reading this crap is no substitute for active learning, by which i mean, while reading a text, you should slow down, force yourself to take notes as you read, and then re-read those notes, re-read the text again, and make comparisons of your notes with the text... and don't just take whats written as gospel... if you have equipment, or access to gns3 or packet tracer, prove the author's veracity by setting up your own experiments, no matter how simple or trivial... try to prove the masters wrong at every turn...
feel free to scrape at will and don't forget to thank your daddy (Odom)
Switching.
3 types of addresses
Unicast-a MAC address that defines a single NIC
Broadcast-all F’s FFFF.FFFF.FFFF. the most often used IEEE
group MAC address. A broadcast address implies that all devices on a LAN should
receive and process a frame sent to the broadcast address.
Muliticast-address:
frames sent to unicast addresses are destined for one NIC, frames sent
to a broadcast address are sent to all NICS, frames destined for mulicast
addresses are destined for a subset of declared NIC’s on a LAN
Learning-the switch learns MAC addresses by examining the
source MAC address of each frame it receives.
Forward or filter-the switch forwards or filters the frame
based on the frame’s destination MAC address.
The MAC address table is used for forwarding decisions.
Loop prevention- in a redundant topology (meshed) a switch
creates a loop free environment with the help of STP.
Switches reduce network overhead by forwarding traffic from
one segment to another when necessary.
The switch performs this with the aid of its MAC-address-table.
Filter, drop the
frame. Forward to another port, because the frame is destined for a
different port.
Switches forward lan broadcasts and unknown unicast frames
out all ports except the one upon which it was received. Unknown unicast frames are frames whose
destination Mac’s are not yet in the mac-address-table.
Switch logic summary
1. a frame is received
2. if it’s a broadcast or multicast, forward out all ports
except the upon which it was received.
3. if unknown unicast (not in table) forward out all ports
except the one upon which it was received.
4. if unicast, and in the table, and associated interface is
not the upon which it was received, forward out the correct port.
5. otherwise, filter.
Page 2
Sh int status
Sh mac-address-table dynamic
Sh port-security int
Sh port-security int
Chapter 1 q&a
1. a switch examines an incoming frame’s destination address
in its mac-address-table. If a match is found, the switch forwards the frame
out the corresponding interface. if not found, the switch forwards the frame
out all interfaces except the one on which it arrived. The mac-address-table is
built with incoming source mac addresses.
2. a switch builds
it’s mac-address-table by examining and learning source mac addresses.
3. line cons 0
password xxx
will force the console user to issue a valid password for
access. You must be in line configuration mode to set this.
4. the line cons 0
password xxxx
login
command set will
force a user login and password for console access to the switch.
5. enable password
xxxx and enable secret xxxx are the commands to set the enable password. The enable secret will be encrypted using md5
and takes precedence.
6. the passwords for
console and telnet may be configured (and should be) as different.
7. sh startup-config
will show the config file stored in nvram.
Sh config is the older command
8. sh running-config
will show the config currently running in ram. Wr mem is the older version.
ICND chapter 2
Spanning-tree Protocol
Page 3
802.1d STP
802.1w RSTP rapid spanning tree protocol
STP prevents switching loops from occurring on a redundantly
linked LAN. STP ensures that only one
active path exists between segments (collision domains) at any given time.
The STA (spanning tree algorithm) determines whether ports
will be forwarding or blocking. Switches
can forward or receive on forwarding ports; switches do not forward or receive
on blocking ports.
If a redundant active link fails, STP will converge and bring
the formerly blocked link up in its place within 50 seconds.
Forwarding/Blocking criteria
STP elects a root bridge (switch) and puts all root bridge
interfaces into forwarding state
Each non root bridge (switch)
determines which of its ports has the least administrative cost (best) to the
root bridge and STP makes that port that switch’s root port.
The switch with the lowest (best)
cost to the root is put in forwarding
state.
The lowest cost switch on each
segment is the designated bridge (switch) and the interface on that switch is
called the designated port.
The
root bridge’s (switch) ports are always in forwarding state and the root switch
(bridge) is always the designated bridge on all connected segments.
The
non root bridge root port is always forwarding. This port receives the lowest
cost BPDU from the root.
Each
LAN’s designated port is always forwarding and the bridge forwarding the lowest
cost BPDU is the segment’s designated bridge (switch)
All other ports are blocking. No forwarding
frames, no receiving frames.
At first each switch claims to be root by
sending BPDU’s that contain:
The root bridge ID-
The cost to reach the root- again the lower,
the better
And it’s own bridge ID
The root bridge is elected based on the lowest value
bridge ID (usually priority) and in case of a tie, the MAC address breaks the
tie. The bridge ID and cost is the hello
BPDU
Page 4
Each switch has one root port which is the port receiving the least cost BPDU from the root.
The root bridge send a new hello every 2 seconds by
default.
Hello time- 2 seconds, the default, is the time root
waits to send the next hello BPDU
Max age- 20 seconds that any bridge waits after not
hearing bpdu’s before initiating STP topology changes.
Forward delay- delay (15 sec) involved when a port goes
from blocking to forwarding.
A stable STP network operates thusly:
1. root sends BPDU’s, cost of 0 out all its interfaces
2. neighbor switches forward the hello’s out their
non-root designated ports, identifying the root and adding their own cost
3. every bridge
in the network repeats step 2 upon receiving BPDU’s
4. root repeat
step 1 every hello interval (2 seconds)
5. the switches
continue as normal until lack of BPDU reaches max-age, they then react
blocking and forwarding are the only stable states.
Listening and learning are transition states.
When a switch detects a topology change, ie it’s best
link to the root has gone down, the switch sends a TCN BPDU as soon as its
affected port transitions to listening.
Topology Change Notification BPDU.
STP summary
1. all bridge
(switch ports) stabilize at forwarding or blocking. Forwarding ports are considered part of the
spanning tree.
2. one switch is
elected root, and its ports will all move to forwarding state.
3. each switch
receives hellos from the root, directly or through another switch. The port
that receives the least cost BPDU is placed in forwarding and becomes that switch’s
root port
4. for each
segment one switch forwards the BPDU with the lowest cost. That switch becomes that segment’s designated
bridge.
5. the other
interfaces are placed in blocking
6. the root sends
BPDU’s every 2 seconds. This time interval can be modified and will be noted in
the BPDU.
7. if max-age
elapses (20 seconds, default) and no BPDU, panic ensues and the spanning tree
changes.
Page 5
8. forward delay
(default 15 seconds) is the time it takes for a port to transition through the
dumbass states to forwarding. (listening, 15 seconds, learning 15 seconds)
9. when a switch
goes into listening, it sends a TCN BPDU (topology change notification) through
the new path to the root. Other switches will refresh their tables with the new
entry.
10. spanning tree creates these delays to prevent
transitional loops because…
spanning tree, very pretty and the bpdu’s are sweet,
but the root of the poor spanning, is impossible to eat…
for spanning-tree the path cost value represents media
speed.\
etherchannel is an aggregate linking of trunks that
disallows the need for convergence in the spanning tree. Two or more trunks become one link, however,
in the event that one of the trunks goes down, there is no interruption by
spanning tree. Both or all links must
fail in the channel group for stp to need to converge. It is also supposed to provide more bandwidth
because the added links create an aggregate.
I have yet to prove this.
Portfast allows for a switch to be put in forwarding
state immediately after the link comes up.
This precludes the 30 to 50 seconds the spanning tree takes for
convergence.
The bpduguard feature will disable portfast if a bpdu is
received. Portfast is optimal on access
links (hosts, printers, servers)
Rapid spanning tree protocol:
Rstp performs elections in the same way as stp however
it uses only 2, states forwarding and blocking, and blocking is referred to as
discarding. The issue is convergence and rstp’s shorter convergence time makes
it desirable. Remember stp requires max-age 20 seconds and 2 forward delay of
15 seconds for each transition state, listening, learning.
Rstp characterizes 3 types of link connectivity:
Link type: point to point (switch to switch)
Edge type: link to endge device (host)
Shared type: hub in between
Rstp can improve convergence with link type (point to
point) and edge type, but not shared.
Page 6
Stp states
RSTP states like stp, rstp only
includes learning and forwarding in the
Blocking
discarding active topology
Listening
discarding
Learning
learning
Forwarding
forwarding
Disabled
disabled
Besides root port and designated port, RSTP defines
three others
Alternate port- a port on a switch that receives
suboptimal BPDU’s
Backup port- a
nondesignated port that is attached to the same link as another port on that
switch
Disabled- an
administratively disabled port
To enable rstp on edge ports, simply use portfast.
Remember with rstp, ports that can be immediately transitioned to forwarding
(after port negotiation with the other end) will be. Max-age is reduced
significantly, listening is discarded and learning is reduced.
Chapter 2 q&a
1. layer 2
devices do not use routing protocols.
2. a switch
examines the bridge priority and the mac-address contained in received bpdu’s
(lowest number combination wins) to resolve a root switch election in that
spanning trees segment.
3. a switch that
receives bpdu’s from multiple switches will determine its root port based on
the lowest cost path to the root switch.
4. the root
switch ports will never change to blocking, are always forwarding because they
have least cost path, 0 to the switch.
5. spanning tree
prevents loops in a redundant network.
Spanning tree will determine usability of links, and will automatically
change blocking ports to forwarding ports to keep the links up.
6. when a switch
initializes it always declares itself root.
Of course that is subject to change with a LAN election.
7. 3 reasons why
a port is placed into forwarding by spanning –tree:
1. one port on each switch is designated,
therefore always forwarding
2. a member of
the root switch (hence always forwarding)
3. one switch on the LAN is designated,
therefore it’s port is always forwarding
8. besides
forwarding, three other states are part of
a ports evolution. Blocking, listening and learning. Of these four states, listening and learning
are transitional.
Page 7
9. 2 reasons a
non-root switch will place a port in forwarding state.
1. if it’s designated on its segment and
2. if it is the root port, otherwise block it.
10. sh span and
sh spann int x/x will show the overall
state of spanning tree and the state of spanning tree for a particulaqr
interface.
Chapter 3 Vlans
and trunking
Isl and 802.1q both support a separate instance of
spanning tree per vlan.
Cisco’s pvst+ will support 802.1q for multiple spanning tree instances over
802.1q trunks.
802.1q defines one native vlan per each trunk. The
default is vlan 1. when a switch on the other side receives NO TAG (native vlan
is tagless) it knows it’s from vlan 1 or native vlan.
VTP
Cisco proprietary protocol for the exchange of vlan
information between switches. VTP will
allow for switch configuration consistency throughout a network with a defined
layer 2 messaging protocol. A centrally
located switch can control the configurations of all the switches in a network,
minimizing mistakes, misconfigurations and inconsistencies, ie, duplicate vlans
or incorrect type settings.
VTP floods its advertisements throughout the VTP domain
every five minutes or whenever there is a vlan configuration change. This advertisement includes a revision
number, vlan names and numbers and which switches have which ports assigned to
which vlans. Vlan propagation is the
operative word here.
The revision number is vital. When a vtp server modifies
its vlan configuration, it increments its revision number. The receiving switches, based on this higher
number (if it is in fact higher) update their vlan configurations accordingly.
3 modes of operation:
server , client and transparent– a server creates,
modifies and deletes vlans and other parameters for the entire VTP domain. Servers save this configuration in NVRAM, but
clients do not. Clients cannot create change or delete vlans nor save the
configuration to NVRAM. In transparent mode a switch forwards vtp
advertisements while ignoring the configuration information although it does
save the information in NVRAM.
Page 8
A transparent switch can create, modify and delete vlan
configuration information only locally.
This information is not propagated to other switches in the domain.
A trunk carries all traffic for all vlans by default
VTP pruning allows switches to prevent broadcasts and
unknown unicasts from going to switches that are not members of that corresponding
vlan. VTP increases available bandwidth
by limiting broadcasts and unknown unicasts.
VTP pruning is the second most valuable reason to use VTP. The first is of course, to make configuration
easier, and more consistent.
See page 80 and practice 2950 vlan command list.
Access- doesn’t trunk
Trunk- always tries to trunk
Dynamic desirable- trunks to dyn desirable trunk or
dynamic auto
Dynamic auto- trunks to trunk or dynamic desirable
AUTO ON BOTH SIDES PLACES THE PORTS INTO NON-TRUNKING
STATE
TO SEE TRUNK
STATUS USE SH INT FA0/23 SW or SH INT FA0/23 TRUNK
Chapter 3 q&a
1. a broadcast
domain is the set of all nics in a network that may receive broadcasts. Switches flood broadcasts, routers segment
broadcast domains. Routers will only
ever pass broadcasts with the aid of ip helper- address
2. a vlan is a
layer 2 construct that allows for devices on geographically and physically
different networks to communicate across a network. Basically a pointer to layer 3. a vlan treats
one subset (group) of a switch’s interfaces as one broadcast domain.
3. a vlan
trunking protocol is wholly unnecessary for a switch with only one vlan. Two cisco switches may use ISL, because ISL
is cisco proprietary. With cisco and
another vendor 802.1q would have to be employed.
4. VTP virtual
trunking protocol (cisco proprietary) will allow for a single point of
configuration and management for all switches in the VTP domain. Adds, deletions and modifications to VLANS
are made simpler and more consistent throughout the domain.
5. 3 modes of
VTP; server client and transparent.
Client mode cannot add change or delete, and doesn’t save in NVRAM. Transparent mode can add change delete and save,
but only locally.
6. sw mode dyn desirable
will allow a port at the other end to negotiate
trunking, if it is set to dyn auto dyn desi or trunk
page 9
7. server mode
allows a switch to create vlans and advertise them to other switches.
8. vlans create
connections across geographic boundaries, and a part of the same broadcast
domain.
9. isl is cisco’s
proprietary trunking protocol.
10. vtp pruning
will prohibit broadcasts and unknown unicasts from going where they have no
switch supported vlan interfaces.
11. a vlan is a
broadcast domain, a subnet and a network, however it is a layer 2 construct in
that it is a pointer to layer 3
12. 802.1Q inserts a a vlan tag to identify the vlan unless it originates from the native vlan. This is a 4 byte header is added after the source mac address field.
12. 802.1Q inserts a a vlan tag to identify the vlan unless it originates from the native vlan. This is a 4 byte header is added after the source mac address field.
13. a switch in
vtp transparent mode forwards advertisements but does not participate in
vtp. It can change add or delete vlans,
but only locally.
14. config t
vlan 5
name 5
are the commands to create a new vlan in vlan
configuration mode
15. in interface configuration mode put the port in vlan
5 with
sw acc vlan 5
16. configuration
mode is the better choice and vlan database mode is becoming obsolete. In
database mode the commands don’t take effect immediately, only after exiting
the mode.
17. sw mode trunk
will put an interface into trunking mode.
Sw mode dyn desirable will prepare the interface for
trunking at the other end
Sw mode dyn auto will prep the interface to trunk
18. sh int fa0/0
sw
s hint fa0/0 trunk
will both give trunking status on the interface
Chapter 5 RIP IGRP and Static Routes
Static route- to
get to network 10.0.0.0 255.255.255.0 1 use 192.168.1.1
In other words ip route 10.0.0.0 255.255.255.0 192.168.1.1
Or ip route 10.0.0.0 255.255.255.0 s0/0
DV
Routers add directly connected networks to their routing
tables, with or without a routing protocol
Page 10
A router sends routes out its interfaces to directly
connected neighbors advertisng the routes it knows, including routes learned
from other routers
Routers listen for routes from their neighbors to learn
new routes
The information includes metrics, the goodness of a
route, lower metric is better, and subnet numbers
Routers will use broadcasts and/or multicasts for
advertising
In the case of multiple routes to the same network, the
router picks the best route
Periodic updates are sent and received with neighbors
Failure of advertising neighbors means a removal of
routes previously learned from the failing router
A route received from a router is considered the next
hop for the route
Metrics (hops) define the distance of a route
Split horizon – route advertisements are not forwarded
out the interface upon which they are received
Route poisoning- advertise the network with an infinite
metric. This applies to routes that are advertised when the route is valid
Hold-down timer – after route failure, the router waits
a determined amount of time before believing new information about the router
that failed
Triggered updates- an update is sent immediately once a
route fails.
Rip and IGRP use split horizon with poison reverse as
default.
Rip uses hop count as its metric, IGRP uses bandwidth
and delay of the line. Bandwidth and
delay of the line taken together are a better metric than hop count because
IGRP prefers faster links over longer hop counts. RIP and IGRP do not support
VLSM.
Page 11
Important router points
A router multicasts and/or broadcasts route updates out
an interface
It listens for updates from the same interface
When sending an update the router includes THAT
interface’s subnet
A router matches the network command with a
corresponding interface network, if it can
IGRP
Unlike RIP, IGRP includes the autonomous system number.
Autonomous system means a network that is under control
of the same entity. For IGRP, the AS
number has to be the same.
IGRP (EIGRP) calculates a metric using BANDWIDTH and
DELAY OF THE LINE by default. It also can use
load, reliability and MTU if configured.
IGRP has as its administrative distance 100. the default bandwidth value
on serial lines is T1 speed (1.544 Mbps or 1544 kbps), on Ethernet lines it is
the Ethernet default.
The calculation of bandwidth and delay are inverse;
higher bandwidth, lower metric, lower the cumulative delay, lower the
metric. Again lower is better.
The maximum-paths subcommand set to 1 means that the
table will only show the first route learned from multiple paths. The default
is 4.
Use the variance command to inform the router that
routes close in metric value should be treated as equal, so that if one goes
down, convergence on the new link is instant.
Chapter 5 q&a
1. A distance
vector routing protocol uses a hold down timers to prevent counting to infinity
delays in the path; to wit, a router waits a hold down period befor believing
any new information about a route.
2. split horizon
means that a router will not advertise a route out the same interface upon
which it was received. Split
Page 12
3. to migrate
from rip to igrp use
config t
router igrp 1 (AS number must be the same for the AS)
network 10.0.0.0
no router rip
4. A directly
connected route is denoted by a C next to the route. A RIP route with an R and an IGRP route with
an I, static uses S, EIGRP uses D, ospf uses O.
5. config t
router igrp 5
netw 10.0.0.0
netw 199.1.1.0
see question 5
6. config t
router igrp 1
netw 200.1.1.0
netw 128.1.0.0
netw 192.0.1.0
netw 223.254.254.0
7. sh ip proto
will tell you where routes are being received from.
8. A network
needs to be configured before it can be advertised by the routing protocol out
its interface.
9. A network has
to be configured by the routing protocol before it can be advertised from any
interface.
10. yes, as long
as the network is directly connected it will show up as C with sh ip
route. However it will not be advertised
without the network statement.
11. The variance
command can be used to set the parameters of goodness for routes that are near
equal so that multiple routes can inhabit the routing table.
12. with RIP the
maximum-path command can be used to override the default of 4 equal cost routes
that can be added to the router. 6 is
the most that can be used.
Page 13
13. for IGRP the
maximum-path command would also be used to override the default of 4 equal cost
routes that can be added to the routing table.
Likewise, six is the most.
14. sh ip route
rip will list only those routes learned by RIP.
15. you can also
show by networks, for instance, sh ip route 10.0.0.0
16. DV routers
learn routes by rumor, meaning from directly connected neighbors.
17. the router
will place a route it found first in the table even if the routes have equal
metrics.
18. when a router discovers a link down it will
advertise that route out all interfaces except the one upon which it was
received. Poison reverse will advertise it out all interfaces, regardless. This
helps prevent routing loops.
19. triggered
updates occur when a route is identified as down. A flash update will be sent to all neighbors.
20. The
underlying logic in OSPF is link state
chapter 6 link state and OSPF
OSPF doesn’t get told best paths (metrics) to other
routers, it calculated them.
Routing updates are called LSU, or link state updates,
which contain LSA’s or link state advertisements. The LSA contains subnet, mask, metric and
other information about the subnet.
How it works
1. a router
discovers its neighbors on each interface.
A list is kept in its neighbor table.
2. A router uses
a reliable protocol to exchange topology information (LSA’s) with its
neighbors.
3. The topology
information goes in the routers topology database.
4. Each router
runs the SPF algorithm (Dijkstra) against its own topology database to
calculate the best routes to each subnet.
Page 14
5. OSPF routers
place the best route in their routing tables.
Uses neighbor table and topology database
OSPF Areas
OSPF areas break up the network so that routers from one
area know little about the routers in
another. With smaller topology databases routers use less memory and less
processing time.
ABR – area border router sits between two areas,
advertising summary information about the routers in the other area. The
information it distributes (subnets and topologies) make for less information
overall in both areas.
See rfc 2328
Balanced Hybrid
Cisco supports two DV’s, RIP and IGRP
And two Link State
Cisco supports one balanced hybrid, EIGRP; some link
state and some distance vector qualities in EIGRP
EIGRP updates
Neighbor discovery >
Full routing update >
Continuous hellos >
Partial updates >
Same metric calculation as IGRP except multiplied by 256
to accommodate high bandwidth values
An alternative route to the currently best route is
known as the successor (lowest metric). Any other routes that could be used
without causing a loop are called feasible successor.
When a route fails and there is no feasible successor
EIGRP uses DUAL, which sends queries looking for a loop free route to that
network.
Page 15
Chapter 7 go back
for review
Chapter 8
Scaling IP
CIDR- Classless inter domain routing, rfc1817
Aggregates multiple network numbers into a single
routing entity. Think ISP
Private addressing- rfc 1918
Defined ip address space 10.0.0.0 10.255.255.255 class A
172.16.0.0
172.31.255.255 class B
192.168.0.0 192.168.255.255 class C
these numbers are not routable (cannot be advertised) on
the internet
NAT- rfc 1631 a
private address has the ability to communicate on the internet once natted to a
qualified routable internet address. The
private address is changed to a public registered address by NAT inside the IP
packet. The private source address is
changed into a routable registered address, while the destination address
remains the same. NAT performs this translation.
Static NAT- one to one.
More here, discuss inside source, outside source local
and global…
ICMP
Part of the network layer; instrumental in controlling
and managing, troubleshooting. There is
no transport header, the ICMP message resides inside an IP packet. Rfc 792
Echo request/reply
Sent and received by ping. Pinging means sending an echo request. Any data sent in echo request is returned in
echo reply. See extended ping.
Destination unreachable
Five codes (port unreachable has 5 subcodes)
1) network unreachable-no match in routing table at
destination- sent by router
2) host unreachable- routes to destination network but
no host response- sent by router
page 15
3) can’t fragment-
don’t fragment bit is set and a router must fragment in order to forward the
packet (packet too large)- sent by router
4) protocol unreachable(unlikely, TCP or UDP)- delivered
to host but layer 4 (transport) protocol is not available- sent by host
5) port unreachable- delivered to host, but destination
port is not open- sent by host
ping codes: ! = echo received
. = nothing received before ping time out
U
= unreachable destination
N
= unreachable destination
P
= unreachable port
Q
= source quench
M
= can’t fragment code
?
= packet unknown
Time exceeded
TTL (time to live) field in IP header has expired,
therefore discarded (decremented by a router before forwarding; at zero, see
ya) TRACE uses time exceeded
Redirect – used to tell the host there is a better local
router to send the packet to
Chapter 8 q&a
1. rfc 1918
defines private addresses as those that sit behind the horizon (internet) on a
private network, and are not routable.
Classs A B &C
A 10.0.0.0 – 10.255.255.255.0
B 172.16.0.0 – 172.31.255.255
C 192.168.0.0 192.168.255.255
2. see 1
3. CIDR affects
the size of routing tables in that it summarizes routes to create less routes
in the routing tables.
4. NAT is
network address translation. Essentially it takes a private address, translates
it into a public address so it can be routed out the internet.
5. inside local
means inside private, or host address behind the horizon.
6. inside global would be the natted address for the
host on it’s way to the outside local.
7. config t
page 16
int fa0/0
ip address 10.0.0.1 255.255.255.0
ip nat inside source
int s0/0
ip address 200.1.1.1
ip nat outside source
ip nat inside source list 1 interface serial 0/0
overload
access-list 1 permit 10.0.0.1
access-list 1 permit 10.0.0.2
8. same as above
except
ip nat inside source static 10.0.0.1 200.1.1.1
and no
access-list
9. FTP is more
robust and requires more lines of source code than TFTP, TCP versus UDP
10. FTP and TFTP
do error recovery, FTP with TCP and TFTP using application layer error recovery
one block at a time
11. If a packet
is too large for a router’s MTU and the don’t fragment bit is not set, a router
will fragment the packet into usable sizes before forwarding and the packet
will be reassembled at the destination host.
12. 16 class B
networks are available with rfc 1918 class B addressing.
13. Hosts use an
Ethernet broadcast to find the hardware address of another IP host.
14. one of the
routers (based on the limits of its MTU) fragments the packet into a
forwardable size which is then reassembled at the application layer of the
destination host.
15. config t
int fa0/0.1
encap isl 1
ip address 192.168.1.10 255.255.255.0
int fa0/0.2
Page 17
encap isl
ip address 10.0.0.1 255.255.255.0
encap isl 2
16. NAT overload
supports one internal ip address but many ports on that IP address making the
addressing unique as a result
chapter 9
WAN
Leased line- dedicated, always on circuit between two
endpoints. More expensive than packet switched
Dial/circuit switched- dedicated bandwidth per call
duration, cheaper than leased especially when constant connectivity is not
essential. A good back up for packet switched
or leased
Packet switched- virtual circuits between two points,
contracted traffic rates. Consists of a
leased line from the site to provider network and usually cheaper than leased
DCE is always the clock rate provider
HDLC and PPP provision data delivery across a single
serial point to point link
HDLC and PPP can
use Synchronous serial; PPP can also use Asynchronous.
Synchronous WAN datalink protocols are frame oriented.
HDLC and PPP define idle frames, sending back and forth
signal transitions to maintain clock synchronization.
Synchronous protocols allow more throughput than do
asynchronous, but async uses less expensive hardware because transitions do not
need to be monitored to adjust clock rate.
Between routers, synchronous is usually preferred. A PC through a modem to an ISP uses Async.
Both PPP and HDLC perform error detection using an FCS
in the frame trailer. Frames with errors
are discarded. Error recovery may be
performed by the datalink layer protocol, a higher layer protocol or not at
all. Error recovery results in the
retransmission of errored or lost
frames. Again error detection is just
that, and errored frames are discarded.
Page 18
HDLC has a proprietary protocol type field; PPP has a
standardized protocol type field. This
field defines the type of packet encapsulated in the frame.
HDLC only supports synchronous without error correction,
while PPP supports async and sync, and error correction is supported but not on
by default.
Encap PPP will place the interface in PPP mode. No encap PPP will place the interface in HDLC
and remove all traces of PPP, including other config commands. Encap hdlc also accomplishes this.
PPP has more features than HDLC, and is therefore
preferred. To wit:
PPP has at it’s heart LCP (link control protocol) LCP provides:
Error detection
in the form of Link Quality Monitoring.
LQM determines the quality of a link based on its errored
percentage. It will take a link down
based on a configuration determined amount of loss.
Looped link
detection using Magic Number. Magic
number messages are passed among routers.
Receipt of a magic number means the link is looped. A config setting determines whether or not a
link should be shut (in redundant routes)
Multilink using
Multilink PPP. Fragmented packets are
load balanced across multiple links.
Authentication using PAP or CHAP. PAP and CHAP can exchange identities on each
of the links. (security) PAP is clear message, CHAP uses a three way handshake
and MD5 hashing. The username is the
opposite routers hostname (case sensitive), and vice versa, the passwords are
the same. Until there is a match on both sides, the link will come down.
Chapter 9 q&a
1. DCE (data
communications equipment) provides clocking sync at the physical layer for a
DTE (data terminal equipment). For point
to point serial links an encapsulation protocol such as PPP is required.
2. use the clock
rate command, ie. Clock rate 64000 to set the clocking on the DCE device. Sh int s0/0 will show you the clock rate
(64000) in the output show controllers serial 0/1 will show the interface as the
DCE and type (V.35) plus the clocking rate
Page 19
3. PPP is a
datalink protocol that is used over point to point lines. IPCP is used to
announce the ip address of the link.
4. PPP can
automatically assign an ip address using IPCP but it is not the default
5. config t
int s0/0
ip addr 10.0.0.1 255.255.255.0
encap ppp
clock rate 64000 (if DCE)
use sh controllers s0/0 to determine DCE or DTE
6. PAP password
authentication protocol and CHAP challenge authentication protocol. PAP
authenticates using clear text, whereas CHAP authenticates with a challenge
(three way handshake) and uses MD5 hashing.
(the password is never passed over the link, the hash is)
7. CHAP uses as
it’s username the other router’s hostname and each router uses the same
password.
8. a protocol
type field (for multiprotocol traffic; architected) is proprietary for HDLC
(cisco).
9. frame relay,
x.25 and ATM are packet switching technologies.
ATM changes the size of packets
to fit in cells (53 byte cells that are reassembled at the receiving end)
10. four wire
leased circuits allows for full duplex communication (as contrasted with two
wire)
11. synchronous
refers to “with clocking”. Timing of
signals must be synchronized for communication to occur (best effort)
adjustments are made (and therefore more expensive) to impose time ordering on
a bit stream.
12. CHAP config
username r1 passw cisco
int s0/0
encap ppp
ppp authentic chap
Page 20
Username r2 pass cisco
int s0/1 (other router)
encap ppp
ppp authentic chap
Chapter 11 Frame Relay
Frame relay is a multi-access networking topology,
unlike PPP. Frame is NBMA (non-broadcast
multi access) which means broadcasts cannot traverse the frame
architecture. It requires a layer 3
identifier simply because it is mult-access.
An access link (leased line) is installed between the
router and frame relay switch, and again on the other end, supporting DTE
devices (routers) on both sides. The
frame relay switches are the DCE devices in between provisioning the
communication. Keepalive messages are
upheld between each router (DTE) and each Frame relay switch, respectively, by
the LMI (local management interface protocol)
A VC (virtual circuit) is provided between each pair;
DTE and DCE, and identified by a (DLCI) data link connection identifier. The DLCI is the frame relay address that the
VC transports. The layer 3 packet is
encapsulated between a frame header and trailer for forwarding across the VC
(frame switches)
VC- logical representation of the path frames take
between DTE’s
PVC- (permanent virtual circuit) defined VC (think lease line)
SVC- (switched virtual circuit) a dynamically setup PVC
(think dial connection)
DTE/DCE- see above
Access link- the leased line between DTE’s and DCE’s
DLCI- frame relay
address used in FR headers to identify the VC
NBMA- multi access (more than two devices) NON-BROADCAST
LMI- protocol between the DTE and DCE to manage communication
Signaling
messages for SVC’s, PVC status messages and keepalives come under the
Purview of the
LMI
Page 21
CIR- committed information rate each VC has a guaranteed amount of bandwidth
from the provider
PVC’ are provisioned (predefined) by the provider, SVC’s
are created dynamically.
LMI status messages
Keepalive between the DTE and the DCE
And PVC active or inactive status signaling messages.
LMI uses one of three protocols:
Cisco, ANSI or ITU, which is agreed upon by the DTE and
the DCE
Cisco- parameter cisco
ANSI- parameter ansi
ITU- parameter q933A
The frame router encapsulates each packet inside a Frame
Relay header and trailer. The header and trailer are defined by the LAPF (link
access procedure frame bearer services) specification ITU Q.922-A
Rfc 1490 and later 2427 defined Multiprotocol
Interconnect over Frame Relay. Encapsulations are CISCO and IETF
The DLCI IS THE FRAME RELAY ADDRESS. There is only one DLCI header, not both
source and destination, and the DLCI is locally significant.
Mapping is needed on multi-access networks; it is the
process that associates a next ho router’s network address with the hardware
address needed to reach it. Sh frame-relay map shows the ip next hop address
dlci (layer 2) it uses to get there.
Inverse arp maps the next hop ip to its corresponding dlci dynamically, inarp enabled
by default.
Chapter 11 q&a
1. PPP and
frame-relay are wan datalink protocols that define a method for announcing an
interface’s layer 3 address.
Page 22
2. In Arp is not a
broadcast. A router discovers the ip
address of a device on the other end of a VC when that device sends an InArp
3. review this
4. Nonbroadcast multi
access is NBMA. NBMA applies to frame
networks because from does not transmit broadcasts by default, and more than
two devices are connected.
5. the datalink layer
and the physical layer are the OSI layers most associated with Frame relay
because it uses frames at the datalink layer and signaling at the physical.
6. no additional
configuration is required for a network using IGRP because the forwarding of
broadcasts as unicasts can be enabled on each VC and protocol for which InArp
is received.
7. A partial mesh
frame network is one where all devices are connected logically but not
physically. For instance a fully meshed
frame network would have an access link for every router, a partially meshed
frame network would be more akin to hub and spoke.
8. the keys to a
frame-relay map statement are the ip address of the next hop router, the dlci
to reach that router and whether or not broadcasts are necessary.
9. config t
int s0/0
encap frame
int s0/0.1 point-to-point
frame interface-dlci 10.0.0.1 202
int s0/0.2 point-to-point
frame interface-dlci 10.0.0.2 203
10. show frame pvc
command declares the time that the pvc came up
11. sh frame map will
show the ip addresses that are mapped in the case of multipoint subinterfaces
or when
12. the no keepalive
command will no longer send LMI messages across the access link.
13. debug frame
events will show inarp messages
14. false only one
layer 3 address per map statement
No comments:
Post a Comment