Project Report Ccna

DECLARATION

I hereby declare that the project work entitled CCNA (OSI, TCP/IP Models & Basics of

Routing) is an authentic record of my own work carried out at Netmax Technologies,

Chandigarh as requirement of six weeks industrial training for the award of B.Tech.

Degree in Electronics and Communication, under the guidance of Mr Navdeep Mangal

(Director Netmax Technologies, Chd.)

SHAINI SACHDEVA

80406106016

ECE

This is to certify that the above statement made by the candidate is correct to the best of

our knowledge & belief.

(Name & Designation)

TRAINING & PLACEMENT OFFICER, ECE

The INDUSTRIAL TRAINING Viva-Voce Examination of SHAINI SACHDEVA has

been held on ……………….......... and accepted.

(Name & Designation)

EXTERNAL EXAMINER

2

Abstract

The enterprise network is the lifeblood of any Small to Medium Enterprise (SME) with

more than one site or supply chain partner. It enables access to business information and

allows for profitable and effective communication flows between employees in different

enterprise sites. Network enterprise network equipment is mature and ubiquitous, but the

quality of services provided by similar networks varies from city to city and from country

to country.

In particular, the quality variation gap between most of the cities in some developing

nations and their counterparts in advanced nations is very wide. This is due to the lack in

developing nations of an adequate IT infrastructure, which is taken for granted in

developed nations. Planning an enterprise network in a developing nation is almost like

planning it in the middle of a desert. This project briefly discusses the architecture of an

enterprise network. It examines the barriers to planning, designing and implementing an

enterprise network. This project also covers the methods to implement enterprise level

networks.

In this project we will start from working basic router configuration then covering the

Routing technologies required to route data between branches.

After that we have implement WAN and Frame-relay is considered a good choice

because it connects multiple location using single interface of router and reduce the

hardware costs.

For Internet connectivity we are also using frame relay. In this setup NAT is very

essential in which we have translate live IP into local and vice-versa.

In short we can say a lot of technologies are studied and implemented for the successful

completion of the project.

Following list of technologies that are required in this project.

Administration of router

Routing

Types of routing

Benefits of static and dynamic routing

Scalability of networks

5

LIST OF USED DEVICES & TECHNOLOGIES CONFIGURED

Cisco router

Core layer switch

Distribution layer switch

Access layer switches

TECHNOLOGIES TO CREATE NETWORK

Router

IP Addressing

Routing

Core Switch

VTP server

VLAN database

Trunk Links

Spanning Tree Configuration

Configuring IP & Gateway

VLAN Port Membership

Distribution Switches

VTP Client

Configuring IP & Gateway

Trunk Link Configuration

VLAN Port Membership

6

ACKNOWLEDGEMENT

Thanking and feeling obliged indicates that we believe in someone else’s existence rather

than in the Divine who rules everything. When we feel obliged, then we are not honoring

the principles of the Divine karma. We should appreciate people for what they are and not

thank them for what they do… We should be grateful to people for what they are and not

for their acts. Now, it is really a long journey, going back in the past times and making a

big list of names for appreciation and gratitude.

Industrial Training is an important aspect of engineering. Through this training the

student learns to conduct himself/herself in environment of the industry. This training is

also helpful in acquiring the required technical knowledge. I am pursued my training at

Netmax Technologies, Chandigarh. I learned a lot at this place. I really feel the deepest

gratitude towards my supervisor, Mr Navdeep Mangal (Director, Netmax Technologies).

His immense love has been of great value to me. Without his unrivalled guidance,

constant encouragement, painstaking efforts, keen observance, benevolent attention the

present dissertation work would have remained futile. He really has the ability to make a

laidback person the foremost one.

I am deeply grateful to our training and placement officer Mr Inderjeet Singh Gill and

all my respected teachers of Shaheed Bhagat Singh College of Engg. & Tech,

Ferozepur for their smile, support, calm and soothing attitude, which yielded peace of

mind during my busy work hours.

The biggest appreciation and gratitude is towards my seniors, who were brave enough to

share their views, keep a vision on my work and who made the task of compiling the

dissertation an easy way out for me. I salute these grand masters, filled with knowledge,

patience and above all love. They were tolerant and uncomplaining all the times and

calmed and supported me, when I needed them the most. They never retraced their steps

in the hour of need and were ready with their helping hands for all the times.

I offer appreciation to all these great people of my life, for what they are. May they all

win laurels and their names are glorified and honored. Needless to say, the more I direct

my thoughts positively and feel genuinely thankful, I find that the more I get to

experience good results.

SHAINI SACHDEVA

80406106016

7

PREFACE

Practical training constitutes an integral part of engineering studies. The training gives an

opportunity to the students to express themselves to the industrial environment which is

quite different from the teaching classroom. The training enables the student to work in

the future. It enables the student to undergo those experiences which help them later when

they join an organization.

Industrial training is a major part of course. It is period in which we are introduced to the

industrial environment or in other words we can say that industrial training is provided for

the familiarization with the industrial environment, with the advancement in computer

technologies and increased automation in the industries for increasing their production. In

organization where Making Things Right in the first instance is the driving motto,

perfection and accuracy are inevitable.

Excellence is an attitude that the whole of the human race is born with. It is the

environment that makes sure that whether the result of this attitude is visible or otherwise.

A well planned, properly executed and evaluated industrial training helps a lot in

inculcating a professional attitude. It provides a linkage between the student and industry

to develop an awareness of industrial approach to problem solving, based on a broad

understanding of process and mode of operation of organization. The objective of training

is to raise the level of performance on one or more of its aspects and this may be achieved

by providing new knowledge and information relevant to a job.

During this period, the students get the real, firsthand experience for working in the actual

environment. Most of the theoretical knowledge that has been gained during the course of

their studies is put to test here. It covers all the remains uncovered in the classroom i.e.

without it our studies remains ineffective and incomplete. Apart from this, the students

get an opportunity to learn the latest technology, which immensely helps them in building

their carrier.

I had the opportunity to have a real experience on many ventures, which increased my

sphere of knowledge to a great extent. I was entrusted with a real life project, working on

which had finally made me step into the ongoing technology and gradually become a part

of it. And all the credit goes to NETMAX TECHNOLOGIES, CHANDIGARH for

providing me the opportunity and facility for the making of this dissertation. I availed this

instance in a very satisfactory manner and think it will be very beneficial for me in

building my future.

8

COMPANY PROFILE

Netmax Technologies is an organization which is established in the field of Network

Support, Network training, Software training and Embedded systems.

In Education we have strategic alliance with Pearson VUE and Parametric. We are

authorized Testing Partner of REDHAT & Cisco. We are also NOVELL EDUCATION

PARTNER with which we provide NOVELL and SUSE LINUX courses. Netmax

Technologies also conduct courses in CADENCE based design tools.

Netmax Technologies also provide Technical Research & Development support and

consultancy to some Electronics companies.

Our clients for R&D support in field of embedded systems.

Recorders and Medicare ltd Chandigarh.

TELEBOX India ltd.

Lotus Machines Pvt. Ltd. Chandigarh.

Impearl Electronics Pvt. Ltd. Chandigarh.

KANTA Electrical Ltd. Mohali.

The partial list of our client for network field is as below:

CEDTI, Mohali

Premier ISP, Chandigarh

Innovative Solutions, Chandigarh

Emmtel ISP, Chandigarh

NIPER, Mohali

Navik Technologies, Chandigarh

Software Technology Parks India, Mohali

Glide Internet Services

Rana Group

IDS

HFCL Infotel Ltd.

Targus Technologies Pvt. ltd

STPI, Mohali

BBMB

The Tribune

9

OUR TEAM

Presently we have a strong technical team of certified professionals for catering to these

solutions and have presence in Chandigarh and Punjab. We have skilled team of

engineers who are experienced in design, programming. We are having more than 15

engineers who are having prestigious certifications like CCNA, CCNP, CCSP, CCSA,

MCSE, RHCE, C, C++, JAVA and PhP MySql Programming.

Support Area (network solutions)

a. LINUX / UNIX networks

b. SUN networks

c. CISCO devices (Routers, Switches, Firewalls, Cache Engine, RAS etc)

d. Bandwidth Manager software and hardware

e. Radio Links

f. Security Solutions

Netmax-Technologies provide the following Courses in IT & Embedded Systems given

below:

Network Training

a. CISCO CCNA, CCNP, CCSP, CCIE

b. RED HAT LINUX

c. SUN SOLARIS

d. WINDOWS 2000, 2003 (MCP, MCSA & MCSE)

e. SUSE LINUX

Software Training

a. C++

b. C

c. JAVA

d. PhP My Sql Programming

e. 1 year Diploma in System administration & Networking.

Design Services (Embedded systems)

a) AVR family

b) MCS 51

c) ELECTRONIC SYSTEM DESIGN

10

Our core strength is our commitment, technical expertise and cost effective solutions. We

ensure high service levels and prompt support availability leading to lower downtime.

Netmax Technologies is a leader in education services and developer of innovative

embedded solutions. To meet the demands of Post PC era Netmax provides complete

solutions as well as design-to-order services to satisfy our customers.

For NetMax Technologies

Navdeep Mangal

Sonika Mangal

+9888070008, +9888435109.

Head Office

NetMax Technologies

SCO 58-59

Sector 34A

Chandigarh

0172-4644644

Branch Office

NetMax Technologies

SCO 198-200

Sector 34A

Chandigarh

0172-2608351

11

Contents Page No.

Declaration………………………………………………………………………….....2

Certificate……………………………………………………………………………...3

Abstract…………………………………………………………………………….…4-5

Acknowledgement………………………………………………….....…………….....6

Preface………………………………………………………………………………....7

Company Profile…………………………………………………………………..…8-10

List of Figures…………………………………………………………………………14

List of Tables……………………………………………………………………...…..15

Abbreviations…………………………………………………………………………16

1. Networking…………………………………………………………………17-231.1 Network………………………………………………………………….17

1.2 LAN……………………………………………………………………...17

1.3 WAN……………………………………………………………………..17

1.4 Devices…………………………………………………………………...17

1.4.1 Hub……………………………………………………………17-18

1.4.2 Switch…………………………………………………………18-

19

1.4.3 Bridge…………………………………………………………19-20

1.4.4 Router…………………………………………………………….20

1.4.5 Lan Card………………………………………………………….21

1.5 UTP (Unshielded Twisted Pair)………………………………………21-23

1.6 Administrator model for networking…………………………………….23

2. OSI (Open Systems Interconnection) Model…………………………………24-29

2.1 OSI Model……………………………………………………………….24

2.1.1 Layer 1: The Physical Layer………………………………………….24-25

2.1.2 Layer 2: The Data Link Layer…………………………………………...25

2.1.3 Layer 3: The Network Layer……………………………………………25

2.1.4 Layer 4: Transport Layer…………………………………………….25-27

12

2.1.5 Layer 5:.Session Layer………………………………………………27-28

2.1.6 Layer 6: The Presentation Layer……………………………………….28

2.1.7 Layer 7: The Application Layer………………………………………..28

2.1.8 Data Encapsulation……………………………………………………..29

3. TCP/IP Model……………………………………………………………….30-32

3.1 TCP/IP MODEL………………………………………………………...30

3.1.1 LAYER 1:- Application Layer………………………………….30

3.1.2 LAYER 2:- Transport Layer…………………………………31-32

3.1.3 LAYER 3 Internet Layer………………………………………...32

4. IP Routing……………………………………………………………………33-42

4.1 ROUTER………………………………………………………………...33

4.2 Routing………………………………………………………………33-34

4.3 IP Addressing……………………………………………………………34

4.3.1 Class A Addresses……………………………………………34-35

4.3.2. Class B Addresses……………………………………………….35

4.3.3 Class C Addresses……………………………………………35-36

4.3.4. Class D Addresses……………………………………………36-37

4.3.5 Class E Addresses……………………………………………….37

4.4 IP Routing…………………………………………………………….....37

4.5 Routing Process…………………………………………………….....37-

38

4.6 Router Access Modes……………………………………………………38

4.6.1 User mode……………………………………………………......39

4.6.2 Privileged mode………………………………………………….39

4.6.3 Global configuration……………………………………………..39

4.6.4 Line configuration mode…………………………………………39

4.6.5 Interface configuration mode…………………………………….39

4.6.6 Routing configuration mode……………………………………...40

4.7 Configuring Password……………………………………………………40

4.7.1 Console Password………………………………………………..40

4.7.2 Vty Password…………………………………………………….40

4.7.3 Auxiliary Password………………………………………………40

13

4.7.4 Enable Password…………………………………………………40

4.7.5 Enable Secret Password………………………………………….41

4.7.6 Encryption all passwords………………………………………...41

4.8 Managing Configuration……………………………………………...41-42

5 Types Of Routing……………………….……………………………………43-64

5.1 Static Routing………………………………………………………………..43

5.1.1 Steps to perform static routing……………………………….….43

5.1.2 Advantages of static routing………………………………….…43

5.1.3 Disadvantages of static routing……………………………….…43

5.1.4 Alternate command to specify static route……………………...44

5.1.5 Backup route or loading static route…………………………44-45

5.2 Default Routing………………………………………………………....46

5.3 Dynamic Routing……………………………………………………….47

5.3.1 Types of Dynamic Routing Protocols……………………….47-58

5.3.2 Autonomous system…………………………………………58-59

5.3.3 Open Shortest Path First……………………………………..59-61

5.3.4 OSPF Hierarchical Model…………………………………….…61

5.3.5 LSA Flooding in OSPF………………………………………62-64

6 Access Control List…………………………………………………………...65-69

6.1 ACL……………………………………………………………….…65

6.2 Classification Access Control List…………………………….…65

6.3 Flow chart of Inbound ACL……………………………….….…66

6.4 IP Standard ACL (Numbered)………………………………..66-67

6.5 IP Standard ACL (Named)…………………………………..67-68

6.6 IP Extended ACL (Numbered)………………………………68-69

7 LAN Switching………………………………………………………………70-73

7.1 LAN Switching………………………………………………70-71

7.2 VLAN (Virtual LAN)………………………………………...71-73

Conclusion………………………………………………………………………………..74

Bibliography……………………………………………………………………………...75

14

List of Figures

1.1. PCS’ CONNECTED VIA HUB………………………………………………….18

1.2 PCS’ CONNECTED VIA SWITCH……………………………………………..19

1.3 PCS’ CONNECTED VIA BRIDGE…………………………………………….20

1.4 DIFFERENT N/Ws CONNECTED VIA ROUTER……………………………20

1.5 Internal Network Interface Card…………………………………………………21

1.6 PCMCIA Network Interface Card……………………………………………….21

1.7 UTP………………………………………………………………………………21

1.8 Cross & Straight Cable…………………………………………………………...22

1.9 RJ 45 Connector………………………………………………………………….22

1.10 Networking Model……………………………………………………………….23

2.1 OSI MODEL……………………………………………………………………..24

2.2 Windowing……………………………………………………………………….26

2.3 3 Way hand shaking………………………………………….…………………..27

2.4 Connection Oriented Communication……………………………………………28

3.1 TCP/IP MODEL………………………………………………………………….30

3.2 TCP Header………………………………………………………………………31

4.1 Routing Process………………………………………………………………......38

4.2 Router access modes……………………………………………………………..38

5.1 Static routing……………………………………………………………………..45

5.2 Default routing…………………………………………………………………...46

5.3 Distance vector routing…………………………………………………………..47

5.4 Flash updates……………………………………………………………………..50

5.5 Split horizon……………………………………………………………………...50

5.6 Configuring RIP………………………………………………………………….52

5.7 Autonomous system……………………………………………………………...59

5.8 Router ID…………………………………………………………………………60

5.9 Autonomous system……………………………………………………………...60

5.10 OSPF Hierarchical Model………………………………………………………..61

5.11 LSA Flooding in OSPF…………………………………………………………..62

5.12 OSPF……………………………………………………………………………..63

6.1 Flow chart of Inbound ACL……………………………………………………..66

6.2 Configuring ACL…………………………………………………………….......67

15

List of Tables

1.1 Pin Configuration………………………………………………………………22

16

ABBREVIATIONS

n/w Network

LAN Local Area Network

WAN Wide Area Network

CSMA/CD Carrier Sense Multiple Access/ Collision Detection

CSMA/CA Carrier Sense Multiple Access/ Collision Avoidance

ISDN Integrated Services Digital Network (ISDN)

OSI Open Systems Interconnection

TCP/IP Transmission Control Protocol/Internet Protocol

NIC Network Interface Card

MAC Media Access Control

IETF Internet Engineering Task Force

EXEC EXECUTION

VTY (Virtual Telet Ype)

VLAN VIRTUAL Local Area Network

BGP Border Gateway Protocol

EIGRP Enhanced Interior Gateway Routing Protocol

IGRP Interior Gateway Routing Protocol

OSPF Open Shortest Path First

RIP Routing Information Protocol

MTU Maximum Transmission Unit

VLSM Variable Length Subnet Mask

IOS Internetwork Operating System

CLI Command-Line Interface

17

Chapter 1

NETWORKING

1.1 Network

In one network more than one computer connected with each other through centralized

device. They can share files and resources with each other. Networks are the method to

share hardware resources and software resources. We can share the resources with the

help of operating system like windows, Linux, UNIX etc. To connect multiple networks

we have to use internetworking devices like router, bridge, layer 3, switches etc.

1.2 LAN

LAN stands for Local Area Network. The scope of the LAN is within one building, one

school or within one lab. In LAN (Hub), media access method is used CSMA/CD in

which each computer sense the carrier before sending the data over the n/w. If carrier is

free then you can transmit otherwise you have to wait or you have to listen. In multiple

accesses each computer has right that they can access each other. If two computers sense

the carrier on same time then the collision occur. Each computer in the network aware

about the collision. Now this stop transmitting and they will use back off algorithm. In

which random number is generated. This number or algorithm is used by each computer.

Who has short number or small number, he has first priority to transmit the data over the

network and other computers will wait for their turn.

1.3 WAN

WAN stands for Wide Area Network, in which two local area networks are connected

through public n/w. it may be through telecommunication infrastructure or dedicated

lines. For e.g.: - ISDN lines, Leased lines etc.

In which we can use WAN devices and WAN technology. You can also connect with

your remote area through existing Internetwork called Internet.

1.4 Devices

1.4.1 Hub

Hub is centralized device, which is used to connect multiple workstations. There are two

types of Hub: -

18

(i) Active Hub

(ii) Passive Hub

Fig. 1.1. PCS’ CONNECTED VIA HUB

It has no special kind of memory. It simply receives the frame (data) and forwards it to all

its nodes except the receiving node. It always performs broadcasting. In case of hub, there

is one collision domain and one broadcast domain. In case of hub, the media access

method is used CSMA/CD (Carrier Sense Multiple Access/Collision Detection).

Active Hub

In Active hub, it receives the frame regenerate and then forward to all its nodes.

Passive Hub

In Passive hub, it simply receives the frame and forward to all its connected

nodes.

We cannot perform LAN segmentation using hub.

1.4.2 Switch

Switch is also used to connect multiple workstations. Switch is more intelligent than hub.

It has special kind of memory called mac address/filter/lookup table. Switch reads mac

addresses. Switch stores mac addresses in its filter address table. Switch when receives

frame, it reads the destination mac address and consult with its filter table. If he has entry

19

in its filter table then he forwards the frame to that particular mac address, if not found

then it performs broadcasting to all its connected nodes.

Every port has its own buffer memory. A port has two queues one is input queue and

second is output queue. When switch receives the frame, the frame is received in input

queue and forward from output queue. So in case of switch there is no chance or place for

collisions. In case of switch, the media access method is used CSMA/CA (Carrier Sense

Multiple Access/ Collision Avoidance). Switches provide more efficiency, more speed

and security.

Fig. 1.2 PCS’ CONNECTED VIA SWITCH

There are two types of switches: -

I. Manageable switches (can be configured with console cable).

II. Non-manageable switches.

We can perform LAN segmentation by using switches.

1.4.3 Bridge

Bridge is a hardware device, which is used to provide LAN segmentation means it is used

for break the collision domain. It has same functionality as performed by switch. We can

use bridge between two different topologies. It has fewer ports. Each port has a own

buffer memory. It works on Data Link Layer of OSI model. It also read mac address and

stores it in its filter table. In case of bridge there is one broadcast domain.

20

FIG. 1.3PCS’ CONNECTED VIA BRIDGE

1.4.4 Router

Router is hardware device, which is used to communicate two different networks. Router

performs routing and path determination. It does not perform broadcast information.

FIG. 1.4DIFFERENT N/Ws CONNECTED VIA ROUTER

There are two types of routers: -

I. Hardware Routers are developed by Cisco, HP.

II. Software Routers is configured with the help of routing and remote access. This

feature is offered by Microsoft. This feature is by default installed, but you have to

enable or configure it. Hardware routers are dedicated routers. They are more

efficient. But in case of software routers, it has fewer features, slow performance.

They are not very much efficient.21

1.4.5 LAN Card

LAN card is media access device. LAN card provide us connectivity in the network.

There is a RJ45 (Registered Jack) connector space on the LAN card. RJ45 is used in UTP

cable. There is another led which is also called heartbeat of LAN card. When any activity

occurs it may be receiving or transmitting any kind of data. This led start blinking and

also tells us the status of LAN card.

FIG. 1.5 Internal network interface card Fig. 1.6 PCMCIA Network interface card

1.5 UTP (Unshielded Twisted Pair)

22

FIG. 1.7UTP

Pin Configuration

Hub/Switch PC/Router/Online

Printer

Uplink

port(Hub/Switch)

1 Rx+ Tx+ Tx+

2 Rx- Tx Tx

3 Tx+ Rx+ Rx+

4 NC NC NC

5 NC NC NC

6 Tx Rx Rx

7 NC NC NC

8 NC NC NC

TABLE 1.1 Pin Configuration

Fig. 1.8 Cross & Straight Cable

Straight Cable

1 Orange white - Orange white

2 Orange - Orange

3 Green white - Green white

4 Blue - Blue

5 Blue white - Blue white

6 Green - Green

7 Brown white - Brown white

8 Brown – Brown

23

Fig. 1.9 RJ 45 Connector

Server Software Client Software

PROTOCOLStack

PROTOCOLStack

Media Media

NIC NIC

Apache,IIS,Exchange 2003,FTP Server Send Mail

Internet Explorer,Outlook Express,Yahoo messengerCute FTP

TCP/IP,IPX/SPX,AppleTalk,Netbeui

Cross Cable

1 Orange white - Green white

2 Orange - Green

3 Green white - Orange white

4 Blue - Blue

5 Blue white - Blue white

6 Green - Orange

7 Brown white - Brown white

8 Brown - Brown

1.6 Administrator model for networking

Server software: - Software which are used to giving services are server software.

Client software: - which gets services.

Fig. 1.10 Networking Model

24

Application Layer

Presentation Layer

Session Layer

Transport Layer

Network Layer

Data Link Layer

Physical Layer

Software

Protocol Stack

NIC

Media

Chapter 2

OSI (Open Systems Interconnection) Model

2.1 OSI Model

OSI model is the layer approach to design, develop and implement network.

OSI provides following advantages: -

(i) Designing of network will be standard base.

(ii) Development of new technology will be faster.

(iii) Devices from multiple vendors can communicate with each other.

(iv) Implementation and troubleshooting of network will be easy.

Fig. 2.1 OSI MODEL

2.1.1 Layer 1: The Physical Layer

The bottom layer, or Layer 1, of the OSI reference model is called the physical layer. This

layer is responsible for the transmission of the bit stream. It accepts frames of data from

Layer 2, the data link layer, and transmits their structure and content serially, one bit at a

time. Layer 1 is also responsible for the reception of incoming streams of data, one bit at

a time. These streams are then passed on to the data link layer. The physical layer, quite

25

literally, operates on only 1s and 0s. It has no mechanism for determining the significance

of the bits it transmits or receives. It is solely concerned with the physical characteristics

of electrical and/or optical signaling techniques. This includes the voltage of the electrical

current used to transport the signal, the media type and impedance characteristics, and

even the physical shape of the connector used to terminate the media. Transmission media

includes any means of actually transporting signals generated by the OSI's Layer 1

mechanisms. Some examples of transmission media are coaxial cabling, fiber-optic

cabling, and twisted-pair wiring.

2.1.2 Layer 2: The Data Link Layer

Layer 2 of the OSI reference model is called the data link layer. As all the layers do, it has

two sets of responsibilities: transmit and receive. It is responsible for providing end-to-

end validity of the data being transmitted. On the transmit side, the data link layer is

responsible for packing instructions---data---into frames. A frame is a structure

indigenous to the data link layer that contains enough information to make sure that the

data can be successfully sent across a LAN to its destination. Implicit in this definition is

that the data link layer contains its own address architecture. This addressing is only

applicable to other networked devices that reside locally on the same data link layer

domain.

2.1.3 Layer 3: The Network Layer

The network layer enables internetworking. The protocols at this layer are responsible for

establishing the route to be used between the source and destination computers. This layer

lacks any native transmission error detection/correction mechanisms and, consequently, is

forced to rely on the end-to-end reliable transmission service of either the data link layer

or the transport layer. Although some data link layer technologies support reliable

delivery, many others do not. Therefore, Layer 3 protocols (such as IP) assume that Layer

4 protocols (such as TCP) will provide this functionality rather than assume Layer 2 will

take care of it.

2.1.4 Layer 4: Transport Layer: -

Transport layer is responsible for connection oriented and connection less

communication. Transport layer also performs other functions like

(i) Error checking

26

(ii) Flow Control

Buffering

Windowing

Multiplexing

(iii) Sequencing

(iv) Positive Acknowledgement Response

(i) Error checking

Transport layer generates cyclic redundancy check (CRC) and forward the CRC value to

destination along with data. The other end will generate CRC according to data and match

the CRC value with received value. If both are same, then data is accepted otherwise

discard.

(ii) Flow Control

Flow control is used to control the flow of data during communication. For this purpose

following methods are used: -

(a) Buffer

Buffer is the temporary storage area. All the data is stored in the buffer memory

and when communication ability is available the data is forward to another.

(b) Windowing

Windowing is the maximum amounts of the data that can be send to destination

without receiving Acknowledgement. It is limit for buffer to send data without

getting Acknowledgement.

27

Fig. 2.2 Windowing

(c) Multiplexing

Multiplexing means combining small data segment, which has same destination IP

and same destination service.

(iii) Sequencing

Transport layer add sequence number to data, so that out of sequence data can be detected

and rearranged in proper manner.

(iv) Positive acknowledgement and Response

When data is send to destination, the destination will reply with acknowledgement to

indicate the positive reception of data. If acknowledgement is not received within a

specified time then the data is resend from buffer memory.

2.1.5 Layer 5:.Session Layer: -

This layer initiate, maintain and terminate sessions between different applications. Due to

this layer multiple application software can be executed at the same time.

1. Connection Oriented Communication

28

Fig. 2.3 3 Way hand shaking

Fig. 2.4 Connection Oriented Communication

2. Connection less Communication

2.1.6 Layer 6: The Presentation Layer

Layer 6, the presentation layer, is responsible for managing the way that data is encoded.

Not every computer system uses the same data encoding scheme, and the presentation

layer is responsible for providing the translation between otherwise incompatible data

encoding schemes, such as American Standard Code for Information Interchange (ASCII)

and Extended Binary Coded Decimal Interchange Code (EBCDIC).

The presentation layer can be used to mediate differences in floating-point formats, as

29

SENDER ReceiverSEND

well as to provide encryption and decryption services.

2.1.7 Layer 7: The Application Layer

The top, or seventh, layer in the OSI reference model is the application layer. Despite its

name, this layer does not include user applications. Instead, it provides the interface

between those applications and the network's services. This layer can be thought of as the

reason for initiating the communications session. For example, an email client might

generate a request to retrieve new messages from the email server. This client application

automatically generates a request to the appropriate Layer 7 protocol(s) and launches a

communications session to get the needed files.

2.1.8 Data Encapsulation

Data

Application Layer Data*

Presentation Layer Data**

Session Layer Data***

Transport Layer Transport Header | Data = Segment

Network Layer Network Header | Segment = Packet

Data Link Layer Header | Packet | Trailer = Frame

Physical Layer 1 0 = Bits

Data => Segment => Packet => Frames => Bits

30

Http Smtp Dns Ftp Tftp Telenet Ntp Snmp Ssl Rdp & many more 80 25 53 20 69 23 123 443 3389 pop3 imap

TCP UDP

Internet Protocol

ARP RARP ICMP IGMP RIP OSPF BGP

All common Lan/Wan Technologies

APS

T

N

DL

Ph

Application

Transport (Host to Host)

Internet

NetworkAccess

CHAPTER 3

TCP/IP MODEL

3.1 TCP/IP MODEL

TCP/IP is the most popular protocol stack, which consist of large no of protocol.

According to the OSI model TCP/IP consist of only four layers. TCP/IP model is

modified form of DOD (Department of Defense) model.

Fig. 3.1 TCP/IP MODEL

3.1.1 LAYER 1:- Application Layer

This layer contains a large no. of protocols. Each protocol is designed to act as server &

client. Some of protocol will need connection oriented. TCP and others may need

connection less UDP for data transfer.

Application layer use port no.’s to identity each application at Transport layer. This layer

performs most of functions, which are specified by the Application, Presentation, and

Session layer of OSI model.

31

3.1.2 LAYER 2:- Transport Layer

Two protocols are available on Transport layer

1) Transmission Control Protocol

2) User Datagram Protocol

I) Transmission Control Protocol

TCP performs connection-oriented communication. Its responsibilities are:

i) Error Checking

ii) Acknowledgement

iii) Sequencing

iv) Flow Control

v) Windowing

Fig. 3.2 TCP Header

II) User Datagram Protocol32

UDP is connection less protocol, which is responsible for error checking and

identifying applications using port numbers.

UDP HEADER (8 bytes)

3.1.3 LAYER 3 Internet Layer

The main function of Internet layer is routing and providing a single network interface to

the upper layers protocols. Upper or lower protocols have not any functions relating to

routing. To prevent this, IP provides one single network interface for the upper layer

protocols. After that it is the job of IP and the various Network Access protocols to get

along and work together. The main protocols are used in Internet layer:-

1) Internet Protocol (IP)

2) Internet Control Message Protocol (ICMP)

3) Address Resolution Protocol (ARP)

4) Reverse Address Resolution Protocol (RARP)

5) Proxy ARP

33

Bytes 4 Source port 16 bits Destination port 16 bits

4 Length 16 bits Checksum 16 bits

Data

CHAPTER 4

IP ROUTING

4.1 ROUTER

Unlike most LAN components, routers are intelligent. More importantly, they can operate

at all layers of the OSI reference model rather than just the first two. This enables them to

internetwork multiple LANs by using Layer 3 addressing.

A router must have two or more physical interfaces for interconnecting LANs and/or

WAN transmission facilities. The router learns about the addresses of machines or

networks that are somehow connected via each of its interfaces. The list of these

addresses is kept in tables that correlate Layer 3 addresses with the port numbers that they

are directly or indirectly connected to.

A router uses two types of networking protocols, both of which operate at Layer 3. These

are routable protocols and routing protocols. Routable protocols, also known as routed

protocols, are those that encapsulate user information and data into packets. An example

of a routed protocol is IP. IP is responsible for encapsulating application data for transport

through a network to the appropriate destinations.

Routing protocols are used between routers to determine available routes, communicate

what is known about available routes, and forward routed protocol packets along those

routes. The purpose of a routing protocol is to provide the router with all the information

it needs about the network to route datagram’s.

4.2 Routing

Routers are used to forward packets of data between devices that aren't necessarily

connected to the same local network. Routing is the cumulative processes that discover

paths through the network to specific destinations, compare redundant routes

mathematically, and build tables that contain routing information.

34

The router's task is easy: It has only two interfaces. Any packets received by one of its

interfaces was either delivered to the other interface or discarded as undeliverable. In this

particular case, the router may well have been replaced by a hub, bridge, switch, or any

other Layer 2 device. The router's real value lies in determining routes to destinations on

nonadjacent networks.

4.3 IP Addressing

IPv4 Address Formats

Class A Addresses

Class B Addresses

Class C Addresses

Class D Addresses

Class E Addresses

IP addressing is accompanied by a two-tiered network address, consisting of the

network's address and a host address.

4.3.1 Class A Addresses

The Class A IPv4 address was designed to support extremely large networks. As the need

for very large-scale networks was perceived to be minimal, an architecture was developed

that maximized the possible number of host addresses but severely limited the number of

possible Class A networks that could be defined.

A Class A IP address uses only the first octet to indicate the network address. The

remaining three octets enumerate host addresses. The first bit of a Class A address is

always a 0. This mathematically limits the possible range of the Class A address to 127,

which is the sum of 64 + 32 + 16 + 8 + 4 + 2 + 1. The leftmost bit's decimal value of 128

is absent from this equation. Therefore, there can only ever be 127 possible Class A IP

networks.

The last 24 bits (that is, three dotted-decimal numbers) of a Class A address represent

possible host addresses. The range of possible Class A network addresses is from 1.0.0.0

to 126.0.0.0. Notice that only the first octet bears a network address number. The

remaining three are used to create unique host addresses within each network number. As

35

such, they are set to zeroes when describing the range of network numbers.

Note Technically, 127.0.0.0 is also a Class A network address. However, it is reserved for

loop-back testing and cannot be assigned to a network.

4.3.2. Class B Addresses

The Class B addresses were designed to support the needs of moderate- to large-sized

networks. The range of possible Class B network addresses is from 128.1.0.0 to

191.254.0.0. The mathematical logic underlying this class is fairly simple. A Class B IP

address uses two of the four octets to indicate the network address. The other two octets

enumerate host addresses. The first 2 bits of the first octet of a Class B address are 10.

The remaining 6 bits may be populated with either 1s or 0s.

This mathematically limits the possible range of the Class B address space to 191, which

is the sum of 128 + 32 + 16 + 8 + 4 + 2 + 1. The last 16 bits (two octets) identify potential

host addresses. Each Class B address can support 65,534 unique host addresses. This

number is calculated by multiplying two to the 16th power and subtracting two (values

reserved by IP). Mathematically, there can only be 16,382 Class B networks defined.

4.3.3 Class C Addresses

The Class C address space is, by far, the most commonly used of the original IPv4

address classes. This address space was intended to support a lot of small networks. This

address class can be thought of as the inverse of the Class A address space. Whereas the

Class A space uses just one octet for network numbering, and the remaining three for host

numbering, the Class C space uses three octets for networking addressing and just one

octet for host numbering.

The first 3 bits of the first octet of a Class C address are 110. The first 2 bits sum to a

decimal value of 192 (128 + 64). This forms the lower mathematical boundary of the

Class C address space. The third bit equates to a decimal value of 32. Forcing this bit to a

value of 0 establishes the upper mathematical boundary of the address space. Lacking the

capability to use the third digit limits the maximum value of this octet to 255 - 32, which

equals 223. Therefore, the range of possible Class C network addresses is from 192.0.1.0

to 223.255.254.0.

36

The last octet is used for host addressing. Each Class C address can support a theoretical

maximum of 256 unique host addresses (0 through 255), but only 254 are usable because

0 and 255 are not valid host numbers. There can be 2,097,150 different Class C network

numbers.

Note In the world of IP addressing, 0 and 255 are reserved host address values. IP

addresses that have all their host address bits set equal to 0 identify the local network.

Similarly, IP addresses that have all their host address bits set equal to 255 are used to

broadcast to all end systems within that network number.

4.3.4. Class D Addresses

The Class D address class was created to enable multicasting in an IP network. The Class

D multicasting mechanisms have seen only limited usage. A multicast address is a unique

network address that directs packets with that destination address to predefined groups of

IP addresses. Therefore, a single station can simultaneously transmit a single stream of

datagram’s to multiple recipients. The need to create separate streams of datagram’s, one

for each destination, is eliminated. Routers that support multicasting would duplicate the

datagram and forward as needed to the predetermined end systems. Multicasting has long

been deemed a desirable feature in an IP network because it can substantially reduce

network traffic.

The Class D address space, much like the other address spaces, is mathematically

constrained. The first 4 bits of a Class D address must be 1110. Presetting the first 3 bits

of the first octet to 1s means that the address space begins at 128 + 64 + 32, which equals

224. Preventing the fourth bit from being used means that the Class D address is limited

to a maximum value of 128 + 64 + 32 + 8 + 4 + 2 + 1, or 239.

Therefore, the Class D addresses space ranges from 224.0.0.0 to 239.255.255.254.

This range may seem odd because the upper boundary is specified with all four octets.

Ordinarily, this would mean that the octets for both host and network numbers are being

used to signify a network number. There is a reason for this. The Class D address space

isn't used for internetworking to individual end systems or networks. Class D addresses

are used for delivering multicast datagram’s within a private network to groups of IP-

addressed end systems. Therefore, there isn't a need to allocate octets or bits of the

address to separate network and host addresses. Instead, the entire address space can be 37

used to identify groups of IP addresses (Classes A, B, or C). Today, numerous other

proposals are being developed that would allow IP multicasting without the complexity of

a Class D address space.

4.3.5 Class E Addresses

A Class E address has been defined, but is reserved by the IETF for its own research.

Therefore, no Class E addresses have been released for use in the Internet. The first 4 bits

of a Class E address are always set to 1s; therefore, the range of valid addresses is from

240.0.0.0 to 255.255.255.255. Given that this class was defined for research purposes,

and its use is limited to inside the IETF, it is not necessary to examine it any further.

4.4 IP Routing

When we want to connect two or more networks using different n/w addresses then we

have to use IP Routing technique. The router will be used to perform routing between the

networks. A router will perform following functions for routing.

• Path determination

• Packet forwarding

•

(1) Path determination

The process of obtaining path in routing table is called path determination.

There are three different methods to which router can learn path.

i) Automatic detection of directly connected n/w.

ii) Static & Default routing

iii) Dynamic routing

(2) Packet forwarding

It is a process that is by default enable in router. The router will perform packet

forwarding only if route is available in the routing table.

4.5 Routing Process

(i) The pc has a packet in which destination address is not same as the local n/w

address.

(ii) The pc will send an ARP request for default gateway. The router will reply to

the ARP address and inform its Mac address to pc.

38

(iii) The pc will encapsulate data, in which source IP is pc itself, destination IP is

server, source Mac is pc’s LAN interface and destination Mac is router’s LAN

interface.

Fig. 4.1 Routing Process

S. MAC D. MACPC1 R1

D. IP 172.16.0.5S. IP 10.0.0.6

The router will receive the frame, store it into the buffer. When obtain packet from the

frame then forward data according to the destination IP of packet. The router will obtain a

route from routing table according to which next hop IP and interface is selected

(iv) According to the next hop, the packet will encapsulated with new frame and data is

send to the output queue of the interface.

4.6 Router Access Modes

When we access router command prompt the router will display different modes.

According to the modes, privileges and rights are assigned to the user.

Fig. 4.2 Router access modes39

4.6.1 User mode

In this mode, we can display basic parameter and status of the router we can test

connectivity and perform telnet to other devices. In this mode we are not enable to

manage & configure router.

4.6.2 Privileged mode

In this mode, we can display all information, configuration, perform administration task,

debugging, testing and connectivity with other devices. We are not able to perform here

configuration editing of the router.

The command to enter in this mode is ‘enable’. We have to enter enable password or

enable secret password to enter in this mode. Enable secret has more priority than enable

password. If both passwords are configured then only enable secret will work.

4.6.3 Global configuration

This mode is used for the configuration of global parameters in the router. Global

parameters applied to the entire router. For e.g.: - router hostname or access list of router

the command enters in this mode is ‘configure terminal’.

4.6.4 Line configuration mode

This mode is used to configure lines like console, vty and auxiliary. There are main types

of line that are configured.

(i) Console router(config)#line console 0

(ii) Auxiliary router(config)#line aux 0

(iii) Telnet or vty router(config)#line vty 0 4

4.6.5 Interface configuration mode

This mode is used to configure router interfaces. For e.g:- Ethernet, Serial, BRI etc.

Router(config)#interface <type> <number>

Router(config)#interface serial 1

40

4.6.6 Routing configuration mode

This mode is used to configure routing protocol like RIP, EIGRP, OSPF etc.

Router(config)#router <protocol> [<option>]

Router(config)#router rip

Router(config)#router eigrp 10

4.7 Configuring Password

There are six types of password available in a router

4.7.1 Console Password

router#configure terminal

router(config)#line console 0

router(config-line)#password <word>

router(config-line)#login

router(config-line)#exit

to erase password do all steps with no command.

4.7.2 Vty Password

router>enable


router(config)#line vty 0 4




4.7.3 Auxiliary Password


router(config)#line Aux 0




4.7.4 Enable Password

router>enable


router(config)#enable password <word>

router(config)#exit

41

4.7.5 Enable Secret Password

Enable Password is the clear text password. It is stored as clear text in

configuration where as enable secret password is the encrypted password

with MD5 (Media Digest 5) algorithm.

Router>enable

Router#configure terminal

Router(config)#enable secret <word>

Router(config)#exit

4.7.6 Encryption all passwords

All passwords other than enable secret password are clear text password.

We can encrypt all passwords using level 7 algorithms. The command to

encrypt all passwords is


Router(config)#service password-encryption

4.8 Managing Configuration

There are two types of configuration present in a router

(1) Startup Configuration

(2) Running Configuration

(1) Startup configuration is stored in the NVRAM. Startup configuration is used to

save settings in a router. Startup configuration is loaded at the time of booting in

to the Primary RAM.

(2) Running Configuration is present in the Primary RAM wherever we run a

command for configuration; this command is written in the running configuration.

To save configuration

Router#copy running-configuration startup-configuration

Or

Router#write

To abort configuration

Router#copy startup-configuration running-configuration

To display running-configuration

Router#show running-configuration

To display startup configuration

Router#show startup-configuration

Configuring HostName42


Router#hostname <name>

<name>#exit or end or /\z

Configuring Interfaces

Interfaces configuration is one of the most important part of the router configuration. By

default, all interfaces of Cisco router are in disabled mode. We have to use different

commands as our requirement to enable and configure the interface.

Configuring IP, Mask and Enabling the Interface


Router(config)#interface <type> <no>

Router(config-if)#ip address <ip> <mask>

Router(config-if)#no shutdown

Router(config-if)#exit

Interface Numbers

Interface numbers start from 0 for each type of interface some routers will directly used

interface number while other router will use slot no/port no addressing technique.

To display interface status

Router#show interfaces (to show all interfaces)

Router#show interface <type> <no>

43

CHAPTER 5

TYPES OF ROUTING

5.1 Static Routing

In this routing, we have to use IP route commands through which we can specify routes

for different networks. The administrator will analyze whole internetwork topology and

then specify the route for each n/w that is not directly connected to the router.

5.1.1 Steps to perform static routing

(1) Create a list of all n/w present in internetwork.

(2) Remove the n/w address from list, which is directly connected to n/w.

(3) Specify each route for each routing n/w by using IP route command.

Router(config)#ip route <destination n/w> <mask> <next hop ip>

Next hop IP it is the IP address of neighbor router that is directly connected our

router.

Static Routing Example: -

Router#conf ter

Router(config)#ip route 10.0.0.0 255.0.0.0 192.168.10.2

5.1.2 Advantages of static routing

(1) Fast and efficient.

(2) More control over selected path.

(3) Less overhead for router.

(4) Bandwidth of interfaces is not consumed in routing updates.

5.1.3 Disadvantages of static routing

(1) More overheads on administrator.

(2) Load balancing is not easily possible.

(3) In case of topology change routing table has to be change manually.

44

5.1.4 Alternate command to specify static route

Static route can also specify in following syntax: -


Or

Router(config)#ip route 172.16.0.0 255.255.0.0 serial 0

5.1.5 Backup route or loading static route

If more than one path is available from our router to destination then we can specify one

route as primary and other route as backup route.

Administrator Distance is used to specify one route as primary and other route as backup.

Router will select lower AD route to forward the traffic. By default static route has AD

value of 1. With backup path, we will specify higher AD so that this route will be used if

primary route is unavailable.

Protocols AD

Directly Connected 0

Static 1

BGP 20

EIGRP 90

IGRP 100

OSPF 110

RIP 120

Syntax: - To set backup path

Router(config)#ip route <dest. n/w> <mask> <next hop> <AD>

Or

<exit interface>

Example: -

Router#conf ter


Router(config)#ip route 150.10.0.0 25.255.0.0 160.20.1.1 8 (below 20)

Router(config)#exit

45

Scenario 1

Fig.5.1 Static routing

To display routing table

Router#sh ip route

To display static routes only

Router#sh ip route static

S 192.168.10.0/28 [1/0] via 172.16.0.5

To display connected n/ws only

Router#sh ip route connected

To check all the interface of a router

Router#sh interface brief

46

5.2 Default Routing

Default routing means a route for any n/w. these routes are specify with the help of

following syntax: -

Router(config)#ip route 0.0.0.0 0.0.0.0 <next hop>

Or

<exit interface>

This type of routing is used in following scenario.

Scenario 2: -

Stub network

A n/w which has only one exit interface is called stub network.

Fig. 5.2 Default routing

If there is one next hop then we can use default routing.

Internet connectivity

On Internet, million of n/ws are present. So we have to specify default routing on our

router.

Default route is also called gateway of last resort. This route will be used when no other

routing protocol is available.

If there is one next hop then we can use default routing.47

5.3 Dynamic Routing

In dynamic routing, we will enable a routing protocol on router. This protocol will send

its routing information to the neighbor router. The neighbors will analyze the information

and write new routes to the routing table.

The routers will pass routing information receive from one router to other router also. If

there are more than one path available then routes are compared and best path is selected.

Some examples of dynamic protocol are: -

RIP, IGRP, EIGRP, OSPF

5.3.1 Types of Dynamic Routing Protocols

According to the working there are two types of Dynamic Routing Protocols.

(1) Distance Vector

(2) Link State

According to the type of area in which protocol is used there are again two types

of protocol: -

(1) Interior Routing Protocol

(2) Exterior Routing Protocol

(a) Distance Vector Routing

The Routing, which is based on two parameters, that is distance and direction is

called Distance Vector Routing.

The example of Distance Vector Routing is RIP & IGRP.

Operation: -

(1) Each Router will send its directly connected information to the neighbor

router. This information is send periodically to the neighbors.

Fig.5.3 Distance vector routing

48

(2) The neighbor will receive routing updates and process the route according to

following conditions: -

(i) If update of a new n/w is received then this information is stored in

routing table.

(ii) If update of a route is received which is already present in routing table

then route will be refresh that is route times are reset to zero.

(iii) If update is received for a route with lower metric then the route,

which is already present in our routing table. The router will discard old

route and write the new route in the routing table.

(iv) If update is received with higher metric then the route that is already

present in routing table, in this case the new update will be discard.

(3) A timer is associated with each route. The router will forward routing

information on all interfaces and entire routing table is send to the neighbor. There

are three types of timers associated with a route.

(i) Route update timer. It is the time after which the router will send

periodic update to the neighbor.

(ii) Route invalid timer. It is the time after which the route is declared

invalid, if there are no updates for the route. Invalid route are not

forwarded to neighbor routers but it is still used to forward the traffic.

(iii) Route flush timer. It is the time after which route is removed from

the routing table, if there are no updates about the router.

Metric of Dynamic Routing

Metric are the measuring unit to calculate the distance of destination n/w. A protocol may

use a one or more than one at a time to calculate the distance. Different types of metric

are: -

(1) Hop Count

(2) Band Width

(3) Load

(4) Reliability

(5) Delay

(6) MTU

Hop Count

It is the no. of Hops (Routers) a packet has to travel for a destination n/w.

49

Bandwidth

Bandwidth is the speed of link. The path with higher bandwidth is preferred to send the

data.

Load

Load is the amount of traffic present in the interface. Paths with lower load and high

throughput are used to send data.

Reliability

Reliability is up time of interface over a period of time.

Delay

Delay is the time period b/w a packet is sent and received by the destination.

MTU Maximum Transmission Unit

It is the maximum size of packet that can be sent in a frame mostly MTU is set to 1500.

Problems of Distance Vector

There are two main problems of distance vector routing

• Bandwidth Consumption

• Routing Loops

(i) Bandwidth Consumption

The problem of excessive bandwidth consumption is solved out with the help of

autonomous system. It exchanges b/w different routers. We can also perform route

summarization to reduce the traffic.

(ii) Routing Loops

It may occur b/w adjacent routers due to wrong routing information. Distance

Vector routing is also called routing by Rumor. Due to this the packet may enter

in the loop condition until their TTL is expired.

50

Method to solve routing loops

There are five different methods to solve or reduce the problem of routing loop.

(i) Maximum Hop Count

This method limits the maximum no. of hops a packet can travel. This method

does not solve loop problem. But it reduces the loop size in the n/w. Due to this

method the end to end size of a n/w is also limited.

(ii) Flash Updates/Triggered Updates

In this method a partial update is send to the all neighbors as soon as there is

topology change. The router, which receives flash updates, will also send the flash

updates to the neighbor routers.

Fig.5.4 Flash updates

(iii) Split Horizon

Split Horizon states routes that update receive from an interface cannot be send

back to same interface.

Fig.5.5 Split horizon

51

(iv) Poison Reverse

This method is the combination of split Horizon and Flash updates. It implements

the rule that information received from the interface can not be sent back to the

interface and in case of topology change flash updates will be send to the

neighbor.

(v) Hold Down

If a route changes frequently then the route is declared in Hold Down state and no

updates are received until the Hold Down timer expires.

Routing Information Protocol

Features of RIP: -

* Distance Vector

* Open standard

* Broadcast Updates

(255.255.255.255)

* Metric

Hop Count

*Timers

Update 30 sec

Invalid 180 sec

Hold 180 sec

Flush 240 sec

* Loop Control

Split Horizon

Triggered Updates

Maximum Hop Count

Hold Down

* Maximum Hop Count 15

* Administrative Distance 120

* Equal Path Cost Load Balancing

* Maximum Load path 6

Default 4

* Does not support VLSM

* Does not support Autonomous system

52

Configuring RIP

Router#conf ter


Router(config-router)#network <own net address>

Router(config-router)#network <own net address>

Router(config-router)#exit

10.0.0.1 172.16.0.5 175.2.1.1

200.100.100.12Fig.5.6 Configuring RIP

Router(config-router)#network 10.0.0.0



175.2.0.0 via 172.16.0.6

53

172.16.0.6

Display RIP Routers

Router#sh ip route rip

R 192.168.75.0/24 [120/5] via 172.30.0.2 00:00:25 serial 1/0

RIP Dest. n/w mask AD Metric Next Hop Timer own Interface

RIP advanced configuration

(a) Passive Interfaces

An interface, which is not able to send routing updates but able to receive routing

update only is called Passive Interface. We can declare an interface as passive

with following commands: -

Router#conf ter


Router(config-router)#Passive-interface <type> <no>


(b) Configuring Timers


Router(config-router)#timers basic <update> <invalid> <hold down>

<flush>


Example: -

Router(conf-router)#timer basic 50 200 210 300

Update 50 sec

Invalid 200 sec

Hold 210 sec

Flush 300 sec

(c) To change Administrative Distance


Router(config-router)#distance <value>

Router(config-router)#exit 95 or 100

54

(d) To configure Load Balance

RIP is able to perform equal path cost Load Balancing. If multiple paths

are available with equal Hop Count for the destination then RIP will

balance load equally on all paths.

Load Balancing is enabled by default 4 paths. We can change the no. of

paths. It can use simultaneously by following command: -


Router(config-router)#maximum-path <1-6>

(e) To display RIP parameters

Router#sh ip protocol

This command display following parameters: -

(i) RIP Timers

(ii) RIP Version

(iii) Route filtering

(iv) Route redistribution

(v) Interfaces on which update send

(vi) And receive

(vii) Advertise n/w

(viii) Passive interface

(ix) Neighbor RIP

(i) Routing information sources

(ii) Administrative Distance

RIP version 2

RIP version 2 supports following new features: -

(1) Support VLSM (send mask in updates)

(2) Multicast updates using address 224.0.0.9

Support authentication

Commands to enable RIP version 2

We have to change RIP version 1 to RIP version 2. Rest all communication will remain

same in RIP version 2.

Router(config)#Router RIP

55

Router(config-router)#version 2


To debug RIP routing

Router#debug ip rip

To disable debug routing

Router#no debug ip rip

(b) Link State Routing

This type of routing is based on link state. Its working is explain as under

(1) Each router will send Hello packets to all neighbors using all interfaces.

(2) The router from which Hello reply receive are stored in the neighbor ship

table. Hello packets are send periodically to maintain the neighbor table.

(3) The router will send link state information to the all neighbors. Link state

information from one neighbor is also forwarded to other neighbor.

(4) Each router will maintain its link state database created from link state

advertisement received from different routers.

(5) The router will use best path algorithm to store the path in routing table.

(i) Problems of Link State Routing

The main problems of link state routing are: -

(1) High bandwidth consumption.

(2) More hardware resources required that is processor and memory (RAM)

The routing protocols, which use link state routing, are: -

OSPF

(ii) Enhanced Interior Gateway Routing Protocol

Features: -

* Cisco proprietary

* Hybrid protocol

Link State

Distance Vector

56

* Multicast Updates using

Address 224.0.0.10

* Support AS

* Support VLSM

* Automatic Route Summarization

* Unequal path cost load balancing

* Metric (32 bit composite)

Bandwidth

Delay

Load

Reliability

MTU

* Neighbor Recovery

* Partial updates

* Triggered updates

* Backup Route

* Multi Protocol Routing

(iii) EIGRP Protocols & Modules

(1) Protocol depended module

This module is used to perform multi protocol routing that is the router will

maintain 3 routing table for TCP/IP, IPX/SPX and AppleTalk.

IP Routing

TCP/IP

IPX Routing

IPX/SPX

Appletalk Routing

Appletalk

57

(iv) Reliable Transport Protocol (Quiet Protocol)

RTP is used to exchange routing updates with neighbor routers. It will also maintain

neighbor relationship with the help of Hello packet. RTP has following features: -

(1) Multicast updates (224.0.0.10)

(2) Neighbor recovery

If neighbor stops responding to the Hello packets then RTP will send unicast Hello packet

for that neighbor.

(3) Partial updates

(4) No updates are sending if there is no topology change.

(v) Configuring EIGRP

Router(config)#router eigrp <as no>

Router(config-router)#network <net addr.>

Router(config-router)#network <net addr.>


(vi) Advanced Configuration EIGRP

Configuring following options are same as configuring IGRP

(1) Bandwidth on Interfaces

(2) Neighbor

(3) Load balancing

Max path

Variance

(vii) Configuring EIGRP Metric

If we want our router to use additional metric then we can use following

command: -

Router(config)#Router eigrp <as no>

Router(config-router)#metric weights 0 <k1> <k2> <k3> <k4> <k5>

Type of service (default) 1 0 1 0 0


Metric K Default value

Bandwidth K1 158

Load K2 0

Delay K3 1

Reliability K4 0

MTU K5 0

All routers exchanging update with each other must have same AS no. and same K value.

Router#sh ip eigrp topology

It shows topology database.

Router#sh ip eigrp neighbor

It shows neighbor table

Debug EIGRP

Router#debug ip eigrp

5.3.2 Autonomous system

Autonomous system is the group of contiguous routers and n/w, which will share their

routing information directly with each other. If all routers are in single domain and they

share their information directly with each other then the size of routing updates will

depend on the no. of n/w present in the Internetwork. Update for each n/w may take 150 –

200 bytes information.

For example: - if there are 1000 n/ws then size of update will be

200*1000 = 200000 bytes

The routing information is send periodically so it may consume a large amount of

bandwidth in our n/w.

59

Fig. 5.7 Autonomous systemProtocols

Interior Routing Exterior Routing

RIP BGP

IGRP EXEIGRP

EIGRP

OSPF

5.3.3 Open Shortest Path First

Features: -

* Link State

* Open standard

* Multicast updates

224.0.0.5

224.0.0.6

* Support VLSM

* Support Area similar to AS

* Manual Route Summarization

* Hierarchical model

* Metric

Bandwidth

*Equal path cost load balancing

* Support authentication

*Unlimited hop count

60

OSPF Terminology

(1) Hello packets

(2) LSA (Link State Advertisement)

(3) Neighbor

(4) Neighbor table

(5) Topology table (LSA database)

Router ID

Router ID is the highest IP address of router interfaces. This id is used as the

identity of the router. It maintains link state databases. The first preference for

selecting router ID is given to the Logical interfaces. If logical interface is not

present then highest IP of physical interface is selected as router id.

ROUTER ID

Fig. 5.8 Router ID

Area

Area is the group of routers & n/ws, which can share their routing information directly

with each other.

OSPF Area Characteristics:

- Minimizes routing table entries.- Localizes impact of a topology change within an area.- Detailed LSA flooding stops at the area boundary.- Requires a hierarchical network design.

Fig. 5.9 Autonomous system

61

Adjacency

A router is called adjacency when neighbor relationship is established. We can also say

adjacency relationship is formed between the routers.

5.3.4 OSPF Hierarchical Model

Fig. 5.10 OSPF Hierarchical Model

Area Router (Autonomous System Border Router – ASBR)

A router, which has all interfaces member of single area, is called area router.

Backbone Area

Area 0 is called backbone area. All other areas must connect to the backbone area for

communication.

Backbone Router

A router, which has all interfaces members of area 0, is called backbone router.

Area Border Router

A router, which connects an area with area 0, is called area border router.62

5.3.5 LSA Flooding in OSPF

If there are multiple OSPF routers on multi access n/w then there will be excessive no. of

LSA generated by the router and they can choke bandwidth of the network.

Fig. 5.11 LSA Flooding in OSPF

This problem is solved with the help of electing a router as designated router and backup designated router.

Designated Router

A router with highest RID (router id) will be designated router for a particular interface.

This router is responsible for receiving LSA from non-DR router and forward LSA to the

all DR router.

Backup Designated Router

This router will work as backup for the designated router. In BDR mode, it will receive

all information but do not forward this information to other non-DR router.

Commands to configure OSPF

Router#conf ter

Router(config)#router ospf <process no>

Router(config-router)#network <net address> <wild mask> area <area id>

Router(config-router)#network <net address> <wild mask> area <area id>


63

Wild Mask – Complement of subnet mask

Example 255.255.0.0

0.0.255.255

255.255.255.255

- Subnet mask

Wild mask

255.255.255.255

- 255.255.192.0 subnet mask

0.0.63.255 wild mask

Fig. 5.12 OSPFR1

Router(config-router)#network 20.0.0.0 0.255.255.255 area 0


R2




R3



64

Command: -

Router(config)#interface loopback <no>

Router(config-if)#ip address 200.100.100.1 255.255.255.0

Router(config-if)#no sh


Command to display OSPF parameter

Router#show ip protocol

65

CHAPTER 6

Access Control List

6.1 ACL

ACL are the basic security feature that is required in any network to control the flow of

traffic. Most of time our network may have servers and clients for which traffic control is

required. We can also use ACL to classify the traffic. ACLs are used in features like QOS

(Quality of Service), Prioritize traffic and interesting traffic for ISDN.

6.2 Classification Access Control List: -

Types of ACL based on Protocol: -

(1) IP Access Control List

(2) IPX Access Control List

(3) AppleTalk Access Control List

Types of ACL based on Feature: -

(1) Standard ACL

(2) Extended ACL

Types of ACL based on Access mode: -

(1) Numbered ACL

(2) Named ACL

Types of ACL based on Order of rules: -

(1) Deny, permit

(2) Permit, deny

Types of ACL based on direction of implementation: -

(1) Inbound ACL

(2) Outbound ACL

66

The packed is passed to RE

A Packet is received

Is there any Access list applied on interface in inbound direction?The packed is passed to Routing Engine

Is there any matching rule in ACL from top- down order?The packet is dropped

Is it permit? The packet is dropped

No

No

NoYes

Yes

Yes

6.3 Flow chart of Inbound ACL

Fig. 6.1 Flow chart of Inbound ACL

6.4 IP Standard ACL (Numbered)

In Standard ACL, we are only able to specify source address for the filtering of packets.

The syntax to create IP standard ACL are: -

Router#conf ter

Router(config)#access-list <no> <permit|deny> <source>

Router(config)#exit

<source> Single pc host 192.168.10.5

192.168.10.5

192.168.10.5 0.0.0.0

N/w 200.100.100.0 0.0.0.255

Subnet 200.100.100.32 0.0.0.15

All any

67

Example: - 172.16.0.16 – 18 should not access Internet; rest of all other pc should access

Internet.

Fig. 6.2 Configuring ACL

Router#conf ter

Router(config)#access-list 30 deny 172.16.0.16



Router(config)#access-list 30 permit any

Router(config)#exit

Applying ACL on interface

Router#conf ter

Router(config)#interface <type> <no>

Router(config-if)#ip access-group <ACL no.> <in|out>


Rule for applying ACL

Only one ACL can be applied on each interface, in each direction for each protocol.

6.5 IP Standard ACL (Named)

In Numbered ACL editing feature is not available that is we are not able to delete single

rule from the ACL. In Named ACL editing feature is available.

Router#config ter

Router(config)#ip access-list standard <name>

Router(config-std-nacl)#<deny|permit> <source>

Router(config-std-nacl)#exit

69

Router#conf ter

Router(config)#ip access-list standard abc

Router(config-std-nacl)#deny 172.16.0.16



Router(config-std-nacl)#permit any

To modify the ACL

Router#conf ter

Router(config)#ip access-list standard abc

Router(config-std-nacl)#no deny 172.16.0.17

Router(config-std-nacl)#exit

To control Telnet access using ACL

If we want to control telnet with the help of ACL then we can create a standard ACL and

apply this ACL on vty port. The ACL that we will create for vty will be permit – deny

order.

Example: - suppose we want to allow telnet to our router from 192.168.10.5 &

192.168.10.30 pc.

Router#conf ter

Router(config)#access-list 50 permit 192.168.10.5

Router(config)#access-list 50 permit 192.168.10.30

Router(config)#line vty 0 4

Router(config-line)#access-class 50 in

Router(config)#exit

6.6 IP Extended ACL (Numbered)

Extended ACL are advanced ACL. ACL, which can control traffic flow on the basis of

five different parameters that are: -

(i) Source address

(ii) Destination address

(iii) Source port

(iv) Destination port

(v) Protocol (layer 3/layer 4) Router(config-std-nacl)#exit

70

To display ACL

Router#show access-lists or

Router#show access-list <no>

To display ACL applied on interface

Router#show ip interface

Router#show ip interface <type> <no>

Router#show ip interface Ethernet 0

71

Chapter 7

LAN Switching

7.1 LAN Switching

Ethernet switches are used in LAN to create Ethernet n/ws. Switches forward the traffic

on the basis of MAC address. Switches maintain a Mac Addressee table in which mac

addresses and port no’s used to perform switching decision. Working of bridge and

switch is similar to each other.

Classification of switches

Switches are classified according to the following criteria: -

Types of switches based on working

(1) Store & Forward

This switch receives entire frame then perform error checking and start

forwarding data to the destination.

(2) Cut through this switch starts forwarding frame as soon as first six bytes of the

frame are received.

(3) Fragment-free this switch receives 64 bytes of the frame, perform error

checking and then start forwarding data.

(4) Adaptive cut-through it changes its mode according the condition. If it sees

there are errors in many frames then it changes to Store & Forward mode from

Cut through or Fragment-free.

Types of switches based on management

(1) Manageable switches

(2) Non-Manageable switches

(3) Semi-Manageable switches

Types of switches based on OSI layer

(1) Layer 2 switches (only switching)

(2) Layer 3 switches (switching & routing)

Types of switches based on command mode (only in Cisco)

(1) IOS based

(2) CLI based72

Type of switches based on hierarchical model

(1) Core layer switches

(2) Distribution layer switches

(3) Access layer switches

Qualities of switch

- No. of ports

- Speed of ports

- Type of media

- Switching or wire speed or throughput

Configuring IP and Gateway on switch

We can configure IP address on switch for web access or telnet IP address is required for

the administration of the switch. If we have to access switch from remote n/w then we

will configure default gateway in addition to IP address.

IP address is assigned to the logical interface of switch with following command:-

Switch(config)#interface vlan 1

Switch(config)#IP address <ip> <mask>

Switch(config)#no sh

Switch(config)#exit

7.2 VLAN (Virtual LAN)

VLAN provides Virtual Segmentation of Broadcast Domain in the network. The devices,

which are member of same Vlan, are able to communicate with each other. The devices

of different Vlan may communicate with each other with routing. So that different Vlan

devices will use different n/w addresses. Vlan provides following advantages: -

(1) Logical Segmentation of network

(2) Enhance network security

Creating port based Vlan

In port based Vlan, first we have to create a Vlan on manageable switch then we have to

add ports to the Vlan.

Commands to create VlanSwitch#config ter

Switch(config)#vlan <no>

73

[name <word>]

Switch(config)#exit optional

Or

Switch#vlan database

Switch(vlan)#vlan <no>

[name <word>]

Switch(vlan)#exit

Commands to configure ports for a Vlan

By default, all ports are member of single vlan that is Vlan1. We can change vlan

membership according to our requirement.

Switch#conf ter

Switch(config)#interface <type> <no>

Switch(config-if)#switchport access vlan <no>

Switch(config-if)#exit

Commands to configure multiple ports in a vlan

Switch#conf ter

Switch(config)#interface range <type> <slot/port no (space)–(space) port no>

Switch(config-if)#switchport access vlan <no>

Switch(config-if)#exit

Example: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in vlan5

Switch#config ter

Switch(config)#interface range fastethernet 0/10 – 18

Switch(config-if)#switchport access vlan 5

Switchconfig-if#exit

To Disable web access in switch

Switch#config ter

Switch(config)#no ip http server

To display mac address table

Switch#sh mac-address-table

To Display Vlan and port membershipSwitch#sh vlan

74

VTP server

VTP server is a switch in which we can create, delete or modify Vlans. The server will

send periodic updates for VTP clients.

VTP client

On VTP client, we are not able to create, modify or delete Vlans. The client will receive

and forward vtp updates. The client will create same Vlans as defined in vtp update.

Commands

Switch#conf ter

Switch(config)#vtp domain <name>

Switch(config)#vtp password <word>

Switch(config)#vtp mode <server|client|transparent>

Switch(config)#exit

By default in cisco switches the VTP mode is set as VTP server with no domain

and no password.

To display VTP status

Switch#sh vtp status

75

CONCLUSION

CCNA training has made me learn 21st century skills such as complex problem solving

and critical thinking.

To conclude one can say that CCNA training was really beneficial for me and making

report for such a great training is not being written just for the sake of writing. I am

crisply stating the main take away points from my work.

I feel that CCNA Security Course help to meet the growing demand for network security

skills. It provides the blended curriculum which provides a hands-on and carrier oriented

introduction to come security concepts. The course is highly beneficial, as I feel; it helps

students differentiate themselves in the marketplace. Develop students for network

security carrier opportunities. It enhances specialized security skills.

76

BIBLIOGRAPHY

1. Course book on CCNA by Todd Lammle.

2 www.cisco.com

3 Daily Diary

77

http://www.cisco.com/

Project Report Ccna

Documents

Transcript of Project Report Ccna