Network

A network consists of two or more computers that are linked in order to share
resources (such as printers and CD-ROMs), exchange files, or allow electronic
communications. The computers on a network may be linked through cables,
telephone lines, radio waves, satellites, or infrared light beams.

The three basic types of networks include:

 Local Area Network (LAN)

 Metropolitan Area Network (MAN)
 Wide Area Network (WAN)

Local Area Network

A Local Area Network (LAN) is a network that is confined to a relatively small area.
It is generally limited to a geographic area such as a writing lab, school, or
building. Rarely are LAN computers more than a mile apart.
In a typical LAN configuration, one computer is designated as the file server. It
stores all of the software that controls the network, as well as the software that
can be shared by the computers attached to the network. Computers connected
to the file server are called workstations. The workstations can be less powerful
than the file server, and they may have additional software on their hard drives.
On most LANs, cables are used to connect the network interface cards in each
computer. See the Topology, Cabling, and Hardware sections of this tutorial for
more information on the configuration of a LAN.

Metropolitan Area Network

A Metropolitan Area Network (MAN) covers larger geographic areas, such as cities
or school districts. By interconnecting smaller networks within a large geographic
area, information is easily disseminated throughout the network. Local libraries
and government agencies often use a MAN to connect to citizens and private
industries.

One example of a MAN is the MIND Network located in Pasco County, Florida. It
connects all of Pasco's media centers to a centralized mainframe at the district
office by using dedicated phone lines, coaxial cabling, and wireless
communications providers.

Wide Area Network

Wide Area Networks (WANs) connect larger geographic areas, such as Florida, the
United States, or the world. Dedicated transoceanic cabling or satellite uplinks
may be used to connect this type of network.

Using a WAN, schools in Florida can communicate with places like Tokyo in a
matter of minutes, without paying enormous phone bills. A WAN is complicated.
It uses multiplexers to connect local and metropolitan networks to global
communications networks like the Internet. To users, however, a WAN will not
appear to be much different than a LAN or a MAN

TYPES OF NETWORK
The two most common types of networks are peer-to-peer and client/server.
Both networks serve the same purpose. They allow users to share information or
resources.

Peer-to-Peer Networks
The most basic way to allow multiple users to share information or resources,
such as printers and fax machines, is to connect multiple computers in a peer-to-
peer network. A common method for setting up a peer-to-peer network is to
connect computers running workgroup or client software, such as the Windows
Vista® operating system, to a hub or to use a wireless access point.While this is a
simple, low-cost solution, peer-to-peer networks are limited in what they can do.
For example, peer-to-peer networks have no centralized security safeguards.
Information and resources are shared from each computer, and if one computer
shuts down, loses Power, or loses data, it is impossible to access the information
on that computer. Peer-to-peer networks also tend to slow down when more
than five computers are connected.

Client/Server Networks
In a client/server network, a single computer (the server hardware) is used to
store and manage information and resources in a central location. That computer
is loaded with server software that is designed to perform specific tasks and
provide specific services such as file sharing, print processing, Internet
connectivity, and e-mail for each of the network’s “client” computers. The clients
in the client/server network can be individual computers, printers, or other
remote devices (for example, Windows Mobile® phones).Client/server networks
provide tools and services that can help your business achieve dramatic time and
cost savings, revolutionizing the way you do your work. For example, with a
client/server network you can use fewer printers and distribute faxes
electronically, which results in lower hardware costs and increased productivity.
The server can back up information, which can save you time and prevent data
loss.
Also, because the server acts as a single access point, your Internet connection
can be monitored and controlled, which enhances your network security. The
computers in your business may show markedly improved performance in a
client/server network because they don’t have to perform functions for other
computers, such as storing large amounts of data or running heavy software
applications; the server takes on all this heavy lifting. With one centralized access
point for information and resources, users are not dependent on information
housed on each other’s computers, as they are in a peer-to-peer network. In
addition, servers can enhance the security of your business data by providing
controlled access to files and data such as financial information, documents, and
business presentations.

CIDR
Classless Inter Domain Routing (CIDR) Classless Inter Domain Routing. CISR was
invented several years ago to kep the internet from running out of IP addresses.
CIDR was introduced to improve both address space utilization and routing
scalability in the internet. It was needed because of the rapid growth of the
Internet and growth of the IP routing tables held in the Internet routers The
“classfull” system of allocating IP addresses can be very wasteful; anyone who
could reasonably show a need for more that 254 host addresses was given a Class
B address Block of 65533 host addresses.
ROUTERS
Routers are networking devices used to extend or segment networks by
forwarding packets from one logical network to another. Routers are most often
used in large internetworks that use the TCP/IP protocol suite and for connecting
TCP/IP hosts and local area networks (LANs) to the Internet using dedicated
leased lines.

Routers work at the network layer (layer 3) of the Open Systems Interconnection
(OSI) reference model for networking to move packets between networks using
their logical addresses (which, in the case of TCP/IP, are the IP addresses of
destination hosts on the network). Because routers operate at a higher OSI level
than bridges do, they have better packet-routing and filtering capabilities and
greater processing power, which results in routers costing more than bridges.

ROUTING BASICS:
When an internetwork is created by connecting WANs and LANs to a router
there is a need to configure logical network address, such as IP addresses
to all hosts on the internetwork so that they can communicate across that
internetwork. The term routing is used for taking a packet from one device
and sending it through the network to another device on a different
network. Routers don’t care about hosts. They only care about networks and
the best path to each network. The logical network address of the
destination host is used to get packets to a network through a routed
network, then the hardware address of host is used to deliver the packets
from a router to correct destination host.
To able to route packets, a router must know following:
 Destination address
 Neighbor routers from which it can learn about remote networks
 Possible routes to all remote networks
 How to maintain and verify routing information
The routers learns about remote networks from neighbor routers or from
an administrator. The routers then builds a routing table that describes how
to find the remote network. If a network is directly connected, then routers
already knows how to get it. If network isn’t connected , the router must
learn how to get to it in two ways:

 Static Routing
 Dynamic Routing
By using static routing, meaning that someone must handtype all network
locations into a routing table. It satic routing is used, the administrator is
responsible for updating all changes by hand into all routers.
In dynamic routing , a protocol on one router communicate with the same
protocol running on neighbor router. The router then update each other
about all the network they know about and place this information into
routing table. If a change occur in the network, the dynamic routing
protocol automatically inform all routers about the event. In a large
network, a combination of both dynamic and static routing is used.
STATIC ROUTING
Static routing occurs when manually add routes in each router’s routing
table. There are pros and cons to static routing, but that’s true for all
 routing processes. Static routers specify the path packets take, allowing precise
control over a network’s routing behavior. Static routes are sometimes used to
define a gateway of last resort .This is where a packet is routed if no other
suitable path can be found. Static router are also used when routing to a stub
network. A stub network is a network accessed by a single route. Often static
routers are the only way on to or off of a stub network. Static routers are also
used for security reasons or when the network is small. By using static routing,
meaning that someone must handtype all network locations into a routing
table. It satic routing is used, the administrator is responsible for updating
all changes by hand into all routers
BENEFITS OF STATIC ROUTING:
 There is no overhead on the router CPU, which means we can
possibly buy a cheaper router than dynamic routing.
 There is no bandwidth usage between routers.
 It adds security, because the administrator can choose to allow
routing access to certain networks only.
DISADVANTAGES OF STATIC ROUTING:
 The administrator must really understand the internetwork and how each
router is connected in order to configure routers correctly.
 If a network is added to the internetwork, the administrator has to add a
route to it on all routers by hand.
 It’s not feasible in large network because maintaining it would be a full-
time job in itself.

SYNTEX USE TO ADD A STATIC ROUTE TO A ROUTING TABLE:

ip route [destination_network] [mask] [next-hop_address or exitinterface]

[administrative_distance] [permanent]
Following list describe each command in the string:

Ip route : This command used to create the static route.

Destination_ network: The network we are placing in the routing table. Mask:
the subnet mask being used on the network. Next-
hop_address: The address of the next –hop router that will receive the
packet and forward it to the remote network. This is a router interface
that’s on a directly connected network. We must ping the router interface
before we add the route . If we type in the wrong next-hop address, or the
interface to that router is down, the static route will show up in the
router’s configuration, but not in the routing table.

Exitinterface: we can use it in place of the next-hop address if we want ,

but it’s got to be on a point – to –point link, such as a WAN. This command
will not work on a LAN such as Ethernet.

Administrative_distance: By default, static routes have an administrative

distance of 1. We can change the default value by adding an administrative
weight at the end of command.

Permanent: If the interface is shut down, or the router can ‘t

communicate to the next-hop router’ the route will automatically be
discarded from the routing table. Choosing the permanent option keeps the
entry in the routing table no matter what happens.

DEFAULT ROUTING:
 We use default routing to send packets with a remote destination
networking not in the routing table to the next- hop router. We can
also use default routing on stub networks those with only one exit
path out of network.

 ROUTER 1- SERIAL 0 (S0)

 ROUTER 2-SERIAL 0(S0)

  PC 1-ETHERNET 0(E0)

 PC2-ETHERNET 0(E0)

 PC3-ETHERNET 0(E0)

DYNAMIC ROUTING:
Dynamic routing is when protocols are used to find networks and update
routing tables on router. It is eaiser than using static or default routing, but
it will cost in terms of router CPU processes and bandwidth on network
links. A routing protocol defines the set of rules used by a router when it
communicates routing information between neighbor routers.

ROUTING PROTOCOLS
 RIP
 IGRP
 EIGRP
 OSPF

ROUTING PROTOCOL BASICS:

Administrative Distances:
The AD is used to rate the trustworthiness of routing information received
on a router from a neighbor router. An AD is an integer from 0 to 255,
where 0 is the most trusted and 255 means no traffic will be passee via
this route.

If a ruter receive two updates listing the same remote network, the first
thing the router checks the AD. If one of the advertised routes has a lower
AD than the other, then the route with lowest AD will be placed in the
routing table.

Default administrative distances:

 ROUTE SOURCE DEFAULT AD

CONNECTED INTERFACE 0

STATIC ROUTE 1

EIGRP 90

IGRP 100

OSPF 110

RIP 120

170
EXTERNAL EIGRP

255(this route will never be

UNKNOWN
used)

Distance vector:
The distance vector protocols find the best path to a remote network by
judging distance. Each time a packet goes through a router that’s called a
hop. The router with least number of hops to the network is determined to
be the best path. The vector indicates the direction to the remote network.
Both RIP and IGRP are distance- vector routing protocols. They send the
entire routing table to directly connected neighbors.

The distance-vector routing algorithm passes complete routing table contents

to neighboring routers , which then combine the received routing table with
their own routing tables to complete the router’s routing table. This is
called routing by rumer, because a router receiving an update from a
neighbor router believes the information about remote networks without
actually finding out for itself. It’s possible to have a network that has
multiple links to the same network, and if that’s the case, the administrative
distance is checked firstl. If AD is same, the protocols will have to use
other metrics to determine the best path to use to that network. RIP uses
only hop count to determine the best path to a network. If RIP finds
more than one link to the same remote network with same hop count, it
will automatically perform a round-robin load balancing. RIP can perform
load balancing for upto six equal cost links(four by default).

Link state:
In link state protocols, also called shortest-path-first protocols, the routers
each create three separate tables. One of these tables keep track of
directly attached neighbors, one determines the topology of entire
internetwork, and one is used as the routing table. Link state routers know
more about the internetwork than any distance-vector routing protocol.
Link-OSPF is an IP routing protocol that is completely link state. Link state
protocol send updates containing the state of their own links to all other
routers on the network.

HYBRID:
Hybrid protocols use aspects of both distance vector and link state- for
example, EIGRP.

Characteristics of Routing Protocols

A routing protocol defines the set of rules used by a router when it communicates
with neighboring routers. It interprets information in a network layer address to
allow a packet to be forwarded to the destination network.

 How updates are conveyed

 What knowledge is conveyed.

 When to convey knowledge

How to locate recipients of the update

ROUTING INFORMATION PROTOCOL (RIP)

 ROUTING INFORMATION PROTOCOL (RIP) is a true distance-vector

routing protocol. It send the complete routing table out to all active
interfaces every 30 seconds.

 RIP only uses hop count to determine the best way to remote
network, but it has maximum allowable hop count of 15 by default,
meaning that 16 is deemed unreachable.

 RIP works well in small networks , but it’s inefficient on large

networks with slow WANs links or on networks with a large number
of router installed,

 RIP VERSION 1

 RIP VERSION 2

RIP VERSION 1 uses only CLASSFULL ROUTING, which means that all devices
in the network must use the same subnet mask. This is because RIP
version1 doesn’t send updates with subnetmask information .

RIP VERSION 2 provides something called prefix routing and does send
subnetmask information with the route updates. This is called CLASSLESS
ROUTING.

RIP TIMER

RIP uses three different kinds of timer to regulate its performance:

ROUTE UPDATE TIMER:

Sets the interval (30 seconds) between periodic routing updates, in which
the router sends a complete copy of its routing table out to all neighbors.
ROUTE INVAILD TIMER:

Determine the length of time that must elapse (180 seconds) before a
router determines that a route has become invalid. It will come to this
conclusion if it hasn’t heard any updates about a particular route for that
period. When that happens , the router will send out updates to all its
neighbors letting them know that the route is invalid.

HOLDDOWN TIMER:

This sets the amount of time during which routing information is

suppressed. Routers will enter into the holddown state when an update
packet is recived that indicated the route is unreachable. The continues until
either an update packet is received with a better metric or until the
holddown timer expires. The default is 180 seconds.

ROUTE FLUSH TIMER:

Sets the time between a route becoming invalid and its removal from the
routing table(240 seconds). Before it’s removed from the table, the router
notifies its neighbors of that route’s impending demise. The value of the
route invalid timer must be less than that of the route flush timer. This
gives the router enough time to tell its neighbors about the invalid route
the local routing table is updated.

Routing tables
Routers contain internal tables of information called routing tables that keep
track of all known network addresses and possible paths throughout the
internetwork, along with cost of reaching each network. Routers route packets
based on the available paths and their costs, thus taking advantage of redundant
paths that can exist in a mesh topology network. Because routers use destination
network addresses of packets, they work only if the configured network protocol
is a routable protocol such as TCP/IP or IPX/SPX. This is different from bridges,
which are protocol independent. The routing tables are the heart of a router;
without them, there's no way for the router to know where to send the packets it
receives. Unlike bridges and switches, routers cannot compile routing tables from
the information in the data packets they process. This is because the routing table
contains more detailed information than is found in a data packet, and also
because the router needs the information in the table to process the first packets
it receives after being activated. A router can't forward a packet to all possible
destinations in the way that a bridge can.

 Static routers: These must have their routing tables configured manually with
all network addresses and paths in the internetwork.

Dynamic routers: These automatically create their routing tables by listening

to network traffic.

 Routing tables are the means by which a router selects the fastest or nearest
path to the next "hop" on the way to a data packets final destination. This process
is done through the use of routing metrics

 Routing metrics which are the means of determining how much distance or
time a packet will require to reach the final destination. Routing metrics are
provided in different forms.

Hop is simply a router that the packet must travel through.

Subnetting

Subnetting, as this process is more commonly called, is a remarkably logical and

mathematical process. Understanding the mathematics of subnetting helps you
develop and implement efficient subnetting schemes that make better use of
available address spaces. That is the explicit goal of subnetting to use an address
space more efficiently. A class A, B, or C TCP/IP network can be further divided, or
subnetted, by a system administrator. This becomes necessary as you reconcile
the logical address scheme of the Internet (abstract world of IP addresses and
subnets) with the physical networks in use by the real world.

Basically it is a process of subdividing networks into smaller subnets.

In case we have 2-3 small networks but we cant buy IP address for each and every
network. So here we use the basic concept of SUBNETTING i.e using one public IP
address we will give them IP address and make them independent networks. For
this we take some bits of host address and use them for network address so we
have different independent networks

Address Format when Subnetting Is Used (class A,B,C resp.):

8 24-x x

Network Subnet Host

16 16-x x

Network Subnet Host

24 8-x x

Network Subnet Host

And due to this mask changes to subnet mask and now the network address also
includes subnet address.

Example

If subnet mask is 255.255.240.0

And an IP address for a computer is given as 142.16.52.4

142.16.0.0 is network address

0.0.48.0 is the subnet address

0.0.4.4 is the host address of the computer

10001110.00010000.00110100.00000100 is ANDed with

11111111.11111111.11110000.00000000 and output is

10001110.00010000.00110000.00000000

here first two octets represents Network address and third octet represents
subnet address.

It can be compared with a postal address as there is only one ZIP code (Network
address), different streets (Subnet address), and different house number (Host
address).

Some terminologies those are used with Networking models:

Collision Domain- It is the group of PC’s in which collision will occur when two
PC will transmit data simultaneously.

Broadcast Domain- It is the group of PC’s those will receive same broadcast
message.

Access/ Collision CSMA/CD (Carrier Sense Multiple Detection)- In this

protocol when a PC wants to transmit any packet it sense the carrier i.e the path
,if no other PC is using the carrier then only it sends. If two PCs starts sending data
simultaneously collision will occur. Both PCs will wait for some random time and
then initiate the same process.

MAC (Media Access Control) . The IEEE 802.3 (Ethernet) and

802.5
(Token Ring) are the MAC sub layers of these two LAN datalink protocols.

Burned-in address: The 6-byte address assigned by the vendor making

the card. It is usually burned in to a ROM or EEPROM on the LAN card and begins
with a 3-byte organizationally unique identifier (OUI) assigned by

the IEEE.
 Locally administered address: Through configuration, an address that is used
instead of the burned-in address.

Unicast address: Fancy term for a MAC that represents a single LAN interface.

Variable – length subnet mask (VLSM)

A VLSM is a sequence of numbers of variable length that streamlines packet
routing within the subnets of a proprietary network. A subnet can be a
geographically defined local area network (LAN). Alternatively a subnet may
define security boundaries, departmental boundaries, multicast or hardware
security parameters.

Step1: In VLSM, considered the maximum number of host present in a network.

Here R2 router has maximum number of hosts.

So, requirements is 50 hosts 2 6 = 64

Step2: So, we have to leave 6 bit form the host part of the IP
172.168.00000000.00 000000

So, the subnet mask is 8+8+8+2 = 26

Now network address for R2 is 172.168.0.0 / 26

Step3: Now calculate the 2nd network address from 172.168.0.0 / 26

172.168.00000000.00000000 / 26
Put 1 at the last bit of network part.

172.168.00000000.01000000 / 26

So 2nd network address is 172.168.0.64 / 26

Step4: Now we calculate the network address of R1 for 2nd network address
172.168.00000000.01000000 / 26

Requirement of R1 is 28 hosts.

2(pow) 5 = 32 172.168.00000000.010 00000

So, network address for r1 is 172.168.0.64 / 27

Step5: Repeat step 3 for calculate 3rd network address and step 4 for calculate
network address between two routers.

Wildcard Masks
You will often come across Wildcard masks, particularly if you work with OSPF and
/ or Cisco routers. The use of wildcard masks is most prevalent when building
Access Control Lists (ACLs) on Cisco routers. ACLs are filters and make use of
wildcard masks to define the scope of the address filter. Although ACL wildcard
masks are used with other protocols, we will concentrate on IP here.
Network Devices
HUB
Networks using a Star topology require a central point for the devices to connect.
Originally this device was called a concentrator since it consolidated the cable
runs from all network devices. The basic form of concentrator is the hub.

As shown in Figure; the hub is a hardware device that contains multiple,

independent ports that match the cable type of the network. Most common hubs
interconnect Category 3 or 5 twistedpair cable with RJ-45 ends, although Coax
BNC and Fiber Optic BNC hubs also exist. The hub is considered the least common
denominator in device concentrators. Hubs offer an inexpensive option for
transporting data between devices, but hubs don't offer any form of intelligence.
Hubs can be active or passive.

An active hub strengthens and regenerates the incoming signals before sending
the data on to its destination.

Passive hubs do nothing with the signal.

SWITCHE
Switches are a special type of hub that offers an additional layer of intelligence to
basic, physical-layer repeater hubs. A switch must be able to read the MAC
address of each frame it receives. This information allows switches to repeat
incoming data frames only to the computer or computers to which a frame is
addressed. This speeds up the network and reduces congestion.

Switches operate at both the physical layer and the data link layer of the OSI
Model.

BRIDGES
A bridge is used to join two network segments together, it allows computers on
either segment to access resources on the other. They can also be used to divide
large networks into smaller segments. Bridges have all the features of repeaters,
but can have more nodes, and since the network is divided, there is fewer
computers competing for resources on each segment thus improving network
performance

Bridges can also connect networks that run at different speeds, different
topologies, or different protocols. But they cannot, join an Ethernet segment with
a Token Ring segment, because these use different networking standards. Bridges
operate at both the Physical Layer and the MAC sublayer of the Data Link layer.
Bridges read the MAC header of each frame to determine on which side of the
bridge the destination device is located, the bridge then repeats the transmission
to the segment where the device is located.

ROUTERS
Routers are networking devices used to extend or segment networks by
forwarding packets from one logical network to another. Routers are most often
used in large internetworks that use the TCP/IP protocol suite and for connecting
TCP/IP hosts and local area networks (LANs) to the Internet using dedicated
leased lines.
Routers work at the network layer (layer 3) of the Open Systems Interconnection
(OSI) reference model for networking to move packets between networks using
their logical addresses (which, in the case of TCP/IP, are the IP addresses of
destination hosts on the network). Because routers operate at a higher OSI level
than bridges do, they have better packet-routing and filtering capabilities and
greater processing power, which results in routers costing more than bridges.

CISCO PACKET TRACER

Cisco® Packet Tracer is a powerful network simulation program that allows
students to experiment with network behavior and ask “what if” questions. As an
integral part of the Networking Academy comprehensive learning experience,
Packet Tracer provides

Simulation, visualization, authoring, assessment, and collaboration capabilities to

facilitate The teaching and learning of complex technology concepts.

Packet Tracer supplements physical equipment in the classroom by allowing

students to create a network with an almost unlimited number of devices,
encouraging practice, discovery, and trouble shooting. The simulation-based
learning environment helps students develop 21st century Skills such as decision
making, creative and critical thinking, and problem solving. Packet Tracer
Complements the Networking Academy curricula, allowing instructors to easily
teach and demonstrate complex technical concepts and networking systems
design. Instructors Can customize individual or multiuser activities, providing
hands-on lessons for students that offer value and relevance in their classrooms.
Students can build, configure, and troubleshoot Networks using virtual equipment
and simulated connections, alone or in collaboration With other students. Packet
Tracer offers an effective, interactive environment for learning networking
concepts and protocols. Most importantly, Packet Tracer helps students and
instructors create their own virtual “network worlds “for exploration,
experimentation, and explanation of networking concepts and technologies.
Figure 1. Packet Tracer’s drag-and-drop interface allows students to configure And validate
system architecture

Key Features
Packet Tracer Workspaces: Cisco Packet Tracer has two workspaces—logical and
physical. The logical workspace allows users to build logical network topologies by
placing, connecting, and clustering virtual network devices. The physical
workspace provides a graphical physical

Dimension of the logical network, giving a sense of scale and placement in how
network devices such as routers, switches, and hosts would look in a real
environment. The physical view also provides geographic representations of
networks, including multiple cities, buildings, and wiring closets.
Figure 3. The physical workspace provides a graphical view of the logical network

Packet Tracer Modes:

Cisco Packet Tracer provides two operating modes to visualize the behavior of a
network—real-time mode and simulation mode. In real-time mode the network
behaves as real devices do, with immediate real-time response for all network
activities. The real-time mode gives students a viable alternative to real
equipment and allows them to gain configuration practice before working with
real equipment. In simulation mode the user can see and control time intervals,
the Inner workings of data transfer, and the propagation of data across a
network. This helps students understand the fundamental concepts behind
network operations. A solid understanding of network fundamentals can help
accelerate learning about related concepts.

NETWORK MODELS

Layering Concepts and Benefits

Many benefits can be gained from the process of breaking up the functions or
tasks of networking into smaller chunks, called layers, and defining standard
interfaces between these layers. The layers break a large, complex set of concepts
and protocols into smaller pieces, making it easier to talk about, to implement
with hardware and software, and to troubleshoot.

The following list summarizes the benefits of layered protocol Specifications:

Humans can more easily discuss and learn about the many details of a protocol
specification.

Standardized interfaces among layers facilitate modular engineering.

A better environment for interoperability is created. One vendor can write

software that implements higher layers—for example, a Web browser—and
another can write software that implements the lower layers—for example,
Microsoft’s built-in TCP/IP software in its operating systems.

Reduced complexity allows easier program changes and faster product evolution.

One layer uses the services of the layer immediately below it. Therefore,
remembering what each layer does is easier. (For example, the network layer
needs to deliver data from end to end. To do this, it uses data links to forward
data to the next successive device along that end-to-end path.)
OPEN SYSTEM INTERCONNECTION REFERENCE MODEL
The Open System Interconnection (OSI) reference model describes how
information from a software application in one computer moves through a
network medium to a software application in another computer. The OSI
reference model is a conceptual model composed of seven layers, each specifying
particular network functions. The model was developed by the International
Organization for Standardization (ISO) in 1984, and it is now considered the
primary architectural model for inter-computer communications .

Characteristics of the OSI Layers:

The seven layers of the OSI reference model can be divided into two categories:
upper layers and lower layers. The upper layer of the OSI model deal with
application issues and generally are implemented only in software. The lower
layers of the OSI model handle data transport issue. The physical layer and the
data link layer are implemented in hardware and software

Protocols:
The OSI model provides a conceptual framework for communication between
computers, but the model itself is not a method of communication. Actual
communication is made possible by using communication protocols. In the
context of data networking, a protocol is a formal set of rules and conventions
that governs how computers exchange information over a network medium.
Functions of Network Layers in Brief:

APPLICATION LAYER
• Used for applications specifically written to run over the network
• Allows access to network services that support applications;
• Directly represents the services that directly support user applications
• Handles network access, flow control and error recovery
• Example apps are file transfer, e-mail, Net BIOS-based applications

PRESENTATION LAYER

• Translates from application to network format and vice-versa

• All different formats from all sources are made into a common uniform
format that the rest of the OSI model can understand
• Responsible for protocol conversion, character conversion, data
encryption / decryption, expanding graphics commands, data compression
• Sets standards for different systems to provide seamless communication
from multiple protocol stacks
• Not always implemented in a network protocol
SESSION LAYER
• Establishes, maintains and ends sessions across the network
• Responsible for name recognition (identification) so only the designated
parties can participate in the session
• Provides synchronization services by planning check points in the data
stream => if session fails, only data after the most recent checkpoint need
be transmitted
• Manages who can transmit data at a certain time and for how long
• Examples are interactive login and file transfer connections, the session
would connect and re-connect if there was an interruption; recognize
names in sessions and register names in history

TRANSPORT LAYER
• Additional connection below the session layer
• Manages the flow control of data between parties across the network
• Divides streams of data into chunks or packets; the transport layer of the
receiving computer reassembles the message from packets
• "Train" is a good analogy => the data is divided into identical units
• Provides error-checking to guarantee error-free data delivery, with on
losses or duplications
• Provides acknowledgment of successful transmissions; requests
retransmission if some packets don’t arrive error-free
• Provides flow control and error-handling TCP, ARP, RARP;

NETWORK LAYER
• Translates logical network address and names to their physical address
(e.g. computer name ==> MAC address)

• Responsible for addressing and determining routes for sending

• Managing network problems such as packet switching, data congestion and
routing
• If router can’t send data frame as large as the source computer sends, the
network layer compensates by breaking the data into smaller units. At the
receiving end, the network layer reassembles the data
 • Think of this layer stamping the addresses on each train car IP; ARP;
RARP, ICMP; RIP; OSFP;

DATA LINK LAYER

• Turns packets into raw bits 100101 and at the receiving end turns bits into
packets.
• Handles data frames between the Network and Physical layers
• The receiving end packages raw data from the Physical layer into data
frames for delivery to the Network layer
• Responsible for error-free transfer of frames to other computer via the
Physical Layer
• This layer defines the methods used to transmit and receive data on the
network. It consists of the wiring, the devices use to connect the NIC to the
wiring, the signaling involved to transmit / receive data and the ability to
detect signaling errors on the network media

Logical Link Control

• Error correction and flow control

• Manages link control and defines SAPs

PHYSICAL LAYER

• Transmits raw bit stream over physical cable

• Defines cables, cards, and physical aspects
• Defines NIC attachments to hardware, how cable is attached to NIC
• Defines techniques to transfer bit stream to cable

IP ADDRESSING
Every machine on the internet has a unique identifying number, called an IP
Address. A typical; IP address looks like this: 216.27.61.45

IP ADDRESS is a 32-bit number, usually written in dotted decimal form, that

uniquely identifies an interface of some computer. This 32-bit number is divided
into 4 octets each separated by a decimal. Out so many values certain values are
restricted for use as typical IP address. For example, the IP address 0.0.0.0 is
reserved for the default network and the address 255.255.255.255is used for
broadcast.
Each IP address is split into 2 sections:

1) Network address
2) Host address
Individual IP address in same network all have a different value in the host part of
address, but they have identical value in network part, just as in town there are
different street address but same ZIP code.
There are five IP classes:
Class A – This class is for very large networks, such as a major international
company. IP addresses with a first octet from 1 to 126 are part of this class. The
other three octets are each used to identify each host.
Net Host or Node
54. 24.54.43

Loopback- The IP address 127.0.0.1 is used as the loopback address. This means
that it is used by the host computer to send a message back to itself. It is
commonly used for troubleshooting and network testing.

Class B- Class B is used for medium-sized networks. A good example is a large

college campus. IP addresses with a first octet from 128 to191 are part of this
class. Class B addresses also include the second octet as part of the Net identifier.
The other two octets are used to identify each host.
Net Host or Node

145.24 53.198
Class C- Class C addresses are commonly used for small to mid-size business. IP
addresses with a first octet from192 to 223 are part of this class. Class C addresses
also include the second and third octets as part of Net identifier. The last octet is
used to identify each host.
Net Host or Node
196.54.34 86

Class D- It is used for multicast. It has first bit value of 1, second bit value of 1,
third bit value of 1 and fourth bit value of 0. The other 28 bits are used to identify
the group of computers the multicast messages is intended for.
Net Host or Node
224 24.54.145

Class E- It is used for experimental purpose only.

Net Host or Node
240. 23.45.105

Private IP
It is not necessary that every time we make a network we are connected to some
ISP (Internet Service Provider). So in that case we require some private IP also
which can be used in indigenous networks .In each class a range of IP addresses
have been defined for this purpose CLASS A 10.0.0.1 to 10.255.255.244
CLASS B 172.16.0.1 to 172.34.255.254
CLASS C 192.168.0.0/16

MASKING
Computers use a mask to define size of network and host part of an address.
Mask is a 32-bit number written in dotted decimal form. It provides us the
network address when we perform a Boolean AND of mask with the IP address. It
also define number of host bits in an address.

Class Size of Size of Default

Mask of network Host for Each addres
Part of Part of Class of
s address, address, Network

in bits in bits

A 8 24 255.0.0.0
B 16 16 255.255.0.0
C 24 8 255.255.255.0

Booting Process
Booting up the Router
Cisco routers can boot Cisco IOS software from these locations:

1. Flash memory

2. TFTP server

3. ROM (not full Cisco IOS)

Multiple source options provide flexibility and fallback alternatives.

Locating the Cisco IOS Software

Default boot sequence for Cisco IOS software:

1. NVRAM

2. Flash (sequential)
3. TFTP server (network boot)

4. ROM (partial IOS)

Note: boot system commands can be used to specify the primary IOS source and
fallback sequences.

Booting up the router and locating the Cisco IOS

1. POST (power on self test)

2. Bootstrap code executed

3. Check Configuration Register value (NVRAM) which can be modified using the
configregister command

0 = ROM Monitor mode

1 = ROM IOS

2 - 15 = startup-config in NVRAM

4. Startup-config file: Check for boot system commands (NVRAM)

If boot system commands in startup-config

a. Run boot system commands in order they appear in startup-config to locate the
IOS

b. [If boot system commands fail, use default fallback sequence to locate the IOS
(Flash, TFTP, ROM)?]

If no boot system commands in startup-config use the default fallback sequence

in locating the IOS:

a. Flash (sequential)
b. TFTP server (netboot)

c. ROM (partial IOS) or keep retrying TFTP depending upon router model

5. If IOS is loaded, but there is no startup-config file, the router will use the
default fallback sequence for locating the IOS and then it will enter setup mode or
the setup dialogue.

6. If no IOS can be loaded, the router will get the partial IOS version from ROM.

Default (normal) Boot Sequence

Power on Router - Router does POST - Bootstrap starts IOS load - Check
configuration register to see what mode the router should boot up in (usually
0x102 to 0x10F to look in NVRAM) - check the startup-config file in NVRAM for
boot-system commands (normally there aren't any) - load IOS from Flash.

Boot System Commands

Router(config)# boot system flash IOS filename - boot from FLASH memory

Router(config)# boot system tftp IOS filename tftp server ip address - boot from a
TFTP server

Router(config)# boot system rom - boot from system ROM

Configuration Register Command

Router(config)# config-register 0x10x (where that last x is 0-F in hex)

When the last x is:

0 = boot into ROM Monitor mode

1 = boot the ROM IOS

2 - 15 = look in startup config file in NVRAM.

How to set Password of Router

Set a password for privileged Exec Mode

Enable password [password]

Set an encrypted password for Privileged Exec Mode

Enable secret [password]

Set password TELNET access

Line vty 0 4

Login

Password [passwords]

Set a password for console port access

Line console 0

Login

Password [passwords]

Load Balancing

Load balancing is a technique used to distribute workloads uniformly

across servers or other compute resources to optimize network efficiency,
reliability and capacity. Load balancing is performed by an appliance -- either
physical or virtual -- that identifies in real time which server in a pool can best
meet a given client request, while ensuring heavy network traffic doesn't unduly
overwhelm a single server.

In addition to maximizing network capacity and performance, load balancing

provides failover. If one server fails, a load balancer immediately redirects its
workloads to a backup server, thus mitigating the impact on end users.

Load balancing is usually categorized as supporting either Layer 4 or Layer 7. Layer

4 load balancers distribute traffic based on transport data, such as IP addresses
and Transmission Control Protocol (TCP) port numbers. Layer 7 load-balancing
devices make routing decisions based on application-level characteristics that
include HTTP header information and the actual contents of the message, such
as URLs and cookies. Layer 7 load balancers are more common, but Layer 4 load
balancers remain popular, particularly in edge deployments.

OPEN SHORTEST PATH FIRST (OSPF)

OPEN SHORTEST PATH FIRST (OSPF) is an open standards routing protocol
that been implemented by a wide verity of network vendors, including
Cisco. If we have multiple routers and not of them are Cisco. If it is a
large networks, then really your only options are OSPF or something
called route redistribution- a translation service between routing protocols.

This works by using the Dijkstra algorithm. First a shortest path tree is
constructed and then the routing table is populated with the resulting best
paths. OSPF converges quickly, although perhaps not so quickly as EIGRP,
and supports multiple, equal cost routers to use the same destination.

OSPF provides the following features:

 Consists of areas and autonomous system

 Minimize routing update traffic
 Allows scalability
 Supports VLSM/CIDR
  Has unlimited hop count
 Allows muti-vendor deployment (open standard)
 OSPF is the link-state routing protocol.

OSPF is an interior gateway protocol that routes Internet Protocol (IP) packets
solely within a single routing domain (autonomous system). It gathers link
state information from available routers and constructs a topology map of the
network. The topology determines the routing table presented to the Internet
Layer which makes routing decisions based solely on the destination IP address
found in IP packets. OSPF was designed to support variable-length subnet
masking (VLSM) or Classless Inter-Domain Routing (CIDR) addressing models.

OSPF detects changes in the topology, such as link failures, and converges on a
new loop-free routing structure within seconds. It computes the shortest path
tree for each route using a method based on Dijkstra's algorithm, a shortest
path first algorithm.

The OSPF routing policies to construct a route table are governed by link cost
factors (external metrics) associated with each routing interface. Cost factors
may be the distance of a router (round-trip time), network throughput of a
link, or link availability and reliability, expressed as simple unitless numbers.
This provides a dynamic process of traffic load balancing between routes of
equal cost.

An OSPF network may be structured, or subdivided, into routing areas to

simplify administration and optimize traffic and resource utilization. Areas are
identified by 32-bit numbers, expressed either simply in decimal, or often in
octet-based dot-decimal notation, familiar from IPv4 address notation.By
convention, area 0 (zero) or 0.0.0.0 represents the core or backbone region of
an OSPF network. The identifications of other areas may be chosen at will;
often, administrators select the IP address of a main router in an area as the
area's identification. Each additional area must have a direct or virtual
connection to the backbone OSPF area. Such connections are maintained by
an interconnecting router, known as area border router (ABR). An ABR
maintains separate link state databases for each area it serves and maintains
summarized routes for all areas in the network.OSPF does not use a TCP/IP
transport protocol (UDP, TCP), but is encapsulated directly in IP datagrams
with protocol number 89. This is in contrast to other routing protocols, such as
 the Routing Information Protocol (RIP), or the Border Gateway Protocol (BGP).
OSPF handles its own error detection and correction functions.

OSPF uses multicast addressing for route flooding on a broadcast domain. For
non-broadcast networks special provisions for configuration facilitate neighbor
discovery. OSPF multicast IP packets never traverse IP routers (never traverse
Broadcast Domains), they never travel more than one hop. OSPF reserves the
multicast addresses 224.0.0.5 for IPv4 or FF02::5 for IPv6 (all SPF/link state
routers, also known as AllSPFRouters) and 224.0.0.6 for IPv4 or FF02::6 for IPv6
(all Designated Routers, AllDRouters), as specified in RFC 2328 and RFC 5340.

Configuring OSPF is slightly different from configuring RIP. When configuring

OSPF, use the following syntax:

Router(config)# router ospf process_ID

Router(config-router)# network IP_address wildcard_mask area area_#

The process_ID is locally significant and is used to differentiate between OSPF

processes running on the same router. Your router might be a boundary router
between two OSPF autonomous systems, and to differentiate them on your
router, you will give them unique process IDs. Note that these numbers do not
need to match between different routers so they have nothing to do with
autonomous system numbers.
To configure any router double click on it and select CLI.To configure this topology
use this step by step guide.

(1841Router0) Hostname R1

To configure and enable ospf routing on R1 follow these commands exactly.

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R1

R1(config)#interface fastethernet 0/0

R1(config-if)#ip address 10.0.0.1 255.0.0.0

R1(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed

state to up R1(config-if)#exit

R1(config)#interface serial 0/0/0

R1(config-if)#ip address 20.0.0.1 255.0.0.0

R1(config-if)#clock rate 64000

R1(config-if)#bandwidth 64

R1(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/0/0, changed state to down

R1(config-if)#exit

%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up

R1(config)#router ospf 1

R1(config-router)#network 10.0.0.0 0.255.255.255 area 0

R1(config-router)#network 20.0.0.0 0.255.255.255 area 0

R1(config-router)#exit

R1(config)#

(2620XM-Router1) Hostname R2

To configure and enable ospf routing on R2 follow these commands exactly.

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R2

R2(config)#interface serial 0/0

R2(config-if)#ip address 20.0.0.2 255.0.0.0

R2(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to

up

R2(config-if)#exit

R2(config)#interface fastethernet 0/0

R2(config-if)#ip address 30.0.0.1 255.0.0.0

R2(config-if)#no shutdown
%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

R2(config-if)#exit

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed

state to up R2(config)#router ospf 2

R2(config-router)#network 20.0.0.0 0.255.255.255 area 0

R2(config-router)#network 3

00:03:10: %OSPF-5-ADJCHG: Process 2, Nbr 20.0.0.1 on Serial0/0 from

LOADING to FULL, Loading Done0.0.0.0 0.255.255.255 area 0

R2(config-router)#network 30.0.0.0 0.255.255.255 area 0

R2(config-router)#exit

R2(config)#

(2620XM-Router2)Hostname R3

To configure and enable ospf routing on R3 follow these commands exactly.

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#hostname R3

R3(config)#interface fastethernet 0/0

R3(config-if)#ip address 30.0.0.2 255.0.0.0

R3(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed
state to up R3(config-if)#interface serial 0/0

R3(config-if)#ip address 40.0.0.1 255.0.0.0

R3(config-if)#clock rate 64000

R3(config-if)#bandwidth 64

R3(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/0, changed state to down

R3(config-if)#exit

%LINK-5-CHANGED: Interface Serial0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0, changed state to

up

R3(config)#router ospf 3

R3(config-router)#network 40.0.0.0 0.255.255.255 area 0

R3(config-router)#network 30.0.0.0 0.255.255.255 area 0

00:04:53: %OSPF-5-ADJCHG: Process 3, Nbr 30.0.0.1 on FastEthernet0/0 from

LOADING to FULL, Loading D

R3(config-router)#exit

R3(config)#

%SYS-5-CONFIG_I: Configured from console by console

R3#

(2811Router3) Hostname R4

To configure and enable ospf routing on R4 follow these commands exactly.

Router>enable

Router#configure terminal

Enter configuration commands, one per line. End with CNTL/Z.

Router(config)#interface serial 0/0/0

Router(config-if)#ip address 40.0.0.2 255.0.0.0

Router(config-if)#no shutdown

%LINK-5-CHANGED: Interface Serial0/0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0/0/0, changed state

to up Router(config-if)#exit

Router(config)#interface fastethernet 0/0

Router(config-if)#ip address 50.0.0.1 255.0.0.0

Router(config-if)#no shutdown

%LINK-5-CHANGED: Interface FastEthernet0/0, changed state to up

%LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0, changed

state to up Router(config-if)#exit

R4(config)#router ospf 4

R4(config-router)#network 50.0.0.0 0.255.255.255 area 0

R4(config-router)#network 40.0.0.0 0.255.255.255 area 0

R4(config-router)#

00:06:32: %OSPF-5-ADJCHG: Process 4, Nbr 40.0.0.1 on Serial0/0/0 from LOADING

to FULL, Loading Done

R4(config-router)#exit
R4(config)#

PC-1

PC>ipconfig

IP Address. .....................: 10.0.0.2

Subnet Mask. ....................: 255.0.0.0

Default Gateway. ...............: 10.0.0.1

PC>ping 50.0.0.2

Pinging 50.0.0.2 with 32 bytes of data:

Reply from 50.0.0.2: bytes=32 time=156msTTL=124

Reply from 50.0.0.2: bytes=32 time=127msTTL=124

Reply from 50.0.0.2: bytes=32 time=156msTTL=124

Reply from 50.0.0.2: bytes=32 time=140msTTL=124

Ping statistics for 50.0.0.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 127ms, Maximum = 156ms, Average = 144ms

PC>

PC-2

PC>ipconfig

IP Address. .....................: 50.0.0.2

Subnet Mask. ....................: 255.0.0.0

Default Gateway. ...............: 50.0.0.1

PC>ping 10.0.0.2

Pinging 10.0.0.2 with 32 bytes of data:

Reply from 10.0.0.2: bytes=32 time=140ms TTL=124 Reply from 10.0.0.2:

bytes=32 time=141ms TTL=124 Reply from 10.0.0.2: bytes=32 time=157ms
TTL=124 Reply from 10.0.0.2: bytes=32 time=156ms TTL=124 Ping statistics for
10.0.0.2:

Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

Minimum = 140ms, Maximum = 157ms, Average = 148ms

You can verify that ospf is running successfully via show ip protocols command in
privilege mode.

R4#show ip protocols

Routing Protocol is "ospf 4"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Router ID 50.0.0.1

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

Maximum path: 4

Routing for Networks:

50.0.0.0 0.255.255.255 area 0

40.0.0.0 0.255.255.255 area 0

Routing Information Sources:

Gateway Distance Last Update

40.0.0.1 110 00:01:26

Distance: (default is 110)

R4#

You can use show ip oute command to troubleshoot ospf network. If you did not
see information about any route checks the router attached with that network.

R4#show ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area

* - candidate default, U - per-user static route, o - ODR

P - periodic downloaded static route

Gateway of last resort is not set

O 10.0.0.0/8 [110/1564] via 40.0.0.1, 00:02:37, Serial0/0/0 O 20.0.0.0/8

[110/1563] via 40.0.0.1, 00:02:37, Serial0/0/0 O 30.0.0.0/8 [110/782] via 40.0.0.1,
00:02:37, Serial0/0/0 C 40.0.0.0/8 is directly connected, Serial0/0/0

C 50.0.0.0/8 is directly connected, FastEthernet0/0

R4#

To test ospf routing do ping from pc1 to pc2 and vice versa.
ACCESS CONTROL LIST (ACL)

An access control list (ACL) is a table that tells a computer operating system which
access rights each user has to a particular system object, such as a file directory or
individual file. Each object has a security attribute that identifies its access control
list. The list has an entry for each system user with access privileges. The most
common privileges include the ability to read a file (or all the files in a directory),
to write to the file or files, and to execute the file (if it is an executable file, or
program). Microsoft Windows NT/2000, Novell'sNetWare, Digital's OpenVMS, and
UNIX-based systems are among the operating systems that use access control
lists. The list is implemented differently by each operating system. In Windows
NT/2000, an access control list (ACL) is associated with each system object. Each
ACL has one or more access control entries (ACEs) consisting of the name of a
user or group of users. The user can also be a role name, such as "programmer,"
or "tester." For each of these users, groups, or roles, the access privileges are
stated in a string of bits called an access mask. Generally, the system
administrator or the object owner creates the access control list for an object.

An ACL is a series of IOS commands that control whether a router forwards or

drops packets based on information found in the packet header. ACLs are

among the most commonly used features of Cisco IOS software.

When configured, ACLs perform the following tasks:-

Limit network traffic to increase network performance. For example, if corporate

policy does not allow video traffic on the network, ACLs that block video traffic
could be configured and applied. This would greatly reduce the network load and
increase network performance.

Provide traffic flow control. ACLs can restrict the delivery of routing updates. If
updates are not required because of network conditions, bandwidth is preserved.

Provide a basic level of security for network access. ACLs can allow one host to
access a part of the network and prevent another host from accessing the same
area. For example, access to the Human Resources network can be restricted to
authorized users.

Filter traffic based on traffic type. For example, an ACL can permit email traffic,
but block all Telnet traffic.

Screen hosts to permit or deny access to network services. ACLs can permit or
deny a user to access file types, such as FTP or HTTP.

Types of ACL:- Since 1993, most administrators have used two basic ACLs:
standard and extended ACLs. Standard IP ACLs can filter on only the source IP
address in an IP packet

header, whereas an extended IP ACL can filter on the following:-

Source IP address

Destination IP address

TCP/IP protocol, such as IP (all TCP/IP protocols), ICMP, OSPF, TCP, UDP, and
others TCP/IP protocol information, such as TCP and UDP port numbers, TCP code
flags, and ICMP messages
Given the differences between these two types of ACLs, standard ACLs typically
are used for the following configuration tasks on a router:-

Restricting access to a router through the VTY lines (Telnet and SSH)

Restricting access to a router through HTTP or HTTPS

Filtering routing updates

Extended ACLs, on the other hand, commonly are used to filter traffic between
interfaces on the router, mainly because of their flexibility in matching on many
different fields at Layers 2, 3, and 4.
TELNET

In networking, the Point-to-Point Protocol (PPP) is a data link protocol commonly

used in establishing a direct connection between two networking nodes. It can
provide connection authentication, transmission encryption , and compression.
PPP is used over many types of physical networks including serial cable, phone
line, trunk line, cellular telephone, specialized radio links, and fiber optic links
such as SONET. PPP is also used over Internet access connections (now marketed
as "broadband"). Internet service providers (ISPs) have used PPP for customer
dial-up access to the Internet, since IP packets cannot be transmitted over a
modem line on their own, without some data link protocol. Two derivatives of
PPP, Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol
over ATM (PPPoA), are used most commonly by Internet Service Providers (ISPs)
to establish a Digital Subscriber Line (DSL) Internet service connection with
customers. PPP is commonly used as a data link layer protocol for connection over
synchronous and asynchronous circuits, where it has largely superseded the older
Serial Line Internet Protocol(SLIP) and telephone company mandated standards
(such as Link Access Protocol, Balanced (LAPB) in the X.25protocol suite). PPP was
designed to work with numerous network layer protocols, including Internet
Protocol (IP), TRILL, Novell's Internetwork Packet Exchange (IPX), NBF and
AppleTalk.

VIRTUAL LANs (VLANs)

VLAN Basics
As I said, a VLAN is a virtual LAN. In technical terms, a VLAN is a broadcast domain
created by switches. Normally, it is a router creating that broadcast domain. With
VLAN’s, a switch can create the broadcast domain.

This works by, you, the administrator, putting some switch ports in a VLAN other
than 1, the default VLAN. All ports in a single VLAN are in a single broadcast
domain.

Because switches can talk to each other, some ports on switch A can be in VLAN
10 and other ports on switch B can be in VLAN 10. Broadcasts between these
devices will not be seen on any other port in any other VLAN, other than 10.
However, these devices can all communicate because they are on the same VLAN.
Without additional configuration, they would not be able to communicate with
any other devices, not in their VLAN. Are VLANs required?

It is important to point out that you don’t have to configure a VLAN until your
network gets so large and has so much traffic that you need one. Many times,
people are simply using VLAN’s because the network they are working on was
already using them.

Another important fact is that, on a Cisco switch, VLAN’s are enabled by default
and ALL devices are already in a VLAN. The VLAN that all devices are already in is
 VLAN 1. So, by default, you can just use all the ports on a switch and all devices
will be able to talk to one another.

When do I need a VLAN?

You need to consider using VLAN’s in any of the following situations:

 You have more than 200 devices on your LAN

 You have a lot of broadcast traffic on your LAN
 Groups of users need more security or are being slowed down by too many
broadcasts?
 Groups of users need to be on the same broadcast domain because they
are running the same applications. An example would be a company that has VoIP
phones. The users using the phone could be on a different VLAN, not with the
regular users.
 Or, just to make a single switch into multiple virtual switche.

There are several ways that VLANs simplify network management:

 Network adds, moves, and changes are achieved by configuring a port into the
appropriate VLAN.
 A group of users needing high security can be put into a VLAN so that no users
outside of the VLAN can communicate with them.
 As a logical grouping of users by function, VLAN can be considered independent
from their physical or geographic locations.
 VLANs can enhance network security.
 VLANs increase the number of broadcast domains while decreasing their size.

Types of VLAN
There are only two types of VLAN possible today, cell-based VLANs and frame-
based VLANs.

 Cell-based VLANs are used in ATM switched networks with LAN Emulation
(or LANE). LANE is used to allow hosts on legacy LAN segments to communicate
 using ATM networks without having to use special hardware or software
modification.
 Frame-based VLANs are used in ethernet networks with frame tagging. The
two primary types of frame tagging are IEEE 802.10 and ISL (Inter Switch Link is a
Cisco proprietary frame-tagging). Keep in mind that the 802.10 standard makes it
possible to deploy VLANs with 802.3 (Ethernet), 802.5 (Token-Ring), and FDDI, but
ethernet is most common.

VLAN modes
There are three different modes in which a VLAN can be configured. These modes
are covered below:

 VLAN Switching Mode – The VLAN forms a switching bridge in which frames
are forwarded unmodified.
 VLAN Translation Mode – VLAN translation mode is used when the frame
tagging method is changed in the network path, or if the frame traverses from a
VLAN group to a legacy or native interface which is not configured in a VLAN.
When the packet is to pass into a native interface, the VLAN tag is removed so
that the packet can properly enter the native interface.
 VLAN Routing Mode – When a packet is routed from one VLAN to a
different VLAN, you use VLAN routing mode. The packet is modified, usually by a
router, which places its own MAC address as the source, and then changes the
VLAN ID of the packet.

VLAN configurations
Different terminology is used between different hardware
manufacturers when it comes to VLANs. Because of this there is often
confusion at implementation time. Following are a few details, and
some examples to assist you in defining your VLANs so confusion is not
an issue.
 Cisco VLAN terminology
You need a few details to define a VLAN on most Cisco equipment. Unfortunately,
because Cisco sometimes acquires the technologies they use to fill their
switching, routing and security product lines, naming conventions are not always
consistent. For this article, we are focusing only one Cisco switching and routing
product lines running Cisco IOS.

 ID – The VLAN ID is a unique value you assign to each VLAN on a single

device. VLAN With a Cisco routing or switching device running IOS, your range is
from 1-4096. When you define a VLAN you usually use the syntax "vlan x" where x
is the number you would like to assign to the VLAN ID. VLAN 1 is reserved as an
administrative VLAN. If VLAN technologies are enabled, all ports are a member of
VLAN 1 by default.
 VLAN Name – The VLAN name is an text based name you use to identify
your VLAN, perhaps to help technical staff in understanding its function. The
string you use can be between 1 and 32 characters in length.
 Private VLAN – You also define if the VLAN is to be a private vlan in the
VLAN definition, and what other VLAN might be associated with it in the definition
section. When you configure a Cisco VLAN as a private-vlan, this means that ports
that are members of the VLAN cannot communicate directly with each other by
default. Normally all ports which are members of a VLAN can communicate
directly with each other just as they would be able to would they have been a
member of a standard network segment. Private vlans are created to enhance the
security on a network where hosts coexisting on the network cannot or should
not trust each other. This is a common practice to use on web farms or in other
high risk environments where communication between hosts on the same subnet
are not necessary. Check your Cisco documentation if you have questions about
how to configure and deploy private VLANs.
 VLAN modes – in Cisco IOS, there are only two modes an interface can
operate in, "mode access" and "mode trunk". Access mode is for end devices or
devices that will not require multiple VLANs. Trunk mode is used for passing
multiple VLANs to other network devices, or for end devices that need to have
membership to multiple VLANs at once. If you are wondering what mode to use,
the mode is probably "mode access"

VLAN Memberships
 VLAN are usually created by an administrator, who then assigns switch ports to
each VLAN. Such a VLAN is called a static VLAN. If the administrator wants to do a
little more work up front and assign all the host devices’ hardware addresses in to
a database, the switches can be configured to assign VLANs dynamically
whenever a host is plugged into a switch. This is called a dynamic.

Static VLANs

 Static VLANs are the usual way of creating VLAN, and they’re also the most
secure. The switch port that you assign a VLAN association to always maintains
that association until an administrator manually changes that port assignment.
 This type of VLAN configuration is comparatively easy to set up and monitor, ,and
it works well in a network where the movement of users with the network is
controlled. And although it an be helpful to use network management software to
configure the ports, It’s not mandatory.

Dynamic VLANs

 A dynamic VLAN determines a node’s VLAN assignment automatically, using

intelligent management software; you can base VLAN assignments on hardware
(MAC) addresses, protocols, or even applications to create dynamic VLANs.

Identifying VLANs :
As frames are switches throughout the network, switches must be able to keep
track of all the different types, plus understand what to do with them depending
on the hardware address. And remember, frames are handled differently
according to the type of link they are traversing.. There are two different type of
links in a switched environment.

Access links :

 This type of link is only part of one VLAN and it’s referred to as the native VLAN of
the port. Any device attached to an access link is unaware of a VLAN membership
the device just assumes it’s part of a broadcast domain, but has no understanding
of the physical network.
 Trunk links :

 Trunks can carry multiple VLAN and originally gained their name after the
telephone system trunks that carry multiple telephone conversations.
 A trunk link is 100-or 1000 Mbps point to point link between two switches,
between a switch and router, or between a switch and server. These carry the
traffic of multiple VLANs-from 1 to 1005 at a time.
(promotes scaling) and minimizes the risk of errors cause by duplicate names or
incorrect VLAN types. VTP operates in server, client or transparent mode. The
default is serer mode. VLAN updates are not propagated over the network until a
management domain name is specified.