CCNA Sikandar 2015 Final Version 1

Gateway to highly rewarding Cisco careerINDEX PAGE NO Basic networking 4 About Cisco & CCNA (exam & career paths) 10 TCP/IP ADDRESSING. . 4 Private & Public IP 26 Subnetting 29 FLSM Examples 31 Understanding Value a VLSM examples . 42 Subnetting Questions .. 47 Understanding LAN Connectivity... 48 Introduction to Cisco Routers. : 53 Console Connectivity -sscsseeeeenseseeene 5 63 Basic commands/ Modes of Cisco routers .. 66 Lab: Basic Configurations And Verifications 4 Understanding WAN connections. : 83 Rules to assign the ip address on cisco routers 2 86 Lab: basic IP configuration .....scsssstseesssre 88 Lab : Basic configuration using three routers .. a1 Troubleshooting Connectivity 94 WAN protocols (PPP/HDLC).. 95 PPP Authentication (PAP/CHAP) 96 LAB: PPP Authentication using CHAP 99 LAB: PPP Authentication using PAP .. 101 Routing 103 Static Routing p 104 Lab : Static Routing. 105 Lab : Static Routing ( 3routers) . 109 Default routing: 13 LAB : DEFAULT ROUTING m4 Dynamic routing. 5 7 Classfull /Classless . 19 RIP vi/v2 ug NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutLab : Routing using RIPv2 Administrative Distance Autonomous system number . EIGRP eee Lab : EIGRP OSPF OSPF Areas LAB: Configuring OSPF single Area 144 LAB: Configuring OSPF Multiple Area 148 Access control list 153 LAB : Standard ACL 158 lab : Extended ACL 162 Named ACL (standard/Extended) 167 Network address translation... 174 Static NAT. W7 Dynamic NAT .. 183 Port Address Translation 186 PAT using exit interface... -- 189 Basic switching. .....-- 145 Design hierarchy 146 Basic Switching Concepts. 192 Initial configuration of a switch . 197 VIRTUAL LAN : 5 200 LAB “Verify VLAN ..cccseseseeeeees 204 Trunking. 210 Lab : Trunking .. 213 Spanning tree protocol ; 3 221 Lab: verifying spanning-tree 5 227 Ive 230 LAB: Basic configuration of Ipv6 236 Static and Default IPV6 routing 238 RIPng : 243 OSPFy3 ; 247 EIGRP FORIPV6 - 250 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 3Password reverting on cisco routers Lab: backup and restore !OS and configs Restore IOS Sub-maring Cabling .... WAN Technologies Leased lines. Frame relay Lab: framerelay Metroetheret ee Introduction to MPLS technology Virtual private network SAT CABLE and DSL technology OSI Reference model & TCP/P.es.oeees- Troubleshooting user connectivity Using CDP (lab) Troubleshooting VLAN issues Troubleshooting trunking Troubleshooting WAN connecitivity ..... Troubleshooting Routing (static /Default). Troubleshooting OSPF / EIGRP. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutNOAsomins Cisco Certified Network Associate CCNAx 200-120 Sikandar Gouse Moinuddin CCIEx2 (RS/SP) # 35012 Senior Technical Instructor www.noasolutions.com NOAsomen Network » Group of two or more computers connected to share information and resources. a BIS sever Interet / wan NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 5Wide Area Network | Local area networks (LAN) i BPS sever NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 6LANs, WANS, and Internets The Internet {LANs and WANS maybe connected int inemetwer, NOAsonmons Providing Resources in a Network Gawain Networks of Many Sizes ‘Small Home Networks ‘Medium to Large Networks World Wide Networks NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 7Cisco Switch | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page &Cisco Routers NOAsamnns ye w25 ae Fi . NOAcomeorn Cisco Firewall are mete omc 52 | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 9IP Phones/ Voice Devices —- Main office location NOAsomran Device connecting a small home INTERNET mm NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 10NOAcorons Connecting to the Wired LAN. ‘Cone your compute we Ett pr 23,0") NOAsomen About Cisco » Leading manufacturer of Networking Devices. » Switches, Routers . Firewalls, Voice Devices, Datacenter , Wireless NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comNOAcomons Cisco Certification Tracks NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 12NOAcomeons CCNA Certification Exam anes computer based run and administered by pearson VUE www.vue.com Cost 295 $ 90 minutes 50-55 Questions Cisco CCNA Exam Question Types + Multiple choice (MC) + Testlet (4-5 questions on the same scenario diagram) + Drag-and-drop (DND) + Simulated lab (SIM) + Simlets (sare as testlet need to use show commands to verify) Passing Score : 825/1000 Contents fornew CCNA 200-120 NOAumm Operation of IP Data Networks IP addressing (IPv4 / IPv6) LAN Switching Technologies IP Routing Technologies IP Services Network Device Security Troubleshooting WAN Technologies For Detailed Contents www.noasolutions.com NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 13A srimnms What you get World Class training Detailed lab workbooks for practice. Self paced Video trainings. Simulation Tools. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 14TCP/IP addressing NOAcorons Protocol set of rules to follow to have proper communication Network protocols TCP/IP IPx/SPx Appletalk Netbios os NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 15NOAcomons What is TCP/IP? » TCP/IP is a standard protocol used between computers and network devices for communication. B OASomian TCP/IP addressing » IP Address is Logical Address given to each and every device in the network. » Ibis a Network Layer address (Layer 3) > Two Versions of IP: Pres + IP version Soe P 4 "3 2 + IP version 6 oo eB NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 16IPV4 address + Bitis represent by 0 or 4 (i.e. Binary) + IP address in binary form (32 bits): 01010101000001011011111100000001 * 32 bits are divided into 4 Octets: First Octet Second Octet Third Octet Forth Octet 01010101. 00000101. 10111111. 00000001 * IP address in decimal form: 85.5.191.1 z 2 = 128 32 1 0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 17)\Solutions| Converting from Decimal to Binary Convert Decimal to Binary 192.168.1010 ‘11000000 10101000 1G 2 6 > 128, place a 1 ne 128 positon subtract 128 | <6, place a0 in tho 64 poston onol strat, >22, place a1 inthe 32 postion Subirct 92 18, place 20 ine 16 postion NOAsomon Convert Decimal to Binary 192.168.10.10 AS \™ 192 168 10 10 11000000 10101000 00001010 00001010 | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 18A Simro Assigning a Static IPv4 Address to a Host LAN Interface Properties Configuring a Static IPvd Address. —————— Pinon tot version 6 Sa Nevin ree ee | [oa SSnySegeeow mat 6 ete tre ee NOAsomeons Assigning a Dynamic IPv4 Address to a Host [Assigning a Dynamic IPvd Addross DHCP - preferred method of “leasing” IPv4 addresses to hosts on large networks, reduces the burden on network support staff and virtually eliminates entry errors NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 19Range of IPv4 address Taking Example for First Octet : Total 8 bits, Value will be 0’s and 1's i.e. 2° = 256 combination 7 26 25 24 23 22 21 20 0.0.0.0 to 255.255.255.255 2 ° ° ° Total IP Address Range ° ° NOAsomm IP Address Classification IP Addresses are divided into 5 Classes CLASS A 0-127 CSS Uae Used in LAN & WAN CLASS C 192-223 CLASS D—-224-239-~—_—_—=Reserved for Multicasting CLASS E 240-255 Reserved for Research & Development NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 20NOAcomons Types of communication In an IPv4 network, the hosts can communicate one of three different ways: 1. Unicast 2. Broadcast 3. Multicast OASomi 1. Unicast Transmission the process of sending a packet from one host to an individual host. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 212. Broadcast Transmission — the process of sending a packet from one host to all hosts in the mene Von es Routers do not Directed broadcast forward a limited + Destination 172.16.4.255 broadcast! + Hosts within the 172.16.4.0/24 network NOAsomeons 3. Multicast Transmission Saeco Multicast - the process of sending a packet from one host to a selected group of hosts, possibly in different networks Reduces traffic Reserved for addressing multicast groups - 224.0.0.0 to 239.255.255.255. eo NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 22NOAsomens Live TV and Radio Broadcast Corporate Broadcasts to the Desktop pistance Learning Mute vanast File Thay nsf File Replication NOAsonmons Network & Host portions IP address is divided into Network & Host Portion CLASS A N.H.H.H CLASS B N.N.H.H CLASS C N.N.N-H a specific device in the network set of devices NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 23NOAcormons Network & Broadcast Address ReaD meescor ee Network II Identify complete network First IP of the range All ZERO’s in the host portion Broadcast address » Used to send broadcast to all with in the same network Last IP address of the range All ONE'S in the host portion Valid IP Valid 1P Addresses lie between the Network Address and the Broadcast Address. © Only Valid IP Addresses are assigned to hosts/clients NOAsonmons Example - Class C 192.168.1.0 —————» Network Address 192.168.1.1 192.168.1.2 192.168.1.3 Valid IP Addresses 192.168.1.253 192.168.1.254 192.168.1.255 ——— Broadcast Address NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 24Example - Class B Class B 172.16.0.0 —_—_—nnn> Network Address 172.16.0.1 172.16.0.2 172.16.0.3 Valid IP Addresses 172.16.255.253 172.16.255.254 172.16.255.255 ———=» Broadcast Address | NOAcornos Example - Class A a 10.0.0.0 —— Network Address 10.0.0.1 10.0.0.2 10.0.0.3 Valid IP Addresses 110.255.255.254 10.255.255.255 ———> Broadcast Address | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 25Subnet-mask Subnet Mask differentiates Network portion and Host Portion 1 represent network 0 represent hosts Class A N.H.H.H 255.0.0.0 Class B N.N.H.H 255.255.0.0 Class C N.N.N.H 255.255.255.0 NOAsomen Reserved Address » Class D&E » Network ID & Broadcast ID > O.x.x.x not valid » 127.x.x.x for loopback address NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 26127.x.x.x - loopback address » Loopback address used for testing local TCP/IP protocols men Cee eet eee cor pore NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comPrivate & Public IP local network (Privete IP Address 192.168 XX) 192.168 1003 B seuss i wve.e8i008 Sb PRIVATE IP Used with the LAN or within the organization Not recognized on internet Given by the administrator Unique within the network or organization Free Unregistered IP —- The Default Gateway 19216811 NOAsomons Internet RouterINAT Devie a 145121317 (Public IP Address) NOAsonmons PUBLIC IP Used on public network( INTERNET) Recognized on internet Given by the service provider ( from IANA) Globally unique Pay to service provider ( or |ANA ) Registered NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comPrivate IP Address » There are certain addresses in each class of IP address that are reserved for Private Networks. These addresses are called private addresses. Class A 10.0.0.0 to 10.255.255.255 (10.x.x.x) Class B 172.16.0.0 to 172.31.255.255 Class C 192.168.0.0 to 192.168.255.255 (192.168.x.x) NOAsomeon Assignment of IP Addresses Regional Internet Registries (RIRs) The major registries are: \ments/ipv4-address-space/ipv4-addres Assignment of P Addresses ZF AAMC NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 29NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 30NOAcorons Subnetting » isthe process of Dividing a Single Network into Multiple smaller networks. » Subnetting helps in minimizing the wastage of IP address. NOAsonmeons FLSM & VLSM Subnetting can be performing in two ways. FLSM (Fixed Length Subnet Mask) VISM (Variable Length subnet mask) Subnetting can be done based on requirement. Requirement of Hosts? 2h- 2 >= requirement Requirement of Networks? 2" >= requirement H=hostbits , N= Network Bits What we do in Subnetting Converting Host bits into Network Bits (reducing number of host bits) + ie. Converting 0's into I's NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comNOAsomens 2 Power Table NOAsomon away rig Ce cet Value in Subnet mask NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 32Cochass, bey = So best (Fisn) NV N-N HE 2a 26le MUNIN + CUMIN (7AM - BBoo00e0 Qe 2 Ray, ae p 2S hask= 265-255-266. q2 2 ® rep Res ved HB =G G.I Grveld Nos = Toe v4. # BI 64-2 8 -€@p. GPa ia hosts fehl MIB = sy ey 2 96 A = = pee ORES 4 /142-168-1-Q@ > (ar es -1-68 (Sr be~1 64 > (42- Kel -f27 ASL Mr] 128 SIAL e119 Ar. leet [42 — wr. (eels FLSM: Example—1 Req = 40 hosts using C-class address network 192.168.1.0/24 2-2 >= req B-2 >=40 64-2 >= 40 62 >= 40 © Host bits required (h) = 6 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 33Converted network Bits (n) = Total. H. Bits ~ req. H. Bits 8 Converted network Bits (n) = 2 Total. N. Bits = default N bits + converted N bits = 244+2= /26 Hosts/Subet = 2-2 = 26-2 = 64-2 = 62 Hosts/Subet Subnets = 2°= 2? = 4 Subnets Customized subnet mask = (/26) = 255.255.255.192 Range: 2-2 = 64 Network ID Broadcast ID 192.168.1.0/26 192.168.1.63/26 192.168.1.64/26 192.168.1.127/26 192.168.1.128/26 192.168.1.191/26 192.168.1.192/26 192.168.1.255/26 FLSM: Example—2 Req = 30 hosts using C-class address network 192.168.1.0/24 2-2 >= req 2-2 >=30 32-2>=30 30 >= 30 Host bits required (h) = 5 Converted network Bits (n) = Total. H. Bits ~ req. H. Bits —5=3 Converted network Bits (n) = 3 Total.N. Bits = default N bits + converted N bits = 2443 = /27 Hosts/Subet = 2'-2 = 29-2 = 32-2 = 30 Hosts/Subet Subnets = 2"= 2° = 8 Subnets Customized subnet mask = (/27) = 255.255.255.224 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 34Range: 2"=25 = 32 Network ID — Broadcast ID © 192.168.1.0/27 192.168.1.31/27 © 192.168.1.32/27 192.168.1.63/27 192.168.1.64/27 192.168.1.95/27 192.168.1.96/27 192.168.1.127/27 192.168.1.128/27 192.168.1.159/27 192.168.1.160/27 - 192.168.1.191/27 192.168.1.192/27 - 192.168.1.223/27 192.168.1.224/27 192.168.1.255/27 REQ = Bo Hosts, C-Class REAGAN pase f 5 (finde Lica]. (Ltt. G¥Gooos. hs 2 ey, Mh we 2 g-2 2 Mak gee A 2 - 224 aQ-2 @ Subnets = 2% 2 922 F5ands h=Su Cn Ob fn) = 8 ANAL Le 24-43 ~[2x NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 35Reg — gh o- eel 5 (40 leet 3 3. — + 2 64 > as, at > (27 128 ———_ 199 (Go (a o-lse-1 223 (6¢-1 ee ie (org (328 UNDERSTANIDIAG — Sv@NETS [ 92. [6é- [+10 } Gwe ake £) 256-18 2S ¢ ne |. loo ae oh 28) te me! oh-l24 |19 - 144 (0h — 255 FLSM: Example—3 Req = 500 hosts using B-class address network 172.16.0.0/16 2-2 >= req 2°-2>= 500 512-2 >= 500 510 >= 500 Host bits required (h) = 9 Converted network Bits (n) = Total. H. Bits ~ req. H. Bits =16-9=7 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 36Converted network Bits (n)= 7 Total. N. Bits = default N bits + converted N bits =16+7= /23 Hosts/Subet = 2'-2 = 29-2 = 512-2 = 510 Hosts/Subet Subnets = 2° = 27 = 128 Subnets Customized subnet mask = (/23)= 255.255.254.0 Range: 2"= 2° = 512 Network ID Broadcast ID 172.16.0.0/23 172.16.1.255/23 172.16.2.0/23 172.16.3.255/23 172.16.4.0/23 172.16.5.255/23 172.16.6.0/23 172.16.7.255/23 172.16.254,0/23 172.16.255.255/23 FLSM: Example—4 Req = 4000 hosts using B-class address network 172.16.0.0/16 2-2 >= req 8-2 >= 4000 4096 ~2 >= 4000 4094>= 4000 Host bits required (h) = 12 Converted network Bits (n) = Total. H. Bits-- req. H. Bits =16—12=4 Converted network Bits (n)= 4 Total. N. Bits = default N bits + converted Nbits =16+4= /20 Hosts/Subet = 2'-2 = 2®-2 = 4096-2 = 4094 Hosts/Subet NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 37Subnets = 2° = 24 = 16 Subnets Customized subnet mask = (/20)= 255.255.240.0 Range: 2'= 2"? = 4096 Network ID — Broadcast ID + 172.16.0.0/20 172.16.15.255/20 + 172.16.16.0/20 172.16.31.255/20 + 172.16.32.0/20 — 172.16.47.255/20 172.16.48.0/20 —- 172,16.63.255/20 172.16.64.0/20 <= 172.16.79.255/20 172.16.240.0/20 -—- 172,16.255.255/20 eq ef eo Lets, Using clasp (0 = 6583) NON. He ((eWll Ca. BgGPpPoo -CCOCDO0D A t — Valid hosfs * ee Mose ASS ASS. 252-0 hn Cont = Ib-lo =f Port N bis = Ib+6= fao NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 38Remge - ah 2. lozy (12. le. 9-0 b 3 255 4o ez | i. 26 | i I. | | eo Pe s28r (72+ [6-952 (1216 Bi 3 FLSM: Example—5 Req = 2000 hosts using A-class address network 10.0.0.0/8 20-2 >= req 2"—2 >= 2000 2048 ~2 >= 2000 2046 >= 2000 Host bits required (h)= 11 Converted network Bits (n) = Total. H. Bits req. H. Bits =24-N=3B NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 39Converted network Bits (n) = 13 Total. N. Bits = default N bits + converted N bits = 8+ 13 = /21 Hosts/Subnet = 2"-2 = 2"—2= 2048-2 = 2046 Hosts/Subnet Subnets = 2" = 2'8 = 8192 Subnets Customized subnet mask = (/21) = 255.255.248.0 Network ID Broadcast ID © 10.0.0.9/21 vs 10.0.7.255/21 = 10.0.8.0/21 ve 10.0.15.255/21 © 10.0.16.0/21 - 10.0.23.255/21 10.0.248.0/21 - 10.0.255.255/21 10.1.0.0/21 10.1.7.255/21 10.1.8.0/21 10.1.15.255/21 10.1.16.0/21 = 10.1.23.255/21 10.1.248.0/21 s+ 10.1.255.255/21 10.2.0.0/21 10.2.7.255/21 10.2.8.0/21 10.2.15.255/21 10.2.16.0/21 10.2.23.255/21 10.2.248.0/21 ve 10.2,255.255/21 10.255.0.0/21 10.0.7.255/21 10.255.8.0/21 10.0.15.255/21 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 40© 10.255.16.9/21 10.0.23.255/21 + 10.255.248.0/21 10.255.255.255/21 FLSM: Example—6 Req = 32000 hosts using A-class address network 10.0.0.0/8 32768 ~2 >= 32000 32766 >= 32000 Host bits required (h)= 15 Converted network Bits(n) = Total. H. Bits ~ req. H. Bits =24-15=9 Converted network Bits (n) = 9 Total. N. Bits = default N bits + converted N bits = 8+ 9 = /17 Hosts/Subnet = 2-2 = 2-2 = 32768-2 32766 Hosts/Subnet ‘+ Subnets = 2” = 2? = 512 Subnets © Customized subnet mask = (/17) = 255.255.128.0 Range: 2" = 32768 Network ID Broadcast ID + 10.0.0.097 v= 10.0.127.25517 © 10.0.128.0117 v= 100.255.2557 © 10.1.0.017 ve 101127.255/17 101.128.097 101.255.255/17 10.2.0.017 v= 10.2127.25517 10.2.128.097 se 10.2.255.255/17 10.3.0.017 v= 10,3.127.255/17 10.3.128.097 se 10,3.255.255/17 10.4.0.017 v= 10.4.127.25517 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 4110.4.128.0/17 ss 10.4.255.255/17 10.5.0.017 we 105.127.2557 10.5.128.0/17 w+ 10.5.255.255/17 10.255.0.0/17 co 10.255.127.255/17 10.255.128.017 s+ 10.255.255.255/17 Arches > Dap 23|lo,00 0 hous ee ef 8] 4 shi “dpoccsee + 00000000 2°28 24 Lay nei Gusset go Q55- ae Welt Comrald Vib = A¥— lk -© Jokl-S-b = y +107 le Svbnes - ah 2 2!°. fozy sumels NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 42Nalue Bits 720 ng 223 ps ng Pe Subnet mask 255.255.240.0 255.255.192.0 255.255.254.0 255.255.255.128 255.255.224.0 255.255.255.240 255.255.255.248 255.255.255.252 255.255.252.0 Bbacy —> [0-265 oo 7 lo 28° 63 298 “ &r 127.28 “ 128-0 ar or lye — In. 285 225" NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 43A simnms FLSM exercises C-Class Requirment 50 hosts Requirment 100 hosts Requirment 30 hosts B-Class © Requirment 1,000 hosts Requirment 4,000 hosts Requirment 500 hosts Acclass Requirment 16,000 hosts Requirment 32,000 hosts Valve t- Represent fold. N-RIE | Nae 96 BW 62.0 | fast ge. B- BD lx im ag ay aw Dy log : Ian 2 VLSy 5 a bs Q42 225 Yor sion & lool (28-148), 0124/5 Orr-297Y 29 fo hosts O@M(0) C=Cless : ™ ee ar *° m2 2% 2 > by2 2a ey * 32-2 Aa Zho @-«4 — = @ widrory N-NN. Gygo oo00 12: NNN, Ghoooeee | 9 5 p a N-N.N - oooos00 Pre 2 Ix 8 ee Lalas | 26.20 257 Kr 2 2H 2K doy 5S «285 B60- req = 20 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 45Arey = 20 m2 32-2 ALAN Oppo ovo NGNLN. Sago 200d Fee y Bre so laaf or ay 16 D0 2G 2H 2 22 +{oe L Reng Qh. oPeng A [l4a-be- 4 Ofas => Ma ee 12> jas) ‘ H29) 2 & => [TG Ue -1-(28%/26 Ian Ker ee) 2.@> av (ee 1 - (42[2r ole (bet 222 /hy «(04 [ue 2 -® => © NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 46\VLSM Design Examples Below you can find some of the sample scenario diagram where it mentions the reqquirments (ie No of hosts) 5 satan maneeTINe ‘Sales NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com192,368..40706 MARKETING so pars” SALES " Soest” NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com1000 hosts 172,16.0.0/22 0.0 to 3.255 200 hests 172,16.7.0/24 200 hosts 172,16.6.0/24 6.0 t0 6.255 4.0 10 8.258 Branch 60 hosts 172.169. 172,16.8.128/28 172.16.9.64/26 172.16.9.160/27 8.128 to 8.255, 9.64 t0 9.127 9.160 to 9.191 NOAsomrem VLSM Exercises C- class Req 100, 50, 20, 10 Req 120, 40, 12, 4 B-Class Req 4000, 1000 , 500, 200 Req 16000, 2000 , 200, 120, 100 A-class Req 32000, 8000 , 1000, 500, 200 Req 4000, 200, 120 . 60, 30,12, 10 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 49Subnetting Questions Find subnet-mask , Range (network ID and Broadcast ID) , Valid Host, Subnets + 28.10.145.10/18 + 150.12.110.10/25 + 150.50.50.50/23 + 100.10.185.10/20 + 50.1.112.10/21 + 112.10.78.40/22 + 172.16.221.10/19 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 50Introduction to Switch & Router NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 51Media Types 1. Fiber Optic 2. Copper cables (UTP & Co-axial) 3. Wireless | NOAsormion NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 52. NOAsorors Straight & Cross Cables re ty Ge Straight-Through Cable Straight & Cross Cables PC STRAIGHT-THRU HUB 11 1 2 2 FX. Re 3 I —— 4 ———s | a 6 1X. SS | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 53Co-axial Cable NOAsomos Fiber Cables ‘Transmission over longer distances and at higher bandwidths = = oz |< | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 54NOAsomens Wireless LAN NOAsomom Basic LAN setup using packet Tracer » Connect 4 computers in the LAN using Switch » Configure IP addressing on all PC using 192.168.1.0/24 network. » Check Connectivity between all the PC using Ping command NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 55NOAsomens Router It is an internetworking device used to connect two or more different networks NOAsomeon haar ih ron Ci cer ‘Which Routers to buy ? Many companies are manufacturing Router : ‘Cisco Nortel Multicom Cyclades + Juniper + Dlink + Linksys 3Com NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 56NOAsomens Cisco's Hierarchical Design Model Seem ea eg ees 1 Access Layer Router Distribution Layer Router Core Layer Router NOAsonmons Access Layer Router » Routers which are used by the Small Organization and are also known as Desktop or Company Layer Routers. Router Series : 800, 1000, 1600, 1700, 1800,2500 isco 1700 Zz aa aay NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comDistribution Layer Router NOAsamens » Routers which are used by the ISPs and are also known as ISP Layer Routers Router Series : 2600, 3200, 3600, 3700, 3800 — a Cisco 2800 Series integrated Services Routers NOAsomein Core Layer Router Routers which are used by the Global ISPs and are also known as Backbone Routers Router Series : 6400, 7200, 7300, 7400. 7500, 7600,10000, 12000 Cisco 7000 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 58NOAsomens Cisco XR 12000 Series Routers Router Classification FIXED ROUTER All ports are integrated on motherboard (ne Slots) Non Upgradable cannot add and remove the interfaces 2500, 800 series routers NOAsammeons MODULAR ROUTER Have Slots where you can add or remove cards Distribution and Core Layer Routers example of Modular Router 1600,1700.1800, 2600.2800,3600.3700 | i NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 59External Ports of Router LAN, WAN , admin ports Concle Ai Pot Por” LAN Ports: (RJ45) Ethernet 10 Mbps Fast Ethernet 100 Mpbs Gig Ethernet 1000 Mbps NOAsomens Power Power Core NOAsonons WAN ports Serial ports 60 pin or 26 pin smart serial Power Power Co NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 60NOAcomons Console Port » Used for local administration Initial Configuration, Password Recovery » It is R45 Port Rigsia080 Corodar NOAsomeons Auxiliary Port » Used for remote administration. » Its an RU-45 port » Aconsole or a rollover cable is to be used. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com2500 Cisco router aut Attachment Unit iterfoe ‘vty ‘aux0 Attachment Unit Interface AUL pin configuration is 15 pin female. NOAsomens Power Supply NOAsomeon haar ih rog Ci cet It is known as Ethernet Port or LAN port or Default Gateway. It is used for connecting LAN to the Router. Transceiver is used for converting 8 wires to 15 wires. ie. RI45 to 15 pin converter. Transceiver > NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 62External Ports of Router (Contd) » LAN interfaces - Ethernet AUI (Attachment Unit Interface) (E0)~ 15 pin TObeseT ~ R45 » WAN interfaces Serial interface (50, $1, s0/0, s0/1 s0/0/0 ete) ~ 60 pin/26 pin(smart serial) ISDN interface(BRIO ete) ~ RI45. (used for ISDN wan connections ) » Administration interfaces Console ~ RI45 — Local Administration Auxiliary ~ RJ45 ~ Remote Administration NOAsomons Internal Components aan POST POST power on self test Checks the hardware y ROM Toads the bootstrap programs and searches for ROM the 1OS (Flashy TFTP/ROM) FLASH Pin Stores 10S Y NVRAM. NVRAM” = Stores configurations ( permanent) Sse RAM fees Stores Configurations ( temporary) Running-config, NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 63Internal Components Internal Flash Memory (Compact Flash) tons Boatre9 | m= icici | 2 atereios Load the 108 5: Locate the Contoraton te 6. Execute the Configuration fle... (7. Enter Setup Mode 1. Performing the POST and Loading the Bootstrap Program © The power-on self test (POST) is a process that occurs on almost every computer when it boots, The POST is used to test the router hardware. * After the POST, the bootstrap program is loaded. The bootstrap program locates the Cisco IOS and loads it into RAM. 2. Locating and Loading the IOS Software NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 64* The location of the IOS file is specified by the value of the configuration register setting. The bits in this setting can instruct the device to load the IOS file from the following locations: + Flash memory © ATFTP server * To load the IOS normally from flash, the configuration register setting should be set to 0x2102. - Locating and Executing the Startup Configuration File or Entering Setup Mode After the IOS is loaded, the bootstrap program searches for the startup configuration file (startup-config) in NVRAM. This file contains the previously saved configuration commands and parameters, including Interface addresses, Routing information , Passwords , other configuration parameters If no configuration file is located, the router prompts the user to enter setup mode to begin the configuration process. Ifa startup configuration file is found, a prompt containing a hostname will display. The router has successfully loaded the IOS and the configuration file. Integrated Services Router (ISR). It gets its name because many of the services, like security, are built into it. It's a modular device like the 2600, © but it's much faster and a lot more sleek—it's elegantly designed to sup-port a broad new range of interface options. © 800,1800,2800,3800, 1900,2900,3900, NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comNOAsomons BASIC COMMANDS NOAsomean Console Connectivity | ‘boo Rollover Computer Cable, R45 to DBS Converter NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 66Console Connectivit Connect a rollover cable to the router console port (RJ-45 connector). Connect the other end of the rollover cable to the RJ-45 to DB-9 converter Attach the female DB-9 converter to a PC Serial Port, Open emulation software on the PC. IN WINDOWS Start > Programs > Accessories > Communications > HyperTerminal > HyperTerminal. Give the Connection Name & Select Any leon Select Serial (Com) Port where Router is connected. In Port Settings > Click on Restore Defaults LAN 192.160.3.0/24 IN LINUX + # minicom -s (used instead of HyperTerminal in Windows) NOAcsomeon Terminal Emulation Programs Software available for connecting to a networking device. » HyperTerminal » PUTTY » Tera Term » SecureCRT » OS X Terminal NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comNOAsomeans HyperTerminal for console access Sao es Is 65e; NOAsomens Default HyperTerminal (Contd) Press RETURN to get storted. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 68NOAcorons Putty Software for Console access of router NOAsommnon 108 Mode Hierarchical Structure eitgy ene cman arnt tent NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com; NOAsormeons Modes on Cisco Routers Guana ply ering Cae caret Setup Mode :- + IPNIVRAM is Blank User Mod ‘Only some baste monitoring Privileged Mode:- + monitoring and some troubleshooting Global Configuration mode:- ‘All Configurations that effect the route globally Interface mode:- Configurations done on the specific interface Rommon Mode:- Reverting Password NOAsomen Setup Mode IF NVRAM is blank (router without configurations) cisco 1941 (revision 5.0) with 114680K/16304K bytes of menory. 2 FastEthernet/TFEE 602.3 interface(s) J63400K bytes of ATA CompactFlash (Read/Write) Cisco 105 software, 164: Software (Ci841-ADVIPSERVICESKS-M), Version 12.4(15)T1, RELEASE SOPTWARE (£2) Jrechnical support: http: //wew.cisco.com/techsupport Copyright (c) 1986-2007 by cisco Systane, inc, comp: 04:52 by pt_tean “+> system configuration Dialog —-~ Continue with configuration afalog? (yae/no] continue with configuration dialog? tyes/no] NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 70NOAcomeons User Mode: Only some basic monitoring Router>show flash System Mash directory File Length Name/satus 3 5571586 <2600-b.122-28.bin [5827403 bytes used, 58188981 available, 64016384 total] £63488K bytes of processor board Syste flash (Read/Write) Router>sh ip interface brief Tnterace ——IBAddreis OR? Method status otocl Fasethemet/0unagned YES unet acminstretivey down down Fatcthemet unsigned YESunet sdminitratvely down down? )\Solutions| Router>ping 1.1.1.1 “ype excape sequence to abort Sending 5, 100-byte ICMP Echos 10 LIMA. timeout is2 Succes rate is O percent (0/3) Router>traceroute 1.1.1.1 “ype excape sequence to abort Tracing the route to 11.1.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 71NOAsomeans Router>show version Clico Internetwork Operating System Software 105 (ten) C2600 Software (C2600+L.M), Version 12.2(28), RELEASE SOFTWARE (fe5) “Technical Suppor: hitpu/Avunweisca.convtechsuppart Copyright (€ 1986-2005 by cisco Syster, Ine. Compiled Wed 27-Apr-04 19:01 by miwang Image text-base: OxB000808C, deta-base: OxBOATFECC ROM: System Bootstrap, Version 12.1(3rJT2, RELEASE SOFTWARE (Fl) Copyright () 2000 by cisco Systems, nc. ROM: C2600 Software (C2600-L-M), Version 12.2(28), RELEASE SOFTWARE (75) System retuined to ROM by reload System image file is "Rash:e2600++mz.122-28.bin* sco 2621 (MPC8ED) procesior (revision 03200) with 6O4I6K/SIZOK bytes of memory Processor board ID JADOSI9OMTZ (4292891495) 'MB60 processor: part number 0, mask 49 Bridging software X25 software, Version 3.0.0, 2 FastEthornotIEEE 802.3 interfce() 32K byte of non-volatile configuration memory. 663438K bytes of ATA CompactFlash (Read/Write) Configuration register Is Ox2102 a NOAsorems Privilege Mode aren i werdeg Che crer » Complete monitoring » All show commands, Copy . erase commands Router> enable Router # show flash Router # show version, Router #show ip interface brief Router# ping 1.1.1.1 Router # traceroute 50.1.1.1 Router # show running-config Router # show startup-config Router # Copy Router # erase NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 72NOAcorons Without names, network devices are difficult to identify for configuration purposes. NOAsomons Global configuration mode Suaeat py eerting Ce cre Router # configure terminal Router (config) # Configuring Device Names Router (config) # hostname NOA Hostnames allow devices to be identified by network administrators over a network or the Internet. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comAssigning Passwords » Console > Auxiliary » VTY line (telnet) ing console password: Router(config) # line con O Router(config-ine) # password Router(configtine)# lo Router(configtine) # exit Assigning Auxiliary password: Router(contfig)# line aux O Router(config-ine) # password Router(configtine) # logit Router(configtine) # exit Assigning Telnet password: Router(config)# line vty 04 Router(config-ine) #password Router(config-ine) #login Router(configtine) #exit NOAcorons pag LAN - 192.168.1.0/24 NOAsamens (ine mode) (line mode) (ine mode) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 74NOAcorons Enable Password Router> enable Password: ... Router(config) # enable password The will be password saved in clear text oR Router(config) # enable secret ‘The password will be saved in encrypted text NOAsomeon Encrypting Password Display Caren iy emg Gi ce (config)# service password-encryption NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.comNOAcomons To save the configuration: aren ihrer he cer Router # copy running-config_ startup-config (oR) Router # write memory (OR) Router # write Erase all Configurtions NOA # erase startup-config NOA # reload NOAsomeon Banner Messages (config)# banner motd # # Limting Device Access - MOTD Banner SD = NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 76LAB: BASIC CONFIGURATIONS AND VERIFICATIONS TASK: Connect the router via Console cable on console port ( as per diagram) POWER on the router and observe the booting Process (sample Output shown below) System Bootstrap, VERIORMM2A(SH)T2, RELEASE SOFTWARE (fel) Copyright (c) 2000 by cisco Systems, Inc. (MPC860) processor (revision 0x200) with 6O4TEKISIZOK bytes of memory Self decompressing the image: Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (0) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (©) () (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software 10S (rn) €2600 Sofware (C2600:1M), VetionmII2(2B), RELEASE SOFTWARE (5) Technical Support: http:/Avww.cisco.com/techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang ES 2BO1TMECBEO) BRSEEHGE(rvsion 03200) with BOATGKISIAOK bytes of memory Processor board ID JADOS190MTZ (4292891495) M860 processor: part number 0, mask 49 Bridging software. X.25 software. Version = System Configuration Dialog — Continue with configuration dialog? [yes/no]: % Please answer 'yes' or ‘no’. Continue with configuration dialog? [YE/RO]INO Router> NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comRouter>show flash System flash directory: File Length Name/status 3 5571584 [5827403 bytes used, 58188981 available, B40163841tetal) 63488K bytes of processor board System flash (Read/Write) Router>show version Cisco Intemetwork Operating System Software IOS (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http:/Avww.cisco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Ine. Compiled Wed 27-Apr-04 19:01 by miwang Image text-base: 0x8000808C, data-base: Ox8OAIFECC ROM: System Bootstrap, WersiGAMT2N(3r)T2, RELEASE SOFTWARE (fel) Copyright (c) 2000 by cisco Systems, Inc. ROM: 2600)SSfiWare (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fe5) System returned to ROM by reload System image file is (362621 (MPC860) processor (revision 0x200) with 6O4I6K/SIZOK bytes of memory Processor board ID JADOSISOMTZ (4292891495) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3 Configuration register is Ox2102 Router>sh ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernet0/O unassigned YES unset administratively down down FastEthernet0/I_ unassigned YES unset administratively down down" Router>ping 1.1.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: Success rate is 0 percent (0/3) Router>traceroute 11.1.1 Type escape sequence to abort Tracing the route to 14.1.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info®noasolutions.com Page 78To enter in to privilege mode Router> enable By typing the clock 2command, you'll get a list of the next possible parameters and what they do. Notice that you should just keep typing a command, a space, and then a question mark until (carriage return) is your only option, If you're typing commands and receive To enter in to privilege mode Router# configure terminal Enter configuration commands, one per line. End with CNTUZ. ‘TO change the Hostname of the router Router(config)# hostname HYDERABAD HYDERABAD (config)# TO ASSIGN CONSOLE PASSWORD HYDERABAD (config}#line console 0 HYDERABAD(configcline)#password ciscol23 HYDERABAD(configztine)#login HYDERABAD(config-line)#end LSYSECONTG, | Confred fom consle by conc HYDERABAD# exit HYDERABAD cond is now available Press RETURN to get started. User Access Verification (Enter the console password which was configured) HYDERABAD> HYDERABAD>enable HYDERABAD# conf terminal Enter configuration commands, one per line. End with CNTU/Z. HYDERABAD(config)# line vty 0.4 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comHYDERABAD(config-line)# password ccnal23 HYDERABAD (config-line}# login HYDERABAD(config.line)# exit HYDERABAD (config)# enable password ccnp123 HYDERABAD (config)# exit HYDERABAD# exit HYDERABAD cond is now available Press RETURN to get started. User Access Verification (Enter the console password which was configured) HYDERABAD> enable (Enter the enable password which was configured) HYDERABAD# HYDERABAD# show running-config Building configuration... Current configuration : 480 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname HYDERABAD HYDERABAD# configure terminal HYDERABAD(config)# enable secret cciel23 HYDERABAD(config)# exit NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comHYDERABAD# show running-config Building configuration... Current configuration : 527 bytes ! version 12.2 no service timestamps log datetime msec no service timestamps debug datetime msec no service password-encryption ! hostname HYDERABAD ! ! enable secret 5 §1SmERES2R7pDdeANARITSDY 7400 enable password cenpl23 ! HYDERABAD# erase startup-config Erasing the nvram filesystem will remove all configuration files! GBRREWE2[€SNARA] [Ok] Erase of nvram: complete HYDERABAD# reload Proceed with reload? [confirm] ‘%SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. System Bootstrap, Version 12.1(31)T2, RELEASE SOFTWARE (fel) Copyright (c) 2000 by cisco Systems, Inc. cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Self decompressing the image : HAAR LAU HAAR AD TAR EE EO EOE EDESUHEROAAUAPHORAEEOR EEE ROR HES EEBO HEE AEE [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (0) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (©) () (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Intemetwork Operating System Software 10S (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fe5) Technical Support: http:/Avww.cisco.com/techsupport NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info®noasolutions.com Page 81Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang cisco 2621 (MPC860) processor (revision 0x200) with 60416K/S120K bytes of memory Processor board ID JADOSISOMTZ (4292891495) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 32K bytes of non-volatile configuration memory. 63488K bytes of ATA CompactFlash (Read/Write) NOTE: The router enters in to setup mode as the startup-config been erased NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 82UNDERSTANDING LAN CONNECTIVITY: PC STRAIGHT-THRU HUB CROSSOVER Te 1 1. 2 2 AX. Re 3 I —— 4 s—_———s FX 6 TT 6 1X —_—-_— ———S RI-45 Plug 6h Sigh Tough hee Gale RJ 45 CONNECTOR: RI45 is a standard type of connector for network cables. RU45 connectors are most commonly seen with Ethernet cables and networks. RJ45 connectors feature eight pins to which the wire strands of a cable interface electrically. Standard RJ- 45 pinouts define the arrangement of the individual wires needed when attaching connectors to a cable. Several other kinds of connectors closely resernble RJ45 and can be easily confused for each other. The RI-II connectors used with telephone cables, for example, are only slightly smaller (narrower) than RJ-45 connectors. ‘Also Known As: Registered Jack 45 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 83‘Smal LAN using 2 hud x Sree ea Crossover Cable NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 84Wide Area Network NOAsomn Ganeet ot mtn Service Provider 4 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 85NOAcormons WAN Connection Types ‘Synchronous Serial Asynchronous Serial, ISDN Layer 4 mn Circuit-Switched eS X t seen ° td Synchronous Serial Packet-Switched eo- Service oe) Prov NOAsomen Modern WAN Connections MPLS Metro Ethernet Virtual Private Network (VPN) DsL Cable VSAT NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 86Leased Lines LAN-20.0.00/8 BANGLORE HYDERABAD OFFICE OFFICE .703 BANGLORE. MUX Serial Point-to-Point Connections Router Connections End-User Devies = = EIATTIA232 EIAITIA.449 x2 EIAs30 2 Network Connections at the CSUIDSU NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 87to hp eating Cen ae Data Termination Equipment Data Communication Equipment Accept clocking (i.e. Speed). Generate clocking (i.e. Speed) Example of DTE device in Example of DCE device in Leased Leased line setup : Router line setup : V.35 & G.703 Modem Example of DTE device in Dial Rercande (MeCN up setup : Computer Example of DCE device in Dial up setup : Dialup Modem STS Lab Setup NO, A remade Chea Wan Representation ee » A Back to Back Cable is used which emulates the copper wire, modems and MUX, the complete exchange setup. V.35 Back to Back Cable NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 88NOAcomons Rules to assign the IP address to the router: 1. All the LAN and WAN should be in different networks (or should not repeat the same networks). Router Ethernet IP and the LAN network assigned should be in the same network. Both the interfaces of router facing each other should be in the same network. All the interfaces of routers should be in the different network. NOAsonons oven Ba t | slog iat ERIE INNS Ne sassg ensayo: MAMET IONE HOE Pri faseaaet manasen ‘waren NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 89NOAsomens Assigning IP address on Cisco routers oan aia coenrameee (config) # interface (config-if) # ip address (configcif) # no shutdown o=- snow anentarae 21652024 NOAsorom Assigning a Static IPv4 Address to a Host LAN Interface Properties Configuring a Static IPv4 Address Dn wenkey [Aenea | 20r8 Seay ee mere ett NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 90LAB: BASIC IP. CONFIGURATION: 192.168.1.3, 192.168.1.1 am aenaa! 192.168.1.2 192.168.2.1 192.168.2.2 192.168.1.0/24 192.168.2.0/24 the topology as per the above diagram 2. Configure Ip address as per the diagram and rules 3. Verify the Interface status using command, ‘© #f show ip interface brief ON ROUTER -1 Router> enable Router#f configure terminal Router (config) # hostname Rl Rel(config)#_ interface fastEthernet 0/0 Rel(config-if}# ip address 192.168.1.100 255.255.255.0 Rel(config-if}# no shutdown RA(config.ifh#t RA(config-if}#exit RA(con fig)# interface serial 0/0 RA(config-if}#ip address 10.0.0.1 255.0.0.0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 91RAlconfigif}# no shutdown Rel(configiif# clock rate 64000 NOTE: * clock rate is only required in the lab scenario as we are using a back to back cable instead of the real exchange where the modems will be installed which will generate the clocking here clock rate has to be generated manually using clock rate command R-l#show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernetO/1 unassigned __YES unset administratively down down Serial unassigned YES unset administratively down down ON ROUTER -2 Router> enable Router# configure terminal Router(config)# hostname R-2 R-2(config)# interface fastEthernet 0/0 R.2(configif# ip address 192.168.2100 255.255.255.0 R-2(config-if}#no shutdown R.2(config-if}fexit R-2(config)# interface serial 0/0 R-2(config-ifip address 10.0.0.2 255.0.0.0 R-2(config.if}#no shutdown R-2(config-i# clock rate 64000 R.2#/show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthemnet0/0 192.168.2.100. YES manual up up FastEthernetO/1 a YES unset ee down down SerialO/l unassigned YES unset administratively down down NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comReli#tshow ip interface brief Interface IP-Address OK? Method Status Protocol FastEthemet0/O 192.168.1100 YES manual up up FastEthernetO/I__unassigned _YES unset_administratively down down SerialO/1 unassigned YES unset administratively down down R-2#ping 10.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds: ees : |), round-trip min/avg/max = 2/4/8 ms Solutions] LAB : Assigning IP address NOAsomen i 19216514 a TEN 07 e544 192.168.1.0/24 192.1682.0/24 9216821 192.1682 w921683.1 19216832 192.168.3.0/24 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 93BASIC CONFIGURATION USING THREE ROUTERS 192.168.1.4 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192.168.3.2 192.168.3.0/24 ROUTER -1 Router(config)# hostname R-1 Rel(config)# interface fastEthernet 0/0 Re(config-if}# ip address 192.168.1100 255.255.255.0 Rel(config if}# no shutdown Re(config-if}# *%LINK-5-CHANGED: Interface FastEthernet0/O, changed state to up %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/O, changed state to up R-l(configif#exit RA(config)#interface serial 0/0 Ra(configif}fip address 10.0.0.1 255.0.0.0 Rul(configif}#ne shutdown R-l(configif# clock rate 64000 NOTE: clock rate is only required in the lab scenario as we are using a back to back cable instead of the real exchange where the modems will be installed which will generate the clocking * here clock rate has to be generated manually using clock rate command Rel#show ip interface brief Interface IP-Address OK? Method Status Protocol NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 94FastEthernetO/1_ unassigned —_YES unset_administratively down down Serial unassigned YES unset administratively down down ROUTER -2 R-2>enable R-2(config)# interface fastEthemet 0/0 R-2(config-i# ip address 192.168.2.100 255.255.255.0 R-2(config.if#no shutdown R-2(config-iFexit R-2(config)# interface serial 0/0 R-2(config-i# ip address 10.0.0.2 255.0.0.0 R-2(config-i}#no shutdown R-2(config.i#elock rate 64000 R-2(config)# interface serial O/1 R-2(config.if# ip address 1.0.0.1 255.0.0.0 R-2(config-if}# no. shutdown R-2(configifi#eclock rate 64000 R-2ifshow ip interface brief Interface IP-Address OK? Method Status Protocol up up FastEthernet0/1_ unassigned ___YES unset_administratively down down ROUTER- 3 Router>enable Routerftconf t Router(config)#hostname R-3 R-3(config)#interface fastEthemet 0/0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info®noasolutions.com Page 95R-3(config-if# ip address 192.168.3.100 255.255.255.0 R-3(config-if)#fno shutdown R-3 (config iffexit R-3(config)#interface serial 0/0 R-3(config-iffip address 11.0.0.2 255.0.0.0 R-3(config-iffno shutdown R-3(config.if)#elock rate 64000 R-3 (config iff end R-3#/show ip interface brief Interface IP-Address OK? Method Status Protocol FastEthernetO/I_ unassigned _YES unset administratively down down SerialO/t unassigned YES unset administratively down down R-2#ping 10.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds: ma Success FAEBISIOO)BEREEAE(S/5), round-trip min/avg/max = 4/12/44 ms R-2#ping 11.0.0.2 Type escape sequence to abort. Sending 5. 100-byte ICMP Echos to 11.0.0.2, timeout is 2 seconds: Success FAtBISMOOlpereent (5/5), round-trip min/avg/max = 4/7/20 ms NOTE: Once the interfaces are up you should be able to ping to the directly connected interfaces of the other routers NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345. info@noasolutions.com Page 96NOAcomeons Troubleshooting Connectivity R-lftshow ip interface brief Inverface IPAddress OK? Method — Status Protocol FestftheretO/O 192.168.1100 YES manual up “ FastfthernetO/1 unassigned YES unset administratively down down, Seris}010 100.01 YES manual up ep Seraton unassigned YES unset administratively down down, NOAsonmons Gawain Ce er Troubleshooting Connectivity(contd) a 1) Serial is up, line protocol is up “ ~ Conneivity ise ae 2) Serial is down, line protocol is down * rencte dee ted * tmompertnnaicen ee) © > ince of the emote ters ob cong «problem th cone 3) eal adminiratvely dun ne protcl down Tcl por sin st down sat "No Shutdown has tobe given onthe looser tere 4) Sets pti protocl dow Encapslton mismatch clock rate command not given on serial interface ( only applies in lab scenario ) ian Phen euthentctonmimeth NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 97WAN PROTOCOLS NOAsomnons HDLC PPP Higher level data link Control Point to Point Protocol protocol isco Proprietary Standard Protocol NO support Authentication, ‘Supports Authentication, compression & Compression & error correction | error correction Default on serial links ‘Change to PPP. NOAsonmons Reidsh interfaces so/o Serialo(s up, line protocol is up (connected) Hardware s H064570 Incernetaddressis 10.0.0.18 [MTU 1500 bytes, BW 1544 Kbit, LY 20000 usec, reliabilty255/255, tload 1255, xload 255, Encapsulation HDLC, Icopback not set, keepaliveset (10 see) Configuration of PPP: Router# configure terminal Router(config)#interface serial ofo Roucer(configif}* encapsulation ppp NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 98NOAsomin PPP Authentication RAR PAP CHAP Password Authentication Protocol Challenge Handshake Authentication Protocol AP provides a simple method fora ‘After the PPP link establishment phase Is complete, the remote node to establish is identity using_| local router sends a unique “chellenge” message fo the a two-way handshake, remote node. PAP Is done only upon Initia ik “The remote node respond with a value (MDS) establishment PAP is not a strong authentication “The local router checks the response against Its own protocol calculation of the expected hash value Passwords are sent across the link in clear | Ifthe values mateh, the authentication Is tex. acknowledged. Otherwise the connection is terminated immediatly PAP vs CHAP NOAsanen PPP Authentication Protocols aaa Se NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 99NOAcomeorns :l[config)#usemame R-2 password e'scol23 R-I(config) tint 50/0 PAP Configuration I (config: ¥encapeulation ppp {ippp authentication pap ‘#ppp pap sent-usemame R-1 password ciscol23 -Z[contig)#usermame R-1 password clsco123 .2{contig| tint s0/0 ‘R2{contg:}tencapsuiation ppp 2[contig:t}4ppp euthentication pap R2(contc:)*ppp pop sent-username R-2 password clscol23, R2{contigit}¥end ‘acu tae asesz0/20 NOAsomons Ganeet it wig Cer oS: 6 ai CHAP configuration on R1/R2 rina = ae B Rxlcontigit® ppp authentication chap seusest1eamee =" %ertest4 (Stony doeeenaa Rxtconegi eax V92-108.1.0/24 v92.1082.0/24 R-lconfig| tusemame R-2 password cisco123 .2{config| username R-1 password clseo!23, NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 100LAB: PPP Authentication using CHAP. ‘sw ‘92.t6s. s92s6824 192.6822 192.168.1.2 102.168.1.0/24 102.168.2.0/24 TASK: * Continue with the same previous lab connecting RI/R2 where IP address is pre-configured. © configure RI/R2 to use PPP authentication using PAP R-lfsh ip int brief Interface IP-Address_OK? Method Status Protocol ES manual up up FastEthernetO/I___unassigned YES unset administratively down down ES manual up up Serial unassigned YES unset administratively down down Relfsh int sO/0 Setial0/0 is up. line protocol is up (connected) Hardware is HD64570 Internet address is 10.0.0.1/8 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, reliability 255/255. txload 1/255, rxload 1/255 Enicapsilation|MDUC, loopback not set, keepalive set (10 sec) Configure PPP Authentication using CHAP on both RI/R2 Rex(config)#int s0/0 Rex(config-if}# encapsulation ppp R-x(config-i}# ppp authentication chap Rex(config-i# exit R-l(config)#username R-2 password ciscol23 R-2(config)#usermame RA password ciscol23 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 101R-2sh ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/O —_192.168.2.100 YES manual up up FastEthernet0/I unassigned YES unset administratively down down Serial0/0 10.0.0.2. YES manual up up Serial unassigned YES unset administratively down down R-2#ping 10.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds: unt Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/14 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 102LAB: PPP Authentication using PAP 1921681. ale = 192.168.1.2 ro2168.2.1 192.168.22 1092.168.1.0/24 192.168.2.0/24 TASK: © Continue with the same previous lab connecting RI/R2 where IP address is pre-configured. «Remove the encapsulation PPP and reconfigure PPP Authentication using PAP. R-l(config)#username R-2 password ciscol23 R-l(config)#int s0/0 R-l(config-if}#no encapsulation ppp R-l(config-iN#encapsulation ppp Rel(config-if}#ppp authentication pap R-l(config-if}#ppp pap sent-username R-1 password ciscol23 RAl(config-if}#end R-2ish ip int brief Interface IP-Address OK? Method Status Protocol FastEthernet0/0 __192.168.2.100 YES manual up up FastEthemet0/l unassigned YES unset administratively down down SerialO/0 10.0.0.2 YES manual up down Serial” Unassigned YES unset administratively down down R.2(config)#username R-1 password ciscol23 R-2(config)#int 50/0 R-2(config-if) encapsulation ppp R-2(config-i}#ppp authentication pap R-2(config-if)#ppp pap sent-username R-2 password ciscol23 R-2(config-if}#end NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 103R-2#sh ip int brief Interface IP-Address OK? Method Status FastEthernet0/O _192.168.2.100 YES manual up up FastEthernet0/I unassigned YES unset administratively down down SerialO/o 10.0.0.2 YES manual up up Serial0 Unassigned YES unset administratively down down R-2#ping 10.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 secon mn Success rate is 100 percent (5/5), round-trip min/avg/max = 2/3/7 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 104J-NSolutions] Routing Static , Dynamic, Default NOAsommnn Routing en ring Ch ner Forwarding of packets from one network to another network choosing the best path from the routing table. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 infonoasolutions.com Page 105NOAcomons Types of Routing 1. Static Routing 2. Default Routing 3. Dynamic Routing NOAsomem Static Routing » Itis configured by Administrator manually Mandatory need of Destination Network ID It is Secure & fast Used for Small organizations with a network of 10-15 Routers. Administrative distance for Static Route is 0 and 1. Itisthe “trastwworthines” ofthe routing information. Lesser the Administrative cstance, higher Disadvantages :- Used for small network. Everything to manually Network change effect complete n/W NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 106NOAcormons Configuring Static Route Router(config)# ip route NOAsomeons LAB : Static Routing ieee R-l(config)# ip route 192.168.2.0 255.255.255.0 10.0.0.2 R-2(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 107LAB: STATIC ROUTING 192.168.1.1 192.168.1.2 192.168.2.1 192.168.2.2 192.168.1.0/24 192.168.2.0/24 Pre-requirement for LAB (check previous labs) «Design the topology (connectivity ) # Assign the IP address according to diagram Make sure that interfaces used should be in UP UP state TASK: © Configure Static routing © Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) Relfshow ip route Gateway of last resort is not set | gy is directly connected, FastEthemet0/O R.2#show ip route Gateway of last resort is not set c | arene! 4 is directly connected, FastEthernet0/O NOTE: © The above routing table displays only the networks which are directly connected By default router don't know about the networks which are not directly connected and that the reason there is no reachability between the two LAN's + Soto provide reachability we need to implement any type of the routing NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 108PC> ipconfig IP Address. Subnet Mask.. + 255,255.255.0 Default Gateway.. 192.168.1.100 PC>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply Reply from 192.168.1.100: Destination host unreachable. Reply from 192.168.1.100: Destination host unreachable. Ping statistics for 192.168.2.1 Packets: * From the above output we can see there is no communication between 192.168.1.1 and 192.168.2.1 and they are on different networks. * In order to communicate we need to implement any of the routing ( here in this we use static routing ) OnRA R-l(configi# ip route 192.168.2.0 255,255.255.0 10.0.0.2 R-l(config)# end R-ldsh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, Serial0/O C_ 192.168.1.0/24 is directly connected, FastEthemet0/0 On R-2 R-2(config)fip route 192.168.1.0 255.255.255.0 10.0.0.1 R-2(config)#end R.2#show ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, SerialO/O C 192.168.2.0/24 is directly connected, FastEthemet0/0 PC> ipconfig IP Address, Default Gateway. + 192.168.1100 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 109PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. Reply fremnil92168:20ts bytes 32 tim PC> ping 192.168.2.2 Pinging 192.168.2.2 with 32 bytes of data: Request timed out. 2 time=21ms TTL=126 Reply from 192.168.2.2: bytes=32 time=I9ms TTL=126 Reply from 192.168.2. 6 PC>tracert 192.168.2.1 Tracing route to 192.168.2.1 over a maximum of 30 hops: R-2#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is [OONBereent (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 110NOAsornos LAB : Static Routing Bates ip eg Cnc Re (config)# ip route 192.168.2.0 255.255.255.0 10.0.0. RA(config)# ip route 192.168.3.0 255.255.2550 10.0.0.2 R(config)# ip route 11.0.0.0 255.0.0.0 10.0.0.2 See eaventoat wases20/20 iaseeaest NOAsomeon LAB : static Routing R-2(config)# ip route 192.168.1.0 255.255.255.0 10.0.0.1 R-2(config)# ip route 192.168.3.0 255.255.255.0 11.0.0.2 R.3(config)# ip route 192.168.2.0 255.255.255.0 11.0.0.1 R-3(config)# ip route 192.168.1.0 255.255.255.0 11.0.0.1 R-3(config)# ip route 10.0.0.0 255.0.0.0 11.0.0.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 111LAB : STATIC ROUTING USING THREE ROUTERS 192.168.1.1 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192,168.32 192.168.3.0/24 Pre-requirement for LAB (check previous labs) ‘© Design the topology (connectivity ) ‘+ Assign the IP address according to diagram. ‘+ Make sure that interfaces used should be in UP. UP state TASK: © Configure Static routing Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) Relish ip route Gateway of last resort is not set C_ 10.0.0.0/8 is directly connected, SerialO/O C_ 192.168.1.0/24 is directly connected, FastEthemet0/0 R-2ifsh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, Serial0/O C_11.0.0.0/8 is directly connected, SerialO/1 C 192.168.2.0/24 is directly connected, FastEthernet0/O R.3#sh ip route Gateway of last resort is not set C_ 11.0.0.0/8 is directly connected, Serial0/O C__192,168.3.0/24 is directly connected, FastEthemet0/O Router-1 RA(config)# ip route 192.168.2.0 255.255.255.0 10.0.0.2 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 112R-l(config)# ip route 192.168.3.0 255.255.255.0 10.0.0.2 R-l(config)# ip route 11.0.0.0 255.0.0.0 10.0.0.2, Router — 2 R-2(config)# ip route 192.168.1.0 255.255.255.0 10.0.0.1 R-2(config)# ip route 192.168.3.0 255.255.255.0 11.0.0.2 Router — 3 R-3(config)# ip route 192.168.2.0 255.255.255.0 11.0.0. R-3(config)# ip route 192.168.1.0 255.255.255.0 11.0.0.1 R-3(config)# ip route 10.0.0.0 255.0.0.0 11.0.0.1 Rel/show ip route Gateway of last resort is not set C_10.0.0.0/8 is directly connected, SerialO/0 C__ 192.168.1.0/24 is directly connected, FastEthernet0/O R.2#show ip route C 10.0.0.0/8 is directly connected, SerialO/O C_11.0.0.0/8 is directly connected, SerialO/1 C_ 192.168.2.0/24 is directly connected, FastEthernet0/0 R-3#show ip route 11.0.0.0/8 is directly connected, Serial0/O C_ 192.168.3.0/24 is directly connected, FastEthenet0/0 PC> ipconfig IP Address. 192.168.1.1 Subnet Mask. 255.255.255.0 Default Gateway. 92.168.1.100 PC>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. REpIy Sin 1SDNEBIM FEY 32 time=19ms TTL=126 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 113Pc>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out. PC>tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops: 1 5ms_ 8ms_ 8 Trace complete. Rel#ping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 second: Success rate is TOONBereent (5/5), round-trip min/avg/max = 9/16/31 ms R-3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is 1OOBErEeNt (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 114Default Routing » A Default routing protocol is configured for unknown destinations. Generally used in the internet where the destinations are unknown, + Example : The address of yahoo is unknown. Also can be used at end locations. Itis the last preferred routing Default routes help in reducing the size of your routing table. R-l(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2 NOAsomens Default Routing - Real Time Example LAN- 192.168.1.0/24 1 202.54.30.1124 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 115NOAsamens LAB: Verifying Default Route ine R-1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2 R.2(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.1 R.2(config)#ip route 192.168.3.0 255.255.255.0 11.0.0.2 R-3(config)# ip route 0.0.0.0 0.0.0.0 11.0.0.1 LAB: DEFAULT ROUTING 192.168.1.1 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192.168.3.2 192.168.3.0/24 Pre-requirement for LAB (check previous labs) © Design the topology (connectivity ) ‘+ Assign the IP address according to diagram. ‘+ Make sure that interfaces used should be in UP UP state NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 116TASK: © Configure Default route used on RI and R3 static routing on R2 * Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) Relish ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, SerialO/O C 192.168.1.0/24 is directly connected, FastEthemet0/O R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, SerialO/O C_ 11.0.0.0/8 is directly connected, SerialO/1 € 192.168.2.0/24 is directly connected, FastEthernet0/O R.3#sh ip route Gateway of last resort is not set C 11.0.0.0/8 is directly connected, SerialO/O C 192.168.3.0/24 is directly connected, FastEthernet0/0 Router- 1 R-l(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2 Router — 2 R-2(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.1 R.2(config)#ip route 192.168.3.0 255.255.255.0 11.0.0.2 On Router ~ 3 R-3(config)# ip route 0.0.0.0 0.0.0.0 1.0.0.1 Relish ip route Gateway of last resort € 10.0.0.0/8 is directly connected, SerialO/0 C_ 192.168.1.0/24 is directly connected, FastEthemet0/O R.2#sh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, SerialO/O C_11.0.0.0/8 is directly connected, SerialO/1 S$ 192.168.1.0/24 [1/0] via 10.0.0.1 C_192.168.2.0/24 is a connected, FastEthernet0/0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 117R-3#sh ip route Gateway of last resort is MINQOMFONEHWOF 0.01010 C 11.0.0.0/8 is directly connected, SerialO/O C_ 192.168.3.0/24 is directly connected, FastEthemet0/0 PC>ipconfig IP Address. : Subnet Mas 255.255.255.0 Default Gateway. 192.168.1.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out. PC>tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops: 1 5ms 8ms 8ms 2 ms 9ms 8ms 1 3 17ms 6ms_ Iams 4 24ms 27ms 25ms Trace complete, Relping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168,3.1, timeout is 2 seconds: Success rate is TOOJBEREERE (5/5), round-trip min/avg/max = 9/16/31 ms R-3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is TOOJBEREAE (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 118Dynamic Routing Dynamic Routing NOA samo Advantages of Dynamic over static: Works with advertisements ( of directly connected networks) No need to know the destination networks Updates the topology changes dynamically. Administrative work is reduced Used for large organizations. Neighbor routers exchange routing information and build the routing table automatically. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 119NOAsomens Types of Dynamic Routing Protocols * Distance Vector Protocol * Link State Protocol + Hybrid Protocol NOAsamens Distance Vector Link State Hybrid (Advance Distance vector Protocol) ‘Werk with Balinan Fond aigartim | Wore with Disa sigan | Werk with DUAL algortin eric updater Theresia upaoter Incremental upastes LUnk state updates Fal Roving abies are changed ‘Ming reer are exchanged! | Ming route ar exchanged ‘last og protocol ‘lass routing protocol Clase routing provocok Updates ae trough bande Updates oretiough mati | Updoesare trough mulliast Eranple: RiP Erampie OSPR IS samples EIGRP NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 120NOAcomons Classful Protocols: Classfl routing protocol do not carry the subnet mask information along with updates ‘which means that all devices in the network must use the same subnet mask (FLSM or default ) + Be: RIPUI IGRP Classless Protocols: Classless routing protocol carry the subnet mask information along with updates, That's why they support sub networks( VLSM and FLSM) and default networks also + Bx: RIPU2., EIGRP , OSPR 5.15 Routing Information Protocol Open Standard Protocol Classful routing protocol Updates are broadcasted via 255.255.255.255 Metric : Hop count Load Balancing of 4 equal paths Max Hop counts : 15 Max routers : Used for small organizations Exchange entire routing table for every 30 second Administrative distance is 120 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 121Rip Timers NOAsamans + Update timer : 30 sec — Time between consecutive updates + Invalid timer : 180 sec — Time a router waits to hear updates — The route is marked unreachable if there is no update during this interval. ‘+ Flush timer : 240 sec Time before the invalid route is purged from the routing table — Hold Down timer : 180 Sec = Stabilizes routing information and helps preventing routing loops during periods when the topology is converging on new information. NOAsomons RIP VI RIP V2 » Classful routing protocol _ Classless routing protocol » No authentication. » Supports authentication » Uses broadcasts » Uses multicast address 224.0.0.9. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 122NOAsamens Advantages of RIP Easy to configure No design constraints ( unlike OSPF) Less overhead Disadvantage of RIP Bandwidth utilization is very high as broadcast for every 30 second Works only on hop count Not scalable as hop count is only 15 Slow convergence NOAsomons Configuring RIP v1 Router(config)# router rip Router(config-router)# network Configuring RIP v2 Router(config)# router rip Router(config-router)# network Router(config-router)# version 2 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 123NOAsoroms LAB : Routing using RIPv2 Sree uetyrmien icra Ral(config)router rip R-2config)#router rip Rel(config-router)#version 2 R-2(config-router}#version 2 Rel(config-router}#network 192.168.1.0 -2(config-router)#network 192.168.2.0 Rel(config-router}#network 10.0.0.0 R-2(config-router)#network 10.0.0.0 Rel(config-router)#end R-2(config-router}#network 11.0.0.0 R-2(config-router)end “2 gre R.3(config-router)#version 2 |__ 8:3(config-router)#network 192.168.3.0 GP crterosmmaworsi200 BT (config router)fend sg25 gs LAB: DYNAMIC ROUTING USING RIPV2 192.168.1.1 1921681 S99 168.44 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192.168.3.2 192.168.3.0/24 Pre-requirement for LAB (check previous labs) 1) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should be in UP UP state ‘What we do in this lab NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 1244) Dynamic routing using RIPv2 5) Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) Relish ip route Gateway of last resort is not set is directly connected, Serial0/0 /24 is directly connected, FastEthernet0/O R-2#sh ip route Gateway of last resort is not set irectly connected, Serial0/0 is directly connected, SerialO/1 24 is directly connected, FastEthernet0/O R.3fsh ip route Gateway of last resort is not set irectly connected, Serial0/O 1/24 is directly connected, FastEthernet0/O R-l(config)#router rip Router- 1 R-l(config-router}éversion 2 R-l(config-router) network 192.168.1.0 R-l(config-router)#network 10.0.0.0 R-l(config-router)#end Router ~ 2 R-2(config)#router rip R-2(config-router}#version 2 R-2(config-router)#network 192.168.2.0 R-2(config-router}#network 10.0.0.0 R-2(config-router}#network 11.0.0.0 R-2(config-router)iend Router — 3 R-3(config)#router rip R-3(config-router}#version 2 R-3(config-router)#network 192.168.3.0 R-3(config-router)#network 11.0.0.0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 125R-3(config-router)#end Relish ip route Gateway of last resort is not set C_ 10.0.0.0/8 is directly connected, SerialO/O R__11.0.0.0/8 [120/1] via 10.0.0.2, 00:00:03, SerialO/0 C_ 192.168.1.0/24 is directly connected, FastEthernet0/O R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, SerialO/O C_11.0.0.0/8 is directly connected, SerialO/1 R_192.168.1.0/24 [120/1] via 10.0.0.1, 00:00:08, SerialO/O C_192.168.2.0/24 is directly connected, FastEthernet0/0 R-3#sh ip route Gateway of last resort is not set R_10.0.0.0/8 [20/1] via 11.0.0.1, 00:00:26, SerialO/0 c 11.0.0.0/8 is directly connected. Serial0/O C_ 192.168.3.0/24 is directly connected, FastEthernet0/0 Relishow ip protocols Routing Protocol is Sending updates every Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set, Redistributing: rip Default version control: send version 2, receive 2 Interface Send Recy Triggered RIP Key-chain Automatic network summarization is in effect Maximum path: 4 Routing for Networks: Passive Interface(s) Routing Information Sources: Gateway Distance _Last Update 10.0.0.2 120 00:00:02 Distance: (default is 120) Relitshow ip route rip NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 126R__11.0.0,0/8 [120/1] via 10.0.0.2, 00:00:24, Serial0/O R_ 192.168.2.0/24 [120/1] via 10.0.0.2, 00:00:24, Serial0/O R_ 192.168.3.0/24 [120/2] via 10.0.0.2, 00:00:24, Serial0/0 PC> ipconfig IP Address, Subnet Mask. 255.255,.255.0 Default Gateway. 192.168.1.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. j= 32 time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TT Reply from 192.168.2.1: bytes=32 time=14ms TTI PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out. Reply from 192.168.3.1: bytes=32 tim Reply from 192.168.3.1: bytes=32 tim PC> tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops: 1 5ms Sms 8ms — 192.168.1.100 2 ms 9ms 8ms 10.0.0.2 3° 17ms 6ms 12ms_ 11.0.0.2 4 24ms 27ms 25ms 192.168.3.1 Trace complete, Rel#ping 192.168.3.1 Type escape sequence to abort. Sending 5. 100-byte ICMP Echos to 192.168,3.1, timeout is 2 seconds: Success rate is [OOJBereent (5/5), round-trip min/avg/max = 9/16/31 ms R3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is TOOBEREAE (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 127NOAcomons Administrative Distance Sos Mareen econ » Trust worthiness of the information received by the router. » The Number is between 0 and 255 » Less value is more trusted. » Default administrative distances + Directly Connected = 0 + Static Route = 1 RIP = 120 NOAsomeon Autonomous System Number * Aunique number identifying the Routing domain of the routers. * An autonomous system is a collection of networks under a common administrative domain Ranges from 1- 65535 Public AS (in between muliple SP) 1- 64512 Private AS (same SP) 64513 — 65535 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 128NOAsomons Routing Protocol Classification Gena gy remading Cee IcP EGP Interior Gateway Protocol |. Exterior Gateway Protocol used within an autonomous . used between different system autonomous systems All routers will be routing within Routers in different AS need an the same Autonomous boundary EGP 4. RIP. IGRR, EIGRR, OSPF, 15-15 Border Gateway Protocol NOAsomeons IGPs: RIP, OSPF, IGRP, EGPs: BGP Wee XYZ- AS 100 ABC — AS 200 — IGPs operate within an autonomous system — EGPs connect different autonomous systems NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comEnhanced Interior Gateway Routing Protocol NOAsomens Advanced distance vector Standard protocol ( initially was cisco proprietary) Classless routing protocol Includes all features of IGRP Max Hop count is 255 (100 by default) Administrative distance is 90 Flexible network design Multicast and unicast instead of broadcast address 100% loop-free classless routing Easy configuration for WANs and LANs NOAsomnon © Tre] a ste, onthe ok? Helo, Lam router 8. al ear Lt Here is my complete routing information. (opt! “Tanks forth information! Here is my compete route information ~ NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 130NOAcomons Updates are through Multicast (224.0.0.10 ) Hello packets are sent every 5 seconds Convergence rate is fast Supports IP, IPX and Apple Talk protocols It uses DUAL (diffusion update algorithm) Supports equal cost an unequal cost load balancing NOAsomeon EIGRP Tables 1. Neighbor table + Contains list of directly connected routers + # show ip eigrp neighbor Topology table + List of all the best routes learned from each neighbor + # Show ip eigrp topology Routing table + The best route to the destination + # show ip route NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 131EIGRP Metric > EIGRP uses BW + Delay + load + MTU + reli » By default uses BW and Delay in the metric calculation » Formula with default K values (KI = 1, K2 = 0, K3 = 1, K4 = 0, KS = 0): Metric = [K1* BW + ((K2 * BW) / (256 - load) + K3 * delay] NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 132NOAsorons EIGRP Metrics Calculation Example A 256 kbps 266 kbps. Delay 2000 Delay 2000 A>B>CID Least bandwidth 64 kbps Total delay 6,000 APXPYIZ9D Least bandwidth 256 kbps. Total delay 8,000 * Delay is the sum of all the delays of the links along the paths: Delay = [delay in tens of microseconds] x 256 * Bandwidth is the lowest bandwidth of the links along the paths: Bandwidth = [10,000,000 / (bandwidth in kbps)] x 256 NOAsomons Gawain Ce er Configuring EIGRP Router(config)# router eigrp Router(config-router)# network NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 133LAB : Routing using EIGRP NOAsamans Remeron ESTED Rileonfigrowerj network 19216810 Raeonfigvetey# network 192168.2.0 Rican aaah een Canoes ene ore gcse ana Rance eaten oon EAD isconios ove op 00 "| R:3(config-outer}# network 192.168.3.0 R.3{config-outer}# network 1.0.0.0 e @ LAB: DYNAMIC ROUTING USING EIGRP 192.168.1.4 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192,168.32 192.168.3.0/24 _Pre-requirement for LAB (check previous labs) ‘© Design the topology (connectivity ) ‘© Assign the IP address according to diagram NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 134* Make sure that interfaces used should be in UP UP state TASK * Configure Dynamic routing using EIGRP 100 * Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) R-lfsh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, SerialO/O € 192.168.1.0/24 is directly connected, FastEthemet0/O R-2#fsh ip route Gateway of last resort is not set C_ 10.0.0.0/8 is directly connected, SertalO/O C_11.0.0.0/8 is directly connected, SerialO/1 CC 192.168.2.0/24 is directly connected, FastEthemet0/0 R.3#sh ip route Gateway of last resort is not set C_ 11.0.0.0/8 is directly connected, SerialO/O C 192.168.3.0/24 is directly connected, FastEthemet0/0 ROUTER-1 R-(config)# router eigrp 100 R-l(config-router)# network 192.168.1.0 R-l(config-router)# network 10.0.0.0 ROUTER -2 R-2(config)frouter eigrp 100 R-2(config-router}# network 192.168.2.0 R-2(config-router}# network 1.0.0.0 R-2(config-router}# network 10.0.0.0 ROUTER - 3 R-3(config)# router eigrp 100 R-3(config-router}# network 192.168.3.0 R-3(config-router)# network 1.0.0.0 S%DUAL-S-NBRCHANGE: IP-EIGRP 100: Neighbor 11.0.0.1 (Serial0/0) is up: new adjacency R-2#tshow ip eigrp neighbors IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 135(sec) (ms) Cnt_Num Rel#show ip route Gateway of last resort is not set C_10.0.0.0/8 is directly connected, SerialO/O C_ 192.168.1.0/24 is directly connected, FastEthernet0/O Rel#show ip route eigrp D_11.0.0.0/8 [90/2681856] via 10.0.0.2, 00:06:05, SerialO/O D_ 192.168.2.0/24 [90/2172416] via 10.0.0.2, 00:06:08, SerialO/0 D_ 192.168.3.0/24 [90/2684416] via 10. 00:03:09, SerialO/O R.2#show ip route eigrp D_ 192.168.1.0/24 [90/2172416] via 10.0.0.1, 00:07:26, SerialO/O D__ 192.168.3.0/24 [90/2172416] via 11.0.0.2, 00:04:52, SerialO/1 R-3f/sh ip route eigrp, D_ 10.0.0.0/8 [90/2681856] via 11.0.0.1, 00:04:32, SerialO/O D_ 192.168.1.0/24 [90/2684416] via 11.0.0.1, 00:04:32, SerialO/O D_ 192.168.2.0/24 [90/2172416] via 11.0.0.1, 00:04:32, SerialO/O R-ldsh ip protocols Routing Protocol is "igepml00” Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight KI=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum EIGRP maximum metric variance 1 Redistributing: eigrp 100 Automatic network summarization is in effect Automatic address summarization: Maximum path: 4 Routing for Networks: Routing Information Sources: Gateway Distance __Last Update 10.0.0.2 90 18606786 Distance: internal 90 external 170 R-lfsh ip eigrp topology IP-EIGRP Topology Table for ASIIGO NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 136Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply, r+ Reply status P 192.168.1.0/24, 1 successors, FD is 28160 via Connected, FastEthernet0/O P 10.0.0.0/8, 1 successors, FD is 2169856 via Connected, Serial0/O P 192.168,2.0/24, I successors, FD is 2172416 via 10.0.0.2 (2172416/28160), SerialO/O P'11.0.0.0/8, 1 successors, FD is 2681856 via 10.0.0.2 (2681856/2169856), Serial0/O P 192.168,3.0/24, 1 successors, FD is 2684416 via 10.0.0.2 (2684416/2172416), Serial0/O Pc>ipconfig IP Address. : Subnet Mask. 255.255.255.0 Default Gateway. 192.168.1.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. Reply from 192.168.2.1: bytes=32 tims Reply from 192.168.2.1: bytes=32 tim PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out. PC>tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops: 1 5ms 8ms 8ms 192.168.1100 2 12ms 9ms 8ms 10.0.0.2 3.17ms 6ms 12ms 1.0.0.2 4 24ms 27ms 25ms 192.168.3.1 Trace complete, Rel#ping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168,3.1, timeout is 2 seconds: Success rate is [OOIBereent (5/5), round-trip min/avg/max = 9/16/31 ms R-3#ping 192.168.1.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 137Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is TOONBEreent (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 138OsPr NOAsamo OSPF stand for Open Shortest path first Standard protocol It’s a link state protocol It uses SPF (shortest path first) or dijkistra algorithm Unlimited hop count Metric is cost (cost=10 ~8/B.\) Administrative distance is 110 Itisa classless routing protocol It supports VLSM and CIDR It supports only equal cost load balancing Introduces the concept of Area's to ease management and control traffic NOAsomnns Updates are sent through multicast address 224.0.0.5 Faster convergence. Sends Hello packet every 10 seconds & Dead = 40 sec Incremental updates NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 139NOAcomons Establishing Bidirectional Communication ee 172.16.5.1124 172.165.2724 0 et {Lam router ID 172.16.5.1, and | see no one. Ne RCRA) lam router ID 172.16.5.2, and I see 172.16.5.1. UnicasttoA « Router A Neighbors List 172.16.5.2124, int EO NOAsomen hare hy rig Ci cer Discovering the Network Routes Eo| 0. 172.16.5.3 = (Esstart state ] S360] {ill start exchange because | have router ID 172.16.5.4. No, | will start exchange because | have a higher router ID. eae cee ee eee Here is a summary of my LSDB. Hore is a summary of my LSDB. DED NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 140NOAcorons Router ID + The highest IP address of the active physical interface of the router is Router ID. + If logical interface is configured, the highest IP address of the logical interface is Router ID Lo 192.168.1.1/8 so 1 172.16.0.1/16) 202.15.32.2/24 £0 10.0.0.1/8 NOAsomen Adding the Link-State Entries Fo Eo 472.4654 172.16.5.3 i) <_tomteerteinomsion a ca Oatereeteniet _, 7 {need the complete entry for network 172.16.6.0/24 Here is the entry for network 172.16.6.0/24. a guitare fs the entry for network $72.18.6.0024._ ‘Thanks for the information! NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 141NOAsomons OSPF Tables Neighbor Table * Alto known asthe adjacency databace + Contains list of directly connected routers (neighbors) + # Show ip ospf neighbor Database Table + Typically referred to as LSDB (link state databace) + Contains information about all the possible routes to the networks with in the area + # show ip ospf database Routing Table + Contains lst of best paths to each destination show ip route NOAsonmeons OSPF Areas » All the routers maintain same database. » Any change impact all the routers. » Area is logical grouping of Routers. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 142NOAcomons Issues with Maintaining a Large OSPF Network OSPF Area 0 1am receiving The SPF is running too| too many LSAs. often for me to route. My routing table is too big, Jand | am running low on memory.| NOAsomons The Solution: OSPF Hierarchical Routing aie aan Minimizes size of database Restrict any changes with in that area.( not flood outside area) Routers with in the same area participate in Algorithm NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 143A srimnms OSPF Areas Area is logical grouping of Routers OSPF Provides hierarchical network design with multiple different areas All the routers maintain same database with in the same Area. Any change impact all the routers with the same area. Rules: 1. Must have one area called as area 0 ( its backbone area) 2. All the areas must connect to area 0. >. At least one Area Border Router. s. Interfaces of both routers facing must be in the same Area. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 144NOAsomeons OSPF router Types Backbone Area 0 Area 2 Backbone/ Internal Routers. /ASBR and Extornal) ABR and Backbone Autonomous Backbone Router “System, Router ‘Advantages of OSPF Open standard No hop count limitations Loop free Faster convergence Disadvantages of OSPF Consume more CPU resources Complex design Support only equal cost balancing © Support only IP protocol don’t work on IPX and APPLE Talk. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 145NOAcomons Configuring OSPF (config)# router ospf (config-router)# network area LAB: OSPF Single Area R-l (config) #router ospf 1 Rel (config-router) #network 192.168.1.0 0.0.0.255 area 0 Rel (config-router) #metwork 10.0.0.0 0.285.255.285 area 0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 146NOAcsomons sonfig) #router ospf 1 Caen lyre Che cer R-2 (config-router) #natwork 192.168.2.0 0.0.0.255 area 0 R-2(config-router) fmetwork 11.0.0.0 0.255.255.255 area 0 R-2(config-router) #network 10.0.0.0 0.255.255.255 area 0 nfig) #router ospf 1 R-3(config-router) #network 192.168.3.0 0.0.0.255 area 0 R-3(config-router) #network 11.0.0.0 0.255.255.2585 area 0 192.168.2.1 192.168.2.2 192.168.2.0/24 _192.168.3.0/24 Pre-requirement for LAB (check previous labs) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 147Design the topology (connectivity ) Assign the IP address according to diagram. Make sure that interfaces used should be in UP UP state Configure Dynamic routing using OSPF single area as per the diagram Verify Routing table and reachability between the LAN's (using PING and TRACE commands ) R-lfsh ip route Gateway of last resort is not set C 10.0.0.0/8 is directly connected, Serial0/0 C__ 192.168.1.0/24 is directly connected, FastEtheret0/O R-2#sh ip route Gateway of last resort is not set C_ 10.0.0.0/8 is directly connected, SerialO/O © _1.0.0.0/8 is directly connected, Serial C_192.168.2.0/24 is directly connected, FastEthemet©/0 R-3#sh ip route Gateway of last resort is not set C 11.0.0.0/8 is directly connected, SerialO/O C 192.168.3.0/24 is directly connected, FastEthernet0/0 Router- 1 R-l(config)#router ospf 1 R-l(config-router)#network 192.168.1.0 0.0.0.255 area O R-l(config-router)#network 10.0.0.0 0.255.255.255 area 0 Router ~2 R-2(config)#router ospf 1 R-2(config-router)#network 192.168.2.0 0.0.0.255 area 0 R-2(config-router}#network 11.0.0.0 0.255.255.255 area O R-2(config-router)#network 10.0.0.0 0,255.255.255 area O Eee Router — 3 R-3(config)#router ospf 1 R-3(config-router)#network 192.168.3.0 0.0.0.255 area 0 R-3(config-router)#network 11.0.0.0 0.255.255.255 area O NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 148— ee R.2#/show ip ospf neighbor Neighbor ID Pri. State Dead Time Address Interface 192.168.1100 0 FULL/- 00:00:35 10.0.0.1 _Serial0/O 192.168.3.100 0 FULL/- 00:00:37 1.0.0.2 SerialO/1 Rel/show ip route Gateway of last resort is not set C_10.0.0.0/8 is directly connected, SerialO/O C_ 192.168.1.0/24 is directly connected, FastEthernet0/O Relish ip route ospf © 1.0.0.0 [110128] via 10.0.0.2, 00:04:25, Serial0/0 © 192.168.2.0 [110/65] via 10.0.0.2, 00:04:25, Serial0/0 © 192.168.3.0 [110/129] via 10.0.0.2, 00:03:23, Serial0/0 R.2#tshow ip route ospf © 192.168.1.0 [110/65] via 10.0.0.1, 00:05:09, Serial0o © 192.168,3.0 [110/65] via 11.0.0.2, 00:04:14, SerialO/L R.3#/show ip route ospf © 10.0.0.0 [110/128] via 11.0.0.1, 00:04:49, Serial0/O O 192.168.1.0 [0/129] via 11 00:04:49, SerialO/O © 192.168.2.0 [110/65] via 11.0.0.1, 00:04:49, Serial0/0 Relitshow ip protocols Routing Protocol is #83pfl® Outgoing update filter list for all interfaces is not set Inco seaat fe for al nertocs bot st Router ID182.068:.100 Number of areas in this router is 1. T normal 0 stub O nssa Maximum path: 4 Routing for Networks: Routing Information Sources: Gateway Distance __Last Update 10.0.0.2 110 00:05:46 Distance: (default is 110) Relitshow ip ospf database OSPF Router with ID (192.168.1.100) (Process ID 1) Router Link ate) LinkID ADV Router Age = Seq# = Checksum Link count NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 149192.168.1100 192.168.1100 468 — 0x80000003 Ox00dIf4 3 192.168.2.100 192.168.2100 411 0x80000005 0x0054e6 5 192.168.3.100 192.168.3100 411 0x80000003 Ox0010ad 3 PC> ipconfig IP Address, Subnet Mask. 255.255.255.0 Default Gateway. 192.168.1.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. j= 32 time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TT Reply from 192.168.2.1: bytes=32 time=14ms TTI PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out. Reply from 192.168.3.1: bytes=32 tim Reply from 192.168.3.1: bytes=32 tim PC> tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops: 1 5ms Sms 8ms — 192.168.1.100 2 ms 9ms 8ms 10.0.0.2 3° 17ms 6ms 12ms_ 11.0.0.2 4 24ms 27ms 25ms 192.168.3.1 Trace complete, Rel#ping 192.168.3.1 Type escape sequence to abort. Sending 5. 100-byte ICMP Echos to 192.168,3.1, timeout is 2 seconds: Success rate is [OOJBereent (5/5), round-trip min/avg/max = 9/16/31 ms R3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is TOOBEREAE (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 150NOAsomen LAB: OSPF using Multiple Areas ie a 1 (contig) trouter ospf 1 R-L(config-router) network 192.168.1.0 0.0.0.255 area 10 onfig-router) tnetwork 10.0.0.0 0.255.255.255 area 10 NOAsonons AEA Ganeet it wig Cer R-2 (config-router) #network 192.168.2.0 0.0.0.255 area 0 R-2(config-router)fnetwork 11.0.0.0 0.255.255.255 area 20 R-2(config-router)fnetwork 10.0.0.0 0.255.255.255 area 10 R-3 (config) #router ospf 1 R-3(config-router) #network 192.168.3.0 0.0.0.255 area R-3 (config-router) #network 11.0.0.0 0.255.255.255 area NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 151LAB:_ DYNAMIC ROUTING USING OSPF MULTIPLE AREA. 192.168.1.3, S 192,168.14 '192.168.1.4 eae sent‘el 192,168.24 192.1682. 192.168.2.1 192.168.32 192.168.1.0/24 192.168,2.0/24 192.168.3.0/24 Pre-requirement for LAB (check previous labs) ‘© Design the topology (connectivity ) * Assign the IP address according to diagram. ‘* Make sure that interfaces used should be in UP UP state TASK: ‘* Dynamic routing using OSPF multiple area © Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) Relish ip route Gateway of last resort is not set C_ 10.0.0.0/8 is directly connected, Serial0/O C__ 192.168.1.0/24 is directly connected, FastEthemet0/O R-2ifsh ip route Gateway of last resort is not set 10.0.0.0/8 is directly connected, Serial0/O €_11.0.0.0/8 is directly connected, SerialO/1 C_ 192.168.2.0/24 is directly connected, FastEthernet0/0 R-34sh ip route Gateway of last resort is not set C 11.0.0.0/8 is directly connected, SerialO/O C_192.168.3.0/24 is directly connected, FastEthemet0/O NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 152Router-1 R-l(config)#router ospf 1 R-l(config-router)#network 192.168.1.0 0.0.0.255 area 10 R-l(config-router)#network 10.0.0.0 0.255.255.255 area 10 Router — 2 R-2(config)#router ospf 1 R-2(config-router}#network 192.168.2.0 0.0.0.255 area 0 R-2(config-router)#network 11.0.0.0 0.255.255.255 area 20 R-2(config-router)#network 10.0.0.0 0.255.255.255 area 10 | 3 R-3(config)#router ospf 1 R-3(config-router)#network 192.168.3.0 0.0.0.255 area 20 R-3(config-router)#network 11.0.0.0 0.255.255.255 area 20 | teen R.2#/show ip ospf neighbor Neighbor ID_ Pri. State Dead Time Address Interface 192.168.3.100 0 FUL’ - 00:00:39 1.0.0.2 Serialol 192.168.1100 0 FUL’ - 00:00:39 10.0.0.1 _SerialO/0 Relitshow ip route Gateway of last resort is not set C_10.0.0.0/8 is directly connected, SerialO/O C_192.168.1.0/24 is directly connected, FastEthemet0/O Relitshow ip route ospf 1A 11.0.0.0 [110/128] via 10. 00:06:24, Serial0/O 1A 192.168.2.0 [110/65] via 10.0.0.2, 00:06:24, Serial0/0 © 1A 192.168.3.0 [110/129] via 10.0.0.2, 00:05:53, SerialO/O NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 153R-2ifshow ip route ospf © 192.168.1.0 [110/65] via 10.0.0.1, 00:08:31, Serial0/0 O 192.168.3.0 [110/65] via 11.0.0.2, 0% . SerialO/1 R-3#fshow ip route ospf 1A 10.0.0.0 [110/128] via 11.0.0.1, 00:08:21, Serial0/0 1A 192.168.1.0 [110/129] via 11.0.0.1, 00:08:21, SerialO/0 1A 192.168.2.0 [110/65] via 11.0.0.1, 00:08:21, Serial0/O Relish ip ospf database OSPF Router with ID (192.168.1.100) (Process ID 1) Router Link States LinkID ADV Router Age Seqf_—_Checksum Link count 192.168.1.100 192.168.1.100 902 0x80000003 0x003b8b 3 192.168.2.100 192.168.2100 902 0x80000002 0x00e758 2 Summary Net Link States (AR8A/10) LinkID _ ADVRouter Age Seq# Checksum 192.168.2.0 192.168.2.100 905 0x80000001 0x0057cb 1.0.0.0 192.168.2100 905 0x80000002 0000634 192.168.3.0 192.168.2.100 870 0x80000003 Ox00cal5 R.2#fshow ip ospf database ‘OSPF Router with ID (192.168.2.100) (Process ID 1) Router Link States LinkID ADV Router Age Seq#_—_Checksum Link count 192.168.2.100 192.168.2100 708 — 0x80000002 0x0070d6 1 Summary Net Link States (Area 0) LinkID ADV Router Age Seq# = Checksum 11.0.0.0 192.168.2.100 698 0x80000001 0x00083c 10.0.0,0 192.168.2100 689 —_0x80000002 0x001331 192.168.1.0 192.168.2.100 689 0x80000003 Ox00e001 192.168.3.0 192.168.2100 663 0x80000004 0x00c816 Router Link States (ARSENIO) LinkID ADV Router Age = Seq =—_ Checksum Link count 192.168.2.100 192.168.2100 694 0x80000002 0x00e758 2 192.168.1.100 192.168.1100 694 — 0x80000003 0x003b8b 3 Summary Net Link States (Area 10) LinkID ADV Router Age Seg Checksum 192.168.2.0 192.168.2.100 697 _ 0x80000001 0x0057cb 1.0.0.0 192.168.2100 697 0x80000002 0x00063d 192.168.3.0 192.168.2.100 662 0x80000003 Ox00cal5 Router Link SfSt@SNARSEI20) LinkID ADV Router Age Seq# = Checksum Link count NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 154192.168.2.100 192.168.2100 668 — 0x80000002 0x000a33 2 192.168.3.100 192.168.3.100 668 0x80000003 Ox00I0ad 3 Summary Net Link St3t@S(AREEI20) LinkID ADV Router Age Sea#_~—_ Checksum 192.168.2.0 _192.168.2.100 703 _Ox80000001 0x0057cb 10.0.0.0 192.168.2.100 689 0x80000002 0x001331 192.168.1.0 192.168.2.100 689 0x80000003 Ox00e001 PC> ipconfig IP Address Subnet Mask. Default Gateway. PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out. PC>tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops: 1 5ms Sms 8ms 192.168.1.100 2 12ms 9ms Sms 10.0.0.2 3 17ms 6ms 12ms_11.0.0.2 4 24ms 27ms 25ms 192.168.3.1 Trace complete. Relfping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds: Success rate is HOOJBEREERE (5/5), round-trip min/avg/max = 9/16/31 ms R.34ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is TOOJBERBAE (5/5), round-trip min/avg/max = 10/15/18 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 155NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 156NOAsomons ACCESS CONTROL LIST Asam ACCESS CONTROL LIST (ACL) Sveti » ACLis a set of rules which will allow or deny the specific traffic moving through the router Iisa Layer 3 security which controls the flow of traffic from one router to another. Itis also called as Packet Filtering Firewall. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 157Types of Access-list NOAsomos NOAsomon STANDARD ACCESS LIST EXTENDED ACCESS LIST The access-list number range is1—_|1. 99 . Can block a Network, Host and Subnet . All services are blocked. Implemented closest to the destination. . Filtering is done based on only source IP address The access-list number range is 100 199 We can allow or deny a Network, Host, Subnet and Service Selected services can be blocked. Implemented closest to the source. Filtering is done based on source IP , destination IP , protocol, port no NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 158Lab : standard access-list NOAsomans ‘TASK: Configure the Appropriate router as per the rules given L Deny the host 192.168.1. communicating with 192.168.2.0 Deny the host 192.168.1.2 communicating with 192.168.2.0 Deny the network 192.168.3.0 communicating with 192.168.2.0 Permit all the remaining traffic NOTE: the Above ACL rules should not affect the other communi Creation of Standard Access List Router(config)# accesslist warenzoze ieztessat NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 159NOAsornes To write ACL Statement See reer 1. On which Router to implement ACL 2. Identify Source & Destination 3. Infout Ensure that the router you are implementing ACL must be the transit router Think your router as destination ( incoming as source). NOAsorons Wild card mask Tells the router which portion of the bits to match or ignore. 0 = must match 255.255.255.255 1 = ignore ~255.255.255.0 Global Subnet Mask Customized Subnet Mask 0. 0. 0, 255 Wild Cord Mask 255.255.255.255 255.255.255.240 » Wild Card Mask for Network will be Inverse mask _& © » Wild Card Mask for a Host will be always 0.0.0.0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 160Creation of Standard Access List NOAsornioms Router(config accestist R2(configh# access-list 15 deny 192.168.1.1 0.0.0.0 R2(confightaccesslist 15 deny host 192.168.1.2 R2(confightaccesslist 15 deny 192.168.3.0 0.0.0.255 R-2(confighfaccess-list 15 permit any Understanding IN / OUT » Into the router Se=—- == _ > Out of the router NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 161NOAsomos R.2(configh# access deny 192.168.1.1 0.0.0.0 R2(configitaccessist 15 deny host 192.1681.2 R2(confightaccess-ist 15 deny 192.168.3.0 0.0.0.255 R2(confightaccessist 15 permit any Implementation: R-2(contig)#interface fastEthernet 0/0 R-2(configeiffip access-group 15 out R-2ith accosslists Standard IP access list 15 deny host 192.168.1.1 deny host 192.168.1.2 deny 192.168.3.0 0.0.0.255 permit any STANDARD ACCESS-LIST 192.168.1.3, =. 192.168.1.2 eee ee te 192.168.2.1 192.168.2.2 192.168.3.1 192.168.3.2 192.168.1.0/24 192.168.2.0/24 jana s65-2-2/26 Pre-requirement for LAB (check previous labs) 1) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should be in UP UP state 4) Any dynamic routing Protocol or static routing 5) Verify Routing table and reachability between the LAN's (using PING and TRACE commands) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 162TASK: Configure the Appropriate router as per the rules given. Deny the host 192.168.1.1 communicating with 192.168.2.0 Deny the host 192.168.1.2 communicating with 192.168.2.0 Deny the network 192.168.3.0 communicating with 192.168.2.0 Permit all the remaining traffic NOTE: the Above ACL rules should not affect the other communication NOTE: Before creating the ACL, make sure that the routing configured is correct and all the three LAN devices are able to communicate with each other using PING command PC> ipconfig IP Address + Subnet Mas 255.255,255.0 Default Gateway. 192.168.1100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 tim PC> ipconfig IP Address, +: 192.168.1.2 Subnet Mask. 255.255.255.0 Default Gateway. :192.168.1.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 tim PC> ipconfig IP Address, 192.168.3.1 Subnet Mask. 255.255.255.0 Default Gateway. 192,168.3.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1 ROUTER ~2 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 163Creating the ACL rules according to requirement: R-2(configh# access-list 15 deny 192.168.1.1 0.0.0.0 R-2(confighHaccesslist 15 deny host 192.168.1.2 R-2(confighHaccesslist 15 deny 192.168.3.0 0.0.0.255 R-2(config)faccesslist 15 permit any Implementation: R-2(config)#interface fastEtheret 0/0 R.2(config-i#ip access-group 15 out Verification: R-2sh access-lists Standard IP access list 15 deny host 192.168.1.1 deny host 192.168.1.2 deny 192.168.3.0 0.0.0.255 permit any PC> ipconfig IP Address, : Subnet Mask. 255.255.255.0 Default Gateway. 192.168.1.100 PC> ping 192,168.21 Pinging 192.168.2.1 with 32 bytes of data: Reply from Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Reply from 192.168.3.1: bytes=32 tim Reply from 192.168.3.1: bytes=32 time= Reply from 192.168.3.1: bytes=32 tim Reply from 192.168.3.1: bytes=32 tim PC>ipconfig IP Adress TO2AGBL2 Subnet Mask. Default Gateway. PC> ping 192.168.2.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 164Pinging 192.168.2.1 with 32 bytes of data: Reply Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. PC>ipconfig IP Address. : Subnet Mas 255.255.255.0 Default Gateway. 192.168.1.100 Pc> ping 192016812 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1 Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 time=23ms TTL=126 Reply from 192.168.2.1: bytes=32 time=24ms TTL=126 PC> ipconfig IP Address Subnet Mask... 255,255,255.0 Default Gateway. :192.168.3.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply . Reply from 11.0.0.1: Destination host unreachable. Reply from 11.0.0.1: Destination host unreachable. Reply from 11.0.0.1: Destination host unreachable. PC>ping 192.168.1.1 Pinging 192.168.1.1 with 32 bytes of data: Reply from 192.168.1 2 time=éms TT Reply from 192.168.1 2 time=29ms TTI Reply from 192.168.1.1: bytes=32 time=16ms TTL=125 Reply from 192.168.1 2 time=2Ims TTL=125 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 165NOAsomos Extended Access-list The access-list number range is 100 - 199 ‘We can allow or deny a Network, Host. Subnet and Service Selected services can be blocked. Implemented closest to the source. Filtering is done based on source IP , destination IP , protocol, port no NOAsormmons TASK: Configure the Appropriate router as per the rules given below Deny the users on LAN 192.168.2.0 should not access 192,168.13 HTTP service Deny the userson LAN 192.168.3.0 should not access 192.168.1.4 FTP service Deny the users on LAN 192.168.3.1 should not access 192.168.1.3 HTTP service Deny the users on LAN 192.168.2.0 should not get DNS service from DNS server 192.168.1.4 Deny the users from the host between 192.168.3.2 and 192,168.1.2 should not be able to send ICMP (ping ftrace ) messages Remaining hosts and serlces should be permitted NOTE: the Above ACL rules should net affect the other communication Wonton one wases20/24 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 166NOAsormos Operators: eq (equal fo) neq (not equal fo} It (less than) at (greater than) NOAsomeon Reonfgyfaccesslit 145 deny tep192.168.2.0 0.0.0.255 host 192.168..3 eq wurw Refconfig) access 145 deny ep 192.168.3.0 0.0.0.255 host 192.168.14 9 fp Re(confg)foccessst 145 deny tep host 192.1683.1 host 192.168.1.3 eq worw Relconfgyfoccestlist 145 deny udp 192.168.2.0 0.0.0.255 host 192.168.1.4 eq domain Rl(config)tacceslit 145 deny lemp host 192.168.3.2 host 192.168.1.2 echo Rel(configaccet-lit 145 deny icmp host 192.168.3.2 host 192.168.1.2 echo-reply Rel(configtaccesslit 145. permit Ip any any NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 167NOAsormoms Implementation: R-l(config)# interface fastEthernet 0/0 RA(config-iN# ip access-group 145 out oR Ril(config)# interface serial 0/0 RAl(config-iN# ip access-group 145 in EXTENDED ACCESS-LIST 192.168.1.1 19218-1309 168.14 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192.168.32 192.168.3.0/24 Pre-requirement for LAB (check previous labs) 1) Design the topology (connectivity ) 2) Assign the IP address according to diagram. 3) Make sure that interfaces used should be in UP UP state NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 1684) Any dynamic routing Protocol or static routing 5) Verify Routing table and reachability between the LAN’s ( using PING and TRACE commands) TASK: Configure the Appropriate router as per the rules given below Deny the users on LAN 192.168.2.0 should not access 192.168.1.3 HTTP service . Deny the users on LAN 192.168.3.0 should not access 192.168.1.4 FTP service . Deny the users on LAN 192.168.3.1 should not access 192.168.1.3 HTTP service Deny the users on LAN 192.168.2.0 should not get DNS service from DNS server 192.168.1.4 . Deny the users from the host between 192.168.3.2 and 192.168.1.2 should not be able to send ICMP ( ping /trace ) messages . Remaining hosts and services should be permitted NOTE: the Above ACL rules should not affect the other communication Router —1 Rel(config)#accesslist 145 deny tep 192.168.2.0 0.0.0.255 host 192.168.1.3 eq www Rel(config)#accesslist 145 deny tep 192.168.3.0 0.0.0.255 host 192.168.1.4 eq ftp Rel(config)#accesslist 145 deny tcp host 192.168.3.1 host 192.168.1.3 eq www Rel(config) #accesslist 145 deny udp 192.168.2.0 0.0.0.255 host 192.168.1.4 eq ? <0-65535> Port number bootpe —_ Bootstrap Protocol (BOOTP) client (68) pe aes Protocol (BOOTP) server (67) isakmp —__ Internet Security Association and Key Management Protocol (500) nenS00-isakmp Internet Security Association and Key Management Protocol (4500) snmp _ Simple Network Management Protocol (61) tftp Trivial File Transfer Protocol (69) RA(config)#accesslist 145 deny udp 192.168.2.0 0.0.0.255 host 192.168.1.4 eq domain Re(configh#accesslist 145 deny icmp host 192.168.3.1 host 192.168.1.1 ? <0-256> type-num host-unreachable —_host-unreachable et-unreachable —_net-unreachable Port-unreachable —_port-unreachable protocol-unreachable protocol-unreachable ttlexceeded _—ttl-exceeded unreachable unreachable Ra(config)#accesslist 145 deny icmp host 192.168.3.2 host 192.168.1.2 echo Rel(config)#access-list 145 deny icmp host 192.168.3.2 host 192.168.1.2 echo-reply NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 169Rel(config)faccess list 145. permit ip any any Implementation: R-l(config)f interface fastEthernet 0/0 R-l(config:if}# ip accessgroup 145 out OR R-l(config)# interface serial 0/0 R-l(config-if}# ip accessgroup 145. in Verification: Pc> ipconfig IP Address, Subnet Mask. Default Gateway. PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Request timed out. Request timed out. Request timed out. PC> ping 192.168.1.1 Pinging 192.168.1.1 with 32 bytes of data: Reply from 192.168.1.1: bytes=32 time=20ms TTI Reply from 192.168.1 Reply from 192.168.1 Reply from 192.168.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 170Named ACL Access-lists are identified using Names rather than Numbers. Names are Case-Sensitive No limitation of Numbers here. ‘One Main Advantage is Editing of ACL is Possible (i.e) Removing a specific statement from the ACL is possible. 10S version 11.2 of later allows Named ACL NOAsorons Creation of Standard Named Access List Router|config)# ip access-list standard Rouiericonfig-sic-naci}# Implementation of Standard Named Access List Routericontig) #inlerface Routerlcontig:t}#ip aeeess-group NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 171LAB:_ STANDARD NAMED ACL. 192.168.1.1 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.168.3.1 192.168.3.2 192.168.3.0/24 TASK: ‘+ Configure Standard Named ACL * Use the same Rules as Lab4 Before creating the ACL, make sure that the routing configured is correct and all the three LAN devices are able to communicate with each other using PING command PC>ipconfig IP Address..un Subnet Mask. 255,255.255.0 Default Gateway. PC>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of dat Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 time=: Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 tim PC>ipconfig IP Address... 192.168.1.2 Subnet Mask. 255,255.255.0 Default Gateway. 192.168.1.100 PC>ping 192.168.2.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 172Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 time=1Ims TTL=126 PC> ipconfig IP Address, 192.168. Subnet Mas : Default Gateway. PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1: bytes=32 time=23ms TTL=126 Creating an Accesslist as per the given rules R-2(config)#ip access-list standard CCNA R-2(contig-std-nacl)#deny 192.168.1.1 0.0.0.0 R-2(config-std-nacl)#deny host 192.168.1.2 R-2(config-std-nacl)#deny 192.168.3.0 0.0.0.255 R.2(config-std-nacl)#permit any R-2(config-std-nacl) exit, Implementation: R-2(config)# interface fastEthernet 0/0 R-2(config-i# ip access-group CCNA out R.2#sh access-ists Standard IP access list CENA deny host 192.168.1.1 deny host 192.168.1.2 deny 192.168.3.0 0.0.0.255 permit any PC>ipconfig IP Address. 192.168.1.1 Subnet Mask. 255.255.255.0 Default Gateway. : 192.168.1.100 FC> ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 173Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. PC> ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Reply from 192.168.3.1: bytes=32 tim Reply from 192.168.3.1: bytes=32 time=| Reply from 192.168.3.1: bytes=32 tim PC> ipconfig IP Adciressiiutsiunsnnnses 1216812 Subnet Mask... 255.255.255.0 Default Gateway. 192.168.1.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply . Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. SERVER> ipconfig IP Address. Subnet Mask. 255.255.255.0 Default Gateway. SERVER>ping 192:168.211 Pinging 192.168.2. Reply from 192.168.2.1: bytes=32 time=31ms TTI Reply from 192.168.2.1: bytes=32 tim Reply from 192.168.2.1 Reply from 192.168.2.1: bytes=32 tim PC>ipconfig IP Adresse? 192,168.31 Subnet Mask. 255.255.255.0 Default Gateway. + 192.168.3.100 PC> ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Repy from 1.0.0. Destination hos unreachable Reply from 11.0.0.1: Destination host unreachable. Reply from 11.0.0.1: Destination host unreachable. Reply from 11.0.0.1: Destination host unreachable. PC> ping 192.168.1.1 Pinging 192.168.1.1 with 32 bytes of data: Reply from 192.168.1.1: bytes=32 time=I6ms TTL=125 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 174Reply from 192.168.1.1: byte Reply from 192.168. Reply from 192.168.1 Creation of Extended Named Access List Router{config]# ip access-list extended Router{config-ext-nacl)# < destination wildcard mask> Implementation of Extended Named Access List Router{config] #interface Router(config-t) #ip access-group LAB: NAMED EXTENDED ACL 192.168.1.1 1921681399 68.1.4 192.168.1.2 192.168.1.0/24 192.168.2.0/24 192.168.2.1 192.168.2.2 192.163.3.1 192.168.3.2 192.168.3.0/24 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 175TASK: © Configure Standard Named ACL © Use the same Rules as Lab-2 R-l(config)fip accesslist extended CCNP Rel(config-ext-nacl)#deny tep 192.168.2.0 0.0.0.255 host 192.168.1.3 eq www R-l(config-ext-nacl)# deny tcp 192.168.3.0 0.0.0.255 host 192.168.1.4 eq ftp Rel(config-ext-nacl)# deny tep host 192.168.3.1 host 192.168.1.3 eq www R-l(config-ext-nacl)#deny udp 192.168.2.0 0.0.0,255 host 192.168.1.4 eq domain R-l(config-ext-nacl)# deny icmp host 192.168.3.1 host 192.168.1.1 echo Rel(config-ext-nacl)#deny icmp host 192.168.3.1 host 192.168.1.1 echo-reply Re(config-ext-nacl)# permit ip any any Implementation: R-l(config)# interface fastEthernet 0/0 R-l(config-i}# ip accessgroup CCNP out OR R-l(config# interface serial 0/0 R-l(config.if}# ip accessgroup CCNP in Relfsh accesslists Extended IP access [iS{KCCNP deny tep 192.168.2.0 0.0.0.255 host 192.168.1.3 eq www deny tep 192.168.3.0 0.0.0.255 host 192.168.1.4 eq ftp, deny tep host 192.168.3.1 host 192.168.1.3 eq www deny udp 192.168.2.0 0.0.0.255 host 192.168.1.4 eq domain deny icmp host 192.168.3.1 host 192.168.1.1 echo deny icmp host 192.168.3.1 host 192,168.11 echo-reply permit ip any any Verification: PC>ipconfig IP Address. Subnet Mas 255.255.255.0 Default Gateway. 92.168.3.100 PC>ping 192.168.1.2 pags 192.168.1.2 with 32 bytes of data: Request timed out. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 176Request timed out. Request timed out. PC>ping 192.168.1.1 Pinging 192.168.1.1 with 32 bytes of data: Reply from 192.168.1 Reply from 192.168.1 Reply from 192.168.1 Reply from 192.168.1 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 177NOAsomens Network address translation > NAT Is the method of Translation of private IP address into public IP address". » In order to communicate with internet we must have registered public IP address ‘Address translation was originally developed to solve two problems: 1. tohandle a shortage of IPws addresses 2, Hide network addressing scheme, NOAsonmeons Private Address range There are certain addresses in each class of IP address that are reserved for Private Networks. These addresses are called private addresses. Class A 10.0.0.0 to 10.255,255.255, Class B 172.16.0.0 to 172.31.255.255 Class C 192.168.0.0 to 192.168.255.255 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 178Types of NAT:- + Static NAT + Dynamic NAT + Port Address Translation (PAT) NOAsomnns Static NAT » One to one mapping done Manually » For every private IP needs on registered IP address ( one : one) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 179A snr Dynamic NAT Garey By vg Chew caer » One to one mapping done automatically » For every private IP needs on registered IP address (one : one) waa ee tOee 23.196 (192 168.32 1 NOAsomen Port Address Translation (Dynamic NAT Overload) » Allows thousands of users connect to the Internet using only one real global IP address. » Maps many-to-one—by using different ports. » PAT is the real reason we haven't run out of valid IP address on the Internet 213.40.423.400% 213.418.123.100 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 180NOAsammes Lab setup for NAT pare py erg Ce cae 1. Configure IP address as per the diagram. Configure default route towards ISP from RI 3. Configure static route from ISP to public IP used for translation m as \ NOAsorman LAB : Static NAT Epi nnn Ch TASK: Configure Static Nat using the following translations PRIVATE IP PULIC IP 192,168.1.1 50.1. 192,168.1.2 192,168.1.3 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 181A smn (Config) # IP nat inside source static Configuration of static NAT R-1(config) ip nat inside source static 192.168.1.1 0.1.1.1 -1(config) ip nat Inside source static 192.168.1.2 0.1.1.2 R-I(config ip nat inside source static 192.168.1.3 50.1.1.3 Implementation R-1(contfg) interface fastethemet 0/0 R-1(config-]#ip nat inside Rel(config- exit (interface facing towards LAN) R-1(config tintertace serial 0/0 R-1(confic-]#ip nat outside B-1_ STATIC NAT TASK: Configure Static Nat using the following translations PRIVATE IP PULIC IP 50111 192.168.1.3 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 182192,168.14 192.168.1.2 200.1.1.1 200.1.1.2 a Servers on the Internet 192.168.1.0/24 y/ ea STEPS Configure IP address according to the diagram. Configure default route towards ISP from RI Configure static route from ISP to public IP used for translation Configure NAT ( static NAT according to the requirement ) Implementation Verify _ by generating some traffic from LAN to ouside servers © # show ip nat translations Rlfsh ip int brief Interface IP-Address OK? Method Status Protocol ES manual up up FastEthernet0/I_ unassigned _YES unset_administratively down down SerialO/1 unassigned YES unset administratively down down RA(config)# ip route 0.0.0.0 0.0.0.0 100.1.1.2 ISP#sh ip int brief Interface IP-Address__ OK? Method Status Protocol 5 manual up up FastEtheret0/I__unassigned YES unset administratively down down (SefaiO/OD MMOD SVES rarual up up Serial0/1 unassigned YES manual administratively down down \SP#conf terminal NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 183IsP(config)# ip route 50.0.0.0 255.0.0.0 100.1.1.1 Configuration of static NAT RA(config)#ip nat inside source static 192.168.1.1 50.1.1.1 R-l(config)#ip nat inside source static 192.168.1.2 50.1.1.2 R-l(config)#ip nat inside source static 192.168.1.3 50.1.1.3 Implementation R-l(config)#interface fastEthernet 0/0 RAlconfigiffip nat inside Rel(config-iffexit (interface facing towards LAN) R-l(config)finterface serial 0/0 RAl(config.iffip nat outside (Interface facing towards ISP ) Generate Traffic from Inside User PC (192.168 Pc>ipconfig IP Address. Subnet Mas 255.255.255.0 Default Gateway. 192.168.1.100 Pc>ping 200.1.1.1 Pinging 200.1.1.1 with 32 bytes of data: Reply from 200.1.1 Reply from 200.1.1.1: byte Reply from 200.1.1 PC>ping 200.1.1.2 Pinging 200.1.1.2 with 32 bytes of data: Request timed out. Reply from 200.1.1.2: bytes=32 tim Reply from 200.1.1.2: bytes=32 tim Reply from 200.1.1.2: bytes=32 time=32ms TTL=126 Generate Traffic from Inside User PC (192.168.1.2 PC>ipconfig IP Address. Subnet Mask. 255.255.255.0 Default Gateway. 192.168.1.100 PC>ping 200.1.1.1 Pinging 200.1.1.1 with 32 bytes of data: NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 184Reply from 200.1.1.1: byt Reply from 200.1.1 Reply from 200.1.1 Reply from 200.1.1 Generate Traffic from Inside User PC (19: Pc>ipconfig IP Address. : Subnet Mas 255.255.255.0 Default Gateway. 192.168.1.100 PC> ping 200.1.1.1 Pinging 200.1.1.1 with 32 bytes of data: Reply from 200.1.1 i Reply from 200.1.1 Reply from 200.1.1.1: bytes=32 time=10ms TTL=126 Reply from 200.1.1 26 Relish ip nat translations Pro Inside global Inside local Outside local Outside global icmp SOMMME2NIS2T681I:21 200.1 200.1.1.2:21 icmp 50.1.1.1:22 192.168.1.1:22 200.1.1.2:22 — 200.1.1.2:22 192.168.1.1 192.168.1.1 200.1.1.1:1 192.168.1.2:2 20.1.1 192.168.1.2: 192.168.1.3:3 192.168.1.3:4 192.168.1.1 To verify generate telnet traffic From Inside User PC's © 19216811 © 192.168.1.3, Pc>telnet 100.1.1.2 Trying 100.1.1.2 ...Open User Access Verification NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 185Rel#sh ip nat translations Pro Inside global Inside local Outside local Outside global — 50.111 192.168. 50.1. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 186NOAsomen LAB : Dynamic NAT are hpi eeng Cee ee Tas + Remove the NAT Configurations done in the previous Lab. ‘+ Configure Dynamic NAT and make sure that the inside LAN users (192.168.1.0/24) get translated to public IP withthe range of 0.1.1.1 ~ §0.1.1.200/24 A seman LAB: Dynamic NAT Gasnay gly vvading Chen cser Syntox: [Contig)# access-tst < ACLNO> permit - [Contig] tip nat pool nelmask [Coniigl* ip nat inside source fit pool Configuration of DYNAMIC NAT Rel(confightaccessslist $5 perm 192.168.1.0 0.00255 :I(contig) ip nat pool CCNA $0.1.1.1 $0.1.1.200 netmask 255.255.2550 .1(config) tip nat inside source fist 55 pool CCNA Implementation .I(contig) tinlerace fastthemet 0/0 R.I(config-f) ip nat inside ReI(contig.t) text (interface facing towards LAN) R-I(contig} tintertace serial 0/0 Rel(config.t ip nat outside (interface facing towards ISP) LAB-2 Dynamic NAT NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 187192.168.1.1 192.168.1.2 Inide users 192.168.1.0/24 TASK: Remove the NAT Configurations done in the previous Lab. © Configure Dynamic NAT and make sure that the inside LAN users (192.168.1.0/24 ) get translated to publi IP with the range of 50.1.1.1 — 50.1.1.200/24 ‘* Continue with the same pre-configurations in the LAB —1 ‘+ Remove the static NAT configurations. ‘+ Implementation is same as previous lab R-l#clear ip nat translation * NOTE: © Make sure that you clear the translation table before you edit or remove the any NAT configurations Rel(config)# no ip nat inside source static 192.168.1.1 50.1.1.1 Rel(config)# no ip nat inside source static 192.168.1.2 50.1.1.2 Rel(config)# no ip nat inside source static 192.168.1.3 50.113 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 188Configuration of DYNAMIC NAT Rel(configh#accesslist 55 permit 192.168.1.0 0.0.0.255 R-l(config)#ip nat pool CCNA 50.1.1.1 50.1.1.200 netmask 255.255.255.0 R-l(config)#ip nat inside source list. 55 pool CCNA Implementation R-l(config)#interface fastEthernet 0/0 R-l(config-iffip nat inside Re(config.if}fexit (Interface facing towards LAN) R-l(config)#interface serial 0/0 R-l(config.if}#ip nat outside (Interface facing towards ISP) Verification: Generate some telnet traffic from inside LAN devices = 192.168.1.1 = 192.168.1.2 = 192,168.13 192.168.1.4 PC>telnet 100.1.1.2 Trying 100.1.1.2 ...Open User Access Verification IsP> Relish ip nat translations Pro Inside global Inside local_ Outside local Outside global 1027 100.1.1. j1025 100.1 100.1.1.2:23 1025. 100.1.1.2: 100.1.1.2:23 1025 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 189NOAsornos LAB : PORT ADDRESS TRANSLATION a Tas ‘+ Remove the NAT Configurations done in he previous Lab. ‘+ Configure PAT (Dynamic NAT Overload) and make sure that the inside LAN users (192.168.1.0/24) {get translated fo single public IP (60.1.1.1/32) given by service provider Syntoxe aay i revaig Ce cer (Config) access-list < ACL-NO> permit (Config) ip nat inside pool netmask < mask> Config) ip nat inside source lst pool overload PAT Coniiguration Rel(config) Haccessilist 55 permit 192.168.1.0 0.0.0.255 -1(contig}#ip nat poo! CCNA $0.1.1.1 $0.1.1.1 netmask 255.255.255.255 -1(config) tp nat inside source list 55 pool CCNA BWBHIBBE Implementation -1(contig) Hinterace fastetnemet 0/0 Rel{contig-t) tip not inside Rel(contig-#) Wexit (interface facing towards LAN) R-1(config) interface serial 0/0 Re1(contig-# #ip nat outside (interface facing towards ISP ) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 1901AB3 PORT ADDRESS TRANSLATION sons t1 eee *or06814 ( Sooeey Soone Servers om the \ NS intemnet yn 192.168.1.0/24 TASK: + Remove the NAT Configurations done in the previous Lab. © Configure PAT (Dynamic NAT Overload) and make sure that the inside LAN users (192.168.1.0/24) get translated to single public IP (50.1.1.1/32) given by service provider STEPS: '* Continue with the same pre-configurations in the LAB — 2 ‘+ Remove the dynamic NAT configurations. ‘+ Implementation is same as previous lab R-l#clear ip nat translation * NOTE: + Make sure that you clear the translation table before you edit or remove the any NAT configurations R-l(config) #no ip nat inside source list 55 pool CCNA R-l(config) #no ip nat pool CCNA _50.1.1.1 50.1.1.200 netmask 255.255.255.0 R-l(config) #no accesslist 55 PAT Configuration NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 191RAl(config)#accessist 55 permit 192.168.1.0 0.0.0.255 R-l(config)#ip nat pool CCNA 50.1.1. 50.1.1.1 netmask 255.255.255.255 R-1(config)#ip nat inside source list 55 pool CCNA SW8HOaa Implementation R-l(config) #interface fastEthernet 0/0 Rel(config-f) #ip nat inside RA(config-if) #exit (Interface facing towards LAN) R-l(config)finterface serial 0/0 R-l(config:iffip nat outside (Interface facing towards ISP ) Vetificatior © Generate some telnet traffic from inside LAN devices (192.168.1.1 /192.168.1.2 //192.168.1.3 IN92.168.1.4//) PC>telnet 100.1.1.2 Trying 100.1.1.2 ...Open User Access Verification Relish ip nat translations Pro Inside global Inside local__ Outside local Outside global tep 501111029 — 192.168.1.1:1029 100.1.1.2:23 100.1.1.2:23 tep 501111025 — 192.168.1.4:1026 100.1.1.2:23 — 100.1.1.2:23 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 192STE ETS LAB : PAT using Exit Interface NOAomen ‘+ Configure PAT (Dynamic NAT Overload) and make sure that the inside LAN users (192.188.1.0/24) get translated fo single public IP on th R-l{config access-list 55 permit 192.168.1.0 0.00.25, --1[confg} ip natinsde source interface serial 0/0 overload a iotenetin R-I[contg ip nat inside pen encs ( Retfcontig.t} text —,, (dettace facing towards LAN) R-I[cortig) tintertace serial 0/0 R-1[conto.} #p nat outside (Interface facing towards ISP) LAB-4 PORT ADDRESS TRANSLATION using Exit Interface 192.168.1.3, 192.168.1.4 14 200.1.1.2 192.168.1.0/24 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 193TASK: * Remove the NAT Configurations done in the previous Lab. * Configure PAT (Dynamic NAT Overload) and make sure that the inside LAN users (192.168.1.0/24) get translated to single public IP on the Guitsidelinterace|(100MNIa) given by service provider. STEPS: ‘+ Continue with the same pre-configurations in the LAB — 3 ‘* Remove the PAT configurations. ‘+ Implementation is same as previous lab R-l#clear ip nat translation * NOTE: * Make sure that you clear the translation table before you edit or remove the any NAT configurations R-l(config)#no ip nat inside source list 55 pool CCNA overload R-l(config)#no ip nat pool CCNA 50.1.1.1 50.1.1.1 netmask 255.255.255.248 RAl(confighno acceselist 55 PAT Configuration R-l(configh#accessist 55 permit 192.168.1.0 0.0.0.255 R-l(config)#ip nat inside source interface serial 0/0 overload Implementation R-l(config)finterface fastEthernet 0/0 R-l(config.iffip nat inside Rel(config:f}#exit (interface facing towards LAN) R-l(config)finterface serial 0/0 R-l(config-i}#ip nat outside (Interface facing towards ISP ) Verificatio * Generate some telnet traffic from inside LAN devices (192.168.1.1 //192.168.1.2 //192.168.1.3 //192.168.1.4//) PC>telnet 100.1.1.2 Trying 100.1.1.2 ...Open User Access Verification NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 194Relish ip nat translations Pro Inside global Inside local Qutside local Outside global tep. 1029 1029 tep 1026 1026 tep 1024 1026 tep 1025 1026 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 195Basic Switching Concepts NOAsomens haar hy rg Ci ce Router & Switch SS NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 196A Simro Hub Switch 1. Ithas no intelligence. It always do broadcasts . It works with O's and 1's (Bits) It works with shared bandwidth . thas 1 Broadcast Domain . thas 1 Collision Domain, Its is An Intelligent device & maintains a MAC address table. Ituses broadcast and Unicast It works with Physical addresses (Le. MAC addresses) It works with fixed bandwidth Ithas 1 Broadcast domain by default Number of Collision domains depends upon the number of ports. NOAsomen How ARP works NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comHow switch Learn MAC address 1 doen. ‘sane Fane Broadcast Domain » Set of all devices that receive broadcast frames originating from any device within the set. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 198NOAsomeons Broadcast Domain (Contd) NOAsomen » Cartier Sense Multiple Access /Collision Detection » isthe protocol for carrier transmission access in Ethernet networks. » Collisions are identified using Access Methods called CSMA/CD and CSMACA » CSMA/CD works in wired LAN & CSMA/CA works in wireless LAN NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 199NOAsomens Collision Domain A collision domain is a network segment with two or more devices sharing the same bandwidth. (where there is a chance of collision) Types of Switches NOAsamons > Unmanageable switches These switches are just plug and play No configurations and verifications can be done There is no console port > Manageable switches These switches are also plug and play © thas console port and CLI access. We can verify and modify configurations and can implement and test some advance switching technologies ( VLAN, trunking, STP) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 200Cisco’s Hierarchical Design Model Catalyst 2900 Catalyst 1900 Access Layer 1900 & 2900 (12 switches) Distribution Layer 3550, 3560 (L3 switches or Cisco 3550 multilayer switches) Core Layer 4500, 6500 (L3 switches Cor multi-layer switches) NOAsomeon haar ihren Ci cer Initial configuration of a switch: » Console Connectivity » Emulation Software ( hyperterminal, putty, Secure CRT) B23 Lan 10.0.00/8 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 201Basic Commands switch>enable switch# Show running-config switch# Show startup-config switch# Show version switch# Show flash NOAcorons switch# Show mac-address-table (To see the entries of the MAC table) switch# Show interface status switch#config terminal Switch(config)# Passwords TO assign telnet Password switch(config) # line vty 0 4 switch(config-line) # password switch(config-line) # login To assign Console Password switch(config) # line con 0 1) # password To assign Enable Password switch(config) #enable secret < password> OR switch(config) #enable password < password> NOAsomons NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 202NOAcormons Initial configuration of Switch for telnet Access To assign IP to a Switch switch(config)# Interface Vlan 1 switch(config-if)# ip address switch(config-if)# no shutdown. To assign Default Gateway to a Switch enestaiee switch(config)# ip default-gateway 192.168.1.100 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 203VLAN & Trunks NOAsonmons Virtual LAN an Divides a Single Broadcast domain into Multiple Broadcast domains. A Layer 2 Security Vian 1 is the default VLAN. We can create vians from 2 ~ 1001 Can be Configured on a Manageable switches only NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 204NOAsomerns Benefits of VLANs » Limit the number of broadcast » Better performance » Security NOAsonmons Types of VLAN Saeeiiee 1. Static VLAN 2. Dynamic VLAN NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 205NOAcomons ere EER oe cet * Static VLAN's are based on port numbers + Need to manually assign a port on a switch to a VLAN + Also called Port Based VLAN + One port can be a member of only one VLAN. ‘Vian Creation : Siteh(convi# vlan Switen(configVianye name sss lose Switeh(convig Van) Ext Assigning ports in Vian Switeh(conigt interface Switen(convi. switehport mode acces Switeh(configiswitehpor access Vian NOAsonmons 002 f4di-cefault act/snese 1003 token-ring-default act/ansup 1004 fedinet-deteult —act/anase 1005 trnet-default _act/unsup Allport assigned to VLAN 1 o forward data by defor. "Nate VLAN is VLAN by faut, Management VLAN is VLAN 1 by defauit + VLAN'T cannot be renamed or deleted NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 206NOAsorrons TASK: Create four VLANs ( VLAN 10,20,30,40) Switch(config}#vlan 10 a a a Switch(config-vian)#name sales Switch(config-vlan)#vlan 20 Switch(config-vian)#name marketing Switch(config-vian)#vlan 30 VAN Home Switch(config-vlan)#vlan 40 1" detauit tefl et ole fen fara yt ma Switch(config-vian)#end 1 ao F009, Fao o/a roa F023 Fad <. Got? NOAsonons TASK: aren Ape he er Configure port fa0/8 in to vlan 10 Configure multiple ports ( 4-7 and 10) to vlan 20 Switeh(config)intf0/8 Switch(configrif}#switchport mode access Switch(config-if#switehport access vlan 10 Switeh(config-ifexit ‘Switch(contfig)¥interface range f0/4 - 7 , f0/10 ‘Switch config. if-range)#switchport mode access ‘Switch config. frange)#switchport access vlan 20 Switch von 20/2 Fat)? Fea NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 207192.168.1.1 192.168.1-3 99 468.4.4 192.168.1 192.168.1. STEPS: 1. Ping between 192.168.1.1 and 192.168.1.3 a. (they can communicate with each other and they are on the same network (logically) and same VIAN (default vlan 1) 2. Create VLAN 20 3. Shift port f0/3 , 10/4 in to VLAN 20 4. Ping between 192.168.1.1 and 192.168.1.3 a. they cannot communicate with each other and they are on the same network (logically) but on different VLAN (VLANI and vlan 20) Switchish vlan VLAN Name. Status Ports active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7. Fa0/8 Fa0/9, FaQ/10, FaO/I1, Fa0/12 Fa0/13, Fa0/14, Fa0/15, FAO Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gigl/I, Gigl/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 tmet-default act/unsup NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 208PC>ipconfig IP Address Subnet Mask... 255.255.255.0 Default Gateway. + 192.168.1100 PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of dat: Reply fOMNS2N68II2: bytes=32 time= Reply from 192.168.1.2: bytes=32 tim Pc>ping 192.168.1.3 Pinging 192.168.1.3 with 32 bytes of data: Reply OMMS2N6SIISibytes=32 time=12ms TTL=128 Reply from 192.168.1.3: bytes=32 tim PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: |: bytes=32 time: All the Four devices in the LAN. can communicate with each other and they are on the same network (logically) and same VLAN ( default vian 1) TASK: Create Vian 20 And Shift The Ports 3 And 4 In To Vian 20 ‘Switch (config)#vlan 20 Switch(config-vlan)#name SALES Switch(config-vlan)fexit ‘Switch (confighfinterface fastEthemet 0/3 ‘Switch (config-if}#switchport mode access Switch(config-if}#switchport access vlan 20 Switch(config-if}#exit Switch (config)#interface fastEthemet 0/4 Switch(config-if}#switchport mode access Switch(config-if}#switchport access vlan 20 Switchésh vlan VLAN Name Status Ports NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 2091 default active Fa, Fa0/2, F20/5. Fa0/6 Fa0/7. Fa0/8, Fa0/9, Fa0/10 Fa0/11, FaO/12, Fa0/13, Fa 4 Fa0/15, Fa0/16, Fa0/17, Fa08 Fa0/19, Fa0/20, Fa0/21, Fa0/22 Fa0/23. Fa0/24, Gigl/I, Gigl/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup. 1004 fddinet-default act/unsup 1005 trnet-default act/unsup PC>ipconfig IP Address Subnet Mask. 255.255.255.0 Default Gateway. + 192.168.1.100 PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply fOMMNSZN6SII2! bytes=32 time Reply from 192.168.1.2: bytes=32 tim Reply from 192.168.1.2: bytes=32 tim Reply from 192.168.1.2: bytes=32 time: PC>ping 192.168.1.3 Png 22683 with 32 bytes of data: Request timed out. Request timed out. Request timed out. PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Request timed out. Request timed out. Request timed out. LAB -2 CREATING BASIC VLAN CONFIGURATION ON SWITCHES NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 210TASK: ‘* Create four VLANs ( VLAN 10,20,30,40) © Configure port fa0/8_ in to vlan 10 © Configure multiple ports ( 4-7 and 10) to vlan 20 Switch (config)#vlan 10 Switch config-vlan}#name sales Switch(config-vian}fvian 20 Switch(config-vlan)#name marketing Switch(config-vian}#vlan 30 Switch(config-vian}#vlan 40 Switch(config-vian)#end Switchish vlan Status Ports 1 default active _Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, FaO/O, Fa0/11, Fa0/12 Fa0/13, Fa0/14, Fa0/15, F016 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gigi/l, Gig/2 ‘There are no active ports in the new vlan which we created To shift the ports Switch(config)#int 10/8 Switch(config-if)#switchport mode access Switch(config-if}#switchport access vlan 10 Switch{config-if#exit NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 211‘Switch (config)interface range f0/4 - 7 . f0/10 Switch (config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 20 hésh vlan VLAN Name Status Ports active _FaO/1, Fa0/2, Fa0/3, Fa0/9, Fa0/I1, FaQ/2, FaO/13 Fa0/14, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 212Dynamic VLAN NOAsamens Dynamic VLAN’s are based on the MAC address of a PC Switch automatically assigns the port to @ VLAN Each port can be a member of multiple VLAN's For Dynamic VLAN configuration, a software called VMPS( VLAN Membership Policy Server) is needed [rant [oie [w Ce ay tac Adaress checked Mian configuration NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 213NOAsomens Trunking » Asingle VLAN can span over Multiple Switches NOAsomeon haar hy rong Ci cer Passing VLAN Traffic Using Separate Links for each VLAN, Passing VLAN Traffic Using Single Links NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 214NOAsomens Types of links/ports Access links Connecting to end devices ( Hoss or router) par of one VLAN ‘Trunk links Do net belong to any VLAN ‘carry multiple VLANS traffic. Tink between wo suites ©} Gl 2s, ES, as, Mummers OY Sf Cy ee FAN nVAN Gem VUN NOAsomens Frame Tagging In oder to make sure that same vlan users on different switches communicate with ‘each other there is a method of tagging happens on trunk links ‘Tag is added before a frame is send and removed once it is received on trunk link. Frame tagging happens only on the trunk links Frame Tagging NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 infonoasolutions.com Page 215NOAcomons Trunking protocols Ist IEEE 802.1Q It's a Cisco proprietary © Open standard It works with Ethernet, Token ring, ‘It works only on Ethernet FDDI * Only 4 Byte tag will be added to It adds 30 bytes of tag original frame. AILVLAN traffic is tagged NOAsomen Trunk Configuration Switch(config)# interface Switch(configif)# switchport mode trunk Switch(config-if}# switchport trunk encapsulation dotlq/ISL NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 216NOAsomen LAB : Trunking a Tas Create Vian 10 . Vian 20 on both Switches Shift ports in to their respective VLAN as per the diagram. Confiure F0/20 port between SWI and $W2 as Trunk link Ensure That users of same VLAN on different Switches must communicate with each other a3 ww216524 fe2.t6s.4.4 092.168.2.8 192.168.12" S24 y92.168:8.2 VIAN 10 VIAN 20 Se TASK: Create Vian 10 , Vian 20 on both Switches Shift ports in to their respective VLAN as per the diagram. Confiure F0/20 port between SWI and SW2 as Trunk link Ensure That users of same VLAN on different Switches must communicate with each other NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 217On Sw Switch(config)#hostname SW-1 ‘SW-1(config)#interface range fO/1 - 2 SW-1(config-ifrange)#switchport mode access ‘SW-1(config-iFrange)#switchport access vlan 10 ‘% Access VLAN does not exist. Creating vlan 10 SW-I(config-iFrange)#exit SW-1(config)#interface range f0/3 - 4 SW-1(config-iFrange)#switchport mode access SW-(config-if-range)#switchport access vlan 20 SW-1(config-iFrange)#end SW-lfsh vlan VLAN Name Status Ports 1 default active _Fa0/5, Fa0/6, Fa0/7, FaQ/8 Fa0/9, FaO/O, Fa0/I1, FaO/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 Fa0/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa0/24 Gigi/1, Gigl/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup On Sw-2 ‘Switch(config}#hostname SW-2 SW-2(config)finterface range fO/l - 2 ‘SW-2(config-ifrange)#switchport mode access SW-2(config-ifrange)#switchport access vlan 10 % Access VLAN does not exist. Creating vlan 10 SW-2(config-if-range)#exit ‘SW-2(config)#interface range f0/3 - 4 ‘SW-2{config-ifrange)#switchport mode access SW-2(config-ifrange)#switchport access vlan 20 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 218SW-2(config-if-range)#end SW-2#sh vlan VLAN Name Status Ports 1 default active _Fa0/5, Fa0/6, Fa0/7, Fa0/8 FaQ/9, Fa0/10, FaQ/1, FaO/12 Fa0/13, Fa0/14, Fa0/15, Fa0/16 FaQ/17, Fa0/18, Fa0/19, Fa0/20 Fa0/21, Fa0/22, Fa0/23, Fa/24 GigV/1, Gig/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 tet-default act/unsup From PC 192.168.1.1 PC>ipconfig IP Address. Subnet Mask. 255.255.255.0 Default Gateway. 192.168.1.100 Pinging 192.168.1.3 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply from 192.168.1.2: bytes=32 time=13ms TTL=128 Reply from 192.168.1.2: bytes=32 tim Reply from 192.168.1.2: bytes=32 tim Reply from 192.168.1.2: bytes=32 tim PC> ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 219From PC 192.168.2.1 PC> ipconfig 1 Acres STa6.2A Subnet Mask. Default Gateway. PC> ping 192.168.2.2 Pinging 192.168.2.2 with 32 bytes of data: Reply from 192.168.2.2: bytes=32 time=8ms TTL=128 SERVER>ping 192.168.2.3 Pinging 192.168.2.3 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. SERVER>ping 192.168.2.4 Pinging 192.168.2.4 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. NOTE: * From the above verification * Users of the same VLAN connected on the same switch can ping each other * Same vian users on different switches are not able to ping each other + In oder to communicate between same vian on different switches , there should be trunking configured on link (f0/20) between the switches To configure trunking SW-I(config)#interface fastEthernet 0/20 SW-1(config-if}#switchport mode trunk SW-1(config-if}#switchport trunk encapsulation dott NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 220SW-2(config)fint 0/20 SW-2(config-i)#switchport mode trunk SW-2(config-i#switchport trunk encapsulation dotlq SW-1fsh interfaces trunk Port Mode Encapsulation Status _ Native vlan trunking 1 Port Vians allowed on trunk Fa0/20 1.1005 Port Vians allowed and active in management domain Fa0/20 1.10.20 Port Vians in spanning tree forwarding state and not pruned Fa0/20 1,10,20 ‘SW-24sh interfaces trunk Port Mode Encapsulation Status._Native vlan trunking 1 Port Vians allowed on trunk Fa0/20 1-105 Port Vlans allowed and active in management domain FaQ/20 1,10,20 Port Vlans in spanning tree forwarding state and not pruned FaQ/20 1,10,20 From PC 192.168.1.1 PC> ipconfig IP Address, :192.168.1.1 Subnet Mas 255.255,255.0 Default Gateway. 92.168.1.100 PC>ping 192.168.1.3 Pinging 192.168.1.3 with 32 bytes of data: PC>ping 192.168.1.4 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 221Pinging 192.168.1.4 with 32 bytes of data: Reply from 192.168.1.4: bytes=32 tim Reply from 192.168.1.4: bytes=32 time=1 Reply from 192.168.1.4: bytes=32 tim From PC 192.168.2.1 PC> ipconfig IP Address, 192.168.2.1 Subnet Mas + 255.255.255.0 Default Gateway. 192.168.2.100 PC> ping 192.168.2.3, Pinging 192.168.2.3 with 32 bytes of data: Reply from 192.168.2.3: bytes=32 tim Reply from 192.168.2.3: bytes=32 tim Reply from 192.168.2.3: bytes=32 tim Reply from 192.168.2.3: bytes=32 tim PC>ping 192.168.2.4 Pinging 192.168.2.4 with 32 bytes of data: TASK: * Configure The Trunk Link Such That It Only Allow The Vian 10 , 20, 30 , 40 Traffic Should Only Be Allowed (No Other Vian Traffic Should Be Send ) On Both switches ( SWI/SW2) SW-x(config)#int (0/20 SW-x(config-if}#switchport trunk allowed vlan ? WORD VLAN IDs of the allowed VLANs when this port is in trunking mode add add VLANsto the current list all all VLANs except all VLANs except the following, none no VLANs remove remove VLANS from the current list SW-x(config-if)#switchport trunk allowed vlan 10,20,30,40 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 222SW-1fish interfaces trunk Port Mode — Encapsulation Status _ Native vlan Fa0/20 on 802.1q trunking 1 Port Vians allowed on trunk Port Vians allowed and active in management domain Fa0/20 10,20 Port Vians in spanning tree forwarding state and not pruned Fa0/20 10,20 SW-2#sh interfaces trunk Port Mode — Encapsulation Status _ Native vlan Fa0/20 on 802.1q trunking 1 Port Vians allowed on trunk Port Vians allowed and active in management domain Fa0/20 10,20 Port Vians in spanning tree forwarding state and not pruned Fa0/20 10,20 TAS * Create vlan 50, 60,70,80 on both switches * Configure the trunk link f0/20 to add vlan 50 ,60,70,80 to the existing trunk allowed list On both switches (SW1/SW2) SW-x(config)#vlan 50 SW-x(config-vlan}#vlan 60 ‘SW-x(config-vlan}#vlan 70 SW-x(config-vian}#vlan 80 SW-x(config-vlan}fend SW.-x(config-if}#switchport trunk allowed vlan add 50,60,70,80 SW-1fsh interfaces trunk Port Mode Encapsulation Status. Native vlan FaQ/20 on 802.1q trunking 1 Port __ Vlans allowed on trunk NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 223Port Vians allowed and active in management domain Fa0/20 10,20,50,60 Port Vians in spanning tree forwarding state and not pruned Fa0/20 10,20,50,60 ‘SW-24'sh interfaces trunk Port Mode Encapsulation Status _ Native vlan Fa0/20 on 8021q trunking 1 Port __ Vlans allowed on trunk Port Vians allowed and active in management domain Fa0/20 —10,20,50,60 Port Vians in spanning tree forwarding state and not pruned Fa0/20 10,20,50,60 TASK © Configure the trunk link {0/20 to remove vlan 70,80 to the existing trunk allowed list SW-I(config}int 10/20 ‘SW-I(config-if}#switchport trunk allowed vlan remove 70,80 SW-lifsh interfaces trunk. Port Mode — Encapsulation Status Native vlan Faq/20_ on 802.1q trunking 1 Port __Vians allowed on trunk Port Vians allowed and active in management domain Fa0/20 — 10,20,50,60 Port Vians in spanning tree forwarding state and not pruned Fa0/20 10,20,50,60 SW-2#sh interfaces trunk Port Mode Encapsulation Status _ Native vlan Fa0/20 on 802.1q trunking 1 Port Vians allowed on trunk Port Vians allowed and active in management domain Fa0/20 — 10,20,50,60 Port Vians in spanning tree forwarding state and not pruned NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 224FaQ/20 — 10,20,50,60 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 225Spanning-tree protocol NOAsomem haar ih rg Cicer Bridging loops Redundant link between switches provides redundancy. Also possibility to create loops when switches do broadcasts. 1. Broadcast storms 2. Mac-table instability 3. Multiple frame transmissions a NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 226NOAcomons Bridging loops (solution) 1. Only one link between switches (no redundancy) 2, Shutdown extra link temporarily 1. Manually ( shutdown command) 2. Automatically block extra links (done by STP) NOAsomen Spanning-tree Protocol STP stop the loops which occurs when you have multiple links between switches STP stops avoiding Broadcast Storms, Multiple Frame Copies & Database instability. STP is a open standard (IEEE 802.1) STP is enabled by default on all Cisco Catalyst switches Fa0/1 ——+0/1 20/2 0/2 ‘switch NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 infonoasolutions.com Page 227NOAsumens How STP works eee Selecting the Root Bridge Selecting the Root Port Selecting Designated port & Non Designated port NOAsornos 1) Selecting the Root Bridge Satay tp wg Care » The bridge with the Best (Lowest) Bridge ID. » Bridge ID = Priority + MAC address of the switch > Out of all the switches in the network, one is elected as a root bridge that becomes the focal point in the network. » Every LAN will have only one Root Bridge and all the remaining switches will be considered as Non-root Bridges. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 228Solutions] 2) Selecting the Root Port: NOAsammons Shortest path to the Root bridge Every Non-root Bridge looks the best way to go Root-bridge 1. least cost (Speed) 2. The Lowest forwarding Switch ID 3. Lowest Physical Port Number. » For every non-root bridge there is only one root port. NOAsomen STP Port Cost rene) Byers '4 Mbps 250 10 Mbps. 100 16 Mbps 62 45 Mbps 100 Mbps 155 Mbps 622 Mbps 1Gbps 10 Gbps NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 229NOAcomons 3) Selecting Designated port & Non Designated port 1. least cost (Speed) 2. The least local Switch ID. 3. Lowest Physical Port Number. NOAsomen aay hy rig Ci cer BPDU Al switches exchange information through what is called as Bridge Protocol Data Units (BPDUs) BPDUs are sent every 2 sec and dead = 20 sec ABPDU contains information regarding ports, switches, port priority and addresses. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 230NOAsomons STP port states Blocking 20 Sec or No Limits. Listening 15 Sec. Learning 15 Sec. Forwarding No Limits. Disable No Limits. NOAsomons anent y Lab : verifying spanning-tree # Show Spanning-tree NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 231LAB: VERIFYING SPANNING-TREE SW-1#sh spanning-tree VLANO001 Spanning tree enabled protocol ieee Root ID Cott 19 Port _ 20(FastEthernet0/20) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID ior 32769 igi 32768 sys-id-ext 1) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost _Prio.Nbr Type Fag/2t 9128.21 Pap Fa0/20 128.20 P2p SW-2#show spanning-tree VLANOOO1 Spanning tree enabled protocol ieee Root ID Priority 32769 ‘Address __000C.CF2D.0388 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 232Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 000C.CF2D.0388 Hello Time 2 see Max Age 20 see Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost. _Prio.Nbr Type Fa0/20 DesgFWD19 128.20 P2p Fa0/22 DesgFWD19 128.22 P2p SW-3#fshow spanning-tree VLANOOO1 Spanning tree enabled protocol ieee Root ID Priority 32769 Address 000C.CF2D.0388 Cot 19 Port __ 22(FastEthernet0/22) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address OOEO.BOE9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role StsCost__Prio.Nbr Type FaO/20NAIAIBERTS = 128.21 P2p Fa0/22 Root FWD19 128.22 Pap SW-2(config)#interface f0/20 SW-2(config-if)#shutdown %LINK-5-CHANGED: Interface FastEthernet0/20, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/20, changed state to down, SW-3#show spanning-tree VLANOOOI Spanning tree enabled protocol ieee Root ID Priority 32769 ‘Address 000C.CF2D.0388 Cot 19 Port __ 22(FastEthernet0/22) Hello Time 2 see Max Age 20 see Forward Delay 15 sec NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 233Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) ‘Address OOEO.BOE9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role StsCost__Prio.Nbr Type Fao/2t Desg URNS = 128.21 P2p Fa0/22 Root FWD 19 128.22 P2p SW-3#show spanning-tree VLANOOO1 Spanning tree enabled protocol ieee Root ID Priority 32769 ‘Address 000C.CF2D.0388 Cot 19 Port __ 22(FastEthernet0/22) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address OOEO.BOE9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type Fao/21 DegAWDIS = 128.21 Pap Fa0/22 Root FWD19 128.22. Pap SW-2(configcif)# no shutdown %LINK-5-CHANGED: Interface FastEthernet0/20, changed state to up SW-3#show spanning-tree VLANOOO1 Spanning tree enabled protocol ieee Root ID Priority 32769 ‘Address 000C.CF2D.0388 Cot 19 Port 22(FastEthernet0/22) Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) ‘Address OOEO.BOE9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface Role StsCost__Prio.Nbr Type NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 234Fao/2t AIRBUKIS = 128.21 P2p Fa0/22 Root FWD19 128.22 P2p IPV6 IPV6 IP Address IP Address is Logical Address. It is a Network Layer address (Layer 3). IP address is given to every device in the network and it is used to identify the device with in the network. » Two Versions of IP: IP version 4 is a 32 bit address IP version 6 is a 128 bit address NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 235IPvé6 is an extension of IP with several advanced features: » Larger address space. » No more need for NAT. Simpler header for increased router efficiency. Aggregation-based address hierarchy No more broadcasts. Stateless auto-configuration. Built-in support for Mobile IP. Built-in support for IPsec security. Rich transition features. Easy IP address renumbering. Capability to have multiple addresses per interface. » Techniques to reduce address shortage in IPv4 + Subnetting + Classless Inter Domain Routing (CIDR) + Network Address Translation (NAT) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 236IPV6 address Types » Unicast >» Multicast >» Any cast EE IPV6 Addressing » 128 bit address » Hexadecimal format 2001:0db8:0000:0000:1234:0000:0000:3c4d 2001:db8:0:0:1234:0:0:3c4d 2001:db8::1234::3c4d 2001:db8::1234:0:0:3c4d RP NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 237Unicast Address 1) Global unicast like public IP (routable ) starts with 2000::/3 (the first three bits 001) assigned by IANA Starts with 2 or 3 2) unique local like private ip ( routable) FCOO::/7 They are not routable in the global IPV6 Internet. Starts wth either FC or FD in the first two numbers 3)link local default IPV6 address on every ipv6 enabled interface( non routable ) FE8O::/10 Routers do not forward packets with link-local addresses. multicast address will be starting with FF ( FFOO::/8 ) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 238Any cast similar to multicast , identify multiple interfaces but sends to only one whichever it finds frst, unique local and Global unicast addresses can be used as anycast. Device(contigh# interface £0/0 Device(config.if# IPv6 address ipv6-prefix/prefixlength anyeast eo eg Assigning the IPV6 address Static (Manual ) R-1(config)#interface fastEthernet 0/0 R-I(config-iN#ipv6 address fcCOO:11:11:11::1/64 Auto-configuration Statefull ( via DHCP) Stateless ( Device gets IPV6 add by Including the MAC add ) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 239State less Auto configuration » Device can get its own IPV6 address by including its own MAC Address. » No need of any external server (DHCP or manual IP on PC) Enemeac Adesso) [ESTATES Men Ts ; TT Ger version 1 globavunique Uniqueness of the MAC = lomtnot vais \ ust? Eul64 Address NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 240LAB: Basic configuration of Ipv6 10/0 10/0 FOOO:11:11:11:1/64 F000:22:22:22::2/64 TASK © Configure basic Ipv6 Addresses as per the diagram Router (config) #hostname RA Rel(config) interface fastEthernet 0/0 Rel(config-if) #ipv6 address feOO:1:11:11::1/64 Rel(confg-if) #no shutdown Rel(config-if) #exit R-l(config)#interface s1/0 Rel(config-ifhipv6 address 2001:12:1 Rel(config-if}#no shutdown Re(config-if}#end Router (config)#hostname R-2 R-2(config)finterface fastEthernet 0/0 R-2(config-if|#ipv6 address fc00:22:22:22::2/64 R-2(config-if}#no shutdown R-2(config.if\fexit R-2(config)#interface serial 1/0 R-2(config if #ipv6 address 2001:12:12:12::2/64 R-2(config.if}#no shutdown R-2(config.if#clock rate 64000 R-2(config-if#end R-2#show ipvé int brief FastEthernet0/0 [up/up] FE80::2E0:FOFF:FEC3:3B01 F.C00:22:22:22::2 FastEthemetO/1 [administratively down/down] Serial /O[up/up] FE8O::210:11F F:FEAB:101 2001:12:12:12::2 Serial 1/Iadministratively down/down] Viant [administratively down/down] NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 241R-2#ping 2001 1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2001:12:12:12::1, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 2/6/19 ms R-2#ping 2001:12:12:12::2 Type escape sequence to abort, Sending 5, 100-byte ICMP Echos to 2001:12:12:12::2, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 8/11/16 ms Link-ocal addresses may be assigned manually by an administrator or by operating system procedures. Most often they are assigned using stateless address autoconfiguration, Rl#sh interfaces f0/0 FastEthernet0/O is up, line protocol is up Hardware is DEC2I140, address is ESOOIB7ERIOOOD (bia 200.274.0000) Internet address is 10.1.1.1/8 Rl#sh ipvé int brief FastEthernet0/O [up/up] FCOOA:MM:1 The default link local address always starts with FE8O:: and the remaining part will be automatically added the mac-address of the respective interface. Mac-address used in the link local and stateless autoconfigurtion will be slightly modified making the 7 bit ( [EBOOZSTEBIOOOD and the link-local address uses the same address as{CSOORTERFEDERS Link-ocal addresses may be assigned manually by an administrator or by operating system procedures. Most often they are assigned using stateless address autoconfiguration. STATELESS AUTO-CONFIGURATION METHOD: The stateless mechanism allows a host to generate its own addresses using a combination of locally available information and information advertised by routers. ‘+ Routers advertise prefixes that identify the subnet(s) associated with a link, while hosts generate an “interface identifier" that uniquely identifies an interface on a subnet. ‘An address is formed by combining the two. In the absence of routers, a host can only generate link-local addresses, NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 242TASK © Configure RI to get its f0/1 interface ipv6 address using stateless auto configuration Use FC00:1234:1234:1234 as Global prefix value R-l(config)#ipv6 unicast-routing, Rel(config)# int f0/1 Rel(config-ifhfipv6 address (c00:1234:1234:1234::/64 eui-64 Rel(config.if}#no shutdown Re(config.if}#end Relish ipv6 int brief FastEthemet0/0 [up/up] FE8O::1 FCO: FastEthemet0/1 [up/down] FE8O:: 2D0:58FF:FECB:A802 FC00:1234:1234:1234:2D0:58FF: FECB:A802 IPV6 ROUTING IPV6 uses the same types of routing protocols as IPv4 with some slight modifications to account for specific requirements of IPv6. IPv6 ROUTING TYPES Static RIPng (RFC 2080) IS-AS for IPv6 ‘OSPF v3 (RFC 2740) MP-BGP (RFC 2545/2858) EIGRP for IPV6 Cisco 10S supports all of them NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 243IPv6 routing has to be enabled before using any routing process as by default IPV6 routing is disabled for IPvé. To enable ipvé routing on both routers Rx(config)#ipv6 unicast-routing STATIC & DEFAULT ROUTING Syntax for writing static and default routing is similar in IPV6 when compared with | R-l(config)#ipv6 route fc00:22: R.2(config)#ipv6 route fc00:11 mt TASK © Configure RI and R2 so that they can communicate each other. Use static routing Rel(config)fipv6 route £c00:22:22:22::/64 2001:12:12:12::2 R-2(config)#ipv6 route fc00: 1/64 S/O NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 244Relish Ipv6 route IPv6 Routing Table - 6 entries 12:12::/64 [0/0] 12::1/128 [0/0] SerialO/0/0 FCOO:M:I1:11::/64 [0/0] via ::, FastEthernet0/O FOOSE :11::1/128 [0/0] via ::, FastEthernet0/O S_ FC00:22:22:22::/64 [/0] via 2001812812:121:2 L_ FFO0::/8 [0/0] via i, NullO Relifping fe00s Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fc00:22:22:22::2, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/6 ms Relfttrace ¢00:22:22:22: Type escape sequence to abort. Tracing the route to f00:22:22 WMBOOTAAZAAEATRE 4 msec 6 msec R.2#sh ipv6 route IPv6 Routing Table - 6 entries C_ 2001:12:12:12::/64 [0/0] via ::, Serial0/0/0 L_ 2001:12:12:12::2/128 [0/0] a ::, SerialO/0/0 © FC00:22:22:22::/64 [0/0] ia :2, FastEthernet0/O 2/128 [0/0] :, FastEthernet0/0 LF FOO::/8 [0/0] via ::, NullO R-2#ping fe0O:11:11: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fcO0:11:11:11::1, timeout is 2 seconds: NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 245Success rate is 100 percent (5/5). round-trip min/avg/max = 2/3/5 ms R-2#trace fc00:11: Type escape sequence to abort. Tracing the route to feOO:11:11:1 DEFAULT ROUTING » Syntax for writing static and default routing is similar in IPV6 when compared with IPV4 Rel(config)#ipv6 route 0::/0 2001:12:12:1 R-2(config)#ipv6 route O::/0 2001:12:12:12: 12:12:28 /64 1/0 Re TASK Remove the static routing on RI R2 configured in the previous task. © configure RI, R2 so that they can communicate each other using default routing R-l(config)#no ipv6 route fc00:22:22:22::/64 20011 2:12:12::2 R-2(config)#no ipv6 route feOO:T:11:11::1/64 s1/0 Rel(config)#ipv6 route 0::/0 2001:1 R-2(config)ffipv6 route Relifsh ipv6 route NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 246IPv6 Routing Table - 6 entries 2:12::1/128 [0/0] SerialQ/0/0 FCOO:T:I:11::/64 [0/0] ia ::, FastEthernet0/0 1/128 [0/0] FastEthernet0/0 FFO0::/8 [0/0] via ::, NullO Relping fc00:2: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fc00: 2, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/5 ms R.2#fsh ipv6 route IPv6 Routing Table - 6 entries via zz, SerialO/0/0 :/64 [0/0] Serial0/0/0 L_ 2001:12:12:12::2/128 [0/0] via ::, Serial0/0/0 FC00:22:22:22::/64 [0/0] via ::, FastEthernet0/O FC00:22:22:22::2/128 [0/0] via ::, FastEthernetO/O FFO0::/8 [0/0] via ::, NullO R-2#ping fc00: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to feOO:11:11:11:21, timeout is 2 seconds: hun Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/5 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 247IPV6 Dynamic Routing Protocols Dynamic Routing in IPv6 is unchanged from IPv4 IGP » RIPng » Cisco EIGRP for IPv6 » OSPFv3 EGP >» MP-BGP4 RIPng R-1(config)#ipv6 router rip CCIE Rel(config-rtr)#exit S- cr oe Rel(config)#int f0/0 ne 20 Fel(config.f) fipus rip CCIE enable eerie ae cee Matias Rel(config.if}fexit - R-l(config)#int s1/0 R-2(config)#ipv6 router rip CCIE R-1(config-if}#ipv6 rip CCIE enable R-2(config-rtr}#exit Rel(config-if}#fend R.2(config)#int £0/0 PrDCeee ID amatibeeame on R-2(config:if}#ipv6 rip CCIE enable both routers to exchange routes NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 248TASK © Remove the default routing on RI, R2 © Configure RI R2 so that they can communicate each other. use RIPng routing protocol . R-l(config)#no ipv6 route 0::/0 2001:12:12:12::2 R-2(config)#no ipv6 route 0::/0 1/0 2001:12:12:11 s1/0 R2 0/0 f0/0 00:1 1:11:11:1/64 FC00:22:22:22: > RIPng CCIE IPv6 routing has to be enabled before using any dynamic routing protocols in |Pv6. Two steps in Dynamic protocols in IPV6 : 1) Configure protocol 2) Enable protocol in interface for advertisement of networks To enable ipv6 routing on both routers Rx(config)#ipv6 unicast-routing To Configure RIPNG. Rel(config)#ipv6 router rip CCIE Re(config-tr)#exit ‘The name used for process ID should be same in order to exchange the routes Rel(config)#int £0/0 Rel(config-if}#ipv6 rip CCIE enable Re(config-if}#exit ReA(config)#int s1/O NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 249R-l(config-if}#ipv6 rip CCIE enable Ral(config-if#end R-lfsh ipv6 protocols IPv6 Routing Protocol is "connected" IPv6 Routing Protocol is "static IPV6 Routing Protocol is "ABICCIE’ R-2(config)#ipv6 router rip CCIE R.2(config-rtr)fexit R-2(config)#int 0/0 R-2(config-if}#ipv6 rip CCIE enable R-2(config-ifint s1/0 R-2(config-i)#ipv6 rip CCIE enable R-2(config.if}#end R.2#sh ipv6 protocols IPV6 Routing Protocol is "connected" IPv6 Routing Protocol is "static IPv6 Routing Protocol is "rip GEIEY R-2#fsh ipv6 route IPv6 Routing Table - 6 entries 2001:12:12:12::/64 [0/0] ia ::, SerialO/0/0 12::2/128 [0/0] 28 [0/0] ::, FastEthernetO/O FFOO:1/8 [0/0] via z:, NullO Relish ipvé route NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 250IPv6 Routing Table - 6 entries Codes: C - Connected, L - Local, $ - Static, R - RIP, B - BGP U- Per-user Static route, M - MIPv6 I= ISIS L1, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary (O- OSPF intra, Ol - OSPF inter, OET - OSPF ext 1, OE2 - OSPF ext 2 ONT - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D- EIGRP, EX - EIGRP external 2001:12:12:12::/64 [0/0] via ::, Serial0/0/0 2001:12:12:12::1/128 [0/0] 221/128 [0/0] rnetO/O R_ FCO0:22:22:22::/64 [120/1] L_ FFO0::/8 [0/0] via ::, Null Relping fc00:22:22:22:: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to £c00:22:22:22::2, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 3/4/5 ms R-2#ping fe00s1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fcOO:11:11:11::1, timeout is 2 seconds: Success rate is 100 percent (5/5), round-trip min/avg/max = 3/3/5 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 251OsPrV3 OSPFv3 R.l(config)#ipv6 router ospf1 RAl(config-r)#routerid 111.11 m ars Rel(config-re)fexit (eser!®ievse) seonte2e 6h Ra(config)tint 1/0 Area 10 Ra(config-ifipv6 ospf 1 area 0 ; R-(config:iffint 10/0 R.2{(contig)ipv6 router ospfT Ril(configfipy6 ospf1 area 10 R.2(config.rr}#routerid 22.2.2.2 Rel(config Nextt Re2(config-rtr}¥exit R.2(contfig)#int s1/0 R.2(contig-if#ipv6 ospf 1 are O R-2(contfigri int 0/0 R.2(config:if}fipv6 ospf 1 are 0 R-2(configrif}#end TASK * Remove RIPng routing protocol on RI, R2 configured in the previous task. © Configure RI R2 so that they can communicate each other. Use OSPFV3 routing protocol using multiple areas as per the diagram. OSPFv3 2001 '2001:12:12:12::1764 ato Area 0 On Both routers R-x(config)#no ipv6 router rip CCIE Rel(config)#exit OSPF v3 Router-ID has to be in IPV4 format. Router ID is used to identify each router Router ID NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 252preference is for manualRouter ID command in IPV4 format if not manually configured , then preference is given to logical interface (loopback interface if configured) in IPV4 format if there is no loopback interfaces configured then Highest IP address on Active Physical Interface in IPV4 format R-l(config)#ipv6 router ospf 1 SlOSPFv3-4-NORTRID: OSPFv3 process 1 could not pick a router-id,please configure manually Rel(config-rtr)#routerid 11-11 Rel(config-rtr)#exit Ral(confighfint s1/0 R-l(config.if}#ipv6 ospf 1 area 0 Rel(config.if}int f0/0 R-l(config-if}#ipv6 ospf 1 area 10 RA(config.if}#exit R-2(config)#ipv6 router ospf 1 R-2(config-rtr)#routerid 22.2.2.2 R-2(config)#int s1/0 R.2(config-if#ipv6 ospf 1 are 0 R-2(config-if)#end Relish ipv6 ospf neighbor Neighbor ID Pri. State Dead Time Interface ID Interface 2.2.2.2 0 FULY- 00:00:30 3 Serial0/0/0 Relish ipvé route ospf IPv6 Routing Table - 6 entries FC00:22:22:22:/64 [NO/64] Relifping fe00:2: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fc00: 2, timeout is 2 seconds: mat ‘SUCEESSIFAtE NSO Ipereent(S/5)\ round-trip min/avg/max = 2/4/7 ms R.2#sh ipv ospf neighbor Neighbor ID Pri State Dead Time Interface ID Interface TUTTO - = 00:00:34 3 Serial0/0/0 R-2#'sh ipy route ospf NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 253IPv6 Routing Table - 6 entries Codes: € - Connected, L - Local, $ - Static, R - RIP, B - BGP U-- Peruser Static route, M - MIPv6 I - ISIS LI, 12 - ISIS L2, IA - ISIS interarea, IS - ISIS summary © - OSPF intra, Ol - OSPF inter, OEI - OSPF ext 1, OE2 - OSPF ext 2 ONI - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 D- EIGRP, EX - EIGRP external O1 FCOO:1:N:1:7/64 [110/64] via FE80::290:2BFF:FEE9:4201, SerialO/0/O R-2#ping fe00:1 1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fcOO:11:11:11::1, timeout is 2 seconds: ‘SticeesSIFate NSO ipereent(S/5)) round-trip min/avg/max = 3/6/13 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 254EIGRP FOR IPv6 Rel(config-rr)#no shutdown " me Re(config-rtr)¥eigrp router-id 1.1.1.1 eceettiae rosaries R(contig-rr)#exit corer me R-l(config)#interface s1/0 Rel{contfig.f)fipy6 eigrp 100 2(config)¥ipy6 router eigrp 100 R-(configneint 10/0 R:2(confg-re)#no shutdown R(config:fipv6 eigrp 100 R-2econfig-rtr}#router-id 22.2.2.2 Ra(config-if}wend R.2(config int s1/0 R-2(config-if#ipv6 eigrp 100 R-2(config-iffint 10/0 R.2(configrif}fipv6 eigrp 100 R-2(configrffend TASK + Remove OSPFv3 routing protocol on RI, R2 configured in the previous task. © Configure RI R2 so that they can communicate each other . ‘* use EIGRP for IPV6 routing protocol as per the diagram ‘on both routers R-x(config)#no ipv6 router ospf I 2004:12:12:12:1/64 31/0 RI : 10/0 10/0 Nec00:1 1:1 1:11:1/64 Fe00:22:22:22:2/64 ~ . EIGRP for IPV6 - Ri(config)#ipv6 router eigrp 100 Rel(config-rtr)#no shutdown Re(config-rtr)#routerid W111 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 255Ra(config-rtr)fexit R-l(config)#interface s1/0 R-l(config-if}#ipv6 elgrp 100 R-l(config.iffint f0/0 R-l(config.if}#ipv6 eigrp 100 Rel(config.if}#end No shutdown command is mandatory and router-id is optional in EIGRP R2(config)#ipv6 router eigrp 100 R-2(config-ttr)#no shutdown R-2config-ttr)#Hrouter-id 22.2.2.2 R.2(config)#int s1/0 R.2(config-iffipv6 eigrp 100 R-2(config-if)#int {0/0 R-2(config-if)#ipv6 eigrp 100 R-2(config.if}#end Relitsh ipv6 eigrp neighbors IPv6-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms) Cnt Num © FEBO::210:11FF:FEAB:IOISeO/0/0 12. 00:00:20 40 10000 4 Relish ipv6 route IPv6 Routing Table - 6 entries 2001:12:12:12::/64 [0/0] via ::, Serial0/0/0 3/64 [0/0] FastEthernet0/0 1/128 [0/0] FastEthernet0/0 D_ FC00:22:22:22::/64 [90/2172416] via FE80::210:11FF:FEAB:IO1, Serial0/0/0 L_FFOO::/8 [0/0] via ::, NullO R-2sh ipv6 route IPv6 Routing Table - 6 entries © 2001:12:12:12::/64 [0/0] via ::, Serial0/0/0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 256L_ 2001:12:12:12::2/128 [0/0] via ::, Serial0/0/0 D_ FCOO:MsII:11::/64 (90/2172416] ___via FE80::290:2BFF:FEE9:4201. SerialO/0/0 C_FC00:22:22:22:1/64 [0/0] ja zz, FastEthernet0/0 0/128 [0/0] FastEthernet0/0 L_ FFOO::/8 [0/0] via ::, NullO R.2#ping feOO:11:11: Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to feOO:I1:11:111, timeout is 2 seconds: ma SUleCeSs|FateIIS TOO percent (5/5) round-trip min/avg/max = 3/6/15 ms Reldping £c00:2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to fc00: 2, timeout is 2 seconds: ‘SuiceessiratelisOO\percent(5/5), round-trip min/avg/max = 2/4/9 ms NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 257PASSWORD REVERTING ON CISCO ROUTERS: NOAsomeon Console Connectivity fr = Console Port t 2 3.45, Rollover Computer Cable, RE-AS to DBO Converter, NOAsomen Terminal Emulation Programs Software available for connecting to a networking device » HyperTerminal PuTTY Tera Term SecureCRT » OS X Terminal NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 258NOAsomeon HyperTerminal = console access NOAsomeons Gant twig Cer Default HyperTerminal (Contd) press RETURN to gat stored NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 259console connection open hyper-terminal window power on the router press CTRL+ SHIFT + BREAK to enter in to Rommon mode Modular routers * Rommont> confreg 0x2142 * Rommon2> reset Or On fixed routers © > ofr 0x2142 2 3i Now the router boots without any passwords and enters in to setup mode .Skip setup mode with NO command. Router>enable Router #copy startup-config running-config (Very important if u dont want to loose the configs in the NVRAM) Router #config terminal Change the passwords (overwrite with new passwords) Router(config)#line console 0 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 260Router(config-line)#password ciscol23 Router(config-line}#login Router(config-line)#end ROUTER(config}# line vty 0.4 ROUTER(config-line)# password ccnal23 ROUTER(config-line}# login ROUTER(config-line}# exit ROUTER(config)# enable secret ccnp123 ROUTER(config)# exit Change the config-register file back to 0x2012 so that It should not skip NVRAM loading at the next Relaod Router (config) # config-register 0x2102 Router (config) # end Router #write Router #reload After reloading check for configurations are same and you are able to login with new passwords. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 261BACKUP AND RESTORE IOS AND CONFIGS jo TETP SERVER 192.168.1.1 TASK: * Configure RI to take backup of IOS, configurations. + Verify by restoring the configs again back Install any TFTP application (example Cisco TFTP, solarwinds TFTP and so on) on PC and make sure that it is running on PC (it is open and minimized) eee NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 262BACKUP OF IOS : = #copy flash tite RESTORE or UPGRADE IOS * #copy TFTP Flash BACKUP OF CONFIGS "= # copy startup-config TFTP RESTORE CONFIGS = # copy TFTP running-config Rel#sh ip int brief Interface IP-Address__ OK? Method Status Protocol Relping 192.168. Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: " Success rate is 100 percent (5/5), round-trip min/avg/max = 3/7/17 ms Relish flash System flash directory: File Length Name/status [5827403 bytes used, 58188981 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) ‘TASK: Configure the RI to take the backup of IOS Relétcopy flash tftp Source filename []? Address or name of remote host [J Destination filename [¢2600-i-mz.122-28,bin]? Writing <2600-\-mz.122- 28.bin [OK - 5571584 bytes} 5571584 bytes copied in 0.433 secs (12867000 bytes/sec) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 263TASK : Configure the RI to Restore the 1OS Relicopy ttp flash: ‘Address or name of remote host []? Source filename []? Destination filename [¢2600-i-mz.122-28.bin]? Warning: There is a file already existing with this name Do you want to over write? Erasing the flash filesystem will remove all files! Continue? [ESHfinT] Erasing device.. eceeceeceeenecceceeceececceecececceececceeceeceeccecceceeeecceeecesceecceececeeeceecee eccecceeeeceeeeeceeececeeceeceeceeeeceeceeceeceeceesees ...erased Erase of flash: complete Accessing tftp://192.168.1.1/c2600--mz.122-28.bin... Loading ¢2600-I-mz.122-28.bin from 192.168.1.1: {Qn ocean aeen aoe aaeaaainaanaea iain [OK - 5571584 bytes] 5571584 bytes copied in 0.41 secs (3113699 bytes/sec) TASK: Configure the RI to Take the Backup of configuration in NVRAM R-lifcopy startup-config tftp: Address or name of remote host Destination Writing startup-confi [OK - 537 bytes] 537 bytes copied in 0.006 secs (89000 bytes/sec) TASK: Configure the RI to Restore the configuration in to RAM ROUTER? copy tftp running-config Address or name of remote host []? 192.168.1.1 Source filename [? R--confg. Destination filename [running-config]? Accessing tftp://192.168.1.1/R-1-conf Loading R-I-confg from 192.168.1181 [OK - 537 bytes} 537 bytes copied in 0.002 secs (268500 bytes/sec) %SYS-5-CONFIG_|: Configured from console by console NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 264Commands Step By Step For Configuring An Ip Address To The Router And Tftp For A Router Which Has No los In Flash In Order To Load los From Pe By default router goes in to rommon mode if there is no IOS in the flash (booting from ROM ) © titpdnid IP_address = 192.168.1.100 ip_subnet_mask = 255.255.255.0 default_gateway = 192.168.1.100 tftp_server = 192.168.1.1 tftp_file = tftpdnid reset LAB: RESTORING THE IOS FROM TFTP IN TO IOS (IN CASE IF THERE IS NO IOS PRESENT IN THE FLASH) TASK: * Delete the existing IOS from the flash ( Try this in Packet Tracer) + [Fusing Real devices ensure that you take the backup of IOS before you do this for testing * Configure steps to download IOS from TFTP and Load in to the Flash Relish flash: System flash directory: File Length Name/status 4 5571584 c2600+-mz.122-28.bin [5571584 bytes used, 58444800 available, 64016384 total] 63488K bytes of processor board System flash (Read/Write) Reliédelete flash:c2600-i-mz.122-28,bin Delete filename [c2600-i-mz.122-28. bin] Delete flash:/c2600-i-mz.122-28.bin? [eonfitt™) Relfreload Proceed with %SYS-5-RELOAD: Reload requested by console. Reload Reason: Reload Command. System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fcl) Copyright (c) 2000 by cisco Systems, Inc. cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Boot process failed... The system is unable to boot automatically. The BOOT environment variable needs to be set to a bootable NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 265Now the Router enters in to Rommon Mode as there is no IOS present in the Flash Configure steps to download IOS from TFTP and Load in to the Flash rommon 1 > tftpdnid ‘Missing or illegal ip address for variable IP_ADDRESS legal IP address usage: tftpdnid Use this command for disaster recovery only to recover an image via TFTP, Monitor variables are used to set up parameters for the transfer. (Syntax: "VARIABLE_NAME=value” and use "set" to show current variables.) "ctrl-c" or "break" stops the transfer before flash erase begins. The following variables are REQUIRED to be set for tftpdnid: IP_ADDRESS: The IP address for this unit IP_SUBNET_MASK: The subnet mask for this unit DEFAULT_GATEWAY: The default gateway for this unit, TETP_SERVER: The IP address of the server to fetch from TFTP FILE: The filename to fetch The following variables are OPTIONAL: ‘TFTP_VERBOSE: Print setting. O=quiet, 1=progress(default), TFTP_RETRY_COUNT: Retry count for ARP and TFTP (default=7) TFTP_TIMEOUT: Overall timeout of operation in seconds (default=7200) TFTP_CHECKSUM: Perform checksum test on image, 0=no, 1=yes (default=1) FE_SPEED_MODE: 0=10/hdx, 1=10/fdx, 2=100/hdx, 3=100/fdx, 4=Auto(defit) rommon 2 > IP_ADDRESS=192.168.1.100 rommon 3 > IP_SUBNET_MASK=255.255.255.0 rommon 4 > DEFAULT_GATEWAY=192.168.1.100 rommon 5 > TFTP_SERVER=192.168.1.1 rommon 6 > TFTP_FILE=c2600--mz.122-28.bin rommon 7 > tftpdnid IP_ADDRESS: 192.168.1.100 IP SUBNET_MASK: 255.255.255.0 DEFAULT_GATEWAY: 192.168.1.100 TFTP_ SERVER: 192.168.1.1 TFTP_FILE: c2600-i-mz.122-28.bin Invoke this command for disaster recovery only. WARNING: all existing data in all partitions on flash will be lost! Do you wish to continue? y/n: [n]: % NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 266Receiving ¢2600-i-mz.122-28.bin from 192.168.1.1 File reception completed. Copying file <2600-i-mz.122-28.bin to flash. Erasing flash at 0x60000000 Erasing flash at 0x60080000 program flash location 0x60530000 program flash location 0x60540000 program flash location 0x60550000 rommon 8 > reset System Bootstrap, Version 12.1(31)T2, RELEASE SOFTWARE (fel) Copyright (c) 2000 by cisco Systems, Inc. cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Self decompressing the image : AAHELEAODHELELORHSUAY IAN AAHHATEPHAAULEDERUELEH TED ELH IEEREH HAD ER HARARE [Ok] Restricted Rights Legend Use, duplication, or disclosure by the Government is, subject to restrictions as set forth in subparagraph (0) of the Commercial Computer Software - Restricted Rights clause at FAR sec. 52.227-19 and subparagraph (©) () (ii) of the Rights in Technical Data and Computer Software clause at DFARS sec. 252.227-7013. cisco Systems, Inc. 170 West Tasman Drive San Jose, California 95134-1706 Cisco Internetwork Operating System Software 1OS (tm) C2600 Software (C2600--M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang cisco 2621 (MPC860) processor (revision 0x200) with 60416K/5120K bytes of memory Processor board ID JADOSISOMTZ (4292891495) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 2 FastEthernet/IEEE 802.3 interface(s) 2 Low-speed serial(syne/asyne) network interface(s) 32K bytes of non-volatile configuration memory. 63488K bytes of ATA CompactFlash (Read/Write) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 267SUB-MARING CABLING: ‘There are 4 major players for International bandwidth in India. VSNL/Tata, Bharti Airtel, Reliance and BSNL India connects to the world through 4 cities Chennai, Mumbai, Cochin and Tuticorin. Here are the 8 submarine cables connecting India with details: The 8 submarine cables connecting India to the world: SMWgw: Stands for South East Asia — Middle East — Western Europe this cable connects Western Europe, Middle East and South east Asia. There are a total of 39 landing points through the cable's journey and it touches India at Mumbai first and connects the rest of Asia through Cochin. The landing station in Mumbai is owned by VSNL/Tata. 9. SMW4 : Stands for South East Asia - Middle East ~ Western Europe, this cable connects Western Europe, Middle East and South east Asia. It has around 17 landing points and touches India in ‘Mumbai and Chennai. Landing station in Mumbai is owned by VSNL/Tata and landing station in Chennai is owned by Bharti Airtel. . SAFE : South Africa Far East Cable. This cable comes from Melkbossstrand in South Africa, linking Durban, Mauritius on the way to Cochin, India. Landing station in Cochin is owned by VSNL/T: FLAG : Stands for Fiber Optic Link Around the Globe. This cable runs through the Suez.canal connecting middle east and touches India at Mumbai. The cable network is owned by FLAG Telecom which is bought by Reliance and is now a Reliance company. The landing station in Mumbai is owned by VSNL/Tata. From Mumbai the cable goes to south east Asia. 5. izi: Airtel SIngtel joint venture company is responsible for this 3100 km long cable fromSingapore to Chennai. The landing station is in Chennai. From Singapore it will connect to SEA-ME-WE 3 and APCN TIC :: Following the same route as izi, TIC stands for Tata Indicom India Singapore Cable. It connects Chennai and Singapore. TIC is owned by VSNL with the landing station in Chennai. In Singapore the landing station is in Changi. The cable is 3175 km long. . Falcon : Europe-Middle East- India cable with landing station in Mumbai. The cable and the landing station is owned by Reliance. . Indo-Sri Lanka Cable : Landing station is owned by BSNL and this cable connects Tuticorin and Colombo, Sri Lanka. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 268NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 269NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 270NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 271NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 272WAN Technologies Leased lines, Frame relay Service Provider A NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 273NOAsomens NOAsorons NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 274NOAcomons » There are 4 major players for International bandwidth in India. » VSNL/Tata, Bharti Airtel, Reliance and BSNL. NOAsornm WAN Connection Types ater iy vet Cece ‘Synchronous Serial Asynchronous Serial, ey ISDN Layer 4 a ed Circuit-Switched Se ‘Synchronous Serial Packet Switched Es sonice —z G9) Prov NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 275NOAcorons Leased Lines Permanent connection for the destination Used for short o long distance Bandwidth is fixed Availabilty is 24/7 © Charges are fixed whether used or not. Uses analog circuits Always same path is used for destination + Example is Leased Line TATA, Reliance, Railtel, BSNL Leased Lines gap 24\ gh \N ~ 10.0.0.0/8, LAN - 20.0.0.0/8 HYDERABAD. BANGLORE OFFICE OFFICE 6.703 EXCHANGE 6.703 Modem BANGLORE ‘MUX NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 276NOAsomeans Leased lines vs. Frame relay “es » Number of interfaces » Cost » Ease of management NOAsormens Frame Relay > Uses existing service provider to provide connectivity > Cost effective solution for leased lines SS romsry NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 277NOAsomens Virtual Circuit Cans iy rewaig Che cer Connections in Frame Relay are provided by Virtual circuits multiple logical connections on same physical connection DLCI Frame Relay Data link connection Identifier Cloud identify Virtual Ci Range (16 -1007) Given by service provider. Local DLCI maps with remote IP address. Manual or automatic mapping ( Inverse ARP) Frame Relay Compared with Ethernet LAN sean NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 278NOAcomons LMI (local management Interface) » Keepalive messages used between router and FR switch for checking the connectivity. Frame relay LMI types? 1. CISCO (Default) 2. ANSI 3.Q933A Note:- On Cisco router LMI is auto sense able no need to configure NOAsornos Frame Relay network types » Point to point » Point to multipoint Frame Relay Cloud NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 279NOAcomons Frame-Relay Point to point Configuration Frame Relay Cloud (config) Finterface Serial 0/0 2(contig) interface Serial0/0 Riconfig-f no shutdown (contig. i) fno shutdown Ri(config-if)# ip address 10.0.0.1255.0.0.0 Ro(config-if}# ip address 10.0.0.2 255.0.0.0 Ri(config-if)# encapsulation frame-relay —__R2(config-if}# encapsulation frame-relay Ri(config:ivend R2(confg.ifend NOAsornos Frame-Relay Point to point Configuration FRSW(config)#frame-relay switching py FRSWieontghe Int 070 Frame Relay Cloud FRSWconfig-fne shutdown FRSW(confgci)# encapsulation frame-relay FRSWiconfigsif freme-elayint-type dee FRSW(confs)# int 0 FRSW(confg-f)# frame-elay route 100 int 30/1 200 FRSW(configiNfno shutdown rasweonen eat FRSW(confis:ifh# encapsulation frame-elay FRSW(configifif frame-relayint-type dee FRSW(config:fh# frame-elay route 200 in: 30/0100 FRSW\config:fifext NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 280Verifying Frame Relay RSW ame ceay route Frame Relay Cloud Inpucieet” Input Del Output net Outpu Dil stats Serial 100 Serial 200 ace SeisloM 200 SerialyO 109 ative Ries frame-elay map Seria0/0 (up: 10.0.0.2 et 1OOKOx64.CH1040), dynamic. Ridping 10.002 Sending 5. 100-byteICMP Echos to 10.002, timeout 2 secads Success ates 100 percent (5/5). roundtrip mivawgymax = 4/5108 ms LAB_BASIC FR IMPLEMENTATION Frame Relay Cloud Rltconft R(config)#interface SerialO/O RI(config-if}#no shutdown RI(configcif}# ip address 10.0.0. 255.0.0.0 RI(configcif}# encapsulation frame-relay RU(config-if)#end R2 R2¥conft NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 281R2(config)#interface SerialO/O R2(config-if}#no shutdown R2(config-if)# ip address 10.0.0.2 255.0.0.0 R2(config-if}# encapsulation frame-relay R2(config-if)#end R2#sh ip int brief Interface IP-Address OK? Method Status Protocol Serial0/0 10.0.0.2 YES manual up down Serial unassigned YES unset administratively down down Serialo/2 unassigned YES unset administratively down down SerialO/3 unassigned YES unset administratively down down R2gsh run int s0/O Building configuration... Current configuration : 109 bytes interface Serial0/0 ip address 10.0.0,2 255.0.0.0 encapsulation frame-relay serial restart-delay 0 end R2gping 10.0.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds: Success rate is 0 percent (0/5) (On FRSW FRSW>enable FRSWconf t FRSW(config)#frame-relay switching FRSW(config)# int s0/0 FRSW/(config.if}#no shutdown FRSW(configif}# encapsulation frame-relay FRSW(config.if}# frame-relay intf-type dee FRSW(config.if}# frame-relay Imi-type cisco FRSW(config-if}# frame-relay route 100 int sO/1 200 FRSW(config-if}#exit FRSW(config)#int sO/1 FRSW(config.if}#no shutdown FRSW/(config-if}# encapsulation frame-relay NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 282FRSW(config.if}# frame-relay intf-type dee FRSW(config.if}# frame-relay Imi-type cisco FRSW(config-if}# frame-relay route 200 int s0/0 100 FRSW(config-if}#end FRSW4sh frame-relay route Input Intf Input Dici Output Intf_ Output Dici Status Serial0/0 100 SerialO/1 200 active SerialO/| 200 Serial0/0 100 active Riffsh frame-relay map Serial0/O (up): ip TONE TO0(0x64 .0x1840), dynamic, broadcast, CISCO, status defined, Betve Ri#ping 10.0.0.2 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds: ma Success rate is 100 percent (5/5), round-trip min/avg/max = 4/55/104 ms Rldsh frame-relay Imi LMI Statistics for interface Serial0/O (Frame Relay DTE) IMITYPEIIcIsco Invalid Unnumbered info 0 Invalid Prot Dise 0 Invalid dummy Call Ref 0 Invalid Msg Type O Invalid Status Message 0 Invalid Lock shift © Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Status Eng, Sent 103 Num Status mags Revd 32 Num Update Status Revd 0 Num Status Timeouts 70 Last Full Status Req 00:00:02 _Last Full Status Revd 00: NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 283NOAcorons Modern WAN Connections eee MPLS Metro Ethernet Virtual Private Network ( VPN) DSL Cable VSAT Metro Ethernet lines > Initially Ethemet was only restricted to LAN ( distance limits) > Use fiber Standards support for longer distances. » Overcome both speed and Distance limits » Service providers started using Ethernet in WAN. oa NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 284NOAsomon Advantages » Support high Speeds up to 100 Mpbs or 1 Gbps ( Frame relay upto 44 Mbps). » Customer end uses Ethernet Interface ( Instead of Serial ) (onetinonet (ines tine cron er) ovis twat >>) rope) eo. —_!7 ? ‘Gio/0" teuorer or ‘euonent NOAsomeon Chae gh ing Metro Ethernet Switches ME 3400 ,catalyst 3750, ME3800X, ME 4900, NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 285NOAsammens Multi Protocol Label Switching (MPLS) ““""""*”"™**see~™" Works more like Frame Relay or Wan Ethernet. Uses “Labels” appended to packets for transport of data. Most common WAN technology used by service providers in today’s networks. MPLS packets can run on other layer 2 technologies such as ATM,FR, PPP, POS, Ethernet Advantages : More scalable. NOAsomens NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 286NOAsomens Virtual Private Network eae provides connection between two or more privete networks across a public network, such as the Internet. AVPN connection across the Internet is similar to a wide area network (WAN) link between the sites. Needs to have registered public IP to Identify VPN Connection over Internet Cos effective. es Cee i—“s VPN Types NOAsomens Site-to-site VPN » allow a company to ‘connect its remote sites to the corporate backbone securely Internet tens VP a NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 287NOAsomens How about Security over Internet (VPN Continued) Censored Che cer VPN uses IPSec to provide secure communication ‘over Internet IPSec isan industry wide standard site of protocols and algorithms Allows for secure data transmision over an IP-based network Data confidentiality Ensures no one ean see the Information( uses strong Eneryplion Algorithms) Data integrity Ensure that the data has not been altered during teansmission (uses hashing Algorithms) Data origin authentication ‘Authenticate the source of the IPSec packets sent. NOAsomeon Chaar ih oning Ct cer ty ay at “Very Small Aperture Terminal” all the private WAN services discussed so far in this chapter happen to use somekind of cabling. the locations that need a WAN connection are in places where no service provider offers a WAN service islands where the population is too small to justify expensive underwater cabling, or maybe the terrain just does not allow for cables to be run. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 288NOAsomeans af + Tt sé a ‘The VSAT dish sits outside, pointed at a specific satellite, and is cabled to a special router interface, with the router inside the building. \VSAT isa flexible and rapidly deployable satellite communications platform which can be installed almost everywhere to deliver data, voice, video and Internet access. It only needs to have a clear line of sight to the satellite. NOAsomins Internet core "y exists as LANs & WANs ‘owned and operated by Internet Service providers ((sP) frne NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 289NOAsamoms Options to connect to internet » Dial Up » DSL » Cable NOAsomeins Dialup Internet Access a » Allow once service at one time (voice/Intemet) » offers low speed internet access (max 56 Kbps) + Unstable Dial-up Connection cS NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 290NOAsormeans Other Options to connect to internet NOAsomes DSL (Digital subscriber line) » traditional telephone companies to deliver high-speed data and sometimes video) over twisted- pair copper telephone wires 20 times the speed of a dial-up ‘connection, DSL uses your existing phone wiring, it doesn't tie up your phone line. DSI access Multiplexer separate voice and data traffic NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 291NOAcomeons DSL Modems for sharing Internet Access. eres NOAsomes Internet connection using Cable Soave Netrwmeme comers Uses the existing Cable TV (CATV) to send data. Backend connectivity is build based on fiber/Coaxial Cable. (instead of telco) Uses Cable modem Support high speeds & longer distances compared to DSL. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comA Simro Cable Modems NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 293NOAsomons OSI Model & TCP/IP ROTTS OSI Model & TCP/IP i TCP/IP Theoretical model (OSI Reference Model Topp | NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 294OSI Model » developed by the International Organization for Standardization (ISO) and introduced around 1980. It is a layered architecture (consists of seven layers) which defines and explains how the communication happens in between two or more network devices within the organization or internet. Each layer defines a set of functions in data communication. Application Layer (Layer 7) » Provides a user interface for the users to interact with application services or Networking Services. Ex: Web browser etc. NOAsommos vA ea Re cleo) 5. Session og 3. Network eric ali Pel NOAsoros cas nena OC we e NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 295NOAsommos » Identification of Services is done using Port Numbers. » Port isa logical communication Channel » Port number is a 16 bit identifier. Total No, Ports 0- 65535 Reserved Ports 11023 Unreserved Ports 1024~ 65535 Service HTTP. FIP ‘SMTP TELNET, TETP Presentation Layer (Layer 6) » responsible for defining a standard format for the data. It deats with data presentation. Encoding - Decoding x: ASC, EBCDIC (Text) SIPEG.GIETIFE (Graphics) MIDLWAV (Voie) MPEG.DATAVI (Video) Encryption — Decryption x: DES, 3.DES, ABS ‘Compression — Decompression fx: Predictor, Stacker, MPPC NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 296SMITE Session Layer (Layer 5) NOAsomons » It is responsible for establishing, maintaining and terminating the sessions. » It deals with sessions or Interactions between the applications. » Session ID is used to identify a session or intera + Ex: RPC, SQL, NFS [_ Wedsenion | NOAsommems Application layer protocols inside TCP/IP ““"""™—""""—" 7 6 5 application layer provides an interface between software running on a computer and the network itself Examples for this layer are: Telnet, FTP, TTP, SMTP, SNMP, DNS, DHCP etc. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 297HTTP » Allow to access Webpages. > http://noasolutions.com/ FTP (File Transfer Protocol) It allows you to transfer files from one machine to another. It also allows access to both directories and files. It uses TCP for data transfer and hence slow but reliable, NOAsomons Telnet i » Telnet is used for Terminal _ Emulation. » Itallows a user sitting on a remote machine to access the resources of another machine. SMTP » Allow you to send and receive ‘emails messages NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 298TF TP (File Transfer Protocol) This is stripped down version of FTP. thas no directory browsing abilities. It can only send and receive files It uses UDP for data transfer and hence faster but not reliable, Simple Network Management Protocol SNMP enable a central management of Network. Using SNMP an administrator can wateh the entire network. SNMP works with TCPAP IT uses UDP for transportation of the data, NOAsomons DNS (Domain Name Service) DNS resolves FQDN with IP address. DNS allows you to use a domain name to specify and IP address. Ie maintains a database for IP address and Hostnames. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comDHCP (Dynamic Host Configuration Protocol) Dynamically assigns IP address to hosts Also provide DNs and Gateway information if needed sea Solutiong Assigning a Dynamic IPv4 Address to a Host NOAsmmm [Assigning a Dynamic IPva Address DHCP - preferred method of “leasing” IPv4 addresses to hosts on large networks, reduces the burden on network support staff and virtually eliminates entry errors NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 300NOAsommoms Transport Layer (Layer 4) Siren Responsible for end-to-end transportation of data between the applications. ‘The major functions described at the Transport Layer are. Identifying Service Multiplexing & De-multiplexing Segmentation Sequencing & Reassembling Error Correction Flow Control NOAsormons Identifying a Servi » Services are identified at this layer with the help of Port No's. » The major protocols which takes care of Data Transportation at Transport layer are... TCR UDP Ter UDP “Transmission Control Protocol User Datagram Protocol Connection Oriented Connection Less Reliable communication( with Unreliable communication(no Ack’s) Ack’s) Slower data Transportation Faster data Transportation Protocol No is 6 Protocol No is 17 Eg: HTTP FTR SMTP Eg: DNS, DHCP TFTP NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 301NOAsommos Segmentation Multiplexing & Demuttipl NOAsomons Flow Control TCP Cargeon and Flow onto = = 2 & vores eames rer} |] SS ag 8 cece 501 TBE 00 cine enn || hero e201 menos Ka Sa rien go) — HED Ss 9-508 nae hanna naires none 201 receve ACK ogra ae st because of enngestn, he Reeder wt conedge east ecoed Sequential segrent and rey mh 8 ‘edicod now 8 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 302‘anspor Layer Senicas Network Layer (Layer 3) Roe Rrscaas cote > Itis responsible for end-to end Transportation of data across multiple networks. » Logical addressing & Path determination (Routing) are described at this layer. » The protocols works at Network layer are Routed Protocols: Routed protocols acts as data carriers and defines logical addressing. IR IPX, AppleTalk... Etc Routing Protocols: Routing protocols performs Path determination (Routing) RIP IGRR EIGRR, OSPF. Ete Devices works at Network Layer are Router, Multilayer switch et. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 303NOAsomons Data-link Layer (Layer 2) It is responsible for end-to-end delivery of data between the devices on a LAN Network segment. Data link layer comprises of two sub-layers. » It deals with hardware addresses (MAC addresses). » It also provides ERROR DETECTION using CRC (Cyclic Redundancy Check) and FRAMING (Encapsulation). Devices works at Data link layer are Switches. NOAsormons Physical Layer (Layer 1) » It deals with physical transmission of Binary data on the given media (copper, Fiber, wireless...) » It also deals with electrical, Mechanical and functional specifications of the devices, media... etc Copper media : Electrical signals of different voltages © Fiber media Light pulses of different wavelengths © Wireless media Radio frequency waves NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 304Devices works at physical layer are Hub, Modems, Repeater, and Transmission Media Hub OSI Model Format ‘TRANSMIT RECEIVE ‘Application layer peste Sesion ayer Transport ayer ain ... Nero yer Pett Copan —< 1 ota tink a oo peas wie «> rattan ener Pace oat NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 305NOAsomons HTTP, FTP, SuTP JPEG, GIF, MPEG ‘AppleTalk, WinSock TCP, UDP, SPX 1P, ICMP, IPX router Ethernet, ATM switch, bridge Ethemet, Token Ring hub, repeater NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.comTroubleshooting Routing & Switching NOAsomeons Troubleshooting User Connectivity Physical connectivity: el Make sure the cable, network adapter, and switch port are good. (Check the ports link LED. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 307(Solutions) Switch Port/Interface Issues NOAs senting rane No cable connected: Connect the cable rom the switch oa known good deve ‘Wrong por: ‘Make sure that bath end ofthe cable are pled nto the coer port Device has no power Ensue that both devas hove power ‘Wrong cable type Very that the covet type of able beng used, Bad cable: Swap the spect cable with a known good cable, Look aseesane for broken or mising pins on connectors Loote connections Check for loote connections. Sometimes cabiesppeses To be seated inthe jack, Bu Is et. Unplg the abe SWI interfaces status ro notcomet 1 auto auto 10N008aseTX rain connected tank ful 100 4/100BaeTX Fala connected turk full 100 10/1008a5eTX ra connected trunk full 100 1/1008a:eTX Fue connected trunk ull 100 10/1008aeT aus connacted 15 fll 1001000807 ras connected 16 fll 10010/1008areTX rau fonnected M1 fa 100 1071000aseTx rave connected 18 fll 100 10/100845eTx re notconnect 19 auto auto 1N0OBaseTX Fano connected 19 ful 100 1/1008aseTx Fat connected tank fill 100 10/1008aHeTX Fein connected trunk full 100 100087 rus connected unk ull 100 1/1008 reine imbled 143 auto. auto 1/1008aeTX rains ennecied 21 ful 100 10/10DBaseTx NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 308What is Duplex Half Duplex > Hub always works in half duplex mode. Ful uplex stun » Switches —=—- ie NOAsomons Troubleshooting Example: Duplex/Speed Mismatch “The user on PCI has complained that teanserrng large files to SRVI takes hours ‘The maximum throughput the user can expec is 100 Mbps between the client and the ‘Transfer of 1 GB of data at the rate of 100 Mbps should take approximately 80 seconds (not factoring overhead). Potential explanations Congestion on the network or underperforming hardware or software on the dient, network, oF serve. » Average load on the like inthe path has not been higher than 50 peraent over the Tae few hours, ruling out congestion as the cause, NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 309).NSolutions} ASW) show interface Fastgthernet 0/i | include duplex Full-duplex, 100M&/s, media type is 10/100Base 1% ASULE show Antarfaces FastEthernet 0/1 counters errors ° thow interface Fastathemet 0/1 | include duplex show interfaces astethernet 0/1 counters errors Revere Undersize -sen Rants Giants 0 4 NOAsomin » Amismatched manual speed and duplex configuration has caused this. Configure both sides for auto-negotiation, clear the counters, and confirm that the negotiation results in full duplex. Verify on the switches that the FCS and collision counters do not increase. Switeh(config)#int 1071 Switeh(config:#speed ? 10 Force 10 Mbps operation 100 Force 100 Mbps operation auto Enable AUTO speed configuration Switch config-i)#duplex? auto Enable AUTO duplex configuration full Force full duplex operation half Force halfduplex operation NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 310NOAsomons Automatic medium-dependent interface crossover Sener rene i (Auto-MDIX) » This feature automatically detects the required eable connection type (steaight-through or crossover) for a Auto-MDIX connection. If one of the two sides of a 7. connection supports auto-MDIX, a crossover or a straight-through Ethernet cable will work. This feature depends on the speed and duplex auto-negotiation feature being enabled. The default setting for auto-MDIX ‘was changed from disabled to enabled with IOS Release 12.2(20)SE. NOAsomens To Configure (Auto-MDIX) ‘This feature manually enabled using the mdix auto command. SWI(config)# interface Fastéthemet O/1 SWI(config-if)# shutdown ; SWI(config-if)# speed auto Verify (Auto-MDIX) SWI(config-if}# duplex auto SWI(config-i# mdix auto SWI show interface FastEthernet O/ transceiver properties, SWI(config-i# no shutdown Diagnostic Monitoring i not implemented SWI(config-if# end Name: Fao" Administrative Speed: auto Administrative Duplex: auto ‘Administrative Auto-MDIX: on ‘Administrative Power Inline: N/A ‘Operational Speed: 100 Operational Duplex: ful ‘Operational Auto-MDIX: on ‘Media Type: 10/100BaseTX NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 311Cisco Discovery protocol » proprietary protocol developed by Cisco Systems, Its used to share information about other directly connected Cisco equipment, such as the connected ports ,operating system. version and IP address. By default, CDP announcements are sent every 60 seconds on interfaces From a troubleshooting perspective, CDP ‘an be used to either confirm or fix the documentation shown in a network diagram, or even discover the devices and interfaces used in a network. The show cdp neighbor command delivers information about directly connected devices. The show edp neighbor command delivers information about directly connected devices. sh edp neighbors Device ID Local Interface Holdtime Capability Platform Port ID # sh cdp neighbors detail # sh edp interface NOAsorons cava il reine Cw wer Bi NOAsomens Graver bi eve Che cer Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Page 312NOAsomons SWW.2#sh edp neighbors Capability Codes: R - Router T - Trans Bridge, B - Source Route Bridge 5 Switch, H- Host, 1- IGM ¢- Repeater, P- Phone Device ID Localntrfee Holdtme Capability Platform Fort ID Ra Fas” 4 RL C2600—Fas 00 Switch Fas 0/22 m5 S 2950 Fas 0/22 R2 Fas 72 BBR C84 Fas 070 R3 Fas 03 Cn oe Fas 0/20 168 3560 Fas0/20 Fas 0722 15 $2950 Fas 0722 ] \ \ \ ition sw2nneap nition tal Ey aes traces aero Fo 1 aug Fon: athena co menetwork paige Sore 15 er) C2600 etre (C2601). ern 12.228), RELEASE SOFTWARE cay apy (1986205 co Syne ‘ ComptedWed27 Ap-o4Wotby unre Dee Sueh SoS 10st 2940 Sonar (C2380 16QH2 Ml) Veion2G2)EM RELEASE ‘ermwase epyihe 1986108 by cio Syren pies es 18.05 231 yeaa NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 313LAB: VERIFY CDP. TASK: Configure on RI, R2, R3, SWI using IP address as per the Diagram. Rel(config) #int £0/0 Rel(config-if}fip address 192.168.1.100 255.255.2550 Rel(config.if}#no sh Rel(config-ifh#exit R-2(config)fint f0/0 R-2(config-iffip address 192.168.2.100 255.255.255.0 R-2(config.ifino sh R-2(config-if\exit R-3(config)#int f0/0 R-3(config.iffip address 192.168.3.100 255.255.255.0 R-3(config.if}#no shutdown R-3(config-iffexit Sw-1(config)fint vlan 1 SW-1(config-if#ip address 172.16.1.1 255.255,255.0 SW-I(config-iN#no sh SW-A(config-ififexit NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 314‘SW-2ifsh edp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S - Switch, H - Host, | - IGMP, r - Repeater, P - Phone Device ID Local Intrfce Holdtme Capability Platform Port ID RU FasoA 134 R ¢2600 Fasi0/0 ‘SwitehiFaso22 15 S 2950 asi0722 R2UFaso2 = 138 R c1B41_— Fas 0/0 RSUNFSO3 = 160 R C2800 Fas0/0 SWANNNNFASO/20 (168 3560 Fas 0/20 swaFasio722 175 2950 Fas 0/22 SW-2#tsh edp Global CDP information: Sending CDP packets BVBRMeOseconds Sending a holdtime aluelef180lseeonds: Sending CDPv2 advertisements is enabled SW/-2itsh dp interface FastEthemet0/1 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/2 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/3 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/4 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/5 is down. line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/6 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds Fastthemet0/7 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/8 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/9 is down. line protocol is down Sending CDP packets every 60 seconds NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 315Holdtime is 180 seconds FastEthemetO/10 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/1I is down, line protocol is down, Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemetO/12 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastthemetO/13 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/14 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemetO/15 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/16 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds Fastthemet0/17 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemetO/18 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/19 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthernet0/20 is up. line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/21 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/22 is up, line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/23 is down, line protocol is down. Sending CDP packets every 60 seconds Holdtime is 180 seconds FastEthemet0/24 is down, line protocol is down, Sending CDP packets every 60 seconds NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 316Holdtime is 180 seconds GigabitEthemet1/1 is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds GigabitEthemet1/2 Is down, line protocol is down Sending CDP packets every 60 seconds Holdtime is 180 seconds SWW-21/sh edp neighbors detail Device ID: RA Entry address(es): IP address : 192.168.1.100 Platform: cisco C2600, Capabilities: Router Interface: FastEthernetO/1, Port ID (outgoing port): FastEthernet0/O Holdtime: 125 Version : Cisco Internetwork Operating System Software 105 (tm) €2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http://www.clsco.com/techsupport Copyright (c) 1986-2008 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang advertisement version: 2 Duplex: full Device ID: Switch Entry address(es): Platform: cisco 2950, Capabilities: Switch Interface: FastEthernet©/22, Port ID (outgoing port): FastEthernet(/22 Holdtime: 46 Version : Cisco Internetwork Operating System Software 1S (tm) E2950 |Seftwate (C29SO16Q4I2M) Version 1201(22)EA4, RELEASE SOFTWARE(fcl) Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 18-May-05 22:31 by jharirba advertisement version: 2 Duplex: full Device ID: R2 Entry address(es): Holdtime: 129 Version : NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 317Cisco 10S Software, 1841 Software (C1841-ADVIPSERVICESK9-M), Version 12.4(15)T1, RELEASE SOFTWARE (f2) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 04:52 by pt_team advertisement version: 2 Duplex: full Device ID: R-3 Entry address(es): IP address : 192.168.3.100 Platform: cisco C2800, Capabilities: Router Interface: FastEthernet0/3, Port ID (outgoing port): FastEthernet0/0 Holdtime: 150 Version : Cisco 10S Software, 2800 Software (C2800NM-ADVIPSERVICESK9-M), Version 12.4(15)TI, RELEASE SOFTWARE (fe2) Technical Support: http://www.clsco.com/techsupport Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Wed 18-Jul-07 06:21 by pt_rel_team advertisement version: 2 Duplex: full Entry address(es): Version Cisco 1OS Software, C3560 Software (C3560-ADVIPSERVICESK9-M), Version 12.2(37)SEI, RELEASE SOFTWARE (fel) Copyright (c) 1986-2007 by Cisco Systems, Inc. Compiled Thu 05-Jul-07 22:22 by pt_team advertisement version: 2 Duplex: full Entry address(es): Holdtime: 166 Version : Cisco Internetwork Operating System Software 105 (tm) C2950 Software (C2950-I6Q4L2-M). Version 12.1(22)EA4, RELEASE SOFTWARE(fcl) Copyright (c) 1986-2005 by cisco Systems. Inc. NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 318Compiled Wed 18-May-05 22:31 by jharirba advertisement version: 2 Duplex: full TASK: configure SW2 to Disable CDP ‘SW-2(config}#no edp run SW-2#sh edp TASK: configure SW2 toEnable CDP SW-2(config)fedp run SW-2(configh#end SW-2#tsh edp Global CDP information: Sending CDP packets every 60 seconds Sending a holdtime value of 180 seconds Sending CDPv2 advertisements is enabled SW-2(config)ffint f0/20 SW-2(config.if}#no cdp enable SW-2f'sh cdp interface f0/20 SWV-24'sh cdp interface fO/ FastEthemetO/1 is up. line protocol is up Sending CDP packets every 60 seconds Holdtime is 180 seconds ‘SW-24sh edp neighbors Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge S = Switch, H - Host, | - IGMP, r= Repeater, P- Phone Device ID Local Intrice Holdtme Capability Platform Port ID RA Faso 136 R C2600 Fas 0/0 R2 Fas 0/2 140 R cisat_—Faso/o R3 Fas 0/3 161 R €2800 Fas 0/0 w3 Fas0/22. «177 S 2950 Fas0/22 NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 319NOAsomons Troubleshooting VLAN Issues Physical connectivity Sh Interface Status Sh ip interface Brief Same Network (IP and Subnet Mask) Ipconfig, (cmd) Make sure the hosts are in the correct VLAN. shvlan, 92.405..4/24 NOAsomons awe ply ering Ct eer Troubleshooting Trunking Users to be on the Same vlan of both devices, ‘Are the same VLANs permitted on both sides? Check Trunk configurations (Trunking configured or not) ‘Are both sides of the link in the correct Trunking mode? # Sh interface 10/20 switchport Is the same trunk encapsulation on both sides? (ISL/Dotlq) # Sh interface Trunk NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 320NOAsomon Troubleshooting Trunking SWAsh interfaces trunk Port Mode Encapsulation Status Native vlan Fa0/24 on = 802.1q_— trunking 10, Port Vians allowed on trunk Fa0/24 10.20 Port Viens allowed and active in management domain F20/24 10.20 Port Vians in spanning tree forwarding state and not pruned F20/24 10,20 NOAsomons Summary of all Issues that could cause the Suen Net edn Cicer communication to fail: Physical problems Bad, missing, or miswired cables Bad ports Power failure Device problems Software bugs Performance problems Misconfiguration Missing or wrong VLANs ‘Wrong VLAN setting on access ports Missing or misconfigured trunks VLANs not allowed on trunk NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 321Troubleshooting Connectivity =» \ R-l#show ip interface brief Iecerface PAddress OK? Method Status Proxocol FastEthernetG/O 192.168.1100 YES manual up re FastEtherneiG/ unasigned YES unset administratively down down SeralO/0 1000.1 YES — manual up we Serial uunasigned YES unset administratively down down, NOAsonons Troubleshooting Connectivity(contd) 1) Serial is up, line protocol is up + Connectivity i fine. wl 2) Serial is down, line protocol is down \ + remote device tuned off a + remote port is in shutdown state “ + interface on the remote router has to be configured + problem with connectivity 3) Serial is administratively down, line protocol is down local port isin shut down state + No Shutdown has to be given on the local router interface 4) Serial is up, line protocol is down Encapsulation mismatch clock rate command not given on serial interface ( only applies in lab scenario ) ifusing PPP . then authentication mismatch NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 322NOAsarmon Troubleshooting Rou Connectivity "sutonioe tmasenzne Understanding the Basic Routing Process Verifying the Routing Table for entry for destination show ip route Verify the routing configurations Sh running-config, NOAsomonn Troubleshooting Static & Default Routing » Assuming all interfaces are UP UP » Verifying the Routing Table for entry for destination. show ip route oe are » Verify the routing vmveaaae tata configurations Sh running-config > Ensure that next hop is correct and is reachable. (both sides) » Ensure that ACL is not dropping packets (traceroute) NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 323Solutions Trouble shooting OSPF: NOA Connectivity between the routers. (UP and UP) + Ping connected interface + Show ip int brief (UP UP) Ospf configurations + Show ip cspf neighbor + Show ip ospf int brief (Interface area ) Neighbor issues Advertisements (Show ip ospt int brief . sh run | ospf Area (show ip osp int brie) Hello and dead (sh run int sO ) ACL Drops the packet. (traceroute/ sh run int f0/0) (interface fare ) NOAsomion Troubleshooting EIGRP ae Connectivity between the routers (UP and UP) + Ping connected interface + Show ip int brief (UP UP) EIGRP configurations verify neighbors hip + Advertisements ( show ip eigrp interfaces ) + AS—no mismatch + Authentication sean it 10 Show keyain + Kevalues (sh run | s eigrp) (sh ip protocols ) ‘ACL Drops the packet NOA solutions N.K Arcade, 2nd & 3rd floor, Opposite to banjara function hall, Banjara hills road no 1 Hyderabad, INDIA. +91 40 65890380, +91 7036826345 info@noasolutions.com Page 324

CCNA Sikandar 2015 Final Version 1

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

CCNA Sikandar 2015 Final Version 1

Caricato da

Copyright:

Formati disponibili

Potrebbero piacerti anche