Académique Documents
Professionnel Documents
Culture Documents
2
3
CCNA Exam
Exam Number – 200-125
Total Marks - 1000
Duration – 90 Mts
Passing score – 825
Questions -45-55
Multiple Choice
Simulations
Drag and Drop
4
5
Note
7
Data Networks
9
Networking Devices
Network devices include all the devices that connect the end-
user devices together to allow them to communicate.
10
Network Interface Card
11
Hub
Connects a group of Hosts
12
Switch
13
Router
Routers are used to connect networks together
Route packets of data from one network to another
Cisco became the de facto standard of routers because of their high-
quality router products
Routers, by default, break up a broadcast domain
14
Network Topologies
Network topology defines the structure of the network.
15
Bus Topology
A bus topology uses a single backbone cable that is
terminated at both ends.
16
Ring Topology
A ring topology connects one host to the next and the last
host to the first.
17
Star Topology
A star topology connects all cables to a central point of
concentration.
18
Extended Star Topology
An extended star topology links individual stars together by
connecting the hubs and/or switches.This topology can extend
the scope and coverage of the network.
19
Mesh Topology
A mesh topology is implemented to provide as much
protection as possible from interruption of service.
Each host has its own connections to all other hosts.
Although the Internet has multiple paths to any one
location, it does not adopt the full mesh topology.
20
Physical and Logical Topology
21
LANs, MANs, & WANs
23
WANs
24
Virtual Private Network
A VPN is a private network that is constructed within a public network
infrastructure such as the global Internet. Using VPN, a telecommuter
can access the network of the company headquarters through the
Internet by building a secure tunnel between the telecommuter’s PC
and a VPN router in the headquarters.
25
Bandwidth
26
Measuring Bandwidth
27
Internetworking Devices
28
What Are The Components Of A
Network ?
Home Mobile
Office Users
Internet
Distribution
Layer
Access
Layer
30
Institute of Electrical and Electronics
Engineers (IEEE) 802 Standards
IEEE 802.1: Standards related to network management.
IEEE 802.2: General standard for the data link layer in the OSI
Reference Model. The IEEE divides this layer into two sublayers --
the logical link control (LLC) layer and the media access control
(MAC) layer.
IEEE 802.3: Defines the MAC layer for bus networks that use
CSMA/CD. This is the basis of the Ethernet standard.
IEEE 802.4: Defines the MAC layer for bus networks that use a
token-passing mechanism (token bus networks).
To address the problem of networks increasing in size and in number, the
International Organization for Standardization (ISO) researched many
network schemes and recognized that there was a need to create a network
model
33
Don’t Get Confused.
34
Network Model
• Reduce complexity
• Standardize interfaces
• Assist understanding
• Promote rapid product development
• Support interoperability
• Facilitate modular engineering
35
The OSI Reference Model
36
OSI Model
Application
Application
(Upper) Presentation
Layers
Session
Transport
Network
Data Flow
Layers
Data-Link
Physical
37
Layer 7 - The Application Layer
39
Layer 5 - The Session Layer
42
Layer 4 - The Transport Layer
43
TCP/IP
Flow control
Windowing
44
TCP/IP
Acknowledgement
Three-Way Handshake
45
Most common port address
• FTP Data – 20 FTP Control – 21
• SSH – 22
• Telnet – 23
• SMTP – 25
• DNS – 53 (also uses UDP)
• HTTP – 80
• POP3 – 110
• SNMP – 161/162
• TFTP – 69
• TLS/SSL – 443
46
UDP
• Uses port address
• Limited error checking
• Unreliable and connections less
• No flow control mechanism
• Requires socket address
• Little overhead and offers fast delivery
47
TCP
• Use port number
• Uses socket number
• Use checksum field – for error checking
• Uses window sizing
• Uses buffering
• Reliable – flow control / acknowledgment
48
Layer 3 - The Network Layer
Sometimes referred to as the “Cisco Layer”.
7 Application Best effort
Provide logical addressing that routers use for
6 Presentation path determination
packets are encapsulated
5 Session Internetwork Communication
Packet forwarding
4 Transport Packet Filtering
Makes “Best Path Determination”
3 Network ARP, RARP, ICMP (ping, tracert/traceroute) and
ProxyArp
2 Data Link •ICMP is a protocol used to report problems or
issues with IP packets (or datagrams) on a
network.
1 Physical
PDU – Packets – IP/IPX
49
ping output
7 Application
6 Presentation
5 Session This is the physical media
through which the data,
4 Transport represented as electronic signals,
3 Network is sent from the source host to
the destination host.
2 Data Link
Move bits between devices
1 Physical Encoding
PDU - Bits
54
Physical layer
• There are three basic forms of network media on which
data is represented:
– Copper cable
– Fiber
– Wireless (IEEE 802.11)
Transport Segment
TCP Header Upper-Layer Data
Network Packet
IP Header Data
Physical Bits
0101110101001000010
57
Data Encapsulation
58
59
Summary
60
OSI Model Analogy
Application Layer - Source Host
68
OSI Model Analogy
Network Layer - Destination
74
Type of Transmission
Unicast
Multicast
Broadcast
75
Type of Transmission
76
Broadcast Domain
A group of devices receiving broadcast frames
initiating from any device within the group
77
Collision
The effect of two nodes sending transmissions
simultaneously in Ethernet. When they meet on the
physical media, the frames from each node collide and
are damaged.
78
Collision Domain
The network area in Ethernet over which frames
that have collided will be detected.
Collisions are propagated by hubs and repeaters
Collisions are Not propagated by switches,
routers, or bridges
79
Physical Layer
Defines
• Media type
802.3
Physical
• Connector type
• Signaling type
802.3 is responsible for LANs based on the carrier sense multiple access
collision detect (CSMA/CD) access methodology. Ethernet is an example
of a CSMA/CD network.
80
Physical Layer:
Ethernet/802.3
10Base2—Thin Ethernet
10Base5—Thick Ethernet
Host
Hub
10BaseT—Twisted Pair
Hosts
81
Device Used At Layer 1
Physical
A B C D
83
Layer 2
MAC Layer—802.3
Number of Bytes 8 6 6 2 Variable 4
Preamble Destination Address Source Address Length Data FCS
Ethernet II
uses “Type”
0000.0C xx.xxxx here and
does not use
IEEE Assigned Vendor 802.2.
Assigned
MAC Address
synchronize senders and receivers
84
Devices On Layer 2
(Switches & Bridges)
Data-Link
1 2 3 4 OR 1 2
Switch
Memory
• Each segment is its
own collision domain.
• Broadcasts are
forwarded to all
segments.
86
Layer 3 : Network Layer
Network
• Defines logical IP, IPX
source and
destination
Data-Link
addresses 802.2
associated with a
specific protocol
• Defines paths
Physical
802.3
EIA/TIA-232
through network V.35
87
Layer 3 : (cont.)
Logical
Address
172.15.1.1
Network Node
Route determination occurs at this layer, so a packet must include a source and
destination address.
Network-layer addresses have two components: a network component for
internetwork routing, and a node number for a device-specific address. The
example in the figure is an example of an IP packet and address.
88
Layer 3 (cont.)
Address Mask
172.16.122.204 255.255.0.0
172 16 122 204
Binary
Address 10101100 00010000 01111010 11001100
255 255 0 0
Binary
Mask 11111111 11111111 00000000 00000000
Network Host
89
Device On Layer 3
Router
• Broadcast control
• Multicast control
• Optimal path
determination
• Traffic management
• Logical addressing
• Connects to WAN
services
90
Layer 4 : Transport Layer
• Distinguishes between
upper-layer applications
Transport
• Establishes end-to-end
connectivity between TCP UDP SPX
applications
• Defines flow control
Network
IP IPX
• Provides reliable or
unreliable services for
data transfer
91
Reliable Service
Sender Receiver
Synchronize
Acknowledge, Synchronize
Acknowledge
Connection Established
Data Transfer
(Send Segments)
92
How They Operate
Hub Bridge Switch Router
Collision Domains:
1 4 4 4
Broadcast Domains:
1 1 1 4
93
94
Why Another Model?
96
97
OSI OSI Layer TCP TCP/IP Layer Encapsul
# Name / IP# Name . Units .
7 application 4 application data
6 presentation 4 application data
5 session 4 application data
4 transport 3 transport segment
3 network 2 internet packet
2 Data link 1 Netw. access frame
1 physical 1 Netw. access bits
Do not plot harm against your
neighbor , who lives trustfully near
Well this has been fun !!
TCP Segment Format
Bit 0 Bit 15 Bit 16 Bit 31
Options (0 or 32 if Any)
Data (Varies)
100
Port Numbers
F T S D T S R
T E M N F N I
Application P
P L T S T M
Layer
N P P P
E
T
101
TCP Port Numbers
Source Destination
…
Port Port
Telnet Z
Host A Host Z
102
TCP Port Numbers
103
TCP Three-Way
Handshake/Open Connection
Host A Host B
Send SYN
1 (seq = 100 ctl = SYN)
SYN Received
104
Opening & Closing Connection
105
Windowing
• Windowing in networking means the quantity of data
segments which is measured in bytes that a machine can
transmit/send on the network without receiving an
acknowledgement
106
TCP Simple Acknowledgment
Sender Receiver
Send 1
Receive 1
Send ACK 2
Receive ACK 2
Send 2
Receive 2
Send ACK 3
Receive ACK 3
Send 3
Receive 3
I just
sent number I just got number
11. 11, now I need
number 12.
109
Windowing
110
Transport Layer Reliable Delivery
111
Flow Control
Another function of the transport layer is to provide
optional flow control.
SEQ 3072
113
User Datagram Protocol (UDP)
115
TCP vs UDP
116
IP Datagram
Bit
1 0 Bit 15 Bit 16 Bit 31
Version Header Priority &Type
(4) Length (4) Total Length (16)
of Service (8)
Flags
Identification (16) (3) Fragment Offset (13)
Options (0 or 32 if Any)
117
Protocol Field
Transport
TCP UDP
Layer
6 17 Protocol
Numbers
Internet
Layer IP
172.16.3.1 172.16.3.2
IP: 172.16.3.2
Ethernet: 0800.0020.1111
• Map IP MAC
• Local ARP 119
Reverse ARP
I heard that
broadcast.
What is
Your IP
my IP
address is
address?
172.16.3.25.
Ethernet: 0800.0020.1111
IP: 172.16.3.25
• Map MAC IP
120
121
Origin of Ethernet
122
10 Mbps IEEE Standards - 10BaseT
123
Twisted Pair Cables
Baseband Transmission
Entire channel is used to transmit a single digital signal
Complete bandwidth of the cable is used by a single signal
The transmission distance is shorter
The electrical interference is lower
Broadband Transmission
Use analog signaling and a range of frequencies
Continuous signals flow in the form of waves
Support multiple analog transmission (channels)
SHARED
127
Straight-through cable
128
Straight-through cable pinout
129
Crossover cable
130
Crossover cable
131
Rollover cable
132
Rollover cable pinout
133
Console cable
134
135
Outline
• Introduction
– Ethernet Cable
– Category
• How to wire
– Straight through
– Crossover
• Reference
Cat5e cable
2019/3/31 Ethernet Cable http://www.cat5ecable.co.u 139
k/
Ethernet Cable
Color Pin (T568B)
White/Orange 1
Orange 2
White/Green 3
Blue 4
White/Blue 5
Green 6
White/Brown 7
Brown 8
1 2345 678
Host A Host B
Pin Usage Color Color Usage Pin
1 Tx+ Tx+ 1
2 Tx- Tx- 2
3 Rx+ Rx+ 3
4 -- -- 4
5 -- -- 5
6 Rx- Rx- 6
7 -- -- 7
8 -- -- 8
Host A Host B
Pin Usage Color Color Usage Pin
1 Tx+ Tx+ 1
2 Tx- Tx- 2
3 Rx+ Rx+ 3
4 -- -- 4
5 -- -- 5
6 Rx- Rx- 6
7 -- -- 7
8 -- -- 8
• Cat5e Cable
http://www.cat5ecable.co.uk/
156
Using putty
157
using a USB-to-rollover cable
158
using HyperTerminal
159
Router Modes
• User Mode:-has a very limited set of commands
Router>
• Privileged mode or Privileged Exec mode
Router>enable
Router#
• Global Configuration Mode:-
• Router#config
• Configuring from terminal, memory, or network[terminal]? ← press
• Enter
• Enter configuration commands, one per line. End with CNTL/Z.
• Router(config)# 160
Router modes
• Interface Configuration Mode
Router(config)#interface Serial0
Router(config-if)#
161
enter Initial Configuration mode
162
The Router Boot-up Text
163
Configuring a Router
164
CONFIGURING A ROUTER
Router#cl?
clear clock
Router#copy ru ← press the Tab key here
Router#copy running-config
Show Commands
165
Show command
166
Show command
167
Show history
168
Show memory
169
Show Version
• Type of router (another useful command for
listing the router hardware is show inventory)
• IOS version
• Memory capacity
• Memory usage
• CPU type
• Flash capacity
• Other hardware parameters
• Reason for last reload
170
Show version
171
Show run
• The show running-config command
provides full configuration on the router,
and it can be used to verify that the device
is configured with the proper features.
172
Lab 1
• 1. Use a console cable, along with PuTTY
(free online; search for “PuTTY”), to
connect to a router console port
• exploring various router modes and
commands
• Configure the clock
• Configure various passwords
• Configure banner
• Configure telnet access 173
Thank you
for your
time !
شكرا
جزاكم هللا خير
Today what will be covered
• Distinguish between collision and
broadcast domain
• Router boot process
• Binary conversion to decimal and hex-
decimal ( vice versa)
• IP address
– Classes
– Identifying network and host section
– Subnet mask 175
– Classless
Router
177
Router inside parts
178
Router external parts
179
Router internal componets
• CPU - executes instructions in the operating system
• RAM - used for routing table information, fast switching cache,
running configuration, and packet queues
• Flash - used for storage of a full Cisco IOS software image
• NVRAM - used to store the startup configuration
• CPU bus - used by the CPU for accessing components from router
storage
• system bus - used for communication between the CPU and the
interfaces and/or expansion slots
• ROM - used for permanently storing startup diagnostic code
• Interfaces - the router connections to the outside
• 180
Power supply - provides the necessary power to operate the internal
components
Internal Components
185
Modem connection ( old timer)
186
Boot sequence
187
Router#show interfaces
Router#show version Router#show flash
Interfaces
Backup
Operating
Configuration
File Systems
Active Tables
Programs Configuration and
File Buffers
Router#show mem
Router#show processes CPU
Router#show stacks
Router#show protocols
Router#show buffers
189
Locating the cisco IOS
190
Software componets
191
Fields in the IOS
192
Cisco IOs
• Carrying network protocols and functions
• Connecting high-speed traffic between devices
• Adding security to control access and stop
unauthorized network use
• Providing scalability for ease of network growth
and redundancy
• Supplying network reliability for connecting to
network resources
• Note : new ISR routers use cisco as the
username and cisco as the password by default. 193
• Outbound --- out of network aux using
modem , console
• Inbound --- within network using telnet,
web browser
• SDM is a Web-based device-management
tool for Cisco routers that can help you
configure a router via a web console.
194
Router user interface
195
Router user interface modes
196
Command line
197
Configuring passwords
198
Configuring interface
200
Verifying your configurations
Tools:
– show running-config
– show startup-config
– ping
– show cdp nei detail
– trace
– telnet
201
more verifications
• Verifying with the show interface
command
– Router#show interface ?
• Verifying with the show ip interface
command
– Router#show ip interface
– Router#show ip interface brief
– Router#show controllers
202
• Connecting to a router
• Bringing up a router
• Setting hostnames
• Setting banners
• Setting passwords
204
Router-Command History
• Command Meaning
• Ctrl+P or up arrow Shows last command entered
• Ctrl+N or down arrow Shows previous
commands entered
• show history Shows last 10 commands entered
by default
• show terminal Shows terminal configurations
and history buffer size
• terminal history size Changes buffer size (max
256) 205
Decimal to Binary
172
172 – Base 10
1 2
100 = 1
10 70 101 = 10
100 100 102 = 100
1000
172 103 = 1000
10101100
20 = 1
21 = 2
10101100– Base 2 0
1
2 0 22 = 4
4 4 23 = 8
8
8
16 0
24 = 16
32 32 25 = 32
64 0 26 = 64
128 128
27 = 128
172
206
Binary octet
• An octet is made up of eight “1”s and “0”s, representing
the following values:
• 128 64 32 16 8 4 2 1
207
208
Base 2 Number System
101102 = (1 x 24 = 16) + (0 x 23 = 0) + (1 x 22 = 4) +
(1 x 21 = 2) + (0 x 20 = 0) = 22
209
Converting Decimal to Binary
0 0 0 0 0 0 0 0 = 0
1 0 0 0 0 0 0 0 = 128
1 1 0 0 0 0 0 0 = 192
1 1 1 0 0 0 0 0 = 224
1 1 1 1 0 0 0 0 = 240
1 1 1 1 1 0 0 0 = 248
1 1 1 1 1 1 0 0 = 252
1 1 1 1 1 1 1 0 = 254
1 1 1 1 1 1 1 1 = 255 211
Binary to Decimal Chart
212
Hex to Binary to Decimal Chart
213
IP Address Breakdowns:
• The class of the address determines, by default,
which part is for the network (N) and which part
belongs to the node (n)
Class A:
NNNNNNNN.nnnnnnnn.nnnnnnnn.nnnnnnnn
Class B:
NNNNNNNN.NNNNNNNN.nnnnnnnn.nnnnnnnn
Class C:
NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn
214
There are 5 different address
classes
• Only 3 are in commercial use at this time.
• You can determine the class of the address by looking at
the first 4 bits of the IP address:
– Class A begin with 0xxx, or 1 to 126 decimal
– Class B begin with 10xx, or 128 to 191 decimal
– Class C begin with 110x, or 192 to 223 decimal
– Class D begin with 1110, or 224 to 239 decimal
– Class E begin with 1111, or 240 to 254 decimal
215
example a Class B address
216
Default mask
217
Default class
218
Reserved Addresses on a
Subnet:
• In order to specify the Network Address of a
given IP address, the node portion is set to all
“0”s:
– 140.179.0.0
219
Introduction to TCP/IP
Addresses
172.18.0.1 172.16.0.1
172.18.0.2 172.16.0.2
HDR SA DA DATA
10.13.0.0 192.168.1.0
10.13.0.1 172.17.0.1 172.17.0.2 192.168.1.1
1
128
64
32
16
8
4
2
2
128
64
32
16
8
4
1
16
8
4
128
64
32
8
4
2
1
128
64
32
16
2
1
Example
Decimal 172 16 122 204
Example 10101100 00010000 01111010 11001100
Binary 221
IP Address Classes
•Class D: Multicast
•Class E: Research
222
IP Address Classes
Bits: 1 8 9 16 17 24 25 32
0NNNNNNN Host Host Host
Class A:
Range (1-126)
Bits: 1 8 9 16 17 24 25 32
10NNNNNN Network Host Host
Class B:
Range (128-191)
1 8 9 16 17 24 25 32
Bits:
110NNNNN Network Network Host
Class C:
Range (192-223)
1 8 9 16 17 24 25 32
Bits:
1110MMMM Multicast Group Multicast Group Multicast Group
Class D:
Range (224-239)
223
Host Addresses
172.16.2.2 10.1.1.1
10.6.24.2
E1
172.16.3.10 E0 10.250.8.11
172.16.2.1
172.16.12.12 10.180.30.118
Routing Table
172.16 . 12 . 12 Network Interface
Network Host 172.16.0.0 E0
10.0.0.0 E1
224
Classless Inter-Domain Routing
(CIDR)
• Basically the method that ISPs (Internet Service
Providers) use to allocate an amount of
addresses to a company, a home
• Ex : 192.168.10.32/28
• The slash notation (/) means how many bits are
turned on (1s) for subnet mask
225
CIDR Values
226
Determining Available Host
Addresses
Network Host
172 16 0 0
N
13
4
16
15
14
12
11
10
9
8
7
6
5
3
2
1
10101100 00010000 00000000 00000000 1
00000000 00000001 2
00000000 00000011 3
...
...
...
11111111 11111101 65534
11111111 11111110 65535
11111111 11111111 65536
– 2
2N – 2 = 216 – 2 = 65534 65534
227
IP Address Classes Exercise
10.2.1.1
128.63.2.100
201.222.5.64
192.6.141.2
130.113.64.16
256.241.201.10
228
IP Address Classes Exercise
Answers
256.241.201.10 Nonexistent
229
Subnetting
230
Formula
Number of subnets – 2x-2
Where X = number of bits borrowed
231
Subnetting
Classful IP Addressing SNM are a set of 255’s and 0’s.
In Binary it’s contiguous 1’s and 0’s.
SNM cannot be any value as it won’t follow the rule of
contiguous 1’s and 0’s.
Possible subnet mask values
– 0
– 128
– 192
– 224
– 240
– 248
– 252
– 254
– 255
232
Addressing Without Subnets
…...
172.16.0.0
172.16.3.0
172.16.4.0
172.16.1.0 172.16.2.0
172.16.2.160 172.16.3.150
172.16.2.160 172.16.3.150
IP
Address
172 16 0 0
Network Host
Default
Subnet
Mask
255 255 0 0
11111111 11111111 00000000 00000000
• Also written as “/16,” where 16 represents the number of 1s
in the mask
Network Subnet Host
8-Bit
Subnet 255 255 255 0
Mask
• Also written as “/24,” where 24 represents the number of
1s in the mask 237
Subnet Mask Without Subnets
Network Host
Network
172 16 0 0
Number
255
128
192
224
240
248
252
254
Network
Number 172 16 2 0
255
255
128
192
224
240
248
252
254
128
192
224
240
248
252
254
Network
Number 172 16 2 128
172.16.2.10 255.255.255.0
10.6.24.20 255.255.240.0
10.30.36.12 255.255.255.0
241
Subnet Mask Exercise Answers
242
Subnet Masking (continued)
243
244
Subnet Masking (continued)
245
Broadcast Addresses
172.16.3.0
172.16.4.0
172.16.1.0
172.16.3.255 172.16.2.0
(Directed Broadcast)
255.255.255.255
(Local Network Broadcast)
X
172.16.255.255
(All Subnets Broadcast)
246
Addressing Summary Example
172 16 2 160
3
172.16.2.160 10101100 00010000 00000010 10100000 Host 1
192.168.5.16
Other
Subnets
192.168.5.32 192.168.5.48
249
Class C Subnet Planning
Example
IP Host Address: 192.168.5.121
Subnet Mask: 255.255.255.248
Network Network Network Subnet Host
? – SNM
? – Block Size
?- Subnets
251
Exercise
• /27
? – SNM – 224
? – Block Size = 256-224 = 32
?- Subnets
? – SNM
? – Block Size
?- Subnets
253
Exercise
• /30
? – SNM – 252
? – Block Size = 256-252 = 4
?- Subnets
257
Exercise
192.168.10.54 /29
Mask ?
Subnet ?
Broadcast ?
258
Exercise
192.168.10.130 /28
Mask ?
Subnet ?
Broadcast ?
259
Exercise
192.168.10.193 /30
Mask ?
Subnet ?
Broadcast ?
260
Exercise
192.168.1.100 /26
Mask ?
Subnet ?
Broadcast ?
261
Exercise
192.168.20.158 /27
Mask ?
Subnet ?
Broadcast ?
262
Class B
172.16.0.0 /19
Subnets ?
Hosts ?
Block Size ?
263
Class B
172.16.0.0 /19
Subnets 23 -2 = 6
Hosts 213 -2 = 8190
Block Size 256-224 = 32
264
Class B
172.16.0.0 /27
Subnets ?
Hosts ?
Block Size ?
265
Class B
172.16.0.0 /27
Subnets 211 -2 = 2046
Hosts 25 -2 = 30
Block Size 256-224 = 32
266
Class B
172.16.0.0 /23
Subnets ?
Hosts ?
Block Size ?
267
Class B
172.16.0.0 /23
Subnets 27 -2 = 126
Hosts 29 -2 = 510
Block Size 256-254 = 2
268
Class B
172.16.0.0 /24
Subnets ?
Hosts ?
Block Size ?
269
Class B
172.16.0.0 /24
Subnets 28 -2 = 254
Hosts 28 -2 = 254
Block Size 256-255 = 1
270
Class B
172.16.0.0 /25
Subnets ?
Hosts ?
Block Size ?
271
Class B
172.16.0.0 /25
Subnets 29 -2 = 510
Hosts 27 -2 = 126
Block Size 256-128 = 128
272
Find out Subnet and Broadcast
Address
• 172.16.85.30/29
274
Find out Subnet and Broadcast
Address
• 172.30.101.62/23
275
Find out Subnet and Broadcast
Address
• 172.20.210.80/24
276
Exercise
• Find out the mask which gives 100
subnets for class B
277
Exercise
• Find out the Mask which gives 100 hosts
for Class B
278
Class A
10.0.0.0 /10
Subnets ?
Hosts ?
Block Size ?
279
Class A
10.0.0.0 /10
Subnets 22 -2 = 2
Hosts 222 -2 = 4194302
Block Size 256-192 = 64
280
Class A
10.0.0.0 /18
Subnets ?
Hosts ?
Block Size ?
281
Class A
10.0.0.0 /18
Subnets 210 -2 = 1022
Hosts 214 -2 = 16382
Block Size 256-192 = 64
282
Broadcast Addresses Exercise
201.222.10.60 255.255.255.248
15.16.193.6 255.255.248.0
128.16.32.13 255.255.255.252
153.50.6.27 255.255.255.128
283
Broadcast Addresses Exercise
Answers
284
VLSM
• VLSM is a method of designating a different subnet
mask for the same network number on different subnets
285
Variable Length Subnetting
VLSM allows us to use one class C address to
design a networking scheme to meet the
following requirements:
Addis Ababa 60 Hosts
Dessie 28 Hosts
Jimma 12 Hosts
Hawassa 12 Hosts
WAN 1 2 Hosts
WAN 2 2 Hosts
WAN 3 2 Hosts
286
Networking Requirements
Addis Ababa 60
WAN 2
WAN 1
WAN 3
Jimma 60 Hawassa 60
Dessie 60
In the example above, a /26 was used to provide the 60 addresses
for Addis Ababa and the other LANs. There are no addresses left for
WAN links 287
Networking Scheme
Dessie 192.168.10.64/27
28
192.168.10.128/30 192.168.10.132/30
2 2
2 WAN 192.198.10.137 and 138
192.168.10.136/30
60 12 12
25
192.168.1.0
289
VLSM Exercise
192.168.1.8/30 192.168.1.16/28
192.168.1.64/26
12
2
40 2
2
192.168.1.12/30
192.168.1.4/30
25
192.168.1.32/27
192.168.1.0
290
VLSM Exercise
2
8 5
2
2
2
35
15
192.168.1.0
291
excercise
292
Answer
293
Summarization
• Summarization, also called route aggregation, allows
routing protocols to advertise many networks as one
address.
• The purpose of this is to reduce the size of routing tables
on routers to save memory
• Route summarization (also called route aggregation or
supernetting) can reduce the number of routes that a
router must maintain
• Route summarization is possible only when a proper
addressing plan is in place
• Route summarization is most effective within a
subnetted environment when the network addresses are
in contiguous blocks
294
Subnetting Formulas
(continued)
295
Subnetting Formulas
(continued)
296
Summarization
297
Supernetting
298
Supernetting
172.16.12.0/24
172.16.13.0/24 172.16.12.0/22
172.16.14.0/24
172.16.15.0/24 299
Supernetting Question
What is the most efficient summarization that TK1 can use to advertise its
networks to TK2?
A. 172.1.4.0/24172.1.5.0/24172.1.6.0/24172.1.7.0/24
B. 172.1.0.0/22
C. 172.1.4.0/25172.1.4.128/25172.1.5.0/24172.1.6.0/24172.1.7.0/24
D. 172.1.0.0/21
E. 172.1.4.0/22
300
Thank you
for your
time !
شكرا
جزاكم هللا خير
Today’s topic
• Routing table
• Explain routing protocol
302
Routing table
• Routing Table is stored in ram and contains information
about:
Directly connected networks - this occurs when a
device is connected to another router interface
Remotely connected networks - this is a network that
is not directly connected to a particular router
Detailed information about the networks include
source of information, network address & subnet
mask, and Ip address of next-hop router
Router match the most specific address
• Show ip route command is used to view a routing table
303
Routing table
• Note: at network layer the destination address is examined
– a. If the destination address is router ‘s interface or an all-
hosts broadcast address -> to internal process
– b. Any other address calls for routing do route table
lookup
at its essence,
is concerned
with forwarding packets
from their source on one subnet
318
Comparing routing protocol
• Scalability
• Vendor interoperability
• IT staff’s familiarity with protocol
• Speed of convergence
• Capability to perform summarization
• Interior or exterior routing
• Type of routing protocol
Classification of Routing protocol
A. Static routing (including default route)
B. Dynamic routing
A. Interior (CCNA)
B. Exterior (CCNP)
320
Static route
• When to use static routes
– When network only consists of a few routers
– Network is connected to internet only through
one ISP
– Hub & spoke topology is used on a large
network
321
Modifying static route
• Des. Network is no longer exists
• Change in topology
322
Routing Table Structure
• Connected and Static routes
Default route
• Used to represent all routes with zero or
no bits matching
• No routes that have a more specific match
• In case of stub networks
• Note
– Default routes are used when the router
cannot match a destination network with a
specific entry in the routing table
324
Checking routing table
325
Floating static
Floating static = backup route only used if primary
path
(link) fails
AA(config)#ip route 10.1.3.0 255.255.255.192 se 2/0
AA(config)#ip route 10.1.3.0 255.255.255.192 se 3/0 50
Multiple paths toward destination network with equal AD implies Load sharing(ba
“what did he know when did he know
it”
• When troubleshooting routing problems
– What does the router know?
– How long has the information been in the route table?
– Dose the router know to reach the destination in question?
– Is the information in the route table accurate ?
– Use show ip route , ping , tratceroute ( tracert)
Level 2
Level 1 Child route
Parent route Subnet of
Added when child classful
route is added network
No exit information
328
Routing source
• Routing sources
• Directly connected
Build up routing
networks
table
• Static routes Can use several
sources
• Classful routing protocols
RIPv1,
• Classless routing protocols
RIPv2, EIGRP, OSPF,
329
Routing protocol
• Protocol= an agreed upon set of rules
• Routing protocol
• rules that describe how layer 3 devices send updates
between each other about available networks
331
Path selection
• Metrics
• used to calculate which path to select
• Administrative distance
• if more than one routing protocol is running
on the router AD helps which routing protocol to
be selected
• Prefix length
• the most number of sunbet bits much that
determine the destination network.
332
Review Static route
• No overhead
• No bandwidth usage
• Adds security
• cons
• More work
• Needs knowledge of the network
• Not suitable for large networks
333
Dynamic routing protocol
• allows routers configured for that protocol to exchange route
information and update that information based on changing network
conditions
– Used to add remote networks to a routing table
– Are used to discover networks
– Are used to update and maintain routing tables
• Automatic network discovery
– Routers are able discover new networks by sharing
routing table information
334
Dynamic routing protocol
• Discovering remote networks
• Maintain up-to-date routing information
• Choosing the best path to destination
network
• Having the ability to find a new path if the
current path is no longer available
• Routing protocols
• Interior gateway protocols
• Exterior gateway protocols
335
Routing protocol operation
1. the router sends and receive routing
message on its interface
2. The router shares routing message and
routing information with other routers that
are using the same routing protocol
3. Router exchanges routing information
and learn more about remote networks
4. When a router detects a topology change
the routing protocol can advertise this
change to other routers 336
Routing algorithm
• Mechanism for sending and receiving
routing information
• Mechanism for calculating the best path
• Installing the routes in the routing table
• Mechanism for detecting and reacting
topology changes
337
Routing protocol characteristics
• Time to converge
• Scalability
• Classless or classful
• Resources usage
• Implementation and maintenance
338
convergence
• how quickly the route propagates
• Speed of calculating the best-path
339
Maintaining the routing table
• Change might occur
a.Failure of a link
b.Failure of a router
c.Change of link parameter
d.Introduction of a new link
340
Routing loop
a. Incorrectly configured static routes
b. Incorrectly configured route redistribution
(CCNP)
c. Inconsistent routing table not being
update due to slow updates
341
Implication of routing loop
• Link BW will be used for traffic looping and
forth between the routers in a loop
• A router’s CPU will be burdened with
useless packets
• Routing update might get lost or not be
processed in a timely manner
• Packet might get lost in “black holes”
never reaching their intended destination
342
Administrative Distance
The router uses these values to select the source of information to use
when multiple routes to a destination exist.
A smaller number indicates a more trusted route.
Distance vector
• does not have the knowledge of the entire
path
• Knows only
• The direction in which or interface to which
packet should be forward
• The distance to the destination network
344
Distance vector
• Sends entire routing table
• Sends periodical update
• Updates consumes lots of BW
• Consumes lots of router CPU process
345
Distance vector
• Use the Bellman-Ford algorithm
• Send complete routing table at regular intervals
– to neighbour routers
• do not actually identify their neighbors for direct
communication
• neighbor router receive /send the broadcast update
• Concerns on direction, of destination networks
• easy to configure,
• use less memory and processing power
346
RIP v.1
• Class full routing protocol
• Update is sent every 30 seconds
• Sends update via 255.255.255.255 as
broadcast
• Sends entire routing table
• Uses hop count as metric
• Maximum hop count is 15
• Load- balance up to six equal cost (default
is 4) 347
RIP v.1
• Learns about other path from its neighbor
• Consumes lots of BW
• Slow to converge(there is loop)
• Uses timer to determine when the neighbor is
no longer available
• Uses trigger update to help to speed
convergence time
• Uses hold-down timer to prevent the router from
using another route to a recently down network
348
RIP v.1
• Automatically summarizes to classful
network address address
• Does not support VLSM/CIDR
• Does not support discontiguous subnets
• easy to configure
• Wollo(config)#router rip
• Wollo(config-router)# network 192.169.1.0
(the network you want to advertise
349
Verification
• Show ip route
• Show ip protocols
• Debug ip rip
• Debug ip packet
350
Passive interface
• Prevent RIP update being sent, allows to
receive updates(can speak but cannot
hear )
• BW is wasted
• Advertising updates on a broadcast
network is a security risk.
• STOPING unnecessary RIP updates
351
Advantage and disadvantage of
automatic summarization
• Advantage
• Smaller routing update
• Use of less BW (for routing update)
• Using a single route (for faster lookup
process)
• Disadvantage
• Not be able to support discontigous
subnets
• Summarization is advertising of
contiguous addresses 352
Defualt route
• R2(config-router)# defuault-information originate
353
A static default route will have precedence
over a default router learned through a
dynamic routing protocol
354
Classful and Classless Routing
Protocols
• Classful routing protocols
– Summarize networks to their major network
boundaries (Class A, B, or C)
– Do not carry subnet mask information in their
routing table updates
– Cannot be used in networks with either
discontiguous subnets or networks using
variable length subnet masks (VLSM)
– Examples: RIPv1
355
Network with discontigous subnets 356
357
Classful and Classless Routing
Protocols (continued)
358
Classful and Classless Routing
Protocols (continued)
359
Classful and Classless Routing
Protocols (continued)
• Classless routing protocols
– Allow dynamic routing in discontiguous
networks
– Carry subnet mask information in the routing
table updates
– Examples: RIPv2, EIGRP, OSPF, and BGP
360
Comparing RIPv1 and V2
361
RIPv2
• interior gateway protocols (IGP)
• Classless, distance-vector, timer-driven
• Hop count
• 15 as the maximum usable metric
• 224.0.0.9 multicast (version 1 uses 255.255.255.255)
• Update interval 30 seconds
• Full updates each interval
• Authentication (not supported on version 1)
• sending RIPv2 updates on each RIPv2-enabled interface
362
Configuring RIPv2
363
Classful and Classless Routing
Protocols (continued)
364
RIPv2 Network Operation
Dude they are done learning
369
Challenge lab
370
Lab answer
• Configure RIP V. 2 between Dessie, Bati,
Kemmise and HQ
• Configure static route toward HQ from ISP
• Configure default toward ISP
• Configure passive interface toward all
LANs
• Enable the auto summarize feature as
needed
371
if router receives a routing update that
contains a higher cost path to network , the
update is ignored
372
Classful Route Lookups
380
Routing Information Protocol
version 2 (continued)
381
382
Summary
• RIP is still used despite the emergence of more
sophisticated routing protocols.
• RIP is mature, stable, widely supported, and
easy to configure.
• Although RIPv2 offers some decided
improvements over RIPv1, it is still limited to a
maximum of 15 hops and small internetworks.
• Design strategies such as VLSM have become
very powerful tools for controlling protocols.
• One of the major improvements in and benefits
of using RIPv2 compared to RIPv1 is that
RIPv2 provides authentication
Summary
Key Terms
386
To do list
• Multi-Access networks
– All routers must accept packets sent to the
AllSPFRouters (224.0.0.5) address
– All DR and BDR routers must accept packets sent to
the AllDRouters (224.0.0.6) address
OSPF
OSPF works with the concepts of areas and by default you will always have a single area,
normally this is area 0 or also called the backbone area.
394
Hello packet
395
OSPF Area
What is in hello packet
397
cost
• Cost = Reference Bandwidth / Interface Bandwidth
• Example:
If you have a 100 Mbit interface what will the cost be?
Cost = Reference bandwidth / Interface bandwidth.
100 Mbit / 100 Mbit = COST 1
398
Equal cost implies load balance
• Paths must have an equal cost.
• 4 equal cost paths will be placed in
routing table.
• Maximum of 16 paths.
• To make paths equal cost, change the
“cost” of a link
399
Router Classification
IR
Area 2 Area 3
ABR/BR
Area 0
ABR
Intra-Area Route
ASBR All routes within an area
Inter-Area Route
Routes announced from area to
another by an ABR
External Route
Routes imported into OSPF from
another protocol or Static routes
Topology/Links-State DB
• A router has a separate DB for each area it
belongs
• All routers within an area have an identical DB
• SPF calculation is done separately for each
area
• LSA flooding is limited to the particular area
router ID
• The highest IP address assigned to a loopback
(logical) interface.
• If a loopback interface is not defined, the
highest IP address of the router's physical
interfaces.
More on OSPF
Each LSA has an aging timer
which carries the link-state age field.
By default each OSPF
LSA is only valid for 30 minutes.
406
More on OSPF
Once every router has a complete map we can start calculating the shortest path to all the
different destinations by using the shortest-path first (SPF) algorithm. The BEST
information goes into the routing table.
407
OSPF packet types
Hello: neighbor discovery, build neighbor
adjacencies and maintain them.
409
State …
R0
Down state R1
R0 R1
Two-Way State
R0 will receive this hello packet and sees her own router ID. We are now in the
two-way state.
411
OSPF state …
R0 R1
Our routers are ready to sync their LSDB. At this step
we have to select a master and slave role. The router with the highest router ID will
become the master. Router R1 has the highest router ID and will become the master.
412
R0 R1
Exchange State
our routers are sending a
DBD with a summary of
the LSDB.
This way the routers can
find out what networks
they don’t know about.
413
OSPF states ….
Loading State
Send an acknowledgement using the LSAck packet.
Compare the information in the DBD with the information it already has:
If the neighbor has new or newer information it will send a LSR (Link
State Request) packet to request for this information
When the routers start sending a LSR (Link State Request) we are in the
loading state.
The other router will respond with a LSU (Link State Update) with the requested
information. 414
Full State
Both routers have a synchronized LSDB and
we are ready to route!
415
multi-access
416
No election
417
OSPF network types:
• Non-Broadcast (NBMA)
• Point-to-multipoint
• Point-to-multipoint non-broadcast
• Broadcast
• Point-to-Point
418
Default values
DR/BDR elextion
419
EIGRP
• No longer a closed proprietary of Cisco
• EIGRP features
– Transport ( port 88), use RTP (reliable unicast and
multicast, similar to TCP)
• RTP – delivery is guarantee ( Not POST OFFICE—Geretatios)
• RTP gives service to hello and ACK (unreliable packets)
– Metric (bandwidth and delay by default)
• Extended(optional) metrics load, reliability
• Not used metric MTU
– Hello interval (5 or 60 seconds default)
– Hold timer – determine when a neighboring route has
failed (3X hello interval , 15 or 180 seconds by default)
– Full or partial updates
– Authentication
EIGRP
– VLSM/classless
– Summarization ( to classfull by default)
• Manual summarization allowed at interface
– Protocol-dependent modules
• Multiprotocol supports ( IPV6,IP, IPX, AppleTalk)
– No periodical updates
• Uses hello packet to announce continuous presence
– Hello packet
• To build and maintain neighbor adjacencies
• Note: use of RTP and hellos what makes to
abandon periodic updates, changes are sent in
event-driven
– Uses Diffusion update algorithm (DUAL)
• rapid convergence implies no loop
EIGRP
• Diffuses (sent) updates to affected area (
bounded)
• Sends update only – partial
• Default hop count is 100
– Router(config-router)# metric maximu-hop {1 – 255}
• Administrative distance is 90
– External route AD is 170
– Router(config-router)# distance eigrp { 1 – 255}
• Can be adjusted for the external too !!!
EIGRP
• Metrics (composite metrics)
– Bandwidth (default)
• Transmission speed of an interface
– Reliability
• Expressed in ration of 255 ( 255 implies 100% reliable)
– Delay (default) tens of microseconds
• Maximum delay value indicates unreachable
• Measure of the time it takes for a packet to traverse a route
– Load
• Amount of traffic flowing (expressed as a fraction of 255
• 1 implies empty , 255 fully utilized (the lower the fraction the
less load on the link)
– MTU and hop count (fallback measure)
• Are unused in best path selection or composite metric
calculation (advertised)
EIGRP Delay
EIGRP
• By default EIGRP uses up to 50% of the
configured bandwidth
• Bandwidth command does NOT change the
physical bandwidth of the link
EIGRP
• Packets( bold letter are the 5 EIGRP packet
usually discussed)
– Hello
– Acknowledgment
– Update
– Query
– Reply
– SIA- query
– SIA-Reply
• Red packets are reliable packets- EIGRP
makes sure they are delivered
Neighbor Discovery / recovery
EIGRP
• EIGRP packet in action
– R# Show ip eigrp traffic (eigrp traffic counters)
• Hello packets
– To discover , verify and rediscover neighbors
– Are sent on EIGRP enabled interface (224.0.0.10)
– Default interval is 5 and 60 seconds
– Not acknowledged (unreliable – no response
require)
• No need to say hello back to SELMETA (rude
…hahhaha)
• Acknowledgment packets
– To facilitate reliable delivery (dataless Hello
EIGRP
• Update packets
– Can be unicast or multicast
– unicast
• Between newly discovered neighbor
• Point to point connection
– multicast
• Multiple new neighbors
• after fully synchronized
• Sent when topology changes
466
Ethernet
Destination Source Address Type DATA FCS
Address (MAC) (MAC) (Data?) (IP, etc.) (Errors?)
Ethernet
•Layer 2 – Data Link Layer
•NIC (Source MAC address)
to NIC (Destination MAC
address) communications in
the same network
•Source MAC address –
467
Address of the sender’s NIC
Hubs versus Switches
• Ethernet Hubs (almost obsolete)
– Layer 1 device – Examine only the
bits.
– What ever comes in one interface is
forwarded out all other interfaces
(except the one it came in on).
– Half-duplex interfaces – Only one
device can send or we have a
collision.
Ethernet Switches
Layer 2 device – Examine Ethernet frames
Mac Address Tables – Filter or flood Ethernet frames
Flood – Ethernet broadcasts and unknown unicasts
Unknown unicast is when the Destination MAC address is
not in the switches MAC address table.
Full-duplex interfaces – Can both send and receive at the
468
same time - NO collisions.
MAC Address Table
MAC Address Table
Port Source MAC Add. Port Source MAC
Add.
1 • Switches bind MAC addresses with switch
1111
469
Mac Address Table
1.Learn – Examine Source
Forwarding Frames
MAC address
In table: Reset 5 min timer
Unicast Not in table: Add Source MAC
address and port # to table
BBBB AAAA
2.Forward – Examine
Destination MAC address
In table: Forward out that
Mac Address Table port.
Port MAC Address Not in table: Flood out all
1 AAAA ports except incoming port.
Unknown Unicast
1 2
470
AAAA BBBB
Mac Address Table
1.Learn – Examine Source
Forwarding Frames
MAC address
In table: Reset 5 min timer
Unicast Not in table: Add Source MAC
address and port # to table
AAAA BBBB
2.Forward – Examine
Destination MAC address
In table: Forward out that
Mac Address Table port.
Port MAC Address Not in table: Flood out all
1 AAAA ports except incoming port.
2 BBBB
1 2
471
AAAA BBBB
Mac Address Table
1.Learn – Examine Source
Forwarding Frames
MAC address
In table: Reset 5 min timer
Unicast Not in table: Add Source MAC
address and port # to table
BBBB AAAA
2.Forward – Examine
Destination MAC address
In table: Forward out that
Mac Address Table port.
Port MAC Address Not in table: Flood out all
1 AAAA ports except incoming port.
2 BBBB
1 2
472
AAAA BBBB
Mac Address Table
1.Learn – Examine Source
Forwarding Frames
MAC address
In table: Reset 5 min timer
Broadcast Not in table: Add Source MAC
address and port # to table
FFFF AAAA
2.Forward – Examine
Destination MAC address
In table: Forward out that
Mac Address Table port.
Port MAC Address Not in table: Flood out all
1 AAAA ports except incoming port.
2 BBBB
Broadcast
Domain
1 2
473
AAAA BBBB
Switched Environment
Router/Switch Bootup Process
475
Bootup Process
476
Switch Boot Sequence
S1(config)# boot system flash:/c2960-lanbasek9-mz.150-
2.SE/c2960-lanbasek9-mz.150-2.SE.bin
478
Switch LED Indicators
• Each port on the Cisco Catalyst switches
have status LED indicator lights.
– LED lights reflect port activity, but they can
also provide other information about the
switch through the Mode button.
483
Assign a Default Gateway
Default Gateway
172.17.99.11
172.17.99.1
172.17.99.100
Def Gw 172.17.99.1
S1(config)# ip default-gateway
172.17.99.1
S1(config)# end
S1#
484
Assign a Default Gateway
Default Gateway
172.17.99.11
172.17.99.1
172.17.99.100
Def Gw 172.17.99.1
485
Configure Switch Ports
Full-Duplex Communication
487
488
Configure Duplex and Speed
B C D X Y Z
switch switch switch switch switch switch
492
Configure Duplex and Speed
Straight-through
Straight-through
Crossover
497
Verify MDIX Setting
S1# show controllers ethernet-controller fa 0/1 phy | include Auto-MDIX
Auto-MDIX : On [AdminState=1 Flags=0x00056248]
S1#
498
Verifying Switch Port
Configuration
Cisco Switch IOS Commands
499
Troubleshooting Access Layer
Issues
S1# show interfaces fa 0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Lance, address is 000d.bda1.5601 (bia 000d.bda1.5601)
BW 100000 Kbit, DLY 1000 usec,
reliability
If the output is:250/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
•up down:set
Keepalive Encapsulation
(10 sec) type mismatch, the interface on the other end
Full-duplex, 100Mb/s
could be error-disabled, or there could be a hardware problem.
input flow-control is off, output flow-control is off
•down
ARP type:down: A cable
ARPA, is not 04:00:00
ARP Timeout attached or some other interface problem
Last input 00:00:08, output 00:00:05, output hang never
exists.
Last clearing of "show interface" counters never
•administratively
Input queue: 0/75/0/0down: The shutdown command
(size/max/drops/flushes); hasoutput
Total been issued.
drops: 0
Queueing strategy: fifo
Output queue :0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
956 packets input, 193351 bytes, 0 no buffer
Received 956 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
2357 packets output, 263570 bytes, 0 underruns
0 output errors, 0 collisions, 10 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
500
0 output buffer failures, 0 output buffers swapped out
S1#
Troubleshooting Access Layer
Issues
S1# show interfaces fa 0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Lance, address is 000d.bda1.5601 (bia 000d.bda1.5601)
BW 100000 Kbit, DLY 1000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s
inputFrames
Runt flow-control is off,
- Ethernet outputthat
frames flow-control
are shorteris than
off the 64-byte
ARP type: ARPA, ARP Timeout 04:00:00
minimum
Last inputallowed length
00:00:08, are00:00:05,
output called runts.
output hang never
Last clearing of "show interface" counters never
Giants - Ethernet frames that are longer than the maximum allowed
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
length are strategy:
Queueing called giants.
fifo (Bad NIC)
Output queue :0/40 (size/max)
CRC errors
5 minute - On
input Ethernet
rate and serial
0 bits/sec, interfaces, CRC errors usually
0 packets/sec
indicate
5 minutea output
media rate
or cable error. 0 packets/sec
0 bits/sec,
956 packets input, 193351 bytes, 0 no buffer
Received 956 broadcasts, 0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
0 watchdog, 0 multicast, 0 pause input
0 input packets with dribble condition detected
2357 packets output, 263570 bytes, 0 underruns
0 output errors, 0 collisions, 10 interface resets
0 babbles, 0 late collision, 0 deferred
0 lost carrier, 0 no carrier
501
0 output buffer failures, 0 output buffers swapped out
S1#
Troubleshooting Access Layer
Issues
S1# show interfaces fa 0/1
FastEthernet0/1 is up, line protocol is up (connected)
Hardware is Lance, address is 000d.bda1.5601 (bia 000d.bda1.5601)
BW 100000 Kbit, DLY 1000 usec,
S1#
502
Security Concerns in LANs
Switch Vulnerabilities
• Switches are vulnerable to a variety of attacks including:
– Password attacks
– DoS attacks
– CDP attacks
– MAC address flooding
– DHCP attacks
504
Disable Unused Ports and
Assign to an Unused (Garbage)
VLAN
S1(config)#int range fa0/20 – 24
S1(config-if-range)# switchport access vlan 100
S1(config-if-range)# shutdown
%LINK-5-CHANGED: Interface FastEthernet0/20, changed state to
administratively down
%LINK-5-CHANGED: Interface FastEthernet0/21, changed state to
administratively down
%LINK-5-CHANGED: Interface FastEthernet0/22, changed state to
administratively down
%LINK-5-CHANGED: Interface FastEthernet0/23, changed state to
administratively down
%LINK-5-CHANGED: Interface FastEthernet0/24, changed state to
administratively down
S1(config-if-range)#
506
Leveraging the Cisco Discovery
Protocol
508
Disabling CDP
S1(config)# no cdp run
S1(config)#
509
Layer
In this scenario, the
2 Switching
192.168.1.0 /24
switch has just
.10 .11
rebooted.
000a.f38e.74b3 00d0.ba07.8499
F0/1 F0/2
Verify the content of
the MAC address F0/3 F0/4
table.
.12 .13
0090.0c23.ceca
0001.9717.22e0
Sw1#
510 Packet Tracer Topology
Layer 2 Switching
192.168.1.0 /24
.10 .11
000a.f38e.74b3 00d0.ba07.8499
F0/1 F0/2
.12 .13
0090.0c23.ceca
0001.9717.22e0
511
PC-A>
Layer 2 Switching
192.168.1.0 /24
.10 .11
000a.f38e.74b3 00d0.ba07.8499
F0/1 F0/2
F0/3 F0/4
.12 .13
0090.0c23.ceca
0001.9717.22e0
Unicast Flooding
MAC address
In table: Reset 5 min timer
Unicast Not in table: Add Source MAC
address and port # to table
BBBB AAAA
2.Forward – Examine
Destination MAC address
In table: Forward out that
Mac Address Table port.
Port MAC Address Not in table: Flood out all
ports except incoming port.
Not in table
Unknown Unicast
1 2
513
AAAA BBBB
MAC Flood Attack
• If the attack is launched before the beginning of
the day, the CAM table would be full as the
majority of devices are powered on.
• If the initial, malicious flood of invalid CAM
table entries is a one-time event:
– Can generate 155,000 MAC entries per
minute
– “Typical” switch can store 4,000 to 8,000
MAC entries
– Eventually, the switch will age out older,
invalid CAM table entries
– New, legitimate devices will be able to
create an entry in the CAM
– Traffic flooding will cease
– Intruder may never be detected (network
seems normal).
514
Mac Address Table
1.Learn – Examine Source
Unicast Flooding
MAC address
In table: Reset 5 min timer
Unicast Not in table: Add Source MAC
address and port # to table
BBBB AAAA
2.Forward – Examine
Destination MAC address
In table: Forward out that
Mac Address Table port.
Port MAC Address Not in table: Flood out all
ports except incoming port.
Not in table or table is full
Unknown Unicast
1 2
515
AAAA BBBB
Configure Port Security
• Port security allows an administrator to limit the number
of MAC addresses learned on a port.
– If this is exceeded, a switch action can be configured.
• Configure each access port to accept 1 MAC address
1 1 1 1
only or a small group of MAC addresses.
– Frames from any other MAC addresses are not
forwarded.
– By default, the port will shut down if the wrong device
connects.
• It has to be brought up again manually.
516
Configuring Port Security
• Use the switchport port-security interface
command to enable port security on a port.
Switch(config-if)#
switchport port-security [max value] [violation {protect |
restrict | shutdown}] [mac-address mac-address [sticky]]
[aging time value]
• It is used to:
– Set a maximum number of MAC addresses.
– Define violation actions.
– MAC address(es) can be learned dynamically, entered manually,
or learned and retained dynamically.
– Set the aging time for dynamic and static secure address entries.
• To verify port security status: show port-security
517
Port Security: Secure MAC
•
• Static
Addresses
The switch supports these types of secure MAC addresses:
519
Feature
Port Security
Default setting
Defaults
Port Security Disabled on a port
• Learned dynamically
– S1(config-if)# switchport mode access
– S1(config-if)# switchport port-security
• By default, only 1 address is learned.
– Put in MAC address table
– Not shown in running configuration
521
Static Secure MAC address
528
Port Security: Violation
Switch(config-if)#switchport port-security violation
{protect | restrict | shutdown}
533
Virtual LANs
Introduction to VLANs
VLANs
Dynamic VLANs
based on the MAC address of an end-user device
• A network administrator also must assign the user’s MAC address to aVLAN in
the database of a VLAN Membership Policy Server (VMPS)
Deploying VLANs
• the number of VLANs depends on traffic patterns,
application types, segmentation, and network-
management requirements
• you should not allow VLANs to extend beyond the Layer
2 domain of a distribution switch
Local VLANs
20/80 rule
L3 functionality in distribution
And core
VLAN TRUNK
SW2
SW1
FA0/1 FA0/1
FA0/2
FA0/2
FA0/1 FA0/1
. . .
Problem: A Device Cannot
Establish a Connection Across
a Trunk Link
• Make sure:
– The Layer 2 interface mode configured on
both ends of the link is valid.
– The trunk encapsulation type configured on
both ends of the link is valid.
– The native VLAN is the same on both ends of
the trunk (802.1Q trunks).
Native VLANs
Eyobe
Degene
Teddy
Eyobe
VLAN Trunking Protocol (VTP)
• Cisco-proprietary protocol
• Automates the propagation of VLAN information between switches via
trunk links.
• Minimizes misconfigurations and configuration inconsistencies.
• VTP domains define sets of interconnected switches sharing the same
VTP configuration.
Mode Description
VTP Modes
Client • Cannot create, change, or delete VLANs on command-line interface
(CLI).
• Forwards advertisements to other switches.
• Synchronizes VLAN configuration with latest information received from
other switches in the management domain.
• Does not save VLAN configuration in nonvolatile RAM (NVRAM).
569
Danger of VTP
STP Timers
• Hello timer:sent every 2 seconds.
• Forward delay timer:default, the forward delay is 15 seconds.
• Max age timer:By default, the max age timer is 20 seconds.
•Timers must be changed on the Root Bridge. The Root Bridge will
propagate the new timer values to all switches using BPDUs
Basic STP Configuration
•To manually adjust the three STP timers for
a specific VLAN:
Switch(config)# spanning-tree vlan 101 hello-
time 10
Switch(config)# spanning-tree vlan 101 forward-
time 20
Switch(config)# spanning-tree vlan 101 max-age
40
note
592
EtherChannel :
Campus Core
Distribution Layer
← Switches →
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 594
“EtherChannel simplifiers
design improves operation
when multiple physical
interfaces are needed to
interconnect switches”.
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 595
Spanning-tree operation
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 607
Switch0# show etherchannel summary
Flags: D - down P - in port-channel
I - stand-alone s - suspended
H - Hot-standby (LACP only)
R - Layer3 S - Layer2
U - in use f - failed to allocate aggregator
u - unsuitable for bundling
w - waiting to be aggregated
d - default port
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 608
Switch0# show etherchannel load-balance
EtherChannel Load-Balancing Operational
State (src-mac):
Non-IP: Source MAC address
IPv4: Source MAC address
IPv6: Source MAC address
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 609
Switch0# show etherchannel port-channel
Port-channel: Po1
------------
Age of the Port-channel = 00d:01h:22m:29s
Logical slot/port = 2/1 Number of ports = 2
GC = 0x00000000 HotStandBy port = null
Port state = Port-channel
Protocol = PAGP
Port Security = Disabled
© 2013 Cisco and/or its affiliates. All rights reserved. Cisco Public 610
EtherChannel verification
continued
The previous slide provided the output from the show
etherchannel port-channel command. PAgP messages are
carried on Fa01 – hence the highlight.
Another command with considerable output is:
Switch# show interface etherchannel
All of these commands are useful to troubleshoot
EtherChannel operation. When troubleshooting always begin
by verifying the physical ports all have the same operational
parameters and do this at both ends of the EtherChannel.
Next verify channel-group settings again at both ends of the
EtherChannel. Do not make assumptions – verify and test.
Are you tired . . .?
frustrated . . .?
confused . . .?
613
No problem, I’ve got just the key!
Given that you’re already consoled in to the offending router,
manually flip the router switch off and then on again.
As soon as you turn the router back on, you will see text scrolling
by indicating that the router is rebooting. Within 60 seconds of
re-powering the router, press Ctrl + Break.
Pause
Break
Ctrl
config t
Enter global configuration mode:
Change your secret password: enable secret *****
Enter line configuration mode:
Log in to the console: line con 0
Reconfigure the console password: login
Return to global configuration mode:
password *****
exit
SuperRouter(config-
line)#exit
SuperRouter(config)#
Change the config-register back by entering config-register 0x2102
And then to verify that the change has been made.
show ver
SuperRouter(config)#config-register 0x2102
SuperRouter(config)# do show ver
Be saved !
Access Control Lists
Does source
Next entry in list
address match?
No Yes
Yes More
entries?
Apply condition
No
Deny Permit
ICMP Message Forward Packet
Two Basic Tasks (Standard
ACL)
• Write the ACL statements sequentially in
global configuration mode.
Router(config)#access-list access-list-
number {permit/deny} {test-conditions}
Lab-D(config)#access-list 1 deny
192.5.5.10 0.0.0.0
• Group the ACL to one or more interfaces in
interface configuration mode.
Router(config-if)#{protocol} access-group
access-list-number {in/out}
Lab-D(config-if)#ip access-group 1 out
The access-list-number parameter
Permit Deny
Forward Packet ICMP Message
– In the {test conditions} portion of the ACL, you will specify various
parameters depending on the type of access list.
– Common to most access lists is the source address’ ip mask and
wildcard mask.
– The source address can be a subnet, a range of addresses, or a
single host. It is also referred to as the ip mask because the
wildcard mask uses the source address to check bits.
– The wildcard mask tells the router what bits to check. We will spend
some time now learning its function.
652 of 26
Private IP address
653 of 26
NAT
654 of 26
NAT
655 of 26
Configure NAT
• Static Translation
• Dynamic Translation
656 of 26
Static Translation
657 of 26
Dynamic Translation
658 of 26
PAT (Overloaded NAT)
659 of 26
PAT
660 of 26
NAT command
debug ip nat
661 of 26
Disadvantages of NAT
• Delay
• Loss of end-to-end ability
• Might not work with some applications
662 of 26
Dynamic Host Configuration
Protocol
• Dynamic Host Configuration Protocol (DHCP)
– Provides IP configuration information to hosts
on bootup
– This functionality is much like that provided by
older protocols RARP and BOOTP
• DHCP manages addressing by leasing the IP
information to the hosts
– This leasing allows the information to be
recovered when not in use and reallocated
when needed
663
Dynamic Host Configuration
Protocol (continued)
664
Dynamic Host Configuration
Protocol (continued)
• You can configure your Cisco router to be a DHCP server
• DHCP relay
– The router can forward the request to other DHCP
servers if it cannot satisfy a DHCP request
• Configuring the router to be a DHCP server
– Enable the service using the service dhcp
command at the global configuration mode prompt
– Configure DHCP bindings and decide where to store
the DHCP bindings database
665
Dynamic Host Configuration
Protocol (continued)
• Configuring the router to be a DHCP server (continued)
– Define the pool of addresses
– Configure any optional IP configuration parameters
– Exclude any statically configured addresses
• Monitoring DHCP
– The best way to check the bindings is to execute the
show ip dhcp binding command on the router
– For information on the specific DHCP address pool,
use the show ip dhcp pool command
666
667
Dynamic Host Configuration
Protocol (continued)
668
• A DHCP server uses ping to resolve
address conflict
•
669 of 26
Managing Cisco Devices
Network Environment
Management
Cisco IOS File System and
Devices
Managing Cisco IOS Images
Verifying Memory and
Deciphering Image Filenames
RouterX#sh flash
-#- --length-- -----date/time------ path
1 14951648 Feb 22 2007 21:38:56 +00:00 c2800nm-ipbase-mz.124-5a.bin
2 1823 Dec 14 2006 08:24:54 +00:00 sdmconfig-2811.cfg
3 4734464 Dec 14 2006 08:25:24 +00:00 sdm.tar
4 833024 Dec 14 2006 08:25:38 +00:00 es.tar
5 1052160 Dec 14 2006 08:25:54 +00:00 common.tar
6 1038 Dec 14 2006 08:26:08 +00:00 home.shtml
7 102400 Dec 14 2006 08:26:22 +00:00 home.tar
8 491213 Dec 14 2006 08:26:40 +00:00 128MB.sdf
NVRAM
Terminal
TFTP server
Erase start
copy run tftp and copy tftp run
Commands
show processes
686
Advantages of IPv6 over IPv4
• Larger address space
• Better header format
• New options
• Allowance for extension
• Support for resource allocation
• Support for more security
• Support for mobility
Why Do We Need a Larger
Address Space?
• Internet population
– Approximately 973 million users in November 2005
– Emerging population and geopolitical and address space
• Mobile users
– phones, iPads, tablets ,etc
– Approximately 20 million in 2004
• Mobile phones
– Already 1 billion mobile phones delivered by the industry
• Transportation
– Planes, trains, busses, automobiles
• Consumer devices
– Billions of home and industrial appliances
688
Larger Address Space
IPv4
• 32 bits or 4 bytes long
4,200,000,000 possible addressable nodes
IPv6
• 128 bits or 16 bytes: four times the bits of IPv4
3.4 * 1038 possible addressable nodes
340,282,366,920,938,463,374,607,432,768,211,456
5 * 1028 addresses per person
50,000,000,000,000,000,000,000,000,000
689
Larger Address Space Enables
Address Aggregation
Source Address
Destination Address
Options Padding
Source Address
Legend
Example
3ffe : 1944 : 0100 : 000a : 0000 : 00bc : 2500 : 0d0b
3ffe : 1944 : 100 : a : 0 : bc : 2500 : d0b
697
Rule 1: Leading 0’s
Practice
698
Rule 1: Leading 0’s
• Only leading zeroes can be omitted; trailing zeroes cannot, because
doing so would make the segment ambiguous.
• You would not be able to tell whether the missing zeroes belonged
before or after the written digits.
699
Rule 2: Double colon :: equals
0000…0000
• The second rule can reduce this address even further:
• Any single, contiguous string of one or more 16-bit
segments consisting of all zeroes can be represented
with a double colon.
ff02::5
700
Rule 2: Double colon :: equals
•
0000…0000
Only a single contiguous string of all-zero segments can be represented with a double
colon.
2001 : d02 :: 14 : 0 : 0 : 95
2001 : d02 :: 14 : 0 : 0 : 95
OR
2001 : d02 : 0 : 0 : 14 :: 95
2001 : d02 : 0 : 0 : 14 :: 95
Another example:
2031 : 0000 : 130F : 0000 : 0000 : 09C0 : 876A : 130B
2031 : 0 : 130F :: 9C0 : 876A : 130B
701
Rule 2: Double colon :: equals
0000…0000
• Using the double colon more than once in an IPv6
address can create ambiguity.
Example
2001:d02::14::95
2001:0d02:0000:0000:0014:0000:0000:0095
2001:0d02:0000:0000:0000:0014:0000:0095
2001:0d02:0000:0014:0000:0000:0000:0095
702
Network Prefixes
• IPv4, the prefix—the network portion of the address—
can be identified by a dotted decimal or bitcount.
255.255.255.0 or /24
• An IPv6 address consisting of all zeroes can be written simply with a double
colon.
• There are two cases where an all-zeroes address is used.
1. Default address, The address is all zeroes and the prefix length is zero:
::/0
2. Unspecified address, which is used in some Neighbor Discovery Protocol
procedures (later).
– An unspecified address is a filler, indicating the absence of a real IPv6
address.
– When writing an unspecified address, it is differentiated from a default
address by its prefix length:
::/128
704
705
IPv6 Addressing Model
• Addresses are assigned to interfaces,
not hosts
• Interface expected to have multiple
addresses
• Addresses have scope
– Link-Local
– Site-Local Unique Local
– Global
Interface
Identifiers in IPv6
Addresses
707
• The data link layer defines how IPv6 interface identifiers are created and
how neighbor discovery deals with data link layer address resolution.
• RFCs describe these processes (not all supported by Cisco)
•708Let’s look at the process for Ethernet Interface Identifier…
Calculating the Interface ID Using EUI-64
• The Universally/Locally (U/L) bit is the seventh bit of the first byte and is
used to determine whether the address is universally or locally
administered.
– If 0, the IEEE, through the designation of a unique company ID, has
administered the address.
– If 1, the address is locally administered - the network administrator
has overridden the manufactured address and specified a different
address.
• Seems to be some debate on whether Cisco should flip it if it is already a 1.
•r710“The standard says leave the U/L bit a 1 if it's a 1 and the "Cisco" way says
to flip it regardless.”
Subnet: 2001:8:85a3:4289::/64
MAC Address: 001B:D55B:A408
Global Unicast Address:
2001:8:85a3:4289 : 021B:D5FF:FE5B:A408
Interface ID
• The current global unicast address assignment IANA uses the range of
addresses that start with binary value 001 or 2000::/3
• The start with the same 3 bits (001) as 2000
• 4 hexadecimal digits, before the first colon
• More easily recognized as beginning with a hexadecimal 2 or 3.
0010 xxxx or 0011 xxxx
• ICANN assigns global unicast IPv6 addresses as public and globally-unique
IPv6 addresses
• No need for NAT
• This is one-eighth (12.5%) of the total IPv6 address space and is the largest
717
block of assigned addresses.
Address Autoconfiguration (1)
• Allow plug and play
• BOOTP and DHCP are used in IPv4
• DHCPng will be used with IPv6
• Two Methods: Stateless and Stateful
• Stateless:
– A system uses link-local address as source and
multicasts to "All routers on this link"
– Router replies and provides all the needed prefix info
– All prefixes have a associated lifetime
– System can use link-local address permanently if no
router
Address Autoconfiguration (2)
• Stateful:
– Problem w/ stateless: Anyone can connect
– Routers ask the new system to go DHCP server (by
setting managed configuration bit)
– System multicasts to "All DHCP servers"
– DHCP server assigns an address
Network Layer in v4 & v6
Transition from IPv4 to IPv6
Advantages of IPv6 over
IPv4 (1)
Feature IPv4 IPv6
Source and 32 bits 128 bits
destination address
IPSec Optional required
Tunneling
Services
IPv4 over IPv6 IPv6 over IPv4
Government
Translation IPv6
Agencies
International
Sites
Remote
Services IPv Workers
4 Internet consumers
R1 2001:12::1/64 2001:12::2/64 R2
R1 2001:12::1/64 2001:12::2/64 R2
<output omitted>
The output confirms that the Fa0/0 interface is operational and uses the
IPv4 address.
Dual-Stack Example
10.10.10.1 10.10.10.2
R1 2001:12::1/64 2001:12::2/64 R2
<output omitted>
The output confirms that the Fa0/0 interface is operational and also
uses the IPv6 address.
Tunneling Techniques
• Isolated IPv6 networks are connected over
an IPv4 infrastructure using tunnels.
• The edge devices are the only ones that
need to be dual-stacked.
• Scalability may be an issue if many tunnels
need to be created.
– Tunnels can be either manually or automatically
configured, depending on the scale required and
administrative overhead tolerated.
Tunneling Techniques
• For IPv6, tunneling is an integration method in which an
IPv6 packet is encapsulated within IPv4.
• This enables the connection of IPv6 islands without the
need to convert the intermediary network to IPv6.
Tunneling Techniques
• In this example, the tunnel between sites is using:
• IPv4 as the transport protocol (the protocol over which the tunnel is
created).
• IPv6 is the passenger protocol (the protocol encapsulated in the tunnel
and carried through the tunnel).
• GRE is used to create the tunnel, and is known as the tunneling
protocol.
Types of Tunnels
• Tunnels can be created manually using:
– Manual IPv6 tunnels
– GRE IPv6 tunnels (not covered in this
presentation)
• Tunnels can also be created automatically
using:
– IPv4-Compatible IPv6 Tunnels (now
deprecated)
– 6to4 tunnels
– ISATAP Tunnels
Manual Tunnel Configuration
• Create a tunnel interface.
Router(config)#
interface tunnel number
<output omitted>
<output omitted>
R 12::/64 [120/2]
via FE80::2, FastEthernet0/0
R 13::/64 [120/3]
via FE80::2, FastEthernet0/0
R4#
Lo101: 11::11:1/64
R1# config t
R1(config)# ipv6 route 13::/64 s0/0/0
R1(config)# exit
R1# show ipv6 route static
IPv6 Routing Table – 9 entries
Codes: C – Connected, L – Local, S – Static, R – RIP, B – BGP
U – Per-user Static route
I1 – ISIS L1, I2 – ISIS L2, IA – ISIS interarea, IS – ISIS summary
O – OSPF intra, OI – OSPF inter, OE1 – OSPF ext 1, OE2 – OSPF ext 2
ON1 – OSPF NSSA ext 1, ON2 – OSPF NSSA ext 2
S 13::/64 [1/0]
via ::, Serial0/0/0
R1#
Lo101: 11::11:1/64
R1# config t
R1(config)# ipv6 route 13::/64 s0/0/0 2001:1::2
R1(config)# exit
R1# show ipv6 route static
IPv6 Routing Table - Default - 8 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
S 13::/64 [1/0]
via 2001:1::2, Serial0/0/0
R1#
Lo101: 11::11:1/64
R1# config t
R1(config)# ipv6 route 13::/64 130
R1(config)# exit
R1#
Lo101: 11::11:1/64
R2# config t
R2(config)# ipv6 route ::/0 s0/0/0
R2(config)# exit
R2# show ipv6 route static
IPv6 Routing Table – 9 entries
Codes: C – Connected, L – Local, S – Static, R – RIP, B – BGP
U – Per-user Static route
I1 – ISIS L1, I2 – ISIS L2, IA – ISIS interarea, IS – ISIS summary
O – OSPF intra, OI – OSPF inter, OE1 – OSPF ext 1, OE2 – OSPF ext 2
ON1 – OSPF NSSA ext 1, ON2 – OSPF NSSA ext 2
S ::/0 [1/0]
via ::, Serial0/0/0
R2#
Real Equipment
Branch-1(config)# ipv6 router eigrp 100
Branch-1(config-rtr)# eigrp router-id
1.1.1.1
Configuring IPv6 EIGRP on a
Network
• Unlike IPv4 EIGRP, IPv6 EIGRP does not require the use
of network command to advertise its networks. Instead
IPv6 EIGRP must be enabled on all of the router's
interfaces.Branch-1(config)# int s0/0/0
Branch-1(config-if)# ipv6 eigrp 100
Branch-1(config-if)# int g0/0
Branch-1(config-if)# ipv6 eigrp 100
Branch-1(config-if)# int g0/1
Branch-1(config-if)# ipv6 eigrp 100
• This command must be configured on all of the router's interfaces that are
participating in EIGRP. If we fail to configure this command on an interface, that
network will not be advertised, therefore, will not be learned by its neighbors.
Configuring IPv6 EIGRP on a
Network
• When IPv6 EIGRP is configured on all
interfaces, a log
Branch-2(config)# int s0/0/0
message will inform you
that an adjacency
Branch-2(config-if)#
Branch-2(config-if)#
ipv6 eigrp 100 has formed.
Branch-2(config-if)#
IPv6 Show Commands
Branch-2# show ipv6 eigrp neighbor
IPv6-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 Link-local address: Se0/0/0 14 00:01:31 40 1000 0 18
FE80::1
1 Link-local address: Se0/0/1 12 00:01:24 40 1000 0 20
FE80::3
773
HSRP
• On a router
– Router(config)# interface gi0/3
– Router(config-if)# standby 1 priority 150
– Router(config-if)# standby 1 ip 10.1.1.1
• On a switch
– SwitchB(config)# interface vlan 100
– SwitchB(config-if)# standby 1 priority 150
– SwitchA(config-if)# standby 1 ip 10.1.1.1
VRRP
شكرا
جزاكم هللا خير