MODULE 1

INTRODUCTION TO NETWORKING
COMMUNICATION MODES
1. 2. 3. Simplex (one way communication) Half Duplex (two way communication but not simultaneously) Full Duplex (two way communication simultaneously)

Duplex and Speed Mismatch Issue

This issue creates if any switch and NIC not have the same setting, due to this packets starts to drops. Syntax: Switch (config) #int fa0/1 Switch (config-if) #duplex full Switch (config-if) #speed 100

Manufacturing Terms of Cisco

EOS (End of sale) It is use for such product whose manufacturing become terminates, but is warranty is valid due to sold in market before. EOL (End of life) It is use for such product whose manufacturing as well as warranty become stop. So the Cisco does not support such device and consider as garbage. IOS (Internetwork operating system It is the operating system use by router or layer-3 switches. Examples: version 12.3, 12.2, 12.1, 12.0, 11.3 SWITCH It is a device use for networking (LAN), they based on specific chip that is represented by ASIC (Application specific Integrated chip).

Page | 1
www.pakitsolutions.com

Modular Switch Such switches in which we can add the additional cards when need. Layer-2 Switches Such switches which only do switching. Examples: (CISCO Express 500) and (CISCO Catalyst 2940, 2950, 2960 series). Layer-3 Switches Such switches which can do switching as well as routing. Example: (CISCO Catalyst 3550, 360, 370, 4500, 6500 Series). ROUTER It is a internetworking device (WAN), they based on microprocessor. Cisco Switch And Router Hardware Components 1) RAM RAM It is such memory where the running configuration (user configuration) exists. NVRAM It is such memory where the data stored permanently and this configured data is refer by the term start-up-configuration. FLASH It is such memory where the IOS present and here the data also present permanently. ROM It is such memory where all modes of switch or router exist, these modes called the ROM monitor mode; they come after the IOS load. 2) NVRAM 3) FLASH 4) ROM

Page | 2
www.pakitsolutions.com

Switches and Router Boot Sequence

At Post point, the hardware is check. At Flash point, IOS files or IOS check.

LAN (Local Area Network)

It is network, which is made under the close boundary. Like within a building or any campus. For connecting big LAN we can also use router.

WAN (Wide Area Network)

It actually made to cover the large geographical area. E.g. network between two different buildings in the same town or city. Network Design Techniques 1. Distributed Networks: complete data resources reside on different branches. It is costly and more hardware is use. 2. Centralized Network: complete data is stored in one place and all branches access these resources. Highly dependable on WAN. Page | 3
www.pakitsolutions.com

There should be multiple data centers for easy data recovery There should be multiple backup links to reduce single point of failure.

Network Media
1. Guided media: Wired network. Examples are coaxial, UTP, STP, Fiber optic cable 2. Un-guided media: Wireless network.

Coaxial cable types

Thick net 500m. Thin net 185m. Maximum bandwidth in coaxial cable is 10Mbps. It is used in bus topology. EMI: electromagnetic interference occurs in the cable when electron passes through.

UTP (Unshielded Twisted pair cable)

It has eight wires, they are twisted with one another in a pair due to minimize of EMI, and their wires have external coating. Max distance in UTP is 100m.

UTP categorization
CAT 1: use only for voice CAT 2: use only for voice CAT 3: support data and voice CAT 4: data and voice, 4Mbps CAT 5: data and voice, 100Mbps CAT 5E / 6: 1000Mbps or up to 1Gbps

Methods to make network with UTP cable

Straight UTP method Use to connect different devices. Cross UTP method: Use to connect similar devices

Page | 4
www.pakitsolutions.com

STP (shielded twisted pair cable) It has extra insulation It is use in special cases where EMI is more as in factories.

Fiber optic cables

It support larger distances. It has no electro magnetic radiation.

There are two categories of fiber optic cables 1. Multimode fiber (MM) 2. Single mode fiber (SM)

Single mode fiber

LASER is used to inject the light in this mode of fiber. Data rate is up to 40Gbps on LAN and it may go to 100Gbps in future. If we are using 10Gbps in single mode fiber than distance is more than 1km. It is expensive.

Multimode fiber
LED is used to inject the light In multimode fiber. Number of light rays is passing through reflection process in this mode of fiber. Data rate is up to 10Gbps in multimode fiber. Distance is 500m

Network topologies
Star topology Each device is connected to a central device which is a switch/hub. Switch is commonly used because it is an intelligent device as compare to hub. Also switch is a configurable device. Through switch we can manage whole network. Star topology is also called hub and spoke topology The PCs are connected to the central device through a cable normally UTP but we may use fiber optic etc. This is the topology which is used nowadays.

Page | 5
www.pakitsolutions.com

Bus topology Co-axial cable is used to connect the devices. The data rate of this cable is 10Mbps. There is a single point of failure means if any one cable is broken then whole network would be down. It transmits the electrical signal from one end of a cable to the other end of a cable This topology obsolete in early 90s. 10base2 network uses a bus topology 10baseT using hub network uses a bus topology 10baseT using switch network is a star topology

Ring topology This topology is used by IBM machines to communicate between them. Each device is connected directly to others so that the signal is repeated in one direction, creating ring or loop. There is a network interface card used called token ring NIC. An empty token is passed from one PC to another in clockwise direction. if any PC wants to send the data, it will grab the data, inject the data and then forward the token. The cable used for communication is called Shielded twisted pair (STP).

Disadvantages: This topology is very slow. There is a single point of failure. There is no centralized management.

Full Mesh topology It means that all the respective nodes in the network have a direct connection. It is more reliable due to having more paths. Database server needs more reliability, therefore it is recommended for it. Disadvantages: It is very complex to make mesh topology and also cost is very high. Partial Mesh topology In this topology some of the nodes in the network have a direct connection but others do not. It is very close to mesh topology.

Page | 6
www.pakitsolutions.com

ETHERNET
It is an IEEE standard for LAN. Also known as 802.3 Classification of Ethernet 1. 2. 3. 4. 5. 6. 10base2: bus topology, coaxial cable, thin net, 10Mbps, 185 km 10base5: bus topology, coaxial cable, thick net, 10Mbps, and 500km 10baseT (Ethernet): star topology, UTP, cat 5, 100m, 10Mbps 100baseT (Fast Ethernet): star topology, UTP, cat 5e/6, 100m, 10Mbps Gigabit Ethernet: Star topology, UTP cat 6, 100m, and 1000Mpbs. 10 Gigabit Ethernet: Star topology, UTP Cat 6a/fiber optic.

OSI Reference Model

This model was established in 1970 by ISO. It is data communication model. It is logical and conceptual model. This model has 7 layers: 1. Application Layer 2. Presentation Layer 3. Session Layer 4. Transport Layer 5. Network Layer 6. Data link Layer 7. Physical Layer

1) Application Layer
Deals with the communication of software on different machines. For example: HTTP, FTP, SMTP, Telnet and DNS servers, all operating systems, web browsers, communication software (messengers, Skype etc).

2) Presentation Layer
Three activities are taking place at this layer: 1) Encryption: The process of converting the plain text in to cipher text for data confidentiality is called encryption. i.e. DES, 3DES and AES 2) Translation: Coverts protocol from one form to other. Like IPX to IP and vise versa. 3) Compression: It simply works with the compression of data like win zip.

Page | 7
www.pakitsolutions.com

3) Session Layer
A time period in which two machines communicate is called a session. This layer deals with: Session establishment: To establish a session before data communication. Session management: To manage the session throughout the communication. Session termination: To manually terminate the session or there is a network down.

4) Transport Layer
It uses protocols to transfer data from one machine to another machine. Two protocols work on this layer, TCP/IP and UDP.

TCP/IP (Transmission control protocol/Internet protocol)

It provides error recovery. It relies on IP for end-to-end delivery of data, including routing issues.

Functions of TCP/IP 1. Multiplexing using port number TCP identifies applications by their port numbers. Multiplexing relies on the use of a concept called a socket Socket consist of three things 1. IP address 2. Transport protocol (TCP or UDP) 3. Port number Multiplexing helps in running multiple applications on a machine. PC keeps every application separate and transfers data accordingly. Every application and protocol has port number. Port number identifies data that which application this data belong to. Like: Telnet SMTP HTTP HTTPS DNS 23 25 80 443 53

Range of Port number is 1 65536. 1 1024 are already assigned.

Page | 8
www.pakitsolutions.com

2. Error recovery TCP numbers data bytes using the sequence and acknowledgement fields in the tcp header TCP sends data in sequence Sender also sends re-transmission timer.

3. Flow control using Windowing TCP implements flow control by taking advantage of sequence and acknowledgement fields in the TCP header. Window size is the number of packets sent before getting acknowledgement. It starts with smaller size of window than gradually increases until some error occurs.

UDP (user data gram protocol) It is connection less protocol. It also works at transport layer. It does not do any error recovery thus it takes less bandwidth. It perform Data transfer Data segmentation Multiplexing using port numbers

5) Network Layer It deals with the function of path selection and logical addressing The protocols use are: IP (internet protocol) in TCP/IP IPX in Novell DDR in AppleTalk Every network and host has IP address. IP define three different network classes: Class A 1-126 Class B 128-191 Class C 192-223 Router works on this layer

Page | 9
www.pakitsolutions.com

6) Data Link Layer This layer is divided into two sub-layers LLC Sub-layer: it create link between network and data link layer. For example ARP. Mac Sub-layer: it deals with error detection, addressing and orderly delivery of frames. Addressing: In many networks more than two devices are attached to the same physical network. Data link layer defines addresses to make sure that correct device listen and receive data. In Ethernet data link layer uses Media Access Control (MAC) address. It is 48-bit long address. It also performs error detection. It put a field of FCS (frame check sequence) in a frame. This field holds the value of CRC (cyclical redundancy check) algorithm. This CRC value is calculated by mathematical formula applied on data in the frame. Same value in generated on destination, if values are same than there is no error. It does not perform error recovery only error detection

7) Physical layer
It is pure hardware layer of OSI model. On this layer frame is converted into bits. Hubs, repeaters and all cables work on this layer.

Data on different layers

Data on Transport layer is called a segment. Data on Network layer is called a packet. Data on Data link layer is called a frame. Data on Physical layer is converted into bits.

Page | 10
www.pakitsolutions.com

MODULE 2

SWITCHING
Cisco Switches Series
Layer 2 switches
Cisco express Cisco catalyst Cisco catalyst Cisco catalyst 500 series 2940 series 2950 series 2960 series

Layer 3 switches or multilayer switches

Cisco catalyst Cisco catalyst Cisco catalyst Cisco catalyst Cisco catalyst

3550 series 3600 series 3700 series 4500 series 6500 series

Cisco catalyst 4500 and 6500 are called modular or core switches. In these switches we can add the additional cards. Layer 2 switches can only do switching while layer 3 switches can do switching as well as routing.

CISCO SWITCH AND ROUTER HARDWARE COMPONENTS

The following are the components which exist in both switch and router. 1) RAM
It is such a location or memory where the running configuration or unsaved configuration exists. This memory is called RAM of Cisco router and switch. To see running configuration the syntax is: #show running-configuration

2) NV-RAM (Non-volatile RAM) It is such memory where data stored permanently and this configured data is called start up configuration. Syntax is: #show startup-configuration Page | 11
www.pakitsolutions.com

To save the running configuration, the syntax is: #copy running-configuration startup-configuration

3) FLASH This is such a memory where IOS (internetwork operating system) is present and the data also present permanently.

4) ROM It is such a memory where all modes of switch/router exist, these modes are called ROM monitor mode. They come after IOS load.

HOW SWITCH WORKS

Each and every switch creates a table in start called MAC address table or forwarding data base. At the power on the initial mac table is empty. When the mac table is empty, the frame coming to the switch would be broadcast by switch. The mac addresses are bonded with respect to port numbers. When the mac table is filled with source and destination mac addresses, now the switch will not broadcast because the switch is an intelligent device and it understands the mac addresses. A switch can learn multiple mac addresses on its single port.

SWITCH TECHNOLOGIES
Switches work in different Technologies. These are as under:

Store and Forward

In this mode switch stores frame in its RAM. Then Switch applies the CRC functionality for checking error. When no error found, it forwards to the destination. All of Cisco Switches work on store and forward mode. In store and forward mode switch latency (delay) is depends on the size of frame.

Cut Through
In this mode latency does not depend on frame size, because it does not store frame but forward it after seeing the MAC address. It does not perform error detection. Page | 12
www.pakitsolutions.com

Fragment Free
In this mode switch checks first 64 bytes of a frame. The CRC field also exist in this part of a frame, thus check out for any error. Latency is not dependent on the size of frame. Cisco 1900 series switches use this technology.

REDUNDENT TOPOLOGY
In this topology there is a backup link so that if one link fails than other is activated. Such switching network that has the backup path for data transmission is called redundant links. This topology has some issues due to switching loop, which are as under:

Broadcast Storming
When the destination host frame not found by the switch, so the switch start broadcast. Network become down and frame transmission start in looping.

Multiple Frame Copy

Frame first arrived will copy and then second time discarded. Response on other hosts becomes slow due to multi frame discarded.

MAC Database instability

Instable database created due to learning of same MAC address by its multi ports. These all issues actually concern with the non-manageable switch but can over come by the manageable switch, by the use of protocols.

Page | 13
www.pakitsolutions.com

SPANNING TREE PROTOCOL (STP)

It is an open standard of IEEE. Code 802.1d This protocol works on the data link layer of OSI reference model. This protocol is used to prevent the switching loops. It is by default enable on Cisco Switches.

STP Operation rules 1. 2. 3. 4. There is only one Root Bridge per network. There is only one root port per Non-root Bridge. Non-designated ports are un-used There should be at least one designated port per link.

Root Bridge Root Bridge is the master switch and controls all the STP operation. All other switches are non-root bridges and they use the best path. All the ports are designated and act in forward state.

Page | 14
www.pakitsolutions.com

Root Bridge Selection Process

Switch of the lowest bridge ID throughout the switch network.

Bridge ID
Combination of bridge priority and Mac address of a switch is called Bridge ID.

Bridge Priority
All the Cisco switches have default priority value of 32768.

MAC address
It is physical address of 24-bits.eg, (01c0.1111.0000) Root bridge decision first make at the lowest bridge priority of bridge ID If the Priority is same as normally happened. So the root bridge decision goes at the lowest Mac address values for example (01c0.1111.1111 < 01c0.111.222)

Root Port
It is such port that connects Non-root Bridge to the root bridge. There is only one root port presents in Non-root Bridge. All others are non-root ports.

Non-Root port
All other ports except one root port in Non-root Bridge are non-root ports. Non-designated ports cant forward packet. Can receive or listen packet. Page | 15
www.pakitsolutions.com

Bridge Protocol Data Unit (BPDU)

It is the packet of information, exchange by the neighboring switch after each 2secs. Tell about which link become block and in replace which become active.

Root Port Selection Criteria

First select at lowest cost Cost same then select at Port ID e.g. (fa0/0 < fa0/1)

PORT COST STANDARD OF IEEE

Standard relation of cost with bandwidth is given below: Cost 100 19 04 02 10Mbps 100Mbps 1Gbps 10Gbps Bandwidth

Spanning-tree Port States

Initially all the switch ports are blocked After power on the switch remain in the block states for 20Sec. After blocking state come into listening state. Next only the designated ports come in learning state. Now the forwarding state comes in up/active.

Listening State
Here the port receives the BPDU and decided the port nature also called discarding state.

Learning State
Here the port can receive and send and also the switch built the MAC table. Forwarding delay Time taken by port in shifting from one state to other.

Page | 16
www.pakitsolutions.com

STP Convergence Time

STP changes port in block state to forward state after 50 sec.

Cisco STP Features

In order to reduce the Convergence time, Cisco also made some features around 1990. They are only applicable on all Cisco switches in the network. These are as under:

Spanning Tree Port Fast

STP mark all ports as designated which connect with the H-device (Pc) Syntax: Switch (config)# int fa0/1 Switch (config-if)#spanning tree port fast

Spanning Tree Up-link Fast

This is used only on the non-root bridge, such that where two ports are connected with the root bridge, and by this switch keep in knowledge that which port can become the root port of non-root bridge, and hence switch not take time to perform the recalculation process when the root port become down. Syntax: Switch (config-if)#spanning tree uplink fast

Page | 17
www.pakitsolutions.com

Spanning Tree Backbone Fast

This is use for the detection of indirect failure means, if the root port link not become down but the link break due to any other switch in the network. In this case if any nonindirect failure occur so the switch send the special BPDU called infinity BPDU to its active link switch. Syntax: Switch (config-if) #spanning tree backbone fast

Rapid Spanning Tree Protocol (RSTP)

It is an open Standard protocol of IEEE. It is the first open standard to reduce the STP convergence time, made in 2003. Represented by the code 802.1w Although have the similarities to STP but also have some difference which are following: In RSTP the non-designated port of STP as alternate port. RSTP calculates in advance but STP does this job when needed. RSTP have only three port states not have block state as in STP. RSTP quickly moves into other state after reading MAC in the learning state where as STP keep remain in learning state till 15sec even read MAC in 2sec.

Page | 18
www.pakitsolutions.com

VLAN (VIRTUAL LOCAL AREA NETWORK)

It is such LAN by which we can create two or more separate logical-AreaNetwork in a single Switch. We can also give same IP to host in different V-lan, as they behave as separate logical LAN or logical switches.

Broadcast Domain
At how many ports the broadcast would be received All the ports of Switches are by default the part of vlan1. All the port of Vlan should be access port means they exist in the access mode not in trunk.

ADVANTAGES OF VLAN
. 1. Broadcast Control: Large broadcast is divided into sub networks. 2. Security: One vlans information can not transfer into another vlan. 3. Flexibility: Transfer of port from one vlan to another vlan through configuration. It improves performance and speed of data transmission by reducing the size of large broadcast

INTER VLAN ROUTING

Inter VLAN routing is used for communication between different VLANs. END TO END VLAN The phenomena of communication two same or different Vlans exist on different switches. For the communication between two switches we us a trunk port.

Trunk Port It is such port which carries the multiple Vlans traffic. It is not the part of any vlan.

Page | 19
www.pakitsolutions.com

TYPES OF VLAN Static VLAN

This vlan is actually configured manually at each switch. Syntax: switch (config) # vlan (any number)

Dynamic VLAN
These are such vlan which are configured by a server called VMPS (vlan management policy server) in a large network environment and not need to create at each switch. Benefit You dont need to manually configure every time for access your vlan through out the organization.

VLAN ENCAPSULATION PROTOCOL/ VLAN IDENTIFICATION PROTOCOL/ VLAN TAGGING PROTOCOL

There are two protocols for encapsulation and tagging. 1. 802.1q(open standard) 2. ISL (CISCO propriety)

802.1q Standard
It is open standard as of IEEE, it use internal tagging process, this protocol is actually enable by default at Cisco router.

ISL (Inter service link)

It is an external property as of Cisco itself. It is external tagging process, it add the header of 26 bytes , it also used for trunk port.

Note At both the end the encapsulation protocol must be same, otherwise the line protocol not up.

Page | 20
www.pakitsolutions.com

VTP (VLAN TRUNKING PROTOCOL)

It is open standard protocol, use for advertising the vlans informations throughout the common administrative domain.

VTP MODES
There are three modes of VTP which are as following: 1) Server mode. Server Mode It is such mode where we can create, delete, modify and also synchronize the Vlan information. vlan information is permanently save in flash memory. Client mode It is such mode in which we cant create, delete, modify the vlan information but it can only synchronize and forward the vlan information. 2) Client mode. 3) Transparent mode.

Transparent mode It is such mode where we can create, delete, modify the vlan information but it can not synchronize but forward the information of vlan.

PORT SECURITY
When A port broadcast so the data will go to B as well as C port. The destination address is B but C will also capture the data using the sniffer software, so to resolve this issue we use switch. By using switch point to point communication is taking place between A&B. But when the Mac table becomes full so the switch will broadcast the data. MAC FLOODING ATTACK It is such process which is used for hacking which becomes possible by the overflow the MAC table; this process uses the software called the sniffer software. So to prevent the switch by this attack we use the security feature called port security. Sniffer Software It is the software which is used by hacker for capturing the data in the plain text form.

Page | 21
www.pakitsolutions.com

Macof It is term used for flooding the Mac table by sending 300 to 400 Mac addresses in 1sec.

Use of Port Security

One Mac address can permanently bind for any particular port, and we can also define more than one Mac addresses by using different syntax. We can also set any action with the port security .e.g. (shut down the pc) when port security enable feature become active by any reason. We configure the port security on the port which is connected to pc not on trunk port. Restrict When violation machine will not work but when we connect original machine it will communicate and will generate a log value. Shut down When violated machine is connected to the port it would be shut down and when we Connect the original machine so it will not work; now we will go to that interface and write a command no shut. Protect Work is same as restrict but it will not generate a log value. Switch# show port-security Switch (config)#int fa 0/5 Switch (config-if)#switchport port-security Switch (config-if)#switchport port-security maximum 1 Switch (config-if)#switchport port-security mac-address 01.c0.11.11.11.11

Page | 22
www.pakitsolutions.com

Wireless LAN (WLAN)

Modes of WLAN
1. Infra Structure Mode

There is a central device for example AP (Access Point). AP can connect to a switch with cable. 2. Ad hoc Mode There is no centralized device all PCs are connected together. AP works in half duplex mode Information Antenna Data Radio Signal (Radio waves/ Electromagnetic waves) Electrical

FCC = Federal Communication Commission ISM UNII 2.4 GHz 5 GHz

UNII (Unlicensed National Information Infrastructure) 802.11 802.11b 802.11a 802.11g 802.11n in 1997 in 1999 in 1999 in 2003 2.4 GHz 2Mbps 2.4GHz 11 Mbps 5 GHz 54Mbps 2.4GHz 54Mbps 5GHz/2.4GHz 300Mbps

Bandwidth is shared on Access Point.

Page | 23
www.pakitsolutions.com

WLAN
Enterprise Class AP Aironet (AP manufacturer) Cisco Aironet Series AP Consumer Class AP Linksys (bought by Cisco)

1000 Series

1100 Series

1200 Series

Cisco 1250 Series AP (802.11n)

Radio Frequency Behavior

Reflection Refraction Scattering:

When waves strike with edgy material they become scattered. Absorption: Water absorb the radio waves

Wireless LAN Security Issues

Passive Attacks In which attacker steals information within the range of network. War Driving Attacks In which attacker only checks on different locations to find which services on networks are available. Active Attacks In which attackers give some threat, or changes information

Page | 24
www.pakitsolutions.com

Wireless Security Solutions from IEEE

1. WEP (Wired Equivalent Privacy)

WEP Encryption RC4 Authentication Pre-shared keys password

2. WPA (WiFi Protected Access) WPA Encryption TKIP (Temporal key Integrated Protocol) Authentication 802.1x

User use EAP (extensible authentication protocol) to authenticate on AP. AP is using RADIUS to transfer authentication information from/to server. RADIUS (Remote Access Dialing Users) Authentication server form CISCO is called Cisco ACS.

3. 802.1I WPA 2 Encryption AES (Advance Encryption Standard) Authentication 802.1x

Page | 25
www.pakitsolutions.com

MODULE 3

IP ADDRESSING
It is network address used for the communication between the nodes at LAN as well as WAN. These addresses are assigning by the IANA (Internet assigned numbering authority) There are two types of IP addressing, IPV4 and IPV6.

IPV4 address It is total 32 bits address scheme these bits are divided into four octets, this address scheme has two segments or portions (Host and Network).

IPV4 address classes This address is classified into the classes on the bases of network and host segment. Class A In this class the network segment have 8-bits and the host segments have24-bits. Its range is from 01 up to 126 and total host exist 17millions. Subnet mask is 255.0.0.0

Class B In this class the each segment (host, network) have 16-bits. Its range is from 128 up to 191 and total host exist 65,534. Subnet mask is 255.255.0.0

Class C In this class the network segment have 24-bits and host segment 16-bits. Its range is from 192 up to 223 and total host exist 254. Subnet mask is 255.255.255.0

Class D It range is from 224 up to 239. Class E It range is from 240 up to 255. Note: After the class E IPV4 addressing range become end, after that we use IPV6 addressing. Page | 26
www.pakitsolutions.com

SUBNETTING
It is the process of dividing the single network ID into further various different network IDs.

SUBNETMASK
It is the actually the group of network and host segment. It actually tells that how many bits are used for network and how many bits are used for host.

VLSM (Variable length Sub netting masking)

It is the process of sub netting the subnets

IPv6 (IP version 6)

Architecture
128 bits Assigned in hexadecimal (0--F) I Hexadecimal = 4 bits 10C0:00FD:09C5:C509:0000:0000:509F

every field is of 16 bits.

Q) How to simplify this IP address? Ans: 1) In IPv6 leading zeros can be eliminated e.g. 10C0: FD: 9C5:C509:0:0:0:509F 2) Consecutive zero field can be replaced by (::) but it can be used once in IPv6 address e.g. 10C0: FD: 9C5:C509::509F

IPV6 ADDRESS TYPES Unicast: One to one communication. 2) Multicast: one to many communication. There is no broadcast address IPv6 3) Any cast :
1) By using any cast multiple devices can share same IP address. Router will forward the packet to nearest any cast IP. Shared devices should have same application e.g. all application should be web server/SMTP etc.

Page | 27
www.pakitsolutions.com

MODULE 4

ROUTING
Routing Static Routing Default Route:
# Ip route 0.0.0.0 0.0.0.0 OR #Ip route 0.0.0.0 0.0.0.0 s0/0 #show ip route S* 0.0.0.0/0 s0/0

Dynamic Routing

Class full routing protocol

They do not exchange subnet mask information with routing updates. They assume that subnet mask is consistent throughout the network. Class full routing only works when subnet mask is same over the network. e.g. RIP and IGRP

Class less routing protocol

They exchange subnet mask information with routing updates. They support VLSM e.g. EIGRP, OSPF ,RIP-VER2

Autonomous System Number

It is 16 bits number 0-65535 IANA defines the IP address and also autonomous system AS.

With respect to AS number there are two types of routing protocol.

1. Interior Routing Protocol

It works within same AS number. Also called IGP (Interior Gateway Protocol)

Page | 28
www.pakitsolutions.com

2. Exterior Routing Protocol

Works with different AS number Also called EGP (Exterior Gateway Protocol).e.g.BGP

With respect to technology there are 3 types of routing protocols. Technology

Distance Vector

Link State

Hybrid

Distance Vector
They exchange complete routing tables with each other after periodic time period E.g. RIP (30 sec) and IGRP (60 sec). Distance vector protocols have only best route information to the destination. If best path is down than they recalculate the best path.

Link State
Link state routing protocol only send routing updates whenever there is some change in network topology. They are less bandwidth consumer because they only send routing updates not the whole routing table means they efficiently utilize the bandwidth. These protocols have complete network topology information. These protocols are more intelligent because they have all routes information to the destination E.g. OSPF, IS-IS. Disadvantage: CPU and memory intensive.

Hybrid
It is a combination of both distance vector and link state.

RIP (Routing Information Protocol)

It is an open standard routing protocol. It is a Class-full routing protocol. The Administrative Distance of RIP = 120. It is distance vector routing protocol. This protocol works on Bellman Ford Algorithm. It calculate best path on the basis of hop counts: Min hops = best path Page | 29
www.pakitsolutions.com

RIP can perform routing up to 15 hops. RIP enable routers exchange complete routing table after 30 sec. RIP can perform equal cost load balancing, by default 4 paths and maximum 6 paths.

RIP version 2
The features of RIPv2 are: It is class-less routing protocol. RIPv2 is authentication supported.

KHI (config)# router rip KHI (config-router)# Network 10.0.0.0 KHI (config-router)# Network 11.0.0.0 LHR (config)# router rip LHR (config-router)# Network 20.0.0.0 LHR (config-router)# Network 11.0.0.0

Page | 30
www.pakitsolutions.com

EIGRP (Enhanced Interior Gateway Routing Protocol)

This protocol is Cisco propriety. It is Class-less routing protocol. Administrative distance is 90. It is interior gateway protocol means in same AS. It is hybrid routing protocol. It can support multiple network layer protocols, i.e. IP, IPX, Apple. It can perform equal and unequal cost load balancing. By default 4 paths and maximum of 6 paths EIGRP uses an algorithm known as DUAL (Diffusion update algorithm). DUAL is run over topology table and best paths are moved from topology table to routing table. By default best path selection on the basis of bandwidth and delay Other parameters that EIGRP can use for best path selection are o Reliability o Load o MTU

EIGRP TABLES
It creates 3 tables: Neighbor table Topology table Routing table

Neighbor Table
In EIGRP directly connected routers maintain neighbor relationship. They exchange HELLO PACKETS for maintaining the neighbor relationship.

Topology Table
This table contains the complete network information. Router# show ip eigrp topology

Routing Table
This table contains the information of best route to the destination. Router # show ip route

Page | 31
www.pakitsolutions.com

KHI (config)# router eigrp 50 KHI (config-router)# Network 10.0.0.0 KHI (config-router)# Network 11.0.0.0 LHR (config)# router eigrp 50 LHR (config-router)# Network 20.0.0.0 LHR (config-router)# Network 11.0.0.0 50 is Autonomous system number. Two routers must be in same AS to communicate.

Protocol Dependent Module

If IP, IPx, Apple all are running at a time then this protocol will make different tables for different operating systems. Although IPx and Apple are not used nowadays.

OSPF (Open Shortest Path First)

It is Open standard routing protocol. It is Link state routing protocol. It is interior routing protocol. Administrative distance= 110. It is Class-less routing protocol. OSPF enable routers can only perform Equal cost load balancing (by default 4 paths maximum 6 paths). OSPF can only perform routing for IP networks. It uses SPF (shortest path first) algorithm for calculation of best path. There is no HOP limitation. There is no periodic exchange of routing protocols. When there is change in network then OSPF sends update packets called LSA (link state advertisement). For calculation of cost there is a formula : Cost = 108 / bandwidth

Page | 32
www.pakitsolutions.com

OSPF TABLES
1. Neighbor table. 2. Topology table 3. Routing table

Neighbor Table
It contains the information of directly connected routers just like eigrp. Neighbor routers exchange HELLO PACKETS. In OSPF neighbor table is also referred as Adjancy database. Router #show ip ospf neighbor

Topology Table
This table contains complete topology information. In OSPF topology table is referred as Link state database (LSDB). Router #show ip ospf database

Routing Table
This table contains the information of best routes to the destination. In OSPF routing table is also referred as forwarding database Router #show ip route In OSPF interfaces are refer as links SPF algorithm applies on LSDB and best path moved in routing table.

OSPF Router ID
In OSPF every router is recognized by its router ID. By default the highest IP address configured on any active interface of router will become its router ID. Let suppose Router ID is 192.168.0.1 goes down then next highest IP address become router ID and when again 192.168.0.1 is up then it will become router ID. Means when WAN is flipping then best practices is that we do not keep the physical address as router ID so we make a logical address called loopback address. Router(config)# interface loopback 0 Router(config)# ip address 1.1.1.1 255.0.0.0 Router(config-if)# no shutdown Now loopback address is router ID.

Page | 33
www.pakitsolutions.com

OSPF AREAS
Area 0 (zero) is called back bone area. All other areas are called regular areas. Every area should be directly connected with area 0. Routers working in regular areas are called Internal Routers. Routers in backbone area are called backbone router. Area Border Router (ABR): Router which connect regular area to backbone area.

Page | 34
www.pakitsolutions.com

MODULE 5

SECURITY
ACCESS CONTROL LIST (ACL)
It is a security feature on a router. You can control access between two different networks by the help of access control list. There are two types of ACL

1. Standard ACL 2. Extended ACL

Standard ACL
In this type of ACL traffic is flittered on the basis of source ip address The range of standard ACL is from 1 99 There are two types of actions performed in this type of ACL: 1. Permit 2. Deny

Example

Router (config)# access-list 1 permit host 10.0.0.1 Router (config)# int fa0/0 Router (config)# ip access-group 1 in These statements will permit host 10.0.0.1 to access Internet where as all other hosts would be denied. This access list is applied on Fa0/0 inbound. A single ACL can have multiple statement If a packet does not match with any statement of ACL it will discard this packet Default behavior of ACL is to discard anything that does not match ACL. Default behavior = implicit deny If a packet does match with ACL statement than this packet would not be compared with other statements below in that ACL. i.e. Router (config)# access-list 10 permit host 10.0.0.1 Router (config)# access-list 10 deny host 10.0.0.1 Page | 35
www.pakitsolutions.com

This ACL will not deny host 10.0.0.1 because it is permitted in first statement

Access list filter traffic from and to router but do not filter traffic originating from router. Most restrictive statement of ACL should be on top Any for all destinations. Any any for all sources and all destinations One ACL can be applied at one interface and in one direction

Extended ACL
This type of ACL filters the traffic on the basis of 1. Source ip 2. Destination ip 3. Protocol 4. Port number The range of this ACL is from 100 199. Actions performed by this ACL are: 1. Permit 2. Deny

Direction of ACL
Inbound direction

Traffic entering from 10.2 than for e0 it is inbound and traffic coming from Internet toward 10.2 than it is out bound for e0.

Wild card mask

It is opposite to subnet mask. 0 means check the corresponding bit value. 255 means do not check corresponding bit value.

Example of Extended ACL Page | 36

www.pakitsolutions.com

Router (config)# Access-list 101 permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 80 Router (config)# Access-list 101 permit tcp 10.0.0.1 0.0.0.49 host 2.2.2.2 eq 25 Router (config)# Access-list 101 permit ip 10.0.0.51 0.0.0.49 any Router (config)# Int fa 0/0 Router (config-int)# ip access-group 101 in This will permit hosts from 10.0.0.1 to 10.0.0.50 to communicate pc 1.1.1.1 via tcp protocol and Internet browser.

Named IP Access List

In this ACL names are used instead of numbers. Named ip access list allows deleting individual entries from specific access list. Same name for two lists cannot be used.

Example Router (config)# ip access-list extended (or standard) cttc (any name) Router (config-ext-nacl)# permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 80 Router (config-ext-nacl)# permit tcp 10.0.0.1 0.0.0.49 host 1.1.1.1 eq 25 Router (config-ext-nacl)# permit ip 10.0.0.51 0.0.0.49 any Router (config)#int fa 0/0 Router (config-int)# ip access-group cttc in

Page | 37
www.pakitsolutions.com

NAT (NETWORK ADDRESS TRANSLATION)

Translation of private ip to public ip address is called NAT.

Types of NAT
1. Dynamic NAT We buy a pool of ip addresses e.g 1.1.1.1 to 1.1.1.64

2. Static NAT In static NAT one public ip address is mapped on one private ip address. We permanently bind one private ip to one public ip address

3. NAT Overload This is also called Port Address Translation It performs many to one translation Source port number is randomly assigned and always greater than 1025. 1-1024 source port numbers are assigned to well define operations. PAT can be configured on routers Microsoft Linux We can configure dynamic NAT, Static NAT and NAT overload simultaneously #show ip nat translation

Page | 38
www.pakitsolutions.com

VIRTUAL PRIVATE NETWORK (VPN)

VPN is a private network over a public network. There are two types of VPN 1) Site to site VPN 2) Remote access VPN

Site to Site VPN

In this type of VPN we make a logical tunnel. This VPN is Cost effective Only problem is security because your data is in clear text form so any one/hacker can capture your confidential data.

Remote Access VPN

It is use for Tele-worker.

IP Security VPN (IP SEC VPN)

It is an open standard protocol made by IETF (internet engg task force). This works on network layer. IP Sec is a framework of different algorithms and protocols means different algorithms and protocols work together to built IP Sec.

IP SEC VPN Services

1) Data Confidentiality Data confidentiality is achieved by help of encryption. Encryption is of three types:

1. DES (Data Encryption Standard) 2. 3 DES (3 Data Encryption Standard) 3. AES (Advanced Encryption standard) Page | 39
www.pakitsolutions.com

DES (Data Encryption Standard)

This standard is made by IBM. There is a key used for encryption from plain text to cipher text which is of 56 bits. This standard is breakable but high processing machine is needed for breaking the encryption. It is broken in 90s Now the object of IBM was to secure DES .So they created new protocols called 3DES.

3DES (3 DATA ENCRYPTION STANDARD)

3 * DES = 3 * 56= 168 bit key There is a 3 time encryption, therefore it is very strong. This encryption standard is Unbreakable If we use 3 DES, performance will decrease.

AES (ADVANCE ENCRYPTION STANDARD) It is a standard of NIST (National Institute of Standards and Technologies).

1. 128 bits 2. 192 bits 3. 256 bits strongest

All the three standards are unbreakable

Page | 40
www.pakitsolutions.com

2) DATA INTEGRITY
Data integrity is achieved by an algorithm called HASHING.

HASHING ALGORITHM
MD-5 (Message Digest - 5) algorithm) 128 bit Hash SHA-1 (Secure hashing 160 bits Hash Strong but slow

3) PEER AUTHENTICATION In peer authentication a Pre shared key is used called IKE (Internet Key
Exchange) protocol. Legitimate peers can make VPN If at both routers keys are same then VPN can be made. IP SEC traffic cannot be transported through TCP/UDP because TCP/UDP only contain IP traffic while IP SEC contain Encryption, security etc . IP SEC uses its own transport protocols.

IP SEC TRANSPORT PROTOCOLS

ESP (Encapsulation Security Protocol) Data confidentiality Data integrity Origin authentication

AH (Authentication Header) Data confidentiality is not supported Origin authentication and data integrity

Page | 41
www.pakitsolutions.com

MODULE 6

WIDE AREA NETWORK (WAN)

WAN is used to connect two or more LANs.

WAN Connection Types

1) Leased line/ Dedicated line 2) Circuit Switching 3) Packet Switching

Leased Line/dedicated line

It is Point to point or dedicated connection. It is Synchronous link up to T3 (45mbps) PPP and HDLC can frequently used

Advantages There is a dedicated Bandwidth. Security Service provider does not contain any layer 2 or 3 connection.

Disadvantages It is Very costly due to dedicated bandwidth.

Circuit switching In this type of switching, we can communicate through traditional phone lines. No data is forwarded before an end-to-end connection is established. Examples are PSTN and ISDN.

Advantage It is Cost effective solution Disadvantage Bandwidth is very low.

Page | 42
www.pakitsolutions.com

Public Switched Telephone Network (PSTN) It is same as Normal dial-up connection. Speed is very low e.g.56kbps

Integrated Service Digital Network (ISDN) It is a set of digital services that transmit voice and data over phone lines. It is a cost effective solution and also speed is high than normal dial up connection. It is also good to use it as a back-up link for other types of links like frame relay and T1 connection. There are two types of ISDN. o PRI (Primary rate interface) o BRI (Basic rate interface) Basic Rate Interface (PRI) It contains 2B and 1D channel. B and D are logical channels. B channel is used for voice and data both and D channel is used for signaling and control. B Channel bandwidth is 64kbps and D channel bandwidth is 16kbps.

Primary Rate Interface (PRI) PRI is of two types e.g. E1 and T1. E1 T1

It is used in Europe and rest of the world. It contains 30 b and 1 d channel. The bandwidth of B and D channel is 64kbps. It means the total bandwidth provided by E1 is 2Mbps. It is used in USA and Canada. It contains 23B and 1D channel.

Page | 43
www.pakitsolutions.com

The bandwidth of B and D channel is 64 kbps. It means the total bandwidth provided by T1 is 1.54 mbps.

WAN Encapsulation Protocols

The frame coming to router is LAN frame. Router removes the LAN header and adds WAN header and forwards it on. 1) High Level Data link Connection Protocol(HDLC) It is a WAN encapsulation protocol. It works on Data link Layer. It is by-default enable on Cisco routers. This protocol is created by IBM. It can be used only on Synchronous links. There are two types of HDLC

Cisco HDLC It is by default enable on Cisco routers. It supports multiple network layer protocols. It does not support open standard HDLC. HDLC doesnt provide any authentication.

Open standard HDLC Only supports single network layer protocol It is open standard protocol.

If at both ends there are Cisco routers than use HDLC otherwise use PPP.

Page | 44
www.pakitsolutions.com

Point To Point Protocol (PPP)

It is open standard protocol. It is WAN encapsulation protocol. This protocol works on data link layer. It can be used on both synchronous and asynchronous links. Point to point protocol is of two types :

Network Control Protocol (NCP)

Supports multiple network layer protocols.

Link Control Protocol (LCP)

This protocol is responsible of PPP link establishment, management, configuration and termination. There is Error detection (CRC + Magic number). Link compression and Authentication are optional parameters.

PPP Authentication
There are two types of PPP authentication: 1) Password authentication protocol (PAP) 2) Challenging handshake authentication protocol (CHAP) Password Authentication Protocol (PAP) 1st router sends its password to 2nd router and 2nd router check its on password. If both passwords are same than line protocol is up. Its disadvantage is that information sharing is in clear text.

Page | 45
www.pakitsolutions.com

Challenging Handshake Authentication Protocol (CHAP) There is a 3-way handshaking concept. 1st router sends CHAP signal to 2nd router which says thyat I want to communicate to you, send your password. 2nd router will send its password to 1st router in encrypted form. 1st router will check its on password hash value. If both hash values are same than line protocol is up. There should be same password at both ends

Page | 46
www.pakitsolutions.com

Frame Relay

POP: Point of presence (Branches of service provider)

It is a Standard of ITU-T. It works on data link layer of OSI reference model. This is an example of packet switching.X.25,Frame relay,ATM Frame relay is working from POP to customer. Router of customer is called Frame relay router. The device in POP is called Central office Switch (CO Switch). It is cost effective b/c there is a bandwidth-sharing concept within the cloud The aim of frame relay is to connect customer router to Point of presence (POP) of service provider. Frame service provider provides service 1 connectivity as well as layer 2 connectivity. For layer 2 connectivity we have to configure Frame Relay. In case of frame relay, at layer 1 we can use any type of media.

Page | 47
www.pakitsolutions.com

Frame Relay Terminologies

CIR (Committed Interface Rate)
CIR is a minimum bandwidth that is guaranteed by service provider within a cloud. CIR is high. It means cost will be high.

Local Access Rate

It is the bandwidth through which we are connected to service provider pint of presence. LAR is always greater than are equal to CIR.

Data link connection identifier

It is the frame relay layer 2 addresses. It is a 10-bit number DLCI number is provided by service provider. Same customer should have different DLCI number. Different customer may have same DLCI number.

Page | 48
www.pakitsolutions.com

FRAME RELAY ADDRESS MAPPING

Let suppose CTTC Customer example to understand the mapping concept.

Mapping of CTTC router in Karachi for Lhore.

Mapping of CTTC router in Lhore for Karachi.

Page | 49
www.pakitsolutions.com

Local Management Interface (LMI)

It maintains the connection status b/w frame relay router and frame relay switch.

LMI Types
1. CISCO (Cisco propriety) 2. ITU-T (Open standard) 3. ANSI LMI type should be same between switch and router to communicate. You have to ask the service provider which LMI type you have configured The LMI type of service provider & customer must be same otherwise link would be down because line protocol not become up. After version 11.3 of OSI, LMI type is auto detected.

LMI States
They help in troubleshooting by this we can see the segment status of Frame relay Active state: means connection is OK Deleted state: means there is a problem b/w your router and switch. Inactive state: means there is a problem b/w remote end switch and remote end router.

Page | 50
www.pakitsolutions.com