Академический Документы
Профессиональный Документы
Культура Документы
Private IP Public IP
Used with the LAN or within the Organization Used on public network (Internet)
Not recognized on the internet Recognized on the internet
Given by the administrator Given by the service provider(from IANA)
Unique within the network or organization Globally unique
Un-registered IP Pay to service provider (or IANA)
IT is free. Registered
Private IP Addresses-
There are certain addresses in each class of IP address that are
reserved for private Networks. These addresses are called private
addresses.
Range of Private IP:
Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.31.0.255
Class C 192.168.0.0 to 192.168.255.255
Default Gateway-
The IP address of the router Ethernet address connecting to
the LAN.
It is the entry and exit point of the network.
OSI Reference Model
OSI (Open system Interconnect) was developed by the
international Organization for standardization (ISO) and
introduced in 1984.
It defines how the communication happens between two or
more network devices.
It is a layered architecture (consist of seven layers).
Each layer defines a set of functions in data communication.
Purpose OF OSI MODEL-
Troubleshooting
Standardization
Presentation Layer-
Presentation Layer defines the specific format for the date to be
sent over the network.
The major function of this layer are
Encryption-Decoding
Ex- ASCII, EBCDIC (Text)
JPEG, GIF, TIFF (Graphics)
MIDI, WAV (Voice)
MPE, DAT, AVI (video)
Encryption- Decryption
Ex-DES,3-DES,AES
Compression Decompression
Session Layer-
It deals with sessions or interactions between the
applications.
It is responsible for establishing, maintaining and
terminating the sessions.
Session layer organizes communication through simplex,
half-duplex or full duplex.
Transport Layer-
It is responsible for end to end transportation of data between
the applications.
Functions of Transport Layer are-
Identifying services
Multiplexing and De-multiplexing
Segmentation
Sequencing and Reassembling
Error correction
Flow control
NETWORK LAYER-
It is responsible for end to end Transportation of data
across multiple networks.
Logical addressing and path determination (routing) are
described at this layer.
The protocols works at Network layer are.
Routed Protocols-
IP, IPX, Apple Talk..etc.
Routed protocols acts as data carriers and defines logical
addressing.
Routing Protocols-
RIP, OSPF, EIGRP, and IGRP .etc.
Routing protocols performs path determination (routing).
Router multilayer switches operate at this layer.
Data Link Layer-
It is responsible for end to end delivery of data between the
devices on a network segment.
Data link layer comprises of two sub layers-
MAC (Media Access Control)
It deals with hardware addresses (MAC addresses).
MAC addresses are 12 digit Hexa-decimal identifier used to
identifiers used to identify the devices uniquely on the
network segment.
It also provide error detection using CRC (Cyclic
Redundancy Check) and framing (Encapsulation).
Ex-Ethernet, token ring.etc.
Logical Link Control (LLC)
LLC used to support multiple network protocols with single
NIC card.
Switches, Bridges work in this layer.
Physical Layer-
It transfer the data in bits format i.e. 0101010101(Zero and
ones).
Conversion of bits over the depends upon the type of
media used
Copper Media-Electrical signals of different voltage.
Fiber Media-Light pulses of different wave length.
Wireless Media-Radio frequency waves.
Hubs, repeater, modems operate at this layer.
Some more factors about OSI Model-
Header-
Headers are information structures which identifies the
information that follows, such as a block of bytes in
communication.
Trailer-
Trailer is the information which occupies several bytes at the
end of the block of the data being transmitted. They contain
error-checking data which is useful for confirming the accuracy
and status of the transmission.
Note-
During communication of data the sender appends the header
and passes it to the lower layer while the receiver removes
header and passes it to upper layer. Headers are added at layer
6,5,4,3 & 2 while Trailer is added at layer 2.
Network
Computer network is an interconnection of two or more
computers and peripherals such as printers and faxes.
Networking
To share and exchange the resources (File and folder, Printer,
scanner) with each other by using Network is called networking.
History of Computer Networks-
The ARPANET (Advance Research Project Agency Network)- It was the
first network in the world. ARPA designed ARPANET for united states
department of defense. In 1969 the first ARPANET link was established
between the IMP (Interface Message Processors) nodes at the
University of California at LOA.
Network Configuration
1-Point to point configuration
Two devices does not share a communication link.
2-Client -Server configuration-
All the clients access services to the sever. Without server
clients cannot be function.
Topologies
Topologies define the network structure, how the devices
connected to each other.
There are two types of topologies-
Physical-
It defines the physical structure or layout of the network.
Logical
It defines, how the devices exchange the information to each
other.
Types of Physical Topologies
Single Node topology-
Only One device connect to the server.
Bus Topologies-
Copper Fiber
SM
Coaxial Twisted
MM
RG58 STP
RG8 UTP
RG6 Cat1
Cat2
Cat3
Cat4
Cat5
Cat5e
Cat6
Cat7
Cat1- carry only voice.it is used for telephonic services.
Cat2- carry data up to 4Mbps.
Cat3- carry data up to 10 Mbps and 16MHz frequency.
Cat4- carry data up to 16 Mbps and frequency up to 20 MHz.
Cat5- carry data up to 100 Mbps and frequency up to 100 MHz.
Cat5e- carry data up to 1000Mbps & frequency up to 100 MHz.
Cat6- carry data 1000Mbps & frequency 250 MHz.
Cat7- carry data 1000Mbps & frequency 600 MHz.
Coaxial Cable-
Shielded Twisted Pair Cable-
STATIC ROUTING
It is configured by Administrator manually.
Mandatory need of destination Network ID.
It is secure and fast.
Used for small organizations with a network of 10 to 15
routers.
Administrative distance of static route is 0 and 1.
DISADVANTAGE OF STATIC ROUTING-
Used for small networks.
Everything done manually.
Network change affect all network.
Configure Static Route
Router (config)-
Ip route <destination network ID > < destination subnet mask>
<next hop IP address >
DEFAULT ROUTING
The default routing protocol configured for unknown
destination.
Generally used in Internet where the destinations are
unknown.
Ex- the address of Google is unknown.
It is the last preferred routing.
Also can be used at the end location (optional).
Default routes help in reducing the size of your routing
table.
DEFAULT ROUTING CONFIGURATION
Router (config ) #
Ip route <0.0.0.0 > <0.0.0.0. > < next hop ip address >.
DYNAMIC ROUTING
Router decide the best route automatically with the help
dynamic routing protocols and also add and remove
network information in the routing table automatically.
Advantage of Dynamic routing over static routing-
Works with advertisements (of directly connected routers).
Know need to know destination network.
Updates the topology changes dynamically.
Administrative work is reduce.
Used for large organizations.
Neighbor routers exchange the routing information and
build the routing table automatically.
ROUTING PROTOCOLS
Routing protocols use some metrics to calculate and decide
the best route for the packets.
Comparison between the routing protocols
Router Metrics-
Routing Metrics are values that allow the routers decide the
best route for the packets .
There are some routing metrics-
Hops Count
Bandwidth
Load
Delay
Cost
Reliability
Administrative Distance (AD)
Trust worthiness of the information received by the
router.
The numbers is between 0 - 255.
Less value is more trusted.
Default administrative distance are given below-
Directly connected route - 0
STATIC ROUTE - 1
EIGRP ROUTE - 90
IGRP ROUTE - 100
OSPF ROUTE - 110
RIP ROUTE - 120
Classful Routing Protocols-
Classful routing protocols do not carry the subnet mask
information along with the updates.
Which means all devices in the network must use the same
subnet mask (FLSM or Default).
Ex-RIPv1, IGRP
Classless Protocols
Classless Protocols carry the subnet mask information
along with updates.
That is why they support sub networks (VLSM and FLSM)
and default network also.
Ex- RIPv2, EIGRP, OSPF, IS-IS
RIP (Routing Information Protocol)
Open standard protocol.
Classful routing protocol.
Updates are broadcast via 255.255.255.255
Metric hop count.
Load balancing of equal four paths.
Max hop count-15 ,Max routes-16
Used for small organization.
Exchange entire routing table for every 30 second.
Administrative Distance is 120.
Convergence Time- 4 min(aprox),EIGRP -15 sec,OSPF-40sec
Rip Timers
Update Timer-
Update timer :30 seconds-
Time between consecutive updates.
Invalid Timer: 180 sec
Time a router wait to hear updates.
The route is marked unreachable if there is no update
during this interval.
RIPv1 RIPv2
No authentication Authentication
A 172.16.5.2/24 B
I have router id 172.16.5.1 and I dont knowno abou anyone
Router A neighbors
List172.16.5.2/24 Interface
S0/0
Discovering the Networks Routes
172.16.5.1/24
172.16.5.2/24
A S0/0
S0/1
B
I will start exchange because I have router ID 172.16.5.1/24
DBD
Here is a sumarry of my
LSDB DBD
Here is a sumarry of my
LSDB
DBD
172.16.5.1/24
172.16.5.2/24
A S0/0 B
S0/1
Loading State
LSAck
LSR I need the complete entry for network 172.16.5.0/24
Full state
OSPF AREAS
Area is logical grouping of routers.
All the routers maintain same database.
Any change impact the all routers.
OSPF provides hierarchical network design with multiple
different areas.
All the routers maintain same database within the same
area.
Any changes impact the all routers with the same area.
Rules-
Must have one area called as area 0 (It is backbone area).
All the area must connect to area 0.
At least one area router.
Interfaces of both router facing
The solution:
OSPF Hierarchical Routing
Head Office
c
Area 1
Branch offices Area 2
Branch offices
Advantage of OSPF-
Open standard
No hop count limitation.
Loop free.
Faster convergence
Disadvantage of OSPF
Consume more CPU resources.
Complex design.
Support only equal cost balancing.
Enhanced Interior Gateway Routing Protocol-
o Advance distance vector protocol.
o Standard routing protocol (Initially was cisco
proprietary).
o Classless routing protocols.
o Includes all features of IGRP.
o Maximum hop count is 255(by default 100).
o Administrative distance is 90.
o Flexible network design.
o Multicast and unicast instead of broadcast address.
o 100% loop free classless routing.
o Easy configure WANs and LANs.
o Updates are through multicast 224.0.0.10.
o Hello packets are sent every 5 seconds and dead time
is 15 sec.
o Convergence rate is fast.
o It uses DUAL (diffusion update algorithm).
o Support equal cost an unequal cost load balancing.
o EIGRP metric is Delay.
EIGRP entire Process of Routing-
220.20.10.1
A B
Neighb I am router A, who is on the link 224.0.0.10
or Neighbor
Table Hello I am router B Table
EIGRP TABLE-
1- Neighbor Table
2- Topology Table-
3- Routing Table-
Delay is the sum of all the delays of the links along the
path:
Delay=delay in tens of microsecond x 256
Bandwidth is the lowest bandwidth of the links along the
paths:
Bandwidth={108 /BW in kbps}x256
Access Control List
ACL is set of rules which allows or deny specific traffic moving
through the router.
It is a layer 3 security which controls the flow of traffic from one
router to another router.
It is called as packet filtering firewall.
The access list number is 1 - 99. The access list number is 100-199.
Can block a network, host and Can block a network, host, subnet
subnet. and services.
All services are blocked. Selected services can be blocked.
Implementation
Router (config) # int <int name> <int type>
Route (config-if) # ip access-group <acl number> <in/out>
To verify ACL-
Router# show access-list
Router# show access-list <number>
Wild card Mask-
Tells the router which portion of the bits to match or ignore.
Name ACL
Named access lists are just another way to create standard and
extended access list.
Access list are identified using name rather than numbers.
Names are case sensitive.
No limitation of number year.
One main advantage is editing of Acls is possible means
removing and adding any statement in Acl list anywhere.
IOS version 11.2 or later allows name ACL.
NAT terminology
Inside Local Address-
Name of inside source address before translation (private IP).
Inside global address-
Name of inside host after translation (Public IP).
Outside Local Address-
Name of destination host before translation.
Outside global address-
Name of outside destination host after translation.
There are two types of IP address-
Private Address
Which address used in the internet is called private addresses?
Public Address
Which address used in the LAN networks Is called Public
address.
Private Address Rang
There are certain addresses in each class of IP address that are
reserved for Private Networks. These address called private
addresses.
Class A 10.0.0.0 to 10.255.255.255
Class B 172.16.0.0 to 172.16.255.255
Class C 192.168.0.0 to 192.168.255.255
Types of NAT
Static NAT
Dynamic NAT
PAT (Port Address Translation)
Static NAT
Administrator have to manually bind separate registered
public IP address with each private IP address for accessing
the internet services.
It was not useful to reduce the uses of IPv4 addresses.
It hides each private address in public network. This was
the only advantage of Static NAT.
It works as one to one manually mapping of private
address with public address.
Dynamic NAT
It also works as a static NAT means one to one mapping of
addresses is required.
Administrative task is reduced.
Mapping of IP addresses done by device automatically .
Port Address Translation
It reduces the wastage of IPv4.
It can translate thousands of IPv4 private addresses into
single public IP address.
It uses different-different port numbers for each LAN user
to differentiate in the services which are requested by LAN
users.
3. Router (config) # ip Nat inside source list <acl no > pool <name>
4. Router (config-if) # ip Nat inside (interface facing towards LAN)
Router (config) #int s0/0/0
5. Router (config-if) #ip Nat outside (interface facing towards ISP)
3. Router (config) # IP Nat inside source list <acl no> pool <pool
name> overload
Implementation
1. Router (config) # interface g0/0
2. Router (config-if) # ip Nat inside (interface facing towards LAN)
3. Router (config) #int s0/0/0
4. Router (config-if) #ip Nat outside (interface facing towards ISP)
TO verify NAT-
Router# show ip Nat translation
200.1.1.100/24
VLAN (Virtual Local Area Network)
Divides the single broadcast domain into multiple broadcast
domains.
A layer 2 security.
VLAN 1 is default VLAN.
We can create VLAs from 2-1001
Can be configured on a manageable switch only.
HUB SWITCH
It has no intelligence It is an intelligence device.
It does not know understand It maintain the MAC address table
about any addresses.
It always do broadcast. It uses broadcast and multicast.
It works with 0s & 1s. It works with physical address.
It works with shared bandwidth. It works with fixed bandwidth.
It has one broadcast Domain. It has 1 broadcast domain by
default.
It has 1 collision domain. Number of collision domains
depends upon the number of
ports
Only road and shared bandwidth Separate road and bandwidth
It works at half duplex It works at full duplex.
CSMA/CD
Carrier sense multiple access/collision detection
It is the protocol for carrier transmission access in Ethernet
Networks.
Collisions are identified using access method called CSMA/CD
And CSMA/CA
CSMA/CD works in wired LAN and CSMA/CA works in wireless
LAN.
Broadcast Domain
Set of all the devices that receives broadcast frames originating from
any device within the set.
Collision Domain
A collision domain is a network segments with two or more devices
sharing the same bandwidth (where there is a chance of collision).
Advantage of VLANs
Limit the number of broadcast.
Better performance.
Security.
Types of VLAN
Static VLAN
Dynamic VLAN
Static VLAN
Static VLANs are based on port numbers.
Need to manually assign a port on a switch to a VLAN.
Also called port based VLANs.
One port can be a member of only one VLAN.
Dynamic VLAN
Dynamic VLANs are based on the MAC address of a PC.
Switch automatically assigns the port to a Vlan.
Each port can be a member of multiple VLANs.
For dynamic VLAN configuration, a software called VMPS (Vlan
membership policy server) is needed.
High end switches required (core series) for Dynamic VLANs.
Not in used in production networks.
Benefits of VTP-
VTP reduces administration in a switched network.
Minimize the chances of misconfiguration on switches.
VTP Domain-
Group of layer 2switches sharing Vlan data.
Ends at router or layer3 switch.
Switch can be linked but not part of domain.
Each switch can belong to only one domain.
Domain is defined by its name.
Proprietary of the cisco, so all switches in domain must be Cisco
switches.
VTP Modes
Server
Default mode .sends Vlan information to the other switches.
Client
Receive Vlans information and forwards it to other switches.
Transparent
Forward VTP traffic but do not originate or use it. They can have their
own Vlans, not shred with other switches.
VLANs Configuration
Switch (config) # vtp mode sever
Switch (config) # vtp domain <domain name>
To verify VTP-
Switch # show vtp status
Inter Vlan Routing-
Vlans essentially are isolated from each so that packets in one Vlan
cannot cross into another vlans.
To transport packets between Vlans, you must use a layer three
switches.
Inter VLAN Routing Method
Separate physical gateway on router.
Using sub interface(router on stick or switch)
Using Layer 3 switches(Using SVI interfaces)
Note SVI (switch virtual interfaces)
3-Inter Vlan routing Using Layer3 switches
To assign gateway on Multispeed switches
Switch (config) #int vlan <vlan no>
Switch (config-if) # ip add <ip> <subnet mask>
Switch (config-if) # no shutdown
To enable Routing on switches-
Switch (config) # ip routing
Assign IP addresses on Layer3 or Multilayer Switches
Switch (config-if) # no switchport
Switch (config-if) # ip add <ip> <subnet mask>
Inter Vlan Routing through Router on Stick or Switch or Using
Sub-interfaces
Switch(config) # int <trunk int name> <trunk int number>
Switch(config-if) # switchport mode trunk
Router(config) # interface <trunk int name> <int number>
Router(config-if) # no shutdown
Now Create Sub-interfaces on Router-
Router (config) # interface <trunk int name> <sub int number
(f0/0.1)>
Router (config-subif) #encapsulation dot1q <vlan number>
Router (config-subif) # ip add <IP address> <subnet mask>
BPDU-
All switches exchange information through what is called as bridge
protocols data units (BPDUs).
Hello are sent every 2 sec.
Max age (dead) =20 sec
Forward delay (listening and learning time) =15 sec.
A BPDU contains information regarding ports, switches, port
priority and addresses.
Selection of designated and non-designated ports-
Least Cost
Least Local switch ID.
Lowest local physical port number
Designated Ports- which are in forwarding state.
Non-designated Ports- Which are in blocking state.
STP Ports States-
Blocking 20 sec
Listening 15 sec
Learning 15 sec
Forwarding No limits(50 sec)
Disable No Limits
Verifying Spanning-Tree-
#show spanning-tree
#show spanning-tree valn <vlan number>
#Show spanning-tree root
Selecting Root Bridge Configuration-
Default root bridge election:
Priority+base MAC
Recommended to select high speed switches to be selected as root
bridge.
Changing priority
Primary/secondary
Config)# spanning-tree vlan 1 root primary
Config)#spanning-tree vlan 1 root secondary
OR
Config)# spanning-tree vlan 1 priority <1-4096>
Note -
Priority values can be only multiples of 4096.
Primary reduces priority by 8192 from default priority.
Secondary reduces priority 4096 from default priority.
WAN Technologies-
WAN Protocols-
HDLC PPP
No support Support
authentication,comprassion and authentication,comprassion and
error detection error detection
Default on Serial Links Change to PPP
To verify WAN protocol on serial links-
# show interfaces Serial <interface name>
Configuration of PPP-
Router(config) # interface serial <interface name>
Router(config) # encapsulation PPP
Frame Relay-
Uses existing service provider to provide connectivity.
Cost effective solution than leased lines.
IPv4 IPv6
32 bit address 128 bit address
Written in decimal form Written in hexa decimal form(0-F)
1 group=8bit 1group=16bit
Total group=4 Total group=8
Seperated by Dot(.) Seperated by column(:)
Link local address range Link Local address starts from FE80
169.254.0.0-169.254.255.255
Loop back address is 127.0.0.0- Loop back address is ::1
127.255.255.255
IP space=232 Large IP space=2128
Defined by IANA DefinIed by ITEF
Ex-192.168.1.1 Ex-
FE80:AA00:BB00:CCAC:BCAB:0000:00AA:FF00
Example of IPv6-
2001:0db8:0000:0000:1234:0000:0000:3c4d
2001:db8:0:0:1234:0:0:3c4d
2001:db8::1234::3c4d
2001:db8::1234:0:0:3c4d
Unicast
Which can be assign any device in the network.
Unicast furter devided into three types.
Global Unicast
It is like Public IP ( routeable ).
Starts with 2000::/3(The first three bits 001)assigned by IANA.
Unique Local
Like private IP.
It starts from FC00::/7
They are not routable in the global IPv6 Internet.
Starts with either FC or FD in the first two numbers.
Link Local
Default IPv6 address on every IPv6 enable interface( non-
routable)
FE80::/10.
Routers do not forward packets with link local addresses.
Multicast
In IPv6 multicast addess will be starting with FF ( FF00::/8)
Any Cast-
Any cast address is an address that is assigned to a set of
interfaces that typically belongs to the different nodes.
Similer to multicast ,identify multiple interfaces but sends to
only one whichever it finds first.
Unique local and global unicast addresses can be used as
anycast .
Router(config-if)#IPv6 address ipv6-prefix/prefix-length anycast
Wireless Router
Victim
Gateway
Man-in-middle attack
Man-in-middle attack