Recommended Post Slide Out For Blogger

2010 ALL NEW TRICKS

MY new site join for more hacks. Pc user'sclick here
Mobile user'sclick here

B

ccna

posted By singhiskinng999 February 20, 2010

1. The commands 'configure terminal', 'configure memory', and 'copy tftp running-config' all load configuration information into_____?

RAM. Most of the configuration commands deal with moving information into and out from RAM.



2. The commands 'copy running-config tftp' and 'copy running-config startup-config' store the currently running configuration from RAM to_____and_____, respectively.

A network tftp server and NVRAM, respectively.

3. What do the prompts for 'User EXEC' mode, 'Privileged EXEC' mode, and 'Global configuration' mode look like?



'User EXEC' mode: Router>

'Privileged EXEC' mode: Router#

(used for copying and managing entire configuration files)





"Global configuration' mode: Router(config)#



used for one-line commands and commands that change the entire

router (affect the system as a whole). Use the privileged EXEC

command "configure" to enter global configuration mode. When

you enter this command, the EXEC prompts for the source of the

configuration commands. You can then specify the terminal,

NVRAM, or a file stored on a network server as the source.

Specific Configuration Modes:



Interfaces Router(config-if)#

Subinterfaces Router(config-subif)#

Controller Router(config-controller)#

Map-list Router(config-map-list)#

Map-class Router(config-map-class)#

Line Router(config-line)#

Router Router(config-router)#

IPX-router Router(config-ipx-router)#

Route-map Router(config-route-map)#

If you type "exit" the router will back out one level, pressing "Control-Z" leaves configuration mode completely and returns to privileged EXEC mode.

4. When configuring routers with Release 11.x methods, once you have typed 'show running-config' and displayed a desired configuration, what commands do you use to save changes to backup?

Use 'copy running-config startup-config' and 'copy running-config tftp'.

5. What are two basic tasks when first configuring a router?

(1) Password configuration and (2) naming the router (router identification configuration).

The router provides a "host name", "a banner", and "interface descriptions" to aid in identification.

Configuration command summary:

· "configure terminal" - Configure manually from the console terminal.

· "configure memory" - Load configuration information from NVRAM to RAM.

· "copy tftp running-config" - Load configuration information from a network TFTP server to RAM.

· "copy running-config startup config" - Store the current configuration in RAM into NVRAM.

· "copy running-config tftp" - Store the current configuration in RAM on a network TFTP server.

· show startup-config" - Display the saved configuration, which is the contents of NVRAM.

· "erase startup-config" - Erase the contents of NVRAM.

You can use the "copy running-config tftp" command to store the current configuration in RAM on a network TFTP server. To do so, complete the following tasks:

1. Enter the 'copy running-config tftp' command.

2. Enter the IP address of the host you want to store the configuration file.

3. Enter the name you would like to assign to the configuration file.

4. Confirm your choices by answering "Yes".

These commands manage the contents of NVRAM:

· "configure memory" - Load configuration information from NVRAM to RAM.

· "erase startup-config" - Erase the contents of NVRAM.

· "copy running-config startup-config" - Store the current configuration in RAM (the running configuration) into NVRAM (as the startup configuration).

· "show startup-config" - Display the saved configuration, which is the contents of NVRAM.



IP Routing Protocol Mode:

Router(config)# router?



bgp Border Gateway Protocol (EGP)

egp Enterior Gateway Protocol (EGP)

eigrp Enhanced Interior Gateway Routing Protocol (EIGRP)

igrp Interior Gateway Routing Protocol (IGRP)

isis ISO IS-IS

iso-igrp IGRP for OSI networks

mobile Mobile routes

odr On Demand stub Routes

ospf Open Shortest Path First (OSPF)

rip Routing Information Protocol (RIP)

static Static routes

After a routing protocol is enabled by a global command, the router configuration mode prompt Router(config-router)# is displayed. Type a question question mark (?) to list the router configuration commands.



Router(config)# router rip

Router(config-router)# ?

Router configuration commands:

default-information Control distribution of default

information

distance Define an administrative

distance

distribute-list Filter networks in routing

updates

exit Exit from routing protocol

configuration mode



Many features are enabled on a per-interface basis. Interface configuration commands modify operation of an Ethernet, Token Ring, or serial port. Interface subcommands always follow an interface command; the interface command defines the interface type.



Configuration Methods:

1. Enter configuration statements

2. Save the changes to a backup the router will use when it starts up

3. Examine the changes you have made

4. If necessary, modify or remove configuration statements

You can secure your system by using passwords to restsrict access. Passwords can be established both on individual lines and in the privileged EXEC mode.

The "line console 0" command establishes a password on the console terminal.The "line vty 0 4" command establishes password protection on incoming Telnet sessions.

The "enable-password" command restricts access to the privileged EXEC mode.

The "enable-secret password" from the System Configuration Dialog to setup global parameters uses a Cisco-proprietary encryption process to alter the password character string.

Password can be further protected from display through the use of the "service password-encryption" command. The encryption algorithm does not match the Data Encryption Standard (DES).

The "banner mode" command is used to configure a message of the day which is displayed at login and is useful for conveying messages that affect all network users, such as impending system shutdowns.
















Semester 2, Lesson 10 Notes:
Sources for Cisco IOS Software

The default source for Cisco IOS software depends on the hardware platform, but most commonly the router looks to the 'configuration commands' saved in NVRAM.

You can specify other sources where the router should look for software, or the router will use its own "fall back sequence" as necessary to load software. Settings in the "configuration register" enable alternatives for where the router will bootstrap Cisco IOS software.

You can specify "enabled config-mode boot" (Router(config)# boot...) system commands to enter fall back sources for the router to use in sequence. Save these statments in NVRAM to use during the next startup with the command "copy running-config startup-config". The router will use these commands as needed, in sequence, when it restsarts.

However, if NVRAM lacks boot system commands the router can use; the system has its own 'fall back alternatives':

1. the router will fall back and use defalut Cisco IOS in Flash memory.

2. If Flash memory is empty, the router will try its next TFTP alternative. ...The router uses the configuration register value to form a filename from which to boot a default system image stored on a network.



2. What important command displays information about the Cisco IOS software that is currently running on the router, including the 'configuration register' setting?

"show version"

The order in which the router looks for system bootstrap information depends on the 'boot field' setting in the "configuration register". You can change the default "configuration register" setting with the 'enabled config-mode command', "config-register" (Router(config)# config-register 0x10F^Z).

The "configuration register" is a 16-bit register in NVRAM. The lowest four bits of the configuration register (bits 3, 2, 1, and 0) form the 'boot field'. Configuration register values (bits 3, 2, 1, and 0):



0x100 ROM monitor mode boot field 0-0-0-0

0x101 Boot from ROM boot field 0-0-0-1

0x102 - 0x10F Examine NVRAM boot field 0-0-1-0-1-1-1-1

To check the boot field setting, for example, to verify the config-register command, you must use the "show version" command. Note: You will not see evidence of any config-register setting in output from either the "show running-config" or "show startup-config comands".

The command "copy running-config startup-config" saves the command in NVRAM.

3. If both flash memory is corrupted and the network server fails to load the software image, what is the final software bootstrap option?

(3)Booting from ROM.

A 'TFTP server' can be another router, or it can be a host system. The TFTP host can be any system (Unix, DOS, Windows) with TFTP loaded and is able to contain files on the TCP/IP network. You will be copying software between the TFTP host and Flash memory in the router.

4. What comand would you use to make sure that you can see and write into Flash and verify that the router has sufficient room in Flash to accomodate the Cisco IOS software image you want to load?

"show flash"

1. Command used to verify that you have sufficient memory on your system for the Cosci IOS software you want to load.

2. Command used to learn the name of the system image file.

With Cisco IOS Release 11.2, the naming convention for Cisco IOS contains three parts:(Ex. igs-inr-1, c4500-aj-m, gs7-k-mz)

1. The first part of the image name contains the platform on which the image runs. (ex. cpa25, igs, c4500, gs7)

2. The second part of the image name identifies the special capabilities of the image. A letter or series of letters identifies the feature sets supported in the image. (Ex. 1, cg, inr, aj, k)

3. The third part of the image name specifies where the image runs and if it has been 'zip' compressed. (Ex. 1, m, mz)

5. What two related commands are useful for transferring Cisco IOS images between tftp server and flash memory?

1. "copy tftp flash" - Copy the system image to a TFTP server.

Provides for a backup copy of the current Cisco IOS software image.

2. "copy tftp flash" - Download the new image from the TFTP server.

This command begins operation by requesting the 'IP address' of the remote host that will act as a TFTP server. Next you are prompted for the 'image name' of the update image. Following an opportunity to confirm your entries, the procedure asks if you are willing to 'erase Flash'. Each exclamation point (!) means that one User Datagram Protocol (UDP) segment has successfully transferred. The series of Vs indicates successful check run verification of a segment.

Use the "show flash" command to view the file and to compare its size with that of the original on the server before changing the 'boot system commands' to use the updated image. Following a successful copy, the "reload" command boots up the router as specified with the boot system system using the updated image.
Semester 2, Lesson 11 Notes:
Fundamentals of TCP/IP

TCP/IP - "Transmission Control Protocol/Internet Protocol". Common name for the suite of protocols developed by the U.S. DOD in the 1970s to support the construction of worldwide internetworks. TCP and IP are the two best-known protocols in the suite.

TCP - "Transmission Control Protocol". Connection-oriented 'transport layer' protocol that provides reliable full-duplex data transmission. TCP is part of the TCP/IP protocol stack.

IP - "Internet Protocol". 'Network layer' protocol in the TCP/IP stack offering a connectionless internetwork service. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security. Documented in RFC 791.

The TCP/IP protocol stack has the following components:

· Protocols to support file transfer, e-mail, remote login, and other 'application protocols'. Network management is also supported at the Application layer. (layer 7)

· Reliable and "unreliable" transports (layer 4)

· Connectionless datagram delivery at the Network layer (layer 3)

· ICMP provides control and message functions at the Network layer (layer 3).

1. How do the TCP/IP 'Conceptual layers' relate to the 'OSI layers'?

1. TCP/IP groups the OSI 7-Application, 6-Presentation, and 5-Session layers into an "Application Layer".

2. The OSI 4-Transport layer maps exactly to the TCP/IP "Transport Layer".

3. TCP/IP renames the OSI 3-Network layer as an "Internet Layer".

4. TCP/IP calls the OSI 2-Data link and 1-Physical layers the "Network Interface Layer".

2. Compare and contrast TCP and UDP Transport Layer).

1. TCP (Transmission Control Protocol) is a connection-oriented, 'reliable protocol'. It is responsible for breaking messages into 'segments', reassembling them at the destination station, resending anything that is not received, and reassembling messages from the segments. TCP supplies a 'virtual circuit' between end-user applications.

2. UDP (User Datagram Protocol) is a connection-less, "unreliable" protocol. Although UDP is responsible for transmitting messages, no software checking for segment delivery is provided at this layer; hence the description 'unreliable'.

The "Transport layer" performs two functions:

1. Flow control provided by sliding windows

2. Reliability provided by sequence numbers and acknowledgmenmts



3. Briefly describe everything you know about the fields in a TCP 'segment'.

TCP field segments include:

1. Source and destination ports (what services are being requested)

2. Sequence numbers, Acknowledgment numbers, and Header length (keeping track of segments)

3. Code bits (setup and termination of sessions)

4. Window (number of octets that the sender is willing to accept)

5. Checksum (number of header and data fields, for error correction)

6. Data (upper-layer protocol data)

Both TCP and UDP us eport (or socket) numbers to pass information to the upper layers. Port numbers are used to keep track of different conversations crossing the network at the same time. Application software developers agree to use well-known port numbers that are defined in RFC1700.

Some ports are reserved in both TCP and UDP, but applications might not be written to support them. Port numbers have the following assigned ranges:

· Numbers below 255 are for public applications.

· Numbers from 255 to 1023 are assigned to companies for sealable applications.

· Numbers above 1023 are unregulated.

End systems use port numbers to select the proper application. Originating source port numbers are dynamically assigned by the source host, usually some number greater than 1023.

TCP "Three-Way Handshake" (Open Connection)

Both ends of the connection are synchronized with a three-way handshake /open connection sequence. Exchanging beginning sequence numbers during the connection sequence ensures that lost data can be recovered if problems occur later.



Host-A Host-B

------ ------

1. Send SYN (seq=x)

Receive SYN (seq=x)





Send SYN (seq=y, ack=x+1)

2. Receive SYN (seq=y, ach=x+1)







3. Send ACK (ack=y+1)

Receive ACK (ack=y+1)





"Window size" - Refers to the number of messages that can be transmitted while awaiting an acknowledgment. TCP uses 'expectational acknowledgments', meaning that the acknowledgment number refers to the octet expected next.

"Par" (Positive Acknowledgment and Retransmission) - TCP provides "sequencing" of segments with a "forward reference acknowledgment". Each datagram is numbered before transmission. At the receiving station, TCP reassembles the segments into a complete message. If a sequence number is missing in the series, that segment is retransmitted. Segments that are not acknowledged within a given time period result in retransmission.

"UDP (User Datagram Protocol) uses no windowing or acknowledgments. Application-layer protocols can provide for reliability. UDP is designed for applications that do not need to put sequencses of segments together. Protocols that use UDP include TFTP, SNMP, Network File System (NFS), and Domain Name System (DNS).

4. Briefly describe everything you know about the fields in an IP 'datagram'.

IP datagram fields include:

1. Version number and header length

2. Type of service and total length of datagram

3. Time-To-Live

4. Which upper-layer Protocol has sent the Datagram (TCP or UDP)

5. Header checksum

6. Source and Destination IP addresses

7. IP options (testing, debugging, security)

8. Data

5. Briefly distinguish between IP, ICMP, ARP, and RARP (Internet layer).

Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI 3-Network layer:

"IP" (Internet protocol) provides 'connectionless', 'best-effort routing' of datagrams [packets]. It is not concerned with their content; it is looking for ways to move the datagrams to their destination. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security.

"ICMP" (Internet Control Message Protocol) provides control and messaging capabilities. Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing.

If a router receives a packet that it is unable to deliver to its destination, the router sends an ICMP :destination unreachable" message to the source and the router discards the message. The message might be undeliverable because of an invalid IP address or there is no known route to the destination. Undeliverable ICMP messages are discarded to prevent flooding of the network.

An "echo reply" is a successful reply to a "ping" command; however, the results could include other ICMP mesages, such as unreachables and timeouts.

ICMP uses the following types of defined messages. Others exist that are not included on this list:

· Destiantion (Host) Unreachable

· Echo Request (Ping)

· Echo Reply (Ping Reply)

· Time Exceeded

· Parameter Problem

· Source Quench

· Redirect

· Timestamp

· Timestamp Reply

· Information Request

· Information Reply

· Address Request

· Address Reply

"ARP" (Address Resolution Protocol) determines the 2-Data link layer address for a known IP address. Internet protocol is used to map an IP address (network address) to a MAC sublayer address. To determine a destination address for a 'datagram' the "ARP cache" table is checked. If the address is not in the table, ARP sends a 'broadcast' looking for the destination station. Every station on the network receives the broadcast.

The term "local ARP" is used to describe resolving an address when both the requesting host and the destination host share the same media or wire. Prior to issuing the ARP, the "subnet mask" was consulted. The mask determined that the nodes are on the same subnet.

"RARP" (Reverse Address Resolution Protocol) determines network addresses (IP addresses) when data link layer addresses are known. Protocol in the TCP/IP stack that provides a method for finding IP addresses based on MAC addresses.

RARP relies on the presence of a RARP server with a table entry or other means to respond to these requests. On the local segment, RARP can be used to initiate a remote operating system load sequence








Semester 2, Lesson 12 Notes:
TCP/IP Address Overview and Configuring Router Addresses

Each node using the TCP/IP protocol suite has a unique '32-bit logical address'. This address is known as the "IP address".

Each company listed on the internetwork is seen as a 'single unique network' that must be reached before an 'individual host' within that company can be contacted. Each company network has an address; the hosts that live on that network share that same "network address", but each host is identified by the unique "host address" on the network.

"Broadcast" - Data packet that will be sent to all nodes on a network. Broadcasts are identified by a "broadcast address" a 'host address' of all ones in the 'IP address'.

The Cisco IOS software supports two kinds of broadcasts:

1. "Directed broadcasts" - Broadcasts directed into a specific network are allowed and are forwarded by the router. These directed broadcasts contain all ones in the host portion of the address.

2. "Flooding" - 'Flooding broadcasts' (255.255.255.255) are not propagated, but are considered local broadcasts.

"Flooding" - Traffic passing technique used by 'switches' and 'bridges' in which traffic received on an interface is sent out to all of the interfaces of that device except the interface on which the information was originally received.

"Network Addresses" - An address of all zeros means 'this network' or 'the wire itself'. The "routing table" contains entries for the 'wire' or 'network addresses'; it usually does not contain any information about hosts.

An 'IP address' and 'subnet mask' on an interface achieves three purposes:

1. It enables the system to process the receipt and transmission of packets.

2. It specifies the device's local address.

3. It specifies a range of addresses that share the cable with the device.

1. If a router has:

A serial interface SO with IP address 172.16.1.2

An Ethernet interface EO with IP address 172.31.4.1

A Token Ring interface TO with IP address 172.31.16.1

and if all interfaces use a mask of 255.255.25.0, find the subnet (wire) number for each interface.



SO: 172.16.1.0 (172.16.1.2 AND 255.255.255.0)

EO: 172.31.4.0 (172.31.4.1 AND 255.255.255.0)

TO: 172.31.16.0 (172.31.16.1 AND 255.255.255.0)

2. What is the result of the command:

"Router(config-if)# ip address ip-address subnet-mask"

This command establishes the 'logical network address' (ip-address) and subnet-mask of the specified interface. Specifically, it (1) assigns an address and a subnet-mask and (2) starts IP processing on that interface.

"Router(config)# term ip netmask-format"

Command used to specify the format of network masks for the current session. Format options are:

Bit count

Dotted decimal (the default)

Hexdecimal

What does the following command do?

"Router(config)# ip host name ip-address"

The 'ip host' command makes a "static name-to-address entry" in the router's configuration file. Hosts and interfaces then become selctable by either their 'name' or their 'IP address'.

"Router(config)# ip name-server server-address [...]"

Command used to define which hosts can provide the 'name service'. A maximum of six IP addresses can be specified as name servers in a single command.

"Router(config)# ip domain-lookup"

The DNS (name service) is enabled by default with a server address of 255.255.255.255, which is a local broadcast.

"Router(config)# no ip domain-lookup"

Command used to turn off name-to-address translation in the router.

4. What type of information is obtained from the command:

"Router# show hosts"

This command displays host names, their associated IP addresses, and type and time status indicators about how and why the host name became associated with those IP addresses (Cache of host name-to-address mappings).

The Cisco IOS software maintains a 'cache' of 'host name-to-address mappings' for use by EXEC commands. This cache speeds the process of converting names to addresses.

5. Distinguish amongst the three commands which allow you to 'verify address configuration' in your internetwork.

1. "Telnet" (a layer 7 test) verifies the allplication layer software between source and destination stations (this is the most complete test mechanism available).

2. "Ping" (a layer 3 test) uses the IMCP protocol to verify the hardware connection and the logical address of the network layer (this is a very basic testing mechanism). The 'ping' command sends ICMP echo packets and is supported in both user and privileged EXEC mode. These are the commands that may be returned by the "ping" test (ICMP Echo Request):

3.

4. Character Definition

5. ! Successful receipt of an echo reply

6. . Times out waiting for datagram reply

7. U Destination unreachable error

8. C Congestion-experienced packet

9. I Ping interupted (Ctrl-Shift-6 x)

10. ? Packet type unknown

11. & Packet Time To Live exceeded

"Extended Ping" is supported only from privileged EXEC mode. You can use the extended command mode of the ping command to specify the supported internet header options. To enter the extended mode, enter 'Y' at the extended commands prompt.

12. "Trace" uses Time-To-Live (TTL) values to generate messages from each router used along the path (this is very useful for locating path failures). 'Host names' are shown if the addresses are translated dynamically or via static host table entires. The 'times' listed represent the time required for each of three probes to return.

When the trace reaches the target destination, an asterisk (*) is reported at the display. This normally is caused by the receipt of a port -unreachable packet and the time out in responce to the probe packet. Other responses include:



!H - The probe was received by the router,

but not forwarded, usually due to an

access list.

P - The protcol was unreachable.

N - The network was unreachable.

U - The port was unreachable.

* - Time out.

Semester 2, Lesson 13 Notes:
Router configuration and Routing Protocols: RIP and IGRP

"IGP" (Interior Gateway Protocol) - Internet protocol used to exchange routing information within an autonomous system. Examples of common IGPs include IGRP, OSPF, and RIP.

"RIP" (Routing Information Protocol) - IGP supplied with UNIX BSD systems. The most common IGP in the Internet. RIP uses hop count as a routing metric.

"IGRP" (Interior Gateway Routing Protocol) - IGP developed by Cisco to address the problems associated with routing in large, heterogeneous networks.

Each 'interface' on the router must be configured with a unique 'IP address' and 'subnet mask'. Information that relates an IP address to a router is called the "routing table".

Routers learn paths to destinations three different ways:

(Note: The "ip route" command is used to set up 'static routes'. The "ip default-network" command is used to set up 'default routes')

(1)"Static routes" - Manually defined by the system administrator as the only path to the destination (stub network). Route that is explicitly configured and entered into the routing table. Static routes take precedence over routes chosen by dynamic routing protocols. Useful for controlling security and reducing traffic. The "ip route" command is used to setup a static route.

Router(config)# ip route network [mask] {address/interface) [distance]



network Destination 'network' or subnet mask

Subnet mask



address IP address of next hop router



interface Name of interface to use to get to

destination network



distance The administrative distance

"Administrative distance" - a rating of the trustworthiness of a routing information source expressed as a numeric value from 0 to 255. The higher the number, the lower the trustworthiness rating.

A 'static route' allows manual configuration of the routing table. No dynamic changes to this table entry will occur as long as the path is active. A static route may reflect some special knowledge of the networking situation known to the network administrator. Manually entered 'administrative distance' values for static routes are usually low numbers.

Routing updates are not sent on a link if only defined by a 'static route', thereby conserving bandwidth.

(2)"Default routes" - Manually defined by the system administrator as the path to take when no route to the destination is known. Routing table entry that is used to direct frames for which a next hop is not explicitly listed in the routing table. 'Default routes' are configured using the 'ip default route' command, while at the 'Router (config)# prompt.

Router(config)# ip default-network network-number

Network-number: IP network number or subnet number defined as the default.

(3)"Dynamic routing" - Router learns of paths to destinations by receiving periodic updates from other routers. Routing that adjusts auotmatically to network topology or traffic changes. Also called adaptive routing. Dynamic routing uses 'broadcasts' and 'multicasts' to communicate with other routers. The "router" command starts a routing process.

Router(config)# router protocol [number/word]

protocol RIP, IGRP, OSPF, or Enhanced IGRP.

number autonomous-number for IGRP

An "Autonomous System" (AS) is a group of routers under a common administration, An 'autonomous system' consists of touters, run by one or more operators, that present a consistent view of routing to the external world. As numbers are used to prevent updates from different Autonomous Systems being propagated amongst each other.

The "Network Information Center" (NIC) assigns a unique 'autonomous system' to enterprises. This autonomous system is a 16-bit number. A routing protocol, such as Cisco's "Interior Gateway Routing Protocol" (IGRP) requires that you specify this unique, assigned autonomous system number in your configuration.

Router(config-router)# network network-number

network:

Such as autonomous system, which is used with those protocols that require an autonomous system, such as IGRP.

network-number:

Specifies a directly connected network.

The "network" command is required because it allows the routing process to determine which interfaces will participate in the sending and receiving of routing updates. The "network number" must be based on the NIC network numbers, not subnet numbers or individual addresses. The network command assigns a NIC-based address to which the router is directly connected. The routing process will associate interfaces with the proper addresses and will begin packet processing on the specified networks.

"Exterior routing protocols" are used to communicate between 'autonomous systems'. "Interior routing protocols" are used to communicate within a single Autonomous System.

At the "Internet layer" of the TCP/IP suite of protocols, a router can use the IP routing protocol to accomplish routing through the implementation of a specific routing algorithm. Examples of the IP routing protocols include:

RIP:

A 'distance vector' routing protocol.

IGRP:

Cisco's 'distance vector' routing protocol.

OSPF:

A 'link-state' routing protocol.

Enhanced IGRP:

A 'balanced hybrid' routing protocol.

The selection of IP as a routing protocol involves the setting of both global and interface parameters.

Global configuration tasks:

1. Select a routing protocol, RIP or IGRP.

2. Assign IP network numbers without specifying subnet values.

Interface configuration task:

1. assign network/subnet addresses and the appropriate subnet mask.

RIP (Routing Information Protocol) is primarily concerned with the 'hop count'. Key characteristics of RIP include the following:

· It is a distance vector routing protocol.

· Hop count is used as the metric for path selection.

· The maximum allowable hop count is 15.

· Routing updates are broadcast every 30 seconds by default.

IGRP (Interior Gateway Routing Protocol) is a distance vector routing protocol developed by Cisco. IGRP sends routing updates at 90-second intervals that advertise networks for a particular autonomous system. The following are some key characteristics of IGRP:

· IGRP is a distance vector routing protocol.

· A composite metric (including bandwidth, delay, load, reliability, and MTU) is used for path selection.

· It is versatile, flexable, and scalable, allowing for more complex topologies and large networks.

· Routing updates are broadcast every 90 seconds.

· Speed is the primary concern of IGRP.

"MTU" (Maximum transmission unit) - Maximum packet size, in bytes, that a particular interface can handle.

"show ip protocol" - (1) Command that displays values about routing timers and network information associated with the entire router. (2) Command that displays parameters, filters, and network information about the entire router. Use this information to indentify a router that is suspected of delivering bad routing information.

"show ip route" - Command that displays the contents of the IP routing table.

The 'routing table' contains entries for all known networks and subnetworks and contains a 'code' that indicates how that information was learned.

"show ip interface" - Command that displays the status and global parameters associated with an interface.

The Cisco IOS software automatically enters a directly connected route in the routing table if the 'interface' is one through which software can send and receive packets. Such an 'interface' is marked 'up'. If the interface is unusable, it is removed from the routing table. Removing the entry allows implementation of backup routes, if they exist.

"debug ip rip" - Command that displays RIP routing updates as they are sent and received




Semester 2, Lesson 14 Notes:
Router Access Lists, Security, and Firewalls

"Access list" - (1) List kept by Cisco routers to control access to or from the router for a number of services (for example, to prevent packets with a certain IP address from leaving a particular interface on the router). (2) Command that creates an entry in a standard traffic filter list.

· Standard

-Simpler address specifications

-Generally permits or denies entire protocol suites

· Extended

-More complex address specifications

-Generally permits or denies specific protocols

"Access lists" offer another powerful tool for network control. These lists add the flexibility to filter the packet flow that flows in or out of router interfaces. "Access lists" perform several functions within a Cisco router including:

· Impliment security/access procedures

· Act as a protocol "firewall"

"Extended Access lists" allow 'filtering' on address, protocol, and applications. Access lists are used to 'limit broadcast traffic'.

You can also use "Access lists" to:

· Identify packets for priority or custom queing

· Restrict or reduce the contents of routing updates

"Access lists" also process packets for other security features to:

· Provide IP traffic dynamic access control with enhanced user authentication using the lock-and-key feature

· Identify packets for encryption

· Identify Telnet access allowed to the router virtual terminals

"DDR" (Dial-on-demand routing) Technique whereby a Cisco router can automatically initiate and close a 'circuit-switched session' as transmitting stations demand. The router 'spoofs keepalives' so that end stations treat the session as active. DDR permits routing over ISDN or telephone lines using an external ISDN terminal adaptor or modem.

The OSI model is the very heart of networking with every layer performing a specific task in order to facilitate data communications. In the world of networking the first four (4) layers are the focus. They define the following:

* What type and speed of LAN and WAN media to be implemented
* How data is sent across the media
* What type of addressing schemes will be used.
* How data will be reliably sent across the network and how flow control will be accomplished
* What type of routing protocol will be implemented

Why a Layered Network Model ?

* Reduces complexity
* Standardizes interfaces
* Facilitates modular engineering
* Ensures interoperable technology
* Accelerates evolution
* Simplifies teaching and learning

The OSI model - seven numbered layers indicate distinct functions. In the Transmission Control Protocol/Internet Protocol (TCP/IP), the distinct functions fit into five named layers. This separation of networking functions is called "layering".
OSI Layer Functions:

7. APPLICATION (Network processes to applications)

The application layer provides network services to user applications. For example, a word processing application is serviced by file transfer services at this layer.

6. PRESENTATION (Data representation)

This layer provides data representation and code formatting. It ensures that the data that arrives from the network can be used by the application, and it ensures that information sent by the application can be transmitted on the network.

5. SESSION (Interhost communication)

This layer establishes, maintains, and manages sessions between applications.

4. TRANSPORT (End-to-end connections)

This layer segments and reassembles data into a data stream. This layer uses the TCP protocol.

3. NETWORK (Addresses and best path)

This layer determines the best way to move data from one place to another. The router operates at this layer. This layer uses the IP addressing scheme.

2. DATA LINK (Access to media)

This layer provides physical transmission across the medium. It handles error notification, network topology, and flow control. This layer uses the Media Access Control (MAC) address.

1. PHYSICAL (Binary transmission)

This layer provides the electrical, mechanical, procedural, and functional means for activating and maintaining the physical link between systems. This layer uses the physical media like twisted pair, coaxial, and fiber-optic cable.

[Host Layers] (layers 7, 6, 5, & 4)
Provide for accurate data delivery between computers

[Media Layers] (layers 3, 2, & 1)
Control physical delivery of messages over the network

Each layer uses its own 'layer protocol' to communicate with its peer layer in the other system. Each layer's protocol exchanges information, called protocol data units (PDUs), between peer layers. A given layer can use a more specific name for its "PDU".



7, 6, 5. ------ [data]

4. Transport--- segments [segment header][data]

3. Network----- packets [network header][data segment]

2. Data Link--- frames [frame header][network packet][frame trailer]

1. Physical---- bits [binary 1's & 0's]

This peer-layer protocol communication is achieved by using the services of the layers below it. The layer below any current layer provides its services to the current layer. Each lower-layer service takes upper-layer information as part of the lower-layer PDUs it exchanges with its layer peer.

[1-Physical Layer] (bits)
The Ethernet and IEEE 802.3 standards define a bus-topology LAN that operates at a baseband signaling rate of 10 Mbps.

1. 10Base2 - Known as 'thin Ethernet', allows network segments up to 185 meters on coaxial cable.

2. 10Base5 - Known as 'thick Ethernet', allows network segments up to 500 meters on coaxial cable.

3. 10Base-T - Carries Ethernet frames on inexpensive twisted-pair wiring.

The 10Base5 and 10Base2 standards provide access for several stations on the same LAN segment. Stations are attached to the segment by a cable that runs from an attachment unit interface (AUI) in the station to a transceiver that is directly attached to the Ethernet coaxial cable.

Because the 10Base-T standard provides access for a single station only, stations attached to an Ethernet LAN by 10BaseT are almost always connected to a hub or a LAN switch. In this arrangement, the hub or LAN switch is the same as an Ethernet segment.

[2-Data Link Layer] (physical addressing)
The Ethernet and 802.3 data links provide data transport across the physical link joining two devices Devices can be directly attached to each other over the Ethernet LAN. Computers have MAC addresses used by the data-link layer. The router also uses MAC addresses for each of its LAN side interfaces. For indicating the 802.3 interface on the router, you will use the Cisco IOS interface type abbreviation E followed by an interface number (for example, E0).

[3-Network Layer] (Path determination)
Which path should traffic take through the cloud of networks? Path determination occurs at Layer 3, the 'Network layer'. The path determination function enables a router to evaluate the available paths to a destination and to establish the preferred handling of a packet.

Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI Network layer:

* IP (Internet Protocol) provides connectionless, best-effort delivery routing of datagrams. It is not concerned with the content of the datagrams. Instead, it looks for a way to move the datagrams to their destination.
* ICMP (Internet Control Messages Protocol) provides control and messaging capabilities. ICMP - Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing.
* ARP (Address Resolution Protocol) determines the data link layer address for known IP addresses. Internet protocol used to map an IP address to a MAC address.
* RARP (Reverse Address Resolution Protocol) determines network addresses when data link layer addresses are known. Protocol in the TCP/IP stack that provides a method for finding IP addresses based on MAC addresses.

[TCP/IP Network Layers]

-[DoD TCP/IP Model]- -[OSI 7-Layer Model]-

4. Application (7-Application, 6-Presentation, & 5-Session)

3. Transport (4-Transport)

2. Internet (3-Network)

1. Network Interface (2-Data Link & 1-Physical)

Best-effort delivery - Describes a network system that does not use a sophisticated acknowledgment system to guarantee reliable delivery of information.

[TCP/IP addresses]

* Unique addressing allows communication between 'end stations'
* Path choice is based on location
* Location is represented by an 32-bit address (IP address)

Each company listed on the internetwork is seen as a single unique network that must be reached before an individual host within that company can be contacted. Each company network has an address; the hosts that live on that network share that same network address, but each host is identified by the unique host address on the network.


[Addressing with subnets]
With subnets, the network address use is more efficient. There is no change to how the outside world sees the network, but within the organization, there is additional structure.

Routers determine the destination network using the 'subnet address', limiting the amount of traffic on the other network segments.

"Routing services" use network topology information when evaluating network paths. This information can be configured by the network administrator or collected through dynamic processes running in the network.

The 3-Network layer interfaces to networks and provides best effort end-to-end packet delivery services to its user, the 4-Transport layer. The 3-Network layer sends packets from the source network to the destination network based on 'IP routing table' (contains: 'Destination network' addresses & 'Next Hop' (outgoing interface) pairs).

After the router determines which path to use, it can proceed with "switching the packet"; taking the packet it accepted on one interface and forwarding it to another interface or port that reflects the best path to the packet's destination.

Using IP addresses, the 3-Network layer can provide a 'relay connection' that interconnects independent networks. By using 'consistent end-to-end addressing' to represent the path of media connections, the 3-Network layer can find a path to the destination without unnecessarily burdening the devices or links on the internetwork with broadcasts.

The Network address identifies a path part used by the router within the network cloud. The router uses the network address to identify the source or destination network of a packet within an internetwork. For some network-layer protocols, this relationship is established by a network administrator who assigns network addresses according to some preconceived internetwork addressing plan. For other network-layer protocols, assigning addresses is partially or completely dynamic.

* Network address - Path part used by the router
* Host address - Specific port or device on the network





ICMP - Internet Control Messages Protocol

The ICMP is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams and are used to send error and control messages. ICMP uses the following types of defined messages. Others exist that are not included on this list:

* Destination Unreachable
* Time Exceeded
* Parameter Problem
* Source Quench
* Redirect
* Echo
* Echo Reply
* Timestamp
* Timestamp Reply
* Information Request
* Information Reply
* Address Request
* Address Reply

If a router receives a packet that it is unable to deliver to its ultimate destination, the router sends an ICMP host unreachable message to the source. The message might be undeliverable because there is no known route to the destination.

An ICMP 'echo reply' is a successful reply to a "ping" command (ICMP echo request); however, results could include other ICMP messages, such as unreachable and timeouts.
ARP - Address Resolution Protocol

ARP is used to resolve or map a known IP address to a MAC sublayer address to allow communication on a multiaccess medium such as Ethernet. To determine a destination address for a datagram, FIRST, the ARP cache table is checked. If the address is not in the table, ARP sends a broadcast (ARP request) looking for the destination station. Every station on the network receives the broadcast (ARP request). When the destination station replies (ARP reply) only the original station (now the destination) receives the ARP replay and updates it's ARP cache.

The term "local ARP" is used to describe resolving an address when both \ the requesting host and the destination host share the same media or wire. Prior to issuing the ARP, the subnet mask was consulted. The mask determined that the nodes are on the same subnet.

[4-Transport Layer] (End-to-end connections)

* segments upper-layer applications
* establishes an end-to-end connection
* sends segments from one end host to another
* optionally, ensures data reliability

Services located in the 4-Transport layer allow users to break apart or 'segment' several upper-layer application data onto the same Layer 4 data stream. These same services allow users to reassemble the same upper-layer applications data. The Layer 4 data stream provides transport services from the host to the destination. Services such as these are sometimes referred to as "end-to-end services". The Layer 4 data stream is a 'logical connection' between the endpoints of a network.

As the Transport layer sends its data segments, it can also ensure the integrity of the data. One method of doing this is called "flow control". Flow control avoids the problem of a host at one side of the connection overflowing the buffers in the host at the other side. Transport layer services also allow users to request reliable data transport between hosts and destinations. To obtain such reliable transport of data, a connection-oriented relationship is used between the communicating end systems.

Reliable transport can accomplish the following:

* Ensure that segments delivered will be acknowledged back to the sender.
* Provide for retransmission of any segments that are not acknowledged.
* Put segments back into their correct sequence at the destination.
* Provide congestion avoidance and control.

One reason for different layers in the OSI model is so that multiple applications can share the same transport connection. Transport functionality is accomplished segment by segment. This means that different applications can send data segments on a first-come, first-served basis. Such segments can be intended for the same destination or for many different destinations

One user of the 4-Transport layer must establish a connection-oriented session with its peer system.



Sender --- synchronize ------------------> Receiver

Sender <------ negotiate connection -----> Receiver

Sender <------------------ synchronize --- Receiver

Sender --- acknowledge ------------------> Receiver

----- connection established -----

Sender <- data transfer (send segments) -> Receiver

TCP/IP 3-way Handshake



(1) Send SYN(seq=x) -----\

\--> Receive SYN(seq=x)

(2) /--- Send SYN(seq=x, ack=y+1)

Receive SYN(seq=y) <-/

ACK(x+1)

(3) Send ACK(ack=y+1) ---\

\--> Receive ACK(ack=y+1)

When datagrams arrive too quickly for a host or gateway to process, they are stored in memory temporarily (buffer). If the traffic continues, the host or gateway eventually exhausts its memory and must discard additional datagrams that arrive. Instead of allowing data to be lost, the transport function can issue a 'not ready' (Window size=0) indicator to the sender. Acting like a stop sign, this indicator signals the sender to stop sending data. When the receiver can handle additional data, the receiver sends a 'ready' (Window size >0) transport indicator, which is like a go signal.

If the sender has to wait for an acknowledgment after sending each segment, throughput will be low. Because time is available after the sender finishes transmitting the data packet and before the sender finishes processing any received acknowledgment, the interval is used for transmitting more data. The number of data packets the sender is allowed to have outstanding - without yet receiving an acknowledgment - is known as the "window" or window size.

Windowing is a method to control the amount of information transferred end-to-end. Some protocols measure information in terms of the number of packets; TCP/IP measures information in terms of the number of bytes. Windowing is an end-to-end agreement between sender and receiver.

Reliable delivery guarantees that a stream of data sent from one machine will be delivered through a data link to another machine without duplication or data loss. (PAR) "Positive Acknowledgment with Retransmission" is one technique that guarantees reliable delivery of data streams. Positive acknowledgment requires a recipient to communicate with the source, sending back an acknowledgment (ACK x+1) message when it receives data. The sender keeps a record of each data packet it sends and waits for an acknowledgment before sending the next data packet. The sender also starts a timer when it sends a segment, and it retransmits a segment if the timer expires before an acknowledgment arrives.
Routing

Routers generally relay a packet from one data link to another. To relay a packet, a router uses two basic functions:

1. a path determination function, and

2. a switching function.

A router is responsible for passing the packet to the next network along the path. The router uses the 'network portion' of the address to make 'path selections'. The 'switching function' allows a router to accept a packet on one interface and forward it on a second interface. The 'path determination' function enables the router to select the most appropriate interface for forwarding a packet. The 'node portion' of the address refers to a specific port on the router that leads to an adjacent router in that direction.

* Network portion of address used to make path selections
* Node portion of address refers to router port to the path

'Routed protocol' - Protocol that can be routed by a router. A router must be able to interpret the logical internetwork as specified by that routed protocol. Any network protocol that provides enough information in its network layer address to allow a packet to be forwarded from host to host based on the addressing scheme. Routed protocols define the format and use of the fields within a packet.

Examples of routed protocols include AppleTalk, DECnet, and IP.

'Routing protocol' - Protocol that accomplishes routing through the implementation of a specific routing algorithm. Supports a routed protocol by providing mechanisms for sharing routing information. Routing protocol messages move between the routers. A routing protocol allows the routers to communicate with other routers to update and maintain tables.

Examples of routing protocols include IGRP, OSPF, and RIP.
RIP - Routing Information Protocol

IGP (Interior Gateway Routing Protocol) supplied with UNIX BSD systems. The most common IGP in the Internet. RIP uses hop count as a routing metric. Key characteristics of RIP include the following:

· It is a distance vector routing protocol.

· Hop count is used as the metric for path selection.

· The maximum allowable hop count is 15.

· Routing updates are broadcast every 30 seconds by default.
IGRP - Interior Gateway Routing Protocol

IGP developed by Cisco to address the problems associated with routing in large, heterogeneous networks.
EIGRP - Enhanced Interior Gateway Routing Protocol

Advanced version of IGRP developed by Cisco. A 'balanced hybrid' routing protocol. Provides superior convergence properties and operating efficiency, and combines the advantages of link state protocols with those of distance vector protocols.
OSPF - Open Shortest Path First

Link-state, hierarchical IGP routing protocol proposed as a successor to RIP in the Internet community. OSPF features include least-cost routing, multipath routing, and load balancing. OSPF was derived from an early version of the ISIS protocol.

[Network-Layer Protocol Operations]
When a host application needs to send a packet to a destination on a different network, a 2-Data-link frame is received on one of a router's interfaces. The 3-Network layer process examines the header to determine the destination network and then references the routing table that associates networks to outgoing interfaces. The packet is again encapsulated in the 2-Data-link frame for the selected interface and queued for delivery to the next hop in the path. This process occurs each time the packet switches through another router. At the router connected to the network containing the destination host, the packet is again encapsulated in the destination LAN's 2-Data-link frame type and delivered to the destination host.

"Static Route" - uses a protocol route that a network administrator enters into the router. Route that is explicitly configured and entered into the routing table. Static routes take precedence over routes chosen by dynamic routing protocols.

* For security when appropriate to hide parts of an internetwork
* Point-to-point or circuit-switched connection
* Stub network (network that has only a single connection to a router)
* Only a single network connection with no need for routing updates (Fixed route to address reflects administrators knowledge)

"Dynamic Route" - uses a route that a network routing protocol adjusts automatically for topology or traffic changes. Routing that adjusts automatically to network topology or traffic changes. Also called adaptive routing.

The success of "dynamic routing" depends on two basic router functions:

1. Maintenance of a routing table, and

2. Timely distribution of knowledge in the form of routing updates to other routers.

Dynamic routing relies on a 'routing protocol' to share knowledge. A 'routing protocol' defines the set of rules used by a router when it communicates with neighboring routers.

"Default route" - Routing table entry that is used to direct frames for which a next hop is not explicitly listed in the routing table.

"Distance vector" routing algorithm - Class of routing algorithms that iterate on the 'number of hops' in a route to find a shortest-path spanning tree. Distance vector routing algorithms call for each router to send its entire 'routing table' in each periodic update, but only to its neighbors and in the process accumulate 'distance vectors'. Distance vector routing algorithms can be prone to routing loops, but are computationally simpler than 'link state' routing algorithms. Also called Bellman-Ford routing algorithm. Distance vector algorithms do not allow a router to know the exact topology of an internetwork.

"Link state" (also called shortest path first) routing algorithm - Routing algorithm in which each router broadcasts or multicasts information regarding the 'cost of reaching each of its neighbors' to all nodes in the internetwork. 'Link state' algorithms create a consistent view of the network (they maintain a complex database of topology information) and are therefore not prone to routing loops, but they achieve this at the cost of relatively greater computational difficulty and more widespread traffic (compared with distance vector routing algorithms). Link-state routing uses link-state advertisements (LSAs), a topological database, the SPF algorithm, the resulting SPF tree, and finally, a routing table of paths and ports to each network.

'LSA' - Link-state advertisement. Broadcast packet used by 'link-state' protocols that contains information about neighbors and path costs. LSAs are used by the receiving routers to maintain their routing tables. Sometimes called a link-state packet (LSP).

The "Balanced hybrid" approach combines aspects of the 'link-state' and 'distance vector' algorithms.

'Convergence' - The speed and ability of a group of internetworking devices running a specific routing protocol to agree on the topology of an internetwork after a change in that topology. (The knowledge needs to reflect an accurate, consistent view of the new topology.) When all routers in an internetwork are operating with the same knowledge, the internetwork is said to have 'converged'.



[ Distance Vector Routing ] [ Link-State (SPF) Routing ]

* Views net topology from * Gets common view of entire

neighbor's perspective network topology



* Adds distance vectors * Calculates the shortest

from router to router path to other routers



* Frequent, periodic up- * Event-triggered updates:

dates: slow convergence faster convergence



* Passes copies of routing * Pass link-state routing

table to neighbor routers updates to other routers

· "Exterior routing protocols" are used to communicate between autonomous systems.

· "Interior routing protocols" are used within a single autonomous system.
Router Configuration

IP routing configuration tasks:

1. Global Configuration

o Select routing protocols (RIP, IGRP)

o Specify network(s) (assign IP network numbers)

2. Interface Configutation

o assign network/subnet addresses & subnet masks

Use the "ip address" command to establish the logical network address of this interface.

Router(config-if)# ip address ip-address subnet-mask

* assigns an address and subnet mask
* starts IP processing on an interface

Use the "term ip netmask-format" command to specify the format of network masks for the current session. Format options are:

- Bit count

- Dotted decimal (the default)

- Hexadecimal

Router(config)# term ip netmask-format

* sets format of network mask as seen in show commands



The "router" command starts a routing process.

Router(config)# router protocol [keyword]

* defines an IP routing protocol

Router(config-router)# network network-number

* the network subcommand is a mandatory configuration command for each IP routing process

The "router rip" command that selects RIP as the routing protocol.

Router(config)# router rip

* starts the RIP routing process

Router(config-router)# network network-number

* selects participating attached networks

The "network" command assigns a NIC-based address to which the router is directly connected. The routing process will associate interfaces with the proper addresses and will begin packet processing on the specified networks.



Example:

router rip Selects RIP as the routing protocol.

network 1.0.0.0 Specifies a directly connected network.

network 2.0.0.0 Specifies a directly connected network.

The Cisco router interfaces connected to networks 1.0.0.0 and 2.0.0.0 will send and receive RIP updates. These routing updates allow the router to learn the network topology.
2. LAN Switching



The default encapsulation types on Cisco router interfaces and their keywords are:

* Ethernet - novell-ether
* Token Ring - sap
* FDDI - snap

Note: The default Ethernet encapsulation type on Cisco routers does not match the default Ethernet encapsulation type on Novell servers after NetWare 3.11.

Novell uses Novell RIP for routing. Novell RIP checks its two distance vector metrics by first comparing the ticks for path alternatives. If two or more paths have the same tick value, Novell RIP compares the hop count. If two or more paths have the same hop count, the router will load share based on the IPX maximum-paths command.

* Uses ticks (about 1/18 sec) and hop count (maximum of 15 hops)
* Broadcasts routing information to neighbor routers every 60 seconds

SAP (Service Advertizements Protocol) - All servers and routers keep a complete list of the services available throughout the network in server information tables. SAP uses an aging mechanism to identify and remove table entries that become invalid.

* SAP packets advertize all NetWare network services
* Service Advertisements occur at 60-second intervals
* Adding, finding, and removing services on the internetwork is dynamic because of SAP advertisements
* Can add excessive broadcast traffic to the network
* Routers do not forward SAP broadcasts. Instead, each router builds its own SAP table and forwards the SAP table to other routers. By default this occurs every 60 seconds but the router can use access lists to control the SAPs accepted or forwarded.

Each SAP service is an object type identified by a hexadecimal number:

* 4 NetWare file server
* 7 Print server
* 24 Remote bridge server (router)

GNS Get Nearest Server protocol (SAP query):

* GNS is a broadcast from a client needing a server
* NetWare servers and Cisco routers get this SAP packet
* NetWare servers provide GNS response
* Cisco router will not respond to the GNS request. If there are no NetWare servers on the local network, the Cisco router will respond with a server address from its own SAP table.

Novell IPX configuration Tasks:

* Global Configuration
o Start IPX routing process
o Enable Load sharing (if appropriate)
* Interface Configuration
o Assign unique Network numbers
o Set the (optional) Encapsulation type



Router(config)# ipx routing [node address]

* enables Novell IPX routing
* If no node address is specified, the Cisco router uses the MAC address of the interface
* If a Cisco router has only serial interfaces, an address must be specified



Router(config)# ipx maximum-paths paths

* Configures round-robin load sharing over multiple equal metric paths
* paths - Maximum number of parallel paths to the destination; the default is 1 and the maximum is 512



Router(config-if)# interface type number.subinterface-number

Router(config-if)# ipx network network [encapsulation encap-type]

* Specify a subinterface, then enable IPX routing with encapsulation type



Router(config-if)# ipx network network [encapsulation encap-type]

[secondary]

* Assign primary and secondary network number and encapsulation

Subinterface - One of a number of virtual interfaces on a single physical interface:

* Allows a single physical interface to support multiple logical interfaces or networks.
* Several logical interfaces or networks can be associated with a single hardware interface.
* Each subinterface must use a distinct encapsulation, and the encapsulation must match that of the clients and servers using the same network number.

Novell IPX Configuration example:



Router(config)# ipx routing

* Selects IPX for routing, and starts IPX RIP



Router(config)# ipx maximum-paths 2

* Allows load sharing over parallel metric paths to the destination. The number of parallel paths used is limited to two



Router(config-if)# interface ethernet 0.1

* Indicates the first subinterface on interface E0



Router(config-if)# ipx encapsulation novell-ether

* Specifies that Novell's unique frame format is used on this network segment. Cisco's keyword is novell-ether; Novell's terminology is Ethernet_802.3



Router(config-if)# ipx network 9e

* Network number assigned to subinterface E0.1



Router(config-if)# interface ethernet 0.2

* Indicates the second subinterface on interface E0



Router(config-if)# ipx network 6c encapsulation sap

* Network number assigned to subinterface E0.2



Router(config-if)# interface ethernet 1

Router(config-if)# ipx network 4a encapsulation sap

* Specifies that Ethernet 802.2 frame format is used on this network segment. Cisco's keyword is sap



Router(config-if)# interface serial 0

Router(config-if)# ipx network 1

Verfying IPX operation:

Monitoring Commands:

* show ipx interface (IPX status and IPX parameters configured)
* show ipx route (IPX Routing table contents)
* show ipx servers (IPX server list - discovered through SAP)
* show ipx traffic (Number and type of packets received/transmitted)

Troubleshooting Commands:

* debug ipx routing activity (Information about RIP update packets)
* debug ipx routing sap (Information about SAP update packets)

SAP responses may be one of these types:

0x1 - General query

0x2 - General response

0x3 - Get Nearest Server request

0x4 - Get Nearest Server response
1. Review (of the first 3 Semesters)



Distance Vector routing algorithm - Class of routing algorithms that iterate on the number of hops in a route to find a shortest-path spanning tree. Distance vector routing algorithms call for each router to send its entire routing table in each update, but only to its neighbors. Distance vector routing algorithms can be prone to routing loops, but are computationally simpler than link state routing algorithms. Also called Bellman-Ford routing algorithm.

* Pass periodic copies of routing table to neighbor routers and accumulate distance vectors

Link State routing algorithm - (Shortest path first) Routing algorithm in which each router broadcasts or multicasts information regarding the cost of reaching each of its neighbors to all nodes in the internetwork. Link state algorithms create a consistent view of the network and are therefore not prone to routing loops, but they achieve this at the cost of relatively greater computational difficulty and more widespread traffic (compared with distance vector routing algorithms).

Convergence - The speed and ability of a group of internetworking devices running a specific routing protocol to agree on the topology of an internetwork after a change in that topology.

Exterior routing protocols - used to communicate between autonomous systems.

Interior routing protocols - used within a single autonomous system.

* RIP - A distance vector routing protocol.
* IGRP - Cisco's distance vector routing protocol.
* OSPF - A link-state routing protocol.
* EIGRP (Enhanced IGRP) - A balanced hybrid routing protocol

IGRP configuration:

Router(config)# router igrp autonomous-system

* Defines IGRP as an IP routing process

Router(config-router)# network network-number

* Selects participating attached networks

Access Lists

Access list -

1. List kept by Cisco routers to control access to or from the router for a number of services (for example, to prevent packets with a certain IP address from leaving a particular interface on the router).

2. Command that creates an entry in a standard traffic filter list.

Standard Access Lists:

* Simpler address specifications (source address)
* Generally permit or deny entire protocol suite
* acl-number in the range of 1-99

Extended Access Lists:

* More complex address specifications
* Generally permit or deny specific protocols
* acl-number in the range 100-199

NOTE: With Cisco IOS Release 11.2 and later you can also identify a standard or extended IP access list with an alphanumeric string (name) instead of the current numeric (1 to 199) representation.

Wildcard mask - 32-bit quantity used in conjunction with an IP address to determine which bits in an IP address should be ignored when comparing that address with another IP address. A wildcard mask is specified when setting up access lists. (0=check, 1=ignore)

IP Access List test conditions:

* Check for IP subnets:
o IP-address wildcard-mask (0=check, 1=ignore)
* Ignore all the address bits (match any)
o Accept any address: 0.0.0.0 255.255.255.255
o Abrivate using the keyword 'any'
* Check all the address bits (match all)
o Host-address 0.0.0.0 (wildcard mask)
o Abbreviate using the keyword 'host' then the IP address
* Place Standard Access-Lists close to the destination
* Place Extended Access-Lists close to the source

IPX Routing

Cisco's routers offer the following features in Novell network environments:

* Access lists and filters for IPX, RIP, SAP, and NetBIOS
* Scalable routing protocols, including Enhanced IGRP and NLSP
* Configurable RIP and SAP updates and packet sizes
* Serverless LAN support
* Rich diagnostics, management, and troubleshooting features

IPX (Internetwork Packet Exchange) - NetWare network layer (Layer 3) protocol used for transferring data from servers to workstations.

SAP (Service Advertisement Protocol) - IPX protocol that provides a means of informing network clients, via routers and servers, of available network resources and services.

* SAP packets advertise all NetWare network services
* Can add excessive broadcast traffic to the network
* Service advertisements occur at 60-second intervals
* Routers do not forward SAP broadcasts. Instead, each router builds its own SAP table and forwards the SAP table to other routers. By default this occurs every 60 seconds but the router can use access lists to control the SAPs accepted or forwarded.

NetBIOS (Network Basic Input/Output System) - API used by applications on an IBM LAN to request services from lower-level network processes. These services might include session establishment and termination, and information transfer.

SPX (Sequenced Packet Exchange) - Reliable, Layer 4 connection-oriented protocol that supplements the datagram service provided by network layer (Layer 3) protocols. Novell derived this commonly used NetWare transport protocol from the SPP of the XNS protocol suite.

The NetWare protocol stack supports all common media access protocols. The data link and physical layers are accessed through the Open Data Link (ODI) interface.

Each interface retains its own address. The use of the MAC address in the logical IPX address eliminates the need for an Address Resolution Protocol (ARP).

When you configure Cisco IOS software for Novell IPX, use the Cisco name for the appropriate encapsulation. Make sure the encapsulations on the clients, servers, and routers all match. The default encapsulation types on Cisco router interfaces and their keywords are:

* Ethernet - novell-ether
* Token Ring - sap
* FDDI - snap

Novell RIP - a distance vector routing protocol. Novell RIP uses two metrics to make routing decisions: ticks (a time measure) and hop count (a count of each router traversed). Broadcasts to neighbors every 60 seconds.

GNS (Get Nearest Server) - Request packet sent by a client on an IPX network to locate the nearest active server of a particular type. An IPX network client issues a GNS request to solicit either a direct response from a connected server or a response from a router that tells it where on the internetwork the service can be located. GNS is part of the IPX SAP.

* GNS is a broadcast from a client needing a server
* NetWare servers and Cisco routers get the SAP packet
* NetWare servers provide GNS response
* Cisco routers will not respond to the GNS request. If there are no NetWare servers on the local network, the Cisco router will respond with a server address from its own SAP table.

Novell IPX Configuration tasks -

* Global configuration:
o Start the IPX routing process
o Enable load sharing (if appropriate)
* Interface configuration:
o Assign unique network numbers to each interface
o Set the optional encapsulation type



Router(config)# ipx routing [node address]

* enables Novell IPX routing
* If no node address is specified, the Cisco router uses the MAC address of the interface
* If a Cisco router has only serial interfaces, an address must be specified



Router(config)# ipx maximum-paths paths

* Configures round-robin load sharing over multiple equal metric paths
* paths - Maximum number of parallel paths to the destination; the default is 1 and the maximum is 512



Router(config-if)# interface type number.subinterface-number

Router(config-if)# ipx network network [encapsulation encap-type]

* Specify a subinterface, then enable IPX routing with encapsulation type



Router(config-if)# ipx network network [encapsulation encap-type]

[secondary]

* Assign primary and secondary network number and encapsulation

Subinterface - One of a number of virtual interfaces on a single physical interface:

* Allows a single physical interface to support multiple logical interfaces or networks.
* Several logical interfaces or networks can be associated with a single hardware interface.
* Each subinterface must use a distinct encapsulation, and the encapsulation must match that of the clients and servers using the same network number.

Verfying IPX operation

Monitoring Commands:



* show ipx interface (IPX status and IPX parameters configured)

* show ipx route (IPX Routing table contents)

* show ipx servers (IPX server list - discovered through SAP)

* show ipx traffic (Number and type of packets

received/transmitted)

Troubleshooting Commands:



* debug ipx routing activity (Information about RIP update packets)

* debug ipx routing sap (Information about SAP update packets)

0 comments

Post a Comment

Related Posts with Thumbnails

Welcome to the ShareTheTrick :: Your Source for Full Downloads.

Live Scorecard.

Join US