6. Cable type
Transmission speed
Cat1
Cat 2
Up to 4 Mbps
Cat 3
Up to 10 Mbps
16 MHz
Cat 4
Up to 16 Mbps
20MHz
Cat 5
10 Mbps to 100 Mbps
100MHz
Cat 5e
100 Mbps to 1000 Mbps 100MHz
Cat 6
Up to 10 Gbps
250MHz
Cat 6a
Up to 10 Gbps
500MHz
Cat 7
Up to 10 Gbps
600MHz
Cat 7a
Up to 100 Gbps
1000MHz
8. Straight through cable
This cable is used to connect two different types
of devices.
This is used to connect MAC device and Non
MAC device.
Switch
Router
Router
Hub
Host
Switch
Host
Hub
9.
10. Crossover cable
This cable is used to connect same devices.
This is used to connect MAC to MAC or NonMAC to Non-Mac.
Switch
Switch
Router
Router
Hub
Hub
Hub
Switch
11.
12. Rollover cable
This cable is used to connect Router console
port to PC serial(COM) port.
This cable is called Null modem cables.
13.
14. Network Interface Card
(NIC)
This provide network communication to a LAN.
It contain buffer.
It contain unique 48bit MAC( Media Access
Controller ) address.
15. Protocol
Protocol is a set of rules and regulations.
Two device to establish communication both should be
same protocol.
16. Addresses
Addresses are used to identify the device.
There are two type of addresses.
MAC – Pre define
IP – User define
17. OSI Layer
Open System Interconnect Layer.
This is describe how data is communicated from
one to another system.
Allow multiply vendor development and standardize.
18. OSI Layer types
Application layer
Presentation layer
Session layer
Transport layer
Network layer
Data link layer
Physical layer
21. 6. Presentation Layer
Data translation and code formatting including
compression and encryption.
Ensure application layer can be use data.
MPEG, MIDI, TIFF, JPEG, TXT, Quick time movie
22. 5. Session Layer
Establish and maintain session across the
network.
Organize communication through simplex, half and
full duplex mode.
23. 4. Transport Layer
Segments data and adds port numbers.
Data is ensured at this layer by maintaining flow
control.
Error correction and detection.
Defined reliable and unreliable end to end data
communication.
Connection orient communication.
Acknowledge and are received for every segment.
Call setup, data transfer and call termination.
Connection parameters are synchronized.
Windowing technique used to control outstanding
data segment and to increase throughput.
24. 3. Network Layer
Data packet done here.
Responsible for sending DATA.
Assigns IP addresses.
Maintain routing table.
Find the best path.
Router
25. 2. Data Link Layer
Framing of the packets is done here.
Handles error notification, network topology and
flow control.
Provides access to LAN medium in an orderly
manner.
Adds MAC address to frames.
Switch, Bridge and NIC
26. 1. Physical Layer
Sending and receive bits.
Places data on the Network media.
Communication directly with the media.
Hub, Repeater, Cable and Connector
27. Term
Definition
FTP
File Transfer Protocol
TFTP
Trivial File Transfer Protocol
WWW
World Wide Web
HTTP
Hyper Text Transfer Protocol
SMTP
Simple Mail Transfer Protocol
Voip
Voice Over Internet Protocol
SNMP
Simple Network Management Protocol
POP3
Post Office Protocol
NFS
Network File System
RPC
Remote Procedure Call
NETBIOS
Network Basic Input/output System
TCP
Transmission Control Protocol
28. Term
Definition
UDP
User Datagram Protocol
SPX
Sequence Packet Protocol
IP
Internet Protocol
IPX
Internet Packet Exchange
ARP
Address Resolution Protocol
RARP
Reverse Address Resolution Protocol
ICMP
Internet Control Message Protocol
RIP
Routing Information Protocol
OSPF
Open Shortest Path First
NCP
Network Control Program
SMB
Server Message Block
31. TCP/IP Layers
OSI Layer
TCP/IP Layer
Application, Presentation, Session
layers
Application layer
Transport layer
Transport layer
Network layer
Internet layer
Data link , Physical layers
Network Access layer ( Data link)
42. IP Rangers
Privet
-Reserved for LAN / INTRANET.
-governed by a body called INTERNIC.
Public
-Defined with routing over the internet.
-Reserved for WAN.
-Given by ISPs.
43. IP Types
Dynamic
-Addresses which are automatically assigned by a DHCP service.
-These are randomly assigned.
Static
-Addresses which are manually assigned in the properties of TCP/IP by
administrator.
-These addresses will not changed unless we change them.
46. Class A
Network range
1.0.0.0 - 126.0.0.0
Subnet mask
255.0.0.0
Networks
126
Host per network
16777214
Privet range
10.0.0.1 - 10.255.255.254
E.g.:
10 . 1 . 1 . 1
255 . 0 . 0 . 0
Network ID
Host
127.0.0.1 to 127.255.255.255 is
reserved for loopback testing
purposes.
47. Class B
Network range
128.0.0.0 - 191.255.0.0
Subnet mask
255.255.0.0
Networks
16384
Host per network
65534
Privet range
172.16.0.1 - 172.31.255.254
E.g.:
172. 16 . 0 . 1
255 . 255 . 0 . 0
Network ID
Host
169.254.0.1 - 169.254.255.254 is
reserved for APIPA( Automatic Privet
IP Address )
48. Class C
Network range
192.0.0.0 - 223.255.255.0
Subnet mask
255.255.255.0
Networks
2097152
Host per network
254
Privet range
192.168.0.1 - 192.168.255.254
E.g.:
192. 168 . 1 . 1
255 . 255 . 255 . 0
Network ID
Host
49. Class D
224.0.0.0 - 239.253.255.255 is reserved for
multicasting services and applications.
Class E
240.0.0.0
- 255.255.255.255 is reserved for
future use and research purposes( E.g.:
NASA ).
50. 1 - 126
128 - 191
192 - 223
Class
A
Class
B
Class
C
51.
52. Break a large network to sub networks is called
Subnetting.
Once you have break a network, you need a
router to connect these sub networks.
53. Advantages of Subnetting
Reduce network traffic.
Optimize network performance.
Simplified management.
Facilitated spanning of large geographical
distance.
68. Boot ROM
It stores the router’s bootstrap startup program.
It stores OS software.
It stores mini IOS image ( RX Boot ) with
extremely limited capabilities.
It sores POST( Power on diagnostic test
programs) routines and core level OS for
maintenance.
69. RAM
Stores running configuration program.
Provides caching.
RAM is a volatile memory and looses its
information when router is turns off.
The configuration present in RAM is called
Running configuration.
70. Flash
Store IOS.
This is a erasable and reprogrammable memory.
An EPROM holds the most of the IOS image.
It maintains everything when router is turned off.
71. NVRAM
Stores startup configuration files.
A rewritable memory area holds router’s
configuration file.
NVRAM retains the information whenever router
is rebooted.
Once configuration is saved, it will be saved in
NVRAM and this configuration is called Startup
configuration.
73. LAN Ports
WAN Ports
BRI port
ISDN connections
AUX
Dial up connections
Serial port
Lease line and Frame-Relay connectivity
Console port
Direct access with the router
74.
75. Router boot sequence
The router performs a power-on self-test (POST)
to discover and verify the hardware.
The router loads and run bootstrap code from
ROM.
The router finds the IOS or other software and
loads it.
The router finds the configuration file and loads it
into running configuration.
83. Enable / Privileged mode
Used to:
o
o
o
View router information.
Setting up clock and date.
Debugging, saving any data configured in router
and terminal configuration.
84. Global configuration mode
Used to:
o
o
o
o
o
Name setting for the router.
Interface configuration setting.
Password setting.
Routing protocol setting.
Access list setting.
85.
86. Routing
Router is used to talking packet from one device
to another device and sending it through the
network to another device on a different network
with the help of router.
87. Minimum requirements for
routing
Destination network address and its subnet.
Neighbor routers from which it can learn about
remote networks.
Possible routers to all remote networks.
The best route to each remote network.
How to maintain and verify routing information.
89. Static routing
In static routing, the administrator have to
manually add routers in each router’s routing
table.
Administration distance is 1 with next hop IP
address and 0 with exit interface.
Manual configuration for each destination.
To configure know destination network and its
subnet mask.
90. Static route command
R1(config)#ip route 150.50.0.0 255.255.0.0 200.100.10.2 1
Destination
network
Destination
subnet mask
Next hop ip
address
Administrative
distance
91. Remove the Static routing
R1(config)#no ip route 150.50.0.0 255.255.0.0 200.100.10.2 1
R1(config)#no ip route 20.1.1.128 255.255.0.128 200.100.10.2 1
92. Advantages of Static
routing
No overhead on the router CPU.
No bandwidth usage between routers.
Security ( Administrator only allows routing )
93. Disadvantages
The Admin must really understand the
internetwork and how each router is connected.
If one network is added to the network , the admin
must add a route to it on all routers.
It is not feasible in large networks because it
would be a fulltime job.
94. Default Routing
Default routing is used to send packet s with a
remote destination network not in the routing
table to the next hop router.
You can only use default routing on stub networks
which means that they have only one exit port out
of the network.
Administrative distance is 0.
95.
96. Dynamic Routing
This is the process of using protocols to find and
update routing tables on routers.
This is easier than other two.
The function of dynamic routing protocol is
advertise directly connected network and
exchange the information between the routers.
97. Routing protocols
IGP ( Interior Gateway Protocol )
Used to exchange routing information with routers in
the same autonomous systems(AS). An AS is a
collection of networks under a common administrative
domain.( E.g.: RIP, IGRP, EIGRP, OSPF, ISIS )
EGPs ( Exterior Gateway Protocol )
Used to communicate between ASs. EGP is a border
Gateway Protocol( BGP ).
98. Autonomous System
An Autonomous system is a collection of networks
under a common administrative domain.
IGPs operate within an autonomous system where as
EGP connects different autonomous systems.
Every autonomous system has a Distinct number.
IANA (Internet Assigned Numbers Authority) is
responsible for allocating this number.
We can use any number unless the organization plans
for an EGP.
100. Flavors of dynamic routing
protocols
Type
Protocol
Distance Vector Protocol
RIP , IGRP
Link State Protocol
OSPF , ISIS
Hybrid Protocol
EIGRP
101. Link State Protocol
Periodic advertise
RIP = Every 30 sec
IGRP = Every 90 sec
Advertise only at network
trigger. That is new information
at routing table
Advertise full routing table
Advertise updates only
Advertise only directly
connected routers
Flood the advertisement
Convergence
Has high convergence time
Convergence is low
Limit
Has a limit
RIP = Max 15 hops
IGRP = Max 255 hops
No limit
Network
Small network
Large network
Routing loop
Routing loop is problem
No routing loops
Neighbor
relation
Don not establish neighbor
relation
Formal way to establish
neighbor relation
Advertise
Hybrid
Combination of both DVP and LSP
Distance Vector Protocol
102. Summarization (Router
Aggregation)
Reduce the number of routing entry in the routing
table called Summarization.
Advantages –
Reduction in the size of the routing table means.
Less overhead in terms of network traffic, CPU and
memory.
Greater flexibility in addressing the networks.
103. Variable Length Subnet Mask
(VLSM)
VLSM is used within an organization instead of
CIDR ( Classless Inter Domain Routing ) which is
used within the internet.
104. Classless Inter Domain
Routing ( CIDR )
CIRD is the new addressing scheme for the
internet which allows for more efficient allocation
of IP addresses than the old Class A, B and C
addressing scheme.
105. Why we need CIRD ?
With a new network being connected to the
internet every 30 minutes the internet was faced
with 2 critical problems.
o Running out of IP addresses
o Running out of capacity in the global routing
tables.
108. RIPV1
RIPV2
Classfull
Classless
Broadcast
It uses Multicast address
224.0.0.9 to send updates
No support for VLSM
Support VLSM
No authentication
Allows MD5 authentication
No support for discontinuous
networks
Support for discontinuous
networks
110. Administrative distance is 120.
Classfull routing protocol.
Update time is 30 seconds.
Distance vector protocol.
It uses Hop count to calculate matric value.
It uses lowest hop to select the best path.
It uses broadcast address 255.255.255.255 sent
updates.
Support maximum 15 hops.
16th hop is unreachable and un-sharable.
Advertise classfull network.
111. Network A
Router 1 is going to reach to the network A
Path 1 : Router 1 Router 0 Router 4 = 2Hops
Path 2 : Router 1 Router 4 = 1Hop
Path 3 : Router 1 Router 2 Router 3 Router 4 = 3 Hops
So RIPV1 is used Path 2 as the best path.
112. RIPV1 Configuration
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
S0
200.100.10.1 / 24
L1
To enable routing protocol rip
R1(config)#router rip
R1(config-route)#network
S1
200.100.10.1 / 24
10.0.0.0
Advertise Class A default network
R1(config-route)#network
172.168.0.0
Advertise Class A default network
R1(config-route)#network
200.100.0.0
Advertise Class A default network
To save
R1(config-route)#^Z
R1#copy run start
To enable routing protocol rip
R2(config)#router rip
R2(config-route)#network
10.0.0.0
Advertise Class A default network
R2(config-route)#network
172.168.0.0
Advertise Class A default network
R2(config-route)#network
200.100.0.0
Advertise Class A default network
R2(config-route)#^Z
R2#copy run start
R1#show ip route
150.50.1.1 / 16
R2
20.1.1.140 / 26
L1
113. R
20.0.0.0 / 8
[120/1] connected via 200.100.10.2
Administrative distance
RIP route
Metric [ one hop count]
Classfull
R# Show ip router rip
R# Debug ip rip
To display only RIP routers
Display sending and received updates
RIP V1 updates sending “255.255.255.255”
10.0.0.0
172.168.0.0
200.100.10.0
115. RIPV2 Configuration
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
S0
200.100.10.1 / 24
L1
To enable routing protocol rip
R1(config)#router rip
R1(config-route)#network
S1
200.100.10.1 / 24
10.0.0.0
Advertise Class A default network
R1(config-route)#network
172.168.0.0
Advertise Class A default network
R1(config-route)#network
200.100.0.0
Advertise Class A default network
R1(config-route)#version2
R1(config-route)#no auto summary
To enable routing protocol rip
R2(config)#router rip
R2(config-route)#network
10.0.0.0
Advertise Class A default network
R2(config-route)#network
172.168.0.0
Advertise Class A default network
R2(config-route)#network
200.100.0.0
Advertise Class A default network
R2(config-route)#version2
R2(config-route)#no auto summary
R1#show ip route
150.50.1.1 / 16
R2
20.1.1.140 / 26
L1
116. R
20.1.1.128 / 26
[120/1] connected via 200.100.10.2
Classless
route
R# Show ip router rip
R# Debug ip rip
To display only RIP routers
Display sending and received updates
RIP V2 updates sending 224.0.0.9 update
10.0.0.0
172.168.0.0
200.100.10.0
119. Open Shortest Path First
(OSPF)
Link state routing protocol
Administrator distance is 110
Support VLSM
Support manual summarization
It uses cost to calculate metric value
It uses SPF algorithm to select best path
It uses multicast address 224.0.0.5 and 224.0.0.6 to
send and receive updates
Sending incremental updates
120. It uses Hello protocol to establish neighbor relation
It uses router ID to establish neighbor relation
It uses area to communicate
It maintain three type of tables
Routing table
Neighbor table
Database table
contains
o
o
o
Router ID
Priority [ Default value is 1 ]
Hello interval [ 10 sec ]
Dead interval [ 40 sec ]
Authenticating bit
Stub area flag
Process ID
121. Single area OSPF
Area 1
e0
S0
S1
e0
The entire interface in the network belongs to same
area called single area.
122. Multi area OSPF
Area 1
Area 0
Area 2
e0
S0
S1
e0
e0
Virtual link
Area 3
In multiarea, all the areas must connect to the Area o
(Black Bone Area) directly of virtually
( Area 3 is
virtually connected to the area 0 )
124. Router ID calculating
Once OSPF is configured router automatically
calculate the router ID.
e0
S0
200.10.1.1 /25
100.10.1.1 / 25
This router has 2 physical interfaces e0 and s0. router
ID for this router is highest IP address of physical
interfaces 200.10.1.1
125. e0
200.10.1.1 /25
S0
100.10.1.1 / 25
L0
1.1.1.1/30
L1
2.2.2.2/30
In this router has 2 physical interfaces and 2
logical interfaces.
Route ID for this router is highest IP address for
logical interface 2.2.2.2
127. OSPF Configuration
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
200.100.10.1 / 24
S0
10 is the process ID
R1(config)#router ospf 10
10.0.0.0
0.255.255.255 area 1
R1(config-route)#network
172.168.0.0
0.0.0.3 area 1
R1(config-route)#network
200.100.0.0
0.0.0.255 area 1
10 is the process ID
R2(config)#router ospf 10
R2(config-route)#network
10.0.0.0
0.255.255.255 area 1
R2(config-route)#network
172.168.0.0
0.0.0.3 area 1
R2(config-route)#network
200.100.0.0
0.0.0.255 area 1
R# Show ip ospf interface
R1#show ip route
150.50.1.1 / 16
R2
200.100.10.1 / 24
L1
R1(config-route)#network
S1
To trouble shooting
20.1.1.140 / 26
L1
128. O
OSPF route
20.0.0.128 /
26
Classless
[110 / 65]
Metric [cost]
Administrative distance
R# Show ip router ospf
Display only ospf routers
R# Show ip ospf neighbor
Display neighbor table & it contain
R# Show ip ospf database
Display database table
R# Debug ip ospf adj
Display ospf adjacency
131. Enhanced Interior Gateway
Routing Protocol ( OSPF )
Hybrid protocol
Administrative distance 90
Classless protocol
Cisco proprietary protocol
It uses bandwidth, delay, reliability, Loading & MTU to
calculate Metric Value.
It uses for unequal cost load balancing.
It uses Multicast address 224.0.0.10 to send updates
It uses autonomous system numbers
132. It maintain three types of tables
o Routing table [ Successor path ]
o Neighbor table
o Topology table [ Successor & Feasible successor path]
133. EIGRP Configuration
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
200.100.10.1 / 24
S0
L1
30 Autonomous number must same
R1(config)#router eigrp 30
R1(config-route)#network
10.0.0.0
R1(config-route)#network
172.168.0.0
R1(config-route)#network
200.100.0.0
R1(config-route)#network no auto-summary
30 Autonomous number must same
R2(config)#router eigrp 30
R2(config-route)#network 10.0.0.0
R2(config-route)#network
172.168.0.0
R2(config-route)#network
200.100.0.0
R1(config-route)#network no auto-summary
R1#show ip route eigrp
S1
200.100.10.1 / 24
150.50.1.1 / 16
R2
20.1.1.140 / 26
L1
134. D
20.1.1.128 /
26
[ 90 / 26903010 ]
EIGRP route
R# Show shooting
Trouble ip eigrp neighbor
Display eigrp neighbor table
R# Show ip eigrp topology
Display eigrp topology table
R# Show debug eigrp neighbor
135. Adjacency process
RIP
EIGRP
RIP / EIGRP timer
Update timer
30s
90s
Invalid timer
Time taken to identify invalid network
90s
270s
Flush timer
Time taken to remove invalid network form
routing table
240s
630s
Hold down timer
Same as flush timer
240s
280s
136. Routing loop
Distance vector routing protocol subject of routing
loop.
There are 3 ways to avoid the routing loops.
o Split Horizon
o Route poisoning
o Hold down
137. Split horizon
Split horizon says don’t send update to same interface.
That is where the updates is originated.
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
L1
S1
200.100.10.1 / 24
S0
blocked
200.100.10.1 / 24
Update
200.00.10.0
10.0.0.0
172.16.0.0
150.50.1.1 / 16
R2
20.1.1.140 / 26
L1
138. Routing poisoning
If the network is failed change the metric value to
unreachable value.
Before network fails
Routing table
R 172.16.0.0 / 16 [120/1]
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
Fail
L1
200.100.10.1 / 24
S0
S1
150.50.1.1 / 16
R2
200.100.10.1 / 24
20.1.1.140 / 26
L1
After network fails
Routing table
R 172.16.0.0 / 16 [120/26]
139. Hold-Down
If the network is failed, remove the entry from routing
table.
Before network fails
Routing table
R 172.16.0.0 / 16 [120/1]
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
Fail
L1
200.100.10.1 / 24
S0
S1
150.50.1.1 / 16
R2
200.100.10.1 / 24
20.1.1.140 / 26
L1
After network fails
Routing table
No entry for network
172.16.0.0
140. Passive Interface
Command
This command is used to control the routing updates.
Before network fails
Routing table
R 172.16.0.0 / 16 [120/1]
L0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
Fail
L1
200.100.10.1 / 24
S0
S1
150.50.1.1 / 16
R2
200.100.10.1 / 24
20.1.1.140 / 26
L1
After network fails
Routing table
No entry for network
172.16.0.0
R1(config)#router rip
R1(config-router)#passive-interface serial 0
141. Bandwidth Command
Specify the bandwidth to the Interface serial 0. by
default serial interface bandwidth is T1 speed
(1.54Mbps).
Define the speed 128kbps to the interface serial 0
L0
10.1.1.1 / 8
R1
172.16.10.9. / 30
128kbps
200.100.10.1 / 24
S0
L1
L0
S1
200.100.10.1 / 24
R1(config)#interface serial 0
R1(config-if)#bandwidth 128000
128kbps
150.50.1.1 / 16
R2
20.1.1.140 / 26
L1
142.
143. Backup and Restore the
IOS and Configuration file
Before you upgrade or restore a IOS and
configuration file, you should copy the existing file to
a TFTP host as a backup in case the new file does
not work.
You can use any TFTP host to perform this function.
By default the Flash memory is a router is use to
store the IOS and NVRAM is used to store the
Configuration file.
145. Considerations
o Check the physical connectivity between router
and TFTP server[Ping, show ip interface brief].
o Document the IOS image file name.
o Verify the hard disk capacity of TFTP server.
o Verify the flash memory capacity [show flash].
146. IOS Backup
R1#copy flash tftp
Remote host name(or)IP address? 10.1.1.2
[TFTP server IP address]
Source file name. C2500.121.10.bin
Destination file name and then Enter.
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!1!
[Output cut]
Upload to server done
Flash copy took 00:10:30[hh:mm:ss]
147. Restore and Upgrade IOS
Router #copy tftp flash
****NOTICE****
Flash loader helper v1.0
This process will accept the copy option and then terminate
The current system image to use the ROM based image for the copy
Router functionality will not be available during that time
If you are logged in via telnet this connection will terminate
Users with console access can see the results of the copy
operation
---***--Proceed? [Confirm] Press Enter
148. Remote host name (or) IP Address? 10.1.1.2
[TFTP server IP address]
source file name? C2500.1251.jas10.bin
Destination file name. Enter
Erasing device
Eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee
Loading c2500-1251.jas10.bin from 10.1.1.2(via Ethernet)
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!![output cut]
[OK-735532/800526 bytes]
149. Backup configuration file
R1#copy start tftp
Address or name of remote host[]? 10.1.1.2
Destination filename[running-config]?R2
!!
501 bytes copied in 9.236sec (35bytes/sec)
150. Restore configuration file
R1#copy tftp start
Address or name of remote host[]? 10.1.1.2
Source filename[]? R2
Destination filename [running-config]? Enter
Accessing tftp://10.1.1.1/R2
Loading R2 from 10.1.1.1 (via Ethernet0):
!!
[OK-501/4096 byte]
501 byte copied in 3.200 sec (62 bytes/sec)
151. Cisco Discovery Protocol
( CDP )
This is used to collect the directly and remotely
connected Cisco devices information.
This is proprietary protocol designed by Cisco.
R1
128kbps
S0
200.100.10.1 / 24
S1
200.100.10.1/ 24
R2
152.
153. CDP timer
R# Show cdp
R# show cdp details
To see CDP details
Global CDP information
o Sending CDP packets every 60 seconds
o Sending a holdtime value of 180 seconds
154. Changing CDP Timer Value
R(config)# cdp timer 90
R(config)# cdp holdtime 240
Disable CDP under interface
R(config)#interface serial 0
R(config)#no cdp enable
155. Troubleshooting
commands
Show run Display the running-config file
Show start Display the startup-config file
Show version Display the IOS type and versions well as
the configuration
Show cdp neighbor Shows the directly connected neighbors and
the details about them
Show cdp neighbor detail Shows the IP address and IOS versions
and type and includes all of the
information from the show cdp neighbor
command
Ping Tests IP connectivity to a remote device
Trace or traceroute Tests the connection to a remote device and
shows the path it took through the internet
work to find the remote device
158. Access control list, gather basic statics on packet
flow and security policies can be implemented.
Sensitive devices can also be protected from
unauthorized access.
It is a basic Firewall.
It blocks unwanted incoming and outgoing traffic.
159. Access Control List
Standard
Access List
Extended
Access List
• It contain only the source IP
address in an IP packet to
filter the network.
• This is permits or denies an
entire suite of protocol.
• It contains source and
destination IP address,
protocol field in the network
layer header and port
number at the Transport
layer header.
• Range is 1 to 99.
• Range is 100 to 199.
160. Once you create an access list, you apply it to an
interface with either an Inbound or an Outbound list.
Inbound
Outbound
First packet are processed through the access
list and then routed to the destination.
First packets are routed to the outbound
interface and then processed through the
access list.
Inbound Access List
E1
PC1
Outbound Access List
E0
E1
PC2
PC1
E0
PC2
161. ACL Considerations
You can only assign one access list per interface, per control, or
per direction.
This means that if you are creating IP access lists, you can
only have one inbound access list and one.
Design your access list so that the more specific tests are at the
top of the access list.
Anytime a new list is added the bottom of the list.
You can’t remove one line from an access list.
By default end of the access list is deny all.
Create access lists and then apply them to an interface.
162. ACL Process
ACL always compared with each add every line of the access
list in sequential order that is it will always start with line 1, then
go to the line 2, then 3 and so on.
ACL compared lines one by one of the access list only until a
match is made. Once the packet is matched , a line of the
access list adds then does not compare next lines.
By default “deny” at the end of each access list. If a packet does
not match any lines in the access list, it will drop the packets.
163. Standard Access List
Standard ACL Lab
172.16.10.1/30
L0
R1
R2
200.100.10.1/24
S0
L1
S1
200.100.10.2/24
192.168.10.1/24
e0
192.168.10.3/24
Gateway 192.168.10.1
e0
10.1.1.1/30
Ethernet
pc1
192.168.10.2/24
Gateway 192.168.10.1
pc2
164. Block only packets from PC1 to Router R1.
o Source is PC1 [192.168.10.2]
o Destination is R1
o Define and apply close to destination router
R1 configuration
Define
R1(config)#access-list 10 deny 192.168.10.2
R1(config)#access-list 10 permit any
Apply
R1(config)#interface serial 0
R1(config-if)#ip access-group 10
Access-list number = 10
165. R1(config)#access-list 10 deny 192.168.102
R1(config)#access-list 10 permit any
R1(config)#interface serial 0
R1(config-if)#ip access group 10
R1#show access-list
Display all the access list configured on router
R1#show access-list 10 Display only access-list 10
R1#show ip interface
Display access list applied to an interface and
Inbound / Outbound
Pc1:/> Ping 200.100.10.1
Pc1:/> Ping 10.1.1.1
Pc1:/> Ping 172.16.10.1
0%
0%
0%
Pc1:/> Ping 200.100.10.1
Pc1:/> Ping 10.1.1.1
Pc1:/> Ping 172.16.10.1
100%
100%
100%
166. Remove the access-list
You can’t remove a single line from access list. If
you try to remove , it will remove entire access list
R1(config)#no access-list 10
167. Block only packets from 192.168.10.0/24 network
to router R1
o Source is 192.168.10.0/24
o Destination is Router R1
o Define and apply close to destination router
R1 configuration
Define
Source network
R1(config)#access-list 30 deny 192.168.10.0
R1(config)#access-list 30 permit any
Apply
R1(config)#interface serial 0
R1(config-if)#ip access-group 30
Wild card
0.0.0.255
170. Block only Telnet traffic from PC1 to router R1
loopback 0 interface.
o
o
o
o
o
Source is PC1 [192.168.10.2]
Destination is R1 loopback 0 172.16.10.1
Protocol is TCP
Service is Telnet and port is 23
Define and apply ACL to router R2
Command format
R(config)#Access-list [number][deny/permit][protocol][source][destination]eq[service name or port]
R2(config)#Access-list 101 deny tcp host 192.168.10.2 host 172.16.10.1 eq 23
171. R2(config)#access-list 101 deny tcp host 192.168.10.2 host
172.16.10.1 eq 23
R2(config)#access-list 101 permit ip any any
R2(config)#interface Ethernet 0
R2(config)#ip access-group 101
Access list 101 is applied to interface Ethernet 0 Inbound
Only telnet traffic is blocked from PC1 other traffics are permitted.
173. Block only networks 192.168.10.0/24 to access
WEB(WWW) traffic
o
o
o
o
Source is network 192.168.10.0/24
Destination is any
Protocol is TCP
Service and port number is WWW [80]
R1(config)#access-list 105 deny 192.168.10.0
R1(config)#access-list 105 permit ip any any
R1(config)#interface serial 0
R1(config-if)#ip access-group 105 in
PC1:>/telnet 072.16.10.1
……………..
Connection refused by host
0.0.0.255 any eq WWW
PC1:>/telnet 072.16.10.1
…………….
Connection refused by host
174.
175. WAN connectivity types
Dedicated line – Lease line and DSL
(Digital Subscriber Link)
Circuit switching – Dial up and ISDN (Integrated
System Digital Network )
Packet switching – Frame relay and X.25
Cell switching - ATM
177. High Density Controller ( HDLC
)
This is a Cisco proprietary protocol.
It is default encapsulation used by Cisco routers
over synchronous serial links.
HDLC is a point to point protocol used on leased
lines.
No authentication can be used with HDLC.
178. Point to Point Protocol
(PPP)
This is a data link protocol that can be used over
either asynchronous serial (dial up) or synchronous
serial (ISDN) media and that uses the LCP( Link
Control Protocol ) to build and maintain data link
connections.
PPP uses,
o Authentication
o Compression
o Multilink
o Error detection
Password Authentication Protocol (PAP)
Challenge Authentication Protocol (CHAP)
179. Password Authentication
Protocol (PAP)
This is less secure than CHAP.
Passwords are sent in a clear text and it is only
performed upon the initial link establishment.
When the PPP link is first established, the remote
node sends back to the sending router the user
name and password until authentication is
acknowledged.
180. Internet based leased line
172.16.10.1 S0
172.16.10.2 S0
Router A
(ISDN)
Router B
(Zoom)
E01.S0
1.4
1.1
5.4
5.1
1.3
1.2
5.3
5.2
181. For router A
#config t
(config)#int E 0
(config-if)#ip address 192.168.1.50
255.255.255.0
(config-if)#no shutdown
(config-if)#exit
(config)#int S 0
(config-if)#ip address 172.16.1.1
(config-if)#clock rate 56000
255.255.0.0
( for DCE )
(config-if)#bandwidth 64
(config-if)#no shut
(config-if)#exit
(config-if)#ip routing
(config-if)#ip route 192.168.5.0 255.255.255.0 172.16.1.2
(config-if)#int
S0
(config-if)#encapsulation ppp
(config-if)#ppp authentication PAP
(config-if)#ppp PAP sent-username password cisco
182. For router B
#config t
(config)#int E 0
(config-if)#ip address 172.168.5.50
255.255.255.0
(config-if)#no shutdown
(config-if)#exit
(config)#int S 0
(config-if)#ip address 172.16.1.1
(config-if)#clock rate 56000
255.255.0.0
( for DCE )
(config-if)#bandwidth 64
(config-if)#no shut
(config-if)#exit
(config-if)#ip routing
(config-if)#ip route 192.168.1.0 255.255.255.0 172.16.1.1
(config-if)#int
S0
(config-if)#encapsulation ppp
(config-if)#ppp authentication PAP
(config-if)#ppp PAP sent-username password cisco
183. Challenge Authentication
Protocol ( CHAP )
CHAP is use at the initial startup of a link and at periodic
checkup on the link to make sure the router is still
communicating with the same host.
After PPP finished its initial phase, local router sends a
challenge request to the remote device.
The remote device sends a value calculated using a oneway hash function called MD5.
The local router checks this hash value to make sure it
matches.
If the value don’t match, then the link immediately
terminates.
Passwords are sends in Encrypted format.
184. Internet based leased line
172.16.1.1 S0
172.16.10.2 S0
Router A
(ISDN)
Router B
(Zoom)
E01.S0
1.4
1.1
5.4
5.1
1.3
1.2
5.3
5.2
185. For router A
#config t
(config)#int E 0
(config-if)#ip address 192.168.1.50
255.255.255.0
(config-if)#no shutdown
(config-if)#exit
(config)#int S 0
(config-if)#ip address 172.16.1.1
(config-if)#clock rate 56000
255.255.0.0
( for DCE )
(config-if)#bandwidth 64
(config-if)#no shut
(config-if)#exit
(config-if)#ip routing
(config-if)#ip route 192.168.5.0 255.255.255.0 172.16.1.2
(config-if)#int
S0
(config-if)#encapsulation ppp
(config-if)#ppp authentication CHAP
(config-if)#ppp CHAP hostname zoom
(config-if)#ppp CHAP password cisco
186. For router B
#config t
(config)#int E 0
(config-if)#ip address 172.168.5.50
255.255.255.0
(config-if)#no shutdown
(config-if)#exit
(config)#int S 0
(config-if)#ip address 172.16.1.1
(config-if)#clock rate 56000
255.255.0.0
( for DCE )
(config-if)#bandwidth 64
(config-if)#no shut
(config-if)#exit
(config-if)#ip routing
(config-if)#ip route 192.168.1.0 255.255.255.0 172.16.1.1
(config-if)#int
S0
(config-if)#encapsulation ppp
(config-if)#ppp authentication CHAP
(config-if)#ppp CHAP hostname winsys
(config-if)#ppp CHAP password cisco
187. Integrated Service Digital
Network ( ISDN )
This is used in circuit switching WAN technology
and it is a synchronous serial line.
ISDN contain 2 channels.
o Channel D – Establish the link
o Channel B – Carry the data
188. Benefits of ISDN
Can carry voice, video and data simultaneously.
Has faster call setup than modem.
Has faster data rates than modem connection.
Used as a backup line.
Used for voice conference.
Used for Small office and Home office (SOHO).
189. Types of ISDN lines
Basic Rate Interface ( BRI )
Primary Rate Interface ( PRI )
190. Basic Rate Interface ( BRI
)
BRI has two B-channel and one D-channel.
B-channel
+
D-channel
2 * 64kbps
+
1 * 16kbps
128kbps
+
16kbps
144kbps Total channel capacity
48kbps
Framing and Synchronization
192kbps Total Link Capacity
Maximum data transfer speed of ISDN BRI is 128kbps
191. Dial on Demand Routing
(DDR)
This is used to allow 2 or more Cisco routers to dial an
ISDN dial-up connection on an as needed basis.
This is only used for low-volume, periodic network
connections using either a Public Switch Telephone
Network ( PSTN ) or ISDN.
This was designed to reduce WAN cost if you have to
pay on a per minute or per packet basis.
DDR works when a packet received on an Interface
meets the requirements of an access list defined by
administrator which defines interesting traffic.
192. How DDR works?
I.
Route to the destination network is determined.
II.
Interesting packets dictate a DDR cell.
III. Dialer information is looked up.
IV. Traffic is transmitted.
V.
Call is terminated when no more traffic is being
transmitted over a link and the idle-timeout periods
ends.
194. Troubleshooting commands
Router#show dialer
shows the number of times the dialer string
has been reached, the Idle-timeout values
of each B channel, the length of call, and
the name of the router to which the
interface is connected.
Router#show isdn active shows the number called and whether a call
is in progress
Router#show isdn status
shows if you are SPIDs are valid and if you
are connected and communicated with the
provider’s switch.
Router#show dialer
shows layer 3 to layer 2 mapping.
Router#debug dialer
shows you the call setup teardown procedures
Router#debug isdn q921
shows layer-2 processes (local router to
local switch)
Router#debug isdn q931
shows layer-3 processes (local router to
remote switch)
195. Multilink PPP
This is a specification that enables the bandwidth
aggregation of multiple B channels into one logical
pipe.
Its mission is comparable to that of Cisco’s BOD.
More specifically, the Multilink PPP feature provides
load-balancing functionality over multiple wide area
network (WAN) links, while providing multivendor
interoperability, packets fragmentation and proper
sequencing and load calculation on both inbound
and outbound traffic.
196. The command to enable PPP multilink
Router A (config-if)#ppp multilink
Router A (config-if)#dialer load threshold 50 either
201. Frame Relay
This is a connection-oriented, layer 2 networking technology.
It operates at speeds from 56kbps to 45Mbps.
This is very flexible and offers a wide array of deployment options.
This operates statistically multiplexing multiple data streams over a
single physical link.
Each data stream is known as a Virtual Circuit
( VC ).
202. VC Flavors
Permanent (PVC)
Switched (SVC)
Implies, permanent, nailed up
circuits
A data connection is made
only when there is traffic to
send across the link
Don’t tear down or reestablish
dynamically
Establish dynamically and can
reroute around the network
203. Each VC tagged with and identifier to keep it unique.
This identifier known as a Data Link Connection Identifier (
DLCI ) is determined on a per-leg basis during the
transmission.
In other word it is locally significant.
It must be unique and agreed upon by 2 adjacent frame relay
devices.
As long as the 2 agree, the value can be any valid number, and
the number doesn’t have to be the same end to end (from
router to router across a Telco Network).
204. Valid DLCI numbers are 16-1007.
For DLCI purposes, 0-15 is reserved, as are 1008-1023.
The DLCI also defines the logical connection between the
Frame Relay (FR) switch and the customer premises
equipment (CPE).
205. Data Link Connection
Identifiers ( DLCI )
Frame Relay virtual circuits (PVC) are identified by the DLCIs.
A FR service providers such as telephone company, typically
assigns DLCI values which are used by FR to distinguish
between different virtual circuits on the network.
Because many virtual circuits can be terminated on one
multipoint FR interface, many DLCIs are often affiliated with it.
DLCI locally significant to the router.
This is used to identify the connectivity between local router and
local switch.
206. Frame Relay
Encapsulation
To enable FR on the interface, simply issue the
command encapsulation frame relay.
There are 2 types of Frame Relay Encapsulation.
Cisco – both are cisco routers
IETF – one end is non cisco router
207. Local Management Interface
( LMI )
This is a signaling standard between a CPE device (router) and a
frame switch.
The LMI is responsible for managing and maintaining status
between these devices.
LMI messages provide information about,
Keepalives – Verify data is flowing
Multicasting – Provides a local DLCI PVC
Multicast addressing – Provides DLCI status
Status of virtual circuits – Provides DLCI status
Router A(config-if)#frame-relay Imi-type?
Cisco ansi q933a
208. Committed Information Rate
( CIR )
This means, the average rate you want to
transmit.
Generally this is not the same as the CIR provides
by the Telco.
this is amount you want to send on periods of no
congestion.
CIR defines Bits per seconds.
