Saturday, 3 September 2011

Basic CCNA concepts


Open Systems Interconnection(OSI) Model

The Open Systems Interconnection (OSI) model began as a reference model, but has since been implemented. It was created by the International Organization for Standardization (ISO) to provide a logical framework for how data communication processes should interact across networks. Standards were created for the computer industry allowing different networks to work together efficiently.
There are 7 layers in the OSI model. Each layer is responsible for a particular aspect of data communication. For example, one layer may be responsible for establishing connections between devices, while another layer may be responsible for error checking during transfer.
The layers of the OSI model are divided into two groups: the upper layer and lower layer. The upper layers focus on user applications and how files are represented on the computers prior to transport. For the most part, network engineers are more concerned with the lower layers. It's the lower layers that concentrate on how the communication across a network actually occurs.
Application Layer: Provides network services to user applications. It is responsible for exchanging information between programs running on the machine, such as an e-mail program, and other services running on a network, such as a print server or another computers' application.
Presentation Layer: Concerned with how data is converted and formatted for data transfer. Examples of format conversions include ASCII text for documents and .gif and JPG for images. This layer performs code conversion, data translation, compression and encryption.
Session Layer: Determines how two devices establish, maintain and manage a connection - how they talk to each other. These connections are called sessions.
Transport Layer: Responsible for breaking the data into segments, establishing an end-to-end logical connection between machines, and providing for error handling.
Network Layer: Responsible for determining addressing on the network, determining the routes that information will take on its journey, and managing network traffic congestion. Data at this level is packaged into packets.
Data Link Layer: Provides the link for how data, packaged into frames is communicated through hardware to be transported across a medium. It communicates with network cards, manages physical layer communications between connecting systems and handles error notification.
Physical Layer: Specifies how data is processed into bits and physically transferred over medium, such as cables. It's responsible for activating and maintaining the physical link between systems.

Data Encapsulation

When a host transmits data across a network to another device, the data is encapsulated with protocol information at each layer of OSI model. Each layer communicates only with its peer layer on the receiving device. When you send e-mail, the information in the message is converted to usable data in the top three layers (Application, Presentation, Session) and passed to the Transport Layer. At the Transport Layer, protocol information is attached as a header to the data, ensuring that the computer at the other end will be able to communicate. The data and header is then packaged into a segment. The segment is transferred to the Network Layer where an additional header containing source and destination logical address is attached. The segment and header is packaged into a packet and transferred to the Data Link Layer. At the Data Link Layer, both a header and trailer with additional information is attached and packaged as a frame. The frame provides information that allows connection to the next network device on the link. The frame is converted into a series of 0's and 1's (bits) for transmission across the network medium at the Physical Layer.
When the remote device receives a sequence of bits, it passes them to the data link layer for frame manipulation. This process is referred to as de-encapsulation. When the data link layer receives the frame, It reads the control information provided by the peer source device. It strips the control information from the frame. It passes the frame up to the next layer, following the instructions that appeared in the control portion of the frame. Each subsequent layer will perform this same de-encapsulation process.

TCP/IP Overview

The Transmission Control Protocol/Internet Protocol (TCP/IP) suite of protocols was developed as part of the research done by the Defense Advanced Research Projects Agency (DARPA). Later, TCP/IP was included with the Berkeley Software Distribution of UNIX.
The Internet protocols can be used to communicate across any set of interconnected networks. They are equally well suited for both LAN and WAN communication.

The TCP/IP Protocol Stack

The TCP/IP protocol stack maps closely to the OSI reference model in the lower layers. All standard physical and data-link protocols are supported Application layer Application protocols exist for file transfer, e-mail, and remote login. Network management is also supported at the application layer.
Transport Layer Transport services allow users to segment and reassemble several upper-layer applications onto the same transport-layer data stream. The transport layer performs two functions:
  • Flow control provided by sliding windows
  • Reliability provided by sequence numbers and acknowledgments
Two protocols are provided at the transport layer: TCP and UDP . TCP is a connection-oriented, reliable protocol located in the transport layer of the TCP/IP Protocol Stack. UDP is a TCP/IP Transport Layer protocol designed for applications that provide their own error recovery process. It trades reliability for speed. Internet Layer Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI network layer:
  • IP provides connectionless, best-effort delivery routing of datagrams. It is not concerned with the content of the datagrams. Instead, it looks for a way to move the datagrams to their destination.
  • ICMP provides control and messaging capabilities.
  • ARP determines the data link layer address for known IP addresses.
  • RARP determines network addresses when data link layer addresses are known.

TCP Connection Establishment

TCP is connection oriented, so it requires connection establishment before data transfer begins.

Synchronization

For a connection to be established or initialized, the two hosts must synchronize on each other's Initial Sequence Numbers (ISN) . Synchronization is done in an exchange of connection establishing segments carrying a control bit called SYN (for synchronize) and the initial sequence numbers. As a shorthand, segments carrying the SYN bit are also called "SYNs." Hence, the solution requires a suitable mechanism for picking an initial sequence number and a slightly involved handshake to exchange the ISNs.

Three-Way Handshake

The synchronization requires each side to send its own initial sequence number and to receive a confirmation of it in acknowledgement (ACK) from the other side. Each side must also receive the other side's initial sequence number and send a confirming ACK. This exchange is called the three-way handshake

TCP Simple Acknowledgment

The window size determines how much data the receiving station can accept at one time. With a window size of one, each segment must be acknowledged before another segment is transmitted, which results in inefficient use of bandwidth by the hosts.

Flow Control

To govern the flow of data between devices, TCP uses a flow control mechanism. The receiving TCP reports a "window" to the sending TCP. This window specifies the number of octets, starting with the acknowledgement number, that the receiving TCP is currently prepared to receive.

Window Sizes

TCP window sizes are variable during the lifetime of a connection. Each acknowledgement contains a window advertisement that indicates how many bytes the receiver can accept. TCP also maintains a congestion control window, which is normally the same size as the receiver's window, but is cut in half when a segment is lost (for example, when there is congestion). This approach permits the window to be expanded or contracted as necessary to manage bufferspace and processing. A larger window size allows more data to be processed.

IP Addressing

In a TCP/IP environment, end stations communicate seamlessly with servers or other end stations. This communication occurs because each node using the TCP/IP protocol suite has a unique 32-bit logical IP address. Each IP datagram includes the source IP address and destination IP address that identifies the source and destination network and host. Each company listed on the internetwork is seen as a single network that must be reached before an individual host within that company can be contacted.
Each company network has a unique two-part network address:
  • The hosts that populate that network share those same bits, or network number.
  • The remaining bits, or host number, are a unique identifier of each host within that network.

Examining IP Address Classes

There are only eight network bits in the Class A address, and 24 bits in the host field. So, few Class A networks, each consisting of many hosts, exist. There are more Class B and Class C networks, each with fewer hosts. This scheme allows the addresses to be assigned based on the size of the network. This address design was based on the assumption that there would be many more small networks than large networks in the world.

Class A addresses

include the following:
  • The first bit is 0.
  • Range of network numbers: 1.0.0.0 to 126.0.0.0
  • Number of possible networks: 127 (1-126 usable, 127 is reserved)
  • Number of possible values in the host portion: 16,777,216 (The number of usable hosts is two less than the number of possible because the host portion must be nonzero and cannot be all ones.)

Class B addresses

include the following:
  • The first two bits are 10.
  • Range of network numbers: 128.0.0.0 to 191.255.0.0
  • Number of possible networks: 16,384
  • Number of possible values in the host portion: 65,536 (The number of usable hosts is two less than the number of possible because the host portion must be nonzero and cannot be all ones.)

Class C addresses

include the following:
  • The first three bits are 110.
  • Range of network numbers: 192.0.0.0 to 223.255.255.0
  • Number of possible networks: 2,097,152
  • Number of possible values in the host portion: 256 (The number of usable hosts is two less than the number of possible because the host portion must be nonzero and cannot be all ones.)

Class D addresses

include the following:
  • Range of network numbers: 224.0.0.0 to 239.255.255.255

What is a Subnet?

By breaking up the network into smaller segments, or subnets, network address use is more efficient. There is no change to how the outside world sees the network, but within the organization, there is additional structure.

Subnet Masks

A network device uses a subnet mask to determine what part of the IP address is used for the network, the subnet, and the device (host) address. A device can also determine the class of address it has been assigned from its own IP address. The subnet mask then tells the device where the boundary is between the subnet ID and the host ID. A subnet mask is a 32-bit value, written as four octets, containing a number of one bits for the network and subnet ID, and a number of zero bits for the host ID.
Each bit in the subnet mask is used to determine how the corresponding bit in the IP address should be interpreted as follows:
  • Binary 1 for the network bits
  • Binary 1 for the subnet bits
  • Binary 0 for the host bits

Cisco IOS Software

Cisco's Internetwork Operating System (IOS) software platform is implemented on the varied hardware used in this course. It is the embedded software architecture in all of the Cisco routers and is also the operating system of the Catalyst 1900 series switches.

Command Line Interface (CLI)

The Cisco IOS command line interface can be accessed through a console connection, modem connection, or a Telnet session. Regardless of which connection method is used, access to the IOS command line interface is generally referred to as an EXEC session.

Network Device Configuration

Configuration Features

Configuration sets up the device with:
  • Network policy of the functions required
  • Protocol addressing and parameter settings
  • Options for administration and management.

Initializing Cisco Devices

  • Catalyst Switch When you start the Catalyst switch for the first time, the switch uses an initial configuration with default settings.
  • Cisco Router When you start the Cisco router for the first time, the router does not have an initial configuration. The router software will prompt you for a minimum of details using an optional dialogue called "setup."

Overview of Cisco Device Startup

When the Catalyst switch or Cisco router starts up, there are three main operations performed on the networking device: 1. The device performs hardware checking routines . A term often used to describe this initial set of routines is power on self test (POST).
2. Once the hardware has been shown to be in good working order, the devices perform system startup routines . These initiate the switch or router operating software.
3. Once the operating system is loaded, the devices try to find and apply software configuration settings that establish the details needed for network operation.
There is typically a sequence of fallback routines that provide software startup alternatives if needed.

External Configuration Sources

The switch and the router can be configured from many locations:
  • Upon initial installation, the network administrator typically configures the networking devices from the console terminal, which is connected via the console port.
  • If the administrator is supporting a remote device, a modem connection to the device's auxiliary port permits the administrator to configure it.
  • For selected routers and switches, a CD-ROM (such as Cisco Fast Step) can provide a rapid configuration application, to make the most simple configuration tasks easier to accomplish.

Additional Access Upon Initial Configuration

After initial start up, there are additional ways to access and configure the device. All of these require TCP/IP to be configured on the device. The methods are:
  • Establish a terminal session using Telnet
  • Download a configuration file from a trivial file transfer protocol (TFTP ) server on the network
  • Download a configuration file using a WWW browser

IOS User Interface Functions

Cisco IOS software uses a Command Line Interface (CLI) as its traditional console environment. While Cisco IOS software is a core technology that extends across many products, Cisco IOS operation details vary on different internetworking devices. Cisco IOS software uses a hierarchy of commands in its command-mode structure. Each command mode supports specific Cisco IOS commands related to a type of operation on the device.

Entering Commands

To enter commands into the user interface, you type or paste your entries within one of the several console command modes. Each command mode is indicated with a distinctive prompt. The Enter Key instructs the device to parse and execute the command

Security and Access Levels

As a security feature, Cisco IOS separates the EXEC sessions into two different access levels - User EXEC level and Privileged EXEC level.
  • User EXEC level allows a person to access only a limited number of basic monitoring commands.
  • Privileged EXEC level allows a person to access all router commands (for example, configuration and management) and can be password protected to allow only authorized individuals to access the router.

User Mode

When an EXEC session is started, the router or switch will display a hostname> prompt. The right arrow (>) in the prompt indicates that the router or switch is at the user EXEC level. The user EXEC level does not contain any commands that might control (for example, reloading or configuring) the operation of the router or switch.

Privileged Mode

Critical commands (for example, configuration and management) require that the user be at the privileged EXEC level. The Privileged Mode is the most commonly used and allows a person to access all router commands for management and configuration. Its characteristics include:
  • Detailed examination of switch or router
  • Enables configuration and debugging
  • Prerequisite for other configuration modes

Major Components of a Router

RAM

Random access memory contains the software and data structures that allow the router to function. The principle software running in RAM is the Cisco IOS image and the running configuration.

ROM

Read-only memory contains microcode for basic functions to start and maintain the router.

Flash Memory

Flash is primarily used to contain the IOS software image. Some routers run the IOS image directly from Flash and do not need to transfer it to RAM.

NVRAM

Non-volatile random access memory is mainly used to store the configuration. NVRAM uses a battery to maintain the data when power is removed from the router.

Configuration Register

The configuration register is used to control how the router boots up.

Interfaces

The physical connections to the external world for the router. These interfaces include the following types: Ethernet and Fast Ethernet, Asynchronous and synchronous serial,Token Ring, FDDI , ATM, Console and auxiliary ports.

IOS Location Process

The sequence of events the bootstrap code follows to find the image follows:
1. Check the boot field of the configuration register
2.If the configuration register boot field value is from 0x2 to 0xF the bootstrap code parses any configuration in NVRAM for boot system commands that specify the name and location of the IOS image to load
3. If there are no boot system commands in the configuration, the router defaults to loading the first file in Flash memory and running it.
4. If no valid file is found in Flash, the router attempts a net boot using the boot field value as a pointer for the name of the file to request to be downloaded.
5. If net boot fails, the router will boot the RXBOOT file from ROM.
6. If there is no RXBOOT (mini-IOS) file or it is corrupted, the router will boot the ROM monitor (ROMMON) from ROM.

Examining the Configuration Register

The configuration register is a 16-bit register. The lowest four bits of the configuration register (bits 3, 2, 1, and 0) form the boot field. A hexadecimal number is used as the argument to set the value of Configuration Register. When changing the boot field follow these guidelines:
  • Set the boot field to 0 to enter ROM monitor mode automatically. (This value sets the boot field bits to 0-0-0-0.) The router displays the > or the rommon> prompt in this mode.
  • Set the boot field to 1 to configure the system to boot automatically from ROM. (This value sets the boot field bits to 0-0-0-1.) The router displays the Router(boot)> prompt in this mode.
  • Set the boot field to any value from 2 to F to configure the system to use the boot system commands in NVRAM. This is the default. (These values set the boot field bits to 0-0-1-0 through 1-1-1-1.)
You can change the default configuration register setting with the enabled config-mode config-register command.
Use the show version command to verify your changes in the boot field setting.

Examining the IOS Copy Command

The IOS copy commands are used to move configurations from one component or device to another. The syntax of the copy command requires that the first argument indicate the source (from where the configuration is to be copied) and the second argument indicate the destination (to where the configuration is to be copied). TFTP servers can be used to store configurations in a central place. This allows centralized management and updating. The copy command is used to both store and retrieve a configuration through tftp.
copy running-config tftp
The copy running-config tftp command allows you to upload and save your current configuration to a TFTP server. You are required to supply the TFTP server's address or name and to specify a filename for your uploaded configuration. In the display the series of exclamation marks are used to show the progress of the upload.
copy tftp running-config
The copy tftp running-config command downloads a configuration file from the TFTP server to running memory.

Viewing the Configurations

The show running-config and show startup-config commands are among the most used Cisco IOS software EXEC commands. They allow an administrator to see the current running configuration in RAM on the router or the startup configuration commands in NVRAM that the router will use on the next restart.

CLI Command Modes

The first method of configuration presented was the setup utility. Setup allows a basic initial configuration to be created. For more complex and specific configurations, we can use the command line interface to enter terminal configuration mode.

Accessing the Modes

From the privileged EXEC mode you can enter global configuration mode with the configure terminal command. From the global configuration mode, you have access to the specific configuration modes, which include:
  • Interface - Supports commands that configure operations on a per-interface basis
  • Subinterface - Supports commands that configure multiple virtual interfaces on a single physical interface
  • Controller - Supports commands that configure controllers (for example E1 and T1 controllers)
  • Line - Supports commands that configure the operation of a terminal line
  • Router - Supports commands that configure an IP routing protocol
  • IPX-router - Supports commands that configure the Novell network-layer protocol

Grouping Configuration Commands

Global Configuration Commands Commands that affect the entire router are called global commands. The hostname and enable password commands are examples of global commands.
Major Process/Interface Commands Commands that point to or indicate a process or interface that will be configured are called major commands. When entered, major commands cause the CLI to enter a specific configuration mode. Major commands have no effect unless they are immediately followed by a subcommand that supplies the configuration entry. For example, the major command interface serial 0 has no effect unless followed by a subcommand that tells what you want to do to that interface.

Saving Configurations

After you have entered the commands you wish to configure the router, you must save your running configuration to NVRAM with the copy running-config startup-config command. If you fail to save your configuration to NVRAM and you reload the router, your configuration will be lost and the router will revert to the last saved configuration.

Exiting the Configuration Modes

If you type exit, the router will back out one level, eventually allowing you to log out. In general, typing exit from one of the specific configuration modes will return you to global configuration mode. Pressing Ctrl-Z leaves configuration mode completely and returns the router to the privileged EXEC mode.

Examining Router Identification Configuration

There are three different identifications that can be configured in the router:
  • Router Name
  • Message of the Day Banner
  • Interface Description

Other Console Line Commands

Other useful console commands include the exec-timeout 0 0 command and the logging synchronous console line command.
  • The exec-timeout 0 0 command sets the timeout for the console EXEC session to zero. This prevents the session from timing out and disconnecting your session.
  • The logging synchronous console line command is useful whenever there are console messages being displayed at the same time that you are attempting to input EXEC or configuration commands. Instead of the console messages being interspersed with your input, your input is redisplayed on a single line at the finish of each console message that "interrupts" your input. This makes reading your input and the messages much easier.

The Interface Command

Many features are enabled on a per-interface basis. Interface configuration mode commands modify the operation of Ethernet, Token Ring, FDDI, serial, and many other interface types.
A router's main function is to relay packets from one network device to another. In order to do that, the characteristics of the interfaces through which the packets are received and sent must be defined. These characteristics include, but are not limited to:
  • address of the port
  • data encapsulation method
  • media-type
  • bandwidth
  • direct memory access buffering parameters
When you issue the interface command, you must define the interface type and number. The number is assigned to each interface at the factory or by the physical location of the interface hardware in the router and is used to identify each interface. This identification is critical when you have multiple interfaces of the same type in a single router.

Disabling / Enabling an Interface

There may be a reason for you to disable an interface. This function is useful when you want to perform hardware maintenance on a specific interface or segment of a network. You might also want to disable an interface if a problem exists on a specific segment of the network and you need to isolate that segment from the rest of the network until the problem is detected or repaired.
The shutdown subcommand administratively turns off an interface. To reinstate the interface, use the no shutdown command.
The show interfaces command displays statistics for the network interfaces on the router.

Routing

Routing is the process by which an item gets from one location to another. Many items get routed: for example, mail, telephone calls, and trains. In networking, a router is the device used to route traffic. The routing information a router learns from its routing sources is placed in its routing table. The router will rely on this table to tell it which port to use when forwarding addressed packets

Types of Routes

  • Static routes - Routes learned by the router when an administrator manually establishes the route. The administrator must manually update this static route entry whenever an internet work topology change requires an update.
  • Dynamic Routes - Routes dynamically learned by the router after an administrator configures a routing protocol that helps determine routes. Unlike static routes, once the network administrator enables dynamic routing, route knowledge is automatically updated by a routing process whenever new topology information is received from the internetwork.

Static Route Configuration

A static route allows manual configuration of the routing table. No dynamic changes to this table entry will occur as long as the path is active. The ip route command is used to configure a static route in global configuration mode.

Default Routes

A default route is a special type of static route. A default route is a route to use for situations when the route from a source to a destination is not known or when it is unfeasible for the routing table to store sufficient information about the route.

Dynamic Routing

Routing protocols are used between routers to determine paths and maintain routing tables. Dynamic routing relies on a routing protocol to disseminate knowledge.

Characteristics of Routing Protocols

A routing protocol defines the set of rules used by a router when it communicates with neighboring routers. It interprets information in a network layer address to allow a packet to be forwarded to the destination network.
Routing protocols describe:
  • How updates are conveyed
  • What knowledge is conveyed When to convey knowledge
  • How to locate recipients of the updates
Two examples of routing protocols are Routing Information Protocol (RIP) and Interior Gateway Routing Protocol (IGRP).

Autonomous Systems

An autonomous system is a collection of networks under a common administrative domain.
There are two major types of routing protocols used to connect autonomous systems:
  • Interior Gateway Protocols (IGP) - Routing Protocols used to exchange routing information within an autonomous system. RIP and IGRP are examples of IGPs.
  • Exterior Gateway Protocols (EGP) - used to connect between autonomous systems. Border Gateway Protocol (BGP) is an example of an EGP.

Ranking Routes with Adminstrative Distance

Multiple routing protocols and static routes may be used at the same time. If there are several sources for routing information, an administrative distance value is used to rate the trustworthiness of each routing information source. An Administrative Distance is a rating of the trustworthiness of a routing information source, such as an individual router or a group of routers. It is an integer from 0 to 255. Specifying administrative distance values enables the Cisco IOS software to discriminate between sources of routing information. For each destination learned, the IOS always places in the routing table the route from the source with the lowest administrative distance. In general, a routing protocol with a lower administrative distance has a higher likelihood of being used.

Classes of Routing Protocols

Within an autonomous system, most IGP routing algorithms can be classified as conforming to one of three algorithms.
Distance Vector The distance vector routing approach determines the direction (vector) and distance to any link in the internetwork.
Link State The link-state (also called shortest path first) approach re-creates the exact topology of the entire internetwork (or at least the partition in which the router is situated).
Balanced Hybrid A balanced hybrid approach combines aspects of the link-state and distance vector algorithms.
An example of Distance vector protocol is Routing Information protocol(RIP).
Engineers have implemented this link-state concept in Open Shortest Path First (OSPF) routing. An example of a balanced hybrid protocol is Cisco's Enhanced Interior Gateway Routing Protocol (Enhanced IGRP).

Distance Vector Routing Problems

  • Distance vector routing protocols maintain routing information by updating routing tables with neighboring routing tables.
  • A routing loop is a route where packets never reach their destination, but cycle repeatedly through a series of nodes.
  • Defining a maximum routing count prevents infinite loops by defining a limit on the number of hops.
  • Split horizon is a technique for solving routing loops that implements not sending information about a route back in the same direction from which it came.
  • Route poisoning is a solution to loops in which routers set the distance of routes that have gone down to infinity to make that route unreachable.
  • A triggered update is a new routing table that is sent immediately in response to some change. Each receiving router sends a triggered update which creates a wave that propagates across the network.
  • Hold-down timers are used to prevent regular update messages from inappropriately reinstating a route that may have gone bad.
  • Solutions involving multiple techniques can be implemented on networks with multiple routes.

Discovering Neighbors with CDP

Cisco Discovery Protocol (CDP) is an information gathering tool used by network administrators to get information about directly connected devices. CDP is a proprietary tool that enables network administrators to access a summary of protocol and address information about other devices that are directly connected to the device initiating the command. CDP runs over the data link layer connecting the physical media to the upper-layer protocols. Because CDP operates at this level, two or more CDP devices that support different network-layer protocols (for example, IP and Novell IPX) can learn about each other. Physical media supporting the Subnetwork Access Protocol (SNAP) encapsulation connect CDP devices. These can include all LANs, Frame Relay and other WANs, and ATM networks. A CDP packet can be as small as 80 octets, mostly made up of ASCII strings that represent information such a CDP interfaces, neighbor entries, statistics, etc.
The network administrator uses a show command to display information about the networks directly connected to the switch.

CDP Summary Information

Packets formed by CDP provide the following information about each CDP neighbor device:
  • Device identifiers - For example, the switch's configured name and domain name (if any).
  • Address list - Up to one address for each protocol supported.
  • Port identifier - The name of the local and remote port (in the form of an ASCII character string such as ethernet0).
  • Capabilities list - Supported features, for example, the device acts as a source-route bridge as well as a router.
  • Platform - The device's hardware platform: for example, Cisco 7000.

Bridging and Switching

Bridges and switches operate principally at Layer 2 of the OSI reference model. As such, they are widely referred to as data-link layer devices. Bridges became commercially available in the early 1980s. At the time of their introduction, bridges connected and enabled packet forwarding between homogeneous networks. More recently, bridging between different networks also has been defined and standardized.
Switching and bridging technologies pass information by learning connecting addresses, and then filtering and forwarding the information based on the collected addresses. Networks that acquire bridging and switching normally reduce collisions that can occur on network segments.
Switching technology has emerged as the evolutionary heir to bridging-based internetworking solutions. Bridges of old performed this functionality in software. However, today's switches perform the bridging in hardware allowing for increases in performance. In addition, the switches can implement this bridging functionality for every host connected, allowing full duplex by virtually eliminating collisions.
Switching implementations now dominate applications in which bridging technologies were implemented in prior network designs. Superior throughput performance, higher port density, lower per-port cost, and greater flexibility have contributed to the emergence of switches as replacement technology for bridges and as complements to routing technology.

Functionality

Address learning
In order for the bridges to begin passing information to and from devices and segments, they must first familiarize themselves with the addresses associated with those devices and segments. Initially, they must let all information pass through them, even if that information is not intended for a device on the opposite side of the bridges/switches. This is known as flooding Once the devices have allowed the information from the connecting segments to pass through, they can log the address information into tables for further use in forwarding and filtering.
Forwarding / Filtering
Bridging and switching devices determine if incoming frames are destined for a device on the segment where they were generated. If so, the devices do not forward the frames to the other device ports. This is an example of filtering. If the MAC destination address is on another segment, the devices send the frames to the appropriate segment. This is known as forwarding.
Loop Avoidance
When the switched network includes loops for redundancy, an Ethernet switch can prevent duplicate frames from traveling over the redundant path if spanning tree protocol is configured.

Frame Transmission Modes

Cut-Through

In the cut-through mode, the switch checks the destination address (DA) as soon as the header is received and immediately begins forwarding the frame.

Store and Forward

In the store-and-forward mode, the switch must receive the complete frame before forwarding takes place. The destination and source addresses are read, the cyclic redundancy check (CRC) is performed, relevant filters are applied, and the frame is forwarded. If the CRC is bad, the frame is discarded. Latency through the switch varies with frame length.

Fragment Free

In the fragment free mode, the switch will read into the first 64 bytes before forwarding the frame. Usually, collisions happen within the first 64 bytes of a frame. By reading 64 bytes, the switch can filter out collision frames

What is Redundant Topology?

Bridged networks, including switched networks, are commonly designed with redundant links and devices. Such designs eliminate the possibility that a single point of failure will result in loss of function for the entire switched network. Redundant topology is the duplication of switches or other devices/connections so that in the event of a failure the redundant devices, services, or connections can perform the work of those that failed.
While redundant designs may eliminate the single point of failure problem, they introduce several others that must be taken into account:
  • Without some loop avoidance service in operation, each switch will flood broadcasts endlessly. This situation is commonly called a broadcast storm.
  • Multiple copies of nonbroadcast frames may be delivered to destination stations. Many protocols expect to receive only a single copy of each transmission. Multiple copies of the same frame may cause unrecoverable errors.
  • Database instability in the MAC address table contents results from copies of the same frame being received on different ports of the switch. Data forwarding may be impaired when the switch consumes resources coping with address thrashing in the MAC address table.

Spanning-Tree Protocol

Spanning-Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network. For an Ethernet network to function properly, only one active path can exist between two stations. To provide path redundancy, Spanning-Tree Protocol defines a tree that spans all switches in an extended network.
The purpose of the Spanning-Tree Protocol is to maintain a loop-free network. A loop free path is accomplished when a device recognizes a loop in the topology and blocks one or more redundant ports. Spanning-Tree Protocol forces certain redundant data paths into a standby (blocked) state. If one network segment in the Spanning-Tree Protocol becomes unreachable, or if Spanning-Tree Protocol costs change, the spanning-tree algorithm reconfigures the spanning-tree topology and reestablishes the link by activating the standby path. Spanning-Tree Protocol operation is transparent to end stations, which are unaware whether they are connected to a single LAN segment or a switched LAN of multiple segments. Spanning-Tree Protocol continually explores the network so that a failure or addition of a link switch, or bridge is discovered quickly. When the network topology changes, Spanning-Tree Protocol reconfigures switch or bridge ports to avoid loss of connectivity or creation of new loops.

Spanning-Tree Operation

The Spanning-Tree Protocol provides a loop free network topology by:
  • Electing a Root Bridge
  • Electing Root Ports for Nonroot Bridges
  • Electing One Designated Port for each network segment.
A loop free path is accomplished when the switches and ports elected by this operation recognize a loop in the topology and block one or more redundant ports.
Spanning-Tree Protocol operation requires that for a network, a root bridge is elected, root ports for non-root bridges are determined, and a designated port is selected for each segment. Ports are placed in forwarding or blocking states. Nondesignated ports are normally in blocking state to break the loop topology.
A BPDU is exchanged every 2 seconds. One of the pieces of information exchanged is the bridge ID which carries the MAC address. The root bridge on a network is determined as the bridge with the lowest bridge ID.

Port States

Propagation delays can occur when protocol information is passed through a switched LAN. As a result, topology changes can take place at different times and at different places in a switched network. When a switch port transitions directly from non-participation in the stable topology to the forwarding state, it can create temporary data loops. Ports must wait for new topology information to propagate through the switched LAN before starting to forward frames. They must also allow the frame lifetime to expire for frames that have been forwarded using the old topology. Each port on a switch using Spanning-Tree Protocol exists in one of the following states: · Blocking · Listening · Learning · Forwarding

Movement of the Port States

From initialization to blocking - When Spanning-Tree is initialized, all ports start in the blocking state to prevent bridge loops. The port stays in a blocked state if the spanning tree determines that there is another path to the root bridge that has a better cost. Blocking ports can still receive BPDUs. From blocking to listening or to disabled - Ports transit from blocked state to the listening state. When the port is in the transitional listening state, it is able to check for BPDUs. This state is really used to indicate that the port is getting ready to transmit but would like to listen for just a little longer to make sure it does not create a loop.
From listening to learning or to disabled - When the port is in learning state, it is able to populate its MACaddress table with MAC addresses heard on its ports, but it does not forward frames.
From learning to forwarding or to disabled - In the forwarding state, the port is capable of sending and receiving data.
From forwarding to disabled - At any time the port can become nonoperational.

Virtual LAN

The virtual LAN (VLAN) permits a group of users to share a common broadcast domain regardless of their physical location in the internetwork. Creating VLANs improves performance and security in the switched network by controlling broadcast propagation.

VLAN Characteristics

Within the switched internetwork, VLANs provide segmentation and organizational flexibility. Using VLAN technology, you can group switch ports and their connected users into logically defined communities of interest such as coworkers in the same department, a cross-functional product team, or diverse user groups sharing the same network application.
  • A VLAN is a logical broadcast domain that can span multiple physical LAN segments.
  • A VLAN can be designed to provide stations logically segmented by functions, project teams, or applications without regard to the physical location of users.
  • Each switch port can be assigned to only one VLAN.
  • Ports in a VLAN share broadcasts. Ports that do not belong to the same VLAN do not share broadcasts. This improves the overall performance of the network.
  • A VLAN can exist on a single switch or span across multiple switches.
  • VLANs can include stations in a single building or multiple-building infrastructures, or they can even connect across wide-area networks (WANs).

VLAN Assignment

Catalyst 1900 ports are configured with a VLAN membership mode that determines which VLAN they can belong to. Membership modes are assigned as either static or dynamic.
Static Assignment Assignment of the VLAN to a port is statically configured by an administrator.
Dynamic Assignment The Catalyst 1900 supports dynamic VLANs by using a VMPS (VLAN Membership Policy Server). The VMPS can be a Catalyst 5000 or an external server. The Catalyst 1900 cannot operate as the VMPS. The VMPS contains a database that maps MAC addresses to VLAN assignment. When a frame arrives on a dynamic port at the Catalyst 1900, the Catalyst 1900 queries the VMPS for the VLAN assignment based on the source MAC address of the arriving frame. A dynamic port can only belong to one VLAN at a time. Multiple hosts can be active on a dynamic port only if they all belong to the same VLAN.

ISL Protocol

ISL, Inter-Switch Link, is a Cisco proprietary protocol for interconnecting multiple switches and for maintaining VLAN information as traffic goes between switches.

ISL Tagging

The ISL frame tagging used by the Catalyst series of switches is a low-latency mechanism for multiplexing traffic from multiple VLANs on a single physical path. It has been implemented for connections between switches, routers, and network interface cards used on nodes such as servers.
Ports configured as ISL trunks encapsulate each frame with a 26-byte ISL header and a 4-byte CRC before sending it out the trunk port.

VLAN Trunking Protocol(VTP)

VLAN Trunking Protocol (VTP) is a protocol used to distribute and synchronize identifying information about VLANs configured throughout a switched network.

Characteristics

Configurations made to a single VTP server are propagated across links to all connected switches in the network.
  • VTP allows switched network solutions to scale to large sizes by reducing the manual configuration needs in the network.
  • VTP is a Layer 2 messaging protocol that maintains VLAN configuration consistency by managing the additions, deletions, and names changes of VLANs across networks.
  • VTP minimizes misconfigurations and configuration inconsistencies that can cause problems, such as duplicate VLAN names or incorrect VLAN-type specifications.
  • A VTP domain is one switch or several interconnected switches sharing the same VTP environment. A switch is configured to be in only one VTP domain. By default, a Catalyst switch is in the no-management-domain state until it receives an advertisement for a domain over a trunk link, or until you configure a management domain. VTP operates in one of three modes: server mode, client mode, or transparent mode. The default VTP mode is server mode, but VLANs are not propagated over the network until a management domain name is specified or learned.
  • VTP Pruning is a configuration that allows restricted traffic flow inside a management domain of a VLAN.

Understanding Access Lists

  • Router Access Lists manage IP traffic as network access grows and filter packets as they pass through the router.
  • Access list applications include permitting or denying packets moving through a router, vty access to or from a router, custom queuing, and triggering of "dial-on-demand" routing.
  • There are two general types of access lists: standard, that permits or denies output for an entire protocol suite based on the source address, and extended, that allows greater flexibility by being able to check for source and destination addresses as well as specific protocols and numbers.
  • Access lists may be applied as either Inbound or Outbound access lists. In inbound access lists, incoming packets are processed before being routed to an outbound interface. In outbound access lists, incoming packets are routed to the outbound interface and then processed through the outbound access list.
  • In terms of access lists, permit means to continue to process the packet through to the next access list test, deny means to discard the packet and the implicit deny ensures any packets not matching an access list are dropped.
  • General guidelines for access list configuration include: most restrictive statements should be at the top of list, one access list per interface, per protocol, per direction, create access lists before applying them to interfaces, and every access list should have at least one permit statement.
  • For IP, standard access lists use the number range 1 - 99 as an identifier and extended access lists use 100 - 199. For IPX, standard access lists use the number range 800 - 899 and extended access lists use 900 - 999.
  • The parameters that the Cisco IOS IP access list checks include: port number, protocol, source address, and destination address.
  • Address filtering occurs using access list address wildcard masking to identify how to check or ignore corresponding IP address bits.

Access List Configuration

  • General guidelines for configuring access lists include ending all access lists with an implicit deny and ordering access lists with the more specific tests and tests that will test true frequently at the beginning of the access list.
  • Standard access lists filter based on source address and mask while extended access lists filter based on source and destination address allowing more filtering control. In addition, extended access lists allow for filtering by protocol and port.
  • To configure standard access lists, use the access list and access group commands. These commands identify the list number, identiy the source IP address and links the access list to an interface.
  • The two steps for setting access lists are setting the parameters for the access test statement and enabling the interface to use the specified list.
  • The IOS commands to enable an extended access list are the same as for enabling a standard access list, but they include additional parameters for configuration such as identification of specific protocols and ports. These commands are access list and access group.
  • The two steps for setting extended access lists are setting the parameters for the access test statement and enabling the interface to use the specified list. The test statement may include source and destination addresses as well as protocols and port numbers.
  • Named access lists allow for IP standard and extended access lists to be identified with an alphanumeric string, not a number. Named access lists allow you to delete, but not insert, individual entries from a specific access list.
  • Place extended access lists close to the source of the traffic to be denied while standard access lists should be placed as near the destination as possible.
  • Access lists can be used to control virtual terminal access (vty) to or from a router. Users can be denied access to a router or denied access to destinations from that router.
  • The two commands used to configure a router for vty access are line vty, that places the router in line configuration mode, and access class, that links an existing access list to a terminal line or range of lines.

WAN Concepts and Terminology

A WAN is different from a LAN. Unlike a LAN, which connects workstations, peripherals, terminals, and other devices in a single building or other small geographic area, a WAN makes data connections across a broad geographic area. Companies use the WAN to connect various company sites together so information can be exchanged between distant offices

WAN Connection Types

Leased Lines

A leased line, also known as a point-to-point or dedicated connection, provides a single, preestablished WAN communications path from the customer premises, through a service provider network, to a remote network This connection is reserved by the service provider for the client's private use.

Circuit Switching

Circuit switching is a switching system in which a dedicated circuit path must exist between sender and receiver for the duration of the "call." Circuit switching is used by the service provider network when providing basic telephone service or Integrated Services Digital Network (ISDN). Circuit switched connections are commonly used in environments that require only sporadic WAN usage. Basic telephone service is typically employed over an asynchronous serial connection

Packet Switching

Packet switching is a WAN switching method in which network devices share a single point-to-point link to transport packets from a source to a destination across a carrier network. Packet switched networks use virtual circuits (VCs) that provide end-to-end connectivity. Physical connections are provided by programmed switching devices.

Layer 2 Encapsulation Protocols

  • High-Level Data Link Control (HDLC) - HDLC is the default encapsulation type on point-to-point, dedicated links, and circuit-switched connections. It is used typically when communicating between two Cisco devices. It is a bit-oriented synchronous data link layer protocol.
  • Point-to-Point Protocol (PPP) - Provides router-to-router and host-to network connections over synchronous and asynchronous circuits. PPP was designed to work with several network layer protocols, such as IP, and IPX. PPP also has built in security mechanisms such as PAP and CHAP
  • Serial Line Internet Protocol (SLIP) - SLIP is a standard protocol for point-to-point serial connections using TCP/IP. SLIP has been largely displaced by PPP.
  • X.25/Link Access Procedure, Balanced (LAPB) - ITU-T standard that defines how connections between DTE and DCE are maintained for remote terminal access and computer communications in public data networks. X.25 specifies LAPB, a data line layer protocol. X.25 is a predecessor to Frame Relay.
  • Frame Relay - Industry standard, switched data link layer protocol that handles multiple virtual circuits. It is a next-generation to X.25 that is streamlined to eliminate some of the time-consuming processes (such as error correction and flow control) that were employed in X.25.
  • Asynchronous Transfer Mode (ATM) - ATM is the international standard for cell relay in which multiple service types (such as voice, video, or data) are conveyed in fixed-length (53-byte) cells. Fixed-length cells allow processing to occur in hardware, thereby reducing transit delays. ATM is designed to take advantage of high-speed transmission media such as E3, Synchronous Optical Network (SONET), and T3.

Configuring HDLC and PPP Encapsulation

  • HDLC is a protocol that encapsulates data on synchronous serial data links. While HDLC supports only a single protocol, Cisco's proprietary HDLC has a data field to support multiprotocol environments.
  • PPP encapsulates network-layer protocol information over point-to-point links. It can be configured on the following physical interface types: asynchronous serial, HSSI, ASDN, and synchronous serial.
  • LCP configuration options for PPP include authentication, requiring passwords and challenge handshakes,compression which reduces the amount of data in a frame, error detection which monitors dropped data and fault conditions, and multilink which provides load balancing.
  • PPP session establishment has three possible phases:
    1.Link Establishment Phase -
    each PPP device sends LCP packets to configure and test the data link
    2.Optional Authentication Phase -
    authentication of peer
    3.Network-Layer Protocol Phase -
    PPP devices send NCP packets to choose and configure network-layer protocols.
  • The two types of PPP authentication protocols are PAP and CHAP.
    PAP
    provides a simple method for a remote node to establish its identity using a two-way handshake. It is done only upon initial establishment.
    CHAP
    is used at both the startup of a link and periodically to verify the identity of a remote node using a three-way handshake.
  • The four steps in enabling PPP authentication include:
    1. Enable PPP encapsulation
    2. Assign a hostname
    3. Define user name and password
    4. Enable PPP authentication
  • The commands used to enable PPP encapsulation and authentication include ppp encapsulation, username name password password, and ppp authentication

Frame Relay

  • Frame Relay is a connection-oriented data-link technology that defines single-link virtual circuit multiplexing by assigning connection identifiers.
  • Cisco routers support the following five Frame Relay serial connections:
    1. EIA/TIA-232
    2. EIA/TIA-449
    3. V.35
    4. X.21
    5. EIA/TIA-530
  • Frame Relay has numerous operation compontents and terms associated with it, such as local access rate, virtual circuit, PVC, SVC, Data-Link connection identifier, CIR, Inverse ARP, LMI, FECN, and BECN.
  • In a Frame Relay virtual circuit connection, the local DLCI destination Network Layer address can be mapped dynamically with Inverse ARP or manually, by configuring a static Frame Relay map in the map table.
  • Local Management Interface (LMI) is a signaling standard between the router and the Frame Relay switch that is responsible for managing the connection and maintaining status between the devices, and is available in three central types for Cisco routers: cisco, ansi, and q933a.
  • The Local Management Interface (LMI) signaling works in the following process:
    1. Router connects to Frame Relay switch.
    2. Router sends message to Frame Relay switch.
    3. Frame Relay switch receives the request and responds.
    4. Router sends Inverse ARP packet introducing itself.
    5. Router creates map entry in Frame Relay table or table is configured.
    6. Router exchanges LMI information with switch.
  • Frame Relay is configured on a router using the encapsulation frame-relay, frame-relay lmi-type, and frame-relay inverse-arp commands.
  • The IOS command sequence encapsulates Frame Relay, sets the LMI connection, and enables Inverse ARP on a router.
  • Frame Relay configuration and implementation information can be displayed using the various show frame-relay and the debug frame-relay commands.
  • Static maps that define the address-to-DLCI table statically are configured using the frame-relay map command.
  • The three WAN topologies used to interconnect remote sites are star, partial mesh, and full mesh.

ISDN BRI Concepts

  • ISDN refers to a collection of standards that define a digital architecture that provides an integrated voice/data capability to a location, utilizing the public switched network and includes benefits such as the ability to carry a variety of user-traffic feeds, faster call setup, and faster data transfer rate.
  • The International Telecommunication Union Telecommunication (ITU-T) Standardization Sector defined three sets of standards for ISDN: E-series protocol for telephone network and ISDN, I-series protocol for ISDN concepts, aspects and interfaces, and the Q-series protocol for Switching and Signaling.
  • ISDN specifies two standard access methods: BRI which uses two 64-kbps B channels and one 16 kbps D channel, and PRI which offers 23 B channels and one D channel.
  • The ISDN BRI call establishment includes call initiation to local switch, path establishment and data transmission between switches, destination signal reception, and B channel connection.
  • ISDN device types include Terminal Endpoints Network Termination points and a Terminal Adaptor.
  • The ISDN reference points S, T, U, and R define connection types between two functions.
  • To determine how to select a Cisco router for ISDN, check for an ISDN interface on the back of the router and then contact the service provider to see if the NT1 is provided.
  • There are various switch types available for ISDN throughout the world, including AT&T 5ESS and 4ESS, Northern Telecom DMS-100, VN2 and 3, and Net3 and 5.
  • The IOS command sequence is used for specifying the ISDN switch, selecting an ISDN BRI interface, and specifying the Service Provider Identification (SPID) numbers required to access the ISDN network.

Dial-on-Demand Routing

  • Dial-on-Demand routing refers to a collection of Cisco features that allows two or more Cisco routers to establish a dynamic connection over simple dialup facilities on an as-needed basis and is used for low-volume, periodic network connections over an ISDN network or Public Switched Telephone Network.
  • There are five basic steps of DDR operation:
    1. The route to the destination is determined
    2. Interesting packets dictate a DDR call
    3. The dialer information is looked up
    4. Traffic is transmitted
    5. The call is terminated
  • There are three stages for configuring legacy DDR:
    1. Define the static route
    2. Specify interesting traffic
    3. Configure the dialer information
  • When using static routes, all participating routers must have static routes defined so that they can reach the remote networks. This requirement is necessary because static routes replace routing updates
  • Interesting traffic, which triggers a DDR call, is designated by an administrator and can be defined on the basis of a variety of criteria, such as protocol type or addresses for source or destination hosts.
  • The dialer information configuration process consists of four steps:
    1. Select the physical interface for the dial-up line
    2. Configure its network address
    3. Configure the encapsulation type
    4. Link the interesting traffic definition to the interface
  • To configure legacy DDR, define the static routes with the, ip route command, specify interesting traffic with the dialer list command, and configure dialer information with the dialer group commandBasic CCNS concepts.

1 comments: