IEC University

Networking Technology
Summer Internship Report
(June 16th 2014 July 25th 2014)

Summer Training Venue- Centre for

Development of
Advanced Computing,
Mohali, Punjab
Submitted to :by :Mr . Ashutosh Bajpai &
Dhillon & Gargi
Mr . Vijay Kumar

Prepared
Ashish
( CSE )

PREFACE
The report is prepare during industrial training as a part of
summer internship program conducted after the end term of 4 th
semester B.Tech program. This period provided me an opportunity
to give theoretical knowledge a practical implementation. The
report is a result of six weeks industrial training that I underwent
at CDAC, Mohali. Joining CDAC as a trainee gave me an excellent
platform at the onset of my professional carrier.
I whole heartedly thank the organization and especially their
Network Department for provided me an opportunity to work on
the Router, switches (layer 2 and layer 3) & hubs and hence
bringing out the best in me, alongside developing my talents &
improving my skills, not just technically but also laying a firm
foundation for all round personality development. Co-operating
and working with a team helped me explore my potential &
perform better.
This report deals with the network scenario and how the
connection is made in the university and organizations. The report
also includes the pictorial scenario of network using Edraw.

Acknowledgement
It is a great sense of satisfaction and a matter of privilege for me
to work at CDAC, Mohali. I wish to express my heartiest thanks to
CDAC for providing me the opportunity to undergo training in the
esteemed organization. Under such a good environment,
systematic work approach and target oriented task, management
of this division provided me with the much-desired training
experience needed for the future software professional career.
It is my pleasure to thank Mr. Vijay Kumar to whom I owe a lot
giving me an opportunity to pursue my training in this
organization.
I would like to thank Mr. Ashutosh Bajpai my faculty guide, for this
help cooperation and by being interactive during the reviewing of
my project for the various designs and performance issue.

Mr. Vijay Kumar

Bajpai
CDAC, Mohali

Mr. Ashutosh
CDAC, Mohali

My Experience
My experience throughout the training was a big learning curve for my career.
Being with the professionals was a great oppourtunity for me. My utmost effort
was to master the skill to as much extent as it can be. I got hands on experience
this summer ;working on the real equipment during their internships was as
interesting as it can get. The Industrial training programme was exhaustive and
covering the latest in technologies.
The first week we were taught about the basics of Networking which we were
already thorough with, courtesy the excellent faculty and innovative teaching
style of our college. Therefore the first week was a brush upon the ideas which
were somewhat weakened during the holidays.
The second week was a step in the more detailed realms of networking
technologies. We were taken into greater depths of the knowledge pool and we
were allowed to explore n our own the new possibilities and new ways to
overcome our own doubts and questions.
The third and fourth weeks were full of new advanced concepts that were
introduced to us. It was challenging at first, but once we discovered where the
root of all doubt liesit was able to make peace with the new concepts.
The fifth and sixth week consisted of Project Making. It was the time to showcase
everything that we have learnt past four weeks into a single project. We got much
help from our supervisors at CDAC and some co-trainees. The professionalism was
exemplary.
Overall these six weeks have given a new direction to my career and a new
direction as to how to think in the right manner.

ROUTER
A router is a device that forwards data packets between telecommunications
networks, creating an overlay internetwork. A router is connected to two or more
data lines from different networks. When data comes in on one of the lines, the
router reads the address information in the packet to determine its ultimate
destination. Then, using information in its routing table or routing policy, it directs
the packet to the next network on its journey or drops the packet. A data packet is
typically forwarded from one router to another through networks that constitute
the internetwork until it gets to its destination node.
The most familiar type of routers are home and small office routers that simply
pass data, such as web pages and email, between the home computers and the
owner's cable or DSL modem, which connects to the Internet (ISP). However more
sophisticated routers range from enterprise routers, which connect large business
or ISP networks up to the powerful core routers that forward data at high speed
along the optical fiber lines of the Internet backbone.
A router has interfaces for different physical types of network connections, (such
as copper cables, fiber optic, or wireless transmission). It also
contains firmware for different networking protocol standards. Each network
interface uses this specialized computer software to enable data packets to be
forwarded from one protocol transmission system to another.

FUNCTION OF ROUTER
Router Terminology
Routers used to be called "gateways," which is why the term "default gateway"
means the router in your network (see default gateway). In older Novell
terminology, routers were also called "network-layer bridges." For more details on
the routable protocol layer (network layer 3), see OSI model and TCP/IP abc's. See
layer 3 switch, route server, router cluster and routing protocol.

Route Forwarding
Routing tables hold the data for making forwarding decisions. Although this is a
simple example, routing tables become very complex. Static routing uses fixed
tables, but dynamic routing uses
routing protocols that let routers exchange data with each other.

TYPES OF ROUTERS
Enterprise routers
All sizes of routers may be found inside enterprises. The most powerful routers are
usually found in ISPs, academic and research facilities. Large businesses may also
need more powerful routers to cope with ever increasing demands
of intranet data traffic. A three-layer model is in common use, not all of which
need be present in smaller networks.
Access

Linksys by Cisco WRT54GL SoHo Router

A screenshot of the LuCI web interface used by OpenWrt. Here it is being used to
configure Dynamic DNS.
Access routers, including 'small office/home office' (SOHO) models, are located at
customer sites such as branch offices that do not need hierarchical routing of their
own. Typically, they are optimized for low cost. Some SOHO routers are capable of
running alternative free Linux-based firmwares like Tomato, OpenWrt or DD-WRT.

Distribution
Distribution routers aggregate traffic from multiple access routers, either at the
same site, or to collect the data streams from multiple sites to a major enterprise
location. Distribution routers are often responsible for enforcing quality of service
across a WAN, so they may have considerable memory installed, multiple WAN
interface connections, and substantial onboard data processing routines. They
may also provide connectivity to groups of file servers or other external networks.
Security
External networks must be carefully considered as part of the overall security
strategy. Separate from the router may be a firewall or VPN handling device, or
the router may include these and other security functions. Many companies
produced security-oriented routers, including Cisco Systems' PIX and ASA5500
series, Juniper's Netscreen, Watchguard's Firebox, Barracuda's variety of mailoriented devices, and many others.

WORKING OF ROUTER
Routers understand these Ethernet and IP addresses. Routers are primarily
interested in the destination IP address of the packet you are sending to the
router. The router takes this destination (say it is 63.248.129.2) and looks that up
in its routing table. Here is an example of a routing table:
Location-A# show ip route
10.0.0.0/24 is subnetted, 2 subnets
R

10.2.2.0 [120/1] via 63.248.129.2, 00:00:16, Serial0

10.1.1.0 is directly connected, Ethernet0

63.0.0.0/30 is subnetted, 1 subnets

C

63.248.129.0 is directly connected, Serial0

Location-A#
Routes in the routing table are learned from either static routes (entered by you)
or dynamic routes. Using the routing table, the router tries to find the best route
for your traffic. There may be only one route. Often, this is a "default route" (a.k.a.
"gateway of last resort"). The default route just says: "If there are no better routes
to send this traffic, send it here."

Just about every home and small business user has just a single Internet
connection. In that case, they have a default route and all traffic is sent to their
Internet service provider (ISP). In the case of ISPs, however, there may be many
places they can send this traffic. Their routers must compare many hundreds of
thousands of routes and select the best one for your traffic. This happens in
milliseconds. And to get your traffic through the Internet and back, it may pass
through hundreds of routers. To you, it appears almost instantaneously
(depending on many factors).
If it doesn't find a valid route for your traffic, the router discards (yes, throws
away) your traffic and sends an ICMP "destination unreachable" message back to
you. When the router does find the best route and is ready to send your traffic, it
has to do a number of things:
1.

Perform Network Address Translation (NAT). NAT isn't a traditional router

function, but many routers today perform NAT. This is especially true for home
and small business routers that function as "all in one" devices. Many companies
have dedicated firewalls that also perform NAT. With NAT, your private source IP
address is translated into a public source IP address. If the router is performing
PAT (NAT overload), then the public source IP address is shared among many
devices.
2.
Replace your source MAC address with the router's MAC address. The ARP
protocol is used to connect your computer's source MAC address to your IP
address. The ARP protocol is a broadcast-oriented protocol, and routers discard
broadcasts. This means that ARP doesn't work through routers. Because of this,
the router must replace your source MAC address with the router's MAC address.
The router also adds the destination host or next-hop router's MAC address to the
data link header.
3.

Encapsulate the packet for the protocol of the WAN. Routers often perform
protocol conversion. Say, for example, you have a router that has a PPP T1
connection to the Internet and is connected to the LAN using Ethernet. The
Ethernet frames must be de-encapsulated, modified, then re-encapsulated in
Ethernet, then PPP, before they can be sent across the PPP link.
On the other side of the link, the destination router is performing all of these same
tasks, but in reverse. This happens for every packet sent and every response
received.
To see a real production routing table from an ISP, you can telnet to public Cisco
route servers around the world. From here, you can do a show ip route and see
what a real ISP's routing table looks like.

BRIDGES
A bridge connects two or more networks, or segments of the same network. These
networks may use different physical and data link protocols. For example, you can
install a bridge to connect a small lab of Macintosh computers using LocalTalk to
the school's main Ethernet network.
Bridges filter network traffic. They examine each set of data, transmitting only
appropriate data to each connected segment. (Hubs, by contrast, broadcast all
information to each connected computer, whether or not that computer is the
intended recipient.) In this manner, bridges help reduce overall network traffic.
Bridges are relatively simple and efficient traffic regulators. However, in most
networks they
have been replaced by their less expensive or more powerful cousinshubs,
switches, and
routers.
Most bridges operate by examining incoming or outgoing signals for information
at OSI level 2.

Network Switch
A network switch or switching hub is a computer networking device that
connects network segments.
The term commonly refers to a multi-port network bridge that processes and
routes data at the data link layer (layer 2) of the OSI model. Switches that
additionally process data at the network layer (Layer 3) and above are often
referred to as Layer 3 switches or multilayer switches.

Functions of a Switch

The network switch plays an integral part in most modern Ethernet local area
networks (LANs). Mid-to-large sized LANs contain a number of
linked managed switches. Small office/home office (SOHO) applications typically
use a single switch, or an all-purpose converged device such as a gateway to
access small office/home broadband services such as DSL or cable internet. In
most of these cases, the end-user device contains a router and components that
interface to the particular physical broadband technology. User devices may also
include a telephone interface for VoIP.
An Ethernet switch operates at the data link layer of the OSI model to create a
separate collision domain for each switch port. With 4 computers (e.g., A, B, C,
and D) on 4 switch ports, A and B can transfer data back and forth, while C and D
also do so simultaneously, and the two conversations will not interfere with one
another. In the case of a hub, they would all share the bandwidth and run in half
duplex, resulting in collisions, which would then necessitate retransmissions.
Using a switch is called microsegmentation. This allows computers to have
dedicated bandwidth on a point-to-point connections to the network and to
therefore run in full duplex without collisions.

Switches may operate at one or more layers of the OSI model, including data
link, network, or transport (i.e., end-to-end). A device that operates
simultaneously at more than one of these layers is known as a multilayer switch.
In switches intended for commercial use, built-in or modular interfaces make it
possible to connect different types of networks, including Ethernet, Fibre
Channel, ATM, ITU-T G.hn and802.11. This connectivity can be at any of the layers
mentioned. While Layer 2 functionality is adequate for bandwidth-shifting within
one technology, interconnecting technologies such as Ethernet and token ring are
easier at Layer 3.
Interconnection of different Layer 3 networks is done by routers. If there are any
features that characterize "Layer-3 switches" as opposed to general-purpose
routers, it tends to be that they are optimized, in larger switches, for high-density
Ethernet connectivity.
In some service provider and other environments where there is a need for a
great deal of analysis of network performance and security, switches may be
connected between WAN routers as places for analytic modules. Some vendors
provide firewall, network intrusion detection, and performance analysis modules
that can plug into switch ports. Some of these functions may be on combined
modules.

In other cases, the switch is used to create a mirror image of data that can go to
an external device. Since most switch port mirroring provides only one mirrored
stream, network hubscan be useful for fanning out data to several read-only
analyzers, such as intrusion detection systems and packet sniffers.

Layer specific functions

While switches may learn about topologies at many layers, and forward at one or
more layers, they do tend to have common features. Other than for highperformance applications, modern commercial switches use primarily Ethernet
interfaces, which can have different input and output bandwidths of 10, 100, 1000
or 10,000 megabits per second.
At any layer, a modern switch may implement power over Ethernet (PoE), which
avoids the need for attached devices, such as an VoIP phone or wireless access
point, to have a separate power supply. Since switches can have redundant power
circuits connected to uninterruptible power supplies, the connected device can
continue operating even when regular office power fails.

Layer 1(Physical Layer)

A network hub, or repeater, is a simple network device. Hubs do not manage any
of the traffic that comes through them. Any packet entering a port is broadcast
out or "repeated" on every other port, except for the port of entry. Since every
packet is repeated on every other port, packet collisions affect the entire network,
limiting its capacity.
There are specialized applications where a hub can be useful, such as copying
traffic to multiple network sensors. High end switches have a feature which does
the same thing called port mirroring.
By the early 2000s, there was little price difference between a hub and a low-end
switch.

Layer 2(Data Link Layer)

A "layer 2 switch" remains more of a marketing term than a technical term, the products
that were introduced as "switches" tended to use microsegmentation and Full duplex to
prevent collisions among devices connected to Ethernet. By using an internal forwarding
plane much faster than any interface, they give the impression of simultaneous paths
among multiple devices.
Once a bridge learns the topology through a spanning tree protocol, it forwards data link
layer frames using a layer 2 forwarding method. There are four forwarding methods a
bridge can use, of which the second through fourth method were performance-increasing
methods when used on "switch" products with the same input and output port
bandwidths:
1. Store and forward: The switch buffers and verifies each frame before forwarding it.
2. Cut through: The switch reads only up to the frame's hardware address before

starting to forward it. Cut-through switches have to fall back to store and forward if
the outgoing port is busy at the time the packet arrives. There is no error checking
with this method.
3. Fragment free: A method that attempts to retain the benefits of both store and

forward and cut through. Fragment free checks the first 64 bytes of the frame,
where addressinginformation is stored. According to Ethernet specifications,
collisions should be detected during the first 64 bytes of the frame, so frames that
are in error because of a collision will not be forwarded. This way the frame will
always reach its intended destination. Error checking of the actual data in the
packet is left for the end device.
4. Adaptive switching: A method of automatically selecting between the other three

modes.
While there are specialized applications, such as storage area networks, where the input
and output interfaces are the same bandwidth, this is rarely the case in general LAN
applications. In LANs, a switch used for end user access typically concentrates lower
bandwidth (e.g., 10/100 Mbit/s) into a higher bandwidth (at least 1 Gbit/s). Alternatively,
a switch that provides access to server ports usually connects to them at a much higher
bandwidth than is used by end user devices.

Layer 3(Network Layer)

Within the confines of the Ethernet physical layer, a layer 3 switch can perform some or
all of the functions normally performed by a router. The most common layer-3 capability
is awareness of IP multicast through IGMP snooping. With this awareness, a layer-3

switch can increase efficiency by delivering the traffic of a multicast group only to ports
where the attached device has signaled that it wants to listen to that group.

Layer 4(Transport Layer)

While the exact meaning of the term Layer-4 switch is vendor-dependent, it almost
always starts with a capability for network address translation, but then adds some type
of load distribution based on TCP sessions.
The device may include a stateful firewall, a VPN concentrator, or be an IPSec security
gateway.

Layer 5(Session Layer)

The session layer provides the mechanism for opening,closing and managing a session
between end-user application processes,i.e., a semi permanent dialogue.Communication
sessions consist of requests and responses that occur between applications.Sessions
layer services are commonly used in application environments that make use of remote
procedure calls(RPCs).
An example of a session-layer protocol is the OSI protocol suite sessionlayer,implementations include Zone Information Protocol (ZIP) the Apple Talk protocol
that coordinates the name binding process, and session control protocol(SCP)-the
DECnet phase IV session-layer protocol.

Layer 6(Presentation Layer)

Unlike lower layers, which are mostly concerned with moving bits around, the
presentation
layer is concerned with the syntax and semantics of the information transmitted.
In order to make
it possible for computers with different data representations to communicate, the
data structures to
be exchanged can be defined in an abstract way, along with a standard encoding
to be used ''on
the wire.'' The presentation layer manages these abstract data structures and
allows higher-level
data structures (e.g., banking records), to be defined and exchanged.

Layer 7(Application Layer)

Layer 7 switches may distribute loads based on URL or by some installationspecific technique to recognize application-level transactions. A Layer-7 switch
may include a web cacheand participate in a content delivery network.

Types of Switches

Desktop, not mounted in an enclosure, typically intended to be used in a

home or office environment outside of a wiring closet
Rack mounted
Chassis with swappable "switch module" cards. e.g. Alcatel's OmniSwitch
9000; Cisco Catalyst switch 4500 and 6500; 3Com 7700, 7900E, 8800.
DIN rail mounted, normally seen in industrial environments or panels

Configuration based

Unmanaged switches These switches have no configuration interface or

options. They are plug and play. They are typically the least expensive
switches, found in home, SOHO, or small businesses. They can be desktop or
rack mounted.
Managed switches These switches have one or more methods to modify
the operation of the switch. Common management methods include:
a command-line interface (CLI) accessed via serial console, telnet or Secure
Shell, an embedded Simple Network Management Protocol (SNMP) agent
allowing management from a remote console or management station, or a web
interface for management from a web browser. Examples of configuration
changes that one can do from a managed switch include: enable features such
asSpanning Tree Protocol, set port bandwidth, create or modify Virtual
LANs (VLANs), etc

Access Control List

An access control list (ACL), with respect to a computer file system, is a list
of permissions attached to an object. An ACL specifies which users or system
processes are granted access to objects, as well as what operations are allowed

on given objects. Each entry in a typical ACL specifies a subject and an operation.
For instance, if a file has an ACL that contains (Alice, delete), this would give Alice
permission to delete the file.
The Cisco access control list (ACL) is probably the most commonly used object in
the IOS. It is not only used for packet filtering (a type of firewall) but also for
selecting types of traffic to be analyzed, forwarded, or influenced in some way.

Access Control List Types

Cisco ACLs are divided into types. Standard IP, Extended IP,IPX, Appletalk, etc.
Here we will just go over the standard and extended access lists for TCP/IP.
As you create ACLs you assign a number to each list, however, each type of list is
limited to an assigned range of numbers. This makes it very easy to determine
what type of ACL you will be working with.

Standard ACLs:
A standard IP ACL is simple; it filters based on source address only. You can filter
a source network or a source host, but you cannot filter based on the destination
of a packet, the particular protocol being used such as the Transmission Control
Protocol (TCP) or the User Datagram Protocol (UDP), or on the port number. You
can permit or deny onlysource traffic.

Extended ACLs:
An extended ACL gives you much more power than just a standard
ACL. Extended IP ACLs check both the source and destination packet addresses.
They can also check for specific protocols, port numbers, and other parameters,
which allow administrators more flexibility and control.

Named ACLs:
One of the disadvantages of using IP standard and IP extended ACLs is that you
reference them by number, which is not too descriptive of its use. With a named
ACL, this is not the case because you can name your ACL with a descriptive name.
The ACL named DenyMike is a lot more meaningful than an ACL simply numbered
1. There are both IP standard and IP extended named ACLs.
Another advantage to named ACLs is that they allow you to remove individual
lines out of an ACL. With numbered ACLs, you cannot delete individual
statements. Instead, you will need to delete your existing access list and re-create
the entire list.

Activating an Access Control List

Now that you have created these ACLs they are useless until you declare them to
be used in some way. As of right now they are an inactive list doing nothing. Our
next article will coverapplying ACLs on interfaces and how to specify if the ACL is
for incoming or outgoing traffic on that interface.

Universal fact about Access control list

1. ACLs come in two varieties:Numbered and named
2. Each of these references to ACLs supports two types of filtering: standard
and extended.
3. Standard IP ACLs can filter only on the source IP address inside a packet.
4. Whereas an extended IP ACLs can filter on the source and destination IP
addresses in the packet.
5. There are two actions an ACL can take: permit or deny.
6. Statements are processed top-down.
7. Once a match is found, no further statements are processedtherefore,
order is important.
8. If no match is found, the imaginary implicit deny statement at the end of the
ACL drops the packet.
9. An ACL should have at least one permit statement; otherwise, all traffic will
be dropped because of the hidden implicit deny statement at the end of
every ACL.
No matter what type of ACL you use, though, you can have only one ACL per
protocol, per interface, per direction. For example, you can have one IP
ACL inbound on an interface and another IP ACL outbound on an interface, but
you cannot have two inbound IP ACLs on the same interface.
Access List Ranges
Type

Range

IP Standard

199

IP Extended

100199

IP Standard Expanded Range

13001999

IP Extended Expanded Range

20002699

Network Address Translation

In computer networking, network address translation (NAT) is the process of

modifying IP address information in IP packet headers while in transit across a
traffic routing device.
The simplest type of NAT provides a one to one translation of IP addresses. RFC
2663 refers to this type of NAT as basic NAT. It is often also referred to as one-toone NAT. In this type of NAT only the IP addresses, IP header checksum and any
higher level checksums that include the IP address need to be changed. The rest
of the packet can be left untouched (at least for basic TCP/UDP functionality, some
higher level protocols may need further translation). Basic NATs can be used when
there is a requirement to interconnect two IP networks with incompatible
addressing.
However it is common to hide an entire IP address space, usually consisting
of private IP addresses, behind a single IP address (or in some cases a small group
of IP addresses) in another (usually public) address space. To avoid ambiguity in
the handling of returned packets a one-to-many NAT must alter higher level
information such as TCP/UDP ports in outgoing communications and must
maintain a translation table so that return packets can be correctly translated
back. RFC 2663 uses the term NAPT (network address and port translation) for
this type of NAT. Other names include PAT (port address translation), IP
masquerading, NAT Overload and many-to-one NAT. Since this is the most
common type of NAT it is often referred to simply as NAT.
As described, the method enables communication through the router only when
the conversation originates in the masqueraded network, since this establishes
the translation tables. For example, a web browser in the masqueraded network
can browse a website outside, but a web browser outside could not browse a web
site in the masqueraded network. However, most NAT devices today allow the
network administrator to configure translation table entries for permanent use.
This feature is often referred to as "static NAT" or port forwarding and allows
traffic originating in the "outside" network to reach designated hosts in the
masqueraded network.
In the mid-1990s NAT became a popular tool for alleviating the consequences
of IPv4 address exhaustion. It has become a standard, indispensable feature
in routers for home and small-office Internet connections. Most systems using NAT
do so in order to enable multiple hosts on a private network to access
the Internet using a single public IP address
Network address translation has serious drawbacks on the quality of Internet
connectivity and requires careful attention to the details of its implementation. In
particular all types of NAT break the originally envisioned model of IP end-to-end

connectivity across the Internet and NAPT makes it difficult for systems behind a
NAT to accept incoming communications. As a result, NAT traversal methods have
been devised to alleviate the issues encountered
Methods of Port translation
There are several ways of implementing network address and port translation. In
some application protocols that use IP address information, the application
running on a node in the masqueraded network needs to determine the external
address of the NAT, i.e., the address that its communication peers detect, and,
furthermore, often needs to examine and categorize the type of mapping in use.
Usually this is done because it is desired to set up a direct communications path
(either to save the cost of taking the data via a server or to improve performance)
between two clients both of which are behind separate NATs. For this purpose,
the Simple traversal of UDP over NATs (STUN) protocol was developed (RFC 3489,
March 2003). It classified NAT implementation as full cone NAT, (address)
restricted cone NAT, port restricted cone NAT or symmetric NAT and proposed a
methodology for testing a device accordingly. However, these procedures have
since been deprecated from standards status, as the methods have proven faulty
and inadequate to correctly assess many devices. New methods have been
standardized in RFC 5389 (October 2008) and the STUN acronym now represents
the new title of the specification: Session Traversal Utilities for NAT.

Advantages of PAT
In addition to the advantages provided by NAT:

PAT (Port Address Translation) allows many internal hosts to share a single
external IP address.
Users who do not require support for inbound connections do not consume
public IP addresses.

Project Report
Project

Name

Simulation of IEC Campus

Network
Concepts used
1. DHCP
Short for Dynamic Host Configuration Protocol, a protocol for assigning
dynamic IP addresses to devices on a network. With dynamic addressing, a
device can have a different IP address every time it connects to the network.
In some systems, the device's IP address can even change while it is still
connected. DHCP also supports a mix of static and dynamic IP addresses.
Dynamic addressing simplifies network administration because the software
keeps track of IP addresses rather than requiring an administrator to
manage the task. This means that a new computer can be added to a
network without the hassle of manually assigning it a unique IP address.
Many ISPs use dynamic IP addressing for dial-up users .

2.VLAN
Short for virtual LAN, a network of computers that behave as if they are
connected to the same wire even though they may actually be physically
located on different segments of a LAN. VLANs are configured through
software rather than hardware, which makes them extremely flexible. One of
the biggest advantages of VLANs is that when a computer is physically
moved to another location, it can stay on the same VLAN without any
hardware reconfiguration.

3.VTP
VTP is a VLAN Trunking protocol.It is a Layer 2 Messageing Protocol. We need
it for :1. For Low Administration.
2. Securty.
Its function is to pass information Of VLAN into a VTP Domain. VTP stands for
Vlan Trunking Protocal. Its used for saving time if multiple switches having
same vlan to configure.
There are 3 parts
1) Client
2) Server
3) Transparent

4.IP Routing
IP Routing is an umbrella term for the set of protocols that determine the
path that data follows in order to travel across multiple networks from its
source to its destination. Data is routed from its source to its destination
through a series of routers, and across multiple networks. The IP Routing
protocols enable routers to build up a forwarding table that correlates final
destinations with next hop addresses.
These protocols include:

OSPF (Open Shortest Path First)

RIP (Routing Information Protocol)

EIGRP (Enhanced interior gateway routing protocol)

5.ACL
An access control list (ACL) is a table that tells a computer operating system
which access rights each user has to a particular system object, such as a
file directory or individual file. Each object has a security attribute that
identifies its access control list. The list has an entry for each system user
with access privileges. The most common privileges include the ability to
read a file (or all the files in a directory), to write to the file or files, and to
execute the file (if it is an executable file, or program). Microsoft Windows
NT/2000, Novell's NetWare, Digital's OpenVMS, and UNIX-based systems are

among the operating systems that use access control lists. The list is
implemented differently by each operating system.

6.NAT
Short for Network Address Translation, an Internet standard that enables a
local-area network (LAN) to use one set of IP addresses for internal traffic
and a second set of addresses for external traffic.

7.PAT
Short for Port Address Translation, a type of network address translation.
During PAT, each computer on LAN is translated to the same IP address, but
with a different port number assignment.

Scenario
The simulation of IEC network has been done in the project. An overview of the
total network can be seen in the image belowScenario in packet tracer will be like this:

CONFIGURATION OF DHCP

CONFIGURATION OF HTTP

CONFIGURATION OF DNS

Configuration of FTP :-

Configuration of mail server

Bibliography
1. Study material provided during training.
2. www.wikipedia.com
3. www.google.com