introduction to networking · introduction to networking communication modes 1. simplex (one way...

Page | 1

MODULE 1

INTRODUCTION TO NETWORKING

COMMUNICATION MODES

1. Simplex (one way communication)

2. Half Duplex (two way communication but not simultaneously)

3. Full Duplex (two way communication simultaneously)

Duplex and Speed Mismatch Issue

This issue creates if any switch and NIC not have the same setting, due to this packets

starts to drops.

Syntax:

Switch (config) #int fa0/1

Switch (config-if) #duplex full

Switch (config-if) #speed 100

Manufacturing Terms of Cisco

EOS (End of sale)

It is use for such product whose manufacturing become terminates, but is warranty is

valid due to sold in market before.

EOL (End of life)

It is use for such product whose manufacturing as well as warranty become stop. So the

Cisco does not support such device and consider as garbage.

IOS (Internetwork operating system

It is the operating system use by router or layer-3 switches.

Examples: version 12.3, 12.2, 12.1, 12.0, 11.3

SWITCH

It is a device use for networking (LAN), they based on specific chip that is represented

by ASIC (Application specific Integrated chip).

Page | 2

Modular Switch

Such switches in which we can add the additional cards when need.

Layer-2 Switches

Such switches which only do switching.

Examples: (CISCO Express 500) and (CISCO Catalyst 2940, 2950, 2960 series).

Layer-3 Switches

Such switches which can do switching as well as routing.

Example: (CISCO Catalyst 3550, 360, 370, 4500, 6500 Series).

ROUTER

It is a internetworking device (WAN), they based on microprocessor.

Cisco Switch And Router Hardware Components

1) RAM 2) NVRAM 3) FLASH 4) ROM

RAM

It is such memory where the running configuration (user configuration) exists.

NVRAM

It is such memory where the data stored permanently and this configured data is refer by

the term “start-up-configuration”.

FLASH

It is such memory where the IOS present and here the data also present permanently.

ROM

It is such memory where all modes of switch or router exist, these modes called the ROM

monitor mode; they come after the IOS load.

Page | 3

Switches and Router Boot Sequence

At Post point, the hardware is check.

At Flash point, IOS files or IOS check.

LAN (Local Area Network)

It is network, which is made under the close boundary. Like within a building or any

campus.

For connecting big LAN we can also use router.

WAN (Wide Area Network)

It actually made to cover the large geographical area. E.g. network between two different

buildings in the same town or city.

Network Design

Techniques

1. Distributed Networks: complete data resources reside on different branches. It is

costly and more hardware is use.

2. Centralized Network: complete data is stored in one place and all branches access

these resources. Highly dependable on WAN.

Page | 4

There should be multiple data centers for easy data recovery

There should be multiple backup links to reduce single point of failure.

Network Media

1. Guided media: Wired network.

Examples are coaxial, UTP, STP, Fiber optic cable

2. Un-guided media: Wireless network.

Coaxial cable types

Thick net 500m.

Thin net 185m.

Maximum bandwidth in coaxial cable is 10Mbps.

It is used in bus topology.

EMI: electromagnetic interference occurs in the cable when electron passes

through.

UTP (Unshielded Twisted pair cable)

It has eight wires, they are twisted with one another in a pair due to minimize of EMI,

and their wires have external coating.

Max distance in UTP is 100m.

UTP categorization

CAT 1: use only for voice

CAT 2: use only for voice

CAT 3: support data and voice

CAT 4: data and voice, 4Mbps

CAT 5: data and voice, 100Mbps

CAT 5E / 6: 1000Mbps or up to 1Gbps

Methods to make network with UTP cable

Straight UTP method

Use to connect different devices.

Cross UTP method:

Use to connect similar devices

Page | 5

STP (shielded twisted pair cable)

It has extra insulation

It is use in special cases where EMI is more as in factories.

Fiber optic cables

It support larger distances.

It has no electro magnetic radiation.

There are two categories of fiber optic cables

1. Multimode fiber (MM)

2. Single mode fiber (SM)

Single mode fiber

LASER is used to inject the light in this mode of fiber.

Data rate is up to 40Gbps on LAN and it may go to 100Gbps in future.

If we are using 10Gbps in single mode fiber than distance is more than 1km.

It is expensive.

Multimode fiber

LED is used to inject the light In multimode fiber.

Number of light rays is passing through reflection process in this mode of fiber.

Data rate is up to 10Gbps in multimode fiber.

Distance is 500m

Network topologies

Star topology

Each device is connected to a central device which is a switch/hub.

Switch is commonly used because it is an intelligent device as compare to hub.

Also switch is a configurable device. Through switch we can manage whole

network.

Star topology is also called hub and spoke topology

The PCs are connected to the central device through a cable normally UTP but we

may use fiber optic etc.

This is the topology which is used nowadays.

Page | 6

Bus topology

Co-axial cable is used to connect the devices. The data rate of this cable is

10Mbps.

There is a single point of failure means if any one cable is broken then whole

network would be down.

It transmits the electrical signal from one end of a cable to the other end of a cable

This topology obsolete in early 90s.

10base2 network uses a bus topology

10baseT using hub network uses a bus topology

10baseT using switch network is a star topology

Ring topology

This topology is used by IBM machines to communicate between them.

Each device is connected directly to others so that the signal is repeated in one

direction, creating ring or loop.

There is a network interface card used called token ring NIC.

An empty token is passed from one PC to another in clockwise direction. if any

PC wants to send the data, it will grab the data, inject the data and then forward

the token.

The cable used for communication is called Shielded twisted pair (STP).

Disadvantages:

This topology is very slow.

There is a single point of failure.

There is no centralized management.

Full Mesh topology

It means that all the respective nodes in the network have a direct connection.

It is more reliable due to having more paths.

Database server needs more reliability, therefore it is recommended for it.

Disadvantages:

It is very complex to make mesh topology and also cost is very high.

Partial Mesh topology

In this topology some of the nodes in the network have a direct connection but

others do not.

It is very close to mesh topology.

Page | 7

ETHERNET

It is an IEEE standard for LAN. Also known as 802.3

Classification of Ethernet

1. 10base2: bus topology, coaxial cable, thin net, 10Mbps, 185 km

2. 10base5: bus topology, coaxial cable, thick net, 10Mbps, and 500km

3. 10baseT (Ethernet): star topology, UTP, cat 5, 100m, 10Mbps

4. 100baseT (Fast Ethernet): star topology, UTP, cat 5e/6, 100m, 10Mbps

5. Gigabit Ethernet: Star topology, UTP cat 6, 100m, and 1000Mpbs.

6. 10 Gigabit Ethernet: Star topology, UTP Cat 6a/fiber optic.

OSI Reference Model

This model was established in 1970 by ISO. It is data communication model.

It is logical and conceptual model.

This model has 7 layers:

1. Application Layer

2. Presentation Layer

3. Session Layer

4. Transport Layer

5. Network Layer

6. Data link Layer

7. Physical Layer

1) Application Layer

Deals with the communication of software on different machines.

For example: HTTP, FTP, SMTP, Telnet and DNS servers, all operating systems,

web browsers, communication software (messengers, Skype etc).

2) Presentation Layer

Three activities are taking place at this layer:

1) Encryption: The process of converting the plain text in to cipher text for data

confidentiality is called encryption. i.e. DES, 3DES and AES

2) Translation: Coverts protocol from one form to other. Like IPX to IP and vise

versa.

3) Compression: It simply works with the compression of data like win zip.

Page | 8

3) Session Layer

A time period in which two machines communicate is called a session.

This layer deals with:

Session establishment: To establish a session before data communication.

Session management: To manage the session throughout the communication.

Session termination: To manually terminate the session or there is a network

down.

4) Transport Layer

It uses protocols to transfer data from one machine to another machine.

Two protocols work on this layer, TCP/IP and UDP.

TCP/IP (Transmission control protocol/Internet protocol)

It provides error recovery.

It relies on IP for end-to-end delivery of data, including routing issues.

Functions of TCP/IP

1. Multiplexing using port number

TCP identifies applications by their port numbers.

Multiplexing relies on the use of a concept called a socket

Socket consist of three things

1. IP address

2. Transport protocol (TCP or UDP)

3. Port number

Multiplexing helps in running multiple applications on a machine. PC keeps every

application separate and transfers data accordingly.

Every application and protocol has port number.

Port number identifies data that which application this data belong to.

Like:

Telnet 23

SMTP 25

HTTP 80

HTTPS 443

DNS 53

Range of Port number is 1 – 65536.

1 – 1024 are already assigned.

Page | 9

2. Error recovery

TCP numbers data bytes using the sequence and acknowledgement fields in the

tcp header

TCP sends data in sequence

Sender also sends re-transmission timer.

3. Flow control using Windowing

TCP implements flow control by taking advantage of sequence and

acknowledgement fields in the TCP header.

Window size is the number of packets sent before getting acknowledgement.

It starts with smaller size of window than gradually increases until some error

occurs.

UDP (user data gram protocol)

It is connection less protocol.

It also works at transport layer.

It does not do any error recovery thus it takes less bandwidth.

It perform

Data transfer

Data segmentation

Multiplexing using port numbers

5) Network Layer

It deals with the function of path selection and logical addressing

The protocols use are:

IP (internet protocol) in TCP/IP

IPX in Novell

DDR in AppleTalk

Every network and host has IP address.

IP define three different network classes:

Class A 1-126

Class B 128-191

Class C 192-223

Router works on this layer

Page | 10

6) Data Link Layer

This layer is divided into two sub-layers

LLC Sub-layer: it create link between network and data link layer. For

example ARP.

Mac Sub-layer: it deals with error detection, addressing and orderly

delivery of frames.

Addressing: In many networks more than two devices are attached to the same

physical network.

Data link layer defines addresses to make sure that correct device listen and

receive data.

In Ethernet data link layer uses Media Access Control (MAC) address.

It is 48-bit long address.

It also performs error detection.

It put a field of FCS (frame check sequence) in a frame. This field holds the value

of CRC (cyclical redundancy check) algorithm.

This CRC value is calculated by mathematical formula applied on data in the

frame.

Same value in generated on destination, if values are same than there is no error.

It does not perform error recovery only error detection

7) Physical layer

It is pure hardware layer of OSI model.

On this layer frame is converted into bits.

Hubs, repeaters and all cables work on this layer.

Data on different layers

Data on Transport layer is called a segment.

Data on Network layer is called a packet.

Data on Data link layer is called a frame.

Data on Physical layer is converted into bits.

Page | 11

MODULE 2

SWITCHING

Cisco Switches Series

Layer 2 switches

Cisco express 500 series

Cisco catalyst 2940 series



Layer 3 switches or multilayer switches






Cisco catalyst 4500 and 6500 are called modular or core switches. In these switches we

can add the additional cards.

Layer 2 switches can only do switching while layer 3 switches can do switching as well

as routing.

CISCO SWITCH AND ROUTER HARDWARE COMPONENTS

The following are the components which exist in both switch and router.

1) RAM

It is such a location or memory where the running configuration or unsaved configuration

exists.

This memory is called RAM of Cisco router and switch.

To see running configuration the syntax is:

#show running-configuration

2) NV-RAM (Non-volatile RAM)

It is such memory where data stored permanently and this configured data is

called start up configuration.

Syntax is: #show startup-configuration

Page | 12

To save the running configuration, the syntax is:

#copy running-configuration startup-configuration

3) FLASH

This is such a memory where IOS (internetwork operating system) is present and

the data also present permanently.

4) ROM

It is such a memory where all modes of switch/router exist, these modes are called

ROM monitor mode. They come after IOS load.

HOW SWITCH WORKS

Each and every switch creates a table in start called MAC address table or

forwarding data base.

At the power on the initial mac table is empty.

When the mac table is empty, the frame coming to the switch would be broadcast

by switch.

The mac addresses are bonded with respect to port numbers.

When the mac table is filled with source and destination mac addresses, now the

switch will not broadcast because the switch is an intelligent device and it

understands the mac addresses.

A switch can learn multiple mac addresses on its single port.

SWITCH TECHNOLOGIES

Switches work in different Technologies. These are as under:

Store and Forward

In this mode switch stores frame in its RAM.

Then Switch applies the CRC functionality for checking error. When no error

found, it forwards to the destination.

All of Cisco Switches work on store and forward mode. In store and forward

mode switch latency (delay) is depends on the size of frame.

Cut Through

In this mode latency does not depend on frame size, because it does not store

frame but forward it after seeing the MAC address.

It does not perform error detection.

Page | 13

Fragment Free

In this mode switch checks first 64 bytes of a frame. The CRC field also exist in

this part of a frame, thus check out for any error.

Latency is not dependent on the size of frame.

Cisco 1900 series switches use this technology.

REDUNDENT TOPOLOGY

In this topology there is a backup link so that if one link fails than other is

activated. Such switching network that has the backup path for data transmission

is called redundant links.

This topology has some issues due to switching loop, which are as under:

Broadcast Storming

When the destination host frame not found by the switch, so the switch start

broadcast.

Network become down and frame transmission start in looping.

Multiple Frame Copy

Frame first arrived will copy and then second time discarded.

Response on other hosts becomes slow due to multi frame discarded.

MAC Database instability

Instable database created due to learning of same MAC address by its multi ports.

These all issues actually concern with the non-manageable switch but can over come by

the manageable switch, by the use of protocols.

Page | 14

SPANNING TREE PROTOCOL (STP)

It is an open standard of IEEE. Code 802.1d

This protocol works on the data link layer of OSI reference model.

This protocol is used to prevent the switching loops.

It is by default enable on Cisco Switches.

STP Operation rules

1. There is only one Root Bridge per network.

2. There is only one root port per Non-root Bridge.

3. Non-designated ports are un-used

4. There should be at least one designated port per link.

Root Bridge

Root Bridge is the master switch and controls all the STP operation.

All other switches are non-root bridges and they use the best path.

All the ports are designated and act in forward state.

Page | 15

Root Bridge Selection Process

Switch of the lowest bridge ID throughout the switch network.

Bridge ID

Combination of bridge priority and Mac address of a switch is called Bridge ID.

Bridge Priority

All the Cisco switches have default priority value of 32768.

MAC address

It is physical address of 24-bits.eg, (01c0.1111.0000)

Root bridge decision first make at the lowest bridge priority of bridge ID

If the Priority is same as normally happened. So the root bridge decision goes at

the lowest Mac address values for example (01c0.1111.1111 < 01c0.111.222)

Root Port

It is such port that connects Non-root Bridge to the root bridge.

There is only one root port presents in Non-root Bridge. All others are non-root

ports.

Non-Root port

All other ports except one root port in Non-root Bridge are non-root ports.

Non-designated ports can‟t forward packet. Can receive or listen packet.

Page | 16

Bridge Protocol Data Unit (BPDU)

It is the packet of information, exchange by the neighboring switch after each

2secs.

Tell about which link become block and in replace which become active.

Root Port Selection Criteria

First select at lowest cost

Cost same then select at Port ID e.g. (fa0/0 < fa0/1)

PORT COST STANDARD OF IEEE

Standard relation of cost with bandwidth is given below:

Cost Bandwidth

100 10Mbps

19 100Mbps

04 1Gbps

02 10Gbps

Spanning-tree Port States

Initially all the switch ports are blocked

After power on the switch remain in the block states for 20Sec.

After blocking state come into listening state.

Next only the designated ports come in learning state.

Now the forwarding state comes in up/active.

Listening State

Here the port receives the BPDU and decided the port nature also called discarding state.

Learning State

Here the port can receive and send and also the switch built the MAC table. Forwarding

delay Time taken by port in shifting from one state to other.

Page | 17

STP Convergence Time

STP changes port in block state to forward state after 50 sec.

Cisco STP Features

In order to reduce the Convergence time, Cisco also made some features around 1990.

They are only applicable on all Cisco switches in the network. These are as under:

Spanning Tree Port Fast

STP mark all ports as designated which connect with the H-device (Pc)

Syntax:

Switch (config)# int fa0/1

Switch (config-if)#spanning tree port fast

Spanning Tree Up-link Fast

This is used only on the non-root bridge, such that where two ports are connected with

the root bridge, and by this switch keep in knowledge that which port can become the

root port of non-root bridge, and hence switch not take time to perform the recalculation

process when the root port become down.

Syntax:

Switch (config-if)#spanning tree uplink fast

Page | 18

Spanning Tree Backbone Fast

This is use for the detection of indirect failure means, if the root port link not become

down but the link break due to any other switch in the network. In this case if any non-

indirect failure occur so the switch send the special BPDU called “infinity BPDU” to it‟s

active link switch.

Syntax: Switch (config-if) #spanning tree backbone fast

Rapid Spanning Tree Protocol (RSTP)

It is an open Standard protocol of IEEE.

It is the first open standard to reduce the STP convergence time, made in 2003.

Represented by the code 802.1w

Although have the similarities to STP but also have some difference which are

following:

In RSTP the non-designated port of STP as alternate port.

RSTP calculates in advance but STP does this job when needed.

RSTP have only three port states not have block state as in STP.

RSTP quickly moves into other state after reading MAC in the learning state

where as STP keep remain in learning state till 15sec even read MAC in 2sec.

Page | 19

VLAN (VIRTUAL LOCAL AREA NETWORK)

It is such LAN by which we can create two or more separate logical-Area-

Network in a single Switch.

We can also give same IP to host in different V-lan, as they behave as separate

logical LAN or logical switches.

Broadcast Domain

At how many ports the broadcast would be received

All the ports of Switches are by default the part of vlan1.

All the port of Vlan should be access port means they exist in the access mode not

in trunk.

ADVANTAGES OF VLAN

It improves performance and speed of data transmission by reducing the size of

large broadcast

.

1. Broadcast Control: Large broadcast is divided into sub networks.

2. Security: One vlan‟s information can not transfer into another vlan.

3. Flexibility: Transfer of port from one vlan to another vlan through configuration.

INTER VLAN ROUTING

Inter VLAN routing is used for communication between different VLANs.

END TO END VLAN

The phenomena of communication two same or different Vlans exist on different

switches.

For the communication between two switches we us a trunk port.

Trunk Port

It is such port which carries the multiple Vlans traffic. It is not the part of any vlan.

Page | 20

TYPES OF VLAN

Static VLAN

This vlan is actually configured manually at each switch.

Syntax: switch (config) # vlan (any number)

Dynamic VLAN

These are such vlan which are configured by a server called VMPS (vlan management

policy server) in a large network environment and not need to create at each switch.

Benefit

You don‟t need to manually configure every time for access your vlan through out the

organization.

VLAN ENCAPSULATION PROTOCOL/ VLAN IDENTIFICATION

PROTOCOL/ VLAN TAGGING PROTOCOL

There are two protocols for encapsulation and tagging.

1. 802.1q(open standard)

2. ISL (CISCO propriety)

802.1q Standard

It is open standard as of IEEE, it use internal tagging process, this protocol is

actually enable by default at Cisco router.

ISL (Inter service link)

It is an external property as of Cisco itself.

It is external tagging process, it add the header of 26 bytes , it also used for trunk

port.

Note

At both the end the encapsulation protocol must be same, otherwise the line protocol not

up.

Page | 21

VTP (VLAN TRUNKING PROTOCOL)

It is open standard protocol, use for advertising the vlans informations throughout the

common administrative domain.

VTP MODES

There are three modes of VTP which are as following:

1) Server mode. 2) Client mode. 3) Transparent mode.

Server Mode

It is such mode where we can create, delete, modify and also synchronize the

Vlan information. vlan information is permanently save in flash memory.

Client mode

It is such mode in which we can‟t create, delete, modify the vlan information but

it can only synchronize and forward the vlan information.

Transparent mode

It is such mode where we can create, delete, modify the vlan information but it

can not synchronize but forward the information of vlan.

PORT SECURITY

When A port broadcast so the data will go to B as well as C port. The destination address

is B but C will also capture the data using the sniffer software, so to resolve this issue we

use switch. By using switch point to point communication is taking place between A&B.

But when the Mac table becomes full so the switch will broadcast the data.

MAC FLOODING ATTACK

It is such process which is used for hacking which becomes possible by the overflow the

MAC table; this process uses the software called the sniffer software. So to prevent the

switch by this attack we use the security feature called port security.

Sniffer Software

It is the software which is used by hacker for capturing the data in the plain text form.

Page | 22

Macof

It is term used for flooding the Mac table by sending 300 to 400 Mac addresses in 1sec.

Use of Port Security

One Mac address can permanently bind for any particular port, and we can also define

more than one Mac addresses by using different syntax.

We can also set any action with the port security .e.g. (shut down the pc) when port

security enable feature become active by any reason.

We configure the port security on the port which is connected to pc not on trunk port.

Restrict

When violation machine will not work but when we connect original machine it will

communicate and will generate a log value.

Shut down

When violated machine is connected to the port it would be shut down and when we

Connect the original machine so it will not work; now we will go to that interface and

write a command no shut.

Protect

Work is same as restrict but it will not generate a log value.

Switch# show port-security

Switch (config)#int fa 0/5

Switch (config-if)#switchport port-security

Switch (config-if)#switchport port-security maximum 1

Switch (config-if)#switchport port-security mac-address 01.c0.11.11.11.11

Page | 23

Wireless LAN (WLAN)

Modes of WLAN

1. Infra Structure Mode

There is a central device for example AP (Access Point). AP can connect to a switch with

cable.

2. Ad hoc Mode

There is no centralized device all PC‟s are connected together.

AP works in half duplex mode

Information Data Signal (Radio waves/ Electromagnetic waves)

Antenna Radio Electrical

FCC = Federal Communication Commission

ISM 2.4 GHz

UNII 5 GHz

UNII (Unlicensed National Information Infrastructure)

802.11 in 1997 2.4 GHz 2Mbps

802.11b in 1999 2.4GHz 11 Mbps

802.11a in 1999 5 GHz 54Mbps

802.11g in 2003 2.4GHz 54Mbps

802.11n 5GHz/2.4GHz 300Mbps

Bandwidth is shared on Access Point.

Page | 24

WLAN

Enterprise Class AP Consumer Class AP

Aironet (AP manufacturer) Linksys (bought by Cisco)

Cisco Aironet Series AP

1000 Series 1100 Series 1200 Series

Cisco 1250 Series AP (802.11n)

Radio Frequency Behavior

Reflection

Refraction

Scattering:

When waves strike with edgy material they become scattered.

Absorption: Water absorb the radio waves

Wireless LAN Security Issues

Passive Attacks

In which attacker steals information within the range of network.

War Driving Attacks

In which attacker only checks on different locations to find which services on

networks are available.

Active Attacks

In which attackers give some threat, or changes information

Page | 25

Wireless Security Solutions from IEEE

1. WEP (Wired Equivalent Privacy)

WEP

Encryption Authentication

RC4 Pre-shared keys password

2. WPA (WiFi Protected Access)

WPA


TKIP (Temporal key Integrated Protocol) 802.1x

User use EAP (extensible authentication protocol) to authenticate on AP.

AP is using RADIUS to transfer authentication information from/to server.

RADIUS (Remote Access Dialing Users)

Authentication server form CISCO is called Cisco ACS.

3. 802.1I

WPA 2


AES (Advance Encryption Standard) 802.1x

Page | 26

MODULE 3

IP ADDRESSING

It is network address used for the communication between the nodes at LAN as

well as WAN.

These addresses are assigning by the IANA (Internet assigned numbering

authority)

There are two types of IP addressing, IPV4 and IPV6.

IPV4 address

It is total 32 bits address scheme these bits are divided into four octets, this

address scheme has two segments or portions (Host and Network).

IPV4 address classes

This address is classified into the classes on the bases of network and host segment.

Class A

In this class the network segment have 8-bits and the host segments have24-bits.

Its range is from 01 up to 126 and total host exist 17millions.

Subnet mask is 255.0.0.0

Class B

In this class the each segment (host, network) have 16-bits.

Its range is from 128 up to 191 and total host exist 65,534.


Class C

In this class the network segment have 24-bits and host segment 16-bits.

Its range is from 192 up to 223 and total host exist 254.


Class D

It range is from 224 up to 239.

Class E

It range is from 240 up to 255.

Note: After the class E IPV4 addressing range become end, after that we use IPV6

addressing.

Page | 27

SUBNETTING

It is the process of dividing the single network ID into further various different

network IDs.

SUBNETMASK

It is the actually the group of network and host segment. It actually tells that how

many bits are used for network and how many bits are used for host.

VLSM (Variable length Sub netting masking)

It is the process of sub netting the subnets

IPv6 (IP version 6) Architecture

128 bits

Assigned in hexadecimal (0--F)

I Hexadecimal = 4 bits

10C0:00FD:09C5:C509:0000:0000:509F every field is of 16 bits.

Q) How to simplify this IP address?

Ans:

1) In IPv6 leading zeros can be eliminated e.g. 10C0: FD: 9C5:C509:0:0:0:509F

2) Consecutive zero field can be replaced by (::) but it can be used once in IPv6 address

e.g. 10C0: FD: 9C5:C509::509F

IPV6 ADDRESS TYPES

1) Unicast: One to one communication.

2) Multicast: one to many communication. There is no broadcast address IPv6

3) Any cast :

By using any cast multiple devices can share same IP address.

Router will forward the packet to nearest any cast IP.

Shared devices should have same application e.g. all application should be web

server/SMTP etc.

Page | 28

MODULE 4

ROUTING

Routing

Static Routing Dynamic Routing

Default Route: # Ip route 0.0.0.0 0.0.0.0

OR

#Ip route 0.0.0.0 0.0.0.0 s0/0

#show ip route

S* 0.0.0.0/0 s0/0

Class full routing protocol

They do not exchange subnet mask information with routing updates.

They assume that subnet mask is consistent throughout the network.

Class full routing only works when subnet mask is same over the network.

e.g. RIP and IGRP

Class less routing protocol They exchange subnet mask information with routing updates.

They support VLSM

e.g. EIGRP, OSPF ,RIP-VER2

Autonomous System Number

It is 16 bits number 0-65535

IANA defines the IP address and also autonomous system AS.

With respect to AS number there are two types of routing protocol.

1. Interior Routing Protocol

It works within same AS number.

Also called IGP (Interior Gateway Protocol)

Page | 29

2. Exterior Routing Protocol

Works with different AS number

Also called EGP (Exterior Gateway Protocol).e.g.BGP

With respect to technology there are 3 types of routing protocols.

Technology

Distance Vector Link State Hybrid

Distance Vector

They exchange complete routing tables with each other after periodic time period

E.g. RIP (30 sec) and IGRP (60 sec).

Distance vector protocols have only best route information to the destination.

If best path is down than they recalculate the best path.

Link State

Link state routing protocol only send routing updates whenever there is some change in

network topology.

They are less bandwidth consumer because they only send routing updates not the whole

routing table means they efficiently utilize the bandwidth.

These protocols have complete network topology information.

These protocols are more intelligent because they have all routes information to the

destination

E.g. OSPF, IS-IS.

Disadvantage: CPU and memory intensive.

Hybrid

It is a combination of both distance vector and link state.

RIP (Routing Information Protocol)

It is an open standard routing protocol.

It is a Class-full routing protocol.

The Administrative Distance of RIP = 120.

It is distance vector routing protocol.

This protocol works on „Bellman Ford Algorithm‟.

It calculate best path on the basis of hop counts: Min hops = best path

Page | 30

RIP can perform routing up to 15 hops.

RIP enable routers exchange complete routing table after 30 sec.

RIP can perform equal cost load balancing, by default 4 paths and maximum 6

paths.

RIP version 2

The features of RIPv2 are:

It is class-less routing protocol.

RIPv2 is authentication supported.

KHI (config)# router rip

KHI (config-router)# Network 10.0.0.0


LHR (config)# router rip

LHR (config-router)# Network 20.0.0.0


Page | 31

EIGRP (Enhanced Interior Gateway Routing Protocol)

This protocol is Cisco propriety.

It is Class-less routing protocol.

Administrative distance is 90.

It is interior gateway protocol means in same AS.

It is hybrid routing protocol.

It can support multiple network layer protocols, i.e. IP, IPX, Apple.

It can perform equal and unequal cost load balancing.

By default 4 paths and maximum of 6 paths

EIGRP uses an algorithm known as DUAL (Diffusion update algorithm).

DUAL is run over topology table and best paths are moved from topology table to

routing table.

By default best path selection on the basis of bandwidth and delay

Other parameters that EIGRP can use for best path selection are

o Reliability

o Load

o MTU

EIGRP TABLES

It creates 3 tables:

Neighbor table

Topology table

Routing table

Neighbor Table

In EIGRP directly connected routers maintain neighbor relationship.

They exchange „HELLO PACKETS‟ for maintaining the neighbor relationship.

Topology Table

This table contains the complete network information.

Router# show ip eigrp topology

Routing Table

This table contains the information of best route to the destination.

Router # show ip route

Page | 32

KHI (config)# router eigrp 50



LHR (config)# router eigrp 50



“50” is Autonomous system number. Two routers must be in same AS to communicate.

Protocol Dependent Module

If IP, IPx, Apple all are running at a time then this protocol will make different

tables for different operating systems.

Although IPx and Apple are not used nowadays.

OSPF (Open Shortest Path First)

It is Open standard routing protocol.

It is Link state routing protocol.

It is interior routing protocol.

Administrative distance= 110.

It is Class-less routing protocol.

OSPF enable routers can only perform Equal cost load balancing (by default 4

paths maximum 6 paths).

OSPF can only perform routing for IP networks.

It uses SPF (shortest path first) algorithm for calculation of best path.

There is no HOP limitation.

There is no periodic exchange of routing protocols.

When there is change in network then OSPF sends update packets called LSA

(link state advertisement).

For calculation of cost there is a formula :

Cost = 108

/ bandwidth

Page | 33

OSPF TABLES

1. Neighbor table.

2. Topology table

3. Routing table

Neighbor Table

It contains the information of directly connected routers just like eigrp.

Neighbor routers exchange HELLO PACKETS.

In OSPF neighbor table is also referred as „Adjancy database‟.

Router #show ip ospf neighbor

Topology Table

This table contains complete topology information.

In OSPF topology table is referred as „Link state database (LSDB)‟.

Router #show ip ospf database

Routing Table

This table contains the information of best routes to the destination.

In OSPF routing table is also referred as „forwarding database‟

Router #show ip route

In OSPF interfaces are refer as links

SPF algorithm applies on LSDB and best path moved in routing table.

OSPF Router ID

In OSPF every router is recognized by its router ID.

By default the highest IP address configured on any active interface of router will

become its router ID.

Let suppose Router ID is 192.168.0.1 goes down then next highest IP address

become router ID and when again 192.168.0.1 is up then it will become router ID.

Means when WAN is flipping then best practices is that we do not keep the

physical address as router ID so we make a logical address called loopback

address.

Router(config)# interface loopback 0

Router(config)# ip address 1.1.1.1 255.0.0.0

Router(config-if)# no shutdown

Now loopback address is router ID.

Page | 34

OSPF AREAS

Area 0 (zero) is called back bone area.

All other areas are called regular areas.

Every area should be directly connected with area 0.

Routers working in regular areas are called Internal Routers.

Routers in backbone area are called backbone router.

Area Border Router (ABR): Router which connect regular area to backbone area.

Page | 35

MODULE 5

SECURITY

ACCESS CONTROL LIST (ACL)

It is a security feature on a router.

You can control access between two different networks by the help of access

control list.

There are two types of ACL

1. Standard ACL

2. Extended ACL

Standard ACL

In this type of ACL traffic is flittered on the basis of source ip address

The range of standard ACL is from 1 – 99

There are two types of actions performed in this type of ACL:

1. Permit

2. Deny

Example

Router (config)# access-list 1 permit host 10.0.0.1

Router (config)# int fa0/0

Router (config)# ip access-group 1 in

These statements will permit host 10.0.0.1 to access Internet where as all other hosts

would be denied. This access list is applied on Fa0/0 inbound.

A single ACL can have multiple statement

If a packet does not match with any statement of ACL it will discard this packet

Default behavior of ACL is to discard anything that does not match ACL.

Default behavior = implicit deny

If a packet does match with ACL statement than this packet would not be

compared with other statements below in that ACL.

i.e. Router (config)# access-list 10 permit host 10.0.0.1

Router (config)# access-list 10 deny host 10.0.0.1

Page | 36

This ACL will not deny host 10.0.0.1 because it is permitted in first statement

Access list filter traffic from and to router but do not filter traffic originating from

router.

Most restrictive statement of ACL should be on top

Any for all destinations.

Any any for all sources and all destinations

One ACL can be applied at one interface and in one direction

Extended ACL

This type of ACL filters the traffic on the basis of

1. Source ip

2. Destination ip

3. Protocol

4. Port number

The range of this ACL is from 100 – 199.

Actions performed by this ACL are:

1. Permit

2. Deny

Direction of ACL

Inbound direction

Traffic entering from 10.2 than for e0 it is inbound and traffic coming from Internet

toward 10.2 than it is out bound for e0.

Wild card mask

It is opposite to subnet mask.

0 means check the corresponding bit value.

255 means do not check corresponding bit value.

Example of Extended ACL

Page | 37

Router (config)# Access-list 101 permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 80

Router (config)# Access-list 101 permit tcp 10.0.0.1 0.0.0.49 host 2.2.2.2 eq 25

Router (config)# Access-list 101 permit ip 10.0.0.51 0.0.0.49 any

Router (config)# Int fa 0/0

Router (config-int)# ip access-group 101 in

This will permit hosts from 10.0.0.1 to 10.0.0.50 to communicate pc 1.1.1.1 via tcp

protocol and Internet browser.

Named IP Access List

In this ACL names are used instead of numbers.

Named ip access list allows deleting individual entries from specific access list.

Same name for two lists cannot be used.

Example

Router (config)# ip access-list extended (or standard) cttc (any name)

Router (config-ext-nacl)# permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 80

Router (config-ext-nacl)# permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 25

Router (config-ext-nacl)# permit ip 10.0.0.51 0.0.0.49 any

Router (config)#int fa 0/0

Router (config-int)# ip access-group cttc in

Page | 38

NAT (NETWORK ADDRESS TRANSLATION) Translation of private ip to public ip address is called NAT.

Types of NAT

1. Dynamic NAT

We buy a pool of ip addresses e.g 1.1.1.1 to 1.1.1.64

2. Static NAT

In static NAT one public ip address is mapped on one private ip address.

We permanently bind one private ip to one public ip address

3. NAT Overload

This is also called Port Address Translation

It performs many to one translation

Source port number is randomly assigned and always greater than 1025.

1-1024 source port numbers are assigned to well define operations.

PAT can be configured on routers Microsoft Linux

We can configure dynamic NAT, Static NAT and NAT overload simultaneously

#show ip nat translation

Page | 39

VIRTUAL PRIVATE NETWORK (VPN)

VPN is a private network over a public network.

There are two types of VPN

1) Site to site VPN

2) Remote access VPN

Site to Site VPN

In this type of VPN we make a logical tunnel.

This VPN is Cost effective

Only problem is security because your data is in clear text form so any one/hacker

can capture your confidential data.

Remote Access VPN

It is use for Tele-worker.

IP Security VPN (IP SEC VPN)

It is an open standard protocol made by IETF (internet engg task force).

This works on network layer.

IP Sec is a framework of different algorithms and protocols means different

algorithms and protocols work together to built IP Sec.

IP SEC VPN Services

1) Data Confidentiality

Data confidentiality is achieved by help of encryption.

Encryption is of three types:

1. DES (Data Encryption Standard)

2. 3 DES (3 Data Encryption Standard)

3. AES (Advanced Encryption standard)

Page | 40

DES (Data Encryption Standard)

This standard is made by IBM.

There is a key used for encryption from plain text to cipher text which is of 56

bits.

This standard is breakable but high processing machine is needed for breaking the

encryption.

It is broken in 90s

Now the object of IBM was to secure DES .So they created new protocols called

3DES.

3DES (3 DATA ENCRYPTION STANDARD)

3 * DES = 3 * 56= 168 bit key

There is a 3 time encryption, therefore it is very strong.

This encryption standard is Unbreakable

If we use 3 DES, performance will decrease.

AES (ADVANCE ENCRYPTION STANDARD)

It is a standard of NIST (National Institute of Standards and Technologies).

1. 128 bits

2. 192 bits

3. 256 bits strongest

All the three standards are unbreakable

Page | 41

2) DATA INTEGRITY

Data integrity is achieved by an algorithm called HASHING.

HASHING ALGORITHM

MD-5 (Message Digest - 5) SHA-1 (Secure hashing

algorithm)

128 bit Hash 160 bits Hash

Strong but slow

3) PEER AUTHENTICATION

In peer authentication a Pre shared key is used called IKE (Internet Key

Exchange) protocol.

Legitimate peers can make VPN

If at both routers keys are same then VPN can be made.

IP SEC traffic cannot be transported through TCP/UDP because TCP/UDP

only contain IP traffic while IP SEC contain Encryption, security etc .

IP SEC uses its own transport protocols.

IP SEC TRANSPORT PROTOCOLS

ESP (Encapsulation Security Protocol)

Data confidentiality

Data integrity

Origin authentication

AH (Authentication Header)

Data confidentiality is not supported

Origin authentication and data integrity

Page | 42

MODULE 6

WIDE AREA NETWORK (WAN)

WAN is used to connect two or more LANs.

WAN Connection Types

1) Leased line/ Dedicated line

2) Circuit Switching

3) Packet Switching

Leased Line/dedicated line

It is Point to point or dedicated connection.

It is Synchronous link up to T3 (45mbps)

PPP and HDLC can frequently used

Advantages

There is a dedicated Bandwidth.

Security Service provider does not contain any layer 2 or 3 connection.

Disadvantages

It is Very costly due to dedicated bandwidth.

Circuit switching

In this type of switching, we can communicate through traditional phone lines.

No data is forwarded before an end-to-end connection is established.

Examples are PSTN and ISDN.

Advantage

It is Cost effective solution

Disadvantage

Bandwidth is very low.

Page | 43

Public Switched Telephone Network (PSTN)

It is same as Normal dial-up connection.

Speed is very low e.g.56kbps

Integrated Service Digital Network (ISDN)

It is a set of digital services that transmit voice and data over phone lines.

It is a cost effective solution and also speed is high than normal dial up

connection.

It is also good to use it as a back-up link for other types of links like frame

relay and T1 connection.

There are two types of ISDN.

o PRI (Primary rate interface)

o BRI (Basic rate interface)

Basic Rate Interface (PRI)

It contains 2B and 1D channel. B and D are logical channels.

B channel is used for voice and data both and D channel is used for signaling and

control.

B Channel bandwidth is 64kbps and D channel bandwidth is 16kbps.

Primary Rate Interface (PRI)

PRI is of two types e.g. E1 and T1.

E 1

It is used in Europe and rest of the world.

It contains 30 b and 1 d channel.

The bandwidth of B and D channel is 64kbps. It means the total bandwidth

provided by E1 is 2Mbps.

T 1

It is used in USA and Canada.

It contains 23B and 1D channel.

Page | 44

The bandwidth of B and D channel is 64 kbps. It means the total bandwidth

provided by T1 is 1.54 mbps.

WAN Encapsulation Protocols

The frame coming to router is LAN frame. Router removes the LAN header and adds

WAN header and forwards it on.

1) High Level Data link Connection Protocol(HDLC)

It is a WAN encapsulation protocol.

It works on Data link Layer.

It is by-default enable on Cisco routers.

This protocol is created by IBM.

It can be used only on Synchronous links.

There are two types of HDLC

Cisco HDLC

It is by default enable on Cisco routers.

It supports multiple network layer protocols.

It does not support open standard HDLC.

HDLC doesn‟t provide any authentication.

Open standard HDLC

Only supports single network layer protocol

It is open standard protocol.

If at both ends there are Cisco routers than use HDLC otherwise use PPP.

Page | 45

Point To Point Protocol (PPP)

It is open standard protocol.

It is WAN encapsulation protocol.

This protocol works on data link layer.

It can be used on both synchronous and asynchronous links.

Point to point protocol is of two types :

Network Control Protocol (NCP)

Supports multiple network layer protocols.

Link Control Protocol (LCP)

This protocol is responsible of PPP link establishment, management,

configuration and termination.

There is Error detection (CRC + Magic number).

Link compression and Authentication are optional parameters.

PPP Authentication

There are two types of PPP authentication:

1) Password authentication protocol (PAP)

2) Challenging handshake authentication protocol (CHAP)

Password Authentication Protocol (PAP)

1st router sends its password to 2

nd router and 2

nd router check it‟s on password. If

both passwords are same than line protocol is up.

Its disadvantage is that information sharing is in clear text.

Page | 46

Challenging Handshake Authentication Protocol (CHAP)

There is a 3-way handshaking concept.

1st router sends CHAP signal to 2

nd router which says thyat I want to

communicate to you, send your password.

2nd

router will send its password to 1st router in encrypted form.

1st router will check it‟s on password hash value.

If both hash values are same than line protocol is up.

There should be same password at both ends

Page | 47

Frame Relay

POP: Point of presence (Branches of service provider)

It is a Standard of ITU-T.

It works on data link layer of OSI reference model.

This is an example of packet switching.X.25,Frame relay,ATM

Frame relay is working from POP to customer.

Router of customer is called Frame relay router.

The device in POP is called Central office Switch (CO Switch).

It is cost effective b/c there is a bandwidth-sharing concept within the cloud

The aim of frame relay is to connect customer router to Point of presence (POP)

of service provider.

Frame service provider provides service 1 connectivity as well as layer 2

connectivity. For layer 2 connectivity we have to configure Frame Relay.

In case of frame relay, at layer 1 we can use any type of media.

Page | 48

Frame Relay Terminologies

CIR (Committed Interface Rate)

CIR is a minimum bandwidth that is guaranteed by service provider within a

cloud.

CIR is high. It means cost will be high.

Local Access Rate

It is the bandwidth through which we are connected to service provider pint of

presence.

LAR is always greater than are equal to CIR.

Data link connection identifier

It is the frame relay layer 2 addresses.

It is a 10-bit number

DLCI number is provided by service provider.

Same customer should have different DLCI number.

Different customer may have same DLCI number.

Page | 49

FRAME RELAY ADDRESS MAPPING

Let suppose CTTC Customer example to understand the mapping concept.

Mapping of CTTC router in Karachi for Lhore.

Mapping of CTTC router in Lhore for Karachi.

Page | 50

Local Management Interface (LMI)

It maintains the connection status b/w frame relay router and frame relay switch.

LMI Types

1. CISCO (Cisco propriety)

2. ITU-T (Open standard)

3. ANSI

LMI type should be same between switch and router to communicate.

You have to ask the service provider which LMI type you have configured

The LMI type of service provider & customer must be same otherwise link would

be down because line protocol not become up.

After version 11.3 of OSI, LMI type is auto detected.

LMI States

They help in troubleshooting by this we can see the segment status of Frame relay

Active state: means connection is OK

Deleted state: means there is a problem b/w your router and switch.

Inactive state: means there is a problem b/w remote end switch and remote end

router.

introduction to networking · introduction to networking communication modes 1. simplex (one way...

Documents