Вы находитесь на странице: 1из 44





Submitted To:

Submitted By:

N.P. Shrivastava

Mudit Singh

(HOD IT Branch)


JAIPUR (2011-2015)

This is to certify that the Summer Training Report work on

Computer Networking submitted by MUDIT SINGH of
final year B. Tech in the year 2014 of Information Technology
department of this institute is a satisfactory account of his
Project work based on syllabus which is approved for the award
of degree of Bachelor of Technology in Specialization.

Under Guidance of:

Prepared By:

Mr. Mukesh Gocher

Mudit Singh

State Data Centre

(HCL Info System Limited Jaipur)

B. Tech 4th year

(Information Technology)

1. Introduction to computer Networking

Requirement of Networking

2. Types of Networks

LAN (Local Area Network)

WAN (Wide Area Network)

3. Network Models

OSI Model

4. Cables

Twisted Cable
Coaxial Cable
Fiber Optic

5. Networking Devices

Network Interface Card


6. IP Addressing

Private IP

7. Router

Internal Components
Network Interfaces
Configuring using Console
Routing Protocols
Access List

8. Firewall


Definition:A network is a system that transmits any combination of voice, video and/or data between users.
A network can be defined by its geographical dimensions and by which the users PC access it. A
network consists of a:

The network operating system (Windows NT/2000 TM/XP) on the users PC (client) and

The cables connecting all network devices (user pc, server, peripherals, etc.)

All supporting network components (hubs, routers and switches, etc.).

Computer Network means an interconnected collection of autonomous computers

Requirement of Networking
Resource sharing

To m a k e a l l p r o g r a m s , e q u i p m e n t , a n d e s p e c i a l l y d a t a available to
anyone on the network without regard to the physical location of their source and the user.

High reliability

As all files could be replicated on two or three machines, so if one of them is

unavailable (due to hardware failure), the other copies could be used.


It is the ability to increase system performance gradually as the work load grows
just by adding more processors .A computer network can provide a powerful
communication medium along widely separated employees. The use of networks to enhance
human-to-human communication will probably prove more important than technical goals such
as improved reliability. These are the requirement with respect to companies but computer networking is
required even in the normal day to day life as we have to access the internet to get
information about what all, new happening in the world, to have communication with
people staying far away using the mail service. These are the reasons that forced the
inventors to invent the networking devices, models and protocols etc. And the
Birth of Networking took place in 1844 when the first time Samuel Morse send the
first telegraph message.

These are privately owned networks within a single building or campus of up to a few a kilometers in size. LANs
are distinguished from other networks by three characteristics:
1) Their size.
2) Their transmission technology.
3) Their topology. LANs are restricted in size, which means that the worst-case
transmission time is bounded and known in advance. LANs often use a transmission
technology consisting of a single cable to which all the machines are attached. LANs
run at speeds of 10 to 100 Mbps, have low delays, and make very few

IEEE has produced several standards for LANs. These standards collectively known as
IEEE 802 .IEEE802.3 (Ethernet), IEEE802.4 (Token Bus), IEEE802.5 (Token Ring)


It is a Computer network that spans a relatively large geographical area, often a c o u n t r y o r
c o n t i n e n t . Typ i c a l l y a WAN c o n s i s t s o f t w o o r m o r e L o c a l Ar e a Network.
Computers connected to WAN are often connected through public networks such as telephone systems.
They can also be connected through leased lines or satellites. The largest WAN in existence is
Internet. WANs run at speed of maximum 2 to 10 Mbps.

For most WANs, the long distance bandwidth is relatively slow: on the order of kilobits per second
(kbps) as opposed to megabits per second (Mbps) for l o c a l - a r e a n e t w o r k s ( L A N s ) .
F o r e x a m p l e , a n E t h e r n e t L A N h a s a 1 0 M b p s bandwidth; a WAN using part or
all of a T1 carrier has a bandwidth of 1.544Mbps .Three types of approaches are used to connect
1) Circuit switching, which provides a fixed connection (at least for the duration of a call or
session), so that each packet takes the same path. Examples of this approach
include ISDN, Switched 56, and Switched T1.
2) Packet switching, which establishes connections during the transmission process so that different
packets from the same transmission may take different routes and may arrive out of
sequence at the destination. Examples of this approach are X.25, frame relay, and ATM.
3) Leased lines, which can provide a dedicated connection for private use



The Open Systems Interconnect (OSI) model has seven layers. This article describes and
explains them, beginning with the lowest in the hierarchy (the physical) and proceeding to
the highest (the application). The layers are stacked this way:

The physical layer, the lowest layer of the OSI model, is concerned with the transmission and
reception of the unstructured raw bit stream over a physical medium. It describes the
electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the
signals for all of the higher layers. It provides:

Data encoding: modifies the simple digital signal pattern (1s and 0s) used by the PC to better
accommodate the characteristics of the physical medium, and to aid in bit and frame
synchronization. It determines:

What signal state represents a binary 1

How the receiving station knows when a bit-time starts
How the receiving station delimits a frame

Physical medium attachment, accommodating various possibilities in the medium:

Will an external transceiver (MAU) be used to connect to the medium?

How many pins do the connectors have and what is each pin used for?

Transmission technique: determines whether the encoded bits will be transmitted by

baseband (digital) or broadband (analog) signaling.
Physical medium transmission: transmits bits as electrical or optical signals appropriate for
the physical medium, and determines:

What physical medium options can be used

How many volts/db should be used to represent a given signal state, using a given
physical medium


The data link layer provides error-free transfer of data frames from one node to another over the
physical layer, allowing layers above it to assume virtually error-free transmission over the link.
To do this, the data link layer provides:

Link establishment and termination: establishes and terminates the logical link between two

Frame traffic control: tells the transmitting node to back-off when no frame buffers are

Frame sequencing: transmits/receives frames sequentially.

Frame acknowledgment: provides/expects frame acknowledgments.
Detects and recovers from errors that occur in the physical layer by retransmitting nonacknowledged frames and handling duplicate frame receipt.
Frame delimiting: creates and recognizes frame boundaries.
Frame error checking: checks received frames for integrity.
Media access management: determines when the node has the right to use the physical


The network layer controls the operation of the subnet, deciding which physical path the data
should take based on network conditions, priority of service, and other factors. It provides:

Routing: routes frames among networks.

Frame fragmentation: if it determines that a downstream routers maximum transmission unit

(MTU) size is less than the frame size, a router can fragment a frame for transmission and reassembly at the destination station.

Subnet traffic control: routers (network layer intermediate systems) can instruct a sending
station to throttle back its frame transmission when the routers buffer fills up.

Logical-physical address mapping: translates logical addresses, or names, into physical

Subnet usage accounting: has accounting functions to keep track of frames forwarded by
subnet intermediate systems, to produce billing information.

Communications Subnet
The network layer software must build headers so that the network layer software residing in
the subnet intermediate systems can recognize them and use them to route data to the
destination address.
This layer relieves the upper layers of the need to know anything about the data transmission
and intermediate switching technologies used to connect systems. It establishes, maintains
and terminates connections across the intervening communications facility (one or several
intermediate systems in the communication subnet).
In the network layer and the layers below, peer protocols exist between a node and its
immediate neighbor, but the neighbor may be a node through which data is routed, not the
destination station. The source and destination stations may be separated by many
intermediate systems.


The transport layer ensures that messages are delivered error-free, in sequence, and with no
losses or duplications. It relieves the higher layer protocols from any concern with the
transfer of data between them and their peers.
The size and complexity of a transport protocol depends on the type of service it can get
from the network layer. For a reliable network layer with virtual circuit capability, a minimal
transport layer is required. If the network layer is unreliable and/or only supports datagrams,
the transport protocol should include extensive error detection and recovery.
The transport layer provides:

Message segmentation: accepts a message from the (session) layer above it, splits the
message into smaller units (if not already small enough), and passes the smaller units down
to the network layer. The transport layer at the destination station reassembles the message.
Message acknowledgment: provides reliable end-to-end message delivery with
Message traffic control: tells the transmitting station to back-off when no message buffers
are available.
Session multiplexing: multiplexes several message streams, or sessions onto one logical link
and keeps track of which messages belong to which sessions (see session layer).
Typically, the transport layer can accept relatively large messages, but there are strict
message size limits imposed by the network (or lower) layer. Consequently, the transport
layer must break up the messages into smaller units, or frames, prepending a header to each
The transport layer header information must then include control information, such as
message start and message end flags, to enable the transport layer on the other end to
recognize message boundaries. In addition, if the lower layers do not maintain sequence, the
transport header must contain sequence information to enable the transport layer on the
receiving end to get the pieces back together in the right order before handing the received
message up to the layer above.


The session layer allows session establishment between processes running on different
stations. It provides:

Session establishment, maintenance and termination: allows two application processes on

different machines to establish, use and terminate a connection, called a session.
Session support: performs the functions that allow these processes to communicate over the
network, performing security, name recognition, logging, and so on.


The presentation layer formats the data to be presented to the application layer. It can be
viewed as the translator for the network. This layer may translate data from a format used by
the application layer into a common format at the sending station, then translate the common
format to a format known to the application layer at the receiving station.
The presentation layer provides:

Character code translation: for example, ASCII to EBCDIC.

Data conversion: bit order, CR-CR/LF, integer-floating point, and so on.
Data compression: reduces the number of bits that need to be transmitted on the network.
Data encryption: encrypt data for security purposes. For example, password encryption.


The application layer serves as the window for users and application processes to access
network services. This layer contains a variety of commonly needed functions:

Resource sharing and device redirection

Remote file access
Remote printer access
Inter-process communication
Network management
Directory services
Electronic messaging (such as mail)

Network virtual terminals



Some Terminologies with Networking Models

Collision Domain:I t i s t h e g r o u p o f P C s i n w h i c h c o l l i s i o n w i l l o c c u r when two PC will transmit
data simultaneously.

Broadcast Domain:I t i s t h e g r o u p o f P C s t h o s e w i l l r e c e i v e s a m e broadcast message.

CSMA/CD (Carrier Sense Multiple Access/ Collision Detection):- In this protocol when a PC wants to transmit any packet it sense the carrier
i.e. the path, if no other PC is using the carrier then only it sends. If two PCs
starts sending data simultaneously collision will occur. Both PCs will wait for
some random time and then initiate the same process.

MAC:- (Media Access Control). The IEEE 802.3 (Ethernet) and802.5 (Token Ring) are the
MAC sub layers of these two LAN data- link protocols.

Burned-in address:- T h e 6 - b y t e a d d r e s s a s s i g n e d b y t h e vendor making the card. It is usually

burned in to a ROM or EEPROM on the L A N c a r d a n d b e g i n s w i t h a 3 b y t e o r g a n i z a t i o n a l l y u n i q u e identifier (OUI) assigned by the IEEE.

Locally administered address:- Through configuration, an address that is used instead of the burned-in address.
Unicast address:-

F a n c y t e r m f o r a M A C t h a t r e p r e s e n t s a single LAN interface.

Passive components are those devices which are used to provide connectivity between different networking
devices. It includes
Patch Panel
Patch Cord
I/O box
RJ-45 Connectors

There are different Cabling options depending on the access method:

Twisted pair
The wires are twisted around each other to minimize interference from other twisted pairs in the cable.
Twisted pair cables are available unshielded (UTP) or shielded (STP). UTP is the most common type and
uses RJ-45 Connector .Typical lengths are up to 100m.Twisted pair network uses a star topology.

- Coaxial cable uses BNC connectors. The maximum cable lengths are around 500m.Coaxial networks
use a single bus topology
Fiber Optic

UTP and Co-axial cables are not capable for driving the data signals for long
distance i.e. UTP is capable of transmitting up to a distance 100 meters only By using the
Fiber cables it is possible to send the data about 10 kilometers. Fiber optic cable uses SC, ST,
LC connectors (most common in use is SC connector). In fiber cables the data is converted
to light signals and the signal is made to propagate through the fiber cable.
There are two types of Fiber optic cable available.
1) Single mode: In this mode typical length is up to 12km and
d a t a r a t e i s 1000Mbps. The core diameter is about 9.25 nm cable is known as
1000 base LX cable.
2) Multi-mode: This mode is further categorized in two:
SX: Typical length is up to 500m and data rate is 1000Mbps
FX: Typical length is up to 220m and data rate is 100Mbps.

A patch panel provides a convenient place to terminate (connect) all of the cable coming from different locations
into the wiring closet. We connect the cables coming from various locations willing to connect to switch through
the patch panel.


We can label the patch panel so we know that which wire belongs to which location. Without a patch panel, it is
chaotic .If we want to disconnect a station from the switch, it's a lot easier if there's a label.
Most cabling is wired "straight-through" from end to end. But sometimes we need to cross-wire some of the pairs
between switch and station, like with a cable modem, or cross-wire to connect two switches. With a patch panel,
all of this cross-wiring is done in the patch cable. If you have to make any changes, like moving a station or switch,
you just move the patch cable with it, instead of having to reterminate the cable run.


We have to mount the patch panel somehow. The best way is to buy a rack. Basically,
a rack is a pair of vertical rails with holes drilled in them so that we can mount patch panels,
hubs, and other network equipment.
This made it easy to access the back of the patch panel and other networking components.


Cabling Guidelines
The RJ-45 ports on the switch support automatic MDI/MDI-X operation, so we can use standard straight-through
twisted-pair cables to connect to any other network device (PCs, servers, switches, routers, or hubs).We use only
twisted-pair cables with RJ-45 connectors that conform to FCC standards .Connecting to PCs, Servers, Hubs and
1) Attach one end of a twisted-pair cable segment to the devices RJ-45connector.Making
Twisted-Pair Connections
2) The port where we are connecting the RJ-45 is a network card, attach the other end of the
cable segment to a modular wall outlet that is connected to the wiring closet. Otherwise, attach the other

end to an available portion the switch. Make sure each twisted pair cable does not exceed 100 meters (328
ft.) in length.

Wiring Closet Connections

Today, the punch-down block is an integral part of many of the newer equipment tracks. It is actually part of the
patch panel. Instructions for making connections in the wiring closet with this type of equipment follow.

Attach one end of a patch cable to an available port on the switch, and the other end to the
patch panel.
If not already in place, attach one end of a cable segment to the back of the patch panel
where the punch-down block is located, and the other end to a modular wall outlet.
Label the cables to simplify future troubleshooting.


Networking hardware or networking equipment typically refers to devices facilitating the use of
a computer network. Typically, this includes gateways, routers, network bridges, switches, hubs,
and repeaters. Also, hybrid network devices such as multilayer switches, protocol converters and
bridge routers. And, proxy servers, firewalls and network address translators. Also, multiplexers,
network interface controllers, wireless network interface controllers, modems, ISDN terminal
adapters and line drivers. And, wireless access points, networking cables and other related
Computer networking devices are units that mediate data in a computer network. Computer
networking devices are also called network equipment, Intermediate Systems (IS) or
Interworking Unit (IWU) Units which are the last receiver or generate data are called hosts or
data terminal equipment.
The most common kind of networking hardware today is copper-based Ethernet adapters, helped
largely by its standard inclusion on most modern computer systems. Wireless networking has
become increasingly popular, however, especially for portable and handheld devices.

Other hardware prevalent within computer networking is datacenter equipment (such as file
servers, database servers and storage areas), network services (such as DNS, DHCP, email etc.)
as well as other specific network devices such as content delivery.

Other diverse devices which may be considered networking hardware include mobile phones,
PDAs and even modern coffee machines. As technology grows and IP-based networks are
integrated into building infrastructure and household utilities, network hardware becomes an
ambiguous statement owing to the increasing number of "network capable" endpoints.


A network interface controller (also known as a network interface card, network adapter, LAN
adapter and by similar terms) is a computer hardware component that connects a computer to a
computer network.
Early network interface controllers were commonly implemented on expansion cards that plug
into a computer bus; the low cost and ubiquity of the Ethernet standard means that most newer
computers have a network interface built into the motherboard.

The network controller implements the electronic circuitry required to communicate using a
specific physical layer and data link layer standard such as Ethernet, Wi-Fi, or Token Ring. This
provides a base for a full network protocol stack, allowing communication among small groups
of computers on the same LAN and large-scale network communications through routable
protocols, such as IP.

Madge 4/16 Mbit/s Token Ring ISA-16 NIC

Although other network technologies exist (e.g. token ring), Ethernet has achieved near-ubiquity
since the mid-1990s.
Every Ethernet network controller has a unique 48-bit serial number called a MAC address,
which is stored in read-only memory. Every computer on an Ethernet network must have at least
one controller. Normally it is safe to assume that no two network controllers will share the same
address, because controller vendors purchase blocks of addresses from the Institute of Electrical
and Electronics Engineers (IEEE) and assign a unique address to each controller at the time of

The NIC allows computers to communicate over a computer network. It is both an OSI layer 1
(physical layer) and layer 2 (data link layer) device, as it provides physical access to a
networking medium and provides a low-level addressing system through the use of MAC
addresses. It allows users to connect to each other either by using cables or wirelessly.

Bridges are used to divide larger networks into smaller sections. They do this
By sitting between two physical network segments and managing the flow of
Data between the two. By looking at the MAC address of the devices connected
To each segment, bridges can elect to forward the data (if they believe
That the destination address is on another interface), or block it from crossing
(If they can verify that it is on the interface from which it came).

A common connection point for devices in a network. Hubs are commonly used to connect
segments of a LAN. A hub contains multiple ports. When a packet arrives at one port, it is copied
to the other ports so that all segments of the LAN can see all packets.

A passive hub serves simply as a conduit for the data, enabling it to go from one device (or
segment) to another. So-called intelligent hubs include an additional feature that enables an
administrator to monitor the traffic passing through the hub and to configure each port in the hub.
Intelligent hubs are also called manageable hubs.

Hub in network
A third type of hub, called a switching hub, actually reads the destination address of each packet
and then forwards the packet to the correct port.

A network switch is a small hardware device that joins multiple computers together within one
local area network (LAN). Technically, network switches operate at layer two (Data Link Layer)
of the OSI model.

Network switches appear nearly identical to network hubs, but a switch generally contains more
intelligence (and a slightly higher price tag) than a hub. Unlike hubs, network switches are
capable of inspecting data packets as they are received, determining the source and destination
device of each packet, and forwarding them appropriately. By delivering messages only to the
connected device intended, a network switch conserves network bandwidth and offers generally
better performance than a hub.
As with hubs, Ethernet implementations of network switches are the most common. Mainstream
Ethernet network switches support either 10/100 Mbps Fast Ethernet or Gigabit Ethernet
(10/100/1000) standards.

Different models of network switches support differing numbers of connected devices. Most
consumer-grade network switches provide either four or eight connections for Ethernet devices.
Switches can be connected to each other, a so-called daisy chaining method to add progressively
larger number of devices to a LAN.

A hardware device designed to take incoming packets, analyzing the packets and then directing
them to the appropriate locations, moving the packets to another network, converting the packets
to be moved across a different network interface, dropping the packets, or performing any other
number of other actions. In the picture to the right, is a Linksys BEFSR11 router and is what
most home routers look like.

A router has a lot more capabilities than other network devices such as a hub or a switch that are
only able to perform basic network functions. For example, a hub is often used to transfer data
between computers or network devices, but does not analyze or do anything with the data it is
transferring. Routers however can analyze the data being sent over a network, change how it is
packaged and send it to another network or over a different network. For example, routers are
commonly used in home networks to share a single Internet connection with multiple computers.

In the above example of a home network there are two different examples of a router, the router
and the wireless router. As can be seen in the example the router is what allows all the computers

and other network devices access the Internet. Below are some additional examples of different
types of routers used in a large network.

Every machine on the internet has a unique identifying number, called an IP Address.
A typical; IP address looks like this:
IP ADDRESS is a 32-bit number, usually written in dotted decimal form that
uniquely identifies an interface of some computer. This 32-bit number is divided into 4 octets
each separated by a decimal. Out so many values certain values are restricted for use as typical
IP address. For example, the IP address reserved for the default network and the address used for broadcast. Each IP address is split into 2 sections:
1) Network address
2) H o s t ad d r es s

Individual IP address in same network all have a different value in the host part of address, but they have
identical value in network part, just as in town there are different street address but same ZIP code.
There are five IP classes:

Class A

This class is for very large networks, such as a major international company.
IP addresses with a first octet from 1 to 126 are part of this class. The other three octets are
each used to identify each host.

- The IP address is used as the loopback address. This means that it is
used by the host computer to send a message back to itself. It is commonly used for
troubleshooting and network testing.

Class B

Class B is used for medium-sized networks. A good example is a large college campus.
IP addresses with a first octet from 128 to191 are part of this c l a s s . C l a s s B
a d d r e s s e s a l s o i n c l u d e t h e s e c o n d o c t e t a s p a r t o f t h e N e t identifier. The
other two octets are used to identify each host.


Class C

Class C addresses are commonly used for small to mid-size business. IP addresses with
a first octet from192 to 223 are part of this class. Class C addresses also include
the second and third octets as part of Net identifier. The last octet is used to identify each host.

Class D

It is used for multicast. It has first bit value of 1, second bit value of 1, third bit value of 1
and fourth bit value of 0. The other 28 bits are used to identify the group of computers the
multicast messages is intended for.

Class E

It is used for experimental purpose only.



Private IP
- It is not necessary that every time we make a network we are connected to some ISP (Internet Service
Provider). So in that case we require some private IP also w h i c h c a n b e u s e d i n
i n d i g e n o u s n e t w o r k s . I n e a c h c l a s s a r a n g e o f I P addresses have been
defined for this purpose
- CLASS A to
- CLASS B to

Computers use a mask to define size of network and host part of an address.
Mask is a 32-bit number written in dotted decimal form. It provides us the network address when we
perform a Boolean AND of mask with the IP address. It also define number of host bits in an
address. Class of address Size of network Part of address ,in bits Size of Host Part of address ,in
bits Default Mask for Each Class of Network
Class of address
Size of network part
Size of hosts part of
Default Mask for each
of address, in bits
address, in bits
class of Network

Basically it is a process of subdividing networks into smaller subnets. In case we have 2-3 small
networks but we cant buy IP address for each and every network. So here we use the
basic concept of SUBNETTING i.e. using one public IP address we will give them IP
address and make them independent networks. For this we take some bits of host address
and use them for network address so we have different independent networks Address Format when
Subnetting Is Used (class A,B,C resp.):
Class A



Class B
Class C





And due to this mask changes to subnet mask and now the network address also includes subnet address.

If subnet mask is
And an IP address for a computer is given as is network address is the subnet address is the host address of the computer 10001110.00010000.00110100.00000100 is ANDed with
and output is 10001110.00010000.00110000.00000000
here first two octets represents Network address and third octet represents subnet
address. It can be compared with a postal address as there is only one ZIP code (Network address),
different streets (Subnet address), and different house number (Host address).

A router is a special type of computer. It has the same basic components as a standard desktop
PC. It has a CPU, memory, a system bus, and various input/output interfaces. However, routers
are designed to perform some very specific functions that are not typically performed by desktop
computers. For example, routers connect and allow communication between two networks and
determine the best path for data to travel through the connected networks.

Just as computers need operating systems to run software applications, routers need the
Internetwork Operating System software (IOS) to run configuration files. These configuration
files contain the instructions and parameters that control the flow of traffic in and out of the
routers. Specifically, by using routing protocols, routers make decisions regarding the best path
for packets. The configuration file specifies all the information for the correct set up and use of
the selected, or enabled, routing and routed protocols on the router.
This course will demonstrate how to build configuration files from the IOS commands in order
to get the router to perform many essential network functions. The router configuration file may
at first glance appear complex, but it will seem much less so by the end of the course.
The main internal components of the router are random access memory (RAM), nonvolatile
random-access memory (NVRAM), flash memory, read-only memory (ROM), and interfaces.
RAM, also called dynamic RAM (DRAM), has the following characteristics and functions:

Stores routing tables

Holds ARP cache

Holds fast-switching cache

Performs packet buffering (shared RAM)

Maintains packet-hold queues

Provides temporary memory for the configuration file of the router while the router is
powered on

Loses content when router is powered down or restarted

NVRAM has the following characteristics and functions:

Provides storage for the startup configuration file

Retains content when router is powered down or restarted

Flash memory has the following characteristics and functions:

Holds the operating system image (IOS)

Allows software to be updated without removing and replacing chips on the processor

Retains content when router is powered down or restarted

Can store multiple versions of IOS software

Is a type of electronically erasable, programmable ROM (EEPROM)

Read-only memory (ROM) has the following characteristics and functions:

Maintains instructions for power-on self-test (POST) diagnostics

Stores bootstrap program and basic operating system software

Requires replacing pluggable chips on the motherboard for software upgrades

Interfaces have the following characteristics and functions:

Connect router to network for frame entry and exit

Can be on the motherboard or on a separate module


While a router can be used to segment LANs, its major use is as a WAN device.
Routers have
both LAN and WAN interfaces. In fact, WAN technologies are frequently used to connect routers
and these routers communicate with each other by WAN connections. Routers are the backbone

devices of large intranets and of the Internet. They operate at Layer 3 of the OSI model, making
decisions based on network addresses. The two main functions of a router are the selection of
best path for and the switching of frames to the proper interface. Routers accomplish this by
building routing tables and exchanging network information with other routers.

An administrator can maintain routing tables by configuring static routes, but generally routing
tables are maintained dynamically through the use of a routing protocol that exchanges network
topology (path) information with other routers.
If, for example, computer (x) needs to communicate with computer (y) on one side of the world,
and with computer (z) in another distant location, a routing feature for information flow is
required as well as redundant paths for reliability. Many network design decisions and
technologies can be traced to this desire for computers x, y, and z to be able to communicate.
A correctly configured internetwork provides the following:

Consistent end-to-end addressing

Addresses that represent network topologies

Best path selection

Dynamic or static routing



The console port and the auxiliary (AUX) port are management ports. These asynchronous
serial ports are not designed as networking ports. One of these two ports is required for the
initial configuration of the router. The console port is recommended for this initial

configuration. Not all routers have an auxiliary port.

When the router is first put into service, there are no networking parameters configured.
Therefore the router cannot communicate with any network. To prepare for initial startup
and configuration, attach an RS-232 ASCII terminal, or a computer emulating an ASCII
terminal, to the system console port. Then configuration commands can be entered to set up
the router.
Once this initial configuration is entered into the router through the console or auxiliary
port, the router can then be connected to the network for troubleshooting or monitoring.
The router can also be configured from a remote location by dialing to a modem connected
to the console or auxiliary port on the router.
The console port is also preferred over the auxiliary port for troubleshooting. This is
because it displays router startup, debugging, and error messages by default. The console
port can also be

Used when the networking services have not been started or have failed. Therefore, the
console port can be used for disaster and password recovery procedures.



Cisco Command

Set a console password to


Router(config)#line con 0
Router(config-line)#password cisco

Set a telnet password

Router(config)#line vty 0 4
Router(config-line)#password cisco

Stop console timing out

Router(config)#line con 0
Router(config-line)#exec-timeout 0 0

Set the enable password to


Router(config)#enable password cisco

Set the enable secret password

to peter.

Router(config)#enable secret peter

This password overrides the

enable password
and is encypted within the
config file

Enable an interface

Router(config-if)#no shutdown

To disable an interface


Set the clock rate for a router

with a DCE cable to 64K

Router(config-if)clock rate 64000

Set a logical bandwidth

assignment of 64K to the serial

Router(config-if)bandwidth 64
Note that the zeroes are not missing

To add an IP address to a

Router(config-if)#ip addr

To enable RIP on all

172.16.x.y interfaces

Router(config)#router rip

Disable RIP

Router(config)#no router rip

To enable IRGP with a AS of

200, to all interfaces

Router(config)#router igrp 200


Disable IGRP

Router(config)#no router igrp 200

Static route the remote

network is, with a

Router(config)#ip route

mask of, the

next hop is, at a
cost of 5 hops

Disable CDP for the whole


Router(config)#no cdp run

Enable CDP for he whole


Router(config)#cdp run

Disable CDP on an interface

Router(config-if)#no cdp enable

A system designed to prevent unauthorized access to or from a private network. Firewalls can be
implemented in both hardware and software, or a combination of both. Firewalls are frequently
used to prevent unauthorized Internet users from accessing private networks connected to the
Internet, especially intranets. All messages entering or leaving the intranet pass through the
firewall, which examines each message and blocks those that do not meet the specified security
There are several types of firewall techniques:
Packet filter: Looks at each packet entering or leaving the network and accepts or
rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to
users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.
Application gateway: Applies security mechanisms to specific applications, such as
FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection
is established. Once the connection has been made, packets can flow between the hosts
without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The proxy
server effectively hides the true network addresses.

In practice, many firewalls use two or more of these techniques in concert. A firewall is
considered a first line of defense in protecting private information. For greater security,
data can be encrypted.