method
based on Dijkstra's algorithm, a shortest path first algorithm.
The OSPF routing policies to construct a route table are governed by link cost factors (external
metrics) associated with each routing interface. Cost factors may be the distance of a router
(round-trip time), network throughput of a link, or link availability and reliability, expressed as
simple unitless numbers. This provides a dynamic process of traffic load balancing between
routes of equal cost.
An OSPF network may be structured, or subdivided, into routing areas to simplify administration
and optimize traffic and resource utilization. Areas are identified by 32-bit numbers, expressed
either simply in decimal, or often in octet-based dot-decimal notation, familiar from IPv4 address
notation.By convention, area 0 (zero) or 0.0.0.0 represents the core or backbone region of an
OSPF network. The identifications of other areas may be chosen at will; often, administrators
select the IP address of a main router in an area as the area's identification. Each additional area
must have a direct or virtual connection to the backbone OSPF area. Such connections are
maintained by an interconnecting router, known as area border router (ABR). An ABR maintains
separate link state databases for each area it serves and maintains summarized routes for all areas
in the network.OSPF does not use a TCP/IP transport protocol (UDP, TCP), but is encapsulated
directly in IP datagrams with protocol number 89. This is in contrast to other routing protocols,
such as the Routing Information Protocol (RIP), or the Border Gateway Protocol (BGP). OSPF
handles its own error detection and correction functions.
OSPF uses multicast addressing for route flooding on a broadcast domain. For non-broadcast
networks special provisions for configuration facilitate neighbor discovery. OSPF multicast IP
Page | 51
packets never traverse IP routers (never traverse Broadcast Domains), they never travel more
than one hop. OSPF reserves the multicast addresses 224.0.0.5 for IPv4 or FF02::5 for IPv6 (all
SPF/link state routers, also known as AllSPFRouters) and 224.0.0.6 for IPv4 or FF02::6 for IPv6
(all Designated Routers, AllDRouters), as specified in RFC 2328 and RFC 5340.
Configuring OSPF is slightly different from configuring RIP. When configuring OSPF, use the
following syntax:
Router(config)# router ospf process_ID
Router(config-router)# network IP_address wildcard_mask area area_#
The process_ID is locally significant and is used to differentiate between OSPF processes
running on the same router. Your router might be a boundary router between two
OSPF autonomous systems, and to differentiate them on your router, you will give them unique
process IDs. Note that these numbers do not need to match between different routers so they
have nothing to do with autonomous system numbers.
To configure any router double click on it and select CLI.To configure this topology use this step
by step guide.
(1841Router0) Hostname R1
To configure and enable ospf routing on R1 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Page | 52
Router(config)#hostname R1
R1(config)#interface fastethernet 0/0
R1(config- if)#ip address 10.0.0.1 255.0.0.0
R1(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R1(config- if)#exit
R1(config)#interface serial 0/0/0
R1(config- if)#ip address 20.0.0.1 255.0.0.0
R1(config- if)#clock rate 64000
R1(config- if)#bandwidth 64
R1(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to down
R1(config- if)#exit
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
R1(config)#router ospf 1
R1(config-router)#network 10.0.0.0 0.255.255.255 area 0
R1(config-router)#network 20.0.0.0 0.255.255.255 area 0
R1(config-router)#exit
R1(config)#
(2620XM-Router1) Hostname R2
To configure and enable ospf routing on R2 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R2
R2(config)#interface serial 0/0
R2(config- if)#ip address 20.0.0.2 255.0.0.0
R2(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
Page | 53
R2(config- if)#exit
R2(config)#interface fastethernet 0/0
R2(config- if)#ip address 30.0.0.1 255.0.0.0
R2(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
R2(config- if)#exit
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R2(config)#router ospf 2
R2(config-router)#network 20.0.0.0 0.255.255.255 area 0
R2(config-router)#network 3
00:03:10: %OSPF-5-ADJCHG: Process 2, Nbr 20.0.0.1 on Serial0/0 from
LOADING to FULL, Loading Done0.0.0.0 0.255.255.255 area 0
R2(config-router)#network 30.0.0.0 0.255.255.255 area 0
R2(config-router)#exit
R2(config)#
(2620XM-Router2)Hostname R3
To configure and enable ospf routing on R3 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#hostname R3
R3(config)#interface fastethernet 0/0
R3(config- if)#ip address 30.0.0.2 255.0.0.0
R3(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
R3(config- if)#interface serial 0/0
R3(config- if)#ip address 40.0.0.1 255.0.0.0
R3(config- if)#clock rate 64000
R3(config- if)#bandwidth 64
R3(config- if)#no shutdown
Page | 54
%LINK-5-CHANGED: Interface Serial0/0, changed state to down
R3(config- if)#exit
%LINK-5-CHANGED: Interface Serial0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to up
R3(config)#router ospf 3
R3(config-router)#network 40.0.0.0 0.255.255.255 area 0
R3(config-router)#network 30.0.0.0 0.255.255.255 area 0
00:04:53: %OSPF-5-ADJCHG: Process 3, Nbr 30.0.0.1 on FastEthernet0/0 from
LOADING to FULL, Loading D
R3(config-router)#exit
R3(config)#
%SYS-5-CONFIG_I: Configured from console by console
R3#
(2811Router3) Hostname R4
To configure and enable ospf routing on R4 follow these commands exactly.
Router>enable
Router#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router(config)#interface serial 0/0/0
Router(config- if)#ip address 40.0.0.2 255.0.0.0
Router(config- if)#no shutdown
%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state to up
Router(config- if)#exit
Router(config)#interface fastethernet 0/0
Router(config- if)#ip address 50.0.0.1 255.0.0.0
Router(config- if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed state to up
Router(config- if)#exit
R4(config)#router ospf 4
Page | 55
R4(config-router)#network 50.0.0.0 0.255.255.255 area 0
R4(config-router)#network 40.0.0.0 0.255.255.255 area 0
R4(config-router)#
00:06:32: %OSPF-5-ADJCHG: Process 4, Nbr 40.0.0.1 on Serial0/0/0 from
LOADING to FULL, Loading Done
R4(config-router)#exit
R4(config)#
PC-1
PC>ipconfig
IP Address......................: 10.0.0.2
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 10.0.0.1
PC>ping 50.0.0.2
Pinging 50.0.0.2 with 32 bytes of data:
Reply from 50.0.0.2: bytes=32 time=156ms TTL=124
Reply from 50.0.0.2: bytes=32 time=127ms TTL=124
Reply from 50.0.0.2: bytes=32 time=156ms TTL=124
Reply from 50.0.0.2: bytes=32 time=140ms TTL=124
Ping statistics for 50.0.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 127ms, Maximum = 156ms, Average = 144ms
PC>
PC-2
PC>ipconfig
IP Address......................: 50.0.0.2
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 50.0.0.1
PC>ping 10.0.0.2
Page | 56
Pinging 10.0.0.2 with 32 bytes of data:
Reply from 10.0.0.2: bytes=32 time=140ms TTL=124
Reply from 10.0.0.2: bytes=32 time=141ms TTL=124
Reply from 10.0.0.2: bytes=32 time=157ms TTL=124
Reply from 10.0.0.2: bytes=32 time=156ms TTL=124
Ping statistics for 10.0.0.2:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 140ms, Maximum = 157ms, Average = 148ms
You can verify that ospf is running successfully via show ip protocols command in privilege
mode.
R4#show ip protocols
Routing Protocol is "ospf 4"
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Router ID 50.0.0.1
Number of areas in this router is 1. 1 normal 0 stub 0 nssa
Maximum path: 4
Routing for Networks:
50.0.0.0 0.255.255.255 area 0
40.0.0.0 0.255.255.255 area 0
Routing Information Sources:
Gateway Distance Last Update
40.0.0.1 110 00:01:26
Distance: (default is 110)
R4#
You can use show ip oute command to troubleshoot ospf network. If you did not see information
about any route checks the router attached with that network.
R4#show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
Page | 57
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default, U - per-user static route, o - ODR
P - periodic downloaded static route
Gateway of last resort is not set
O 10.0.0.0/8 [110/1564] via 40.0.0.1, 00:02:37, Serial0/0/0
O 20.0.0.0/8 [110/1563] via 40.0.0.1, 00:02:37, Serial0/0/0
O 30.0.0.0/8 [110/782] via 40.0.0.1, 00:02:37, Serial0/0/0
C 40.0.0.0/8 is directly connected, Serial0/0/0
C 50.0.0.0/8 is directly connected, FastEthernet0/0
R4#
To test ospf routing do ping from pc1 to pc2 and vice versa.
CHAPTER 9: Virtual LAN ,VLAN trunking protocol
VIRTUAL LAN
In computer networking, a single layer-2 network may be partitioned to create multiple
distinct broadcast domains, which are mutually isolated so that packets can only pass between
them via one or more routers; such a domain is referred to as a Virtual Local Area
Network, Virtual LAN or VLAN.
This is usually achieved on switch or router devices. Simpler devices only support partitioning
on a port level (if at all), so sharing VLANs across devices requires running dedicated cabling
for each VLAN. More sophisticated devices can mark packets through tagging, so that a single
interconnect (trunk) may be used to transport data for various VLANs.
Grouping hosts with a common set of requirements regardless of their physical location by
VLAN can greatly simplify network design. A VLAN has the same attributes as a physical local
area network (LAN), but it allows for end stations to be grouped together more easily even if
Page | 58
they are not on the same network switch. VLAN membership can be configured through
software instead of physically relocating devices or connections. Most enterprise-level networks
today use the concept of virtual LANs. Without VLANs, a switch considers all interfaces on the
switch to be in the same broadcast domain.
To physically replicate the functions of a VLAN would require a separate, parallel collection of
network cables and equipment separate from the primary network. However, unlike physically
separate networks, VLANs share bandwidth, so VLAN trunks may require aggregated
links and/or quality of service prioritization.
Switch>?
Exec commands:
[1-99] Session number to resume
connect Open a terminal connection
disconnect Disconnect an existing network connection
enable Turn on privileged commands
exit Exit from the EXEC
logout Exit from the EXEC
ping Send echo messages
[Output is omitted]
Three command can be used to logout from terminal.
Switch>enable
Switch#disable
Switch>exit
Switch con0 is now available
Press RETURN to get started.
show version Command will display the device platform, detected interface, ios name
Page | 59
Switch>enable
Switch#show version
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version
12.2(25)FX, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2005 by Cisco Systems, Inc.
Compiled Wed 12-Oct-05 22:05 by pt_team
ROM: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)FX,
RELEASE SOFTWARE (fc4)
System returned to ROM by power-on
Cisco WS-C2960-24TT (RC32300) processor (revision C0) with
21039K bytes of memory.
24 FastEthernet/IEEE 802.3 interface(s)
2 Gigabit Ethernet/IEEE 802.3 interface(s)
[Output is omitted]
show mac address Command will show all detected mac address dynamically and manually
Switch#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0001.643a.5501 DYNAMIC Gig1/1
To view run time configuration of RAM use show running-config command
Switch#show running-config
Building configuration...
Current configuration : 925 bytes
version 12.2
no service password-encryption
!
hostname Switch
Page | 60
[Output is omitted]
To view startup configuration [ Stored in NVRAM] use show startup-config command
Switch#show startup-config
Current configuration : 925 bytes
version 12.2
no service password-encryption
!
hostname Switch
[Output is omitted]
To get information about VLAN configuration use show vlan command
Switch#show vlan
VLAN Name Status Ports
---- -------------------------------- --------- -----------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24
[Output is omitted]
show interface command will show all detected interface with their hardware description and
configuration
Switch#show interfaces
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Lance, address is 0060.2f9d.9101 (bia 0060.2f9d.9101)
MTU 1500 bytes, BW 100000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Page | 61
[Output is omitted]
interface vlan 1 is used to assign ip address and default gateway to switch. Show interface vlan
1 will give a over view of vlan1.
Switch#show interface vlan1
Vlan1 is administratively down, line protocol is down
Hardware is CPU Interface, address is 0060.5c23.82ae
(bia 0060.5c23.82ae)
MTU 1500 bytes, BW 100000 Kbit, DLY 1000000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
ARP type: ARPA, ARP Timeout 04:00:00
[Output is omitted]
delete command is used to delete all vlan configuration from switch Don’t add space between
flash and vlan.dat Run this exactly shown here adding a space could erase flash entirely leaving
switch blank
Switch#delete flash:vlan.dat
Delete filename [vlan.dat]?
Delete flash:/vlan.dat? [confirm]
%deleting flash:/vlan.dat
Startup configuration can be removed by erase commands
Switch#erase startup-config
Erasing the nvram filesystem will remove all configuration files!
Continue? [confirm]
[OK]
Erase of nvram: complete
%SYS-7-NV_BLOCK_INIT: Initialized the geometry of nvram
use configure terminal command to go in global configuration mode
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Now change default switch name to switch 1
Switch(config)#hostname Switch1
Page | 62
Set enable password to vinita and secret to nikki
Switch1(config)#enable password vinita
Switch1(config)#enable secret nikki
Set console password to vinita and enable it by login command. Order of command is important.
Set password before you enable it.
Switch1(config)#line console 0
Switch1(config-line)#password vinita
Switch1(config-line)#login
Switch1(config-line)#exit
Enable 5 telnet session [ vty0 - vty4] for router and set their password to vinita
Switch1(config)#line vty 0 4
Switch1(config-line)#password vinita
Switch1(config-line)#login
Switch1(config-line)#exit
Now set switch ip address to 192.168.0.10 255.255.255.0 and default gateway to 192.168.0.5
Switch1(config)#interface vlan1
Switch1(config-if)#ip address 192.168.0.10 255.255.255.0
Switch1(config-if)#exit
Switch1(config)#ip default-gateway 192.168.0.5
Set a description finance VLAN to interface fast Ethernet 1
Switch1(config)#interface fastEthernet 0/1
Switch1(config-if)#description finance VLAN
By default switch automatically negotiate speed and duplex but you can adjust it manually
Switch1(config-if)#duplex full
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1,
changed state to downSwitch1
(config- if)#duplex auto
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
Switch1(config-if)#duplex half
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to down
Page | 63
%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1,
changed state to down
%LINK-5-CHANGED: Interface FastEthernet0/1, changed state to up
Switch1(config-if)#duplex auto
Switch1(config-if)#speed 10
Switch1(config-if)#speed 100
Switch1(config-if)#speed auto
Switch1(config-if)#exit
Switch1(config)#exit
mac address table can be wiped out by clear commands
Switch1#show
Switch1#show mac-address-table
Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0001.643a.5501 DYNAMIC Gig1/1
Switch1#clear mac-address-table
Switch1#clear mac-address-table ?
dynamic dynamic entry type
Switch1#clear mac-address-table dynamic
To restart switch use reload command [ running configuration will be erased so copy it first to
startup configuration ]
Switch1#reload
Proceed with reload? [confirm]
Switch con0 is now available
Press RETURN to get started.
Page | 64
VLAN Trunking Protocol
VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that propagates the definition of
Virtual Local Area Networks (VLAN) on the whole local area network. To do this, VTP carries
VLAN information to all the switches in a VTP domain. VTP advertisements can be sent
over ISL, 802.1Q, IEEE 802.10and LANE trunks. VTP is available on most of
the Cisco Catalyst Family products.
The comparable IEEE standard in use by other manufacturers can be implemented with GVRP or
the more recent MVRP.
Configure VTP Server
We will first create a VTP Server so it can automatically propagate VLAN information to other
switch. Double click on Switch1 and select CLI. Set hostname to S1 and create VTP domain
name example and set password to vinita ( Remember password is case sensitive ).
Switch 1
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S1
S1(config)#vtp mode server
Device mode already VTP SERVER.
S1(config)#vtp domain example
Page | 65
Changing VTP domain name from NULL to example
S1(config)#vtp password vinita
Setting device VLAN database password to vinita
Configure VTP clients
Once you have created a VTP domain. Configure remaining Switch to Client mode.
Switch 2
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S2
S2(config)#vtp mode client
Setting device to VTP CLIENT mode.
S2(config)#vtp domain example
Changing VTP domain name from NULL to example
S2(config)#vtp password vinita
Setting device VLAN database password to vinita
S2(config)#
Switch 3
Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S3
S3(config)#vtp mode client
Setting device to VTP CLIENT mode.
S3(config)#vtp domain example
Changing VTP domain name from NULL to example
S3(config)#vtp password vinita
Setting device VLAN database password to vinita
S3(config)#
Page | 66
CHAPTER 10 : ENCAPSULATION
ENCAPSULATION
In computer networking, encapsulation is a method of designing modular communication
protocols in which logically separate functions in the network are abstracted from their
underlying structures by inclusion or information hiding within higher level objects.
The physical layer is responsible for physical transmission of the data. Link encapsulation allows
local area networking and IP provides global addressing of individual computers; UDP adds
application or process selection, i.e., the port specifies the service such as a Web or TFTP server.
In discussions of encapsulation, the more abstract layer is often called the upper layer protocol
while the more specific layer is called the lower layer protocol. Sometimes, however, the terms
upper layer protocols and lower layer protocols are used to describe the layers above and below
IP, respectively.
Encapsulation is a characteristic feature of most networking models, including both the OSI
Model and TCP/IP suite of protocols.
Encapsulation can be done through HDLC and PPP
HDLC frames can be transmitted over synchronous or asynchronous links. Those links have no
mechanism to mark the beginning or end of a frame, so the beginning and end of each frame has
to be identified. This is done by using a frame delimiter, or flag, which is a unique sequence of
bits that is guaranteed not to be seen inside a frame. This sequence is '01111110', or,
in hexadecimal notation, 0x7E. Each frame begins and ends with a frame delimiter. A frame
delimiter at the end of a frame may also mark the start of the next frame. A sequence of 7 or
more consecutive 1-bits within a frame will cause the frame to be aborted.
When no frames are being transmitted on a simplex or full-duplex synchronous link, a frame
delimiter is continuously transmitted on the link. Using the standard NRZI encoding from bits to
line levels (0 bit = transition, 1 bit = no transition), this generates one of two continuous
waveforms, depending on the initial state:
POINT TO POINT PROTOCOL(PPP)
Page | 67
This is used by modems to train and synchronize their clocks via phase-locked loops. Some
protocols allow the 0-bit at the end of a frame delimiter to be shared with the start of the next
frame delimiter, i.e. '011111101111110'.
For half-duplex or multi-drop communication, where several transmitters share a line, a receiver
on the line will see continuous idling 1-bits in the inter-frame period when no transmitter is
active.
Since the flag sequence could appear in user data, such sequences must be modified during
transmission to keep the receiver from detecting a false frame delimiter. The receiver must also
detect when this has occurred so that the original data stream can be restored before it is passed
to higher layer protocols. This can be done using bit stuffing, in which a "0" is added after the
occurrence of every "11111" in the data. When the receiver detects these "11111" in the data, it
removes the "0" added by the transmitter.In networking, the Point-to-Point Protocol (PPP) is
a data link protocol commonly used in establishing a direct connection between two networking
nodes. It can provide connection authentication, transmission encryption and compression.
PPP is used over many types of physical networks including serial cable, phone line, trunk
line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also
used over Internet access connections (now marketed as "broadband"). Internet service
providers (ISPs) have used PPP for customer dial-up access to the Internet, since IP packets
cannot be transmitted over a modem line on their own, without some data link protocol. Two
derivatives of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point ProtocoL
over ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish
a Digital Subscriber Line (DSL) Internet service connection with customers.
PPP is commonly used as a data link layer protocol for connection
over synchronous and asynchronous circuits, where it has largely superseded the older Serial
Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access
Protocol, Balanced (LAPB) in the X.25protocol suite). PPP was designed to work with
numerous network layer protocols, including Internet Protocol (IP), TRILL,
Novell's Internetwork Packet Exchange (IPX), NBF and AppleTalk.
Page | 68
ACCESS CONTROL LIST(ACL)
An access control list (ACL) is a table that tells a computer operating system which access rights
each user has to a particular system object, such as a file directory or individual file. Each object
has a security attribute that identifies its access control list. The list has an entry for each system
user with access privileges. The most common privileges include the ability to read a file (or all
the files in a directory), to write to the file or files, and to execute the file (if it is an executable
file, or program). Microsoft Windows NT/2000, Novell'sNetWare, Digital's OpenVMS,
and UNIX-based systems are among the operating systems that use access control lists. The list
is implemented differently by each operating system.
In Windows NT/2000, an access control list (ACL) is associated with each system object. Each
ACL has one or more access control entries (ACEs) consisting of the name of a user or group of
users. The user can also be a role name, such as "programmer," or "tester." For each of these
users, groups, or roles, the access privileges are stated in a string of bits called an access mask.
Generally, the system administrator or the object owner creates the access control list for an
object.
CHAPTER 11: TELNET
TELNET
In networking, the Point-to-Point Protocol (PPP) is a data link protocol commonly used in
establishing a direct connection between two networking nodes. It can provide
connection authentication, transmission encryption , and compression.
PPP is used over many types of physical networks including serial cable, phone line, trunk
line, cellular telephone, specialized radio links, and fiber optic links such as SONET. PPP is also
used over Internet access connections (now marketed as "broadband"). Internet service
providers (ISPs) have used PPP for customer dial-up access to the Internet, since IP packets
cannot be transmitted over a modem line on their own, without some data link protocol. Two
derivatives of PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol
over ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs) to establish
a Digital Subscriber Line (DSL) Internet service connection with customers.
PPP is commonly used as a data link layer protocol for connection
over synchronous and asynchronous circuits, where it has largely superseded the older Serial
Page | 69
Line Internet Protocol (SLIP) and telephone company mandated standards (such as Link Access
Protocol, Balanced (LAPB) in the X.25protocol suite). PPP was designed to work with
numerous network layer protocols, including Internet Protocol (IP), TRILL,
Novell's Internetwork Packet Exchange (IPX), NBF and AppleTalk.
CHAPTER 12: NETWORK ADDRESS TRANSLATION
NETWORK ADDRESS TRANSLATION
In computer networking, Network Address Translation (NAT) is the process of modifying IP
address information in IPv4 headers while in transit across a traffic routing device.
The simplest type of NAT provides a one-to-one translation of IP addresses. RFC 263 refers to
this type of NAT as basic NAT, which is often also called a one-to-one NAT. In this type of
NAT only the IP addresses, IP header checksum and any higher level checksums that include the
IP address are changed. The rest of the packet is left untouched (at least for basic TCP/UDP
functionality; some higher level protocols may need further translation). Basic NATs can be used
to interconnect two IP networks that have incompatible addressing.
However, it is common to hide an entire IP address space, usually consisting of private IP
addresses, behind a single IP address (or in some cases a small group of IP addresses) in another
(usually public) address space. To avoid ambiguity in the handling of returned packets, a one-to-
many NAT must alter higher level information such as TCP/UDP ports in outgoing
communications and must maintain a translation table so that return packets can be correctly
translated back. RFC 2663 uses the term NAPT (network address and port translation) for this
type of NAT. Other names include PAT (port address translation), IP masquerading, NAT
Overload and many-to-one NAT. Since this is the most common type of NAT it is often referred
to simply as NAT.
As described, the method enables communication through the router only when the conversation
originates in the masqueraded network, since this establishes the translation tables. For example,
a web browser in the masqueraded network can browse a website outside, but a web browser
outside could not browse a web site in the masqueraded network. However, most NAT devices
today allow the network administrator to configure translation table entries for permanent use.
Page | 70
This feature is often referred to as "static NAT" or port forwarding and allows traffic originating
in the "outside" network to reach designated hosts in the masqueraded network.
In the mid-1990s NAT became a popular tool for alleviating the consequences of IPv4 address
exhaustion. It has become a common, indispensable feature in routers for home and small-office
Internet connections. Most systems using NAT do so in order to enable multiple hosts on
a private network to access the Internet using a single public IP address.
Network address translation has serious drawbacks in terms of the quality of Internet
connectivity and requires careful attention to the details of its implementation. In particular, all
types of NAT break the originally envisioned model of IP end-to-end connectivity across the
Internet and NAPT makes it difficult for systems behind a NAT to accept incoming
communications. As a result, NAT traversal methods have been devised to alleviate the issues
encountered.
CHAPTER13:Challenge Handshake protocol(CHAP) ,Password Authentication Protocol(PAP)
Password authentication protocol
A password authentication protocol (PAP) is an authentication protocol that uses a password.
PAP is used by Point to Point Protocol to validate users before allowing them access to server
resources. Almost all network operating system remote servers support PAP.
PAP transmits unencrypted ASCII passwords over the network and is therefore considered
insecure. It is used as a last resort when the remote server does not support a stronger
authentication protocol, like CHAP or EAP (the latter is actually a framework).Password-based
authentication is the protocol where two entities share a password in advance and use the
password as the basis of authentication. Existing password authentication schemes can be
categorized into two types: weak-password authentication schemes and strong-password
authentication schemes. When compared to strong-password schemes, weak-password schemes
tend to have lighter computational overhead, the designs are simpler, and implementation is
easier, making them especially suitable for some constrained environments.
Page | 71
Challenge-Handshake Authentication Protocol
Challenge-Handshake Authentication Protocol (CHAP) authenticates a user or network host
to an authenticating entity. That entity may be, for example, an Internet service provider. CHAP
is specified in RFC 1994.
CHAP provides protection against replay attacks by the peer through the use of an incrementally
changing identifier and of a variable challenge-value. CHAP requires that both the client and
server know the plaintext of the secret, although it is never sent over the network. The MS-
CHAP variant does not require either peer to know the plaintext, but has been broken. [1] Thus,
CHAP provides better security as compared to Password Authentication Protocol (PAP).
CHAPTER 14: INTERNET PROTOCOL VERSION 6
INTERNET PROTOCOL VERSION 6(IPV6)
Internet Protocol version 6 (IPv6) is the latest revision of the Internet Protocol (IP),
the communications protocol that provides an identification and location system for computers
on networks and routes traffic across the Internet. IPv6 was developed by the Internet
Engineering Task Force (IETF) to deal with the long-anticipated problem of IPv4 address
exhaustion. IPv6 is intended to replace IPv4, which still carries the vast majority of Internet
traffic as of 2013.[1] As of September 2013, the percentage of users reaching Google services
over IPv6 surpassed 2% for the first time.
Every device on the Internet must be assigned an IP address in order to communicate with other
devices. With the ever-increasing number of new devices being connected to the Internet, the
need arose for more addresses than IPv4 is able to accommodate. IPv6 uses a 128-bit address,
allowing 2128, or approximately 3.4×1038 addresses, or more than 7.9×1028 times as many as
IPv4, which uses 32-bit addresses. IPv4 allows only approximately 4.3 billion addresses. The
two protocols are not designed to be interoperable, complicating the transition to IPv6. IPv6
addresses are represented as eight groups of four hexadecimal digits separated by colons, for
example 2001:0db8:85a3:0042:1000:8a2e:0370:7334, but methods of abbreviation of this full
notation exist.
Page | 72