Visit https://ebookultra.

com to download the full version and

explore more ebooks

Practical guide to advanced networking 3rd ed

Edition Beasley

_____ Click the link below to download _____

https://ebookultra.com/download/practical-guide-to-
advanced-networking-3rd-ed-edition-beasley/

Explore and download more ebooks at ebookultra.com

Here are some recommended products that might interest you.
You can download now and explore!

Guide to Networking Essentials 7th Edition Greg Tomsho

https://ebookultra.com/download/guide-to-networking-essentials-7th-
edition-greg-tomsho/

ebookultra.com

Advanced Practical Organic Chemistry 2 ed reprint 1995 2nd

ed Edition Leonard John

https://ebookultra.com/download/advanced-practical-organic-
chemistry-2-ed-reprint-1995-2nd-ed-edition-leonard-john/

ebookultra.com

Bullying A Practical Guide to Coping for Schools 3rd

Edition Michele Elliott

https://ebookultra.com/download/bullying-a-practical-guide-to-coping-
for-schools-3rd-edition-michele-elliott/

ebookultra.com

A Practical Guide to Clinical Virology 2nd ed Edition L.

R. Haaheim

https://ebookultra.com/download/a-practical-guide-to-clinical-
virology-2nd-ed-edition-l-r-haaheim/

ebookultra.com
A Practical Guide to TPM 2 0 1st ed. Edition Will Arthur

https://ebookultra.com/download/a-practical-guide-to-tpm-2-0-1st-ed-
edition-will-arthur/

ebookultra.com

Teacher s guide for discovering the world through debate a

practical guide to educational debate for debaters coaches
and judges 3rd ed Edition Claxton
https://ebookultra.com/download/teacher-s-guide-for-discovering-the-
world-through-debate-a-practical-guide-to-educational-debate-for-
debaters-coaches-and-judges-3rd-ed-edition-claxton/
ebookultra.com

The busy coder s guide to advanced Android development 1st

ed Edition Mark L Murphy

https://ebookultra.com/download/the-busy-coder-s-guide-to-advanced-
android-development-1st-ed-edition-mark-l-murphy/

ebookultra.com

The complete idiot s guide to running 3rd ed Edition

Rodgers

https://ebookultra.com/download/the-complete-idiot-s-guide-to-
running-3rd-ed-edition-rodgers/

ebookultra.com

Networking with Microsoft Windows Vista Your Guide to Easy

and Secure Windows Vista Networking 1st Edition Paul
Mcfedries
https://ebookultra.com/download/networking-with-microsoft-windows-
vista-your-guide-to-easy-and-secure-windows-vista-networking-1st-
edition-paul-mcfedries/
ebookultra.com
Practical guide to advanced networking 3rd ed Edition
Beasley Digital Instant Download
Author(s): Beasley, Jeffrey S.;Nilkaew, Piyasat
ISBN(s): 9780789749048, 0789749041
Edition: 3rd ed
File Details: PDF, 27.09 MB
Year: 2013
Language: english
A PRACTICAL GUIDE TO
ADVANCED NETWORKING

JEFFREY S. BEASLEY AND PIYASAT NILKAEW

Pearson
800 East 96th Street
Indianapolis, Indiana 46240 USA
A PRACTICAL GUIDE TO ADVANCED NETWORKING ASSOCIATE PUBLISHER
Dave Dusthimer

Copyright © 2013 by Pearson Education, Inc. EXECUTIVE EDITOR

All rights reserved. No part of this book shall be reproduced, stored in a retrieval system, Brett Bartow
or transmitted by any means, electronic, mechanical, photocopying, recording, or other-
wise, without written permission from the publisher. No patent liability is assumed with SENIOR DEVELOPMENT EDITOR
respect to the use of the information contained herein. Although every precaution has been Christopher Cleveland
taken in the preparation of this book, the publisher and author assume no responsibility for
errors or omissions. Nor is any liability assumed for damages resulting from the use of the MANAGING EDITOR
information contained herein. Sandra Schroeder
ISBN-13: 978-0-7897-4904-8
PROJECT EDITOR
ISBN-10: 0-7897-4904-1
Mandie Frank
The Library of Congress Cataloging-in-Publication Data is on file.
COPY EDITOR
Printed in the United States of America
Sheri Cain
First Printing: November 2012
INDEXER
Trademarks Ken Johnson
All terms mentioned in this book that are known to be trademarks or service marks have
PROOFREADERS
been appropriately capitalized. Pearson IT Certification cannot attest to the accuracy of
Leslie Joseph
this information. Use of a term in this book should not be regarded as affecting the validity
Dan Knott
of any trademark or service mark.
TECHNICAL EDITORS
Warning and Disclaimer Iantha Finley Malbon
Every effort has been made to make this book as complete and as accurate as possible, but Wayne Randall
no warranty or fitness is implied. The information provided is on an “as is” basis. The au-
thors and the publisher shall have neither liability nor responsibility to any person or entity PUBLISHING COORDINATOR
with respect to any loss or damages arising from the information contained in this book or Vanessa Evans
from the use of the CD or programs accompanying it.
INTERIOR DESIGNER
Bulk Sales Gary Adair
Pearson IT Certification offers excellent discounts on this book when ordered in quantity
for bulk purchases or special sales. For more information, please contact COVER DESIGNER
Chuti Prasertsith
U.S. Corporate and Government Sales
1-800-382-3419 COMPOSITOR
[email protected] Bronkella Publishing
For sales outside of the U.S., please contact
International Sales
[email protected]

ii
CONTENTS AT A GLANCE
Introduction xvi
1 Network Infrastructure Design 2
2 Advanced Router Configuration I 52
3 Advanced Router Configuration II 98
4 Configuring Juniper Routers 158
5 Configuring and Managing the Network Infrastructure 188
6 Analyzing Network Data Traffic 226
7 Network Security 266
8 IPv6 306
9 Linux Networking 336
10 Internet Routing 396
11 Voice over IP 428
Glossary 456
Index 472

iii
TABLE OF CONTENTS
Introduction xvi

CHAPTER 1 Network Infrastructure Design 2

Chapter Outline 3
Objectives 3
Key Terms 3
INTRODUCTION 4
1-1 PHYSICAL NETWORK DESIGN 4
Core 5
Distribution Layer 5
Access Layer 6
Data Flow 6
Selecting the Media 6
1-2 IP SUBNET DESIGN 7
IP Address Range 8
Determining the Number of Subnetworks Needed for the Network 9
Determining the Size or the Number of IP Host Addresses Needed for the Network 11
IP Assignment 15
1-3 VLAN NETWORK 16
Virtual LAN (VLAN) 17
VLAN Configuration 18
VLAN Tagging 23
802.1Q Configuration 25
Networking Challenge: Static VLAN Configuration 26
Configuring the HP Procurve Switch 27
1-4 ROUTED NETWORK 28
Router 29
Gateway Address 30
Network Segments 31
Multilayer Switch 32
Layer 3 Routed Networks 33
Routed Port Configuration 33
InterVLAN Routing Configuration 35
Serial and ATM Port Configuration 37
Summary 44
Questions and Problems 46

iv CONTENTS
CHAPTER 2 Advanced Router Configuration I 52
Chapter Outline 53
Objectives 53
Key Terms 53
Introduction 54
2-1 CONFIGURING STATIC ROUTING 54
Gateway of Last Resort 61
Configuring Static Routes 61
Load Balancing and Redundancy 68
Networking Challenge—Static Routes 70
2-2 DYNAMIC ROUTING PROTOCOLS 70
Distance Vector Protocols 73
Link State Protocols 74
2-3 CONFIGURING RIPv2 75
Configuring Routes with RIP 77
Configuring Routes with RIP Version 2 82
Networking Challenge—RIP 84
2-4 TFTP—Trivial File Transfer Protocol 85
Configuring TFTP 85
Summary 89
Questions and Problems 89

CHAPTER 3 Advanced Router Configuration II 98

Chapter Outline 99
Objectives 99
Key Terms 99
INTRODUCTION 101
3-1 CONFIGURING LINK STATE PROTOCOLS—OSPF 101
Link State Protocols 102
Configuring Routes with OSPF 103
Load Balancing and Redundancy with OSPF 109
Networking Challenge—OSPF 111
3-2 CONFIGURING LINK STATE PROTOCOLS—IS-IS 112
Configuring Routes with IS-IS 113
Load Balancing and Redundancy with IS-IS 117
Networking Challenge: IS-IS 118

CONTENTS v
 3-3 CONFIGURING HYBRID ROUTING PROTOCOLS—EIGRP 119
Configuring Routes with EIGRP 120
Load Balancing and Redundancy 125
Networking Challenge: EIGRP 128
3-4 ADVANCED ROUTING REDISTRIBUTION 129
Route Redistribution into RIP 130
Route Redistribution into OSPF 134
Route Redistribution into EIGRP 137
Route Redistribution into IS-IS 141
3-5 ANALYZING OSPF “HELLO” PACKETS 143
Summary 147
Questions and Problems 147

CHAPTER 4 Configuring Juniper Routers 158

Chapter Outline 159
Objectives 159
Key Terms 159
INTRODUCTION 160
4-1 OPERATIONAL MODE 160
4-2 ROUTER CONFIGURATION MODE 166
Displaying the Router Interfaces 166
Hostname Configuration 167
Assigning an IP Address to an Interface 168
4-3 CONFIGURING ROUTES ON JUNIPER ROUTERS 169
Configure STATIC Routes on Juniper Routers 169
Configure RIP on Juniper Routers 171
Configure OSPF on Juniper Routers 173
Configure IS-IS on Juniper Routers 175
4-4 CONFIGURING ROUTE REDISTRIBUTION ON JUNIPER ROUTERS 178
Summary 182
Questions and Problems 182

vi CONTENTS
CHAPTER 5 CONFIGURING AND MANAGING THE NETWORK
INFRASTRUCTURE 188
Chapter Outline 189
Objectives 189
Key Terms 189
Introduction 190
5-1 DOMAIN NAME AND IP ASSIGNMENT 190
5-2 IP MANAGEMENT WITH DHCP 195
DHCP Data Packets 197
DHCP Deployment 201
5-3 SCALING THE NETWORK WITH NAT AND PAT 204
Configuring NAT 205
5-4 DOMAIN NAME SERVICE (DNS) 209
DNS Tree Hierarchy 210
DNS Resource Records 214
Summary 220
Questions and Problems 220

CHAPTER 6 Analyzing Network Data Traffic 226

Chapter Outline 227
Objectives 227
Key Terms 227
INTRODUCTION 228
6-1 PROTOCOL ANALYSIS/FORENSICS 228
Basic TCP/UDP Forensics 234
ARP and ICMP 236
6-2 WIRESHARK PROTOCOL ANALYZER 239
Using Wireshark to Capture Packets 243
6-3 ANALYZING NETWORK DATA TRAFFIC 244
Configuring SNMP 244
NetFlow 250
6-4 FILTERING 251
FTP Filtering 256
Right-Click Filtering Logic Rules 258
Filtering DHCP 260
Summary 262
Questions and Problems 262

CONTENTS vii
CHAPTER 7 Network Security 266
Chapter Outline 267
Objectives 267
Key Terms 267
INTRODUCTION 268
7-1 DENIAL OF SERVICE 268
Distributed Denial of Service Attacks (DDoS) 270
7-2 FIREWALLS AND ACCESS LISTS 270
Network Attack Prevention 272
Access Lists 272
7-3 Router Security 279
Router Access 280
Router Services 282
Router Logging and Access-List 283
7-4 Switch Security 285
Switch Port Security 286
Switch Special Features 288
7-5 Wireless Security 289
7-6 VPN Security 292
VPN Tunneling Protocols 293
Configuring a VPN Virtual Interface (Router to Router) 294
Troubleshooting the VPN Tunnel Link 299
Summary 302
Questions and Problems 302

CHAPTER 8 IPv6 306

Chapter Outline 307
Objectives 307
Key Terms 307
Introduction 308
8-1 Comparison of IPv6 and IPv4 308
8-2 IPV6 ADDRESSING 311
8-3 IPv6 Network Settings 315
8-4 Configuring a Router for IPv6 320
8-5 IPv6 Routing 324
IPv6: Static 324
IPv6: RIP 324
IPv6: OSPF 325

viii CONTENTS
 IPv6: EIGRP 325
IPv6: IS-IS 326
8-6 Troubleshooting IPv6 Connection 327
Summary 329
Questions and Problems 329

CHAPTER 9 Linux Networking 336

Chapter Outline 337
Objectives 337
Key Terms 337
INTRODUCTION 338
9-1 LOGGING ON TO LINUX 339
Adding a User Account 340
9-2 LINUX FILE STRUCTURE AND FILE COMMANDS 344
Listing Files 344
Displaying File Contents 346
Directory Operations 348
File Operations 351
Permissions and Ownership 353
9-3 LINUX ADMINISTRATION COMMANDS 357
The man (manual) Command 358
The ps (processes) Command 359
The su (substitute user) Command 362
The mount Command 362
The shutdown Command 364
Linux Tips 364
9-4 ADDING APPLICATIONS TO LINUX 365
9-5 LINUX NETWORKING 371
Installing SSH 375
The FTP Client 376
DNS Service on Linux 376
Changing the Hostname 377
9-6 TROUBLESHOOTING SYSTEM AND NETWORK PROBLEMS WITH LINUX 378
Troubleshooting Boot Processes 378
Listing Users on the System 380
Network Security 382
Enabling and Disabling Boot Services 382

CONTENTS ix
 9-7 MANAGING THE LINUX SYSTEM 385
Summary 390
Questions and Problems 391

CHAPTER 10 Internet Routing 396

Chapter Outline 397
Objectives 397
Key Terms 397
INTRODUCTION 398
10-1 INTERNET ROUTING—BGP 398
Configuring a WAN Connection 398
Configuring an Internet Connection 400
10-2 CONFIGURING BGP 401
Configuring BGP 401
Networking Challenge: BGP 409
10-3 BGP BEST PATH SELECTION 410
10-4 IPv6 OVER THE INTERNET 412
10-5 CONFIGURE BGP ON JUNIPER ROUTERS 415
Summary 421
Questions and Problems 421

CHAPTER 11 Voice over IP 428

Chapter Outline 429
Objectives 429
Key Terms 429
INTRODUCTION 430
11-1 THE BASICS OF VOICE OVER IP 430
11-2 VOICE OVER IP NETWORKS 433
Replacing an Existing PBX Tie Line 433
Upgrading Existing PBXs to Support IP Telephony 435
Switching to a Complete IP Telephony Solution 436
11-3 QUALITY OF SERVICE 438
Jitter 438
Network Latency 439
Queuing 439
QOS Configuration Example 440

x CONTENTS
11-4 ANALYZING VoIP DATA PACKETS 442
Analyzing VoIP Telephone Call Data Packets 446
11-5 VoIP SECURITY 449
Summary 452
Questions and Problems 452

Key Terms Glossary 456

Index 472

CONTENTS xi
ABOUT THE AUTHORS
Jeffrey S. Beasley is with the Department of Engineering Technology and Surveying Engineering at New
Mexico State University. He has been teaching with the department since 1988 and is the co-author of Modern
Electronic Communication and Electronic Devices and Circuits, and the author of Networking.
Piyasat Nilkaew is a network engineer with 15 years of experience in network management and consulting,
and has extensive expertise in deploying and integrating multiprotocol and multivendor data, voice, and video
network solutions on limited budgets.

xii
DEDICATIONS
This book is dedicated to my family, Kim, Damon, and Dana. —Jeff Beasley

This book is dedicated to Jeff Harris and Norma Grijalva. Not only have you given me my networking career, but
you are also my mentors. You inspire me to think outside the box and motivate me to continue improving my
skills. Thank you for giving me the opportunity of a lifetime. I am very grateful. —Piyasat Nilkaew

ACKNOWLEDGMENTS
I am grateful to the many people who have helped with this text. My sincere thanks go to the following technical
consultants:
• Danny Bosch and Matthew Peralta for sharing their expertise with optical networks and unshielded twisted-
pair cabling, and Don Yates for his help with the initial Net-Challenge Software.
• Abel Sanchez, for his review of the Linux Networking chapter.
I also want to thank my many past and present students for their help with this book:
• David Potts, Jonathan Trejo, and Nate Murillo for their work on the Net-Challenge Software. Josiah Jones,
Raul Marquez Jr., Brandon Wise, and Chris Lascano for their help with the Wireshark material. Also,
thanks to Wayne Randall and Iantha Finley Malbon for the chapter reviews.

Your efforts are greatly appreciated.

I appreciate the excellent feedback of the following reviewers: Phillip Davis, DelMar College, TX; Thomas D.
Edwards, Carteret Community College, NC; William Hessmiller, Editors & Training Associates; Bill Liu, DeVry
University, CA; and Timothy Staley, DeVry University, TX.
My thanks to the people at Pearson for making this project possible: Dave Dusthimer, for providing me with the
opportunity to work on this book, and Vanessa Evans, for helping make this process enjoyable. Thanks to Brett
Bartow, Christopher Cleveland, and all the people at Pearson, and to the many technical editors for their help with
editing the manuscript.
Special thanks to our families for their continued support and patience.
—Jeffrey S. Beasley and Piyasat Nilkaew

xiii
ABOUT THE TECHNICAL REVIEWERS
Wayne Randall started working in the Information Technology field in 1994 at Franklin Pierce College (now
Franklin Pierce University) in Rindge, NH, before becoming a Microsoft Certified Trainer and a consultant at
Enterprise Training and Consulting in Nashua, NH.
Wayne acquired his first certification in Windows NT 3.51 in 1994, became an MCSE in NT 4.0 in 1996, was a
Certified Enterasys Network Switching Engineer in 2000, and then worked as a networking and systems consul-
tant from 2001 to 2006 before becoming a director of IT for a privately held company. Wayne currently works for
Bodycote, PLC, as a network engineer/solutions architect. Bodycote has 170 locations across 27 countries with
43 locations in North America. Wayne has taught for Lincoln Education since 2001 and developed curricula for it
since 2011. Mr. Randall holds a BA in American Studies from Franklin Pierce University.
Iantha Finley Malbon’s teaching career has spanned 20 years from middle school to collegiate settings and
is currently a CIS professor at Virginia Union University. She is also an adjunct professor at ECPI University,
having previously served as CIS Department Chair, teaching Cisco routing, networking, and Information Tech-
nology courses. She implemented the Cisco Academy for Hanover Schools and was the CCAI for the Academy.
She earned her master’s degree in Information Systems from Virginia Commonwealth University and bachelor’s
degree in Technology Education from Virginia Tech. She holds numerous certifications including CCNA,
Network+, A+, and Fiber Optic Technician.

xiv
WE WANT TO HEAR FROM YOU!
As the reader of this book, you are our most important critic and commentator. We value your opinion and want
to know what we’re doing right, what we could do better, what areas you’d like to see us publish in, and any other
words of wisdom you’re willing to pass our way.
As the associate publisher for Pearson IT Certification, I welcome your comments. You can email or write me
directly to let me know what you did or didn’t like about this book—as well as what we can do to make our
books better.
Please note that I cannot help you with technical problems related to the topic of this book. We do have a User
Services group, however, where I will forward specific technical questions related to the book.
When you write, please be sure to include this book’s title and author as well as your name, email address, and
phone number. I will carefully review your comments and share them with the author and editors who worked on
the book.
Email: [email protected]
Mail: Dave Dusthimer
Associate Publisher
Pearson IT Certification
800 East 96th Street
Indianapolis, IN 46240 USA

READER SERVICES
Visit our website and register this book at www.pearsonitcertification.com/register for convenient access to any
updates, downloads, or errata that might be available for this book.

xv
INTRODUCTION
This book looks at advanced computer networking. It first guides readers through network infrastructure design.
The readers are then introduced to configuring static, RIPv2, OSPF, ISIS, EIGRP routing protocols, techniques
for configuring Juniper router, managing the network infrastructure, analyzing network data traffic using
Wireshark, network security, IPv6, Linux networking, Internet routing, and Voice over IP. After covering the
entire text, readers will have gained a solid knowledge base in advanced computer networks.
In my years of teaching, I have observed that technology students prefer to learn “how to swim” after they have
gotten wet and taken in a little water. Then, they are ready for more challenges. Show the students the technology,
how it is used, and why, and they will take the applications of the technology to the next level. Allowing them to
experiment with the technology helps them to develop a greater understanding. This book does just that.

ORGANIZATION OF THE TEXT

This textbook is adapted from the second edition of Networking. This third volume has been revised and reorga-
nized around the needs of advanced networking students. This book assumes that the students have been intro-
duced to the basics of computer networking. Throughout the text, the students are introduced to more advanced
computer networking concepts. This involves network infrastructure design, advanced router configuration, net-
work security, analyzing data traffic, Internet routing, and Voice over IP.

xvi
Key Pedagogical Features
• Chapter Outline, Key Terms, and Introduction at the beginning of each chapter clearly outline specific goals
for the reader. An example of these features is shown in Figure P-1.

Introduction: Chapter openers

Chapter Outline Chapter Objectives clearly outline specific goals

Chapter Outline INTRODUCTION

Introduction 4-4 Configuring Route Redistribution on
Juniper Routers JUNOS This chapter examines the steps for basic configuration of a Juniper router.
4-1 Operational Mode
The operating system There are distinct differences between the Juniper router configurations com-
4-2 Router Configuration Mode Summary
used by Juniper routers. pared to Cisco IOS; however, many of the steps and prompts are similar to
4-3 Configuring Routes on Juniper Routers Questions and Problems
Cisco router configuration, as you’ll learn. The operating system (OS) used by
Juniper routers is called JUNOS. The JUNOS software has two different com-
Objectives mand modes:

• Understand and identify the difference be- • Understand the steps for configuring the rout- • Operational mode
tween the operational and configuration er’s interface • Configuration mode
modes • Explain how to configure static, RIP, OSPF,
• Understand the basic steps for working in the and IS-IS routing
operational mode • Understand the steps for route redistribution The basic commands used in the operational mode of the JUNOS command-line
interface (CLI) are presented in Section 4-1. In this chapter, you learn about the
{master} prompt and the >, indicating you are now in the operational mode. You
Key Terms also learn about the re0 { and re1 { .. notations that are used to identify the system
configuration for the routing engines 0 and 1. In Section 4-2, the steps for config-
JUNOS Internal Ethernet interface area interface interface uring the router interface are examined. In addition, the commands for displaying
{master} transient interfaces hello-interval seconds the router interface, configuring the hostname, and assigning an IP address to an
re0 { and re1 { .. Inet dead-interval seconds interface are examined. Section 4-3 introduces route configuration featuring static,
Out of Band Management preferred set metric value RIP, OSPF, and IS-IS. Section 4-4 examines route redistribution. Juniper takes a
PIC edit routing-options set protocols isis inter- different approach when it comes to route redistribution. In the JUNOS software,
static face interface there is no redistribute command. Unlike Cisco where a route distribution is done in
multi-services card
edit protocols rip show isis adjancency a routing process, Juniper uses its routing policy to inject routing protocols.
t3/ds3 card
show rip neighbor edit policy-options
at
commit set policy-statement
oc-3
oc-12 commit and- quit top 4-1 OPERATIONAL MODE
show route export
permanent interfaces The operational mode is the first mode encountered after logging in to the Juniper
Management Ethernet show route protocol rip router. This mode allows for the following:
Interface set protocols ospf area
1. Monitoring network connectivity (for example, using the ping command)
2. Troubleshooting the router interface and network connections
3. Entry point for router configuration

The following examples demonstrate the basic commands used in the operational
mode of the JUNOS command-line interface (CLI). The connection to the Juni-
per router demonstrated in this section is being made via an SSH session (secure
telnet); however, a console serial connection can also be made directly with the
Juniper router, and this connection is used to make the initial router interface con-
figurations.

159 160 CHAPTER 4: CONFIGURING JUNIPER ROUTERS

Key Terms for this Chapter

FIGURE P-1

xvii
 • Net-Challenge Software provides a simulated, hands-on experience in configuring routers and switches.
Exercises provided in the text (see Figure P-2) and on the CD challenge readers to undertake certain router/
network configuration tasks. The challenges check the students’ ability to enter basic networking commands
and set up router function, such as configuring the interface (Ethernet and Serial) and routing protocols (that
is, static, RIPv2, OSPF, ISIS, EIGRP, BGP, and VLANs). The software has the look and feel of actually being
connected to the router’s and switch console port.

Net-Challenge exercises are found Exercises challenge readers

throughout the text where applicable to undertake certain tasks

Networking Challenge—OSPF
Use the Net-Challenge Simulator Software included with the text’s companion CD-ROM to demon-
strate that you can configure OSPF for Router A in the campus LAN (the campus LAN is shown in
Figure 3-2 and is displayed by clicking the View Topology button when the software is started). Place
the Net-Challenge CD-ROM in your computer’s drive. Open the Net-Challenge folder and click
NetChallenge V3-2.exe. When the software is running, click the Select Router Challenge button to
open a Select Router Challenge drop-down menu. Select Chapter 3—OSPF. This opens a checkbox
that can be used to verify that you have completed all the tasks:
1. Enter the privileged EXEC mode on the router.
2. Enter the router’s terminal configuration mode: Router(config).
3. Set the hostname to Router A.
4. Configure the FastEthernet0/0 interface with the following:
IP address: 10.10.20.250
Subnet mask: 255.255.255.0
5. Enable the FA0/0 interface.
6. Configure the FastEthernet0/1 interface with the following:
IP address: 10.10.200.1
Subnet mask: 255.255.255.0
7. Enable the FA0/1 interface.
8. Configure the FastEthernet0/2 interface with the following:
IP address: 10.10.100.1
Subnet mask: 255.255.255.0

FIGURE P-2

xviii
 • The textbook features and introduces how to use the Wireshark Network Protocol Analyzer. Examples of us-
ing the software to analyze data traffic are included throughout the text, as shown in Figure P-3.

Examples using the Wireshark

protocol analyzer are included
throughout the text where applicable

FTP Filtering
The following example demonstrates the process by which Wireshark filtering can
be used to isolate File Transfer Protocol (FTP) out of a large list of packets. This
can be useful for several reasons. You can use filtering rules to help us find user-
names and passwords being used to connect to the FTP servers as well as get an
idea of the kind of data that is being transferred.
Start this exercise by opening the capture file 5-A.cap in Wireshark. This is not a
huge file, but it’s a little difficult to sort through all of it just by looking. Click
Expression and scroll down until you reach FTP—File Transfer Protocol (FTP).
Click OK and the Filter for FTP is now displayed, as shown in Figure 6-30.

FIGURE 6-30 Adding the FTP filter

Click Apply, and the packet list is thinned out to 15 total packets relating to the
FTP protocol, as shown in Figure 6-31. From this, we are able to view the username
and password used to establish the FTP connection. In this case, the username and
passwords are listed in plaintext, as well as the file that was accessed. Most times, a
secure version of FTP (SFTP) will be used and this information will be encrypted.
This same rule can also be applied by using the right-click method as previously
shown.
Find a packet that is using the FTP protocol (for example, packet 44). Navigate to
the datagram field and select the FTP row. Right click -> Apply as Filter -> Se-
lected. This will generate the same results provided in Figure 6-32 that are used for
the FTP filter.

256 CHAPTER 6: ANALYZING NETWORK DATA TRAFFIC

FIGURE P-3

xix
 • Numerous worked-out examples are included in every chapter to reinforce key concepts and aid in subject
mastery, as shown in Figure P-4.

Configuring, analyzing, and Screen captures and network

troubleshooting sections guide topologies guide students
readers through advanced through different hands-on
techniques in networking activities

10.10.200.0 NET

LAN A LAN B

10.10.20.0 NET 10.10.10.0 NET

(a)

192.168.10.0 NET

LAN A LAN B
must be a
“10” network
10.10.20.0 NET 10.10.10.0 NET
(b)

FIGURE 2-11 An example of (a) a contiguous network and (b) a discontiguous network

FIGURE 11-15 The exchange of voice packets (code 41) between the two IP phones

Configuring Routes with RIP

Analyzing VoIP Telephone Call Data Packets
The first step in configuring the router for RIP is to set up the interfaces. This
This section examines the data packets that are being exchanged in a VoIP telephone
includes assigning an IP address and a subnet mask to the interface using the com-
call. The test setup for the VoIP telephone call is shown in Figure 11-16. This picture
mand ip address A.B.C.D. subnet-mask. Next, the interface is enabled using the
shows that the network consists of two VoIP telephones, two call processors, and two
no shut command. The following are the steps for configuring the FastEthernet0/1
routers. The data packets were captured using a network protocol analyzer. The com-
interface on Router A in the campus network shown previously in Figure 2-10:
puter running the protocol analyzer and the two call processors were connected to a
Router con0 is now available networking hub so that each share the Ethernet data link. This was done so that all the
Press RETURN to get started. VoIP data packets being exchanged between the telephones, the call processors, and
RouterA>en the routers could be captured at the same time with one protocol analyzer.
Password:
RouterA# conf t LAN A LAN B
192.168.10.0 169.169.3.0
Enter configuration commands, one per line. End with CNTL/Z. 192.168.10.1
Router(config)#int fa0/1
Router(config-if)#ip address 10.10.200.1 255.255.255.0
Router(config-if)#no shut FA0/0 FA0/0
Call Processor Call Processor
00:59:03: %LINEPROTO-5-UPDOWN: Line protocol on Interface 00:e0:bb:1c:27:c9 00:0F0:8F:5D:87:40
FastEthernet1, changed state to up

VoIP VoIP
Next, enter the router’s configuration mode [Router(config)#] and input the com- Phone Phone
Hub
mand router rip to use the RIP routing protocol. The next step is to specify the Phone (# 1006) Phone (# 2010)
network that uses RIP for routing. These two steps are shown here: 00:e0:bb:1c:07:0a
Dial 62 – for accessing
00:e0:bb:1c:06:87

Router(config)#router rip an outside line

Router(config-router)#network 10.0.0.0

192.168.10.5
Protocol Analyzer

FIGURE 11-16 The test setup for the VoIP telephone call

2-3: CONFIGURING RIPV2 77 446 CHAPTER 11: VOICE OVER IP

FIGURE P-4

xx
 • Key Terms and their definitions are highlighted in the margins to foster inquisitiveness and ensure retention.
This is illustrated in Figure P-5.

Key terms are

highlighted in the
text and defined
Link State Protocols
in the margin Link State Protocol
Link state protocols establish a relationship with a neighboring router. The rout-
ers exchange LSAs to update neighbors regarding route status. The LSAs are sent
Establishes a relationship only if there is a change or loss in the network routes and the link state protocols
with a neighboring
converge to route selection quickly. This is a distinct advantage over distance vec-
router and uses route
tor protocols that exchange updated routing tables at fixed time intervals and are
advertisements to build
routing tables. slow to converge. In fact, link state routing protocols are replacing distance vector
protocols in most modern networks. Link state protocols are also called shortest-
path first protocols, based on the algorithm developed by E. W. Dijkstra. Link state
protocols use “Hello” packets to verify that communication is still established with
neighbor routers. The key issues of link state protocols are summarized as follows:
• Finds neighbors/adjacencies
• Uses route advertisements to build routing table
• Sends “Hello” packets
• Sends updates when routing changes

OSPF sends small “Hello” packets at regular time intervals to adjacent routers to
Hello Packets
verify that the link between two routers is active and the routers are communicat-
Used in the OSPF ing. If a router fails to respond to a Hello it is assumed that the link or possibly the
protocol to verify
router is down. The OSPF Hello packet captured with a network protocol analyzer
that the links are still
communicating.
is discussed in Section 3-5.

Areas OSPF uses the concept of areas to partition a large network into smaller networks.
The partition of a large
The advantage of this is that the routers have to calculate routes only for their area.
OSPF network into If a route goes down in a given area, only the routers in that area have to calculate
smaller OSPF networks. new routes. Any number between 0 and 4,294,967,295 (232 – 1) can be used; how-
ever, area 0 is reserved for the root area, which is the backbone for the network.
Backbone The backbone is the primary path for data traffic to and from destinations and
The primary path for sources in the campus network. All areas must connect to area 0, and area 0 cannot
data traffic to and from be split. The area numbers can also be expressed in IP notation—for example, area
destinations and sources
0 could be 0.0.0.0—or you can specify an area as 192.168.25.0 or in subnet nota-
in the campus network.
tion. Hence, the need for the large upper-area number (232 – 1) = 255.255.255.255
when converted to a decimal number.
OSPF allows the use of variable length subnet masks (VLSM), which enable dif-
Variable Length ferent size subnets in the network to better meet the needs of the network and more
Subnet Masks (VLSM) efficiently use the network’s limited IP address space. For example, point-to-point
Enables the use of inter-router links don’t need a large block of addresses assigned to them. Figure 3-1
subnet masks to better
illustrates an example of an inter-router link.
fit the needs of the
network, thereby
minimizing the waste FA0/0 FA0/1
of IP addresses when 10.10.250.1 10.10.250.2
interconnecting subnets.
10.10.250.0 Network address
10.10.250.3 Broadcast address
10.10.25.0 Subnet

FIGURE 3-1 An inter-router link subnetted to provide for two host IP addresses, a network
address, and a broadcast address

102 CHAPTER 3: ADVANCED ROUTER CONFIGURATION II

FIGURE P-5

xxi
 • Extensive Summaries, Questions, and Problems, as well as Critical Thinking Questions, are found at the end
of each chapter, as shown in Figure P-6.

Summary of Questions and problems Critical Thinking questions and problems

key concepts are organized by section further develop analytical skills

SUMMARY 62. OSPF multicasts are sent out as what class of address?
a. Class A
This chapter presented examples of configuring routing protocols. The network
challenge exercises provided the opportunity for the student to test her or his con- b. Class B
figuration skill prior to actually configuring a real router. The student should be c. Class C
able to configure and verify operation of the following protocols:
d. Class D
Static
RIP/RIPv2 e. Class E
OSPF 63. OSPF Hello packets are sent out every
ISIS a. 30 seconds
EIGRP
b. 90 seconds
Additionally, this chapter examined the steps for route redistribution. The last sec- c. 10 seconds
tion examined the OSPF Hello packets.
d. None of these answers are correct
64. The Router ID (RID) in OSPF Hello packets is chosen from
QUESTIONS AND PROBLEMS a. Loopback addresses
b. OSPF 16P_Router
Section 3-1
c. Highest IP address on an interface
1. OSPF is (select all that apply)
d. a and c
a. Open Shortest Path First routing protocol
e. b and c
b. An open protocol
c. Developed specifically for TCP/IP networks Critical Thinking
d. Developed specifically for IPX networks 65. You are configuring a router connection to a remote network. What protocol
would you select if there is only one network route to the remote network?
e. A distance vector protocol Explain why you selected the protocol.
f. A dynamic routing protocol 66. You are configuring the routing protocols for a small network. What routing
g. A link state protocol protocol would you select and why?
h. A high consumer of bandwidth 67. Router A and Router B are connected and both are running OSPF protocol. The
following is a sample configuration from Router A:
2. In OSPF, route updates are sent in the form of
interface FastEthernet0/0
a. Link state advertisements ip address 10.10.3.1 255.255.255.252
duplex auto
b. Exchanging routing tables every 30 seconds
speed auto
c. Exchanging routing tables every 90 seconds !
interface FastEthernet0/1
d. IETF packets ip address 10.100.1.1 255.255.255.0
3. The OSPF routing protocol uses these to verify that a link between two routers duplex auto
is active and the routers are communicating speed auto
!
a. LSAs ip route 172.16.0.0 255.255.0.0 Null 0
!
b. Hello packets router ospf 200
c. ARP messages network 10.0.0.0 0.255.255.255 area 0

d. Ping

QUESTIONS AND PROBLEMS 147 154 CHAPTER 3: ADVANCED ROUTER CONFIGURATION II

FIGURE P-6

xxii
 • An extensive Glossary is found at the end of this book and offers quick, accessible definitions to key terms
and acronyms, as well as an exhaustive Index (see Figure P-7).

Complete Glossary of terms and Exhaustive Index provides

acronyms provide quick reference quick reference

6to4 Prefix A technique that enables IPv6 hosts to Area 0 In OSPF, this is the root area and is the back- Address field (show ip eigrp neighbors command), 125
Numbers
communicate over the IPv4 Internet. bone for the network. administration (Linux), 389
3DES (Triple Data Encryption Standard), ESP, 301 Is system-config- * command, 385
802.1Q This standard defines a system of VLAN tag- Area ID Analogous to OSPF area number, and it is
6to4 prefix (IPv6 addresses), 314 security, 387
ging for Ethernet frames. used by L2 routers.
802.1Q, 18, 24-26 system-config- [tool-name] command, 385
2001:DB8::/32 Prefix This IPv6 address prefix is Areas The partition of a large OSPF network into 2001, DB8::/32 prefix and IPv6 router configuration, 324 system-config-date command, 386
reserved for documentation. This is recommended by smaller OSPF networks. system-config-network command, 388
RFC3849 to reduce the likelihood of conflict and administration commands (Linux)
confusion when using the IPv6 address in examples,
ARIN American Registry for Internet Numbers. Symbols
Allocates Internet Protocol resources, develops df command, 363
books, documentation, or even in test environments. ? (question mark), JUNOS operating system, 161
consensus-based policies, and facilitates the advance- df -kh command, 364
.int Intergovernmental domain registries is used for ment of the Internet through information and educa- history command, 364
registering organizations established by international tional outreach.
treaties between or among national governments.
A kill [PID] command, 361
ARP Address Resolution Protocol, used to map an IP kill -9 [PID] command, 361
{master} The prompt indicating you are in the address to its MAC address. AAA (Authentication, Authorization, and Accounting), 281 man command, 358-359
master routing engine mode on a Juniper router. ABR (area border routers), 112 mount command, 358, 362
arp –a The command used to view the ARP cache. access layer, 6 ps command, 358-361
A Record (Address Record) This maps a hostname to access-list 100 deny udp any any eq 161 command, ACL
ARP Broadcast Used to inform everyone on the shutdown command, 358, 364
an IP address. configuration, 273
network that it now is the owner of the IP address. shutdown -h now command, 364
AAA Authentication, Authorization, and Accounting. access-list 100 deny udp any any eq snmp command, ACL su command, 358, 362
ARP Reply A network protocol where the MAC configuration, 274
ABR Area border routers. address is returned. Tab key shortcut, 364
access-list permit ip any any command, ACL configura-
umount command, 364
Access Layer Where the networking devices in a LAN AS Autonomous System. These numbers are used by tion, 274
up arrow shortcut, 364
connect together. various routing protocols and are a collection of accounting (security), 281
advertise_connected policies, Juniper router route redis-
connected Internet Protocol (IP) routing prefixes. ACK (Acknowledgment) packets, TCP three-way hand-
Access Lists (ACL) A basic form of firewall protec- tribution, 179
Autonomous systems separate organizational networks. shakes, 230
tion used to tell a networking device who and what are advertise_isis policies, Juniper router route redistribu-
ACL (Access Lists), 270-272. See also filter lists
allowed to enter or exit a network. ASN Autonomous systems number is used to distin- tion, 179
access-list 100 deny udp any any eq 161 command, 273
guish separate networks and to prevent routing loops. advertise_rip policies, Juniper router route redistribu-
ACK Acknowledgment packet. access-list 100 deny udp any any eq snmp command, 274 tion, 179
at Asynchronous Transmission Mode (ATM) connec- access-list permit ip any any command, 274 advertise_static policies, Juniper router route redistribu-
address-family ipv6 The command used to
tion for a Juniper router. configure terminal command, 273 tion, 180
specify that IPv6 is specified.
edge routers, 273-275 advertising networks, 75
ATM Asynchronous transfer mode.
Administrative Distance (AD) A number assigned to extended ACL, 273 AES (Advance Encryption Standard)
a protocol or route to declare its reliability. Authoritative Name Server A name server that is false TCP headers, 278 ESP, 301
authorized and configured to answer DNS queries for a hosts, 277
Advertise The sharing of route information. WPA2, 291
particular domain or zone. ip access-group 100 out command, 274 AF33 (Assured Forwarding class 3), VoIP class maps, 441
AES Advance Encryption Standard. A 128-bit block
Automatic Private IP Addressing (APIPA) A IP addresses, stopping data traffic from, 277-278 AH (Authentication Headers), troubleshooting VPN tun-
data encryption technique.
self-assigned IP address in the range of 169.254.1.0– permit ip any any command, 274-276 nels, 300
AF33 Assured Forwarding class 3. Created to ensure 169.254.254.255. placement of, 274 allow-snmp term (filter lists), 279
the VoIP signaling or handshake. remote data hosts, stopping data traffic from, 277 AMI (alternate mark inversion), 38
autonomous-system [AS_Number] This command
AH Authentication Header. A security protocol used is used in JUNOS to define the BGP AS for the router. router logging, 283-285 anycast IPv6 addresses, 314
by IPsec that guarantees the authenticity of the IP show access-list 100 command, 274 AP (access points), NSEL and IS-IS, 113
B8ZS Bipolar 8 zero substitution. A data encoding show access-list command, 275-276 APIPA (Automatic Private IP Addressing), 196
packets.
format developed to improve data transmission over T1 SMB, 273-275 Area ID, IS-IS, 112
AMI Alternate mark inversion. A fundamental line circuits.
standard ACL, 273 areas (OSPF), 102, 105
coding scheme developed for transmission over T1
Backbone The primary path for data traffic to and UDP, 276 A records (Address records), DNS, 214, 218-219
circuits.
from destinations and sources in the campus network. AD (Administrative Distance), 71 ARIN (American Registry for Internet Numbers), IP ad-
Anycast Address Obtained from a list of addresses. address family ipv6 command, IPv6 Internet routing via dress assignments, 191
Backup Designated Router (BDR) The router or
BGP4+, 413
routers with lower priority.

457 473

FIGURE P-7

xxiii
Accompanying CD-ROM
The CD-ROM packaged with the text includes the captured data packets used in the text. It also includes the
Net-Challenge Software, which was developed specifically for this text.

Instructor Resources
The Instructor’s Manual to accompany A Practical Guide to Advanced Networking, (ISBN: 978-0-132-88303-0)
provides the entire book in PDF format along with instructor notes for each section within each chapter, recom-
mending key concepts that should be covered in each chapter. Solutions to all Chapter Questions and Problems
sections are also included. In addition, the instructor can also access 13 lab and lab-related exercises and a test
bank with which to generate quizzes on the material found within the student edition of the book.

xxiv
This page intentionally left blank
 NETWORK
1
CHAPTER
INFRASTRUCTURE
DESIGN
Chapter Outline
Introduction 1-4 Routed Network
1-1 Physical Network Design Summary
1-2 IP Subnet Design Questions and Problems
1-3 VLAN Network

Objectives
• Understand the purpose of the three layers • Understand the process of configuring a
of a campus network design VLAN
• Understand the issue of data flow and select- • Understand the issues of configuring the
ing the network media Layer 3 routed network
• Develop techniques for IP allocation and sub-
net design

Key Terms
core show interface status show ip interface brief (sh
distribution layer trunk port ip int br)
access layer Inter-Switch Link (ISL) no switchport
CIDR Switchport mode trunk secondary IP address
ISP switchport trunk encapsu- InterVLAN routing
intranets lation dot1q router on a stick
NAT switchport trunk encapsu- SVI
PAT lation isl DS
Overloading switchport trunk allowed CSU/DSU
vlan vlan_id AMI
supernet
show interfaces trunk B8ZS
gateway
network address Minimum Ones Density
broadcast domain
logical address HDLC
flat network
router interface PPP
VLAN (virtual LAN)
routing table WIC
port-based VLAN
subnet, NET VWIC
tag-based VLAN
multilayer switch (MLS) service-module t1
protocol-based VLAN
wire speed routing show controller t1 slot/
VLAN ID
routed network port
802.1Q
Layer 3 network ATM
static VLAN
SONET Virtual Path Connection
dynamic VLAN
WAN (VPC)
show vlan
terminal monitor (term Virtual Channel Connection
vlan database
mon) (VCC)
vlan vlan_id
terminal no monitor SVC
show vlan name vlan-name
(term no mon) VPI
interface vlan 1
VCI

3
 INTRODUCTION
The objective of this chapter is to examine the computer networking issues
that arise when planning a campus network. The term campus network applies
to any network that has multiple LANs interconnected. The LANs are typi-
cally in multiple buildings that are close to each other and interconnected
with switches and routers. This chapter looks at the planning and designs of
a simple campus network, including network design, IP subnet assignment,
VLAN configuration, and routed network configuration.
The basics of configuring the three layers of a campus LAN (core, distribu-
tion, and access) are first examined in Section 1-1. This section also ad-
dresses the important issues of data flow and selecting the proper network
media. Section 1-2 examines IP allocation and subnet design. Section 1-3
discusses the VLAN network, including a step-by-step process of how to con-
figure a VLAN, which provides an introduction to the basic switch commands
and the steps for configuring a static VLAN. Section 1-4 examines the Layer 3
routed network. This section explores the functions of the router and includes
configuration examples in different scenarios.

1-1 PHYSICAL NETWORK DESIGN

Most campus networks follow a design that has core, distribution, and access
layers. These layers, shown in Figure 1-1, can be spread out into more layers or
compacted into fewer, depending on the size of these networks. This three-layer
network structure is incorporated in campus networks to improve data handling and
routing within the network. The issues of data flow and network media are also ex-
amined in this section.

* Layer 3 switches
Switch A Switch B
Core

Router A ge-0/3/0 Router B ge-0/1/0 Router C

ge-1/2/0 ge-0/0/0 ge-0/2/0 ge-0/0/0

Distribution

fa0/1 fa0/1 fa0/0 fa0/0

segment segment

10.10.20.0 NET 10.10.10.0 NET 10.10.1.0 NET 10.10.5.0 NET

Access LAN A LAN B LAN C LAN D

Switch Switch Switch Switch

A1 A2 B1 B2 C1 C2 D1 D2

FIGURE 1-1 The core, distribution, and access layers of a campus network

4 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

Core
The network core usually contains high-end Layer 3 switches or routers. The core
Core
is the heart, or backbone, of the network. The major portion of a network’s data
traffic passes through the core. The core must be able to quickly forward data to The Backbone of the
Network
other parts of the network. Data congestion should be avoided at the core, if pos-
sible. This means that unnecessary route policies should be avoided. An example of
a route policy is traffic filtering, which limits what traffic can pass from one part of
a network to another. Keep in mind that it takes time for a router to examine each
data packet, and unnecessary route policies can slow down the network’s data
traffic.
High-end routers and Layer 3 switches are typically selected for use in the core.
Of the two, the Layer 3 switch is the best choice. A Layer 3 switch is essentially a
router that uses electronic hardware instead of software to make routing decisions.
The advantage of the Layer 3 switch is the speed at which it can make a routing de-
cision and establish a network connection.
Another alternative for networking hardware in the core is a Layer 2 switch. The
Layer 2 switch does not make any routing decisions and can quickly make network
connection decisions based on the network hardware connected to its ports. The ad-
vantage of using the Layer 2 switch in the core is cost. The disadvantage is that the
Layer 2 switch does not route data packets; however, high-speed Layer 2 switches
are more affordable than high-speed routers and Layer 3 switches.
An important design issue in a campus network and the core is redundancy. Redun-
dancy provides for a backup route or network connection in case of a link failure.
The core hardware is typically interconnected to all distribution network hardware,
as shown in Figure 1-1. The objective is to ensure that data traffic continues for the
entire network, even if a core networking device or link fails.
Each layer beyond the core breaks the network into smaller networks with the final
result being a group of networks that are capable of handling the amount of traffic
generated. The design should thus incorporate some level of redundancy.

Distribution Layer
The distribution layer in the network is the point where the individual LANs con-
nect to the campus network routers or Layer 3 switches. Routing and filtering poli- Distribution Layer
cies are more easily implemented at the distribution layer without having a negative Point where the
individual LANs connect
impact on the performance of the network data traffic. Also, the speed of the net-
together.
work data connections at the distribution layer is typically slower than at the core.
For example, connection speeds at the core should be the highest possible, such as
1 or 10 gigabits, where the data speed connections at the distribution layer could be
100 Mbps or 1 gigabit. Figure 1-1 shows the connections to the access and core lay-
ers via the router’s Ethernet interfaces.

1-1: PHYSICAL NETWORK DESIGN 5

 Access Layer
The access layer is where the networking devices in a LAN connect together. The
Access Layer network hardware used here is typically a Layer 2 switch. Remember, a switch is
Where the networking a better choice because it forwards data packets directly to destination hosts con-
devices in a LAN connect nected to its ports, and network data traffic is not forwarded to all hosts in the net-
together.
work. The exception to this is a broadcast where data packets are sent to all hosts
connected to the switch.

NOTE
Hubs are not recommended at all in modern computer networks.

Data Flow
An important networking issue is how data traffic flows in the core, distribution,
and access layers of a campus LAN. In reference to Figure 1-1, if computer A1
in LAN A sends data to computer D1 in LAN D, the data is first sent through the
switch in LAN A and then to Router A in the distribution layer. Router A then for-
wards the data to the core switches, Switch A or Switch B. Switch A or Switch B
then forwards the data to Router C. The data packet is then sent to the destination
host in LAN D.
The following are some questions often asked when setting up a network that im-
plements the core, distribution, and access layers:
• In what layer are the campus network servers (web, email, DHCP, DNS,
and so on) located? This varies for all campus networks, and there is not a
definitive answer. However, most campus network servers are located in the
access layer.
• Why not connect directly from Router A to Router C at the distribution
layer? There are network stability issues when routing large amounts of net-
work data traffic if the networks are fully or even partially meshed together.
This means that connecting routers together in the distribution layer should be
avoided.
• Where is the campus backbone located in the layers of a campus net-
work? The backbone of a campus network carries the bulk of the routed data
traffic. Based on this, the backbone of the campus network connects the dis-
tribution and the core layer networking devices.

Selecting the Media

The choices for the media used to interconnect networks in a campus network are
based on several criteria. The following is a partial list of things to consider:
• Desired data speed
• Distance for connections
• Budget

6 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

The desired data speed for the network connection is probably the first consider-
ation given when selecting the network media. Twisted-pair cable works well at 100
Mbps and 1 Gbps and is specified to support data speeds of 10-gigabit data traffic.
Fiber-optic cable supports LAN data rates up to 10 Gbps or higher. Wireless net-
works support data rates up to 200+ Mbps.
The distance consideration limits the choice of media. CAT 6/5e or better have a
distance limitation of 100 meters. Fiber-optic cable can be run for many kilometers,
depending on the electronics and optical devices used. Wireless LAN connections
can also be used to interconnect networks a few kilometers apart.
The available budget is always the final deciding factor when planning the design
for a campus LAN. If the budget allows, fiber-optic cable is probably the best
overall choice, especially in the high-speed backbone of the campus network. The
cost of fiber is continually dropping, making it more competitive with lower-cost
network media, such as twisted-pair cable. Also, fiber cable will always be able to
carry a greater amount of data traffic and can easily grow with the bandwidth re-
quirements of a network.
Twisted-pair cable is a popular choice for connecting computers in a wired LAN.
The twisted-pair technologies support bandwidths suitable for most LANs, and the
performance capabilities of twisted-pair cable is always improving.
Wireless LANs are being used to connect networking devices together in LANs
where a wired connection is not feasible or mobility is the major concern. For ex-
ample, a wireless LAN could be used to connect two LANs in a building together.
This is a cost-effective choice if there is not a cable duct to run the cable to inter-
connect the LANs or if the cost of running the cable is too high. Also, wireless con-
nections are playing an important role with mobile users within a LAN. The mobile
user can make a network connection without having to use a physical connection or
jack. For example, a wireless LAN could be used to enable network users to con-
nect their mobile computers to the campus network.

1-2 IP SUBNET DESIGN

Once the physical infrastructure for a network is in place, the next big step is to
plan and allocate IP space for the network. Take time to plan the IP subnet design,
because it is not easy to change the IP subnet assignments once they are in place.
It is crucial for a network engineer to consider three factors before coming up with
the final IP subnet design. These three factors are
1. The assigned IP address range
2. The number of subnetworks needed for the network
3. The size or the number of IP host addresses needed for the network

The final steps in designing the IP subnet is to assign an IP address to the interface
that will serve as the gateway out of each subnet.

1-2: IP SUBNET DESIGN 7

 IP Address Range
The IP address range defines the size of the IP network you can work with. In
CIDR some cases, a classless interdomain routing (CIDR) block of public IP addresses
Classless Interdomain might be allocated to the network by an ISP. For example, the block of IP address
Routing 206.206.156.0/24 could be assigned to the network. This case allocates 256 IP ad-
ISP dresses to the 206.206.156.0 network. In another case, a CIDR block of private
Internet service provider: IP addresses, like 10.10.10.0/24, could be used. In this case, 256 IP addresses are
An organization that assigned to the 10.10.10.0 network. For established networks with an IP address
provides Internet access range already in use, the network engineer generally has to work within the existing
for the public. IP address assignments. With a brand new network, the engineer has the luxury of
creating a network from scratch.
In most network situations, an IP address block will have been previously assigned
to the network for Internet use. The public IP addresses are typically obtained from
the ISP (Internet service provider). This IP block of addresses could be from Class
A, B, or C networks, as shown in Table 1-1.

TABLE 1-1 Address Range for Each Class of Network

Class Address Range

Class A 0.0.0.0 to 127.255.255.255
Class B 128.0.0.0 to 191.255.255.255
Class C 192.0.0.0 to 223.255.255.255

Intranets
Internetwork that Today, only public Class C addresses are assigned by ISPs, and most of them are
provides file and not even a full set of Class C addresses (256 IP addresses). A lot of ISPs partition
resource sharing. their allotted IP space into smaller subnets and then, in turn, provide those smaller
portions to the customers. The bottom line is the limited number of public IP ad-
NAT dresses are now a commodity on the Internet, and it is important to note that there
Network Address are fees associated with acquiring an IP range from an ISP.
Translation. A technique
used to translate an Not many institutions or businesses have the luxury of using public IP addresses
internal private IP inside their network anymore. This is because the growing number of devices being
address to a public IP used in a network exceeds the number of public IP addresses assigned to them. The
address. solution is that most networks are using private IP addresses in their internal net-
PAT work. Private addresses are IP addresses set aside for use in private intranets. An
Port Address Translation. intranet is an internal internetwork that provides file and resource sharing. Private
A port number is addresses are not valid addresses for Internet use, because they have been reserved
tracked with the client for internal use and are not routable on the Internet. However, these addresses can
computer’s private be used within a private LAN (intranet) to create the internal IP network.
address when translating
to a public address. The private IP addresses must be translated to public IP addresses using techniques
like NAT (Network Address Translation) or PAT (Port Address Translation) before
Overloading being routed over the Internet. For example, computer 1 in the home network (see
Where NAT translates the Figure 1-2) might be trying to establish a connection to an Internet website. The
home network’s private wireless router uses NAT to translate computer 1’s private IP address to the public
IP addresses to a single IP address assigned to the router. The router uses a technique called overloading,
public IP address.
where NAT translates the home network’s private IP addresses to the single public

8 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

IP address assigned by the ISP. In addition, the NAT process tracks a port number
for the connection. This technique is called Port Address Translation (PAT). The
router stores the home network’s IP address and port number in a NAT lookup ta-
ble. The port number differentiates the computer that is establishing a connection to
the Internet because the router uses the same public address for all computers. This
port number is used when a data packet is returned to the home network. This port
number identifies the computer that established the Internet connection, and the
router can deliver the data packet back to the correct computer. An example of this
conversion is provided in Figure 1-3. This example shows three data connections
originating from the home network of 192.168.0.0/24. A single 128.123.246.55 IP
address is used for the Internet connection. Port address translation is being used to
map the data packet back to the origination source. In this case, the port numbers
are 1962, 1970, and 1973.

The wireless computers (1 and 2) will use

private IP addresses that are assigned
3 by the wireless router.

to ISP
2

Wireless Router
(Access Point/Switch/
Broadband Modem)

FIGURE 1-2 An example of a home computer connecting to the ISP

192.168.0.64 128.123.246.55 : 1962

192.168.0.65 128.123.246.55 : 1970

Router
192.168.0.66 192.168.0.1 128.123.246.55 : 1973

FIGURE 1-3 This example shows the three data connections originating from the home
network of 192.168.0.0/24

Determining the Number of Subnetworks Needed for the Network

The use of private IP addresses is a viable technique for creating a large amount of
IP addresses for intranet use. Obviously, there is a big difference when designing
an IP network for a single network than there is when designing an IP network for
multiple networks. When designing an IP network for one single network, things

1-2: IP SUBNET DESIGN 9

 are quite simple. This type of configuration is typically found in the home, small of-
fice, or a small business environment where one IP subnet is allocated and only one
small router is involved.
For situations requiring multiple networks, each network must be sized accordingly.
Therefore, the subnet must be carefully designed. In addition, networks with mul-
tiple subnets require a router or multiple routers with multiple routed network in-
terfaces to interconnect the networks. For example, if the network engineer is using
private addresses and needs to design for three different networks, one possibility is
to assign 10.10.10.0/24 for the first network, 172.16.0.0/24 for the second network,
and 192.168.1.0/24 for the third network. Is this a good approach? Technically, this
can be done, but it is probably not logically sound. It makes more sense to group
these networks within the same big CIDR block. This will make it easier for a net-
work engineer to remember the IP assignments and to manage the subnets. A better
design is to assign 10.10.10.0/24 to the first network, 10.10.20.0/24 to the second
network, and 10.10.30.0/24 to the third network. All three networks are all in the
same “10” network, which makes it easier for the network engineer to track the IP
assignments. The term subnet and network are used interchangeably in multiple
network environments. The term subnet usually indicates a bigger network address
is partitioned and is assigned to smaller networks or subnets.
Another design factor that the network engineer must address is the network size.
Two questions that a good network engineer must ask are
• How many network devices must be accommodated in the network? (Current
demand)
• How many network devices must be accommodated in the future? (Future
growth)

Simply put, the IP network must be designed to accommodate the current demand,
and it must be designed to accommodate future growth. Once the size of a network
is determined, a subnet can be assigned. In the case of a single network, the design
is not too complicated. For example, if the network needs to be able to accommo-
date 150 network devices, an entire Class C address, like 192.168.1.0/24, can be
assigned to the network. This will handle the current 150 network devices and leave
enough room for growth. In this example, 104 additional IP address will be avail-
able for future growth.
When allocating IP address blocks, a table like Table 1-2 can be used to provide the
CIDR for the most common subnet masks and their corresponding number of avail-
able IP addresses.

TABLE 1-2 CIDR—Subnet Mask-IPs Conversion

CIDR Subnet Mask IPs

/16 255.255.0.0 65534
/17 255.255.128.0 32768
/18 255.255.192.0 16384

10 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

CIDR Subnet Mask IPs
/19 255.255.224.0 8192
/20 255.255.240.0 4096
/21 255.255.248.0 2048
/22 255.255.252.0 1024
/23 255.255.254.0 512
/24 255.255.255.0 256
/25 255.255.255.128 128
/26 255.255.255.192 64
/27 255.255.255.224 32
/28 255.255.255.240 16
/29 255.255.255.248 8
/30 255.255.255.252 4
/31 255.255.255.254 2
/32 255.255.255.255 1

Even with a much smaller network, like the home network, where only a handful
of network computers and peripherals are present, an entire Class C private address
is generally allocated to the home network. In fact, most home routers are precon-
figured with a private Class C address within the 192.168.0.0–192.168.0.255 range.
This technique is user friendly and easy to use and sets aside private IP addresses
for internal network use. This technique virtually guarantees that users will never
have to worry about subnetting the CIDR block.
For a bigger network that must handle more than 254 network devices, a supernet
can be deployed. A supernet is when two or more classful contiguous networks Supernet
are grouped together. The technique of supernetting was proposed in 1992 to Two or more classful
eliminate the class boundaries and make available the unused IP address space. contiguous networks are
Supernetting allows multiple networks to be specified by one subnet mask. In grouped together.
other words, the class boundary could be overcome. For example, if the network
needs to be able to accommodate 300 network devices, two Class C networks, like
192.168.0.0/24 and 192.168.1.0/24, can be grouped together to form a supernet
of 192.168.0.0/23, which can accommodate up to 510 network devices. As shown
in Table 1-2, a /23 CIDR provides 512 available IP addresses. However, one IP is
reserved for the network address and another one is reserved for the network broad-
cast address. Therefore, a /23 CIDR yields 512 – 2 = 510 usable host IP addresses.

Determining the Size or the Number of IP Host Addresses

Needed for the Network
The problem with randomly applying CIDR blocks to Class A, B, and C addresses
is that there are boundaries in each class, and these boundaries can’t be crossed. If a
boundary is crossed, the IP address maps to another subnet. For example, if a CIDR

1-2: IP SUBNET DESIGN 11

 block is expanded to include four Class C networks, all four Class C networks need
to be specified by the same CIDR subnet mask to avoid crossing boundaries. The
following example illustrates this.

Example 1-1
Figure 1-4 shows three different networks with different size requirements. The
needed capacity (number of devices) for each network is specified in the figure.
Your task is to determine the CIDR block required for each network that will
satisfy the number of expected users. You are to use Class C private IP addresses
when configuring the CIDR blocks.

Interconnect LAN B1
Capacity: 800 devices

RouterA RouterB

LAN B2
LAN A Server Network
Capacity: 300 devices No more than 80 servers

FIGURE 1-4 Three different networks

Solution:
For LAN A, a CIDR block that can handle at least 300 networking devices must
be provided. In this case, two contiguous Class C networks of 192.168.0.0/24 and
192.168.1.0/24 can be grouped together to form a 192.168.0.0/23 network. Refer-
ring to Table 1-2, a /23 CIDR with a subnet mask of 255.255.254.0 provides 512
IP addresses which more than satisfies the required 300 networking devices.

The next question is to determine what the network address is for LAN A. This can
be determined by ANDing the 255.255.254.0 subnet mask with 192.168.0.0 and
192.168.1.0.
192. 168. 0. 0 192. 168. 1. 0
255. 255. 254. 0 (/23) 255. 255. 254. 0 (/23)
192. 168. 0. 0 192. 168. 0. 0

This shows that applying the /23 [255.255.254.0] subnet mask to the specified IP
address places both in the same 192.168.0.0 network. This also means that this
CIDR block does not cross boundaries, because applying the subnet mask to each
network address places both in the same 192.168.0.0 network.

12 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

For LAN B1, the requirement is that a CIDR block that can handle 800 network
devices must be provided. According to Table 1-2, a /22 CIDR yields 1,022 usable
host IP addresses and is equivalent to grouping four Class C networks together.
Therefore, a /22 CIDR can be used.
The next decision is selecting the group of IP addresses to create the CIDR block
and decide where the IP addresses should start. Recall that the 192.168.0.0 and
192.168.1.0 networks are being used to create the LAN A CIDR block. Should
LAN B1 start from 192.168.2.0/22, which is the next contiguous space? The an-
swer is no. The 192.168.2.0/22 is still within the boundary of the 192.168.0.0/23
network. Remember, the requirement is that a CIDR block that can handle 800 net-
work devices must be provided and that boundaries cannot be crossed, and the de-
signer must be careful not to overlap the networks when assigning subnets to more
than one network. In this case, when the /22 subnet mask (255.255.252.0) is applied
to 192.168.2.0, this yields the network 192.168.0.0. The AND operation is shown:
192. 168. 2. 0
255. 255.252. 0 (/22)
192. 168. 0. 0
This happens to be the same network address as when the /23 CIDR subnet mask
(255.255.254.0) is applied to any IP within the range of 192.168.0.0-192.168.1.255,
as shown:
192. 168. 0. 0 192. 168. 1. 255
255. 255. 254. 0 (/23) 255. 255. 254. 0 (/23)
192. 168. 0. 0 192. 168. 0. 0

There is an overlap between 192.168.0.0/23 and 192.168.2.0/22. Moving to the next

contiguous Class C of 192.168.3.0/22, we still find that it’s still in the 192.168.0.0:
192.168.3.0
255.255.252.0 (/22)
192.168.0.0 is still in the same subnet.

Based on this information, the next Class C range 192.168.4.0/22 is selected. This
yields a nonoverlapping network of 192.168.4.0, so the subnet 192.168.4.0/22 is a
valid for this network:
192.168.4.0
255.255.252.0 (/22)
192.168.4.0 is not the same subnet; therefore, this is an acceptable CIDR block.

Recall that the CIDR for LANB1 is a /22 and is equivalent to grouping four Class C
networks. This means that LANB1 uses the following Class C networks:
192.168.4.0
192.168.5.0
192.168.6.0
192.168.7.0

1-2: IP SUBNET DESIGN 13

 The IP subnet design gets more complicated when designing multiple networks
with different size subnets. This generally means that the subnet mask or the CIDR
will not be uniformly assigned to every network. For example, one network might
be a /25 network or /22, while another is a /30 network.
The next requirement is that a CIDR block that can handle 800 network devices
must be tasked to assign a CIDR block to LAN B2. This LAN is a server network
that houses a fixed number of servers. The number is not expected to grow beyond
80 servers. One easy approach is to assign a /24 CIDR to this network.
This means that the next network is 192.168.8.0/24, which is the next nonoverlap-
ping CIDR block after 192.168.4.0/22. The /24 CIDR gives 254 host IP addresses,
but only 80 IP addresses are required. Another approach is to size it appropriately.
According to Table 1-2, a good CIDR to use is a /25, which allows for 126 host IP
addresses. Therefore, a network 192.168.8.0/25 can be used for this network.
Assigning a 192.168.8.0/24 CIDR, which can accommodate 254 hosts, seems like a
waste, because the network is expected to be a fixed size, and it will house no more
than 80 servers. By assigning a 192.168.8.0/25 CIDR, enough room is left for an-
other contiguous CIDR, 192.168.8.128/25. Obviously, this is a more efficient way
of managing the available IP space.
Last but not least is the interconnection shown in Figure 1-4. This is the
router-to-router link between Router A and Router B. The interconnection usually
gets the least attention, but it exists everywhere in the multiple networks environ-
ment. Nonetheless, a CIDR block has to be assigned to it. Because there are always
only two interface IP addresses involved plus the network and broadcast address,
giving an entire Class C address would definitely be a waste. Typically, a /30 CIDR
is used for this type of connection. Therefore, a CIDR block for the interconnection
between Router A and Router B can be 192.168.9.0/30. This yields two IP host ad-
dresses: one for Router A and one for Router B.
The complete subnet assignment for Example 1-1 and Figure 1-4 is provided in
Table 1-3.

TABLE 1-3 Completed Design of Subnets for Figure 1-4

Network Subnet CIDR Subnet Mask

LAN A 192.168.0.0 /23 255.255.254.0
LAN B1 192.168.4.0 /22 255.255.252.0
LAN B2 192.168.8.0 /24 or /25 255.255.255.0 or 255.255.255.128
Interconnect 192.168.9.0 /30 255.255.255.252

14 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

IP Assignment
The next task requirement is that a CIDR block that can handle 800 network de-
vices must be required to assign an IP address to each routed interface. This ad- Gateway
dress will become the gateway IP address of the subnet. The gateway describes the Describes the networking
device that enables
networking device that enables hosts in a LAN to connect to networks (and hosts)
hosts in a LAN to
outside the LAN. Figure 1-5 provides an example of the gateway. Every network
connect to networks
device within its subnet (LAN) will use this IP address as its gateway to commu- (and hosts) outside the
nicate from its local subnet to devices on other subnets. The gateway IP address is LAN.
preselected and is distributed to a network device by way of manual configuration
or dynamic assignment.

Gateway

Data Data
enter LAN exit

FIGURE 1-5 The gateway for a network

For LAN A in Example 1-1, the IP address 192.168.0.0 is already reserved as the
network address, and the IP address 192.168.0.255 is reserved as the broadcast
address. This leaves any IP address within the range 192.168.0.1–192.168.0.254
available for use for the gateway address. Choosing the gateway IP address is not
an exact science. Generally, the first IP address or the last IP address of the avail-
able range is chosen. Whatever convention is chosen, it should apply to the rest of
the subnets for the ease of management. Once the gateway IP address is chosen,
this IP address is reserved and is not to be used by any other devices in the subnet.
Otherwise, an IP conflict will be introduced. The following is an example of how
the gateway IP addresses could be assigned to the LANs in Example 1-1.
Network Gateway
LAN A 192.168.0.1
LAN B1 192.168.4.1
LAN B2 192.168.8.1

1-2: IP SUBNET DESIGN 15

 1-3 VLAN NETWORK
This section examines the function of using a switch in a VLAN within the campus
network. The terminology and steps for implementing VLANs will be presented
first. The second part examines basic Cisco switch configuration and provides an
introduction to the commands needed for configuring the VLAN. The third part of
Section 1-3 demonstrates the commands needed to set up a static VLAN. Next is a
discussion on VLAN tagging using 802.1Q. The section concludes with a look at
configuring an HP Procurve switch.
LANs are not necessarily restricted in size. A LAN can have 20 computers, 200
computers, or even more. Multiple LANs also can be interconnected to essentially
create one large LAN. For example, the first floor of a building could be set up as
one LAN, the second floor as another LAN, and the third floor another. The three
LANs in the building can be interconnected into essentially one large LAN using
switches, with the switches interconnected, as shown in Figure 1-6.
Is it bad to interconnect LANs this way? As long as switches are being used to
Broadcast Domain
interconnect the computers, the interconnected LANs have minimal impact on net-
Any broadcast sent out work performance. This is true as long as there are not too many computers in the
on the network is seen
LAN. The number of computers in the LAN is an issue, because Layer 2 switches
by all hosts in this
domain.
do not separate broadcast domains. This means that any broadcast sent out on the
network (for example, the broadcast associated with an ARP request) will be sent
to all computers in the LAN. Excessive broadcasts are a problem, because each
computer must process the broadcast to determine whether it needs to respond; this
essentially slows down the computer and the network.

Switch 3rd floor

Closet

2nd floor

1st floor

FIGURE 1-6 Three floors of a building interconnected using switches to form one large LAN

16 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

A network with multiple LANs interconnected at the Layer 2 level is called a flat
network. A flat network is where the LANs share the same broadcast domain. The Flat Network
use of a flat network should be avoided if possible for the simple reason that the A network where the
network response time is greatly affected. Flat networks can be avoided by the use LANs share the same
broadcast domain.
of virtual LANs (VLAN) or routers. Although both options can be used to separate
broadcast domains, they differ in that the VLAN operates at the OSI Layer 2, while
routers use Layer 3 networking to accomplish the task. The topic of a virtual VLAN
is discussed next.

Virtual LAN (VLAN)

Obviously, if the LANs are not connected, then each LAN is segregated only to a
switch. The broadcast domain is contained to that switch; however, this does not VLAN (Virtual LAN)
scale in a practical network, and it is not cost effective because each LAN requires A group of host
computers and servers
its own Layer 2 switches. This is where the concept of virtual LAN (VLAN) can
that are configured
help out. A VLAN is a way to have multiple LANs co-exist in the same Layer 2
as if they are in the
switch, but their traffic is segregated from each other. Even though they reside on same LAN, even if they
the same physical switch, they behave as if they are on different switches (hence, reside across routers in
the term virtual). VLAN compatible switches can communicate to each other and separate LANs.
extend the segregation of multiple LANs throughout the entire switched network. A
switch can be configured with a VLAN where a group of host computers and serv-
ers are configured as if they are in the same LAN, even if they reside across routers
in separate LANs. Each VLAN has its own broadcast domain. Hence, traffic from
one VLAN cannot pass to another VLAN. The advantage of using VLANs is the
network administrator can group computers and servers in the same VLAN based
on the organizational group (such as Sales, Engineering) even if they are not on the
same physical segment—or even the same building.
There are three types of VLANs: port-based VLANs, tag-based VLANs, and
protocol-based VLANs. The port-based VLAN is one where the host computers con- Port-Based VLAN
nected to specific ports on a switch are assigned to a specific VLAN. For example, Host computers
assume the computers connected to switch ports 2, 3, and 4 are assigned to the connected to specific
ports on a switch are
Sales VLAN 2, while the computers connected to switch ports 6, 7, and 8 are as-
assigned to a specific
signed to the Engineering VLAN 3, as shown in Figure 1-7. The switch will be con-
VLAN.
figured as a port-based VLAN so that the groups of ports [2,3,4] are assigned to the
sales VLAN while ports [6,7,8] belong to the Engineering VLAN. The devices as- Tagged-Based VLAN
signed to the same VLAN will share broadcasts for that LAN; however, computers Used VLAN ID based on
that are connected to ports not assigned to the VLAN will not share the broadcasts. 802.1Q.
For example, the computers in VLAN 2 (Sales) share the same broadcast domain Protocol-Based VLAN
and computers in VLAN 3 (Engineering) share a different broadcast domain. Connection to ports is
based on the protocol
being used.

VLAN 2 VLAN 3
Ports 2,3,4 Ports 6,7,8

FIGURE 1-7 An example of the grouping for port-based VLANs

1-3: VLAN NETWORK 17

 In tag-based VLANs, a tag is added to the Ethernet frames. This tag contains the
VLAN ID VLAN ID that is used to identify that a frame belongs to a specific VLAN. The ad-
Used to identify that dition of the VLAN ID is based on the 802.1Q specification. The 802.1Q standard
a frame belongs to a defines a system of VLAN tagging for Ethernet frames. An advantage of an 802.1Q
specific VLAN.
VLAN is that it helps contain broadcast and multicast data traffic, which helps
802.1Q minimize data congestion and improve throughput. This specification also provides
This standard defines a guidelines for a switch port to belong to more than one VLAN. Additionally, the
system of VLAN tagging tag-based VLANs can help provide better security by logically isolating and group-
for Ethernet frames. ing users.
In protocol-based VLANs, the data traffic is connected to specific ports based on
the type of protocol being used. The packet is dropped when it enters the switch if
the protocol doesn’t match any of the VLANs. For example, an IP network could be
set up for the Engineering VLAN on ports 6,7,8 and an IPX network for the Sales
VLAN on ports 2,3, and 4. The advantage of this is the data traffic for the two net-
works is separated.
There are two approaches for assigning VLAN membership:
Static VLAN
Basically, a port-based • Static VLAN: Basically a port-based VLAN. The assignments are created
VLAN. when ports are assigned to a specific VLAN.

Dynamic VLAN • Dynamic VLAN: Ports are assigned to a VLAN based on either the computer’s
MAC address or the username of the client logged onto the computer. This
Ports are assigned to a
VLAN based on either means that the system has been previously configured with the VLAN as-
the computer’s MAC signments for the computer or the username. The advantage of this is the
address or the username username and/or the computer can move to a different location, but VLAN
of the client logged onto membership will be retained.
the computer.

VLAN Configuration
This section demonstrates the steps for configuring a static VLAN. In this example,
the ports for VLAN 2 (Sales) and VLAN 3 (Engineering) will be defined. This re-
quires that VLAN memberships be defined for the required ports. The steps and the
commands will be demonstrated.
The show vlan command can be used to verify what ports have been defined for the
show vlan switch. By default, all ports are assigned to VLAN 1. An example using the show
Used to verify what vlan command is provided next.
ports have been defined
for the switch. SwitchA# show vlan

VLAN Name Status Ports

---- -------------------------- --------- ---------------------------
--
1 default active Fa0/1, Fa0/2,
Fa0/3, Fa0/4
Fa0/5,
Fa0/6, Fa0/7, Fa0/8
Fa0/9,
Fa0/10

18 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

This shows that all the FastEthernet interfaces on the switch are currently assigned
to VLAN 1, which is a default VLAN. In the next step, two additional VLANs vlan database
will be created for both Sales and Engineering. The two new VLANs will have the The command used on
VLAN ID of 2 and 3 respectively, and each VLAN will be assigned a name associ- older Cisco switches to
enter the VLAN database.
ated to it. This is accomplished by modifying the VLAN database using the vlan
database command, as shown in the next steps.
SwitchA#vlan database

SwitchA(vlan)#vlan 2 name Sales

VLAN 2 modified:
Name: Sales
SwitchA(vlan)#vlan 3 name Engineering
VLAN 3 modified:
Name: Engineering

On newer Cisco switches, users will get the following message that the command
vlan database is being deprecated:
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.

Cisco has moved away from the VLAN database-style command to an IOS global
command. Similarly to other IOS global commands, the switch must be in the con-
figuration mode (config)#. However, the concept remains the same that a VLAN
must be created for it to be activated and ready for use. The steps for creating the
VLAN on newer Cisco switches are as follows:
SwitchA# conf t
SwitchA(config)#vlan 2
SwitchA(config-vlan)#name Sales
SwitchA(config-vlan)#vlan 3
SwitchA(config-vlan)#name Engineering
SwitchA(config-vlan)#exit
SwitchA(config)#exit

To start configuring a VLAN, one must specify which VLAN needs to be config-
vlan [vlan_id]
ured using the vlan [vlan_id] command. If the specific VLAN does not exist, this
command will create the VLAN as well. As shown in the preceding example, the The IOS global command
used to create VLAN ID.
command vlan 2 is entered to configure vlan 2 and then the command name Sales
is entered to configure the name associated to the VLAN. The similar steps are
done for VLAN 3 with the name Engineering.

1-3: VLAN NETWORK 19

 The rest of the VLAN commands are almost identical in the older switches and
newer switches. The next step is used to verify that the new VLANs have been cre-
ated using the show vlan command:
Switch#show vlan

VLAN Name Status Ports

---- -------------------------- --------- ---------------------------
--
1 default active Fa0/1, Fa0/2, Fa0/3,
Fa0/4
Fa0/5, Fa0/6,
Fa0/7, Fa0/8
Fa0/9, Fa0/10
2 Sales active
3 Engineering active

This shows that both the Sales and Engineering VLANs have been created. In the
next steps, ports will be assigned to the newly created VLANs. This requires that
the configuration mode be entered and each FastEthernet interface (port) must be
assigned to the proper VLAN using the two commands switchport mode access
and switchport access vlan vlan-id. An example is presented for FastEthernet in-
terface 0/2 being assigned to VLAN 2 on a Cisco switch:
SwitchA#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SwitchA(config)#int fa 0/2
SwitchA(config-if)#switchport mode access
SwitchA(config-if)#switchport access vlan 2
SwitchA(config-if)#end

The next step is used to verify that FastEthernet 0/2 has been assigned to the Sales
VLAN (VLAN2). This can be verified using the show vlan brief command, as
shown. This command only displays the interfaces assigned to each VLAN:
SwitchA#sh vlan brief

VLAN Name Status Ports

---- ----------------------------- --------- ------------------------
---
1 default active Fa0/1, Fa0/3, Fa0/4,
Fa0/5
Fa0/6, Fa0/7,
Fa0/8, Fa0/9
Fa0/10
2 Sales active Fa0/2

The next steps are to assign ports 3 and 4 to the Sales VLAN (VLAN 2) and ports
6,7,8 to Engineering (VLAN 3). Once this is completed, the port assignments can
be verified using the show vlan command, as shown:

20 CHAPTER 1: NETWORK INFRASTRUCTURE DESIGN

Discovering Diverse Content Through
Random Scribd Documents
“He rose the first—he looms the morning star
Of that long, glorious unsuccessful war;
England abhors him! has she not abhorr’d
All who for Ireland ventured life or word?
What memory would she not have cast away
That Ireland keeps in her heart’s heart to-day?

“If even his hand and hilt were so distained,

If he was guilty as he has been blamed,
His death redeemed his life—he chose to die
Rather than get his freedom with a lie.
Plant o’er his gallant heart a laurel tree,
So may his head within the shadow be!

“I mourn for thee, O hero of the North—

God judge thee gentler than we do on earth!
I mourn for thee and for our land, because
She dare not own the martyrs in her cause;
But they, our poets, they who justify—
They will not let thy memory rot or die!”
 CHAPTER IX
Sad Fate of the Vanquished—Cruel Executions and Wholesale Confiscations

T HE subsequent fate of other chief actors in this great political and

military drama is summed up by a learned historian thus:
“Mountgarret and Bishop Rothe died before Galway (the last Irish
stronghold of this war) fell. Bishop MacMahon, of Clogher,
surrendered to Sir Charles Coote, and was executed like a felon by
one he had saved from destruction a year before at Derry. Coote,
after the Restoration, became Earl of Mountrath, and Broghill, Earl of
Orrery. Clanricarde died unnoticed on his English estate, under the
Protectorate. Inchiquin, after many adventures in foreign lands,
turned Catholic in his old age; and this burner of churches
bequeathed an annual alms for masses for his soul. A Roman
patrician did the honors of sepulture for Father Luke Wadding. Hugh
Duff O’Neill, the heroic defender of Clonmel and Limerick, and the
gallant though vacillating Preston, were cordially received in France,
while the consistent (English) Republican, General Ludlow, took
refuge as a fugitive (after the Restoration) in Switzerland.”
The same accomplished authority (T. D. McGee) informs us that
under Oliver Cromwell’s Protectorate, “A new survey of the whole
island was ordered, under the direction of Sir William Petty, the
fortunate economist who founded the House of Lansdowne. By him
the surface of the kingdom was estimated at ten and a half million
plantation acres, three millions of which were deducted for waste
and water. Of the remainder, above 5,000,000 acres were in Catholic
hands in 1641; 300,000 acres were college lands, and 2,000,000
acres were in possession of the Protestant settlers of the reigns of
James I and Elizabeth. Under the Cromwellian Protectorate,
5,000,000 acres were confiscated. This enormous spoil, two-thirds of
the whole island (as then computed), went to the soldiers and
adventurers who had served against the Irish or had contributed to
the military chest since 1641—except 700,000 acres given in
‘exchange’ to the banished in Clare and Connaught, and 1,200,000
confirmed to ‘innocent Papists’ who had taken no part in the warfare
for their country’s liberty. And,” continues our authority already
quoted, “Cromwell anticipated the union of the kingdoms by a
hundred and fifty years, when he summoned, in 1653, that assembly
over which ‘Praise-God Bare-bones’ presided. Members for Ireland
and Scotland sat on the same benches with the Commons of
England. Oliver’s first deputy in the government of Ireland was his
son-in-law, Fleetwood, who had married the widow of Ireton, but his
real representative was his fourth son, Henry Cromwell, commander-
in-chief of the army. In 1657, the title of Lord Deputy was
transferred from Fleetwood to Henry, who united the supreme civil
and military authority in his own person, until the eve of the
Restoration, of which he became an active partisan. We may thus
embrace the five years of the Protectorate as the period of Henry
Cromwell’s administration.” High Courts of Justice were appointed for
dealing with those who had been actively in arms, and many cruel
executions resulted. Commissions were also appointed for the
expatriation of the people, particularly the young. “Children under
age, of both sexes, were captured by the thousands, and sold as
slaves to the tobacco planters of Virginia and the West Indies.
Secretary Thurloe informs Henry Cromwell that ‘the Council have
authorized 1,000 girls, and as many youths, to be taken up for that
purpose.’ Sir William Petty mentions 6,000 Irish boys and girls
shipped to the West Indies. Some contemporary accounts make the
total number of children and adults, so transported, 100,000 souls.
To this decimation we may add 34,000 men of fighting age, who had
permission to enter the armies of foreign powers at peace with the
Commonwealth.”
 As there was no Irish Parliament called under Cromwell’s régime,
the “government” of Ireland consisted, during that period, of the
deputy, the commander-in-chief, and four commissioners—the
Puritan leaders, Ludlow, Corbett, Jones, and Weaver—all of whom
looked upon the Celtic-Catholic Irish, and, in fact, all classes of the
Irish people, with bigoted hatred and insolent disdain. And these
men had, until the Restoration, absolute dominion over the lives and
liberty, the rights and properties of the nation they hated!
The Act of Uniformity, which played such a terrible part in the
reigns of Elizabeth and James, was put into relentless force. The
Catholics were crushed, as it were, into the earth, and Ireland again
became a veritable counterpart of the infernal regions. Priests, of all
ranks, were hunted like wild beasts, and many fell victims to their
heroic devotion to their flocks. Catholic lawyers were rigidly
disbarred and Catholic school-teachers were subjected to deadly
penalties. “Three bishops and three hundred ecclesiastics” perished
violently during the Protectorate. “Under the superintendence of the
commissioners,” says McGee, “the distribution made of the soil
among the Puritans ‘was nearly as complete as that of Canaan by
the Israelites.’ Such Irish gentlemen as had obtained pardons were
obliged to wear a distinctive mark on their dress under pain of
death. Those of inferior rank were obliged to wear a round black
spot on the right cheek, under pain of the branding iron and the
gallows. If a Puritan lost his life in any district inhabited by Catholics,
the whole population were held subject to military execution. For the
rest, whenever ‘Tory’ (nickname for an Irish royalist) or recusant fell
into the hands of these military colonists, or the garrisons which
knitted them together, they were assailed with the war-cry of the
Jews—‘That thy feet may be dipped in the blood of thy enemies, and
that the tongues of thy dogs may be red with the same.’ Thus,
penned in (according to the Cromwellian penal regulation) between
‘the mile line’ of the Shannon and the ‘four-mile line’ of the sea, the
remnant of the Irish nation passed seven years of a bondage
unequaled in severity by anything which can be found in the annals
of Christendom.”
 When the news of Oliver Cromwell’s death, which occurred on
September 3, 1658, reached Ireland, a sigh of intense relief was
heaved by the persecuted nation. Many a prayer of thankfulness
went up to the throne of God from outraged Irish fathers and
mothers, whose children were sweltering as slaves under tropical
suns. Cromwell himself had passed away, but the “curse of
Cromwell” remained with Ireland for many a black and bitter day
thereafter.
What followed after his death until the Restoration belongs to
English history. Under his son Richard, and his associates, or
advisers, the Protectorate proved a failure. Then followed the
negotiations with General Monck, and the restoration of the
monarchy under Charles II, who landed on English soil, at Dover,
May 22, 1660, proceeded to London, where he was cordially
welcomed, and renewed his interrupted reign over a country which,
at heart, despised and distrusted him and all of his fated house.
 CHAPTER X
Ireland Further Scourged Under Charles II—Murder of Archbishop Plunket—
Accession of James II

T HE Irish Catholics had built high hopes on the restoration of

Charles, but were not very jubilant when they learned that he
had appointed as Lords Justices, in Dublin, their ancient foes and
persecutors, Coote and Broghill, the latter now called the Earl of
Orrery. In the Irish (provincial) Parliament, the “Undertaking”
element was in the ascendant, and the Protestants, barely one-fifth
of the nation, had, in the House of Lords, 72 peers of their faith to
21 Catholics. In the Commons the same disparity existed, there
being 198 Protestant to 64 Catholic members. In England, the
defenders of the crown, who had fought against Cromwell, were, in
most cases, treated with justice, and many had their possessions
restored to them. In Ireland, the Royalists, of all creeds and classes,
were treated by the king and his advisers with shameful ingratitude.
Most of the confiscations of the Cromwell period were confirmed,
but the Catholic religion was tolerated, to a certain extent, and the
lives of priests and schoolmasters were not placed in jeopardy as
much as formerly. The Catholics made a good fight for the
restoration of their property, and were faithfully aided by the Earl of
Kildare in Ireland and by Colonel Richard Talbot—afterward Earl of
Tyrconnel—in England. But the Cromwellian settlers maintained the
advantage in property they had gained. In 1775, they still held
4,500,000 acres against 2,250,000 acres held by the original
proprietors. The figures, according to the most reliable authorities,
were almost exactly the reverse before the Cromwellian settlement.
An attempt on the part of the Catholics, to be allowed greater
privileges than they possessed, was met in a most unfriendly spirit in
England. One of their delegates, Sir Nicholas Plunkett, was mobbed
by the Londoners and forbidden the royal presence by the order of
the Council, while Colonel Talbot, because of his bold championship
of the Catholic cause, was sent for a period to the Tower. The Irish
Catholics were, finally, forbidden to make any further address in
opposition to the Bill of Settlement—as the act confirming the
confiscations was called—and the perfidious Charles signed it
without compunction, although he well knew he was beggaring his
own and his father’s friends. An English tribunal, appointed to sit in
Dublin and hear the Irish claims, declared in favor of the plundered
native proprietors, but as it was met immediately by the intrigues of
the ruthless Ormond, who again became Lord Lieutenant of Ireland,
the duration of this honest English tribunal was limited to a certain
day, when only about 800 out of 3,000 cases had been heard. A
measure called “An Act of Explanation” was then passed (1665), by
which it was decreed that “no Papist who had not been adjudged
innocent under the former act could be so adjudged thereafter, or
entitled to claim any lands or settlements.” “Thus,” remarks a
historian, “even the inheritance of hope, and the reversion of
expectation, were extinguished forever for the sons and daughters
of the ancient gentry of the kingdom.”
An attempt made by the titled Catholic laity and the prelates and
priests of that faith to establish their true position in regard to their
spiritual and secular allegiance was also met in a hostile manner by
Ormond, who so managed as to excite a bitter controversy in regard
to a document called “The Remonstrance,” which was supposed to
embody the Catholic idea of the period. The viceroy succeeded to
the top of his bent. Dissension prevailed at a meeting of the
surviving prelates of the Church, and the superiors of regular orders,
held in Dublin, and Ormond made the failure of the gathering an
excuse for persecuting the prelates and priests, whom he bitterly
hated as a body he could not use, with penal severities, which the
selfish and sensual king, who was himself a Catholic in secret,
allowed to pass without interference.
In this same year (1666) the importation of Irish cattle into
England was declared, by Parliamentary enactment, “a nuisance,” for
the reason that when the Londoners were starving, at the time of
the Great Fire, Ireland contributed for their relief 15,000 fat steers.
Instead of being grateful for the generous gift, the English
lawmakers pretended to believe it a scheme to preserve the trade in
cattle between the two kingdoms. The Navigation Act—invented by
Cromwell—which put fetters on Irish commerce, was also enforced,
and these two grievances united, for a time, the Puritans and the
Old Irish, as both suffered equally from the restrictions placed upon
industry. Ormond showed favor to the discontented Puritans, and
was recalled in consequence. His retirement lasted nine years, and
during that period he became a patron of Irish manufactures,
especially in the county of Kilkenny. A bogus “Popish plot”—an
offshoot of that manufactured in England, during this reign, by that
arch-impostor and perjurer, Titus Oates—was trumped up in Ireland
for purposes of religious and political terrorism. The attempt to
fasten it upon the masses of the people happily failed, but, without
even the shadow of proof, the aged and venerated archbishop of
Armagh, Oliver Plunkett, was accused of complicity in it, arrested
and confined, without form of trial, for ten months in an Irish prison.
Finally he was removed to London and placed on trial. One of his
“judges” was the notorious Jeffreys—the English Norbury—a man
destitute of a heart. Even one of the paid perjurers, called a crown
agent, stung by remorse, offered to testify in behalf of the
unfortunate archbishop. All was in vain, however. The judges
charged the jury against the accused, violating every legal form, and
the hapless prelate was found guilty. He was sentenced to be
“hanged, drawn, and quartered” on July 1, 1681. This sentence was
carried out in all its brutal details. When the Earl of Essex appealed
to the king to save the illustrious martyr, Charles replied: “I can not
pardon him, because I dare not. His blood be upon your conscience.
You could have saved him if you pleased!” And this craven king, a
few years afterward, on his deathbed, called for the ministrations of
a priest of the Church outraged by the murder of an innocent
prelate! The slaughter of Oliver Plunkett was the most atrocious
political assassination in English history, which reeks with such
crimes. The shooting of Duc d’Enghien by Napoleon did not
approach it in cold-blooded infamy. The king, the minister, the court,
the jury—everybody—believed the archbishop innocent, and yet he
was sacrificed that his blood might satisfy the rampant bigotry of the
times.
The Catholics were ferociously pursued in Ireland after this
shameful tragedy. Proclamations were issued against them by
Ormond, who had yet again become Lord Lieutenant. They were
forbidden to enter fortresses or to hold fairs, markets, or gatherings
within the walls of corporate towns. They were also forbidden the
use of arms—an old English expedient in Ireland—and they were
commanded to kill or capture any “Tory” or “outlaw” relative within
fourteen days from the date of proclamation, under penalty of being
arrested and banished from Ireland. This was the setting of brother
against brother with a vengeance. Few of the Irish people were
found base enough to comply with the unnatural order, but Count
Redmond O’Hanlon, one of the few Irish chiefs of ancient family who
still held out against English penal law in Ireland, was assassinated
in a cowardly manner by one of Ormond’s ruthless tools. The blood
stains from the heart of the brave O’Hanlon will sully forever the
escutcheon of the Irish Butlers.
Just as the spirit of persecution of Catholics began to subside both
in England and Ireland, Charles II, who had been much worried by
the political contentions in his English kingdom, which resulted in the
banishment of Monmouth and the execution of Lord William Russell
and Algernon Sidney, had a stroke of apoplexy, which resulted in his
death on February 6, 1685. In his last moments he was attended by
the Rev. Father Huddlestone, who received him into the Catholic
Church, which he had betrayed so foully. He was immediately
succeeded by his Catholic brother, the Duke of York, who ascended
the throne under the title of James II. James was a man of resolute
purpose, good intentions, no doubt, but had a narrow intellect and
sadly lacked discretion—at least in the moral sense. His physical
courage has been questioned, although the famous Marshal Turenne
certified to it, when he, in his fiery youth, served in the French
armies. He was destined, as we shall see, to ruin his friends, exalt
his enemies, and wreck the ancient Stuart dynasty.
 CHAPTER XI
Well-Meant but Imprudent Policy of King James—England Invites William of
Orange to Assume the Throne

A LTHOUGH the final outcome of his policy was disastrous to

Ireland, we feel justified in saying that James II meant well by all
his subjects. He was a friend of religious equality—an idea hateful to
the English and a large portion of the Scottish nation at that period.
In Ireland, too, the Protestant minority resented it, because, to their
minds, it meant Catholic ascendency and the restoration of stolen
estates. But James went about his reforms so awkwardly, and
imprudently, that he brought on himself almost immediately the all
but unanimous ill-will of his English subjects. He dared to profess his
Catholic faith openly—an unforgivable offence in England at that
time. He sought to equalize the holding of office by the abolition of
the Test Act, aimed against Catholics, so that English, Scotch, and
Irish Catholics should have the same rights and privileges in that
respect as their Protestant brethren. This, also, was an idea hateful
to the English mind of the period. The king undertook to regulate
the judiciary, the privy council, the army, the civil list—every public
appointment—according to his own notions. This meant recognition
of the Catholics and produced an uproar in England. He recalled
Ormond from the viceroyalty of Ireland and sent Lord Clarendon to
take his place. Finally, Clarendon resigned and Richard Talbot, who
had been created Duke of Tyrconnel, was made Lord Lieutenant of
Ireland. This appointment alarmed the Irish Protestants, who, as
usual, feared that the Catholics would get back their lands under a
friendly executive, such as Tyrconnel—whose former exertions in
regard to the Catholic claims were not forgotten—was well known to
be. He was injudicious enough, at the outset, to dismiss many
Protestant officers from the Irish military establishment and place
Catholics in their positions. Although this was done by proportion,
Protestant jealousy was aroused and the seeds of revolt were deeply
planted.
In England, popular feeling against the king was at fever heat. His
illegitimate Protestant nephew—putative son of Charles II—the Duke
of Monmouth, who had been exiled, returned to England and
organized a rebellion against him. This ill-starred movement
culminated at Sedgemoor, in Somersetshire, in the summer of 1685.
A battle was fought there between the unorganized English
peasants, under “King Monmouth,” as they called him, and the royal
army, under the Earl of Feversham. The rebels fought with
commendable courage, but were badly commanded and suffered an
overwhelming defeat. Monmouth escaped from the field, but was
captured soon afterward, tried, found guilty, and beheaded on Tower
Hill, of bloody memory, July 15, 1685. He had appealed in vain to
James for mercy, and appealed in a manner so craven and
undignified that he aroused the disgust of his stern uncle. But the
blood of the vanquished did not cease to flow when Monmouth died.
The “Bloody Assizes,” conducted by Jeffreys, the “great crimson
toad,” as Dickens describes him, and four assistant judges, spread
death and terror throughout the English districts recently in revolt.
This period of English history bore a striking resemblance to the
1798 period in Ireland, when other “great crimson toads” hanged
the hapless peasantry, and some of higher rank, by the hundred and
thousand. All this butchery made James unpopular with a vast
majority of the English people, but, as he had no male heir, the
nation hesitated to rise against him, especially as Monmouth himself
had been the aggressor. But James, while Duke of York, had married
a young wife, the Princess Mary, sister of the Duke of Modena, who
bore him a son—afterward called by the Hanoverian faction the
Pretender—in June, 1688. This altered the whole aspect of affairs
and a revolution became imminent immediately. Mary of Modena,
although an intelligent and amiable woman, was of a haughty and
somewhat punctilious disposition at times. This made her almost as
unpopular with the English people as was her husband. Sir Walter
Scott relates that, while Duchess of York, she accompanied her
husband to Scotland, whither he went at the behest of his brother,
King Charles. James got along very well with the Scotch, particularly
the Highlanders, who adored him, and whose loyalty to his family
remained unshaken until after Culloden. He invited an old
Continental veteran, Sir Thomas Dalzell, to dine with him. The
duchess had the bad taste to object to the company of a commoner.
“Make yourself easy on that head, madam,” remarked Sir Thomas; “I
have sat at a table where your father might have stood behind my
chair!” He alluded to a dinner given him and others by the Emperor
of Austria, who was the suzerain of the Duke of Modena. The latter,
if called upon by the emperor, would have had to act in the capacity
of an honorary waiter. All students of history are, doubtless, familiar
with the romantic chivalry displayed by Edward the Black Prince,
when he waited upon his captive, King John of France, whom he had
vanquished at Poitiers. Mary of Modena was, we may be sure, not
formed by nature to make friends for her husband, as the brave
Margaret of Anjou did for the physically and mentally degenerate
Plantagenet, Henry VI. Had Mary been a Margaret, William of
Orange might never have occupied the throne of “the Three
Kingdoms.” The climax of King James’s political imprudences—they
can not, in the light of modern ideas of religious equality, be called
errors—was reached when he issued his famous declaration against
test oaths and penal laws, and decreed that it should be read from
the altars of the Protestant, as well as the Catholic, churches
throughout England. Six Protestant prelates, headed by the
Archbishop of Canterbury, made protest by petition and even visited
the king in his bedchamber to dissuade him from his purpose. But he
persisted, as was usual with him.
 On the Sunday following the bishops’ call, out of 10,000 English
clergymen only 200 complied with the royal decree. Of course we,
Americans, who have equal laws for all creeds and classes, can not
consistently condemn King James for advocating what we ourselves
practice, but we can afford to lament the fatuity which led him to
dare Protestant resentment by seeking to make Protestant pulpits
the mediums of his radical policy. It was playing with fire. Had he
stopped short at this point, James might have still held his crown,
but, with incurable obstinacy, he insisted on prosecuting the
recalcitrant bishops before the Court of King’s Bench, and they were
finally committed by the Privy Council to the Tower of London. All
England was now ablaze with fierce resentment. At the Tower the
right reverend prisoners were treated more like royal personages
than captives. The officers and soldiers of the army—excepting the
Irish regiments raised by Tyrconnel for James, and sent to do
garrison duty in England—openly drank to their speedy release.
When they came to trial in the King’s Bench, the jury, after being out
on the case all night, found the six prelates not guilty on the charge
of censuring the king’s government and defying the king’s mandate,
and they were immediately released amid popular acclamation.
The “loyal” Protestant majority had succeeded in placing the
Catholic minority, their own fellow-countrymen, in a position of
political nonentity, simply because they worshiped God according to
their belief. Who could, then, have imagined that the England which
refused equality in the holding of office to Catholic subjects would,
about two hundred years later, have a Catholic for Lord Chief Justice
and an Irish Catholic (Lord Russell of Killowen) at that? Five
generations have done much toward a change of sentiment in
England. But King James, we are told, on hearing the shouts of the
people when the acquittal was announced, asked of Lord
Feversham, who happened to be with him: “What do they shout
for?” And Feversham replied, carelessly: “Oh, nothing—only the
acquittal of the bishops!” “And you call that nothing?” cried the king.
“So much the worse for them,” meaning the people. These latter
were excited by the Protestant lords and gentry, who much feared a
Catholic succession, now that the king had an heir-male to the
throne. Both of his daughters—Mary, married to William, Prince of
Orange, the king’s nephew, and Anne, who became the wife of the
Prince of Denmark—were Protestants, their mother having brought
them up in that belief. William, half a Stuart and half a Dutchman,
brave, resolute, and wise withal, seemed to the English malcontents
to be the “heaven-appointed” man to supplant his own uncle and
father-in-law. William was nothing loth, and Mary, who was to share
the throne with him, made no objection to this most unfilial
proceeding. Neither did Anne, who, like the unnatural creature she
was, fled from her father’s palace, guided and guarded by the
Protestant Bishop of London, as soon as she heard of William’s
almost unobstructed march on the capital. That personage had
landed at Torbay, in Devonshire, on November 5—the anniversary of
the Gunpowder Plot of the days of James I—convoyed by an
immense fleet, which carried to the shores of England a picked
veteran army of 15,000 men. This army was commanded, under
William, by the Marshal Duke of Schomberg, Count Solmes, General
De Ginkel, and other officers of European renown. The principal
plotters who invited William to seize the crown of England were the
Earls of Danby, Shrewsbury, Devonshire, the Bishop of London, Lord
Lumley, Admiral Russell, and Colonel Sidney. Just a little while before
the coming of William, James took the alarm and attempted to make
concessions to the Protestants. He also decreed the strengthening of
the army, and the enlistment of Irish Catholics and Scotch
Highlanders, most of whom had retained the old faith, was
encouraged.
At the news of William’s arrival in Exeter, whither he had marched
from Torbay, the English aristocracy became wildly excited and
hastened to join his standard. The faculty of the University of Oxford
sent him word that, if he needed money to carry out his enterprise,
the plate of that institution would be melted down to furnish him
with a revenue. An agreement of the nobility and gentry was drawn
up and signed, and in it they promised to stand by William of Orange
and each other, “in defence of the laws and liberties of the three
kingdoms and the Protestant religion.” Thus, it will be noticed,
Protestant interests was the cry of the majority in England, opposed
to James, who, as we have said, aimed at equality of all creeds
before the law, while in Ireland, where the old faith “prevailed
mightily,” Catholic interests, or civil and religious liberty, became,
also, the war-cry of the majority. In England the Catholic minority
remained mostly supine during this period and until long afterward.
In Scotland the Catholics and many Episcopalians rallied for James
under the leadership of the implacable and brilliant Claverhouse,
afterward created Viscount Dundee. They took the field for “James
VII of Scotland,” as they called the exiled king, at the first tap of the
war drum. The Catholic majority in Ireland naturally recognized in
the unfortunate monarch a friend who offered them religious and
political liberty, and so they resolved to place their “lives, fortunes,
and sacred honor” at his disposal.
The Irish Catholics can not be justly blamed for their devotion to
the cause of James, who, whatever his motives, was the first King of
England who ever attempted to do them even ordinary justice.
Tyrconnel, like Strafford in a preceding reign, although with a very
different intention, began the organization of a formidable Irish
army, which was designed to be composed of twenty regiments of
horse, fifty of foot, and artillery in the usual proportion. There were
men for the mere asking, but arms, ammunition, and equipments
were sadly lacking. The weakest arm of the military branch of the
public service was the artillery, and this continued to be the fact
throughout all of the subsequent war. As William drew nearer to
London, the bulk of the native English army, following the example
of the highest officers—including Colonel John Churchill, afterward
the great Duke of Marlborough—went over to him. This determined
James to abandon his capital, yet his friends induced him to return
for a period. But the still nearer approach of “the Deliverer,” as the
English called William of Orange, again induced him to fly from
London. He had previously provided for the safety of the queen and
the infant heir to the now forfeited crown, who had taken refuge in
France. The date of his final departure from Whitehall Palace was
December 11. After not a few perilous adventures, he reached the
court of his cousin, Louis XIV, at Versailles, on Christmas Day, 1688.
He was most honorably and hospitably received, and Louis placed at
his disposal the royal palace of St. Germain, in the neighborhood of
Paris. When James heard of the desertion of his youngest daughter,
Anne, to his enemies, the wretched parent, who has been called
“the modern Lear,” exclaimed in the anguish of his soul: “God help
me! My very children have deserted me!”
 CHAPTER XII
Irish Soldiers Ill-Treated in England—Policy of Tyrconnel—King James Chosen by
the Irish Nation

S UCH Irish soldiers as had remained in England after the flight of

James were mobbed, insulted, and even murdered by the
unthinking multitude, so easily excited to deeds of cruelty. These
men had done the English people no wrong—they had shed no
English blood, and they even wore the English uniform. Many fell in
savage combats with the furious mobs, but the majority fought their
way to the seaports, where they, by some means, obtained shipment
to Ireland, carrying with them many a bitter memory of England and
her people. Many of these persecuted troops were well-trained
cavalry, who afterward manifested splendid prowess at the Boyne
and in other engagements. Their colonels were all members of the
ancient Irish nobility, Celtic or Norman, and they were quite
incapable of the crimes the credulous English mobs were taught to
believe they were ready to commit at the earliest opportunity.
Although the English people, in their normal condition, are a steady
and courageous race, they are, when unduly excited, capable of
entertaining sentiments and performing acts discreditable to them as
a nation. A people so ready to resent any imposition, real or fancied,
on themselves, should be a little less quick to punish others for
following their example. It is not too much to say that the English,
as a majority, have been made the victims of more religious and
political hoaxes—imposed upon them by evil-minded knaves—than
any other civilized nation. It was of the English, rather than
ourselves, the great American showman, Barnum, should have said:
“These people love to be humbugged!”
From the French court, which entirely sympathized with him,
James entered into correspondence with his faithful subject and
friend, Tyrconnel, in Ireland. The viceroy sent him comforting
intelligence, for all the Catholics of fighting age were willing to bear
arms in his defence. James sent Tyrconnel about 10,000 good
muskets, with the requisite ammunition, to be used by the new
levies. These were obtained from the bounty of the King of France.
As Tyrconnel was convinced that Ireland, of herself, could hardly
make headway against William of Orange, backed as he was by
most of Great Britain and half of Europe, he conceived the idea of
placing her, temporarily at least, under a French protectorate, in the
shape of an alliance defensive and offensive, if necessary. He had
the tact to keep King James in ignorance of this agreement, because
he did not wish him to jeopardize his chance of regaining the British
crown, which a consenting to the French protectorate would have
utterly forfeited. Tyrconnel’s policy, under the circumstances in which
Ireland was placed, may have been a wise one, although, in general,
any dependency of one country upon another is fatal to the liberty of
the dependent nation. Ireland, contrary to general belief, is large
enough to stand alone, if she had control of her own resources. To
illustrate briefly, she is within a few thousand square miles of being
as large as Portugal, and is much more fertile; while she is almost a
third greater in area than Holland and Belgium combined. Her
extensive coast line, numerous safe harbors, and exceeding
productiveness amply compensate for the comparative smallness of
her area.
In February, 1689, the national conventions of England and
Scotland, by vast majorities, declared that King James had abdicated
and offered the crown to William and Mary, who, as might have been
expected, accepted it with thanks. Ireland had nothing to say in the
matter, except by the voices of a few malcontents who had fled to
Britain. Nevertheless, the new sovereigns finally assumed the rather
illogical title of “William and Mary, ‘by the grace of God,’ King and
Queen of England, Scotland, France, and Ireland.” In France they
held not a foot of ground; and in Ireland four-fifths of the people
acknowledged King James. James Graham, of Claverhouse (Viscount
Dundee), expressed his dissent from the majority in the convention
of Scotland. Sir Walter Scott has immortalized the event in the
stirring lyric which begins thus:
“To the Lords of Convention ‘twas Claverhouse spoke,
’Ere the king’s crown shall fall, there are crowns to be broke,
So let each cavalier, who loves honor and me,
Come follow the bonnet of Bonnie Dundee!”

James had some strong partisans in England also—mostly among

the Roman Catholic and Episcopalian High Church elements, but
they were powerless to stem the overwhelming tide of public opinion
against him. Ireland was with him vehemently, except the small
Protestant minority, chiefly resident in Ulster, which was enthusiastic
for William and Mary. Representatives of this active element had
closed the gates of Derry in the face of the Earl of Antrim, when he
demanded the town’s surrender, in the name of the deposed king, in
December, 1688. This incident proved that the Irish Protestants, with
the usual rule-proving exceptions, meant “war to the knife” against
the Catholic Stuart dynasty. Thus civil war, intensified by foreign
intervention, became inevitable.
The towns of Inniskillen, Sligo, Coleraine, and the fort of Culmore,
on the Foyle, either followed the example of Derry, or were seized
without ceremony by the partisans of William and Mary in Ulster and
Connaught. These partisans, headed by Lord Blaney, Sir Arthur
Rawdon, and other Anglo-Irishmen, invited William to come into the
country, “for the maintenance of the Protestant religion and the
dependency of Ireland upon England.” Thus, again, was the
Protestant religion made the pretext of provincializing Ireland, and
because of this identification of it with British supremacy the new
creed has remained undeniably unpopular with the masses of the
Irish people. The latter are very ardent Catholics, as their long and
bloody wars in defence of their faith have amply proven, but while
this statement is undeniable, it can not be denied either that had the
so-called Reformation not been identified with English political
supremacy, it might have made much greater inroads among the
Irish population than it has succeeded in doing. Ireland was treated
not a whit better under the Catholic rulers of England, from 1169 to
the period of Mary I—Henry VIII was a schismatic rather than a
Protestant—than under her Protestant rulers, until James II
appeared upon the scene, and his clemency toward the Irish was
based upon religious rather than national grounds. Even in our own
day, the English Catholics are among the strongest opponents of
Irish legislative independence, and in the category of such
opponents may be classed the late Cardinal Vaughan and the
present Duke of Norfolk.
King James, at the call of the Irish majority, left his French retreat,
and sailed from Brest with a fleet provided by King Louis, which saw
him in safety to memorable Kinsale, where he landed on March 12,
old style, 1689. He was accompanied by about 1,200 veteran troops,
French and Irish, with a sprinkling of royalists, Scotch and English,
and several officers of high rank, including Lieutenant-General De
Rosen, Lieutenant-General Maumont, Major-General De Lery, Major-
General Pusignan, Colonel Patrick Sarsfield, afterward the renowned
Earl of Lucan, and the king’s two natural sons, the Duke of Berwick
and Grand Prior Fitzjames. There came with him also fifteen Catholic
chaplains, most of whom could speak the Gaelic tongue, and these
gentlemen were very useful to him on a mission such as he had
undertaken. The progress of the ill-fated monarch through Ireland,
from Kinsale to Dublin was, in every sense, a royal one. The Irish
masses, ever grateful to any one who makes sacrifices, or who even
appears to make them, in their behalf, turned out in all their
strength. A brilliant cavalcade, headed by the dashing Duke of
Tyrconnel, escorted the king from town to town. His collateral
descent from King Edward Bruce, freely chosen by Ireland early in
the fourteenth century, was remembered. James was, therefore,
really welcomed as King of Ireland. The Irish cared nothing for his
British title. If the choice of the majority of a nation makes regal title
binding, then James II was as truly elected King of Ireland, in 1689,
as Edward Bruce was in 1315. And we make this statement thus
plainly, because it will enable non-Irish and non-Catholic readers to
understand why Catholic Ireland fought so fiercely and devotedly for
an English ruler who had lost his crown in the assertion of Catholic
rights and privileges. There was still another cause for this devotion
of the majority of the Irish people to King James. He had consented
to the summoning of a national Irish parliament, in which
Protestants as well as Catholics were to be represented in due
proportion, and this decision on his part made many of the
Episcopalian Irish either neutral in the civil conflict or active on his
side. The number of such persons as were comprised in the latter
class was comparatively insignificant—just enough to mitigate the
curse of absolute sectarianism in the contest. The Dissenting or non-
conforming Irish were, almost to a unit, hostile to the Jacobite
cause.
 BOOK IV

CHRONICLING IMPORTANT EVENTS IN IRELAND FROM THE

ARRIVAL OF JAMES II IN THAT COUNTRY UNTIL THE DEPARTURE
OF THE DUKE OF BERWICK TO FRANCE AFTER THE FIRST SIEGE
OF LIMERICK, IN 1690
 CHAPTER I
King James in Ireland—Enthusiastic Reception of Him by the Irish People—Military
Operations

N OTHING could exceed the enthusiasm with which the Irish people
welcomed King James. In the cities and towns, flowers were
strewn in his path, corporation officials turned out in their robes of
state, and speeches of welcome were delivered in English or read in
Latin. The entry into Dublin was a magnificent spectacle. The whole
city was in gala dress, and the different trades paraded before him.
Harpers played at the triumphal arches under which he passed.
Beautiful young girls, costumed in pure white, and coroneted with
wreaths, danced the ancient Irish national dance, known as the
Rinka, in the progress of which flowers were profusely scattered by
the fair performers. The religious orders were out in force, a great
cross being borne at their head. The viceroy, lord mayor, and
members of the corporation, on horseback or in carriages, made up
an imposing part of the procession. When he reached the Castle, the
sword of state was presented to him by the Lord Lieutenant, and the
Recorder handed him, according to an old custom, the keys of the
city. “Te Deum” was sung in the Chapel Royal, one of the
architectural creations of the Duke of Tyrconnel. From the flagstaff
on the tower of the Castle itself, floated an Irish national flag, with a
golden harp upon its folds; and on this broad ensign were inscribed
the inspiring and sadly prophetic words, “Now or Never! Now and
Forever!” Wherever the king appeared in public, he was greeted with
enthusiastic shouts, in Gaelic, of “Righ Seamus!—Righ Seamus, Go
Bragh”! (“King James—King James, Forever!”)
The military situation of King James’s adherents in Ireland could
not be called encouraging when he took up his residence in Dublin.
As usual, arms and ammunition were scarce. Some 30,000 men had
volunteered to fight for Ireland, and there were not more than
20,000 stand of arms, all told, to place in their hands. And of this
small supply, fully three-fourths were antiquated and worthless.
While there were, nominally, fifty regiments of infantry enrolled, the
only serviceable regiments of horse were those of Galmoy,
Tyrconnel, and Russell. There was one regiment of dragoons, and of
cannon only eight field-pieces had been collected. The two best-
equipped bodies of Irish troops were the command of General
Richard Hamilton, in Ulster—about 3,000 men; and that of General
Justin McCarthy, Lord Mountcashel, in Munster—slightly more
numerous. Derry and Inniskillen held out for William of Orange, and
notwithstanding some successes of General Hamilton in the North,
there seemed no immediate prospect of reducing them. The
stubborn attitude of Inniskillen delayed the junction of Mountcashel’s
and Hamilton’s forces, which had been ordered by the Duke of
Tyrconnel, commander-in-chief of the Irish army, with General De
Rosen as his second in command. The smaller places occupied by
the Williamite forces were abandoned as being untenable, and the
little garrisons fell back on Londonderry, which had now become the
main objective of the Jacobite army. The military governor, Lundy,
was suspected of being, at heart, a Stuart sympathizer, but he was
soon virtually superseded, first by Governor Baker and afterward by
the celebrated Rev. George Walker, rector of the living of
Donoughmore, to whom history awards the glory of the long,
desperate, brilliant, and successful defence of Derry against the
armies of King James. It is a pity that the ability and bravery
displayed by Dr. Walker have been made causes of political and
religious irritation in the north of Ireland for upward of two
centuries. Lundy, when his authority was defied, escaped from the
city at night, in the disguise of a laborer, and cut no further figure in
Welcome to our website – the ideal destination for book lovers and
knowledge seekers. With a mission to inspire endlessly, we offer a
vast collection of books, ranging from classic literary works to
specialized publications, self-development books, and children's
literature. Each book is a new journey of discovery, expanding
knowledge and enriching the soul of the reade

Our website is not just a platform for buying books, but a bridge
connecting readers to the timeless values of culture and wisdom. With
an elegant, user-friendly interface and an intelligent search system,
we are committed to providing a quick and convenient shopping
experience. Additionally, our special promotions and home delivery
services ensure that you save time and fully enjoy the joy of reading.

Let us accompany you on the journey of exploring knowledge and

personal growth!

ebookultra.com