introduction to networking · introduction to networking communication modes 1. simplex (one way...
TRANSCRIPT
Page | 1
MODULE 1
INTRODUCTION TO NETWORKING
COMMUNICATION MODES
1. Simplex (one way communication)
2. Half Duplex (two way communication but not simultaneously)
3. Full Duplex (two way communication simultaneously)
Duplex and Speed Mismatch Issue
This issue creates if any switch and NIC not have the same setting, due to this packets
starts to drops.
Syntax:
Switch (config) #int fa0/1
Switch (config-if) #duplex full
Switch (config-if) #speed 100
Manufacturing Terms of Cisco
EOS (End of sale)
It is use for such product whose manufacturing become terminates, but is warranty is
valid due to sold in market before.
EOL (End of life)
It is use for such product whose manufacturing as well as warranty become stop. So the
Cisco does not support such device and consider as garbage.
IOS (Internetwork operating system
It is the operating system use by router or layer-3 switches.
Examples: version 12.3, 12.2, 12.1, 12.0, 11.3
SWITCH
It is a device use for networking (LAN), they based on specific chip that is represented
by ASIC (Application specific Integrated chip).
Page | 2
Modular Switch
Such switches in which we can add the additional cards when need.
Layer-2 Switches
Such switches which only do switching.
Examples: (CISCO Express 500) and (CISCO Catalyst 2940, 2950, 2960 series).
Layer-3 Switches
Such switches which can do switching as well as routing.
Example: (CISCO Catalyst 3550, 360, 370, 4500, 6500 Series).
ROUTER
It is a internetworking device (WAN), they based on microprocessor.
Cisco Switch And Router Hardware Components
1) RAM 2) NVRAM 3) FLASH 4) ROM
RAM
It is such memory where the running configuration (user configuration) exists.
NVRAM
It is such memory where the data stored permanently and this configured data is refer by
the term “start-up-configuration”.
FLASH
It is such memory where the IOS present and here the data also present permanently.
ROM
It is such memory where all modes of switch or router exist, these modes called the ROM
monitor mode; they come after the IOS load.
Page | 3
Switches and Router Boot Sequence
At Post point, the hardware is check.
At Flash point, IOS files or IOS check.
LAN (Local Area Network)
It is network, which is made under the close boundary. Like within a building or any
campus.
For connecting big LAN we can also use router.
WAN (Wide Area Network)
It actually made to cover the large geographical area. E.g. network between two different
buildings in the same town or city.
Network Design
Techniques
1. Distributed Networks: complete data resources reside on different branches. It is
costly and more hardware is use.
2. Centralized Network: complete data is stored in one place and all branches access
these resources. Highly dependable on WAN.
Page | 4
There should be multiple data centers for easy data recovery
There should be multiple backup links to reduce single point of failure.
Network Media
1. Guided media: Wired network.
Examples are coaxial, UTP, STP, Fiber optic cable
2. Un-guided media: Wireless network.
Coaxial cable types
Thick net 500m.
Thin net 185m.
Maximum bandwidth in coaxial cable is 10Mbps.
It is used in bus topology.
EMI: electromagnetic interference occurs in the cable when electron passes
through.
UTP (Unshielded Twisted pair cable)
It has eight wires, they are twisted with one another in a pair due to minimize of EMI,
and their wires have external coating.
Max distance in UTP is 100m.
UTP categorization
CAT 1: use only for voice
CAT 2: use only for voice
CAT 3: support data and voice
CAT 4: data and voice, 4Mbps
CAT 5: data and voice, 100Mbps
CAT 5E / 6: 1000Mbps or up to 1Gbps
Methods to make network with UTP cable
Straight UTP method
Use to connect different devices.
Cross UTP method:
Use to connect similar devices
Page | 5
STP (shielded twisted pair cable)
It has extra insulation
It is use in special cases where EMI is more as in factories.
Fiber optic cables
It support larger distances.
It has no electro magnetic radiation.
There are two categories of fiber optic cables
1. Multimode fiber (MM)
2. Single mode fiber (SM)
Single mode fiber
LASER is used to inject the light in this mode of fiber.
Data rate is up to 40Gbps on LAN and it may go to 100Gbps in future.
If we are using 10Gbps in single mode fiber than distance is more than 1km.
It is expensive.
Multimode fiber
LED is used to inject the light In multimode fiber.
Number of light rays is passing through reflection process in this mode of fiber.
Data rate is up to 10Gbps in multimode fiber.
Distance is 500m
Network topologies
Star topology
Each device is connected to a central device which is a switch/hub.
Switch is commonly used because it is an intelligent device as compare to hub.
Also switch is a configurable device. Through switch we can manage whole
network.
Star topology is also called hub and spoke topology
The PCs are connected to the central device through a cable normally UTP but we
may use fiber optic etc.
This is the topology which is used nowadays.
Page | 6
Bus topology
Co-axial cable is used to connect the devices. The data rate of this cable is
10Mbps.
There is a single point of failure means if any one cable is broken then whole
network would be down.
It transmits the electrical signal from one end of a cable to the other end of a cable
This topology obsolete in early 90s.
10base2 network uses a bus topology
10baseT using hub network uses a bus topology
10baseT using switch network is a star topology
Ring topology
This topology is used by IBM machines to communicate between them.
Each device is connected directly to others so that the signal is repeated in one
direction, creating ring or loop.
There is a network interface card used called token ring NIC.
An empty token is passed from one PC to another in clockwise direction. if any
PC wants to send the data, it will grab the data, inject the data and then forward
the token.
The cable used for communication is called Shielded twisted pair (STP).
Disadvantages:
This topology is very slow.
There is a single point of failure.
There is no centralized management.
Full Mesh topology
It means that all the respective nodes in the network have a direct connection.
It is more reliable due to having more paths.
Database server needs more reliability, therefore it is recommended for it.
Disadvantages:
It is very complex to make mesh topology and also cost is very high.
Partial Mesh topology
In this topology some of the nodes in the network have a direct connection but
others do not.
It is very close to mesh topology.
Page | 7
ETHERNET
It is an IEEE standard for LAN. Also known as 802.3
Classification of Ethernet
1. 10base2: bus topology, coaxial cable, thin net, 10Mbps, 185 km
2. 10base5: bus topology, coaxial cable, thick net, 10Mbps, and 500km
3. 10baseT (Ethernet): star topology, UTP, cat 5, 100m, 10Mbps
4. 100baseT (Fast Ethernet): star topology, UTP, cat 5e/6, 100m, 10Mbps
5. Gigabit Ethernet: Star topology, UTP cat 6, 100m, and 1000Mpbs.
6. 10 Gigabit Ethernet: Star topology, UTP Cat 6a/fiber optic.
OSI Reference Model
This model was established in 1970 by ISO. It is data communication model.
It is logical and conceptual model.
This model has 7 layers:
1. Application Layer
2. Presentation Layer
3. Session Layer
4. Transport Layer
5. Network Layer
6. Data link Layer
7. Physical Layer
1) Application Layer
Deals with the communication of software on different machines.
For example: HTTP, FTP, SMTP, Telnet and DNS servers, all operating systems,
web browsers, communication software (messengers, Skype etc).
2) Presentation Layer
Three activities are taking place at this layer:
1) Encryption: The process of converting the plain text in to cipher text for data
confidentiality is called encryption. i.e. DES, 3DES and AES
2) Translation: Coverts protocol from one form to other. Like IPX to IP and vise
versa.
3) Compression: It simply works with the compression of data like win zip.
Page | 8
3) Session Layer
A time period in which two machines communicate is called a session.
This layer deals with:
Session establishment: To establish a session before data communication.
Session management: To manage the session throughout the communication.
Session termination: To manually terminate the session or there is a network
down.
4) Transport Layer
It uses protocols to transfer data from one machine to another machine.
Two protocols work on this layer, TCP/IP and UDP.
TCP/IP (Transmission control protocol/Internet protocol)
It provides error recovery.
It relies on IP for end-to-end delivery of data, including routing issues.
Functions of TCP/IP
1. Multiplexing using port number
TCP identifies applications by their port numbers.
Multiplexing relies on the use of a concept called a socket
Socket consist of three things
1. IP address
2. Transport protocol (TCP or UDP)
3. Port number
Multiplexing helps in running multiple applications on a machine. PC keeps every
application separate and transfers data accordingly.
Every application and protocol has port number.
Port number identifies data that which application this data belong to.
Like:
Telnet 23
SMTP 25
HTTP 80
HTTPS 443
DNS 53
Range of Port number is 1 – 65536.
1 – 1024 are already assigned.
Page | 9
2. Error recovery
TCP numbers data bytes using the sequence and acknowledgement fields in the
tcp header
TCP sends data in sequence
Sender also sends re-transmission timer.
3. Flow control using Windowing
TCP implements flow control by taking advantage of sequence and
acknowledgement fields in the TCP header.
Window size is the number of packets sent before getting acknowledgement.
It starts with smaller size of window than gradually increases until some error
occurs.
UDP (user data gram protocol)
It is connection less protocol.
It also works at transport layer.
It does not do any error recovery thus it takes less bandwidth.
It perform
Data transfer
Data segmentation
Multiplexing using port numbers
5) Network Layer
It deals with the function of path selection and logical addressing
The protocols use are:
IP (internet protocol) in TCP/IP
IPX in Novell
DDR in AppleTalk
Every network and host has IP address.
IP define three different network classes:
Class A 1-126
Class B 128-191
Class C 192-223
Router works on this layer
Page | 10
6) Data Link Layer
This layer is divided into two sub-layers
LLC Sub-layer: it create link between network and data link layer. For
example ARP.
Mac Sub-layer: it deals with error detection, addressing and orderly
delivery of frames.
Addressing: In many networks more than two devices are attached to the same
physical network.
Data link layer defines addresses to make sure that correct device listen and
receive data.
In Ethernet data link layer uses Media Access Control (MAC) address.
It is 48-bit long address.
It also performs error detection.
It put a field of FCS (frame check sequence) in a frame. This field holds the value
of CRC (cyclical redundancy check) algorithm.
This CRC value is calculated by mathematical formula applied on data in the
frame.
Same value in generated on destination, if values are same than there is no error.
It does not perform error recovery only error detection
7) Physical layer
It is pure hardware layer of OSI model.
On this layer frame is converted into bits.
Hubs, repeaters and all cables work on this layer.
Data on different layers
Data on Transport layer is called a segment.
Data on Network layer is called a packet.
Data on Data link layer is called a frame.
Data on Physical layer is converted into bits.
Page | 11
MODULE 2
SWITCHING
Cisco Switches Series
Layer 2 switches
Cisco express 500 series
Cisco catalyst 2940 series
Cisco catalyst 2950 series
Cisco catalyst 2960 series
Layer 3 switches or multilayer switches
Cisco catalyst 3550 series
Cisco catalyst 3600 series
Cisco catalyst 3700 series
Cisco catalyst 4500 series
Cisco catalyst 6500 series
Cisco catalyst 4500 and 6500 are called modular or core switches. In these switches we
can add the additional cards.
Layer 2 switches can only do switching while layer 3 switches can do switching as well
as routing.
CISCO SWITCH AND ROUTER HARDWARE COMPONENTS
The following are the components which exist in both switch and router.
1) RAM
It is such a location or memory where the running configuration or unsaved configuration
exists.
This memory is called RAM of Cisco router and switch.
To see running configuration the syntax is:
#show running-configuration
2) NV-RAM (Non-volatile RAM)
It is such memory where data stored permanently and this configured data is
called start up configuration.
Syntax is: #show startup-configuration
Page | 12
To save the running configuration, the syntax is:
#copy running-configuration startup-configuration
3) FLASH
This is such a memory where IOS (internetwork operating system) is present and
the data also present permanently.
4) ROM
It is such a memory where all modes of switch/router exist, these modes are called
ROM monitor mode. They come after IOS load.
HOW SWITCH WORKS
Each and every switch creates a table in start called MAC address table or
forwarding data base.
At the power on the initial mac table is empty.
When the mac table is empty, the frame coming to the switch would be broadcast
by switch.
The mac addresses are bonded with respect to port numbers.
When the mac table is filled with source and destination mac addresses, now the
switch will not broadcast because the switch is an intelligent device and it
understands the mac addresses.
A switch can learn multiple mac addresses on its single port.
SWITCH TECHNOLOGIES
Switches work in different Technologies. These are as under:
Store and Forward
In this mode switch stores frame in its RAM.
Then Switch applies the CRC functionality for checking error. When no error
found, it forwards to the destination.
All of Cisco Switches work on store and forward mode. In store and forward
mode switch latency (delay) is depends on the size of frame.
Cut Through
In this mode latency does not depend on frame size, because it does not store
frame but forward it after seeing the MAC address.
It does not perform error detection.
Page | 13
Fragment Free
In this mode switch checks first 64 bytes of a frame. The CRC field also exist in
this part of a frame, thus check out for any error.
Latency is not dependent on the size of frame.
Cisco 1900 series switches use this technology.
REDUNDENT TOPOLOGY
In this topology there is a backup link so that if one link fails than other is
activated. Such switching network that has the backup path for data transmission
is called redundant links.
This topology has some issues due to switching loop, which are as under:
Broadcast Storming
When the destination host frame not found by the switch, so the switch start
broadcast.
Network become down and frame transmission start in looping.
Multiple Frame Copy
Frame first arrived will copy and then second time discarded.
Response on other hosts becomes slow due to multi frame discarded.
MAC Database instability
Instable database created due to learning of same MAC address by its multi ports.
These all issues actually concern with the non-manageable switch but can over come by
the manageable switch, by the use of protocols.
Page | 14
SPANNING TREE PROTOCOL (STP)
It is an open standard of IEEE. Code 802.1d
This protocol works on the data link layer of OSI reference model.
This protocol is used to prevent the switching loops.
It is by default enable on Cisco Switches.
STP Operation rules
1. There is only one Root Bridge per network.
2. There is only one root port per Non-root Bridge.
3. Non-designated ports are un-used
4. There should be at least one designated port per link.
Root Bridge
Root Bridge is the master switch and controls all the STP operation.
All other switches are non-root bridges and they use the best path.
All the ports are designated and act in forward state.
Page | 15
Root Bridge Selection Process
Switch of the lowest bridge ID throughout the switch network.
Bridge ID
Combination of bridge priority and Mac address of a switch is called Bridge ID.
Bridge Priority
All the Cisco switches have default priority value of 32768.
MAC address
It is physical address of 24-bits.eg, (01c0.1111.0000)
Root bridge decision first make at the lowest bridge priority of bridge ID
If the Priority is same as normally happened. So the root bridge decision goes at
the lowest Mac address values for example (01c0.1111.1111 < 01c0.111.222)
Root Port
It is such port that connects Non-root Bridge to the root bridge.
There is only one root port presents in Non-root Bridge. All others are non-root
ports.
Non-Root port
All other ports except one root port in Non-root Bridge are non-root ports.
Non-designated ports can‟t forward packet. Can receive or listen packet.
Page | 16
Bridge Protocol Data Unit (BPDU)
It is the packet of information, exchange by the neighboring switch after each
2secs.
Tell about which link become block and in replace which become active.
Root Port Selection Criteria
First select at lowest cost
Cost same then select at Port ID e.g. (fa0/0 < fa0/1)
PORT COST STANDARD OF IEEE
Standard relation of cost with bandwidth is given below:
Cost Bandwidth
100 10Mbps
19 100Mbps
04 1Gbps
02 10Gbps
Spanning-tree Port States
Initially all the switch ports are blocked
After power on the switch remain in the block states for 20Sec.
After blocking state come into listening state.
Next only the designated ports come in learning state.
Now the forwarding state comes in up/active.
Listening State
Here the port receives the BPDU and decided the port nature also called discarding state.
Learning State
Here the port can receive and send and also the switch built the MAC table. Forwarding
delay Time taken by port in shifting from one state to other.
Page | 17
STP Convergence Time
STP changes port in block state to forward state after 50 sec.
Cisco STP Features
In order to reduce the Convergence time, Cisco also made some features around 1990.
They are only applicable on all Cisco switches in the network. These are as under:
Spanning Tree Port Fast
STP mark all ports as designated which connect with the H-device (Pc)
Syntax:
Switch (config)# int fa0/1
Switch (config-if)#spanning tree port fast
Spanning Tree Up-link Fast
This is used only on the non-root bridge, such that where two ports are connected with
the root bridge, and by this switch keep in knowledge that which port can become the
root port of non-root bridge, and hence switch not take time to perform the recalculation
process when the root port become down.
Syntax:
Switch (config-if)#spanning tree uplink fast
Page | 18
Spanning Tree Backbone Fast
This is use for the detection of indirect failure means, if the root port link not become
down but the link break due to any other switch in the network. In this case if any non-
indirect failure occur so the switch send the special BPDU called “infinity BPDU” to it‟s
active link switch.
Syntax: Switch (config-if) #spanning tree backbone fast
Rapid Spanning Tree Protocol (RSTP)
It is an open Standard protocol of IEEE.
It is the first open standard to reduce the STP convergence time, made in 2003.
Represented by the code 802.1w
Although have the similarities to STP but also have some difference which are
following:
In RSTP the non-designated port of STP as alternate port.
RSTP calculates in advance but STP does this job when needed.
RSTP have only three port states not have block state as in STP.
RSTP quickly moves into other state after reading MAC in the learning state
where as STP keep remain in learning state till 15sec even read MAC in 2sec.
Page | 19
VLAN (VIRTUAL LOCAL AREA NETWORK)
It is such LAN by which we can create two or more separate logical-Area-
Network in a single Switch.
We can also give same IP to host in different V-lan, as they behave as separate
logical LAN or logical switches.
Broadcast Domain
At how many ports the broadcast would be received
All the ports of Switches are by default the part of vlan1.
All the port of Vlan should be access port means they exist in the access mode not
in trunk.
ADVANTAGES OF VLAN
It improves performance and speed of data transmission by reducing the size of
large broadcast
.
1. Broadcast Control: Large broadcast is divided into sub networks.
2. Security: One vlan‟s information can not transfer into another vlan.
3. Flexibility: Transfer of port from one vlan to another vlan through configuration.
INTER VLAN ROUTING
Inter VLAN routing is used for communication between different VLANs.
END TO END VLAN
The phenomena of communication two same or different Vlans exist on different
switches.
For the communication between two switches we us a trunk port.
Trunk Port
It is such port which carries the multiple Vlans traffic. It is not the part of any vlan.
Page | 20
TYPES OF VLAN
Static VLAN
This vlan is actually configured manually at each switch.
Syntax: switch (config) # vlan (any number)
Dynamic VLAN
These are such vlan which are configured by a server called VMPS (vlan management
policy server) in a large network environment and not need to create at each switch.
Benefit
You don‟t need to manually configure every time for access your vlan through out the
organization.
VLAN ENCAPSULATION PROTOCOL/ VLAN IDENTIFICATION
PROTOCOL/ VLAN TAGGING PROTOCOL
There are two protocols for encapsulation and tagging.
1. 802.1q(open standard)
2. ISL (CISCO propriety)
802.1q Standard
It is open standard as of IEEE, it use internal tagging process, this protocol is
actually enable by default at Cisco router.
ISL (Inter service link)
It is an external property as of Cisco itself.
It is external tagging process, it add the header of 26 bytes , it also used for trunk
port.
Note
At both the end the encapsulation protocol must be same, otherwise the line protocol not
up.
Page | 21
VTP (VLAN TRUNKING PROTOCOL)
It is open standard protocol, use for advertising the vlans informations throughout the
common administrative domain.
VTP MODES
There are three modes of VTP which are as following:
1) Server mode. 2) Client mode. 3) Transparent mode.
Server Mode
It is such mode where we can create, delete, modify and also synchronize the
Vlan information. vlan information is permanently save in flash memory.
Client mode
It is such mode in which we can‟t create, delete, modify the vlan information but
it can only synchronize and forward the vlan information.
Transparent mode
It is such mode where we can create, delete, modify the vlan information but it
can not synchronize but forward the information of vlan.
PORT SECURITY
When A port broadcast so the data will go to B as well as C port. The destination address
is B but C will also capture the data using the sniffer software, so to resolve this issue we
use switch. By using switch point to point communication is taking place between A&B.
But when the Mac table becomes full so the switch will broadcast the data.
MAC FLOODING ATTACK
It is such process which is used for hacking which becomes possible by the overflow the
MAC table; this process uses the software called the sniffer software. So to prevent the
switch by this attack we use the security feature called port security.
Sniffer Software
It is the software which is used by hacker for capturing the data in the plain text form.
Page | 22
Macof
It is term used for flooding the Mac table by sending 300 to 400 Mac addresses in 1sec.
Use of Port Security
One Mac address can permanently bind for any particular port, and we can also define
more than one Mac addresses by using different syntax.
We can also set any action with the port security .e.g. (shut down the pc) when port
security enable feature become active by any reason.
We configure the port security on the port which is connected to pc not on trunk port.
Restrict
When violation machine will not work but when we connect original machine it will
communicate and will generate a log value.
Shut down
When violated machine is connected to the port it would be shut down and when we
Connect the original machine so it will not work; now we will go to that interface and
write a command no shut.
Protect
Work is same as restrict but it will not generate a log value.
Switch# show port-security
Switch (config)#int fa 0/5
Switch (config-if)#switchport port-security
Switch (config-if)#switchport port-security maximum 1
Switch (config-if)#switchport port-security mac-address 01.c0.11.11.11.11
Page | 23
Wireless LAN (WLAN)
Modes of WLAN
1. Infra Structure Mode
There is a central device for example AP (Access Point). AP can connect to a switch with
cable.
2. Ad hoc Mode
There is no centralized device all PC‟s are connected together.
AP works in half duplex mode
Information Data Signal (Radio waves/ Electromagnetic waves)
Antenna Radio Electrical
FCC = Federal Communication Commission
ISM 2.4 GHz
UNII 5 GHz
UNII (Unlicensed National Information Infrastructure)
802.11 in 1997 2.4 GHz 2Mbps
802.11b in 1999 2.4GHz 11 Mbps
802.11a in 1999 5 GHz 54Mbps
802.11g in 2003 2.4GHz 54Mbps
802.11n 5GHz/2.4GHz 300Mbps
Bandwidth is shared on Access Point.
Page | 24
WLAN
Enterprise Class AP Consumer Class AP
Aironet (AP manufacturer) Linksys (bought by Cisco)
Cisco Aironet Series AP
1000 Series 1100 Series 1200 Series
Cisco 1250 Series AP (802.11n)
Radio Frequency Behavior
Reflection
Refraction
Scattering:
When waves strike with edgy material they become scattered.
Absorption: Water absorb the radio waves
Wireless LAN Security Issues
Passive Attacks
In which attacker steals information within the range of network.
War Driving Attacks
In which attacker only checks on different locations to find which services on
networks are available.
Active Attacks
In which attackers give some threat, or changes information
Page | 25
Wireless Security Solutions from IEEE
1. WEP (Wired Equivalent Privacy)
WEP
Encryption Authentication
RC4 Pre-shared keys password
2. WPA (WiFi Protected Access)
WPA
Encryption Authentication
TKIP (Temporal key Integrated Protocol) 802.1x
User use EAP (extensible authentication protocol) to authenticate on AP.
AP is using RADIUS to transfer authentication information from/to server.
RADIUS (Remote Access Dialing Users)
Authentication server form CISCO is called Cisco ACS.
3. 802.1I
WPA 2
Encryption Authentication
AES (Advance Encryption Standard) 802.1x
Page | 26
MODULE 3
IP ADDRESSING
It is network address used for the communication between the nodes at LAN as
well as WAN.
These addresses are assigning by the IANA (Internet assigned numbering
authority)
There are two types of IP addressing, IPV4 and IPV6.
IPV4 address
It is total 32 bits address scheme these bits are divided into four octets, this
address scheme has two segments or portions (Host and Network).
IPV4 address classes
This address is classified into the classes on the bases of network and host segment.
Class A
In this class the network segment have 8-bits and the host segments have24-bits.
Its range is from 01 up to 126 and total host exist 17millions.
Subnet mask is 255.0.0.0
Class B
In this class the each segment (host, network) have 16-bits.
Its range is from 128 up to 191 and total host exist 65,534.
Subnet mask is 255.255.0.0
Class C
In this class the network segment have 24-bits and host segment 16-bits.
Its range is from 192 up to 223 and total host exist 254.
Subnet mask is 255.255.255.0
Class D
It range is from 224 up to 239.
Class E
It range is from 240 up to 255.
Note: After the class E IPV4 addressing range become end, after that we use IPV6
addressing.
Page | 27
SUBNETTING
It is the process of dividing the single network ID into further various different
network IDs.
SUBNETMASK
It is the actually the group of network and host segment. It actually tells that how
many bits are used for network and how many bits are used for host.
VLSM (Variable length Sub netting masking)
It is the process of sub netting the subnets
IPv6 (IP version 6) Architecture
128 bits
Assigned in hexadecimal (0--F)
I Hexadecimal = 4 bits
10C0:00FD:09C5:C509:0000:0000:509F every field is of 16 bits.
Q) How to simplify this IP address?
Ans:
1) In IPv6 leading zeros can be eliminated e.g. 10C0: FD: 9C5:C509:0:0:0:509F
2) Consecutive zero field can be replaced by (::) but it can be used once in IPv6 address
e.g. 10C0: FD: 9C5:C509::509F
IPV6 ADDRESS TYPES
1) Unicast: One to one communication.
2) Multicast: one to many communication. There is no broadcast address IPv6
3) Any cast :
By using any cast multiple devices can share same IP address.
Router will forward the packet to nearest any cast IP.
Shared devices should have same application e.g. all application should be web
server/SMTP etc.
Page | 28
MODULE 4
ROUTING
Routing
Static Routing Dynamic Routing
Default Route: # Ip route 0.0.0.0 0.0.0.0
OR
#Ip route 0.0.0.0 0.0.0.0 s0/0
#show ip route
S* 0.0.0.0/0 s0/0
Class full routing protocol
They do not exchange subnet mask information with routing updates.
They assume that subnet mask is consistent throughout the network.
Class full routing only works when subnet mask is same over the network.
e.g. RIP and IGRP
Class less routing protocol They exchange subnet mask information with routing updates.
They support VLSM
e.g. EIGRP, OSPF ,RIP-VER2
Autonomous System Number
It is 16 bits number 0-65535
IANA defines the IP address and also autonomous system AS.
With respect to AS number there are two types of routing protocol.
1. Interior Routing Protocol
It works within same AS number.
Also called IGP (Interior Gateway Protocol)
Page | 29
2. Exterior Routing Protocol
Works with different AS number
Also called EGP (Exterior Gateway Protocol).e.g.BGP
With respect to technology there are 3 types of routing protocols.
Technology
Distance Vector Link State Hybrid
Distance Vector
They exchange complete routing tables with each other after periodic time period
E.g. RIP (30 sec) and IGRP (60 sec).
Distance vector protocols have only best route information to the destination.
If best path is down than they recalculate the best path.
Link State
Link state routing protocol only send routing updates whenever there is some change in
network topology.
They are less bandwidth consumer because they only send routing updates not the whole
routing table means they efficiently utilize the bandwidth.
These protocols have complete network topology information.
These protocols are more intelligent because they have all routes information to the
destination
E.g. OSPF, IS-IS.
Disadvantage: CPU and memory intensive.
Hybrid
It is a combination of both distance vector and link state.
RIP (Routing Information Protocol)
It is an open standard routing protocol.
It is a Class-full routing protocol.
The Administrative Distance of RIP = 120.
It is distance vector routing protocol.
This protocol works on „Bellman Ford Algorithm‟.
It calculate best path on the basis of hop counts: Min hops = best path
Page | 30
RIP can perform routing up to 15 hops.
RIP enable routers exchange complete routing table after 30 sec.
RIP can perform equal cost load balancing, by default 4 paths and maximum 6
paths.
RIP version 2
The features of RIPv2 are:
It is class-less routing protocol.
RIPv2 is authentication supported.
KHI (config)# router rip
KHI (config-router)# Network 10.0.0.0
KHI (config-router)# Network 11.0.0.0
LHR (config)# router rip
LHR (config-router)# Network 20.0.0.0
LHR (config-router)# Network 11.0.0.0
Page | 31
EIGRP (Enhanced Interior Gateway Routing Protocol)
This protocol is Cisco propriety.
It is Class-less routing protocol.
Administrative distance is 90.
It is interior gateway protocol means in same AS.
It is hybrid routing protocol.
It can support multiple network layer protocols, i.e. IP, IPX, Apple.
It can perform equal and unequal cost load balancing.
By default 4 paths and maximum of 6 paths
EIGRP uses an algorithm known as DUAL (Diffusion update algorithm).
DUAL is run over topology table and best paths are moved from topology table to
routing table.
By default best path selection on the basis of bandwidth and delay
Other parameters that EIGRP can use for best path selection are
o Reliability
o Load
o MTU
EIGRP TABLES
It creates 3 tables:
Neighbor table
Topology table
Routing table
Neighbor Table
In EIGRP directly connected routers maintain neighbor relationship.
They exchange „HELLO PACKETS‟ for maintaining the neighbor relationship.
Topology Table
This table contains the complete network information.
Router# show ip eigrp topology
Routing Table
This table contains the information of best route to the destination.
Router # show ip route
Page | 32
KHI (config)# router eigrp 50
KHI (config-router)# Network 10.0.0.0
KHI (config-router)# Network 11.0.0.0
LHR (config)# router eigrp 50
LHR (config-router)# Network 20.0.0.0
LHR (config-router)# Network 11.0.0.0
“50” is Autonomous system number. Two routers must be in same AS to communicate.
Protocol Dependent Module
If IP, IPx, Apple all are running at a time then this protocol will make different
tables for different operating systems.
Although IPx and Apple are not used nowadays.
OSPF (Open Shortest Path First)
It is Open standard routing protocol.
It is Link state routing protocol.
It is interior routing protocol.
Administrative distance= 110.
It is Class-less routing protocol.
OSPF enable routers can only perform Equal cost load balancing (by default 4
paths maximum 6 paths).
OSPF can only perform routing for IP networks.
It uses SPF (shortest path first) algorithm for calculation of best path.
There is no HOP limitation.
There is no periodic exchange of routing protocols.
When there is change in network then OSPF sends update packets called LSA
(link state advertisement).
For calculation of cost there is a formula :
Cost = 108
/ bandwidth
Page | 33
OSPF TABLES
1. Neighbor table.
2. Topology table
3. Routing table
Neighbor Table
It contains the information of directly connected routers just like eigrp.
Neighbor routers exchange HELLO PACKETS.
In OSPF neighbor table is also referred as „Adjancy database‟.
Router #show ip ospf neighbor
Topology Table
This table contains complete topology information.
In OSPF topology table is referred as „Link state database (LSDB)‟.
Router #show ip ospf database
Routing Table
This table contains the information of best routes to the destination.
In OSPF routing table is also referred as „forwarding database‟
Router #show ip route
In OSPF interfaces are refer as links
SPF algorithm applies on LSDB and best path moved in routing table.
OSPF Router ID
In OSPF every router is recognized by its router ID.
By default the highest IP address configured on any active interface of router will
become its router ID.
Let suppose Router ID is 192.168.0.1 goes down then next highest IP address
become router ID and when again 192.168.0.1 is up then it will become router ID.
Means when WAN is flipping then best practices is that we do not keep the
physical address as router ID so we make a logical address called loopback
address.
Router(config)# interface loopback 0
Router(config)# ip address 1.1.1.1 255.0.0.0
Router(config-if)# no shutdown
Now loopback address is router ID.
Page | 34
OSPF AREAS
Area 0 (zero) is called back bone area.
All other areas are called regular areas.
Every area should be directly connected with area 0.
Routers working in regular areas are called Internal Routers.
Routers in backbone area are called backbone router.
Area Border Router (ABR): Router which connect regular area to backbone area.
Page | 35
MODULE 5
SECURITY
ACCESS CONTROL LIST (ACL)
It is a security feature on a router.
You can control access between two different networks by the help of access
control list.
There are two types of ACL
1. Standard ACL
2. Extended ACL
Standard ACL
In this type of ACL traffic is flittered on the basis of source ip address
The range of standard ACL is from 1 – 99
There are two types of actions performed in this type of ACL:
1. Permit
2. Deny
Example
Router (config)# access-list 1 permit host 10.0.0.1
Router (config)# int fa0/0
Router (config)# ip access-group 1 in
These statements will permit host 10.0.0.1 to access Internet where as all other hosts
would be denied. This access list is applied on Fa0/0 inbound.
A single ACL can have multiple statement
If a packet does not match with any statement of ACL it will discard this packet
Default behavior of ACL is to discard anything that does not match ACL.
Default behavior = implicit deny
If a packet does match with ACL statement than this packet would not be
compared with other statements below in that ACL.
i.e. Router (config)# access-list 10 permit host 10.0.0.1
Router (config)# access-list 10 deny host 10.0.0.1
Page | 36
This ACL will not deny host 10.0.0.1 because it is permitted in first statement
Access list filter traffic from and to router but do not filter traffic originating from
router.
Most restrictive statement of ACL should be on top
Any for all destinations.
Any any for all sources and all destinations
One ACL can be applied at one interface and in one direction
Extended ACL
This type of ACL filters the traffic on the basis of
1. Source ip
2. Destination ip
3. Protocol
4. Port number
The range of this ACL is from 100 – 199.
Actions performed by this ACL are:
1. Permit
2. Deny
Direction of ACL
Inbound direction
Traffic entering from 10.2 than for e0 it is inbound and traffic coming from Internet
toward 10.2 than it is out bound for e0.
Wild card mask
It is opposite to subnet mask.
0 means check the corresponding bit value.
255 means do not check corresponding bit value.
Example of Extended ACL
Page | 37
Router (config)# Access-list 101 permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 80
Router (config)# Access-list 101 permit tcp 10.0.0.1 0.0.0.49 host 2.2.2.2 eq 25
Router (config)# Access-list 101 permit ip 10.0.0.51 0.0.0.49 any
Router (config)# Int fa 0/0
Router (config-int)# ip access-group 101 in
This will permit hosts from 10.0.0.1 to 10.0.0.50 to communicate pc 1.1.1.1 via tcp
protocol and Internet browser.
Named IP Access List
In this ACL names are used instead of numbers.
Named ip access list allows deleting individual entries from specific access list.
Same name for two lists cannot be used.
Example
Router (config)# ip access-list extended (or standard) cttc (any name)
Router (config-ext-nacl)# permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 80
Router (config-ext-nacl)# permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 25
Router (config-ext-nacl)# permit ip 10.0.0.51 0.0.0.49 any
Router (config)#int fa 0/0
Router (config-int)# ip access-group cttc in
Page | 38
NAT (NETWORK ADDRESS TRANSLATION) Translation of private ip to public ip address is called NAT.
Types of NAT
1. Dynamic NAT
We buy a pool of ip addresses e.g 1.1.1.1 to 1.1.1.64
2. Static NAT
In static NAT one public ip address is mapped on one private ip address.
We permanently bind one private ip to one public ip address
3. NAT Overload
This is also called Port Address Translation
It performs many to one translation
Source port number is randomly assigned and always greater than 1025.
1-1024 source port numbers are assigned to well define operations.
PAT can be configured on routers Microsoft Linux
We can configure dynamic NAT, Static NAT and NAT overload simultaneously
#show ip nat translation
Page | 39
VIRTUAL PRIVATE NETWORK (VPN)
VPN is a private network over a public network.
There are two types of VPN
1) Site to site VPN
2) Remote access VPN
Site to Site VPN
In this type of VPN we make a logical tunnel.
This VPN is Cost effective
Only problem is security because your data is in clear text form so any one/hacker
can capture your confidential data.
Remote Access VPN
It is use for Tele-worker.
IP Security VPN (IP SEC VPN)
It is an open standard protocol made by IETF (internet engg task force).
This works on network layer.
IP Sec is a framework of different algorithms and protocols means different
algorithms and protocols work together to built IP Sec.
IP SEC VPN Services
1) Data Confidentiality
Data confidentiality is achieved by help of encryption.
Encryption is of three types:
1. DES (Data Encryption Standard)
2. 3 DES (3 Data Encryption Standard)
3. AES (Advanced Encryption standard)
Page | 40
DES (Data Encryption Standard)
This standard is made by IBM.
There is a key used for encryption from plain text to cipher text which is of 56
bits.
This standard is breakable but high processing machine is needed for breaking the
encryption.
It is broken in 90s
Now the object of IBM was to secure DES .So they created new protocols called
3DES.
3DES (3 DATA ENCRYPTION STANDARD)
3 * DES = 3 * 56= 168 bit key
There is a 3 time encryption, therefore it is very strong.
This encryption standard is Unbreakable
If we use 3 DES, performance will decrease.
AES (ADVANCE ENCRYPTION STANDARD)
It is a standard of NIST (National Institute of Standards and Technologies).
1. 128 bits
2. 192 bits
3. 256 bits strongest
All the three standards are unbreakable
Page | 41
2) DATA INTEGRITY
Data integrity is achieved by an algorithm called HASHING.
HASHING ALGORITHM
MD-5 (Message Digest - 5) SHA-1 (Secure hashing
algorithm)
128 bit Hash 160 bits Hash
Strong but slow
3) PEER AUTHENTICATION
In peer authentication a Pre shared key is used called IKE (Internet Key
Exchange) protocol.
Legitimate peers can make VPN
If at both routers keys are same then VPN can be made.
IP SEC traffic cannot be transported through TCP/UDP because TCP/UDP
only contain IP traffic while IP SEC contain Encryption, security etc .
IP SEC uses its own transport protocols.
IP SEC TRANSPORT PROTOCOLS
ESP (Encapsulation Security Protocol)
Data confidentiality
Data integrity
Origin authentication
AH (Authentication Header)
Data confidentiality is not supported
Origin authentication and data integrity
Page | 42
MODULE 6
WIDE AREA NETWORK (WAN)
WAN is used to connect two or more LANs.
WAN Connection Types
1) Leased line/ Dedicated line
2) Circuit Switching
3) Packet Switching
Leased Line/dedicated line
It is Point to point or dedicated connection.
It is Synchronous link up to T3 (45mbps)
PPP and HDLC can frequently used
Advantages
There is a dedicated Bandwidth.
Security Service provider does not contain any layer 2 or 3 connection.
Disadvantages
It is Very costly due to dedicated bandwidth.
Circuit switching
In this type of switching, we can communicate through traditional phone lines.
No data is forwarded before an end-to-end connection is established.
Examples are PSTN and ISDN.
Advantage
It is Cost effective solution
Disadvantage
Bandwidth is very low.
Page | 43
Public Switched Telephone Network (PSTN)
It is same as Normal dial-up connection.
Speed is very low e.g.56kbps
Integrated Service Digital Network (ISDN)
It is a set of digital services that transmit voice and data over phone lines.
It is a cost effective solution and also speed is high than normal dial up
connection.
It is also good to use it as a back-up link for other types of links like frame
relay and T1 connection.
There are two types of ISDN.
o PRI (Primary rate interface)
o BRI (Basic rate interface)
Basic Rate Interface (PRI)
It contains 2B and 1D channel. B and D are logical channels.
B channel is used for voice and data both and D channel is used for signaling and
control.
B Channel bandwidth is 64kbps and D channel bandwidth is 16kbps.
Primary Rate Interface (PRI)
PRI is of two types e.g. E1 and T1.
E 1
It is used in Europe and rest of the world.
It contains 30 b and 1 d channel.
The bandwidth of B and D channel is 64kbps. It means the total bandwidth
provided by E1 is 2Mbps.
T 1
It is used in USA and Canada.
It contains 23B and 1D channel.
Page | 44
The bandwidth of B and D channel is 64 kbps. It means the total bandwidth
provided by T1 is 1.54 mbps.
WAN Encapsulation Protocols
The frame coming to router is LAN frame. Router removes the LAN header and adds
WAN header and forwards it on.
1) High Level Data link Connection Protocol(HDLC)
It is a WAN encapsulation protocol.
It works on Data link Layer.
It is by-default enable on Cisco routers.
This protocol is created by IBM.
It can be used only on Synchronous links.
There are two types of HDLC
Cisco HDLC
It is by default enable on Cisco routers.
It supports multiple network layer protocols.
It does not support open standard HDLC.
HDLC doesn‟t provide any authentication.
Open standard HDLC
Only supports single network layer protocol
It is open standard protocol.
If at both ends there are Cisco routers than use HDLC otherwise use PPP.
Page | 45
Point To Point Protocol (PPP)
It is open standard protocol.
It is WAN encapsulation protocol.
This protocol works on data link layer.
It can be used on both synchronous and asynchronous links.
Point to point protocol is of two types :
Network Control Protocol (NCP)
Supports multiple network layer protocols.
Link Control Protocol (LCP)
This protocol is responsible of PPP link establishment, management,
configuration and termination.
There is Error detection (CRC + Magic number).
Link compression and Authentication are optional parameters.
PPP Authentication
There are two types of PPP authentication:
1) Password authentication protocol (PAP)
2) Challenging handshake authentication protocol (CHAP)
Password Authentication Protocol (PAP)
1st router sends its password to 2
nd router and 2
nd router check it‟s on password. If
both passwords are same than line protocol is up.
Its disadvantage is that information sharing is in clear text.
Page | 46
Challenging Handshake Authentication Protocol (CHAP)
There is a 3-way handshaking concept.
1st router sends CHAP signal to 2
nd router which says thyat I want to
communicate to you, send your password.
2nd
router will send its password to 1st router in encrypted form.
1st router will check it‟s on password hash value.
If both hash values are same than line protocol is up.
There should be same password at both ends
Page | 47
Frame Relay
POP: Point of presence (Branches of service provider)
It is a Standard of ITU-T.
It works on data link layer of OSI reference model.
This is an example of packet switching.X.25,Frame relay,ATM
Frame relay is working from POP to customer.
Router of customer is called Frame relay router.
The device in POP is called Central office Switch (CO Switch).
It is cost effective b/c there is a bandwidth-sharing concept within the cloud
The aim of frame relay is to connect customer router to Point of presence (POP)
of service provider.
Frame service provider provides service 1 connectivity as well as layer 2
connectivity. For layer 2 connectivity we have to configure Frame Relay.
In case of frame relay, at layer 1 we can use any type of media.
Page | 48
Frame Relay Terminologies
CIR (Committed Interface Rate)
CIR is a minimum bandwidth that is guaranteed by service provider within a
cloud.
CIR is high. It means cost will be high.
Local Access Rate
It is the bandwidth through which we are connected to service provider pint of
presence.
LAR is always greater than are equal to CIR.
Data link connection identifier
It is the frame relay layer 2 addresses.
It is a 10-bit number
DLCI number is provided by service provider.
Same customer should have different DLCI number.
Different customer may have same DLCI number.
Page | 49
FRAME RELAY ADDRESS MAPPING
Let suppose CTTC Customer example to understand the mapping concept.
Mapping of CTTC router in Karachi for Lhore.
Mapping of CTTC router in Lhore for Karachi.
Page | 50
Local Management Interface (LMI)
It maintains the connection status b/w frame relay router and frame relay switch.
LMI Types
1. CISCO (Cisco propriety)
2. ITU-T (Open standard)
3. ANSI
LMI type should be same between switch and router to communicate.
You have to ask the service provider which LMI type you have configured
The LMI type of service provider & customer must be same otherwise link would
be down because line protocol not become up.
After version 11.3 of OSI, LMI type is auto detected.
LMI States
They help in troubleshooting by this we can see the segment status of Frame relay
Active state: means connection is OK
Deleted state: means there is a problem b/w your router and switch.
Inactive state: means there is a problem b/w remote end switch and remote end
router.