Jamthy's Blog: CCNA guide

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

___________________________________________

Cisco CCNA Study Guide

________________________________________________

Aaron Balchunas

aaron@routeralley.com

http://www.routeralley.com

________________________________________________

Foreword:

This study guide is intended to provide those pursuing the CCNA

certification with a framework of what concepts need to be studied. This is

not a comprehensive document containing all the secrets of the CCNA, nor

is it a “braindump” of questions and answers.

This document is freely given, and can be freely distributed. However, the

contents of this document cannot be altered, without my written consent.

Nor can this document be sold or published without my expressed consent.

I sincerely hope that this document provides some assistance and clarity in

your studies.

________________________________________________

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Table of Contents

Part I – General Networking Concepts

Section 1 Introduction to Networking

Section 2 OSI Reference Model

Section 3 Ethernet Standards

Section 4 Hubs vs. Switches vs. Routers

Section 5 STP

Section 6 IPv4 Addressing and Subnetting

Section 7 TCP and UDP

Section 8 IPv6 Addressing

Section 9 Introduction to 802.11 Wireless

Part II – The Cisco IOS

Section 10 Router Components

Section 11 Introduction to the Cisco IOS

Section 12 Advanced IOS Functions

Part III - Routing

Section 13 The Routing Table

Section 14 Static vs. Dynamic Routing

Section 15 Classful vs. Classless Routing

Section 16 Configuring Static Routes

Section 17 RIPv1 & RIPv2

Section 18 IGRP

Section 19 EIGRP

Section 20 OSPF

Part IV – VLANs, Access-Lists, and Services

Section 21 VLANs and VTP

Section 22 Access-Lists

Section 23 DNS and DHCP

Part V - WANs

Section 24 Basic WAN Concepts

Section 25 PPP

Section 26 Frame-Relay

Section 27 NAT

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

________________________________________________

Part I

General Networking Concepts

________________________________________________

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 1

- Introduction to Networking -

What is a Network?

A network is defined as devices connected together to share information

and services. The types of data/services that can be shared on a network is

endless - documents, music, email, websites, databases, printers, faxes,

telephony, videoconferencing, etc.

Protocols are “rules” that govern the method by which devices share data

and services. Protocols are covered in great detail in subsequent sections.

Basic Network Types

Networks are generally broken down into two types:

LANs (Local Area Networks) - a high-speed network that covers a

relatively small geographic area, usually contained within a single building

or campus. A LAN is usually under the administrative control of a single

entity/organization.

WANs (Wide Area Networks) – The book definition of a WAN is a

network that spans large geographical locations, usually to interconnect

multiple LANs.

A more practical definition describes a WAN as a network that traverses a

public network or commercial carrier, using one of several WAN

technologies. Thus, a WAN can be under the administrative control of

several entities or organizations, and does not need to “span large

geographical distances.”

Note: Occasionally, books will define a third type of network known as a

MAN (Metropolitan Area Network). A MAN is defined as a network that

spans several LAN’s across a city-wide geographic area. The term “MAN”

is less prevalent than either LAN or WAN.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Network “Architectures”

A host refers to any device that is connected to your network. Some define a

host as any device that has been assigned a network address.

A host can serve one or more functions:

• A host can request data (often referred to as a client)

• A host can provide data (often referred to as a server)

• A host can both request and provide data (often referred to as a peer)

Because of these varying functions, multiple network “architectures” have

been developed, including:

• Peer-to-Peer networks

• Client/Server networks

• Mainframe/Terminal networks

When using a peer-to-peer architecture, all hosts on the network can both

request and provide data and services. For example, configuring two

Windows XP workstations to share files would be considered a peer-to-peer

network.

Though peer-to-peer networks are simple to configure, there are several key

disadvantages to this type of architecture. First, data is spread across

multiple devices, making it difficult to manage and back-up that data.

Second, security becomes problematic, as you must configure individual

permissions and user accounts on each host.

When using a client/server architecture, hosts are assigned specific roles.

Clients request data and services stored on Servers. Connecting Windows

XP workstations to a Windows 2003 domain controller would be considered

a client/server network.

While client/server environments tend to be more complex than peer-to-peer

networks, there are several advantages. With data now centrally located on

a server or servers, there is only one place to manage, back-up, and secure

that data. This simplified management allows client/server networks to scale

much larger than peer-to-peer. The key disadvantage of client/server

architecture is that it introduces a single point of failure.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Network “Architectures” (continued)

When using a mainframe/terminal architecture, often referred to as a thinclient

environment, a single device (the mainframe) stores all data and

services for the network. This provides the same advantage as a client/server

environment – centralized management and security of data.

Additionally, the mainframe performs all processing functions for the dumb

terminals (or thin-clients) that connect to the mainframe. The thin clients

perform no processing whatsoever, but serve only as input and output

devices into the mainframe. Put more simply, the mainframe handles all the

“thinking” for the thin-clients.

A typical hardware thin-client consists of a keyboard/mouse, a display, and

an interface card into the network. Software thin-clients are also prevalent,

and run on top of a client operating system (such as Windows XP or Linux).

Windows XP’s remote desktop is an example of a thin-client application.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 2

- OSI Reference Model -

Network Reference Models

As computer network communication grew more prevalent, the need for a

consistent standard for vendor hardware and software became apparent.

Thus, the first development of a network reference model began in the

1970’s, spearheaded by an international standards organization.

A network reference model serves as a blueprint, dictating how network

communication should occur. Programmers and engineers design products

that adhere to these models, allowing products from multiple manufacturers

to interoperate.

Network models are organized into several layers, with each layer assigned

a specific networking function. These functions are controlled by protocols,

which govern end-to-end communication between devices.

Without the framework that network models provide, all network hardware

and software would have been proprietary. Organizations would have been

locked into a single vendor’s equipment, and global networks like the

Internet would have been impractical or even impossible.

The two most widely recognized network reference models are:

• The Open Systems Interconnection (OSI) model

• The Department of Defense (DoD) model

The OSI model was the first true network model, and consisted of seven

layers. However, the OSI model has become deprecated over time, replaced

with more practical models like the TCP/IP (or DoD) reference model.

Network models are not physical entities. For example, there is no OSI

device. Devices and protocols operate at a specific layer of a model,

depending on the function. Not every protocol fits perfectly within a specific

layer, and some protocols spread across several layers.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

OSI Reference Model

The Open Systems Interconnection (OSI) model was developed in the

1970’s and formalized in 1983 by the International Organization for

Standardization (ISO). It was the first networking model, and provided the

framework governing how information is sent across a network.

The OSI Model (ISO standard 7498) consists of seven layers, each

corresponding to a particular network function:

7 Application

6 Presentation

5 Session

4 Transport

3 Network

2 Data-link

1 Physical

Various mnemonics have been devised to help people remember the order of

the OSI model’s layers:

7 Application All Away

6 Presentation People Pizza

5 Session Seem Sausage

4 Transport To Throw

3 Network Need Not

2 Data-link Data Do

1 Physical Processing Please

The ISO further developed an entire protocol suite based on the OSI model;

however, this OSI protocol suite was never widely implemented. More

common protocol suites can be difficult to fit within the OSI model’s layers,

and thus the model has been mostly deprecated.

A more practical model was developed by the Department of Defense

(DoD), and became the basis for the TCP/IP protocol suite (and

subsequently, the Internet). The DoD model is explained in detail later in

this guide.

The OSI model is still used predominantly for educational purposes, as

many protocols and devices are described by what layer they operate at.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The Upper Layers

The top three layers of the OSI model are often referred to as the upper

layers. Thus, protocols that operate at these layers are usually called upperlayer

protocols, and are generally implemented in software.

The function of the upper layers of the OSI model can be difficult to

visualize. The upper layer protocols do not fit perfectly within each layer;

and several protocols function at multiple layers.

The Application layer (Layer 7) provides the actual interface between the

user application and the network. The user directly interacts with this layer.

Examples of application layer protocols include:

• FTP (via an FTP client)

• HTTP (via a web-browser)

• SMTP (via an email client)

• Telnet

The Presentation layer (Layer 6) controls the formatting of user data,

whether it is text, video, sound, or an image. The presentation layer ensures

that data from the sending device can be understood by the receiving device.

Additionally, the presentation layer is concerned with the encryption and

compression of data.

Examples of presentation layer formats include:

• Text (RTF, ASCII, EBCDIC)

• Music (MIDI, MP3, WAV)

• Images (GIF, JPG, TIF, PICT)

• Movies (MPEG, AVI, MOV)

The Session layer (Layer 5) establishes, maintains, and ultimately

terminates connections between devices. Sessions can be full-duplex (send

and receive simultaneously), or half-duplex (send or receive, but not

simultaneously).

The four layers below the upper layers are often referred to as the lower

layers, and demonstrate the true benefit of learning the OSI model.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The Transport Layer

The Transport layer (Layer 4) is concerned with the reliable transfer of

data, end-to-end. This layer ensures (or in some cases, does not ensure) that

data arrives at its destination without corruption or data loss.

There are two types of transport layer communication:

• Connection-oriented - parameters must be agreed upon by both

parties before a connection is established.

• Connectionless – no parameters are established before data is sent.

Parameters that are negotiated by connection-oriented protocols include:

• Flow Control (Windowing) – dictating how much data can be sent

between acknowledgements

• Congestion Control

• Error-Checking

The transport layer does not actually send data. Instead, it segments data

into smaller pieces for transport. Each segment is assigned a sequence

number, so that the receiving device can reassemble the data on arrival.

Examples of transport layer protocols include Transmission Control

Protocol (TCP) and User Datagram Protocol (UDP). Both protocols are

covered extensively in another guide.

Sequenced Packet Exchange (SPX) is the transport layer protocol in the

IPX protocol suite.

The Network Layer

The Network layer (Layer 3) has two key responsibilities. First, this layer

controls the logical addressing of devices. Logical addresses are organized

as a hierarchy, and are not hard-coded on devices. Second, the network layer

determines the best path to a particular destination network, and routes the

data appropriately.

Examples of network layer protocols include Internet Protocol (IP) and

Internetwork Packet Exchange (IPX). IP version 4 (IPv4) and IP version 6

(IPv6) are covered in nauseating detail in separate guides.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The Data-Link Layer

The Data-Link layer (Layer 2) actually consists of two sub-layers:

• Logical Link Control (LLC) sub-layer

• Media Access Control (MAC) sub-layer

The LLC sub-layer serves as the intermediary between the physical link and

all higher layer protocols. It ensures that protocols like IP can function

regardless of what type of physical link is being used.

Additionally, the LLC sub-layer can use flow-control and error-checking,

either in conjunction with a transport layer protocol (such as TCP), or

instead of a transport layer protocol (such as UDP).

The MAC sub-layer controls access to the physical medium, serving as

mediator if multiple devices are competing for the same physical link.

Specific technologies have various methods of accomplishing this (for

example: Ethernet uses CSMA/CD, Token Ring utilizes a token).

The data-link layer packages the higher-layer data into frames, so that the

data can be put onto the physical wire. This packaging process is referred to

as framing or encapsulation. The encapsulation type used is dependent on

the underlying data-link/physical technology (such as Ethernet, Token Ring,

FDDI, Frame-Relay, etc.)

Included in this frame is a source and destination hardware (or physical)

address. Hardware addresses usually contain no hierarchy, and are often

hard-coded on a device. Each device must have a unique hardware address

on the network.

The Physical Layer

The Physical layer (Layer 1) controls the transferring of bits onto the

physical wire. Devices such as network cards, hubs, and cabling are all

considered physical layer equipment.

Physical-layer devices are covered extensively in other guides.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Explanation of Encapsulation

As data is passed from the user application down the virtual layers of the

OSI model, each of the lower layers adds a header (and sometimes a

trailer) containing protocol information specific to that layer. These headers

are called Protocol Data Units (PDUs), and the process of adding these

headers is called encapsulation.

For example, the Transport layer adds a header containing flow control and

sequencing information (when using TCP). The Network layer header adds

logical addressing information, and the Data-Link header contains physical

addressing and other hardware specific information.

The PDU of each layer is identified with a different term:

Layer PDU Name

Application -

Presentation -

Session -

Transport Segments

Network Packets

Data-Link Frames

Physical Bits

Each layer communicates with the corresponding layer on the receiving

device. For example, on the sending device, hardware addressing is placed

in a Data-Link layer header. On the receiving device, that Data-Link layer

header is processed and stripped away before it is sent up to the Network

and other higher layers.

Specific devices are often identified by the OSI layer the device operates at;

or, more specifically, what header or PDU the device processes. For

example, switches are usually identified as Layer-2 devices, as switches

process hardware (usually MAC) address information stored in the Data-

Link header of a frame.

Similarly, routers are identified as Layer-3 devices, as routers look for

logical (usually IP) addressing information in the Network header of a

packet.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

OSI Reference Model Example

The following illustrates the OSI model in more practical terms, using a web

browser as an example:

• At the Application layer, a web browser serves as the user interface for

accessing websites. Specifically, HTTP interfaces between the web

browser and the web server.

• The format of the data being accessed is a Presentation layer function.

Common data formats on the Internet include HTML, XML, PHP, GIF,

JPG, etc. Additionally, any encryption or compression mechanisms used

on a webpage are a function of this layer.

• The Session layer establishes the connection between the requesting

computer and the web server. It determines whether the communication

is half-duplex or full-duplex.

• The TCP protocol ensures the reliable delivery of data from the web

server to the client. These are functions of the Transport layer.

• The logical (in this case, IP) addresses configured on the client and web

server are a Network Layer function. Additionally, the routers that

determine the best path from the client to the web server operate at this

layer.

• IP addresses are translated to hardware addresses at the Data-Link

layer.

• The actual cabling, network cards, hubs, and other devices that provide

the physical connection between the client and the web server operate at

the Physical layer.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

IP and the DoD Model

The Internet Protocol (IP) was developed by the Department of Defense

(DoD) during the late 1970’s. It was included in a group of protocols that

became known as the TCP/IP protocol suite.

The DoD developed their own networking model to organize and define the

TCP/IP protocol suite. This became known as the DoD Model, and consists

of four layers:

OSI Model DoD Model

7 Application

6 Presentation

5 Session

4 Application

4 Transport 3 Host-to-Host

3 Network 2 Internet

2 Data-link

1 Physical

1 Network Access

The DoD model’s streamlined approach proved more practical, as several

protocols spread across multiple layers of the OSI Model.

The following chart diagrams where protocols fit in the DoD model:

Layer Example Protocols

Application FTP, HTTP, SMTP

Host-to-Host TCP, UDP

Internet IP

Network Access Ethernet

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 3

- Ethernet Standards -

What is Ethernet?

Ethernet has become the standard technology used in LAN networking. Over

time, the Ethernet standard has evolved to satisfy bandwidth requirements,

resulting in various IEEE “categories” of Ethernet:

• 802.3 - Ethernet (10 Mbps)

• 802.3u - Fast Ethernet (100 Mbps)

• 802.3z or 802.3ab - Gigabit Ethernet (1000 Mbps)

Various subsets of these Ethernet categories exist, operating at various speeds,

distances, and cable types:

Standard Cable Type Speed Max. Distance

10base2 Coaxial (thinnet) 10 Mbps 185 meters

10base5 Coaxial (thicknet) 10 Mbps 500 meters

10baseT Twisted-pair 10 Mbps 100 meters

100baseT Twisted-pair 100 Mbps 100 meters

1000baseSX Fiber (multi-mode) 1 Gbps >500 meters

1000baseLX Fiber (single-mode) 1 Gbps > 3 km

Half-Duplex vs. Full-Duplex

Ethernet devices can operate either at half-duplex, or full-duplex. At half

duplex, devices can either transmit or receive data, but not simultaneously.

Full-duplex allows devices to both transmit and receive at the same time.

Devices connected to a hub can only operate at half-duplex, whereas devices

connected to a switch can operate at full-duplex.

Half-duplex Ethernet uses Carrier Sense Multiple Access with Collision

Detect (CSMA/CD) to control media access. Devices monitor the physical

link, and will only transmit a frame if the link is idle. If two devices send a

packet simultaneously, a collision will occur. When a collision is detected, both

NICs will wait a random amount of time before resending their respective

packets. Full-duplex Ethernet does not use CSMA/CD.

Port speed and duplex can be either manually configured or auto-negotiated

with a hub or switch. However, a duplex mismatch will occur if one side is

configured manually, and the other configured for auto-negotiation.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Ethernet (10 Mbps)

The first incarnation of Ethernet operated at 10 Mbps, over thinnet

(10base2), thicknet (10base5), or twisted pair (10baseT) mediums.

Ethernet’s specifications were outlined in the IEEE 802.3 standard.

Even though the term “Ethernet” is widely used to describe any form of

Ethernet technology, technically the term refers to the 10 Mbps category.

The most common implementation of Ethernet is over Category 5 twistedpair

cable, with a maximum distance of 100 meters.

Full Duplex Ethernet allows devices to both send and receive

simultaneously, doubling the bandwidth to 20 Mbps per port. Only devices

connected to a switch can operate at Full Duplex.

Fast Ethernet

Fast Ethernet, or IEEE 802.3u, operates at 100 Mbps, utilizing Category 5

twisted-pair (100base-TX) or fiber cabling (100base-FX).

Full Duplex Fast Ethernet allows devices connected to a switch to both send

and receive simultaneously, doubling the bandwidth to 200 Mbps per port.

Many switches (and hubs) support both Ethernet and Fast Ethernet, and are

commonly referred to as 10/100 switches. These switches will autonegotiate

both port speed and duplex.

As mentioned earlier, it is also possible to statically configure this

information. Both the device and switch must be configured for autonegotiation

(or both configured with the same static settings), otherwise a

duplex mismatch error will occur.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Gigabit Ethernet

Gigabit Ethernet operates at 1000 Mbps, and can be utilized over Category

5e twisted-pair (1000baseT) or fiber cabling (1000baseSX or 1000baseLX).

Gigabit Ethernet over copper is defined in the IEEE 802.3ab standard.

Full Duplex Gigabit Ethernet allows devices connected to a switch to both

send and receive simultaneously, doubling the bandwidth to 2000 Mbps.

Newer switches can support Ethernet, Fast Ethernet, and Gigabit Ethernet

simultaneously, and are often referred to as 10/100/1000 switches. Again,

switches and devices can auto-negotiate both speed and duplex.

10 Gigabit Ethernet has also been developed, defined in the IEEE 802.3ae

standard, and currently can operate only over fiber cabling.

Twisted-Pair Cabling

Twisted-pair cable usually contains 2 or 4 pairs of wire, which are twisted

around each other to reduce crosstalk. Crosstalk is a form of

electromagnetic interference (EMI) or “noise” that reduces the strength and

quality of a signal. It is caused when the signal from one wire “bleeds” or

interferes with another wire’s signal.

Twisted-pair cabling can be either shielded or unshielded. Shielded twistedpair

is more resistant to from external EMI. Florescent light ballasts,

microwaves, and radio transmitters can all create EMI.

There are various categories of twisted-pair cable, identified by the number

of “twists per inch.”

• Category 3 (three twists per inch)

• Category 5 (five twists per inch)

• Category 5e (five twists per inch, pairs are twisted around each

other)

Category 5 (and 5e) twisted-pair cabling usually contains four pairs of wire

(eight wires total), and each wire is assigned a color:

• White Orange

• Orange

• White Green

• Green

• White Blue

• Blue

• White Brown

• Brown

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Types of Twisted-Pair Cables

Various types of twisted-pair cables can be used. A straight-through cable

is used in the following circumstances:

• From a host to a hub (or switch)

• From a router to a hub (or switch)

The pins (wires) on each end of a straight-through cable must be identical.

The most common straight-through standard is wired as follows:

White Orange

Orange

White Green

Blue

White Blue

Green

White Brown

Brown

------------------------

White Orange

Orange

White Green

Blue

White Blue

Green

White Brown

Brown

A cross-over cable is used in the following circumstances:

• From a host to a host

• From a hub to a hub

• From a switch to a switch

• From a hub to a switch

• From a router to a router

To make a crossover cable, we must swap pins 1 and 3, and pins 2 and 6 on

one end of the cable. The most common crossover standard is as follows:

White Orange

Orange

White Green

Blue

White Blue

Green

White Brown

Brown

------------------------

White Green

Green

White Orange

Blue

White Blue

Orange

White Brown

Brown

Remember, when connecting anything into a hub or switch, except for

another hub or switch, we use a straight-through cable. When connecting

“like” devices, we use a crossover cable.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Types of Twisted-Pair Cables (continued)

Finally, a roll-over cable is used to connect a PC into a Cisco router’s

console or auxiliary port.

The pins are completely reversed on one end to make a rollover cable:

White Orange

Orange

White Green

Blue

White Blue

Green

White Brown

Brown

------------------------

Brown

White Brown

Green

White Blue

Blue

White Green

Orange

White Orange

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 4

- Hubs vs. Switches vs. Routers -

Layered Communication

Network communication models are generally organized into layers. The

OSI model specifically consists of seven layers, with each layer

representing a specific networking function. These functions are controlled

by protocols, which govern end-to-end communication between devices.

As data is passed from the user application down the virtual layers of the

OSI model, each of the lower layers adds a header (and sometimes a

trailer) containing protocol information specific to that layer. These headers

are called Protocol Data Units (PDUs), and the process of adding these

headers is referred to as encapsulation.

The PDU of each lower layer is identified with a unique term:

# Layer PDU Name

7 Application -

6 Presentation -

5 Session -

4 Transport Segments

3 Network Packets

2 Data-link Frames

1 Physical Bits

Commonly, network devices are identified by the OSI layer they operate at

(or, more specifically, what header or PDU the device processes).

For example, switches are generally identified as Layer-2 devices, as

switches process information stored in the Data-Link header of a frame

(such as MAC addresses in Ethernet). Similarly, routers are identified as

Layer-3 devices, as routers process logical addressing information in the

Network header of a packet (such as IP addresses).

However, the strict definitions of the terms switch and router have blurred

over time, which can result in confusion. For example, the term switch can

now refer to devices that operate at layers higher than Layer-2. This will be

explained in greater detail in this guide.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Icons for Network Devices

The following icons will be used to represent network devices for all guides

on routeralley.com:

Router

Hub____ Switch___

Multilayer Switch

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-1 Hubs

Hubs are Layer-1 devices that physically connect network devices together

for communication. Hubs can also be referred to as repeaters.

Hubs provide no intelligent forwarding whatsoever. Hubs are incapable of

processing either Layer-2 or Layer-3 information, and thus cannot make

decisions based on hardware or logical addressing.

Thus, hubs will always forward every frame out every port, excluding the

port originating the frame. Hubs do not differentiate between frame types,

and thus will always forward unicasts, multicasts, and broadcasts out every

port but the originating port.

Ethernet hubs operate at half-duplex, which allows a device to either

transmit or receive data, but not simultaneously. Ethernet utilizes Carrier

Sense Multiple Access with Collision Detect (CSMA/CD) to control

media access. Host devices monitor the physical link, and will only transmit

a frame if the link is idle.

However, if two devices transmit a frame simultaneously, a collision will

occur. If a collision is detected, the hub will discard the frames and signal

the host devices. Both devices will wait a random amount of time before

resending their respective frames.

Remember, if any two devices connected to a hub send a frame

simultaneously, a collision will occur. Thus, all ports on a hub belong to the

same collision domain. A collision domain is simply defined as any

physical segment where a collision can occur.

Multiple hubs that are uplinked together still all belong to one collision

domain. Increasing the number of host devices in a single collision domain

will increase the number of collisions, which can significantly degrade

performance.

Hubs also belong to only one broadcast domain – a hub will forward both

broadcasts and multicasts out every port but the originating port. A broadcast

domain is a logical segmentation of a network, dictating how far a broadcast

(or multicast) frame can propagate.

Only a Layer-3 device, such as a router, can separate broadcast domains.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-2 Switching

Layer-2 devices build hardware address tables, which will contain the

following at a minimum:

• Hardware addresses for host devices

• The port each hardware address is associated with

Using this information, Layer-2 devices will make intelligent forwarding

decisions based on frame (Data-Link) headers. A frame can then be

forwarded out only the appropriate destination port, instead of all ports.

Layer-2 forwarding was originally referred to as bridging. Bridging is a

largely deprecated term (mostly for marketing purposes), and Layer-2

forwarding is now commonly referred to as switching.

There are some subtle technological differences between bridging and

switching. Switches usually have a higher port-density, and can perform

forwarding decisions at wire speed, due to specialized hardware circuits

called ASICs (Application-Specific Integrated Circuits). Otherwise,

bridges and switches are nearly identical in function.

Ethernet switches build MAC-address tables through a dynamic learning

process. A switch behaves much like a hub when first powered on. The

switch will flood every frame, including unicasts, out every port but the

originating port.

The switch will then build the MAC-address table by examining the source

MAC address of each frame. Consider the following diagram:

Computer A

Fa0/10 Fa0/11

Computer B

Switch

When ComputerA sends a frame to

ComputerB, the switch will add ComputerA’s

MAC address to its table, associating it with

port fa0/10. However, the switch will not

learn ComputerB’s MAC address until

ComputerB sends a frame to ComputerA, or

to another device connected to the switch.

Switches always learn from the source

MAC address.

A switch is in a perpetual state of learning. However, as the MAC-address

table becomes populated, the flooding of frames will decrease, allowing the

switch to perform more efficient forwarding decisions.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-2 Switching (continued)

While hubs were limited to half-duplex communication, switches can

operate in full duplex. Each individual port on a switch belongs to its own

collision domain. Thus, switches create more collision domains, which

results in fewer collisions.

Like hubs though, switches belong to only one broadcast domain. A Layer-

2 switch will forward both broadcasts and multicasts out every port but the

originating port. Only Layer-3 devices separate broadcast domains.

Because of this, Layer-2 switches are poorly suited for large, scalable

networks. The Layer-2 header provides no mechanism to differentiate one

network from another, only one host from another.

This poses significant difficulties. If only hardware addressing existed, all

devices would technically be on the same network. Modern internetworks

like the Internet could not exist, as it would be impossible to separate my

network from your network.

Imagine if the entire Internet existed purely as a Layer-2 switched

environment. Switches, as a rule, will forward a broadcast out every port.

Even with a conservative estimate of a billion devices on the Internet, the

resulting broadcast storms would be devastating. The Internet would simply

collapse.

Both hubs and switches are susceptible to switching loops, which result in

destructive broadcast storms. Switches utilize the Spanning Tree Protocol

(STP) to maintain a loop-free environment. STP is covered in great detail in

another guide.

Remember, there are three things that switches do that hubs do not:

• Hardware address learning

• Intelligent forwarding of frames

• Loop avoidance

Hubs are almost entirely deprecated – there is no advantage to using a hub

over a switch. At one time, switches were more expensive and introduced

more latency (due to processing overhead) than hubs, but this is no longer

the case.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-2 Forwarding Methods

Switches support three methods of forwarding frames. Each method copies

all or part of the frame into memory, providing different levels of latency

and reliability. Latency is delay - less latency results in quicker forwarding.

The Store-and-Forward method copies the entire frame into memory, and

performs a Cycle Redundancy Check (CRC) to completely ensure the

integrity of the frame. However, this level of error-checking introduces the

highest latency of any of the switching methods.

The Cut-Through (Real Time) method copies only enough of a frame’s

header to determine its destination address. This is generally the first 6 bytes

following the preamble. This method allows frames to be transferred at wire

speed, and has the least latency of any of the three methods. No error

checking is attempted when using the cut-through method.

The Fragment-Free (Modified Cut-Through) method copies only the first

64 bytes of a frame for error-checking purposes. Most collisions or

corruption occur in the first 64 bytes of a frame. Fragment-Free represents a

compromise between reliability (store-and-forward) and speed (cut-through).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-3 Routing

Layer-3 routing is the process of forwarding a packet from one network to

another network, based on the Network-layer header. Routers build routing

tables to perform forwarding decisions, which contain the following:

• The destination network and subnet mask

• The next hop router to get to the destination network

• Routing metrics and Administrative Distance

Note that Layer-3 forwarding is based on the destination network, and not

the destination host. It is possible to have host routes, but this is less

common.

The routing table is concerned with two types of Layer-3 protocols:

• Routed protocols - assigns logical addressing to devices, and routes

packets between networks. Examples include IP and IPX.

• Routing protocols - dynamically builds the information in routing

tables. Examples include RIP, EIGRP, and OSPF.

Each individual interface on a router belongs to its own collision domain.

Thus, like switches, routers create more collision domains, which results in

fewer collisions.

Unlike Layer-2 switches, Layer-3 routers also separate broadcast domains.

As a rule, a router will never forward broadcasts from one network to

another network (unless, of course, you explicitly configure it to).

Routers will not forward multicasts either, unless configured to participate in

a multicast tree. Multicast is covered in great detail in another guide.

Traditionally, a router was required to copy each individual packet to its

buffers, and perform a route-table lookup. Each packet consumed CPU

cycles as it was forwarded by the router, resulting in latency. Thus, routing

was generally considered slower than switching.

It is now possible for routers to cache network-layer flows in hardware,

greatly reducing latency. This has blurred the line between routing and

switching, from both a technological and marketing standpoint. Caching

network flows is covered in greater detail shortly.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Collision vs. Broadcast Domain Example

Consider the above diagram. Remember that:

• Routers separate broadcast and collision domains.

• Switches separate collision domains.

• Hubs belong to only one collision domain.

• Switches and hubs both only belong to one broadcast domain.

In the above example, there are THREE broadcast domains, and EIGHT

collision domains:

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

VLANs – A Layer-2 or Layer-3 Function?

By default, a switch will forward both broadcasts and multicasts out every

port but the originating port.

However, a switch can be logically segmented into multiple broadcast

domains, using Virtual LANs (or VLANs). VLANs are covered in

extensive detail in another guide.

Each VLAN represents a unique broadcast domain:

• Traffic between devices within the same VLAN is switched

(forwarded at Layer-2).

• Traffic between devices in different VLANs requires a Layer-3

device to communicate.

Broadcasts from one VLAN will not be forwarded to another VLAN. This

separation provided by VLANs is not a Layer-3 function. VLAN tags are

inserted into the Layer-2 header.

Thus, a switch that supports VLANs is not necessarily a Layer-3 switch.

However, a purely Layer-2 switch cannot route between VLANs.

Remember, though VLANs provide separation for Layer-3 broadcast

domains, and are often associated with IP subnets, they are still a Layer-2

function.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-3 Switching

In addition to performing Layer-2 switching functions, a Layer-3 switch

must also meet the following criteria:

• The switch must be capable of making Layer-3 forwarding decisions

(traditionally referred to as routing).

• The switch must cache network traffic flows, so that Layer-3

forwarding can occur in hardware.

Many older modular switches support Layer-3 route processors – this alone

does not qualify as Layer-3 switching. Layer-2 and Layer-3 processors can

act independently within a single switch chassis, with each packet requiring

a route-table lookup on the route processor.

Layer-3 switches leverage ASICs to perform Layer-3 forwarding in

hardware. For the first packet of a particular traffic flow, the Layer-3 switch

will perform a standard route-table lookup. This flow is then cached in

hardware – which preserves required routing information, such as the

destination network and the MAC address of the corresponding next-hop.

Subsequent packets of that flow will bypass the route-table lookup, and will

be forwarded based on the cached information, reducing latency. This

concept is known as route once, switch many.

Layer-3 switches are predominantly used to route between VLANs:

Traffic between devices within the same VLAN, such as ComputerA and

ComputerB, is switched at Layer-2 as normal. The first packet between

devices in different VLANs, such as ComputerA and ComputerD, is routed.

The switch will then cache that IP traffic flow, and subsequent packets in

that flow will be switched in hardware.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Layer-3 Switching vs. Routing – End the Confusion!

The evolution of network technologies has led to considerable confusion

over the terms switch and router. Remember the following:

• The traditional definition of a switch is a device that performs Layer-2

forwarding decisions.

• The traditional definition of a router is a device that performs Layer-3

forwarding decisions.

Remember also that, switching functions were typically performed in

hardware, and routing functions were typically performed in software. This

resulted in a widespread perception that switching was fast, and routing was

slow (and expensive).

Once Layer-3 forwarding became available in hardware, marketing gurus

muddied the waters by distancing themselves from the term router. Though

Layer-3 forwarding in hardware is still routing in every technical sense, such

devices were rebranded as Layer-3 switches.

Ignore the marketing noise. A Layer-3 switch is still a router.

Compounding matters further, most devices still currently referred to as

routers can perform Layer-3 forwarding in hardware as well. Thus, both

Layer-3 switches and Layer-3 routers perform nearly identical functions at

the same performance.

There are some differences in implementation between Layer-3 switches and

routers, including (but not limited to):

• Layer-3 switches are optimized for Ethernet, and are predominantly

used for inter-VLAN routing. Layer-3 switches can also provide

Layer-2 functionality for intra-VLAN traffic.

• Switches generally have higher port densities than routers, and are

considerably cheaper per port than routers (for Ethernet, at least).

• Routers support a large number of WAN technologies, while Layer-3

switches generally do not.

• Routers generally support more advanced feature sets.

Layer-3 switches are often deployed as the backbone of LAN or campus

networks. Routers are predominantly used on network perimeters,

connecting to WAN environments.

(Fantastic Reference: http://blog.ioshints.info/2011/02/how-did-we-ever-get-into-this-switching.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Multilayer Switching

Multilayer switching is a generic term, referring to any switch that

forwards traffic at layers higher than Layer-2. Thus, a Layer-3 switch is

considered a multilayer switch, as it forwards frames at Layer-2 and packets

at Layer-3.

A Layer-4 switch provides the same functionality as a Layer-3 switch, but

will additionally examine and cache Transport-layer application flow

information, such as the TCP or UDP port.

By caching application flows, QoS (Quality of Service) functions can be

applied to preferred applications.

Consider the following example:

Network and application traffic flows from ComputerA to the Webserver

and Fileserver will be cached. If the traffic to the Webserver is preferred,

then a higher QoS priority can be assigned to that application flow.

Some advanced multilayer switches can provide load balancing, content

management, and other application-level services. These switches are

sometimes referred to as Layer-7 switches.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 5

- Spanning Tree Protocol -

Switching Loops

By default, a switch will forward a broadcast or multicast out all ports,

excluding the port the broadcast/multicast was sent from.

When a loop is introduced into the network, a highly destructive broadcast

storm can develop within seconds. Broadcast storms occur when broadcasts

are endlessly switched through the loop, choking off all other traffic.

Consider the following looped environment:

Switch 1

Switch 2 Switch 3

Switch 4 Switch 5

If the computer connected to Switch 4 sends out a broadcast, the switch will

forward the broadcast out all ports, including the ports connecting to Switch

2 and Switch 5. Those switches, likewise, will forward that broadcast out all

ports, including to their neighboring switches.

The broadcast will loop around the switches infinitely. In fact, there will be

two separate broadcast storms cycling in opposite directions through the

switching loop. Only powering off the switch or physically removing the

loop will stop the storm.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Spanning Tree Protocol (STP)

Switches (and bridges) needed a mechanism to prevent loops from forming,

and thus Spanning Tree Protocol (STP, or IEEE 802.1D) was developed.

STP is enabled by default on all VLANs on Catalyst switches.

STP-enabled switches communicate to form a topology of the entire

switching network, and then shutting down (or blocking) a port if a loop

exists. The blocked port can be reactivated if another link on the switching

network goes down, thus preserving fault-tolerance. Once all switches agree

on the topology database, the switches are considered converged.

STP switches send BPDU’s (Bridge Protocol Data Units) to each other to

form their topology databases. BPDU’s are sent out all ports every two

seconds, are forwarded to a specific MAC multicast address:

0180.c200.0000.

STP Types

Various flavors of 802.1D STP exist, including:

• Common Spanning Tree (CST) – A single STP process is used for

all VLANs.

• Per-VLAN Spanning Tree (PVST) – Cisco proprietary version of

STP, which employs a separate STP process for each VLAN.

• Per-VLAN Spanning Tree Plus (PVST+) – Enhanced version of

PVST that allows CST-enabled switches and PVST-enabled switches

to interoperate. This is default on newer Catalyst switches.

The STP Process

To maintain a loop-free environment, STP performs the following functions:

• A Root Bridge is elected

• Root Ports are identified

• Designated Ports are identified

• If a loop exists, a port is placed in Blocking state. If the loop is

removed the blocked port is activated again.

If multiple loops exist in the switching environment, multiple ports will be

placed in a blocking state.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Electing an STP Root Bridge

The first step in the STP process is electing a Root Bridge, which serves as

the centralized point of the STP topology. Good design practice dictates that

the Root Bridge be placed closest to the center of the STP topology.

The Root Bridge is determined by a switch’s priority. The default priority is

32,768, and the lowest priority wins. In case of a tie in priority, the switch

with the lowest MAC address will be elected root bridge. The combination

of a switch’s priority and MAC address make up that switch’s Bridge ID.

Consider the following example:

Remember that the lowest priority determines the Root Bridge. Switches 2,

3, and 5 have the default priority set. Switches 1 and 4 each have a priority

of 100 configured. However, Switch 1 will become the root bridge, as it has

the lowest MAC address.

Switches exchange BPDU’s to perform the election process. By default, all

switches “believe” they are the Root Bridge, until a switch with a lower

Bridge ID is discovered.

Root Bridge elections are a continuous process. If a new switch with a lower

Bridge ID is added to the topology, it will be elected as the new Root

Bridge.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Identifying Root Ports

The second step in the STP process is identifying Root Ports, or the port on

each switch that has the lowest path cost to get to the Root Bridge. Each

switch has only one Root Port, and the Root Bridge cannot have a Root Port.

Path Cost is a cumulative cost based on the bandwidth of the links. The

higher the bandwidth, the lower the Path Cost:

Bandwidth Cost

4 Mbps 250

10 Mbps 100

16 Mbps 62

100 Mbps 19

1 Gbps 4

Consider the following example:

Assume the links between all switches are 10Mbps Ethernet, with a Path

Cost of 100. Each switch will identify the port with the least cumulative Path

Cost to get to the Root Bridge.

For Switch 4, the port leading up to Switch 2 has a Path Cost of 200, and

becomes the Root Port. The port to Switch 5 has a higher Path Cost of 300.

The Root Port is said to have received the most superior BPDU to the Root

Bridge. Likewise, non-Root Ports are said to have received inferior BPDU’s

to the Root Bridge.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Identifying Designated Ports

The third and final step in the STP process is to identify Designated Ports.

Each network segment requires a single Designated Port, which has the

lowest path cost leading to the Root Bridge. This port will not be placed in a

blocking state. A port cannot be both a Designated Port and a Root Port.

Consider the following example:

Ports on the Root Bridge are never placed in a blocking state, and thus

become Designated Ports for directly attached segments.

The network segments between Switches 2 and 4, and between Switches 3

and 5, both require a Designated Port. The ports on Switch 2 and Switch 3

have the lowest Path Cost to the Root Bridge for the two respective

segments, and thus both become Designated Ports.

The segment between Switch 4 and Switch 5 does not contain a Root Port.

One of the ports must be elected the Designated Port for that segment, and

the other must be placed in a blocking state.

Normally, Path Cost is used to determine which port is blocked. However,

the ports connecting Switches 4 and 5 have the same Path Cost to reach the

Root Bridge (200). Whichever switch has the lowest Bridge ID is awarded

the Designated Port. Whichever switch has the highest Bridge ID has its

port placed in a blocking state. In this example, Switch 4 has the lowest

priority, and thus Switch 5’s port goes into a blocking state.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Port ID

In certain circumstances, a tie will occur in both Path Cost and Bridge ID.

Consider the following example:

Switch 1

Root Bridge

Switch 2

Fa0/10 Fa0/11

If the bandwidth of both links are equal, then both of Switch 2’s interfaces

have an equal path cost to the Root Bridge. Which interface will become the

Root Port? The tiebreaker should be the lowest Bridge ID, but that cannot be

used in this circumstance (unless Switch 2 has become schizophrenic).

In this circumstance, Port ID will be used as the tiebreaker. An interface’s

Port ID consists of two parts - a 6-bit port priority value, and the MAC

address for that port. Whichever interface has the lowest Port ID will

become the Root Port.

By default, the port priority of an interface is 128. Lowering this value will

ensure a specific interface becomes the Root Port:

Switch(config)# int fa0/10

Switch(config-if)# spanning-tree port-priority 50

Remember, that port priority is the last tiebreaker STP will consider. STP

decides Root and Designated Ports based on the following criteria, and in

this order:

• Lowest Path Cost to the Root Bridge

• Lowest Bridge ID

• Lowest Port ID

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Extended System IDs

Normally, a switch’s Bridge ID is a 64-bit value that consists of a 16-bit

Bridge Priority value, and a 48-bit MAC address.

However, it is possible to include a VLAN ID, called an extended System

ID, into a Bridge ID. Instead of adding bits to the existing Bridge ID, 12 bits

of the Bridge Priority value are used for this System ID, which identifies the

VLAN this STP process represents.

Because 12 bits have been stolen from the Bridge Priority field, the range of

priorities has been reduced. Normally, the Bridge Priority can range from 0

(or off) to 65,535, with a default value of 32,768. With extended System ID

enabled, the Priority range would be 0 – 61,440, and only in multiples of

4,096.

To enable the extended System ID:

Switch(config)# spanning-tree extend system-id

Enabling extended System ID accomplishes two things:

• Increases the amount of supported VLANs on the switch from 1005 to

4094.

• Includes the VLAN ID as part of the Bridge ID.

Thus, when this command is enabled, the 64-bit Bridge ID will consist of the

following:

• 4-bit Priority Value

• 12-bit System ID value (VLAN ID)

• 48-bit MAC address

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Per-VLAN Spanning Tree (PVST) Example

Remember that PVST+ is the default implementation of STP on Catalyst

switches. Thus, each VLAN on the switch is allotted its own STP process.

Consider the following example:

With Common Spanning Tree (CST), all VLANS would belong to the same

STP process. Thus, if one Switch 4’s ports entered a blocking state to

eliminate the loop, all VLANs would be blocked out that port. For efficiency

purposes, this may not be ideal.

In the above examples, the benefit of PVST becomes apparent. STP runs a

separate process for each VLAN, allowing a port to enter a blocking state

only for that specific VLAN. Thus, it is possible to load balance VLANs,

allowing traffic to flow more efficiently.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

STP Port States

Switch ports participating in STP progress through five port states:

Blocking – The default state of an STP port when a switch is powered on,

and when a port is shut down to eliminate a loop. Ports in a blocking state do

not forward frames or learn MAC addresses. It will still listen for BPDUs

from other switches, to learn about changes to the switching topology.

Listening – A port will progress from a Blocking to a Listening state only if

the switch believes that the port will not be shut down to eliminate a loop.

The port will listen for BPDU’s to participate in the election of a Root

Bridge, Root Ports, and Designated Ports. Ports in a listening state will not

forward frames or learn MAC addresses.

Learning – After a brief period of time, called a Forward Delay, a port in a

listening state will be elected either a Root Port or Designated Port, and

placed in a learning state. Ports in a learning state listen for BPDUs, and also

begin to learn MAC addresses. However, ports in a learning state will still

not forward frames.

(Note: If a port in a listening state is not kept as a Root or a Designated Port,

it will be placed into a blocking state and not a learning state.)

Forwarding – After another Forward Delay, a port in learning mode will be

placed in forwarding mode. Ports in a forwarding state can send and receive

all data frames, and continue to build the MAC address table. All designated,

root, and non-uplink ports will eventually be placed in a forwarding state.

Disabled – A port in disabled state has been administratively shut down, and

does not participate in STP or forward frames at all.

On average, a port in a blocking state will take 30 to 50 seconds to reach a

forwarding state.

To view the current state of a port (such fa0/10):

Switch# show spanning-tree interface fa0/10

Interface Fa0/10 in Spanning tree 1 is Forwarding

Port path cost 100, Port priority 128

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.1/8aew/configuration/guide/spantree.html#wp1020487)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

STP Timers

STP utilizes three timers to ensure all switches remain synchronized, and to

allow enough time for the Spanning Tree process to ensure a loop-free

environment.

• Hello Timer – Default is 2 seconds. Indicates how often BPDU’s are

sent by switches.

• Forward Delay – Default is 15 seconds. Indicates a delay period in

both the listening and learning states of a port, for a total of 30

seconds. This delay ensures STP has ample time to detect and

eliminate loops.

• Max Age – Default is 20 seconds. Indicates how long a switch will

keep BPDU information from a neighboring switch before discarding

it. In other words, if a switch fails to receive BPDU’s from a

neighboring switch for the Max Age period, it will remove that

switch’s information from the STP topology database.

All timer values can be adjusted, and should only be adjusted on the Root

Bridge. The Root Bridge will propagate the changed timers to all other

switches participating in STP. Non-Root switches will ignore their locally

configured timers.

To adjust the three STP timers for VLAN 10:

Switch(config)# spanning-tree vlan 10 hello-time 10

Switch(config)# spanning-tree vlan 10 forward-time 20

Switch(config)# spanning-tree vlan 10 max-age 40

The timers are measured in seconds. The above examples represent the

maximum value each timer can be configured to.

Remember that STP is configured on a VLAN by VLAN basis on Catalyst

Switches.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

STP Topology Changes

Switch 1

Root Bridge

Switch 2 Switch 3

Switch 4 Switch 5

Root Port Root Port

An STP topology change will occur under two circumstances:

• When an interface is placed into a Forwarding state.

• When an interface already in a Forwarding or Learning state is placed

into a Blocking state.

The switch recognizing this topology change will send out a TCN

(Topology Change Notification) BPDU, destined for the Root Bridge. The

TCN BPDU does not contain any data about the actual change – it only

indicates that a change occurred.

For example, if the interface on Switch 4 connecting to Switch 5 went down,

Switch 4 would send a TCN out its Root Port to Switch 2. Switch 2 will

acknowledge this TCN by sending a BPDU back to Switch 4 with the

Topology Change Acknowledgement (TCA) bit set. Switch 2 would then

forward the TCN out its Root Port to Switch 1 (the Root Bridge).

Once the Root Bridge receives the TCN, it will send out a BPDU with the

Topology Change (TC) bit set to all switches. When a switch receives this

Root BPDU, it will temporarily lower its MAC-address Aging Timer from

300 seconds to 15 seconds, so that any erroneous MAC addresses can be

quickly flushed out of the CAM table.

The MAC-Address Aging Timer will stay lowered to 15 seconds for a

period of 35 seconds by default, or one Max Age (20 seconds) plus one

Forward Delay (15 seconds) timer.

(Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_tech_note09186a0080094797.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Basic STP Configuration

To disable STP for a specific VLAN:

Switch(config)# no spanning-tree vlan 10

To adjust the Bridge Priority of a switch from its default of 32,768, to

increase its chances of being elected Root Bridge of a VLAN:

Switch(config)# spanning-tree vlan 10 priority 150

To change an interface’s Path Cost from its defaults:

Switch(config)# int fa0/24

Switch(config-if)# spanning-tree cost 42

To force a switch to become the Root Bridge:

Switch(config)# spanning-tree vlan 10 root primary

The root primary parameter in the above command automatically lowers the

switch’s priority to 24,576. If another switch on the network has a lower

priority than 24,576, the above command will lower the priority by 4096 less

than the priority of the other switch.

It is possible to assign a Secondary Root Bridge for redundancy. To force a

switch to become a Secondary Root Bridge:

Switch(config)# spanning-tree vlan 10 root secondary

The root secondary parameter in the above command automatically lowers

the switch’s priority to 28,672.

To specify the diameter of the switching topology:

Switch(config)# spanning-tree vlan 10 root primary diameter 7

The diameter parameter in the preceding command indicates the length of

the STP topology (number of switches). The maximum (and default) value

for the diameter is 7. Note that the switching topology can contain more than

seven switches; however, each branch of the switching tree can only extend

seven switches deep, from the Root Bridge.

The diameter command will also adjust the Hello, Forward Delay, and Max

Age timers. This is the recommended way to adjust timers, as the hello

timers are tuned specifically to the diameter of the switching network.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

STP PortFast

PortFast allows switch ports that connect a host device (such as a printer or

a workstation), to bypass the usual progression of STP states. Theoretically,

a port connecting to a host device can never create a switching loop. Thus,

Port Fast allows the interface to move from a blocking state to a forwarding

state immediately, eliminating the normal 30 second STP delay.

To configure PortFast on an interface:

Switch(config)# int fa0/10

Switch(config-if)# spanning-tree portfast

To enable PortFast globally on all interfaces:

Switch(config)# spanning-tree portfast default

PortFast should not be enabled on switch ports connecting to another

hub/switch, as this may result in a loop. Note that PortFast does not disable

STP on an interface - it merely speeds up the convergence.

PortFast additionally reduces unnecessary BPDU traffic, as TCN BPDU’s

will not be sent out for state changes on a PortFast-enabled interface.

STP UplinkFast

Switches can have multiple uplinks to other upstream switches. If the

multiple links are not placed in an EtherChannel, then at least one of the

ports is placed into a blocking state to eliminate the loop.

If a directly-connected interface goes down, STP needs to perform a

recalculation to bring the other interface out of a blocking state. As stated

earlier, this calculation can take from 30 to 50 seconds.

UplinkFast allows the port in a blocking state to be held in standby-mode,

and activated immediately if the forwarding interface fails. If multiple ports

are in a blocking state, whichever port has the lowest Root Path Cost will

become unblocked. The Root Bridge cannot have UplinkFast enabled.

UplinkFast is configured globally for all VLANs on the switch:

Switch(config)# spanning-tree uplinkfast

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_35_se/configuration/guide/swstpopt.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

STP BackboneFast

While UplinkFast allows faster convergence if a directly-connected interface

fails, BackboneFast provides the same benefit is an indirectly-connected

interface fails.

For example, if the Root Bridge fails, another switch will be elected the

Root. A switch learning about the new Root Bridge must wait its Max Age

timer to flush out the old information, before it will accept the updated info.

By default, the Max Age timer is 20 seconds.

BackboneFast allows a switch to bypass the Max Age timer if it detects an

indirect failure on the network. It will update itself with the new Root info

immediately.

BackboneFast is configured globally, and should be implemented on all

switches in the network when used:

Switch(config)# spanning-tree backbonefast

Protecting STP

STP is vulnerable to attack for two reasons:

• STP builds its topology information by accepting a neighboring

switch’s BPDU’s.

• The Root Bridge is always determined by the lowest Bridge ID.

Switches with a low priority can be maliciously placed on the network, and

elected the Root Bridge. This may result in a suboptimal or unstable STP

topology.

Cisco implemented three mechanisms to protect the STP topology:

• Root Guard

• BPDU Guard

• BPDU Filtering

All three mechanisms are configured on an individual interface basis, and

are disabled by default. When enabled, these mechanisms apply to all

VLANs for that particular interface.

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_35_se/configuration/guide/swstpopt.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Root Guard

Root Guard prevents an unauthorized switch from advertising itself as a

Root Bridge.

Switch(config)# interface fa0/10

Switch(config-if)# spanning-tree guard root

The above command will prevents the switch from accepting a new Root

Bridge off of the fa0/10 interface. If a Root Bridge advertises itself to this

port, the port will enter a root-inconsistent state (a pseudo-blocking state):

Switch# show spanning-tree inconsistentports

Name Interface Inconsistency

-------------------- -------------------- ------------------

VLAN100 FastEthernet0/10 Root Inconsistent

BPDU Guard and BPDU Filtering

BPDU Guard is employed on interfaces that are PortFast-enabled. Under

normal circumstances, a PortFast-enabled interface connects to a host

device, and thus the interface should never receive a BPDU.

If another switch is accidentally or maliciously connected into a PortFast

interface, BPDU Guard will place the interface into an errdisable state.

More accurately, if an interface configured for BPDU Guard receives a

BPDU, then the errdisable state will occur. To enable BPDU Guard:

Switch(config)# interface fa0/10

Switch(config-if)# spanning-tree bpduguard enable

To take an interface out of an errdisable state, simply disable and re-enable

the interface:

Switch(config)# interface fa0/10

Switch(config-if)# shutdown

Switch(config-if)# no shutdown

BPDU Filtering essentially disables STP on a particular interface, by

preventing it from sending or receiving BPDU’s:

Switch(config)# interface fa0/10

Switch(config-if)# spanning-tree bpdufilter enable

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Unidirectional Link Detection (UDLD)

Most communication in a switching network is bi-directional. STP requires

that switches send BPDU’s bi-directionally to build the topology database. If

a malfunctioning switch port only allows traffic one way, and the switch still

sees that port as up, a loop can form without the switch realizing it.

Unidirectional Link Detection (UDLD) periodically tests ports to ensure

bi-directional communication is maintained. UDLD sends out ID frames on

a port, and waits for the remote switch to respond with its own ID frame. If

the remote switch does not respond, UDLD assumes the interface has

malfunctioned and become unidirectional.

By default, UDLD sends out ID frames every 15 seconds, and must be

enabled on both sides of a link. UDLD can run in two modes:

• Normal Mode – If a unidirectional link is detected, the port is not

shut down, but merely flagged as being in an undetermined state

• Aggressive Mode – If a unidirectional link is detected, the port is

placed in an errdisable state

UDLD can be enabled globally (but only for Fiber ports on the switch):

Switch(config)# udld enable message time 20

Switch(config)# udld aggressive message time 20

The enable parameter sets UDLD into normal mode, and the aggressive

parameter is for aggressive mode (obviously). The message time parameter

modifies how often ID frames are sent out.

UDLD can be configured on individual interfaces:

Switch(config-if)# udld enable

Switch(config-if)# udld aggressive

Switch(config-if)# udld disable

To view UDLD status on ports, or re-enable UDLD errdisabled ports:

Switch# show udld

Switch# udld reset

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

STP Troubleshooting Commands

To view STP information for a specific VLAN:

Switch# show spanning-tree vlan 100

VLAN0100

Spanning tree enabled protocol ieee

Root ID Priority 24576

Address 00a.5678.90ab

Cost 19

Port 24 (FastEthernet0/24)

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Bridge ID Priority 32768 (priority 32768 sys-id-ext 1)

Address 000c.1234.abcd

Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr

----------------- --- ----- ----------- ----------------

Fa0/24 Root FWD 19 128.24

Fa0/23 Altn BLK 19 128.23

To view STP information for all VLANS:

Switch# show spanning-tree

To view detailed STP interface information:

Switch# show spanning-tree detail

VLAN100 is executing the ieee compatible Spanning Tree protocol

Bridge Identifier has priority 32768, address 000c.1234.abcd

Configured hello time 2, max age 20, forward delay 15

Port 23 (FastEthernet0/23) of VLAN100 is forwarding

Port path cost 19, Port priority 128, Port Identifier 128.23.

Designated root has priority 24576, address 00a.5678.90ab

Designated bridge has priority 24576, address 00a.5678.90ab

Designated port id is 128.23, designated path cost 0

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.1E/native/command/reference/show4.html#wp1026768)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Rapid Spanning Tree Protocol (RSTP)

To further alleviate the 30 to 50 second convergence delays with STP,

enhancements were made to the original IEEE 802.1D standard. The result

was 802.1w, or Rapid Spanning Tree Protocol (RSTP).

RSTP is similar in many respects to STP. BPDU’s are forwarded between

switches, and a Root Bridge is elected, based on the lowest Bridge ID. Root

Ports and Designated Ports are also elected. RSTP defines five port types:

• Root Port – Switch port on each switch that has the best Path Cost to

the Root Bridge (same as STP).

• Alternate Port – A backup Root Port, that has a less desirable Path

Cost. An Alternate Port is placed in a discarding state.

• Designated Port – Non-Root port that represents the best Path Cost

for each network segment to the Root Bridge (same as STP).

Designated ports are also referred to as Point-to-Point ports.

• Backup Port – A backup Designated Port, that has a less desirable

Path Cost. A Backup Port is placed in a discarding state.

• Edge Port – A port connecting a host device, which is moved to a

Forwarding state immediately. If an Edge Port receives a BPDU, it

will lose its Edge Port status and participate in RSTP calculations. On

Cisco Catalyst switches, any port configured with PortFast becomes

an Edge Port.

The key benefit of RSTP is speedier convergence. Switches no longer

require artificial Forwarding Delay timers to ensure a loop-free environment.

Switches instead perform a handshake synchronization to ensure a

consistent topology table. During initial convergence, the Root Bridge and

its directly-connected switches will place their interfaces in a discarding

state. The Root Bridge and those switches will exchange BPDU’s,

synchronize their topology tables, and then place their interfaces in a

forwarding state.

Each switch will then perform the same handshaking process with their

downstream neighbors. The result is convergence that completes in a few

seconds, as opposed to 30 to 50 seconds.

(Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Rapid Spanning Tree Protocol (RSTP) (continued)

Changes to the RSTP topology are also handled more efficiently than

802.1D STP.

Recall in that in 802.1D STP, a switch recognizing a topology change will

send out a TCN (Topology Change Notification) BPDU, destined for the

Root Bridge. Once the Root Bridge receives the TCN, it will send out a

BPDU with the Topology Change (TC) bit set to all switches. When a

switch receives this Root BPDU, it will temporarily lower its MAC-address

Aging Timer from 300 seconds to 15 seconds, so that any erroneous MAC

addresses can be quickly flushed out of the CAM table.

In RSTP, a switch recognizing a topology change does not have to inform

the Root Bridge first. Any switch can generate and forward a TC BPDU. A

switch receiving a TC BPDU will flush all MAC addresses learned on all

ports, except for the port that received the TC BPDU.

RSTP incorporates the features of UplinkFast by allowing Alternate and

Backup ports to immediately enter a Forwarding state, if the primary Root or

Designated port fails. RSTP also inherently employs the principles of

BackboneFast, by not requiring an arbitrary Max Age timer for accepting

inferior BPDU’s if there is an indirect network failure.

802.1w RSTP is backwards-compatible with 802.1D STP. However, when

RSTP switches interact with STP switches, RSTP loses its inherent

advantages, as will perform according to 802.1D specifications.

Two separate standards of RSTP have been developed:

• Rapid Per-VLAN Spanning Tree Protocol (RPVST+) – Cisco’s

proprietary implementation of RSTP.

• Multiple Spanning Tree (MST) – The IEEE 802.1s standard or

RSTP.

(Reference: http://www.cisco.com/en/US/tech/tk389/tk621/technologies_white_paper09186a0080094cfa.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Multiple Spanning Tree (MST)

Earlier in this guide, two types of STP were defined:

• Common Spanning Tree (CST) – All VLANs utilize one STP

process

• Per-VLAN Spanning Tree (PVST) – Each VLAN is allotted its own

STP process

PVST allows for more efficient traffic flow throughout the switching

network. However, each VLAN must run its own separate STP process,

often placing an extreme burden on the switch’s processor.

Multiple Spanning Tree (MST) allows groups of VLANs to be allotted

their own STP process. Each STP process is called an instance. MST

separates the STP topology into regions that must contain identical

parameters, including:

• Configuration Name - a 32-bit value similar to a VTP domain

• Revision Number – a 16-bit value that identifies the current MST

configuration’s revision.

• VLAN-to-Instance Mappings

Each region runs its own Internal Spanning Tree (IST) to eliminate loops

within that region. IST is essentially an enhanced form of RSTP that

supports MST-specific parameters.

MST is fully compatible with all other implementations of STP.

(Reference: http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/31sg/configuration/guide/spantree.pdf)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

MST Configuration

MST must first be enabled globally on a switch:

Switch(config)# spanning-tree mode mst

Most other MST configuration is completed in “MST Configuration” mode:

Switch(config)# spanning-tree mst configuration

To configure the switch’s MST Configuration Name:

Switch(config-mst)# name MYMSTNAME

To configure the switch’s Revision Number:

Switch(config-mst)# revision 10

To map VLANs to a specific MST instance:

Switch(config-mst)# instance 2 vlan 1-100

A maximum of 16 instances are allowed (0 – 15). By default, all VLANs

belong to instance 0. Recall that the above three parameters (configuration

name, revision number, and mappings) must be identical on all MST

switches in a region.

To view the changes to the configuration:

Switch(config-mst)# show pending

Pending MST configuration

Name [MYMSTNAME]

Revision 10

Instance Vlans mapped

-------- -------------------------------------------------

0 101-4094

2 1-100

All other configuration of MST is identical to standard STP, with two

exceptions. The parameter “mst” must be used, and all settings are applied

to instances instead of VLANs.

Switch(config)# spanning-tree mst 2 root primary

Switch(config)# spanning-tree mst 2 priority 32000

The above two configurations are applied to MST Instance 2.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 6

- IPv4 Addressing and Subnetting -

Hardware Addressing

The hardware address is used by devices to communicate on the local

network. Hardware addressing is a function of the data-link layer of the OSI

model (Layer-2).

The hardware address for Ethernet networks is the MAC address, a 48-bit

hexadecimal address that is usually hard-coded on the network card. In

theory, this means the MAC address cannot be altered; however, the MAC

address is often stored in flash on the NIC, and thus can be changed with

special utilities.

MAC addresses can be represented in two formats (either notation is

acceptable):

00:43:AB:F2:32:13

0043.ABF2.3213

The MAC address has one shortcoming – it contains no hierarchy. There is

no mechanism to create boundaries between networks.

Instead, the first six hexadecimal digits of a MAC identify the manufacturer

of the network card (referred to as the OUI (Organizational Unique

Identifier)), and the last 6 digits identify the host device (referred to as the

host ID). Still, there is no way to distinguish one network from another.

Imagine the difficulties this poses. If only hardware addressing existed, all

devices would technically be on the same network. Modern internetwork

systems like the Internet could not exist, as there would be no way to

separate my network from your network.

Furthermore, imagine if the entire Internet was a purely switched, data-link

layer environment. Switches, as a rule, forward broadcasts out all ports.

Guesstimating that there are billions devices on the Internet, with each

device sending out a broadcast on average every few seconds, the resulting

broadcast storms would be devastating. The Internet would simply collapse.

The need for logical addressing, and routers, became apparent.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Logical Addressing

Logical addressing is a function of the network layer of the OSI Model

(Layer-3).

Logical addresses, unlike hardware addresses, provide a hierarchical

structure to separate networks. A logical address identifies not only a unique

Host ID, but also the network that host belongs to. Additionally, logical

addresses are rarely hard-coded onto hosts, and can be changed freely.

Two common logical addressing protocols are IPX (Internetwork Packet

Exchange) and IP (Internet Protocol). IPX was predominantly used on

Novell networks, but is mostly deprecated. IP is the most widely-used

logical address today.

Internet Protocol (IP)

IP was developed by the Department of Defense (DoD) during the late

1970’s. It was included in a group of protocols that became known as the

TCP/IP protocol suite.

The DoD developed their own networking model to organize and define the

TCP/IP protocol suite. This became known as the DoD Model, and consists

of four layers:

OSI Model DoD Model Example Protocols

7 Application

6 Presentation

5 Session

4 Application FTP, HTTP, SMTP

4 Transport 3 Host-to-Host TCP, UDP

3 Network 2 Internet IP

2 Data-link

1 Physical

1 Network Access Ethernet

IP provides two core functions:

• Logical addressing of hosts

• Routing of packets between networks.

IP has undergone several revisions. IP Version 4 (IPv4) is currently in

widespread deployment, but will eventually be replaced with IP Version 6

(IPv6). This guide will concentrate on IPv4, and IPv6 will be covered

extensively in a separate guide.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

IPv4 Addressing

One of IP’s core functions is to provide logical addressing for hosts. An IP

address provides a hierarchical structure to separate networks. Consider the

following address as an example:

158.80.164.3

An IP address is separated into four octets:

First Octet

Second Octet Third Octet Fourth Octet

158 .80 .164 .3

Each octet is 8 bits long, resulting in a 32-bit IP address. A computer

understands an IP address in its binary form; the above address in binary

would look as follows:

First Octet

Second Octet Third Octet Fourth Octet

10011110 .01010000 .10100100 .00000011

Part of the above IP address identifies the network. The other part of the

address identifies the host. A subnet mask helps make this distinction.

Consider the following:

158.80.164.3 255.255.0.0

The above IP address has a subnet mask of 255.255.0.0. The subnet mask

follows two rules:

• If a binary bit is set to a 1 (or on) in a subnet mask, the corresponding

bit in the address identifies the network.

• If a binary bit is set to a 0 (or off) in a subnet mask, the corresponding

bit in the address identifies the host.

Looking at the above address and subnet mask in binary:

Address: 10011110.01010000.10100100.00000011

Subnet Mask: 11111111.11111111.00000000.00000000

The first 16 bits of the subnet mask are set to 1. Thus, the first 16 bits of the

address (158.80) identify the network. The last 16 bits of the subnet mask are

set to 0. Thus, the last 16 bits of the address (164.3) identify the unique host

on that network.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

IPv4 Addressing (continued)

Hosts on the same logical network will have identical network addresses,

and can communicate freely. For example, the following two hosts are on

the same network:

Host A: 158.80.164.100 255.255.0.0

Host B: 158.80.164.101 255.255.0.0

Both share the same network address (158.80), which is determined by the

255.255.0.0 subnet mask. Hosts that are on different networks cannot

communicate without an intermediating device. For example:

Host A: 158.80.164.100 255.255.0.0

Host B: 158.85.164.101 255.255.0.0

The subnet mask has remained the same, but the network addresses are now

different (158.80 and 158.85 respectively). Thus, the two hosts are not on

the same network, and cannot communicate without a router between them.

Routing is the process of sending packets from one network to another.

Consider the following, trickier example:

Host A: 158.80.1.1 255.248.0.0

Host B: 158.79.1.1 255.248.0.0

The specified subnet mask is now 255.248.0.0, which doesn’t fall cleanly on

an octet boundary. To determine if these hosts are on separate networks, first

convert everything to binary:

Host A Address: 10011110.01010000.00000001.00000001

Host B Address: 10011110.01001111.00000001.00000001

Subnet Mask: 11111111.11111000.00000000.00000000

Remember, the 1 (or on) bits in the subnet mask identify the network portion

of the address. In this example, the first 13 bits (the 8 bits of the first octet,

and the first 5 bits of the second octet) identify the network. Looking at only

the first 13 bits of each address:

Host A Address: 10011110.01010

Host B Address: 10011110.01001

Clearly, the network addresses are not identical. Thus, these two devices are

on separate networks, and require a router to communicate.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

IP Address Classes

The IPv4 address space has been structured into several classes. The value

of the first octet of an address determines the class of the network:

Class First Octet Range

Default Subnet Mask

Class A 1 - 127 255.0.0.0

Class B 128 - 191 255.255.0.0

Class C 192 - 223 255.255.255.0

Class A networks range from 1 to 127. The default subnet mask is

255.0.0.0; thus, by default, the first octet defines the network, and last three

octets define the host. This results in a maximum of 127 Class A networks,

with 16,777,214 hosts per network!

Example of a Class A address:

Address: 64.32.254.100

Subnet Mask: 255.0.0.0

Class B networks range from 128 to 191. The default subnet mask is

255.255.0.0; thus, by default, the first two octets define the network, and the

last two octets define the host. This results in a maximum of 16,384 Class B

networks, with 65,534 hosts per network.

Example of a Class B address:

Address: 152.4.12.195

Subnet Mask: 255.255.0.0

Class C networks range from 192 to 223. The default subnet mask is

255.255.255.0; thus, by default, the first three octets define the network, and

the last octet defines the host. This results in a maximum of 2,097,152 Class

C networks, with 254 hosts per network.

Example of a Class C address:

Address: 207.79.233.6

Subnet Mask: 255.255.255.0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

CIDR (Classless Inter-Domain Routing)

Classless Inter-Domain Routing (CIDR) is simplified method of

representing a subnet mask. CIDR identifies the number of binary bits set to

a 1 (or on) in a subnet mask, preceded by a slash.

Consider the following subnet mask: 255.255.255.240

Looking at the above subnet mask in binary:

11111111.11111111.11111111.11110000

The first 28 bits of the above subnet mask are set to 1. To represent this in

CIDR notation: /28

Consider this next example:

192.168.1.1 255.255.255.0

The above address/subnet mask can be represented as follows using CIDR:

192.168.1.1 /24

Address “Classes” vs. Subnet Mask

Remember the following three rules:

• The first octet on an address dictates the class of that address.

• The subnet mask dictates what portion of an address identifies the

network, and what portion identifies the host.

• Each class has a default subnet mask.

Thus, the address 10.1.1.1 is a Class A address, and its default subnet mask

is 255.0.0.0 (or in CIDR, /8). However, it is possible to use subnet masks

other than the default, such as applying a Class B mask to a Class A address:

10.1.1.1 /16

However, this does not change the class of the above address. It remains a

Class A address, which has been subnetted using a Class B mask.

Remember, the only thing that determines the class of an IP address is the

first octet of that address. Likewise, the subnet mask is the only thing that

determines what portion of an address is the network, and which portion is

the host.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Subnet and Broadcast Addresses

Two addresses have been reserved on each network for special use. Each

network must have a subnet (or network) address, and a broadcast address.

Neither of these addresses can be assigned to a host device.

The subnet address is used to identify the network itself. Routing tables

contain lists of networks, and each network is identified by its subnet

address. Subnet addresses contain all 0 bits in the host portion of the

address.

For example, the following is a subnet address: 192.168.1.0/24

The broadcast address identifies all hosts on a particular network. A packet

sent to the broadcast address will be received and processed by every device

on that network. Broadcast addresses contain all 1 bits in the host portion

of the address.

For example, the following is a broadcast address: 192.168.1.255/24

Broadcasts are one of three types of IP packets:

• Unicasts are packets sent from one host to another host

• Multicasts are packets sent from one host to a group of hosts

• Broadcasts, as stated earlier, are packets sent from one host to all

other hosts on the local network

A router, by default, will never forward a multicast or broadcast packet

from one interface to another.

A switch, be default, will forward a multicast or broadcast out every port,

except for the port that sent the multicast/broadcast.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Subnetting

Subnetting is the process of creating new networks (or subnets) by stealing

bits from the host portion of a subnet mask. There is one caveat: stealing bits

from hosts creates more networks but fewer hosts per network. Thus, every

time a network is subnetted, addresses are lost.

Consider the following Class C network:

192.168.254.0

The default subnet mask for this network is 255.255.255.0. This single

network can be segmented, or subnetted, into multiple networks. For

example, assume a minimum of 10 new networks are required. Resolving

this is possible using the following magical formula:

2n – 2

The exponent ‘n’ identifies the number of bits to steal from the host portion

of the subnet mask. The default Class C mask (255.255.255.0) looks as

follows in binary:

11111111.1111111.1111111.00000000

There are a total of 24 bits set to 1, which are used to identify the network.

There are a total of 8 bits set to 0, which are used to identify the host, and

these host bits can be ‘stolen.’

Stealing bits essentially involves changing host bits (set to 0 or off) in the

subnet mask to network bits (set to 1 or on). Network bits in a subnet mask

must always be sequential, skipping bits is not allowed.

Consider the result if three bits are stolen. Using the above formula:

2n – 2 = 23 – 2 = 8 – 2 = 6 new networks created

However, a total of six new networks does not meet the original requirement

of at least 10 networks. Consider the result if four bits are stolen:

2n – 2 = 24 – 2 = 16 – 2 = 14 new networks created

A total of fourteen new networks does meet the original requirement.

Stealing four host bits results in the following new subnet mask:

11111111.11111111.11111111.11110000 = 255.255.255.240

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Subnetting (continued)

In the previous example, a Class C network was subnetted to create 14 new

networks, using a subnet mask of 255.255.255.240 (or /28 in CIDR). Four

bits were stolen in the subnet mask, leaving only four bits for hosts.

To determine the number of hosts this results in, for each of the new 14

networks, the same formula can be used: 2n – 2

Consider the result if four bits are available for hosts:

2n – 2 = 24 – 2 = 16 – 2 = 14 usable hosts per network

Thus, subnetting a Class C network with a /28 mask creates fourteen new

networks, with fourteen usable hosts per network.

The “-2” Rule of Subnetting

There is a specific purpose for the ‘– 2’ portion of the 2n – 2 formula.

Previously, it was unacceptable to use an address that contained all ‘0’ or all

‘1’ bits in the network portion of the address.

However, this is no longer true on modern systems. Specifically, on Cisco

IOS devices, the following command is now enabled by default:

Router(config)# ip subnet-zero

The ip subnet-zero commands allows for the use of networks with all ‘0’ or

all ‘1’ bits in the network portion of the address. Thus, the formula for

calculating the number of new network is slightly altered, to simply 2n.

Consider if four bits are stolen for networks:

= 24

= 16 new networks created

However, it is never possible to assign an address with all ‘0’ or all ‘1’

bits in the host portion of the address. These are reserved for the subnet

and broadcast addresses, respectively. Thus, the formula for calculating

usable hosts is always 2n – 2.

Some have questioned whether CCNA/CCNP simulations and questions

have ip subnet-zero enabled. It is generally accepted that having this enabled

is now default behavior, and test questions should be answered accordingly.

All future examples in this guide will assume the command is enabled.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Determining the ‘Range’ of Subnetted Networks

Determining the range of the newly created networks can be accomplished

using several methods. The ‘long’ method involves some binary magic.

Still looking at the example 192.168.254.0 network, which was subnetted

using a 255.255.255.240 mask:

192.168.254.0: 11000000.10101000.11111110.00000000

255.255.255.240: 11111111.11111111.11111111.11110000

Subnetting stole four bits in the fourth octet, creating a total of 16 new

networks (assuming ip subnet-zero is enabled). Looking at only the fourth

octet, the first newly created network is 0000. The second new network is

0001. Calculating all possible permutations of the four stolen bits:

Binary Decimal Binary Decimal Binary Decimal

.0000 xxxx .0 .0110 xxxx .96 .1100 xxxx .192

.0001 xxxx .16 .0111 xxxx .112 .1101 xxxx .208

.0010 xxxx .32 .1000 xxxx .128 .1110 xxxx .224

.0011 xxxx .48 .1001 xxxx .144 .1111 xxxx .240

.0100 xxxx .64 .1010 xxxx .160

.0101 xxxx .80 .1011 xxxx .176

Note that this equates to exactly 16 new networks. The decimal value

represents the first (or the subnet) address of each newly created network. To

determine the range for the hosts of the first new network:

Binary Decimal Binary Decimal Binary Decimal

.0000 0000 .0 .0000 0110 .6 .0000 1100 .12

.0000 0001 .1 .0000 0111 .7 .0000 1101 .13

.0000 0010 .2 .0000 1000 .8 .0000 1110 .14

.0000 0011 .3 .0000 1001 .9 .0000 1111 .15

.0000 0100 .4 .0000 1010 .10

.0000 0101 .5 .0000 1011 .11

The binary value has been ‘split’ to emphasize the separation of the network

bits from the host bits. The first address has all 0 bits in the host portion

(0000), and thus is the subnet address for this network. The last address has

all 1 bits in the host portion, and thus is the broadcast address for this

network. Note that there are exactly 14 usable addresses to assign to hosts.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Determining the ‘Range’ of Subnetted Networks (continued)

Calculating the ranges of subnetted networks can quickly become tedious

when using the ‘long’ binary method. The ‘shortcut’ method involves taking

the subnet mask (255.255.255.240 from the previous example), and

subtracting the subnetted octet (240) from 256.

256 – 240 = 16

Assuming ip subnet-zero is enabled, the first network will begin at 0. Then,

simply continue adding 16 to list the first address of each new network:

0 16 32 48 64 80 96 112 128 144 160 176 192 208 224 240

Knowing the first address of each new network makes it simple to determine

the last address of each network:

First address of network 0 16 32 48 64 80 96 112 128 144

Last address of network 15 31 47 63 79 95 111 127 143 159

Only the first 10 networks were calculated, for brevity. The first address of

each network becomes the subnet address for that network. The last address

of each network becomes the broadcast address for that network.

Once the first and last address of each network is known, determining the

usable range for hosts is straightforward:

Subnet address 0 16 32 48 64 80 96 112 128 144

Usable Range

110

113

126

129

142

145

158

Broadcast address 15 31 47 63 79 95 111 127 143 159

Hosts on the same network (such as 192.168.254.2 and 192.168.254.14) can

communicate freely.

Hosts on different networks (such as 192.168.254.61 and 192.168.254.66)

require a router to communicate.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Class A Subnetting Example

Consider the following subnetted Class A network: 10.0.0.0 255.255.248.0

Now consider the following questions:

• How many new networks were created?

• How many usable hosts are there per network?

• What is the full range of the first three networks?

By default, the 10.0.0.0 network has a subnet mask of 255.0.0.0. To

determine the number of bits stolen:

255.0.0.0: 11111111.00000000.00000000.00000000

255.255.248.0: 11111111.11111111.11111000.00000000

Clearly, 13 bits have been stolen to create the new subnet mask. To calculate

the total number of new networks:

= 213

= 8192 new networks created

There are clearly 11 bits remaining in the host portion of the mask:

2n – 2 = 211 – 2 = 2048 – 2 = 2046 usable hosts per network

Calculating the ranges is a bit tricky. Using the ‘shortcut’ method, subtract

the third octet (248) of the subnet mask (255.255.248.0) from 256.

256 – 248 = 8

The first network will begin at 0, again. However, the ranges are spread

across multiple octets. The ranges of the first three networks look as follows:

Subnet address 10.0.0.0 10.0.8.0 10.0.16.0

Usable Range

10.0.0.1

10.0.7.254

10.0.8.1

10.0.15.254

10.0.16.1

10.0.23.254

Broadcast address 10.0.7.255 10.0.15.255 10.0.23.255

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Private vs Public Addresses

The rapid growth of the Internet resulted in a shortage of IPv4 addresses. In

response, the powers that be designated a specific subset of the IPv4 address

space to be private, to temporarily alleviate this problem.

A public address can be routed on the Internet. Thus, devices that should be

Internet accessible (such as web or email servers) must be configured with

public addresses.

A private address is only intended for use within an organization, and can

never be routed on the internet. Three private addressing ranges were

allocated, one for each IPv4 class:

• Class A - 10.x.x.x

• Class B - 172.16-31.x.x

• Class C - 192.168.x.x

NAT (Network Address Translation) is used to translate between private

addresses and public addresses. NAT allows devices configured with a

private address to be stamped with a public address, thus allowing those

devices to communicate across the Internet. NAT is covered in-depth in

another guide.

NAT is only a temporarily solution to the address shortage problem.

Eventually, IPv4 will be replaced with IPv6. This also is covered extensively

in another guide.

Two other ranges, while not considered “private,” have been reserved for

specific use:

• 127.x.x.x - reserved for diagnostic purposes. One such address

(127.0.0.1), identifies the local host, and is referred to as the loopback

or localhost address.

• 169.254.x.x - reserved for Automatic Private IP Addressing (APIPA).

A host assigns itself an APIPA address if a DHCP server is

unavailable to dynamically assign an address.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The IPv4 Header

The IPv4 header has 12 required fields and 1 optional field¸ and is 160 bits

long.

Field Length Description

Version 4 bits Version of IP (in this case, IPv4)

Header Length 4 bits Specifies the length of the IP header (minimum 160 bits)

Type of Service 8 bits Classifies traffic for QoS

Total Length 16 bits Specifies the length of both the header and data payload

Identification 16 bits Uniquely identifies fragments of a packet

Flags 3 bits Flags for fragmentation

Fragment Offset 13 bits Identifies the location of a fragment in a packet

Time to Live 8 bits Decremented by each router traversed

Protocol 8 bits Specifies the next upper layer protocol

Header Checksum 16 bits Checksum for error checking

Source Address 32 bits Source IPv4 address

Destination Address 32 bits Destination IPv4 address

Options 32 bits Optional field for various parameters

The Identification, Flags, and Fragment Offset fields are used in

conjunction with each other. An IP packet larger than the MTU size of a link

must be fragmented. Each fragment of the packet is marked with the same

Identification number. The Fragment Offset allows the destination device to

reassemble the fragments in the proper order.

The Flags field can dictate two conditions:

• Don’t Fragment (DF) – indicates the packet cannot be fragmented. If

the packet reaches a link with a small MTU, the packet is then

dropped, and an ICMP error message is sent back to the source.

• More Fragments (MF) – all fragments have this bit set to one, except

for the last fragment, where the bit is set to zero. This allows the

destination device to know it has received all fragments.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

IPv4 Protocol Numbers

The Next Header field is of some importance. This field identifies the next

upper-layer header (for example, UDP, TCP or ICMP). These upper layer

protocols are identified using IP Protocol Numbers.

The following is a list of common IP Protocol Numbers:

Protocol

Number

Upper-Layer Protocol

1 ICMP

2 IGMP

6 TCP

9 IGRP

17 UDP

46 RSVP

47 GRE

50 IPSEC ESP

51 IPSEC AH

88 EIGRP

89 OSPF

(Reference: http://www.iana.org/assignments/protocol-numbers)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Resolving Logical Addresses to Hardware Addresses

Hosts cannot directly send data to another device’s logical address. Network

communication occurs across the data-link layer, using hardware addresses.

A mechanism is required to map logical addresses to hardware addresses.

When using IP over an Ethernet network, the Address Resolution Protocol

(ARP) provides this function for us. ARP allows a host to determine the

MAC (hardware) address for a particular IP (logical) address.

Observe the above diagram. Following the step-by-step path a packet travels

from HostA to the 10.2.1.5 address (HostB):

• First, HostA determines if the 10.2.1.5 address is itself. If the address

is configured on a local interface, the packet never leaves HostA.

• Second, HostA determines if the 10.2.1.5 address is on the same

network (or subnet). If it is, HostA will broadcast an ARP request, and

wait for the appropriate host to reply with its MAC address.

• HostA determines that the 10.2.1.5 address is indeed on a separate

network. It now parses its local routing table for a route to this remote

network. Usually, hosts will be equipped with a default route (or,

default gateway), to reach all other networks.

• Host A determines that RouterA is its default gateway. The host

broadcasts an ARP request for RouterA’s MAC address, and then

forwards the packet to RouterA’s MAC (4444.5555.6666).

• RouterA receives the packet, and parses at its own routing table. It

determines that the 10.2.x.x network is directly attached off of its fa1

interface. The router then broadcasts an ARP request for the 10.2.1.5

address.

• HostB responds to the router’s ARP request with its MAC address

(AAAA.BBBB.CCCC). RouterA is then able to forward the packet to

HostB.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Troubleshooting IP using ICMP

Internet Control Message Protocol (ICMP) is used for a multitude of

informational and error messaging purposes.

The following is a list of common ICMP types and codes:

Type Code Description

0 0 Echo Reply

- Destination Unreachable

0 Network Unreachable

1 Host Unreachable

2 Protocol Unreachable

3 Port Unreachable

4 Fragmentation Needed – Don’t Fragment Flag Set

6 Destination Network Unknown

7 Destination Host Unknown

9 Destination Network Administratively Prohibited

10 Destination Host Administratively Prohibited

5 Redirect

8 Echo

11 TTL Exceeded

Several IP troubleshooting tools utilize ICMP, including Packet Internet

Groper (ping) and traceroute.

Ping utilizes the Echo Request and Echo Reply ICMP messages to

determine if a host is responding on a particular address.

Traceroute determines the routing path a packet takes to reach its

destination.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 7

- TCP and UDP -

Transport Layer Protocols

The Transport layer of the OSI model (or, the Host-to-Host layer of the

DoD model) is concerned with the reliable transfer of data between devices.

It ensures (or in some cases, does not ensure) that a packet arrives at its

destination without corruption or data loss.

However, protocols at the transport layer do not actually send or route

packets. Network layer protocols, such as IP, route packets from one

network to another. In the TCP/IP protocol suite, TCP and UDP are

transport layer protocols.

Transmission Control Protocol (TCP)

The Transmission Control Protocol (TCP) is defined as a reliable,

connection-oriented transport protocol. Parameters must be agreed upon by

both parties before a connection is established.

TCP utilizes a three-way handshake to accomplish this. Control messages

are passed between two devices as the connection is set up:

• Host A sends a SYN (short for synchronize) message to Host B to initiate a

connection

• Host B responds with an ACK (short for acknowledgement) to Host A’s

SYN message, and sends its own SYN message (both messages are

combined to form a SYN+ACK)

• Host A completes the handshake by sending an ACK to Host B’s SYN.

The TCP header contains both a SYN flag and an ACK flag. Thus, when a

particular message needs to be sent, the appropriate flag is marked as on (in

other words, changed from a “0” to a “1”). A SYN+ACK message has both

flags set to on (1).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Transmission Control Protocol (TCP) (continued)

Additionally, TCP segments data into smaller pieces for transport. Segments

are assigned a sequence number, so that the receiving device can then

reassemble this data in order upon arrival.

• Host A sends an initial sequence number (ISN) with its SYN

message. This number is chosen from a random timer – we’ll assume

an ISN of 4000.

• Host B responds to this sequence number with an acknowledgment

number, which is always one more than the sequence number. Thus,

Host B’s acknowledgment number is 4001.

• Additionally, Host B sends an initial sequence number with its SYN

message. We’ll assume Host B’s ISN is 6000.

• Host A responds to this sequence with an acknowledgement number

of 6001.

After a TCP connection is established, each segment is tagged with a

sequence number. TCP detects that a segment has been lost when it does not

receive a corresponding acknowledgement of receipt. It must not only

receive an ACK, but it must receive an ACK with the appropriate

acknowledgement number.

(Reference: http://www.tcpipguide.com/free/t_TCPConnectionEstablishmentSequenceNumberSynchroniz.htm)

Additionally, TCP incorporates windowing for flow control. When flow

control is enabled, both the sending and receiving devices must agree on the

amount of data being sent in between acknowledgements. This helps prevent

data loss due to one side of the connection being overloaded.

(Reference: http://www.tcpipguide.com/free/t_TCPSlidingWindowAcknowledgmentSystemForDataTranspo.htm)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The TCP Header

The TCP header has 12 fields:

Field Length Description

Source Port 16 bits Source TCP Port

Destination Port 16 bits Destination TCP Port

Sequence Number 32 bits Initial Sequence Number

Ack Number 32 bits Acknowledgement Number

Data Offset 4 bits Indicates where the data begins in a TCP segment

Reserved 6 bits Always set to 0

Control Bits 6 bits URG, ACK, PSH, RST, SYN, and FIN flags

Window 16 bits Used for Flow Control

Checksum 16 bits Used for Error-Checking

Urgent Pointer 16 bits

Options Variable

Padding Variable To ensure the TCP header ends at a 32 bit boundary

User Datagram Protocol (UDP)

The User Datagram Protocol (UDP) is defined as an unreliable,

connectionless transport protocol. It is essentially a stripped-down version

of TCP, and thus has far less latency than TCP.

UDP provides no three-way handshake, no flow-control, no sequencing, and

no acknowledgment of data receipt. However, UDP does provide basic

error-checking using a checksum.

The UDP header has only 4 fields:

Field Length Description

Source Port 16 bits Source UDP Port

Destination Port 16 bits Destination UDP Port

Length 16 bits Length of the header and the data

Checksum 16 bits Used for Error-Checking

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Comparison of TCP versus UDP

TCP UDP

Connection-oriented Connection-less

Guaranteed Delivery No Guaranteed Delivery

Sends Acknowledgments Does not send Acknowledgments

Reliable, but slow Unreliable, but fast

Segments and Sequences Data Does NOT segment/sequence data

Flow Control No Flow Control

Performs CRC on data Performs CRC on data

TCP/UDP Ports

TCP and UDP ports identify services that run on a specific logical address.

Otherwise, there would be no way to distinguish data destined for one

service or another on a device. For example, port numbers allow both a web

and email server to operate simultaneously on the same address.

An IP address combined with a TCP or UDP port forms a socket. A socket

is written out as follows:

10.50.1.1:80

Specific ports (1-1024) have been reserved for specific services, and are

recognized as well-known ports. Below is a table of several common

TCP/UDP ports:

20, 21 TCP FTP

22 TCP SSH

23 TCP Telnet

25 TCP SMTP

53 UDP DNS

80 TCP HTTP

110 TCP POP3

443 TCP SSL

666 TCP Doom

For a complete list of port numbers, refer to the IANA website:

http://www.iana.org/assignments/port-numbers.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 8

- IPv6 Addressing -

IPv6 Basics

The most widespread implementation of IP currently is IPv4, which utilizes

a 32-bit address. Mathematically, a 32-bit address can provide roughly 4

billion unique IP addresses (232 = 4,294,967,296). Practically, the number of

usable IPv4 addresses is much lower, as many addresses are reserved for

diagnostic, experimental, or multicast purposes.

The explosive growth of the Internet and corporate networks quickly led to

an IPv4 address shortage. Various solutions were developed to alleviate this

shortage, including CIDR, NAT, and Private Addressing. However, these

solutions could only serve as temporary fixes.

In response to the address shortage, IPv6 was developed. IPv6 increases the

address size to 128 bits, providing a nearly unlimited supply of addresses

(340,282,366,920,938,463,463,374,607,431,768,211,456 to be exact). This

provides roughly 50 octillion addresses per person alive on Earth today, or

roughly 3.7 x 1021 addresses per square inch of the Earth’s surface.

(References: http://cc.uoregon.edu/cnews/spring2001/whatsipv6.html; http://en.wikipedia.org/wiki/IPv6)

IPv6 offers the following features:

• Increased Address Space and Scalability – providing the absurd

number of possible addresses stated previously.

• Simplified Configuration – allows hosts to auto-configure their IPv6

addresses, based on network prefixes advertised by routers.

• Integrated Security – provides built-in authentication and encryption

into the IPv6 network header

• Compatibility with IPv4 – simplifies address migration, as IPv6 is

backward-compatible with IPv4

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The IPv6 Address

The IPv6 address is 128 bits, as opposed to the 32-bit IPv4 address. Also

unlike IPv4, the IPv6 address is represented in hexadecimal notation,

separate by colons.

An example of an IPv6 address would be:

1254:1532:26B1:CC14:0123:1111:2222:3333

Each “grouping” (from here on called fields) of hexadecimal digits is 16

bits, with a total of eight fields. The hexadecimal values of an IPv6 address

are not case-sensitive.

We can drop any leading zeros in each field of an IPv6 address. For

example, consider the following address:

1423:0021:0C13:CC1E:3142:0001:2222:3333

We can condense that address to: 1423:21:C13:CC1E:3142:1:2222:3333

Only leading zeros can be condensed. If we have an entire field comprised of

zeros, we can further compact the following address:

F12F:0000:0000:CC1E:2412:1111:2222:3333

The condensed address would be: F12F::CC1E:2412:1111:2222:3333

Notice the double colons (::). We can only condense one set of contiguous

zero fields. Thus, if we had the following address:

F12F:0000:0000:CC1E:2412:0000:0000:3333

We could not condense that to: F12F::CC1E:2412::3333

The address would now be ambiguous, as we wouldn’t know how many “0”

fields were compacted in each spot. Remember that we can only use one set

of double colons in an IPv6 address!

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The IPv6 Prefix

IPv4 utilizes a subnet mask to define the network “prefix” and “host”

portions of an address. This subnet mask can also be represented in Classless

Inter-Domain Routing (CIDR) format.

IPv6 always use CIDR notation to determine what bits notate the prefix of

an address:

Full Address: 1254:1532:26B1:CC14:123:1111:2222:3333/64

Prefix ID: 1254:1532:26B1:CC14:

Host ID: 123:1111:2222:3333

The /64 indicates that the first 64 bits of this address identify the prefix.

The IPv6 Interface ID and EUI-64 Format

The host portion of an IPv4 address is not based on the hardware address of

an interface. IPv4 relies on Address Resolution Protocol (ARP) to map

between the logical IP address and the 48-bit hardware MAC address.

IPv6 unicasts generally allocate the first 64 bits of the address to identify the

network (prefix), and the last 64 bits to identify the host (referred to as the

interface ID). The interface ID is based on the interface’s hardware address.

This interface ID adheres to the IEEE 64-bit Extended Unique Identifier

(EUI-64) format. Since most interfaces still use the 48-bit MAC address, the

MAC must be converted into the EUI-64 format.

Consider the following MAC address: 1111.2222.3333. The first 24 bits, the

Organizationally Unique Identifier (OUI), identify the manufacturer. The

last 24 bits uniquely identify the host. To convert this to EUI-64 format:

1. The first 24 bits of the MAC (the OUI), become the first 24 bits of

the EUI-64 formatted interface ID.

2. The seventh bit of the OUI is changed from a “0” to a “1”.

3. The next 16 bits of the interface ID are FFFE.

4. The last 24 bits of the MAC (the host ID), become the last 24 bits of

the interface ID.

Thus, the MAC address 1111.2222.3333 in EUI-64 format would become

1311:22FF:FE22:3333, which becomes the interface ID.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The IPv6 Address Hierarchy

IPv4 separated its address space into specific classes. The class of an IPv4

address was identified by the high-order bits of the first octet:

• Class A - (00000001 – 01111111, or 1 - 127)

• Class B - (10000000 – 10111111, or 128 - 191)

• Class C - (11000000 – 11011111, or 192 - 223)

• Class D - (11100000 – 11101111, or 224 - 239)

IPv6’s addressing structure is far more scalable. Less than 20% of the IPv6

address space has been designated for use, currently. The potential for

growth is enormous.

The address space that has been allocated is organized into several types,

determined by the high-order bits of the first field:

• Special Addresses – addresses begin 00xx:

• Link Local – addresses begin FE8x:

• Site Local – addresses begin FECx:

• Aggregate Global – addresses begin 2xxx: or 3xxx:

• Multicasts – addresses begin FFxx:

• Anycasts

(Note: an “x” indicates the value can be any hexadecimal number)

There are no broadcast addresses in IPv6. Thus, any IPv6 address that is

not a multicast is a unicast address.

Anycast addresses identify a group of interfaces on multiple hosts. Thus,

multiple hosts are configured with an identical address. Packets sent to an

anycast address are sent to the nearest (i.e., least amount of hops) host.

Anycasts are indistinguishable from any other IPv6 unicast address.

Practical applications of anycast addressing are a bit murky. One possible

application would be a server farm providing an identical service or

function, in which case anycast addressing would allow clients to connect to

the nearest server.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Special (Reserved) IPv6 Addresses

The first field of a reserved or special IPv6 address will always begin 00xx.

Reserved addresses represent 1/256th of the available IPv6 address space.

Various reserved addresses exist, including:

• 0:0:0:0:0:0:0:0 (or ::) – is an unspecified or unknown address. It is

the equivalent of the IPv4 0.0.0.0 address, which indicates the absence

of a configured or assigned address. In routing tables, the unspecified

address is used to identify all or any possible hosts or networks.

• 0:0:0:0:0:0:0:1 (or ::1) – is the loopback or localhost address. It is

the equivalent of the IPv4 127.0.0.1 address.

Reserved Addresses - IPv4 and IPv6 Compatibility

To alleviate the difficulties of immediately migrating from IPv4 to IPv6,

specific reserved addresses can be used to embed an IPv4 address into an

IPv6 address.

Two types of addresses can be used for IPv4 embedding, IPv4-compatible

IPv6 addresses, and IPv4-mapped IPv6 addresses.

• 0:0:0:0:0:0:a.b.c.d (or ::a.b.c.d) – is an IPv4-compatible IPv6

address. This address is used on devices that support both IPv4 and

IPv6. A prefix of /96 is used for IPv4-compatible IPv6 addresses:

::192.168.1.1/96

• 0:0:0:0:0:FFFF:a.b.c.d (or ::FFFF:a.b.c.d) – is an IPv6-mapped

IPv6 address. This address is used by IPv6 routers and devices to

identify non-IPv6 capable devices. Again, a prefix of /96 is used for

IPv4-mapped IPv6 addresses:

::FFFF:192.168.1.1/96

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Link-Local IPv6 Addresses

Link-local IPv6 addresses are used only on a single link (subnet). Any

packet that contains a link-local source or destination address is never routed

to another link. Every IPv6-enabled interface on a host (or router) is

assigned a link-local address. This address can be manually assigned, or

auto-configured.

The first field of a link-local IPv6 address will always begin FE8x (1111

1110 10). Link-local addresses are unicasts, and represent 1/1024th of the

available IPv6 address space. A prefix of /10 is used for link-local addresses.

FE80::1311:22FF:FE22:3333/10

There is no hierarchy to a link-local address:

• The first 10 bits are fixed (FE8), known as the Format Prefix (FP).

• The next 54 bits are set to 0.

• The final 64 bits are used as the interface ID.

Site Local IPv6 Addresses

Site-local IPv6 addresses are the equivalent of “private” IPv4 addresses.

Site-local addresses can be routed within a site or organization, but cannot

be globally routed on the Internet. Multiple private subnets within a “site”

are allowed.

The first field of a site-local IPv6 address will always begin FECx (1111

1110 11). Site-local addresses are unicasts, and represent 1/1024th of the

available IPv6 address space.

FEC0::2731:E2FF:FE96:C283/64

Site-local addresses do adhere to a hierarchy:

• The first 10 bits are the fixed FP (FEC).

• The next 38 bits are set to 0.

• The next 16 bits are used to identify the private subnet ID.

• The final 64 bits are used as the interface ID.

To identify two separate subnets (1111 and 2222):

FEC0::1111:2731:E2FF:FE96:C283/64

FEC0::2222:97A4:E2FF:FE1C:E2D1/64

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Aggregate Global IPv6 Addresses

Aggregate Global IPv6 addresses are the equivalent of “public” IPv4

addresses. Aggregate global addresses can be routed publicly on the Internet.

Any device or site that wishes to traverse the Internet must be uniquely

identified with an aggregate global address.

Currently, the first field of an aggregate global IPv6 address will always

begin 2xxx (001). Aggregate global addresses are unicasts, and represent

1/8th of the available IPv6 address space.

2000::2731:E2FF:FE96:C283/64

Aggregate global addresses adhere to a very strict hierarchy:

• The first 3 bits are the fixed FP.

• The next 13 bits are the top-level aggregation identifier (TLA ID).

• The next 8 bits are reserved for future use.

• The next 24 bits are the next-level aggregation identifier (NLA ID).

• The next 16 bits are the site-level aggregation identifier (SLA ID).

• The final 64 bits are used as the interface ID.

By have multiple levels, a consistent, organized, and scalable hierarchy is

maintained. High level registries are assigned ranges of TLA IDs. These can

then be subdivided in the NLA ID field, and passed on to lower-tiered ISPs.

Such ISPs allocate these prefixes to their customers, which can further

subdivide the prefix using the SLA ID field, to create whatever local

hierarchy they wish. The 16-bit SLA field provides up to 65535 networks for

an organization.

Note: Do not confuse the SLA ID field of a global address field, with a sitelocal

address. Site-local addresses cannot be routed publicly, where as SLA

ID’s are just a subset of the publicly routable aggregate global address.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Multicast IPv6 Addresses

Multicast IPv6 addresses are the equivalent of IPv4 multicast addresses.

Interfaces can belong to one or more multicast groups. Interfaces will accept

a multicast packet only if they belong to that group. Multicasting provides a

much more efficient mechanism than broadcasting, which requires that

every host on a link accept and process each broadcast packet.

The first field of a multicast IPv6 address will always begin FFxx (1111

1111). The full multicast range is FF00 through FFFF. Multicasts represent

1/256th of the available IPv6 address space.

FF01:0:0:0:0:0:0:1

Multicast addresses follow a specific format:

• The first 8 bits identify the address as a multicast (1111 1111)

• The next 4 bits are a flag value. If the flag is set to all zeroes (0000),

the multicast address is considered well-known.

• The next 4 bits are a scope value:

o 0000 (0) = Reserved

o 0001 (1) = Node Local Scope

o 0010 (2) = Link Local Scope

o 0101 (5) = Site Local Scope

o 1000 (8) = Organization Local Scope

o 1110 (e) = Global Scope

o 1111 (f) = Reserved

• The final 112 bits identify the actual multicast group.

IPv4 multicast addresses had no mechanism to support multiple “scopes.”

IPv6 scopes allow for a multicast hierarchy, a way to contain multicast

traffic.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Common IPv6 Multicast Addresses

The following is a list of common, well-known IPv6 multicast addresses:

Node-Local Scope Multicast Addresses

• FF01::1 – All-nodes address

• FF01::2 – All-routers address

Link-Local Scope Multicast Addresses

• FF02::1 – All-nodes address

• FF02::2 – All-routers address

• FF02::5 – OSPFv3 (OSPF IPv6) All SPF Routers

• FF02::6 – OSPFv3 Designated Routers

• FF02::9 – RIPng Routers

• FF02::13 – PIM Routers

Site-Local Scope Multicast Addresses

• FF05::2 – All-routers address

All hosts must join the all-nodes multicast group, for both the node-local

and link-local scopes. All routers must join the all-routers multicast group,

for the node-local, link-local, and site-local scopes.

Every site-local and aggregate global address is assigned a solicited-node

multicast address. This solicited-node address is created by appending the

last 24 bits of the interface ID to the following prefix: FF02::1:FF/103.

Thus, if you have a site-local address of:

FEC0::1111:2731:E2FF:FE96:C283

The corresponding solicited-node multicast address would be:

FF02::1:FF96:C283

Solicited-node multicast addresses are most often used for neighbor

discovery (covered in an upcoming section in this guide).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Required IPv6 Addresses

At a minimum, each IPv6 interface on a host must recognize the following

IPv6 addresses:

• The loopback address

• A link-local address

• Any configured site-local or aggregate global addresses

• Any configured multicast groups

• The all-nodes multicast address (both node-local and link-local

scopes)

• The solicited-node multicast address for any configured unicast

addresses

In addition to the above addresses, each IPv6 interface on a router must

recognize the following IPv6 addresses:

• The subnet-router anycast address

• Any configured multicast groups

• The all-routers multicast address (node-local, link-local, and site-local

scopes)

IPv6 Addresses and URLs

IPv6 addresses can also be referenced in URLs (Uniform Resource Locator).

URL’s, however, use the colon to represent a specific TCP “port”. This is

not an issue with IPv4 addresses, which can easily be referenced using a

URL:

http://192.168.1.1/index.html

Because IPv6 fields are separated by colons, the IPv6 address must be

placed in brackets, to conform to the URL standard:

http://[FEC0::CC1E:2412:1111:2222:3333]/index.html

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The IPv6 Header

The IPv6 header has 8 fields and is 320 bits long. It has been considerably

streamlined compared to its IPv4 counterpart, which has 12 fields and is 160

bits long.

Field Length Description

Version 4 bits Version of IP (in this case, IPv6)

Traffic Class 8 bits Classifies traffic for QoS

Flow Label 20 bits Identifies a flow between a source and destination

Payload Length 16 bits Length of data in packet

Next Header 8 bits Specifies the next upper-layer or extension header

Hop Limit 8 bits Decremented by each router traversed

Source Address 128 bits Source IPv6 address

Destination Address 128 bits Destination IPv6 address

The Next Header field is of some importance. This field can identify either

the next upper-layer header (for example, UDP, TCP or ICMP), or it can

identify a special Extension Header, which placed in between the IPv6 and

upper layer header.

Several such extension headers exist, and are usually processed in the

following order:

• Hop-by-Hop Options – specifies options that should be processed by

every router in the path. Directly follows the IPv6 header.

• Destination Options – specifies options that should be processed by

the destination device.

• Routing Header – specifies each router the packet must traverse to

reach the destination (source routing)

• Fragment Header – used when a packet is larger than the MTU for

the path

• Authentication Header – used to integrate IPSEC Authentication

Header (AH) into the IPv6 packet

• ESP Header – used to integrate IPSEC Encapsulating Security

Payload (ESP) into the IPv6 packet

(Reference: http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122newft/122t/122t2/ipv6/ftipv6o.htm#1004285)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

ICMPv6

ICMP Version 6 (ICMPv6) is a core component of IPv6. All devices

employing IPv6 must also integrate ICMPv6.

ICMPv6 provides many services, including (but not limited to):

• Error Messages

• Informational messages (such as echo replies for IPv6 ping)

• MTU Path Discovery

• Neighbor Discovery

There are four key ICMPv6 error messages:

• Destination Unreachable (ICMP packet type 1) – indicates that the

packet cannot be forwarded to its destination. The node sending this

message includes an explanatory code:

o 0 - No route to destination

o 1 - Access is administratively prohibited

o 3 - Address unreachable

o 4 - Port unreachable

• Packet Too Big (ICMP packet type 2) – indicates the packet is larger

than the MTU of the link. IPv6 routers do not fragment packets.

Instead, the Packet Too Big message is sent to the source (sending)

device, which then reduces (or fragments) the size of the packet to the

reported MTU. This message is used for Path MTU Discovery

(PMTUD).

• Time Exceeded (ICMP packet type 3) – indicates that the hop count

limit has been reached, usually indicating a routing loop

• Parameter Problem (ICMP packet type 4) – indicates an error in the

IPv6 header, or an IPv6 extension header. The node sending this

message includes an explanatory code:

o 0 - Erroneous header field

o 1 - Unrecognized next-header type

o 2 - Unrecognized IPv6 option

(Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080113b1c.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Neighbor Discovery Protocol (NDP) and ICMPv6

The neighbor discovery protocol (NDP) provides a multitude of services

for IPv6 enabled devices, including:

• Automatic address configuration, and prefix discovery

• Duplicate address detection

• MTU discovery

• Router discovery

• Address resolution

NDP replaces many IPv4 specific protocols, such as DHCP and ARP. NDP

utilizes ICMPv6 to provide the above services.

Periodically, IPv6 routers send out Router Advertisements (RA’s) to both

announce their presence on a link, and to provide auto-configuration

information for hosts. This RA (ICMP packet type 134) is sourced from the

link-local address of the sending router, and sent to the link-scope all-nodes

multicast group. The sending router sets a hop limit of 255 on a RA;

however, the RA packet must not be forwarded outside the local link.

Hosts use RA’s to configure themselves, and add the router to its local

default router list. A host can request an RA by sending out a Router

Solicitation (RS, ICMP packet type 133) to the link-local all-routers

multicast address. A RS is usually sent when a host is not currently

configured with an IP address.

The RA messages contain the following information for hosts:

• The router’s link-layer address (to be added to the host’s default

router list)

• One or more network prefixes

• A lifetime (measured in seconds) for the prefix(es)

• The link MTU

Routers send Redirect messages to hosts, indicating a better route to a

destination. Hosts can have multiple routers in its default router list, but one

is chosen as the true default router. If this default router deems that another

router has a better route to the destination, it forwards the Redirect message

to the sending host.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Neighbor Discovery Protocol (NDP) and ICMPv6 (continued)

Neighbor Solicitations (NS’s, ICMP packet type 135) are sent by hosts to

identify the link-layer address of a neighbor, and ensure its reachability. A

NS message’s source address is the link-local address of the sending host,

and the destination is the solicited-node multicast address of the destination

host.

A neighbor will reply to a NS with a Neighbor Advertisement (NA, ICMP

packet type 136). This process replaces the Address Resolution Protocol

(ARP) used by IPv4, and provides a far more efficient means to learn

neighbor address information.

Hosts additionally use the NS messages to detect duplicate addresses.

Before a host assigns itself an IPv6 address, it sends out a NS to ensure no

other host is configured with that address.

Autoconfiguration of Hosts

Hosts can be assigned IPv6 addresses one of two ways: manually, or using

autoconfiguration. Hosts learn how to autoconfigure themselves from

Router Advertisements (RA’s).

Two types of autoconfiguration exist, stateless and stateful.

When using Stateless Autoconfiguration, a host first assigns itself a linklocal

IPv6 address. It accomplishes this by combining the link-local prefix

(FE8) with its interface ID (MAC address in EUI-64 format).

The host then sends a Router Solicitation multicast to the all-routers

multicast address, which provides one or more network prefixes. The host

combines these prefixes with its interface ID to create its site-local (or

aggregate global) IPv6 addresses.

Stateful Autoconfiguration is used in conjunction with stateless

autoconfiguration. Stateful Autoconfiguration utilizes DHCPv6 to provide

additional information to the host, such as DNS servers. DHCPv6 can also

be used in the event that there is no router on the link, to provide stateless

autoconfiguration.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Section 9

- Introduction to 802.11 Wireless -

802.11 Overview

Beginning in the mid 1990’s, the IEEE LAN/MAN committee began

developing a series of Wireless Local Area Network (WLAN) standards.

Collectively, these wireless standards are identified as the 802.11 standard.

Note: The 802.11 standard is occasionally referred to as Wi-Fi, though the

term ‘Wi-Fi’ has been applied to other wireless standards as well.

Various amendments have been made to the 802.11 standard. These are

identified by the letter appended to the standard, such as 802.11a or 802.11g.

The 802.11 amendments will be covered in greater detail later in this guide.

Wireless devices communicate across a specific range of RF frequencies

known as a channel, using an antenna off of a radio card. 802.11 antennas

come in several forms:

• Omnidirectional

• Semi-directional

• Highly-directional

A group of communicating 802.11 wireless devices is known as a service

set. A wireless client can connect point-to-point with another wireless client

– this is referred to as an ad-hoc connection, or an Independent Basic

Service Set (IBSS).

More commonly, wireless client are centrally connected via a wireless

access point (WAP). This is referred to as an infrastructure connection, or

a Basic Service Set (BSS). Wireless clients must associate with a WAP

before data can be forwarded. WAPs often serve as a gateway between the

wired and wireless networks.

In environments where a single WAP does not provide sufficient coverage,

multiple WAPs can be linked as part of an Extended Service Set (ESS).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Radio Frequency Overview

Wireless communication is accomplished using Radio Frequency (RF)

waves. Frequency is a measurement of the number of cycles completed per

a given time period for an electromagnetic wave. The standard frequency

measurement unit is the hertz (Hz), or one cycle per second.

Note: Ranges of frequencies are often identified by their specific use; these

ranges are often referred to as bands.

Transmitting devices tune the signal to a specific frequency; receiving

devices must tune to this frequency to receive the transmission. A signal at a

specific frequency is referred to as the carrier signal. However, a carrier

signal alone cannot contain data.

Modulation is the method of altering a signal (usually by varying its

amplitude, frequency, or phase), to convey a message or data stream:

802.11 devices employ multiple advanced modulation techniques, depending

on the 802.11 amendment. This modulation requires that 802.11 devices

communicate on a small subset of frequencies (referred to as a channel)

varying around the carrier signal.

Each 802.11 amendment operates in either the 2.4-GHz or 5-GHz band:

• The 2.4-GHz band provides the greatest range, but is unregulated and

shared with appliances like microwaves and cordless phones. This can

result in interference and degraded performance. The 2.4-GHz band is

a subset of the industrial, scientific, and medical (ISM) band.

• The 5-GHz band is regulated and thus generally free of interference.

However, signals at this frequency suffer from poor range and are

easily obstructed by intermediary objects. The 5-GHz band is referred

to as the Unlicensed National Information Infrastructure (UNII) band.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

RF Signal Strength

RF signals will attenuate in the open air. The power output of the RF

antenna dictates the signal strength, and the usable distance of the signal.

RF power output is not usually measured in absolute terms (such as Watts).

Instead, it is measured in decibels (dB), as a ratio of power to a reference

point. The reference point is usually one Watt (W) or one milliWatt (mW).

The resulting power measurements are Decibel Watts (dBw) and Decibel

milliWatts (dBm). One dBm is the equivalent of one milliWatt of power

output.

Decibel measurements are logarithmic in nature. The formula for calculating

power output in decibel form is as follows:

dB = 10log10 (Psignal / Preference)

The abbreviation P is short for power. Using the above formula, a signal

transmitting at an absolute power of 20 mW would be represented as having

an (relative) output power of 13 dBm.

Because decibels measure a ratio of power, it is possible to have a negative

value. A negative value indicates that the amount of power is less than the

reference point. For example, .25 mW of absolute power would be

represented as -6 dBm. Conversely, a positive value indicates that the

amount of power is more than the reference point.

(Reference: CCNP BCMSN Official Exam Certification Guide 4th Edition. David Hucaby. Pages 452-457;

http://en.wikipedia.org/wiki/Decibel)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

RF Interference and Obstruction

In addition to open-air attenuation, RF signals are susceptible to

interference, degrading the performance and integrity of the

communication. As stated previously, other devices operating in the same

frequency range can interfere with a signal.

Physical objects can also obstruct or alter the trajectory of a RF signal:

• Reflection – occurs when a signal bounces off of a reflective material,

altering its intended trajectory (and sometimes back towards the

sender). Metal objects and water often cause reflection. If the signal is

reflected in multiple directions, it is referred to as scattering.

• Refraction – occurs when the trajectory of a signal is bent as it passes

through an object, such as a wall.

• Absorption – occurs when the energy of a signal is absorbed as it

passes through an object, such as a wall or a tree. This loss of energy

degrades the strength of the signal.

• Diffraction – occurs when a signal bends around a signal-absorbing

object. For example, a sufficiently-strong signal can bend around an

obstructing building, or around a corner within a building. However,

this weakens and negatively affects the trajectory of a point-to-point

signal.

Because of diffraction, it is particularly important to maintain line-of-sight

when employing a point-to-point wireless signal over a long distance.

Buildings, trees, and even the curvature of the earth can obstruct the line-ofsight

of the transmitting/receiving antennas.

(Reference: CCNP BCMSN Official Exam Certification Guide 4th Edition. David Hucaby. Pages 447-450,

http://www.cisco.com/warp/public/102/wwan/quick-ref.pdf)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

RF Fresnel Zones

Specifically, line-of-sight must be maintained within a signal’s ellipticalshaped

Fresnel zone.

If more than 40% of the lower radius of the Fresnel zone is obstructed, the

signal will be negatively impacted from diffraction. Thus, it is imperative to

maintain a minimum of 60% clearance in this radius.

Calculating the radius of a Fresnel zone requires a complex formula, which

is beyond the scope of this guide. Various factors must be accounted for,

such as atmospheric refraction, the curvature of the earth, frequency, and the

relative heights of the two antennas.

A free Fresnel zone calculator is available online at:

http://www.afar.net/fresnel-zone-calculator/

(Reference: CCNP BCMSN Official Exam Certification Guide 4th Edition. David Hucaby. Pages 450-452)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

802.11 Channels

Recall that all amendments to the 802.11 standard operate in one of two

frequency bands:

• 2.4-GHz band (specifically, 2.4000 to 2.4835GHz)

• 5.0-GHz band (specifically, 5.150 to 5.825GHz)

The 2.4 GHz band supports a total of 14 channels, though the FCC limits

this to 11 channels in the United States. The center frequency of each

channel is separated by only 5 MHz.

Channel # Center Frequency Channel # Center Frequency

1 2.412 MHz 8 2.447 MHz

2 2.417 MHz 9 2.452 MHz

3 2.422 MHz 10 2.457 MHz

4 2.427 MHz 11 2.462 MHz

5 2.432 MHz 12* 2.467 MHz

6 2.437 MHz 13* 2.472 MHz

7 2.442 MHz 14* 2.484 MHz

* Restricted in US

The 802.11 amendments that use the 2.4-GHz band (specifically, 802.11b

and 802.11g) require a 22 MHz range to modulate the signal. Thus, with

each channel’s center frequency separated by only 5 MHz, channel overlap

will occur.

In fact, the 2.4-GHz band supports only three non-overlapping channels.

Specifically, these are channels 1, 6, and 11. Devices competing on the same

or adjacent channels will interfere with each other, degrading performance

and reliability.

The less-often used 5-GHz band supports up to 12 non-overlapping

channels (in the U.S.), and is further separated into three sub-bands (with

four channels each). The lower and middle bands are dedicated for indoor

use, and the higher band is dedicated for outdoor use.

Remember that the 2.4-GHz band is unregulated, and the 5.0-GHz band is

regulated.

(Reference: http://en.wikipedia.org/wiki/List_of_WLAN_channels;

http://www.cisco.com/en/US/docs/wireless/access_point/1200/vxworks/configuration/guide/bkscgaxa.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Preventing Channel Overlap

In large environments, a single WAP is often insufficient for full wireless

coverage. Multiple WAPs can be linked together as part of an Extended

Service Set (ESS).

However, special considerations must be made when installing WAPs in

close proximity to each other. Recall that only a limited number of nonoverlapping

channels are available in both the 2.4-GHz and 5.0-GHz bands.

Adjacent WAPs should never be configured on the same channel; the

overlapping wireless fields will interfere with each other and severely

degrade performance.

Channel 1

Channel 11

Channel 6

Channel 1

Providing full wireless coverage while preventing channel overlap can be

challenging, especially if the environment has multiple floors. Performing a

comprehensive wireless site survey is helpful in mapping out an accurate

solution.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

802.11 and Collisions

If two devices on a half-duplex Ethernet (802.3) network send a packet

simultaneously, a collision will occur. Similarly, if two 802.11 wireless

devices transmit simultaneously, their signals will mix resulting in unusable

noise (essentially a wireless collision).

Half-duplex 802.3 Ethernet uses Carrier Sense Multiple Access with

Collision Detect (CSMA/CD) to control media access. Devices monitor the

physical link, and will only transmit a frame if the link is idle. When a

collision is detected, both devices will wait a random amount of time before

resending their respective packets.

All 802.11 connections are half-duplex. The only way to achieve full duplex

is to send over one channel, and receive over another. The 802.11 standard

currently has no such implementation.

802.11 devices have no method of detecting a collision, beyond the failure

of the receiving device to send an acknowledgement. Instead, 802.11

devices attempt to avoid collisions using Carrier Sense Multiple Access

with Collision Avoidance (CSMA/CA). Devices will listen before

attempting to transmit, and will only transmit if no other device is currently

transmitting.

If another device is transmitting, other devices must wait until that

transmission is finished, using a process called Distributed Coordination

Function (DCF). The currently transmitting device includes a duration

value within the 802.11 header, informing other devices of the estimated

time-length of its transmission.

Other 802.11 devices will not only wait out this duration value, but will wait

an additional random amount of time (referred to as the DCF interframe

space (DIFS)), before beginning their own transmissions. The random DIFS

was implemented to prevent devices from transmitting simultaneously after

waiting out another device’s transmission duration. DIFS is often referred to

as a random back-off timer.

(Reference: CCNP BCMSN Official Exam Certification Guide 4th Edition. David Hucaby. Pages 436-438,

http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7920/5_0/english/design/guide/wrlqos.html#wp1041341)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

The 802.11 Amendments

The original 802.11 standard was release in 1997, and utilized directsequence

spread spectrum (DSSS) to modulate data onto an RF signal. The

standard operated in the 2.4 GHz frequency range, and had a maximum

throughput of 2 Mbps.

The original 802.11 standard never saw widespread adoption, and was

quickly supplanted by the 802.11a and 802.11b amendments, which were

developed concurrently and released in 1999.

802.11 wireless amendments that are currently in deployment include:

• 802.11a

• 802.11b

• 802.11g

• 802.11n

(Reference: http://en.wikipedia.org/wiki/IEEE_802.11_(legacy_mode))

802.11a

The 802.11a amendment was released in 1999, and utilizes orthogonal

frequency-division multiplexing (OFDM) for modulation. 802.11a

operates in the 5.0-GHz frequency band, and has a maximum throughput of

54 Mbps. Specifically, 802.11a supports data rates of 6, 9, 12, 18, 24, 36, 48

and 54 Mbps, though the higher throughput is only available in close

proximity to the wireless access point (WAP)/transmitter.

Because 802.11a operates in the regulated 5.0-GHz band, it is generally free

of interference from other RF devices. However, the higher frequency

reduces the effective distance of the signal, and is more susceptible to being

absorbed by obstructing objects or walls.

802.11a is generally not compatible with other 802.11 amendments, as most

of the other amendments operate in the 2.4-GHz band.

In the U.S., 802.11a supports a total of 12 non-overlapping channels, 4 of

which can be used outdoors. Despite offering a large number of channels

and good throughput, 802.11a did not see the same level of widespread

deployment as the less expensive 802.11b and 802.11g amendments.

(Reference: http://en.wikipedia.org/wiki/IEEE_802.11a-1999)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

802.11b

The 802.11b amendment was also released in 1999, and utilizes

complementary code keying (CCK) for modulation. 802.11b operates in

the 2.4-GHz frequency band, and has a maximum throughput of 11 Mbps.

Specifically, 802.11b supports data rates of 1, 2, 5.5, and 11 Mbps.

Because 802.11b operates in the unregulated 2.4-GHz band, it is susceptible

to interference from other household RF devices.

In the U.S., 802.11b supports a total of 3 non-overlapping channels,

specifically channels 1, 6, and 11.

(Reference: http://en.wikipedia.org/wiki/IEEE_802.11b-1999)

802.11g

The 802.11g amendment was released in 2003, and utilizes orthogonal

frequency-division multiplexing (OFDM) for modulation. 802.11g

operates in the 2.4-GHz frequency band, and has a maximum throughput of

54 Mbps. Specifically, 802.11g supports data rates of 6, 9, 12, 18, 24, 36,

48, and 54 Mbps.

As with 802.11b, 802.11g operates in the unregulated 2.4-GHz band, and is

susceptible to interference from other household RF devices.

In the U.S., 802.11g supports a total of 3 non-overlapping channels,

specifically channels 1, 6, and 11.

802.11g is backward-compatible with 802.11b, as they both operate in the

2.4-GHz band. However, if an 802.11b device is present in an 802.11g

environment, 802.11g will revert to CCK modulation, and will only support

throughputs of 1, 2, 5.5, and 11 Mbps.

Neither 802.11b nor 802.11g are backward-compatible with 802.11a.

(Reference: http://en.wikipedia.org/wiki/IEEE_802.11g-2003)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

802.11n

The 802.11n amendment was officially released in 2009, though pre-release

(or draft) equipment has been available since 2007. 802.11n supports

significantly higher data rates than previous 802.11 amendments, through

the use of wider channels (40MHz channels instead of 20MHz) and

Multiple-Input Multiple-Output (MIMO).

MIMO employs multiple antennas on both the transmitter and receiver. The

resulting multiple data streams are then combined using Spatial Division

Multiplexing (SDM). This, coupled with 40MHz channels, allows 802.11n

to support throughput up to 600 Mbps.

802.11n devices are identified by the number of transmit and receive

antennas they support, with a format of Antennatransmit x Antennareceive. For

example, a WAP with four transmit and three receive antennas would be

identified as a 4 x 3 MIMO WAP.

802.11n can operate in either the 2.4-GHz or the 5.0-GHz frequency bands,

or both simultaneously. Thus, 802.11n is backwards compatible with

802.11a, 802.11b, and 802.11g. A pure 802.11n environment should operate

in the 5.0-GHz band to maximize throughput and to limit interference.

Note also that the wider 40-MHz channel reduces the number of available

non-overlapping channels in each band, which provides more incentive to

use the 5.0-GHz band. 802.11n does support 20-MHz channels, though this

will greatly reduce the maximum throughput.

(Reference: http://en.wikipedia.org/wiki/IEEE_802.11n-2009; http://www.airmagnet.com/assets/whitepaper/WP-802.11nPrimer.pdf;

http://www.ciscosystems.sc/en/US/prod/collateral/wireless/ps5678/ps6973/ps8382/prod_white_paper0900aecd806b8ce7_ns767_Netw

orking_Solutions_White_Paper.html)

The 802.11 Amendments – Quick Reference

802.11 802.11a 802.11b 802.11g 802.11n

Max Throughput 2 Mbps 54Mbps 11Mbps 54Mbps 600Mbps

Modulation DSSS OFDM CCK OFDM OFDM

Frequency Band 2.4GHz 5.0GHz 2.4GHz 2.4GHz 2.4/5.0GHz

Non-Overlapping Channels - 12 3 3 Varies*

Released 1997 1999 1999 2003 2009

* Varies depending on the Frequency Band, and whether 20MHz or 40MHz channels are being utilized.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

Associating with a Wireless Access Point (WAP)

Recall that a group of communicating 802.11 wireless devices is known as a

service set, and that there are two modes of 802.11 communication:

• Ad-hoc or Independent Basic Service Set (IBSS) – where wireless

clients communicate point-to-point with each other.

• Infrastructure or Basic Service Set (BSS) – where wireless clients

communicate via a Wireless Access Point (WAP).

Wireless clients must associate with a WAP before data can be forwarded.

Various parameters must match between the client and the WAP:

• Service Set Identifier (SSID)

• Data Rate

• Authentication

• Encryption/Data Integrity

The SSID is used to identify the wireless connection between a WAP (or

WAPs) and clients. A wireless client must be configured with the WAP’s

SSID to associate with it. Otherwise, a client can also request (via a probe)

the SSID if the WAP is configured to broadcast the SSID (via a beacon).

As a best practice, broadcasting is usually disabled in secure environments.

The SSID is often mistaken as a security feature; however, the SSID does

not authenticate users or encrypt data – it merely serves as an identifier for a

wireless connection. The SSID also provides separation between multiple

wireless LANs that might exist in an environment.

Wireless clients are often required to authenticate to a WAP. The original

802.11 standard provides for two methods of authentication:

• Open Authentication - authenticates any wireless client request.

• Shared-Key Authentication – requires a matching key to be

configured on both the wireless client and WAP.

Open authentication (essentially, no authentication) is used for devices that

cannot support a complex authentication process. Shared-key authentication

employs Wireless Equivalence Protocol (WEP) keys for authenticating

clients. WEP is covered in detail in the next section.

MAC-address filtering is an additional form of authentication, though not

defined in the 802.11 standard. A list of allowed MAC addresses must be

maintained on the WAP itself.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

100

Wireless Equivalence Protocol (WEP)

The emergence of 802.11 technologies has introduced new security

concerns, due to the open-air nature of wireless transmissions. Such

transmissions are easily intercepted, which necessitates mechanisms to not

only authenticate wireless clients, but also to secure data transfer (using

encryption) and to ensure data integrity (using a 32-bit CRC).

Wireless Equivalence Protocol (WEP) was developed as part of the original

802.11 standard. WEP utilizes the RC4 stream cipher for encryption, which

combines a key with a randomly-generated initialization vector (IV) to

provide confidentiality.

WEP comes in two common forms:

• 64-bit WEP – employs a 40-bit key with a 24-bit IV.

• 128-bit WEP – employs a 104-bit key with a 24-bit IV.

The 128-bit WEP key is represented as a 26-digit hexadecimal string.

WEP can be used with both Open and Shared-Key authentication. With

Open authentication, the WEP key is used only for encrypting data. With

Shared-Key authentication, the WEP key used for both authenticating the

wireless client and encrypting data. Regardless of the authentication method,

the WEP key(s) must be identical on both the wireless client and the WAP.

WEP Shared-Key authentication employs a four-way handshake:

1. The client makes an authentication request to the WAP.

2. The WAP responds with a clear-text challenge.

3. The client encrypts the challenge with its WEP key.

4. The WAP decrypts the encrypted challenge and compares it to the

original clear-text challenge.

The authentication process will only be successful if the WEP key is

identical on both the WAP and the client. Surprisingly, Shared-Key

authentication is less secure than Open authentication. A malicious attacker

can intercept both the clear-text and encrypted challenges, and thus

somewhat easily derive the encryption key.

WEP is no longer considered a viable security mechanism, as it is easily

compromised. Additionally, WEP provides only one-way authentication;

there is no mechanism within WEP for a client to authenticate the WAP.

(Reference: http://en.wikipedia.org/wiki/Wired_Equivalent_Privacy; http://www.wi-fiplanet.com/tutorials/article.php/1368661)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

101

Wi-Fi Protected Access (WPA)

Wi-Fi Protected Access (WPA) was developed by the Wi-Fi Alliance to

address the shortcomings of WEP. WPA incorporates some of the

techniques and protocols that were eventually standardized as part of the

802.11i amendment.

Temporal Key Integrity Protocol (TKIP) is the core component of WPA.

Though TKIP employs a RC4 stream cipher like WEP, it offers several

improvements, including:

• Per-Packet Key Hashing

• 64-bit Message Integrity Check (MIC)

• Broadcast Key Rotation

• Sequence Counting

Note: Cisco developed a proprietary implementation of TKIP that is not

compatible with WPA TKIP. However, Cisco devices will often support

both the standardized and propriety forms of TKIP.

WPA2, also developed by the Wi-Fi Alliance, incorporates all portions of

the 802.11i amendment. It added support for Advanced Encryption

Standard (AES) encryption with Cipher Block Chaining Message

Authentication Code Protocol (CCMP). AES-CCMP is considered

significantly more secure than the RC4 stream cipher used by WEP/TKIP.

WPA2 also added native support for Intrusion Detection Systems (IDS).

Both WPA and WPA2 support two modes, Personal and Enterprise.

WPA Personal employs pre-shared key (or passphrase) for authentication,

and is often referred to as WPA-PSK (Pre-Shared Key). The WPA key can

be represented as a 64-digit hexadecimal string, or an 8 to 63 character

ASCII string. As with WEP, this key-string must be identical on both the

client and the WAP.

WPA Enterprise employs an 802.1X/EAP server (such as a RADIUS

server) for centralized authentication. An authentication server eliminates

the need for static encryption/authentication keys to be configured on both

the client and the WAP.

802.1X/EAP authentication is covered in detail in the next sections.

(Reference: http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access;

http://www.cisco.com/en/US/prod/collateral/wireless/ps5678/ps430/ps4076/prod_brochure09186a00801f7d0b.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

102

802.1X and Extensible Authentication Protocol (EAP)

The 802.1X standard was developed by the IEEE to authenticate devices on

a Layer-2 port basis. It was originally developed for Ethernet (802.3) bridges

and switches, but was expanded to support the authentication of 802.11

wireless devices as well.

802.1X defines three roles in the authentication process:

• Supplicant – the device being authenticated. In an 802.11

environment, the supplicant would be the wireless client software.

• Authenticator – the device that is requiring the authentication. In an

802.11 environment, this is often the WAP.

• Authentication Server – the device that stores the user database, for

validating authentication credentials. This is often an external

RADIUS server, though some WAPs support a local user database.

802.1X provides the encapsulation of Extensible Authentication Protocol

(EAP) traffic, which serves as the framework for authenticating clients. EAP

is not an authentication mechanism in itself. Instead, EAP transports the

authentication data between supplicants, authenticators, and authentication

servers (all three of which must support 802.1X/EAP).

As a general framework, EAP supports a large number of methods for

authentication, including (but not limited to):

• Lightweight EAP (LEAP)

• EAP - Flexible Authentication via Secure Tunneling (EAP-FAST)

• EAP - Transport Layer Security (EAP-TLS)

• Protected EAP (PEAP)

With any form of EAP, wireless clients must authenticate with a RADIUS

server before any data traffic will be forwarded. Only EAP traffic is allowed

between the client and WAP before authentication occurs.

Authenticating clients using 802.1X/EAP offers several advantages over

Static-WEP and WPA-PSK, including:

• Centralized management of credentials

• Support for multiple encryption types

• Dynamic encryption keys

(Reference: http://en.wikipedia.org/wiki/IEEE_802.1X; http://en.wikipedia.org/wiki/Extensible_Authentication_Protocol;

http://www.ieee802.org/1/files/public/docs2000/P8021XOverview.PDF)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

103

Lightweight Extensible Authentication Protocol (LEAP)

Lightweight Extensible Authentication Protocol (LEAP) was developed

by Cisco, and is supported by WPA/WPA2 as an 802.1X authentication

method. LEAP employs a username/password for authentication via a

RADIUS server, and does not require the use of certificates.

LEAP is supported by most operating system, including Mac OS, Linux,

DOS, and most versions of Windows. LEAP additionally supports single

sign-on in Windows environments, allowing clients to perform Active

Directory (or NT Domain) and 802.1X authentication simultaneously.

LEAP authentication is a multi-step process:

1. The supplicant initiates the connection with a Start message.

2. The authenticator responds with a Request/Identity message.

3. The supplicant responds with an Identity message containing a

username.

4. The authenticator then forwards the username to the authentication

server with an Access Request message.

5. The supplicant and authentication server then authenticate each other

using a challenge/response method. The authentication server sends a

randomly-generated challenge to the supplicant. The supplicant then

generates a hash value from the challenge and its password, using

MD5. This hash value serves as the response back to the

authentication server, and eliminates the need for the actual password

to be transmitted between the two devices.

6. A Success message is generated if the supplicant and authentication

server have successfully authenticated each other, which informs the

authenticator that the supplicant can now pass data traffic.

Once authentication is completed, the supplicant and authentication server

then generate a pairwise master key (PMK). The PMK is used to create the

actual encryption keys for data transfer, via a four-way handshake.

LEAP was built on a variation of MS-CHAP, and is thus vulnerable to

dictionary attacks. A strong password policy is extremely important when

employing LEAP in a business environment. If strong passwords are not

possible, Cisco recommends utilizing EAP-FAST instead of LEAP.

(Reference: http://www.ciscosistemi.com/en/US/prod/collateral/wireless/ps5678/ps430/prod_qas0900aecd801764f1.html;

http://www.cisco.com/application/pdf/en/us/guest/netsol/ns386/c649/ccmigration_09186a0080871da5.pdf; CCNP ONT Exam

Certification Guide, Amir Ranjbar. Pages 262-264)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

104

EAP with Flexible Authentication via Secure Tunneling (EAP-FAST)

EAP-FAST was also developed by Cisco as an alternative to LEAP, and

was standardized by the IETF. Like LEAP, it utilizes a username/password

for authentication via a RADIUS server, and does not require the use of

certificates. Unlike LEAP, EAP-FAST is not vulnerable to dictionary

attacks, as it establishes a secure tunnel between the supplicant and

authentication server.

EAP-FAST is supported by most versions of Windows, and supports

Windows single sign-on in Active Directory/Domain environments.

EAP-FAST authentication is a three-phase process:

• Phase 0 (optional) – the supplicant is assigned a Protected Access

Credential (PAC), on a per-user basis. This phase is optional because

the PAC can be manually configured on the supplicant.

• Phase 1 – the supplicant and authentication server establish a secure

tunnel using the PAC.

• Phase 2 – the supplicant sends its username/password credentials to

the authentication server, via the secure tunnel.

(Reference: http://www.cisco.com/en/US/prod/collateral/wireless/ps5679/ps5861/prod_qas09186a00802030dc_ps430_Products_Q_and_A_Item.html;

CCNP ONT Exam Certification Guide, Amir Ranjbar. Pages 264-266)

EAP with Transport Layer Security (EAP-TLS)

EAP with Transport Layer Security (EAP-TLS) is an IETF standard

protocol, and was the first EAP authentication method used with 802.11

wireless networks.

EAP-TLS utilizes Public Key Infrastructure (PKI) to authenticate

supplicants using certificates. Both the supplicant and the authentication

server must be assigned a certificate from a Certificate Authority (CA)

server. Because of this, EAP-TLS is considered extremely secure, though the

complexity of client-side certificates makes it somewhat unpopular.

EAP-TLS is natively supported on most versions of Windows (2000 and

newer).

(Reference: http://www.cisco.com/en/US/tech/tk722/tk809/technologies_white_paper09186a008009256b.shtml; CCNP ONT Exam

Certification Guide, Amir Ranjbar. Pages 266-267)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

105

Protected EAP (PEAP)

Protected EAP (PEAP) was developed jointly by Cisco, Microsoft, and

RSA Security, and was submitted to the IETF for standardization.

PEAP utilizes TLS to create a secure tunnel between the supplicant and

authentication server. The key difference between PEAP and EAP-TLS is

that only the authentication server requires a PKI certificate – no certificate

is required on the supplicant.

PEAP authentication is a two-phase process:

1. The supplicant authenticates the authentication server by verifying the

server-side PKI certificate. If successful, the supplicant and

authentication server form the TLS tunnel.

2. The supplicant sends its username/password credentials to the

authentication server, via the secure tunnel. This is accomplished

using either EAP-MSCHAPv2 (for Windows-based authentication

servers) or EAP-GTC (Generic Token Card, for LDAP-based

authentication servers).

As with the other EAP-methods, a Success message is generated if the

supplicant and authentication server have successfully authenticated each

other, which informs the authenticator that the supplicant can pass traffic.

(Reference: http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a0080921f67.shtml; CCNP ONT

Exam Certification Guide, Amir Ranjbar. Pages 267-269)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

106

________________________________________________

Part II

The Cisco IOS

________________________________________________

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

107

Section 10

- Router Components -

Router Memory Components

Cisco routers (and switches) generally contain four types of memory:

• ROM (Read-Only Memory)

• Flash

• NVRAM (Non-Volatile RAM)

• RAM (Random-Access Memory)

ROM contains a bootstrap program called ROM Monitor (or ROMmon).

When a router is powered on, the bootstrap runs a hardware diagnostic

called POST (Power-On Self Test).

If POST completes successfully, the bootstrap then attempts to locate and

load the Cisco IOS (Internetwork Operating System) stored in Flash

memory. Flash memory can be erased or overwritten, thus making the Cisco

IOS upgradeable. The Cisco IOS is covered in great detail in other guides.

If the bootstrap cannot find the IOS in Flash, a stripped-down version of the

IOS that will be loaded from ROM instead. The contents of ROM cannot be

altered or erased; the entire ROM chip must be replaced if an upgrade/repair

is necessary.

If the bootstrap does find the IOS in Flash, it is loaded into RAM and

attempts to find a Startup Configuration (startup-config) file in NVRAM.

NVRAM is non-volatile, thus its contents will survive a power-cycle.

If the IOS cannot find a startup-config file in NVRAM, it will attempt to

load a configuration file from a TFTP server (this request is broadcasted to

255.255.255.255). If no TFTP server responds, the IOS will enter Initial

Configuration Mode, a series of interactive questions intended for quick

configuration of the router.

If the IOS does find a startup-config file in NVRAM, this file is loaded into

RAM, and becomes the Running Configuration (running-config). RAM is

a volatile memory, and thus its contents will be lost if the router is powercycled.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

108

Router Memory, Quick Reference

The following table details each of the basic types of router memory:

Memory Writable? Volatile? Function

ROM No No Stores bootstrap

Flash Yes No Stores IOS

NVRAM Yes No Stores startup-config

RAM Yes Yes Stores running-config

The Router Boot-Process, Quick Reference

The following details the router boot process:

1. The router is powered on.

2. The bootstrap program (ROMmon) is loaded from ROM.

3. The bootstrap runs POST.

4. The bootstrap attempts to load the IOS from Flash.

a. If the IOS is not found in Flash, the bootstrap loads into RAM

the basic IOS stored in ROM.

b. If the IOS is found in Flash, it is loaded into RAM.

5. The IOS attempts to load the startup-config file from NVRAM

a. If the startup-config is not found in NVRAM, the IOS attempts

to load a configuration file from TFTP.

b. If no TFTP server responds, the router enters Initial

Configuration Mode.

c. If the startup-config is found in NVRAM, it is loaded into

RAM.

6. The startup-config becomes the running-config in RAM.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

109

Interfaces vs Lines

Cisco devices contain two distinctly different types of ports, interfaces and

lines.

Interfaces connect routers and switches to each other. In other words, traffic

is actually routed or switched across interfaces. Examples of interfaces

include (but are not limited to):

• Serial interfaces

• Ethernet interfaces

• Fast Ethernet interfaces

• Token Ring interfaces

• ATM interfaces

Interfaces are identified by both the type of interface, and the interface

number (which always begins at “0”). Thus, the first Ethernet interface on a

router would be identified as Ethernet0.

Certain router families (such as the 3600 series) are modular, and have

multiple “slots” for interfaces. Thus, interfaces on these routers are

identified by both the module number and the interface number, formatted

as: module/interface. Thus, the third Fast Ethernet interface on the first

modular slot would be identified as FastEthernet0/2.

Lines identify ports that allow us to connect into, and then configure, Cisco

devices. The most common examples of lines include:

• Console ports

• Auxiliary ports

• VTY (telnet) ports

Just like interfaces, lines are identified by both the type of line, and the line

number (again, always begins at “0”). Thus, the first console port on a router

would be identified as Console0.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

110

Using Lines to Configure the IOS

As mentioned previously, three methods (or lines) exist to configure Cisco

IOS devices:

• Console ports

• Auxiliary ports

• VTY (telnet) ports

Nearly every modern Cisco router or switch includes a console port,

sometimes labeled on the device simply as con. The console port is generally

a RJ-45 connector, and requires a rollover cable to connect to. The opposite

side of the rollover cable connects to a PC’s serial port using a serial

terminal adapter.

From the PC, software such as HyperTerminal is required to make a

connection from the local serial port to the router console port. The

following settings are necessary for a successful connection:

• Bits per second - 9600 baud

• Data bits - 8

• Parity - None

• Stop bits - 1

• Flow Control - Hardware

Some Cisco devices include an auxiliary port, in addition to the console

port. The auxiliary port can function similarly to a console port, and can be

accessed using a rollover cable. Additionally, auxiliary ports support modem

commands, thus providing dial-in access to Cisco devices.

Telnet, and now SSH, are the most common methods of remote access to

routers and switches. The standard edition of the IOS supports up to 5

simultaneous VTY connections. Enterprise editions of the IOS support up

to 255 VTY connections.

There are two requirements before a router/switch will accept a VTY

connection:

• An IP address must be configured on an interface

• At least one VTY port must be configured with a password

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

111

Section 11

- Introduction to the Cisco IOS -

Cisco IOS

The Cisco IOS (Internetwork Operating System) is a command-line

interface used by nearly all current Cisco routers and Catalyst switches. The

IOS provides the mechanism to configure all Layer 2 and Layer 3 functions

on Cisco devices.

The IOS is structured into several modes, which contain sets of commands

specific to the function of that mode. Access to a specific mode (and specific

commands) is governed by privilege levels. (Both modes and privilege

levels are covered in great detail in this guide).

The following is a representation of the IOS command-line interface, with

an example command:

Router# show startup-config

All commands throughout all guides on this site will be represented like the

above. The following is an explanation of each component of the above

command:

Router # show startup-config

Hostname Mode Command Argument

Hitting the “enter” key after a command will usually yield output specific to

your command:

Router# show startup-config

version 12.2

service timestamps log uptime

service password-encryption

hostname Router

(Note: The above output was truncated to save space.)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

112

IOS Version Numbers

IOS version numbers are formatted as follows:

x.y(z)t

• The "x" designates a major revision number.

• The "y" designates a minor revision number.

• The "z" designates an individual release number

• The “t” designates a train identifier.

Thus, the third release of IOS version 12.4 would be identified as 12.4(3).

The major and minor revision numbers combined is often called the

Maintenance Release number (for example, “12.4”).

Trains identify IOS releases to specific markets, and are represented by a

single letter:

• The “T” or Technology train is continuously updated with new

features and security fixes.

• The “E” or Enterprise train contains features and commands for

enterprise-level equipment.

• The “S” or Service Provider train contains features and a

command-set for specific ISP equipment

The absence of a train identifier denotes a Mainline release. Security

updates are released for the mainline train, but new functionality is never

added to the feature set.

The latest version of the IOS (as of this writing) is 12.4(11)T. To view the

IOS version of your Cisco device:

Router# show version

The Cisco IOS is stored in Flash on Cisco routers and Catalyst switches, in

a .BIN file format. It can be upgraded using one of several methods:

• Replacing the existing Flash stick

• Via a TFTP server

• Via Xmodem

• Via a PCMCIA slot (not supported by all Cisco devices)

(Reference: http://en.wikipedia.org/wiki/Cisco_IOS)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

113

IOS Version Numbers (continued)

The IOS .bin file stored in flash follows a specific naming convention.

Observe the following IOS image:

c2600-ik9s-mz.121-3.T.bin

The following is an explanation of each component of the above file name:

C2600 ik9s m z 121 3 T

Cisco

Hardware

Feature

Set

Memory

Location

Compression

Format

Maintenance

Release #

Individual

Release #

Train

Identifier

(Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps1828/products_white_paper09186a008018305e.shtml)

The IOS supports a wide variety of feature sets. The following is a list of

common feature sets (and is by no means comprehensive):

• is

• ipbase

• ipvoice

• advsecurityk9

• advipservicesk9

• ik9s

• jk9s

• io3

• bin

(Reference: http://www.cisco.com/en/US/products/hw/routers/ps259/prod_bulletin09186a0080161082.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

114

IOS Modes on Cisco Devices

As stated earlier in this guide, the Cisco IOS is comprised of several modes,

each of which contains a set of commands specific to the function of that

mode.

By default, the first mode you enter when logging into a Cisco device is

User EXEC mode. User mode appends a “>” after the device hostname:

Router>

No configuration can be changed or viewed from User mode. Only basic

status information can be viewed from this mode.

Privileged EXEC mode allows all configuration files, settings, and status

information to be viewed. Privileged mode appends a “#” after the device

hostname:

Router#

To enter Privileged mode, type enable from User mode:

Router> enable

Router#

To return back to User mode from Privileged mode, type disable:

Router# disable

Router>

Very little configuration can be changed directly from Privileged mode.

Instead, to actually configure the Cisco device, one must enter Global

Configuration mode:

Router(config)#

To enter Global Configuration mode, type configure terminal from

Privileged Mode:

Router# configure terminal

Router(config)#

To return back to Privileged mode, type exit:

Router(config)# exit

Router#

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

115

IOS Modes on Cisco Devices (continued)

As its name implies, Global Configuration mode allows parameters that

globally affect the device to be changed. Additionally, Global Configuration

mode is sectioned into several sub-modes dedicated for specific functions.

Among the most common sub-modes are the following:

• Interface Configuration mode - Router(config-if)#

• Line Configuration mode - Router(config-line)#

• Router Configuration mode - Router(config-router)#

Recall the difference between interfaces and lines. Interfaces connect

routers and switches to each other. In other words, traffic is actually routed

or switched across interfaces. Examples of interfaces include Serial, ATM,

Ethernet, Fast Ethernet, and Token Ring.

To configure an interface, one must specify both the type of interface, and

the interface number (which always begins at “0”). Thus, to configure the

first Ethernet interface on a router:

Router(config)# interface ethernet 0

Router(config-if)#

Lines identify ports that allow us to connect into, and then configure, Cisco

devices. Examples would include console ports, auxiliary ports, and VTY

(or telnet) ports.

Just like interfaces, to configure a line, one must specify both the type of

line, and the line number (again, always begins at “0”). Thus, to configure

the first console line on a router:

Router(config)# line console 0

Router(config-line)#

Multiple telnet lines can be configured simultaneously. To configure the first

five telnet (or VTY) lines on a router:

Router(config)# line vty 0 4

Router(config-line)#

Remember that the numbering for both interfaces and lines begins with “0.”

Router Configuration mode is used to configure dynamic routing

protocols, such as RIP. This mode is covered in great detail in other guides.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

116

IOS Command Shortcuts

Shortcuts are allowed on the IOS command-line, as long as the truncated

command is not ambiguous. For example, observe the following commands:

Router# clear

Router# clock

Router# configure

Router# connect

Router# copy

Router# debug

We could use de as a shortcut for the debug command, as no other command

here begins with de. We could not, however, use co as a shortcut, as three

commands begin with those letters. The following error would be displayed:

Router# co

% Ambiguous command: “co”

If you type a command incorrectly, the IOS will point out your error:

Router# clcok

% Invalid input detected at “^” marker

Keyboard Shortcuts

Several hotkeys exist to simplify using the IOS interface:

Keyboard Shortcut Result

CTRL-B (or Left-Arrow) Moves cursor back one character

CTRL-F (or Right-Arrow) Moves cursor forward one character

CTRL-A Moves cursor to beginning of a line

CTRL-E Moves cursor to end of a line

ESC-B Moves cursor back one word

ESC-F Moves cursor forward one word

CTRL-P (or Up-Arrow) Returns previous command(s) from history buffer

CTRL-N (or Down-Arrow) Returns next command from history buffer

CTRL-Z Exits out of the current mode

TAB Finishes an incomplete command (assuming it is

not ambiguous)

(Reference: http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a008007e6d5.html#wp1028871)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

117

Terminal History Buffer

As implied in the previous section, the Cisco IOS keeps a history of

previously entered commands. By default, this history buffer stores the

previous 10 commands entered. To view the terminal history buffer:

RouterA# show history

enable

config t

hostname RouterA

exit

show history

The Up-Arrow key (or CTRL-P) allows you to scroll through previously

entered commands. To scroll back down the list, use the Down-Arrow key

(or CTRL-N).

To adjust the number of commands the history buffer stores (range 0-256):

RouterA# terminal history size 30

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

118

IOS Context-Sensitive Help

The question mark (?) is one of the most powerful tools in the Cisco IOS,

as it provides context-sensitive help for each IOS mode.

Typing ? at the command prompt displays a list of all commands available at

that mode, with explanations:

Router# ?

access-enable Create a temporary Access-List entry

access-profile Apply user-profile to interface

access-template Create a temporary Access-List entry

alps ALPS exec commands

archive manage archive files

audio-prompt load ivr prompt

bfe For manual emergency modes setting

call Load IVR call application

cd Change current directory

clear Reset functions

clock Manage the system clock

configure Enter configuration mode

connect Open a terminal connection

copy Copy from one file to another

debug Debugging functions (see also 'undebug')

Typing in part of a command with a ? displays a list of all commands that

begin with those characters:

Router# co?

configure connect copy

Typing in a full command followed by a ? displays the available options and

arguments for that command:

Router# clock ?

set Set the time and date

Notice the space between the command clock and the ?.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

119

The “Show” Command

The show command provides the ability to view a wide variety of

configuration and status information on your router. The command is

executed from Privileged mode, and the syntax is simple:

Router# show [argument]

There are literally dozens of arguments for the show command, and each

provides information on a specific aspect of the router. Numerous show

commands will be described throughout this and most other guides.

One common show command displays the IOS version, configurationregister

settings, router uptime, and basic router hardware information:

Router# show version

Cisco Internetwork Operating System Software

IOS (tm) 2500 Software (C2500-IS-L), Version 12.3(1a), RELEASE SOFTWARE (fc1)

Compiled Fri 09-Jan-03 11:23 by xxxxx

Image text-base: 0x0307F6E8, data-base: 0x00001000

ROM: System Bootstrap, Version 11.0(10c)XB2, PLATFORM SPECIFIC RELEASE SOFTWARE

(fc1)

BOOTLDR: 3000 Bootstrap Software (IGS-BOOT-R), Version 11.0(10c)XB2, PLATFORM

SPECIFIC RELEASE SOFTWARE (fc1)

Router uptime is 2 minutes

System returned to ROM by reload

System image file is "flash:c2500-is-l.123-1a.bin"

cisco 2500 (68030) processor (revision L) with 14336K/2048K bytes of memory.

Processor board ID 13587050, with hardware revision 00000000

Bridging software.

X.25 software, Version 3.0.0.

2 Ethernet/IEEE 802.3 interface(s)

2 Serial network interface(s)

32K bytes of non-volatile configuration memory.

16384K bytes of processor board System flash (Read ONLY)

Configuration register is 0x2102

(Example show version output from: http://www.cisco.com/en/US/products/hw/routers/ps233/products_tech_note09186a008009464c.shtml)

The following command provides output similar to show version:

Router# show hardware

Other common show commands will be described shortly.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

120

Enable Passwords

The enable password protects a router’s Privileged mode. This password can

be set or changed from Global Configuration mode:

Router(config)# enable password MYPASSWORD

Router(config)# enable secret MYPASSWORD2

The enable password command sets an unencrypted password intended for

legacy systems that do not support encryption. It is no longer widely used.

The enable secret command sets an MD5-hashed password, and thus is far

more secure. The enable password and enable secret passwords cannot be

identical. The router will not accept identical passwords for these two

commands.

Line Passwords and Configuration

Passwords can additionally be configured on router lines, such as telnet

(vty), console, and auxiliary ports. To change the password for a console

port and all telnet ports:

Router(config)# line console 0

Router(config-line)# login

Router(config-line)# password cisco1234

Router(config-line)# exec-timeout 0 0

Router(config-line)# logging synchronous

Router(config)# line vty 0 4

Router(config-line)# login

Router(config-line)# password cisco1234

Router(config-line)# exec-timeout 0 0

Router(config-line)# logging synchronous

The exec-timeout 0 0 command is optional, and disables the automatic

timeout of your connection. The two zeroes represent the timeout value in

minutes and seconds, respectively. Thus, to set a timeout for 2 minutes and

30 seconds:

Router(config-line)# exec-timeout 2 30

The logging synchronous command is also optional, and prevents system

messages from interrupting your command prompt.

By default, line passwords are stored in clear-text in configuration files. To

ensure these passwords are encrypted in all configuration files:

Router(config)# service password–encryption

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

121

Router Interfaces

Recall that, to configure an interface, one must specify both the type of

interface, and the interface number (which always begins at “0”). Thus, to

configure the first Ethernet interface on a router:

Router(config)# interface ethernet 0

Router(config-if)#

Certain router families (such as the 3600 series) are modular, and have

multiple “slots” for interfaces. All commands must reflect both the module

number and the interface number, formatted as: module/interface

Thus, to configure the third Fast Ethernet interface off of the first module:

Router(config)# interface fastethernet 0/2

Router(config-if)#

By default, all router interfaces are administratively shutdown. To take an

interface out of an administratively shutdown state:

Router(config)# interface fa 0/0

Router(config-if)# no shutdown

Notice the use of fa as a shortcut for fastethernet in the above example. To

manually force an interface into a shutdown state:

Router(config-if)# shutdown

To assign an IP address to an interface:

Router(config-if)# ip address 192.168.1.1 255.255.255.0

An additional secondary IP Address can be assigned to an interface:

Router(config-if)# ip address 192.168.1.1 255.255.255.0

Router(config-if)# ip address 192.168.1.2 255.255.255.0 secondary

Serial interfaces require special consideration. The DCE (Data

Communication Equipment) side of a serial connection must set the speed,

or clock rate, for the DTE (Data Terminal Equipment) side. Clock rate is

measured in BPS (bits-per-second).

To set the clock rate, if you are the DCE side of a serial connection:

Router(config)# interface serial 0

Router(config-if)# clock rate 64000

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

122

Status of Router Interfaces

To view the current status and configuration of all interfaces:

Router# show interfaces

Ethernet 0 is up, line protocol is up

Hardware is Ethernet, address is 5520.abcd.1111

Internet address is 192.168.1.1, subnet mask is 255.255.255.0

MTU 1500 bytes, BW 10000 Kbit, DLY 100000 usec, rely 255/255, load 1/255

Encapsulation ARPA, loopback not set, keepalive set (10 sec)

ARP type: ARPA, ARP Timeout 4:00:00

Last input 0:00:00, output 0:00:00, output hang never

Last clearing of “show interface” counters 0:00:00

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

Five minute input rate 0 bits/sec, 0 packets/sec

Five minute output rate 2000 bits/sec, 4 packets/sec

53352 packets input, 351251 bytes, 0 no buffer

Received 4125 broadcasts, 0 runts, 0 giants, 0 throttles

0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort

12142 packets output, 16039 bytes, 0 underruns

0 output errors, 0 collisions, 0 interface resets, 0 restarts

Ethernet 1 is up, line protocol is up

Hardware is Ethernet, address is 5520.abcd.1112

The show interfaces command displays a plethora of information, including:

• Current interface status (ethernet 0 is up, line protocol is up)

• MAC address (5520.abcd.1111)

• IP address (192.168.1.1)

• MTU (1500 bytes)

• Bandwidth (10 Mbps)

• Output and input queue status

• Traffic statistics (packets input, packets output, collisions, etc.)

To view the current status of a specific interface:

Router# show interfaces ethernet 0

To view only IP information for all interfaces:

Router# show ip interface brief

Interface IP Address OK? Method Status Protocol

Ethernet0 192.168.1.1 YES NVRAM up up

Ethernet1 192.168.2.1 YES NVRAM up up

Serial0 unassigned YES unset administratively down down

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

123

Status of Router Interfaces (continued)

Traffic can only be routed across an interface if its status is as follows:

Serial 0 is up, line protocol is up

The first part of this status (Serial0 is up) refers to the physical layer status

of the interface. The second part (line protocol is up) refers to the data-link

layer status of the interface. A status of up/up indicates that the physical

interface is active, and both sending and receiving keepalives.

An interface that is physically down will display the following status:

Serial 0 is down, line protocol is down

The mostly likely cause of the above status is a defective (or unplugged)

cable or interface.

There are several potential causes of the following status:

Serial 0 is up, line protocol is down

Recall that line protocol refers to data-link layer functions. Potential causes

of the above status could include:

• Absence of keepalives being sent or received

• Clock rate not set on the DCE side of a serial connection

• Different encapsulation types set on either side of the link

An interface that has been administratively shutdown will display the

following status:

Serial 0 is administratively down, line protocol is down

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

124

Managing Configuration Files

Cisco IOS devices employ two distinct configuration files

• running-config – stored in RAM, contains the active configuration

• startup-config – stored in NVRAM (or flash), contains the saved

configuration

Any configuration change made to an IOS device is made to the runningconfig.

Because the running-config file is stored in RAM, the contents of

this file will be lost during a power-cycle. Thus, we must save the contents

of the running-config to the startup-config file. We accomplish this by using

the copy command from Privileged mode:

Router# copy running-config startup-config

The copy command follows a very specific logic: copy [from] [to]. Thus, if

we wanted to copy the contents of the startup-config file to running-config:

Router# copy startup-config running-config

We can use shortcuts to simplify the above commands:

Router# copy run start

Router# copy start run

To view the contents of the running-config and startup-config files:

Router# show run

Router# show start

To delete the contents of the startup-config file:

Router# erase start

If the router is power-cycled after erasing the startup-config file, the router

will enter Initial Configuration Mode (sometimes called Setup Mode).

This mode is a series of interactive questions intended for quick

reconfiguration of the router.

Initial Configuration Mode can be exited by typing CTRL-C.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

125

“Piping” Commands

In newer versions of the Cisco IOS, the output of show commands can be

filtered to remove irrelevant lines, through the use of the pipe “ | ” character.

The following command will display the contents of the startup-config,

beginning with the first line containing the text ethernet:

Router# show startup | begin ethernet

The following command will exclude all lines containing the text ethernet:

Router# show startup | exclude ethernet

The following command will include all lines containing the text ethernet:

Router# show startup | include ethernet

Miscellaneous Commands

To change the hostname of your router:

Router(config)# hostname MyRouter

MyRouter(config)# hostname MyRouter

To assign a description to an interface for documentation purposes:

Router(config)# interface serial 0

Router(config-if)# description SBC T1 connection to Chicago

Router# show interfaces

Serial 0 is up, line protocol is up

Hardware is Serial

Internet address is 70.22.3.1, subnet mask is 255.255.255.0

Description: SBC T1 connection to Chicago

To create a banner message which users will see when logging into an IOS

device:

Router(config)# banner motd #

Logging into this router without authorization is illegal

and will be prosecuted!

The # symbol is used as a delimiter to indicate the beginning and end of the

banner. Any character can be used as a delimiter.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

126

IOS Troubleshooting Commands

The show tech-support command prints to screen every configuration file,

and the output of several important show commands. This can be redirected

to a file and either viewed or sent to Cisco for troubleshooting purposes:

Router# show tech-support

The debug command is a powerful tool to view real-time information and

events occurring on an IOS device. As with the show command, there are a

multitude of arguments for the debug command. An example debug

command is as follows:

Router# debug ip rip events

To disable a specific debugging command, simply preprend the word no in

front of the command:

Router# no debug ip rip events

To enable all possible debugging options on an IOS device:

Router# debug all

Using the debug all command is not recommended, as it will critically

impair router performance.

To disable all possible debugging options on an IOS device:

Router# no debug all

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

127

Section 12

- Advanced IOS Functions -

The Configuration Register

The configuration register (config-register) is a hexadecimal value that

controls various aspects of how a router boots, including:

• Baud Rate

• Boot Messages (enable/disable)

• Break (disable/ignore)

• Flash (read-only, read-write)

• NVRAM (use startup-config/bypass startup-config)

The default config-register is 0x2102. To view your router’s current configregister

setting:

Router# show version

32K bytes of non-volatile configuration memory.

16384K bytes of processor board System flash (Read ONLY)

Configuration register is 0x2102

Common config-register settings include:

Value Baud Rate Boots Into? Flash Startup-Config

0x2101 9600 IOS from ROM Read/Write Uses

0x2102 9600 IOS from Flash Read/Only Uses

0x2142 9600 IOS from Flash Read/Only Bypass

Remember, 0x2102 is the default config-register value on Cisco routers. In

order to upgrade the Cisco IOS, the config-register must be changed to

0x2101, so that the Flash memory becomes writeable.

To change the config-register from the IOS:

Router(config)# config-register 0x2142

This configuration change does not take affect until the next reboot.

(Reference: http://www.cisco.com/en/US/products/hw/routers/ps133/products_tech_note09186a008022493f.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

128

Backing up and Restoring the Cisco IOS

The Cisco IOS is stored in flash. Multiple IOS files can be loaded into flash,

assuming there is enough free space. You can view available free space, and

the name of any file(s) in flash, by typing:

Router# show flash

System flash directory:

File Length Name/status

1 4467254 c2500-ik9s-mz.122-4

[4467254 bytes used, 12309962 available, 16777216 total]

16384K bytes of processor board System flash (Read/Write)

To backup the IOS, a TFTP server is required. The TFTP server must have

IP connectivity to the router.

To backup the IOS file from the router’s flash to the TFTP server:

Router# copy flash tftp

You will be prompted for the following information:

• Address of remote host (the TFTP server)

• Source file name (the name of the file in flash)

• Destination file name

To load an IOS file from a TFTP server to the router’s flash:

Router# copy tftp flash

The process is nearly identical to copy a startup-configuration file to or from

a router’s NVRAM:

Router# copy startup tftp

Router# copy tftp startup

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

129

CDP (Cisco Discovery Protocol)

CDP is a Cisco propriety protocol used to collect information about locally

attached Cisco switches and routers. CDP is enabled by default on all IOS

enabled routers and switches, and sends out updates every 60 seconds.

CDP will provide the following information about directly connected

neighbors:

• Device ID – hostname of remote router/switch

• Local Interface – interface that remote router/switch is directly

connected to

• Holdtime – amount of time before remote device information is

purged from CDP table

• Capability – Type of remote device (router, switch, host)

• Platform – Model of remote device

To view CDP timers and hold-down information:

Router# show cdp

To display neighbor information:

Router# show cdp neighbors

To display traffic statistics:

Router# sh cdp traffic

To display port and interface information:

Router# sh cdp interface

To disable CDP on an interface:

Router(config-if)# no cdp enable

To globally disable CDP:

Router(config)# no cdp run

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

130

Telnet

It is possible to telnet from a router into a remote device, using either the

hostname or IP address of the remote device:

Router# telnet Router2

Router# telnet 172.17.1.2

To exit a telnet session:

Router2# exit

To return to the router you telnetted from, without exiting the session:

• Hold CTRL+SHIFT+6 and then release

• Type the character x

To view all open telnet sessions:

Router# show sessions

Privilege Levels

IOS devices have a total of 16 privilege levels, numbered 0 through 15.

User Exec mode is privilege level 1. Privileged Exec mode is privilege

level 15.

We can create a custom Privilege level, including the commands users are

allowed to input at that mode:

Router(config)# privilege exec all level 3 show interface

Router(config)# privilege exec all level 3 show ip route

Router(config)# privilege exec all level 3 show reload

To then enter that privilege level from User Mode:

Router> enable 3

Observing Performance Statistics on Cisco Routers

To view the processor load on a Cisco Router:

Router# show processes cpu

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

131

________________________________________________

Part III

Routing

________________________________________________

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

132

Section 13

- The Routing Table -

Routing Table Basics

Routing is the process of sending a packet of information from one network

to another network. Thus, routes are usually based on the destination

network, and not the destination host (host routes can exist, but are used

only in rare circumstances).

To route, routers build Routing Tables that contain the following:

• The destination network and subnet mask

• The “next hop” router to get to the destination network

• Routing metrics and Administrative Distance

The routing table is concerned with two types of protocols:

• A routed protocol is a layer 3 protocol that applies logical addresses

to devices and routes data between networks. Examples would be IP

and IPX.

• A routing protocol dynamically builds the network, topology, and

next hop information in routing tables. Examples would be RIP,

IGRP, OSPF, etc.

To determine the best route to a destination, a router considers three

elements (in this order):

• Prefix-Length

• Metric (within a routing protocol)

• Administrative Distance (between separate routing protocols)

Prefix-length is the number of bits used to identify the network, and is used

to determine the most specific route. A longer prefix-length indicates a more

specific route. For example, assume we are trying to reach a host address of

10.1.5.2/24. If we had routes to the following networks in the routing table:

10.1.5.0/24

10.0.0.0/8

The router will do a bit-by-bit comparison to find the most specific route

(i.e., longest matching prefix). Since the 10.1.5.0/24 network is more

specific, that route will be used, regardless of metric or Administrative

Distance.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

133

Administrative Distance vs. Metric

A “metric” allows a router to choose the best path within a routing protocol.

Distance vector routing protocols use “distance” (usually hop-count) as their

metric. Link state protocols utilize some sort of “cost” as their metric.

Only routes with the best metric are added to the routing table. Thus, even

if a particular routing protocol (for example, RIP) has four routes to the

same network, only the route with the best metric (hop-count in this

example) would make it to the routing table. If multiple equal-metric routes

exist to a particular network, most routing protocols will load-balance.

If your router is running multiple routing protocols, Administrative

Distance is used to determine which routing protocol to trust the most.

Lowest administrative distance wins.

Again: if a router receives two RIP routes to the same network, it will use

the routes’ metric to determine which path to use. If the metric is identical

for both routes, the router will load balance between both paths.

If a router receives a RIP and an OSPF route to the same network, it will use

Administrative Distance to determine which routing path to choose.

The Administrative Distance of common routing protocols (remember,

lowest wins):

Connected 0

Static 1

EIGRP Summary 5

External BGP 20

Internal EIGRP 90

IGRP 100

OSPF 110

IS-IS 115

RIP 120

External EIGRP 170

Internal BGP 200

Unknown 255

A route with an “unknown” Administrative Distance will never be inserted

into the routing table.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

134

Viewing the routing table

The following command will allow you to view the routing table:

Router# show ip route

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

C 192.168.1.0/24 is directly connected, Ethernet0

150.50.0.0/24 is subnetted, 1 subnets

C 150.50.200.0 is directly connected, Loopback1

C 192.168.123.0 is directly connected, Serial0

C 192.168.111.0 is directly connected, Serial1

R 10.0.0.0 [120/1] via 192.168.123.1, 00:00:00, Serial0

[120/1] via 192.168.111.2, 00:00:00, Serial1

S* 0.0.0.0/0 [1/0] via 192.168.1.1

Routes are labeled based on what protocol placed them in the table:

o C – Directly connected

o S – Static

o S* - Default route

o D - EIGRP

o R – RIP

o I – IGRP

o i – IS-IS

o O - OSPF

Notice the RIP routes contain the following field: [120/1]. This indicates

both the administrative distance and the metric (the 120 is the AD, and the 1

is the hop-count metric).

To clear all routes from the routing table, and thus forcing any routing

protocol to repopulate the table:

Router# clear ip route *

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

135

Choosing the Best Route (Example)

Assume the following routes existed to the following host: 192.168.111.5/24

O 192.168.111.0/24 [110/58] via 192.168.131.1, 00:00:00, Serial3

R 192.168.111.0/24 [120/1] via 192.168.123.1, 00:00:00, Serial0

R 192.168.111.0/24 [120/5] via 192.168.5.2, 00:00:00, Serial1

S 192.168.0.0/16 [1/0] via 10.1.1.1

We have two RIP routes, an OSPF route, and a Static route to that

destination. Which route will be chosen by the router?

Remember the three criteria the router considers:

• Prefix-Length

• Metric

• Administrative Distance

The static route has the lowest administrative distance (1) of any of the

routes; however, its prefix-length is less specific. 192.168.111.0/24 is a

more specific route than 192.168.0.0/16. Remember, prefix-length is always

considered first.

The second RIP route will not be inserted into the routing table, because it

has a higher metric (5) than the first RIP route (1). Thus, our routing table

will actually look as follows:

O 192.168.111.0/24 [110/58] via 192.168.131.1, 00:00:00, Serial3

R 192.168.111.0/24 [120/1] via 192.168.123.1, 00:00:00, Serial0

S 192.168.0.0/16 [1/0] via 10.1.1.1

Thus, the true choice is between the OSPF route and the first RIP route.

OSPF has the lowest administrative distance, and thus that route will be

preferred.

PLEASE NOTE: Calculating the lowest metric route within a routing

protocol occurs before administrative distance chooses the route it “trusts”

the most. This is why the order of the above “criteria” is prefix-length,

metric, and then administrative distance.

However, the route with the lowest administrative distance is always

preferred, regardless of metric (assuming the prefix-length is equal). Thus,

the metric is calculated first, but not preferred first over AD.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

136

Section 14

- Static vs. Dynamic Routing -

Static vs. Dynamic Routing

There are two basic methods of building a routing table: Statically or

Dynamically.

A static routing table is created, maintained, and updated by a network

administrator, manually. A static route to every network must be configured

on every router for full connectivity. This provides a granular level of

control over routing, but quickly becomes impractical on large networks.

Routers will not share static routes with each other, thus reducing

CPU/RAM overhead and saving bandwidth. However, static routing is not

fault-tolerant, as any change to the routing infrastructure (such as a link

going down, or a new network added) requires manual intervention. Routers

operating in a purely static environment cannot seamlessly choose a better

route if a link becomes unavailable.

Static routes have an Administrative Distance (AD) of 1, and thus are always

preferred over dynamic routes, unless the default AD is changed. A static

route with an adjusted AD is called a floating static route, and is covered in

greater detail in another guide.

A dynamic routing table is created, maintained, and updated by a routing

protocol running on the router. Examples of routing protocols include RIP

(Routing Information Protocol), EIGRP (Enhanced Interior Gateway

Routing Protocol), and OSPF (Open Shortest Path First). Specific dynamic

routing protocols are covered in great detail in other guides.

Routers do share dynamic routing information with each other, which

increases CPU, RAM, and bandwidth usage. However, routing protocols are

capable of dynamically choosing a different (or better) path when there is a

change to the routing infrastructure.

Do not confuse routing protocols with routed protocols:

• A routed protocol is a Layer 3 protocol that applies logical

addresses to devices and routes data between networks (such as IP)

• A routing protocol dynamically builds the network, topology, and

next hop information in routing tables (such as RIP, EIGRP, etc.)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

137

Static vs. Dynamic Routing (continued)

The following briefly outlines the advantages and disadvantages of static

routing:

Advantages of

Static Routing

• Minimal CPU/Memory overhead

• No bandwidth overhead (updates are not shared

between routers)

• Granular control on how traffic is routed

Disadvantages of

Static Routing

• Infrastructure changes must be manually adjusted

• No “dynamic” fault tolerance if a link goes down

• Impractical on large network

The following briefly outlines the advantages and disadvantages of dynamic

routing:

Advantages of

Dynamic Routing

• Simpler to configure on larger networks

• Will dynamically choose a different (or better)

route if a link goes down

• Ability to load balance between multiple links

Disadvantages of

Dynamic Routing

• Updates are shared between routers, thus

consuming bandwidth

• Routing protocols put additional load on router

CPU/RAM

• The choice of the “best route” is in the hands of

the routing protocol, and not the network

administrator

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

138

Dynamic Routing Categories

There are two distinct categories of dynamic routing protocols:

• Distance-vector protocols

• Link-state protocols

Examples of distance-vector protocols include RIP and IGRP. Examples of

link-state protocols include OSPF and IS-IS.

EIGRP exhibits both distance-vector and link-state characteristics, and is

considered a hybrid protocol.

Distance-vector Routing Protocols

All distance-vector routing protocols share several key characteristics:

• Periodic updates of the full routing table are sent to routing

neighbors.

• Distance-vector protocols suffer from slow convergence, and are

highly susceptible to loops.

• Some form of distance is used to calculate a route’s metric.

• The Bellman-Ford algorithm is used to determine the shortest path.

A distance-vector routing protocol begins by advertising directly-connected

networks to its neighbors. These updates are sent regularly (RIP – every 30

seconds; IGRP – every 90 seconds).

Neighbors will add the routes from these updates to their own routing tables.

Each neighbor trusts this information completely, and will forward their full

routing table (connected and learned routes) to every other neighbor. Thus,

routers fully (and blindly) rely on neighbors for route information, a concept

known as routing by rumor.

There are several disadvantages to this behavior. Because routing

information is propagated from neighbor to neighbor via periodic updates,

distance-vector protocols suffer from slow convergence. This, in addition to

blind faith of neighbor updates, results in distance-vector protocols being

highly susceptible to routing loops.

Distance-vector protocols utilize some form of distance to calculate a

route’s metric. RIP uses hopcount as its distance metric, and IGRP uses a

composite of bandwidth and delay.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

139

Link-State Routing Protocols

Link-state routing protocols were developed to alleviate the convergence

and loop issues of distance-vector protocols. Link-state protocols maintain

three separate tables:

• Neighbor table – contains a list of all neighbors, and the interface

each neighbor is connected off of. Neighbors are formed by sending

Hello packets.

• Topology table – otherwise known as the “link-state” table, contains

a map of all links within an area, including each link’s status.

• Shortest-Path table – contains the best routes to each particular

destination (otherwise known as the “routing” table”)

Link-state protocols do not “route by rumor.” Instead, routers send updates

advertising the state of their links (a link is a directly-connected network).

All routers know the state of all existing links within their area, and store

this information in a topology table. All routers within an area have identical

topology tables.

The best route to each link (network) is stored in the routing (or shortestpath)

table. If the state of a link changes, such as a router interface failing,

an advertisement containing only this link-state change will be sent to all

routers within that area. Each router will adjust its topology table

accordingly, and will calculate a new best route if required.

By maintaining a consistent topology table among all routers within an area,

link-state protocols can converge very quickly and are immune to routing

loops.

Additionally, because updates are sent only during a link-state change, and

contain only the change (and not the full table), link-state protocols are less

bandwidth intensive than distance-vector protocols. However, the three

link-state tables utilize more RAM and CPU on the router itself.

Link-state protocols utilize some form of cost, usually based on bandwidth,

to calculate a route’s metric. The Dijkstra formula is used to determine the

shortest path.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

140

Section 15

- Classful vs. Classless Routing -

Classful vs Classless routing protocols

Classful routing protocols do not send subnet mask information with their

routing updates. A router running a classful routing protocol will react in one

of two ways when receiving a route:

• If the router has a directly connected interface belonging to the same

major network, it will apply the same subnet mask as that interface.

• If the router does not have any interfaces belonging to the same major

network, it will apply the classful subnet mask to the route.

Belonging to same “major network” simply indicates that they belong to the

same “classful” network. For example:

• 10.3.1.0 and 10.5.5.0 belong to the same major network (10.0.0.0)

• 10.1.4.5 and 11.1.4.4 do not belong to the same major network

• 192.168.1.1 and 192.168.1.254 belong to the same major network

(192.168.1.0)

• 192.168.1.5 and 192.167.2.5 do not belong to the same major network.

Take the following example (assume the routing protocol is classful):

If Router B sends a routing update to Router A, it will not include the subnet

mask for the 10.2.0.0 network. Thus, Router A must make a decision.

If Router A has a directly connected interface that belongs to the same major

network (10.0.0.0), it will use the subnet mask of that interface for the route.

For example, if Router A has an interface on the 10.4.0.0/16 network, it will

apply a subnet mask of /16 to the 10.2.0.0 network.

If Router A does not have a directly connected interfacing belonging to the

same major network, it will apply the classful subnet mask of /8. This can

obviously cause routing difficulties.

When using classful routing protocols, the subnet mask must remain

consistent throughout your entire network.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

141

Classful vs Classless routing protocols (continued)

Classless routing protocols do send the subnet mask with their updates.

Thus, Variable Length Subnet Masks (VLSMs) are allowed when using

classless routing protocols.

Examples of classful routing protocols include RIPv1 and IGRP.

Examples of classless routing protocols include RIPv2, EIGRP, OSPF, and

IS-IS.

The IP Classless Command

The preceding section described how classful and classless protocols differ

when sending routing updates. Additionally, the router itself can operate

either “classfully” or “classlessly” when actually routing data.

When a “classful” router has an interface connected to a major network, it

believes it knows all routes connected to that major network.

For example, a router may have an interface attached to the 10.1.5.0/24

network. It may also have routes from a routing protocol, also for the

10.x.x.x network.

However, if the classful router receives a packet destined for a 10.x.x.x

subnet that is not in the routing table, it will drop that packet, even if there is

a default route.

Again, a classful router believes it knows all possible destinations in a major

network.

To configure your router in “classful” mode:

Router(config)# no ip classless

To configure your router in “classless” mode (this is default in IOS 12.0 and

greater):

Router(config)# ip classless

(Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094823.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

142

Limitations of Classful Routing Example

The following section will illustrate the limitations of classful routing, using

RIPv1 as an example. Consider the following diagram:

This particular scenario will work when using RIPv1, despite the fact that

we’ve subnetted the major 10.0.0.0 network. Notice that the subnets are

contiguous (that is, they belong to the same major network), and use the

same subnet mask.

When Router A sends a RIPv1 update to Router B via Serial0, it will not

include the subnet mask for the 10.1.0.0 network. However, because the

10.3.0.0 network is in the same major network as the 10.1.0.0 network, it

will not summarize the address. The route entry in the update will simply

state “10.1.0.0”.

Router B will accept this routing update, and realize that the interface

receiving the update (Serial0) belongs to the same major network as the

route entry of 10.1.0.0. It will then apply the subnet mask of its Serial0

interface to this route entry.

Router C will similarly send an entry for the 10.2.0.0 network to Router B.

Router B’s routing table will thus look like:

RouterB# show ip route

Gateway of last resort is not set

10.0.0.0/16 is subnetted, 4 subnets

C 10.3.0.0 is directly connected, Serial0

C 10.4.0.0 is directly connected, Serial1

R 10.1.0.0 [120/1] via 10.3.5.1, 00:00:00, Serial0

R 10.2.0.0 [120/1] via 10.4.5.1, 00:00:00, Serial1

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

143

Limitations of Classful Routing Example

Consider the following, slightly altered, example:

We’ll assume that RIPv1 is configured correctly on all routers. Notice that

our networks are no longer contiguous. Both Router A and Router C contain

subnets of the 10.0.0.0 major network (10.1.0.0 and 10.2.0.0 respectively).

Separating these networks now are two Class C subnets (192.168.123.0 and

192.168.111.0).

Why is this a problem? Again, when Router A sends a RIPv1 update to

Router B via Serial, it will not include the subnet mask for the 10.1.0.0

network. Instead, Router A will consider itself a border router, as the

10.1.0.0 and 192.168.123.0 networks do not belong to the same major

network. Router A will summarize the 10.1.0.0/16 network to its classful

boundary of 10.0.0.0/8.

Router B will accept this routing update, and realize that it does not have a

directly connected interface in the 10.x.x.x scheme. Thus, it has no subnet

mask to apply to this route. Because of this, Router B will install the

summarized 10.0.0.0 route into its routing table.

Router C, similarly, will consider itself a border router between networks

10.2.0.0 and 192.168.111.0. Thus, Router C will also send a summarized

10.0.0.0 route to Router B.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

144

Limitations of Classful Routing Example

Router B’s routing table will then look like:

RouterB# show ip route

Gateway of last resort is not set

C 192.168.123.0 is directly connected, Serial0

C 192.168.111.0 is directly connected, Serial1

R 10.0.0.0 [120/1] via 192.168.123.1, 00:00:00, Serial0

[120/1] via 192.168.111.2, 00:00:00, Serial1

That’s right, Router B now has two equal metric routes to get to the

summarized 10.0.0.0 network, one through Router A and the other through

Router C. Router B will now load balance all traffic to any 10.x.x.x network

between routers A and C. Suffice to say, this is not a good thing.

It gets better. Router B then tries to send routing updates to Router A and

Router C, including the summary route of 10.0.0.0/8. Router A’s routing

table looks like:

RouterA# show ip route

Gateway of last resort is not set

C 192.168.123.0 is directly connected, Serial0

10.0.0.0/16 is subnetted, 1 subnet

C 10.1.0.0 is directly connected, Ethernet0

Router A will receive the summarized 10.0.0.0/8 route from Router B, and

will reject it. This is because it already has the summary network of 10.0.0.0

in its routing table, and it’s directly connected. Router C will respond

exactly the same, and the 10.1.0.0/16 and 10.2.0.0/16 networks will never be

able to communicate.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

145

Section 16

- Configuring Static Routes -

Configuring Static Routes

The basic syntax for a static route is as follows:

Router(config)# ip route [destination_network] [subnet_mask] [next-hop]

Consider the following example:

RouterA will have the 172.16.0.0/16 and 172.17.0.0/16 networks in its

routing table as directly-connected routes. To add a static route on RouterA,

pointing to the 172.18.0.0/16 network off of RouterB:

RouterA(config)# ip route 172.18.0.0 255.255.0.0 172.17.1.2

Notice that we point to the IP address on RouterB’s fa0/0 interface as the

next-hop address. Likewise, to add a static route on RouterB, pointing to the

172.16.0.0/16 network off of RouterA:

RouterB(config)# ip route 172.16.0.0 255.255.0.0 172.17.1.1

To remove a static route, simply type no in front of it:

RouterA(config)# no ip route 172.18.0.0 255.255.0.0 172.17.1.2

On point-to-point links, an exit-interface can be specified instead of a nexthop

address. Still using the previous diagram as an example:

RouterA(config)# ip route 172.18.0.0 255.255.0.0 fa0/1

RouterB(config)# ip route 172.16.0.0 255.255.0.0 fa0/0

A static route using an exit-interface has an Administrative Distance of 0, as

opposed to the default AD of 1 for static routes. An exit-interface is only

functional on a point-to-point link, as there is only one possible next-hop

device.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

146

Advanced Static Routes Parameters

The Administrative Distance of a static route can be changed to form a

floating static route, which will only be used if there are no other routes

with a lesser AD in the routing table. A floating static route is often used as a

backup route to a dynamic routing protocol.

To change the Administrative Distance of a static route to 250:

RouterA(config)# ip route 172.18.0.0 255.255.0.0 172.17.1.2 250

Static routes will only remain in the routing table as long as the interface

connecting to the next-hop router is up. To ensure a static route remains

permantly in the routing table, even if the next-hop interface is down:

RouterA(config)# ip route 172.18.0.0 255.255.0.0 172.17.1.2 permanent

Static routes can additionally be used to discard traffic to specific networks,

by directing that traffic to a virtual null interface:

RouterA(config)# ip route 10.0.0.0 255.0.0.0 null0

Default Routes

Normally, if a specific route to a particular network does not exist, a router

will drop all traffic destined to that network.

A default route, or gateway of last resort, allows traffic to be forwarded,

even without a specific route to a particular network.

The default route is identified by all zeros in both the network and subnet

mask (0.0.0.0 0.0.0.0). It is the least specific route possible, and thus will

only be used if a more specific route does not exist (hence “gateway of last

resort”).

To configure a default route:

RouterA(config)# ip route 0.0.0.0 0.0.0.0 172.17.1.2

Advanced default routing is covered in great detail in another guide.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

147

Section 17

- RIP v1 & v2 -

RIP (Routing Information Protocol)

RIP is a standardized Distance Vector protocol, designed for use on smaller

networks. RIP was one of the first true Distance Vector routing protocols,

and is supported on a wide variety of systems.

RIP adheres to the following Distance Vector characteristics:

• RIP sends out periodic routing updates (every 30 seconds)

• RIP sends out the full routing table every periodic update

• RIP uses a form of distance as its metric (in this case, hopcount)

• RIP uses the Bellman-Ford Distance Vector algorithm to determine

the best “path” to a particular destination

Other characteristics of RIP include:

• RIP supports IP and IPX routing.

• RIP utilizes UDP port 520

• RIP routes have an administrative distance of 120.

• RIP has a maximum hopcount of 15 hops.

Any network that is 16 hops away or more is considered unreachable to RIP,

thus the maximum diameter of the network is 15 hops. A metric of 16 hops

in RIP is considered a poison route or infinity metric.

If multiple paths exist to a particular destination, RIP will load balance

between those paths (by default, up to 4) only if the metric (hopcount) is

equal. RIP uses a round-robin system of load-balancing between equal

metric routes, which can lead to pinhole congestion.

For example, two paths might exist to a particular destination, one going

through a 9600 baud link, the other via a T1. If the metric (hopcount) is

equal, RIP will load-balance, sending an equal amount of traffic down the

9600 baud link and the T1. This will (obviously) cause the slower link to

become congested.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

148

RIP Versions

RIP has two versions, Version 1 (RIPv1) and Version 2 (RIPv2).

RIPv1 (RFC 1058) is classful, and thus does not include the subnet mask

with its routing table updates. Because of this, RIPv1 does not support

Variable Length Subnet Masks (VLSMs). When using RIPv1, networks

must be contiguous, and subnets of a major network must be configured with

identical subnet masks. Otherwise, route table inconsistencies (or worse)

will occur.

RIPv1 sends updates as broadcasts to address 255.255.255.255.

RIPv2 (RFC 2543) is classless, and thus does include the subnet mask with

its routing table updates. RIPv2 fully supports VLSMs, allowing

discontiguous networks and varying subnet masks to exist.

Other enhancements offered by RIPv2 include:

• Routing updates are sent via multicast, using address 224.0.0.9

• Encrypted authentication can be configured between RIPv2 routers

• Route tagging is supported (explained in a later section)

RIPv2 can interoperate with RIPv1. By default:

• RIPv1 routers will sent only Version 1 packets

• RIPv1 routers will receive both Version 1 and 2 updates

• RIPv2 routers will both send and receive only Version 2 updates

We can control the version of RIP a particular interface will “send” or

“receive.”

Unless RIPv2 is manually specified, a Cisco will default to RIPv1 when

configuring RIP.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

149

RIPv1 Basic Configuration

Routing protocol configuration occurs in Global Configuration mode. On

Router A, to configure RIP, we would type:

Router(config)# router rip

Router(config-router)# network 172.16.0.0

Router(config-router)# network 172.17.0.0

The first command, router rip, enables the RIP process.

The network statements tell RIP which networks you wish to advertise to

other RIP routers. We simply list the networks that are directly connected to

our router. Notice that we specify the networks at their classful boundaries,

and we do not specify a subnet mask.

To configure Router B:

Router(config)# router rip

Router(config-router)# network 172.17.0.0

Router(config-router)# network 172.18.0.0

The routing table on Router A will look like:

RouterA# show ip route

Gateway of last resort is not set

C 172.16.0.0 is directly connected, Ethernet0

C 172.17.0.0 is directly connected, Serial0

R 172.18.0.0 [120/1] via 172.17.1.2, 00:00:00, Serial0

The routing table on Router B will look like:

RouterB# show ip route

Gateway of last resort is not set

C 172.17.0.0 is directly connected, Serial0

C 172.18.0.0 is directly connected, Ethernet0

R 172.16.0.0 [120/1] via 172.17.1.1, 00:00:00, Serial0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

150

Limitations of RIPv1

The example on the previous page works fine with RIPv1, because the

networks are contiguous and the subnet masks are consistent. Consider the

following example:

This particular scenario will still work when using RIPv1, despite the fact

that we’ve subnetted the major 10.0.0.0 network. Notice that the subnets are

contiguous (that is, they belong to the same major network), and use the

same subnet mask.

When Router A sends a RIPv1 update to Router B via Serial0, it will not

include the subnet mask for the 10.1.0.0 network. However, because the

10.3.0.0 network is in the same major network as the 10.1.0.0 network, it

will not summarize the address. The route entry in the update will simply

state “10.1.0.0”.

Router B will accept this routing update, and realize that the interface

receiving the update (Serial0) belongs to the same major network as the

route entry of 10.1.0.0. It will then apply the subnet mask of its Serial0

interface to this route entry.

Router C will similarly send an entry for the 10.2.0.0 network to Router B.

Router B’s routing table will thus look like:

RouterB# show ip route

Gateway of last resort is not set

10.0.0.0/16 is subnetted, 4 subnets

C 10.3.0.0 is directly connected, Serial0

C 10.4.0.0 is directly connected, Serial1

R 10.1.0.0 [120/1] via 10.3.5.1, 00:00:00, Serial0

R 10.2.0.0 [120/1] via 10.4.5.1, 00:00:00, Serial1

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

151

Limitations of RIPv1 (continued)

Consider the following, slightly altered, example:

We’ll assume that RIPv1 is configured correctly on all routers. Notice that

our networks are no longer contiguous. Both Router A and Router C contain

subnets of the 10.0.0.0 major network (10.1.0.0 and 10.2.0.0 respectively).

Separating these networks now are two Class C subnets (192.168.123.0 and

192.168.111.0).

Why is this a problem? Again, when Router A sends a RIPv1 update to

Router B via Serial, it will not include the subnet mask for the 10.1.0.0

network. Instead, Router A will consider itself a border router, as the

10.1.0.0 and 192.168.123.0 networks do not belong to the same major

network. Router A will summarize the 10.1.0.0/16 network to its classful

boundary of 10.0.0.0/8.

Router B will accept this routing update, and realize that it does not have a

directly connected interface in the 10.x.x.x scheme. Thus, it has no subnet

mask to apply to this route. Because of this, Router B will install the

summarized 10.0.0.0 route into its routing table.

Router C, similarly, will consider itself a border router between networks

10.2.0.0 and 192.168.111.0. Thus, Router C will also send a summarized

10.0.0.0 route to Router B.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

152

Limitations of RIPv1 (continued)

Router B’s routing table will then look like:

RouterB# show ip route

Gateway of last resort is not set

C 192.168.123.0 is directly connected, Serial0

C 192.168.111.0 is directly connected, Serial1

R 10.0.0.0 [120/1] via 192.168.123.1, 00:00:00, Serial0

[120/1] via 192.168.111.2, 00:00:00, Serial1

That’s right, Router B now has two equal metric routes to get to the

summarized 10.0.0.0 network, one through Router A and the other through

Router C. Router B will now load balance all traffic to any 10.x.x.x network

between routers A and C. Suffice to say, this is not a good thing.

It gets better. Router B then tries to send routing updates to Router A and

Router C, including the summary route of 10.0.0.0/8. Router A’s routing

table looks like:

RouterA# show ip route

Gateway of last resort is not set

C 192.168.123.0 is directly connected, Serial0

10.0.0.0/16 is subnetted, 1 subnet

C 10.1.0.0 is directly connected, Ethernet0

Router A will receive the summarized 10.0.0.0/8 route from Router B, and

will reject it. This is because it already has the summary network of 10.0.0.0

in its routing table, and it’s directly connected. Router C will respond

exactly the same, and the 10.1.0.0/16 and 10.2.0.0/16 networks will never be

able to communicate.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

153

RIPv2 Configuration

RIPv2 overcomes the limitations of RIPv1 by including the subnet mask in

its routing updates. By default, Cisco routers will use RIPv1. To change to

Version 2, you must type:

Router(config)# router rip

Router(config-router)# version 2

Thus, the configuration of Router A would be:

RouterA(config)# router rip

RouterA(config-router)# version 2

RouterA(config-router)# network 10.0.0.0

RouterA(config-router)# network 192.168.123.0

Despite the fact that RIPv2 is a classless routing protocol, we still specify

networks at their classful boundaries, without a subnet mask.

However, when Router A sends a RIPv2 update to Router B via Serial0, by

default it will still summarize the 10.1.0.0/16 network to 10.0.0.0/8. Again,

this is because the 10.1.0.0 and 192.168.123.0 networks do not belong to the

same major network. Thus, RIPv2 acts like RIPv1 in this circumstance…

…unless you disable auto summarization:

RouterA(config)# router rip

RouterA(config-router)# version 2

RouterA(config-router)# no auto-summary

The no auto-summary command will prevent Router A from summarizing

the 10.1.0.0 network. Instead, Router A will send an update that includes

both the subnetted network (10.1.0.0) and its subnet mask (255.255.0.0).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

154

RIP Timers

RIP has four basic timers:

Update Timer (default 30 seconds) – indicates how often the router will

send out a routing table update.

Invalid Timer (default 180 seconds) – indicates how long a route will

remain in a routing table before being marked as invalid, if no new updates

are heard about this route. The invalid timer will be reset if an update is

received for that particular route before the timer expires.

A route marked as invalid is not immediately removed from the routing

table. Instead, the route is marked (and advertised) with a metric of 16,

indicating it is unreachable, and placed in a hold-down state.

Hold-down Timer (default 180 seconds) – indicates how long RIP will

“suppress” a route that it has placed in a hold-down state. RIP will not

accept any new updates for routes in a hold-down state, until the hold-down

timer expires.

A route will enter a hold-down state for one of three reasons:

• The invalid timer has expired.

• An update has been received from another router, marking that route

with a metric of 16 (unreachable).

• An update has been received from another router, marking that route

with a higher metric than what is currently in the routing table (this is

to prevent loops).

Flush Timer (default 240 seconds) – indicates how long a route can remain

in a routing table before being flushed, if no new updates are heard about

this route. The flush timer runs concurrently with the hold-down timer, and

thus will flush out a route 60 seconds after it has been marked invalid.

RIP timers must be identical on all routers on the RIP network, otherwise

massive instability will occur.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

155

RIP Timers Configuration and Example

Consider the above example. Router A receives a RIP update from Router B

that includes network 172.18.0.0. Router A adds this network to its routing

table:

RouterA# show ip route

Gateway of last resort is not set

C 172.16.0.0 is directly connected, Ethernet0

C 172.17.0.0 is directly connected, Serial0

R 172.18.0.0 [120/1] via 172.17.1.2, 00:00:00, Serial0

Immediately, Router A sets an invalid timer of 180 seconds. If no update for

this route is heard for 180 seconds, several things will occur:

• The route is marked as invalid in the routing table.

• The route enters a hold-down state (triggering the hold-down timer).

• The flush timer is triggered.

• The route is advertised to all other routers as unreachable.

The hold-down timer runs for 180 seconds after the route is marked as

invalid. The router will not accept any new updates for this route until this

hold-down period expires. The flush timer runs for 240 seconds after the

route is marked as invalid.

If no update is heard at all, the route will be deleted completely once the

flush timer expires. By default, this will be 60 seconds after the hold-down

timer expires (240 – 180 seconds = 60 seconds). Remember, the hold-down

and flush timers run concurrently.

To configure the RIP timers:

Router(config)# router rip

Router(config-router)# timers basic 20 120 120 160

The timers basic command allows us to change the update (20), invalid

(120), hold-down (120), and flush (240) timers. To return the timers back to

their defaults:

Router(config-router)# no timers basic

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

156

RIP Loop Avoidance Mechanisms

RIP, as a Distance Vector routing protocol, is susceptible to loops.

Let’s assume no loop avoidance mechanisms are configured on either router.

If the 172.18.0.0 network fails, Router B will send out an update to Router A

within 30 seconds (whenever its update timer expires) stating that route is

unreachable (metric = 16).

But what if an update from Router A reaches Router B before this can

happen? Router A believes it can reach the 172.18.0.0 network in one hop

(through Router B). This will cause Router B to believe it can reach the

failed 172.18.0.0 network in two hops, through Router A. Both routers will

continue to increment the metric for the network until they reach a hop count

of 16, which is unreachable. This behavior is known as counting to infinity.

How can we prevent this from happening? There are several loop avoidance

mechanisms:

Split-Horizon – Prevents a routing update from being sent out the interface

it was received on. In our above example, this would prevent Router A from

sending an update for the 172.18.0.0 network back to Router B, as it

originally learned the route from Router B. Split-horizon is enabled by

default on Cisco Routers.

Route-Poisoning – Works in conjunction with split-horizon, by triggering

an automatic update for the failed network, without waiting for the update

timer to expire. This update is sent out all interfaces with an infinity metric

for that network.

Hold-Down Timers – Prevents RIP from accepting any new updates for

routes in a hold-down state, until the hold-down timer expires. If Router A

sends an update to Router B with a higher metric than what is currently in

Router B’s routing table, that route will be placed in a hold-down state.

(Router A’s metric for the 172.18.0.0 network is 1; while Router B’s metric

is 0).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

157

RIP Passive Interfaces

It is possible to control which router interfaces will participate in the RIP

process.

Consider the following scenario. Router C does not want to participate in the

RIP domain. However, it still wants to listen to updates being sent from

Router B, just not send any updates back to Router B:

RouterC(config)# router rip

RouterC(config-router)# network 10.4.0.0

RouterC(config-router)# network 10.2.0.0

RouterC(config-router)# passive-interface s0

The passive-interface command will prevent updates from being sent out of

the Serial0 interface, but Router C will still receive updates on this interface.

We can configure all interfaces to be passive using the passive-interface

default command, and then individually use the no passive-interface

command on the interfaces we do want updates to be sent out:

RouterC(config)# router rip

RouterC(config-router)# network 10.4.0.0

RouterC(config-router)# network 10.2.0.0

RouterC(config-router)# passive-interface default

RouterC(config-router)# no passive-interface e0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

158

RIP Neighbors

Recall that RIPv1 sends out its updates as broadcasts, whereas RIPv2 sends

out its updates as multicasts to the 224.0.0.9 address. We can configure

specific RIP neighbor commands, which will allow us to unicast routing

updates to those neighbors.

On Router B:

RouterB(config)# router rip

RouterB(config-router)# network 10.3.0.0

RouterB(config-router)# network 10.4.0.0

RouterB(config-router)# neighbor 10.3.5.1

RouterB(config-router)# neighbor 10.4.5.1

Router B will now unicast RIP updates to Router A and Router C.

However, Router B will still broadcast (if RIPv1) or multicast (if RIPv2) its

updates, in addition to sending unicast updates to its neighbors. In order to

prevent broadcast/multicast updates, we must also use passive interfaces:

RouterB(config)# router rip

RouterB(config-router)# passive-interface s0

RouterB(config-router)# passive-interface s1

RouterB(config-router)# neighbor 10.3.5.1

RouterB(config-router)# neighbor 10.4.5.1

The passive-interface commands prevent the updates from being

broadcasted or multicasted. The neighbor commands still allow unicast

updates to those specific neighbors.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

159

Interoperating between RIPv1 and RIPv2

Recall that, with some configuration, RIPv1 and RIPv2 can interoperate. By

default:

• RIPv1 routers will sent only Version 1 packets

• RIPv1 routers will receive both Version 1 and 2 updates

• RIPv2 routers will both send and receive only Version 2 updates

If Router A is running RIP v1, and Router B is running RIP v2, some

additional configuration is necessary.

Either we must configure Router A to send Version 2 updates:

RouterA(config)# interface s0

RouterA(config-if)# ip rip send version 2

Or configure Router B to accept Version 1 updates.

RouterB(config)# interface s0

RouterB(config-if)# ip rip receive version 1

Notice that this is configured on an interface. Essentially, we’re configuring

the version of RIP on a per-interface basis.

We can also have an interface send or receive both versions simultaneously:

RouterB(config)# interface s0

RouterB(config-if)# ip rip receive version 1 2

We can further for RIPv2 to send broadcast updates, instead of multicasts:

RouterB(config)# interface s0

RouterB(config)# ip rip v2-broadcast

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

160

Triggering RIP Updates

On point-to-point interfaces, we can actually force RIP to only send routing

updates if there is a change:

RouterB(config)# interface s0.150 point-to-point

RouterB(config-if)# ip rip triggered

Again, this is only applicable to point-to-point links. We cannot configure

RIP triggered updates on an Ethernet network.

Troubleshooting RIP

Various troubleshooting commands exist for RIP.

To view the IP routing table:

Router# show ip route

Gateway of last resort is not set

C 172.16.0.0 is directly connected, Ethernet0

C 172.17.0.0 is directly connected, Serial0

R 172.18.0.0 [120/1] via 172.17.1.2, 00:00:15, Serial0

R 192.168.123.0 [120/1] via 172.16.1.1, 00:00:00, Ethernet0

To view a specific route within the IP routing table:

Router# show ip route 172.18.0.0

Routing entry for 172.18.0.0/16

Known via “rip”, distance 120, metric 1

Last update from 172.17.1.2 on Serial 0, 00:00:15 ago

To debug RIP in real time:

Router# debug ip rip

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

161

Troubleshooting RIP (continued)

To view information specific to the RIP protocol:

Router# show ip protocols

Routing Protocol is "rip"

Sending updates every 30 seconds, next due in 20 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Incoming routes will have 4 added to metric if on list 1

Redistributing: connected, static, rip

Default version control: send version 1, receive any version

Interface Send Recv Triggered RIP Key-chain

Ethernet0 1 1 2

Serial0 1 2 1 2

Automatic network summarization is in effect

Maximum path: 4

Routing for Networks:

172.16.0.0

172.17.0.0

Routing Information Sources:

Gateway Distance Last Update

172.17.1.2 120 00:00:17

Distance: (default is 120)

This command provides us with information on RIP timers, on the RIP

versions configured on each interface, and the specific networks RIP is

advertising.

To view all routes in the RIP database, and not just the entries added to the

routing table:

Router# show ip rip database

7.0.0.0/8 auto-summary

7.0.0.0/8

[5] via 172.16.1.1, 00:00:06, Ethernet0

172.16.0.0/16 directly connected, Ethernet0

172.17.0.0/16 directly connected, Serial0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

162

Section 18

- Interior Gateway Routing Protocol -

IGRP (Interior Gateway Routing Protocol)

IGRP is a Cisco-proprietary Distance-Vector protocol, designed to be more

scalable than RIP, its standardized counterpart.

IGRP adheres to the following Distance-Vector characteristics:

• IGRP sends out periodic routing updates (every 90 seconds).

• IGRP sends out the full routing table every periodic update.

• IGRP uses a form of distance as its metric (in this case, a composite of

bandwidth and delay).

• IGRP uses the Bellman-Ford Distance Vector algorithm to determine

the best “path” to a particular destination.

Other characteristics of IGRP include:

• IGRP supports only IP routing.

• IGRP utilizes IP protocol 9.

• IGRP routes have an administrative distance of 100.

• IGRP, by default, supports a maximum of 100 hops. This value can

be adjusted to a maximum of 255 hops.

• IGRP is a classful routing protocol.

IGRP uses Bandwidth and Delay of the Line, by default, to calculate its

distance metric. Reliability, Load, and MTU are optional attributes that can

be used to calculate the distance metric.

IGRP requires that you include an Autonomous System (AS) number in its

configuration. Only routers in the same Autonomous system will send

updates between each other.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

163

Configuring IGRP

Routing protocol configuration occurs in Global Configuration mode. On

Router A, to configure IGRP, we would type:

Router(config)# router igrp 10

Router(config-router)# network 172.16.0.0

Router(config-router)# network 172.17.0.0

The first command, router igrp 10, enables the IGRP process. The “10”

indicates the Autonomous System number that we are using. Only other

IGRP routers in Autonomous System 10 will share updates with this router.

The network statements tell IGRP which networks you wish to advertise to

other RIP routers. We simply list the networks that are directly connected to

our router. Notice that we specify the networks at their classful boundaries,

and we do not specify a subnet mask.

To configure Router B:

Router(config)# router igrp 10

Router(config-router)# network 172.17.0.0

Router(config-router)# network 172.18.0.0

The routing table on Router A will look like:

RouterA# show ip route

Gateway of last resort is not set

C 172.16.0.0 is directly connected, Ethernet0

C 172.17.0.0 is directly connected, Serial0

I 172.18.0.0 [120/1] via 172.17.1.2, 00:00:00, Serial0

The routing table on Router B will look like:

RouterB# show ip route

Gateway of last resort is not set

C 172.17.0.0 is directly connected, Serial0

C 172.18.0.0 is directly connected, Ethernet0

I 172.16.0.0 [120/1] via 172.17.1.1, 00:00:00, Serial0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

164

Limitations of IGRP

The example on the previous page works fine with IGRP, because the

networks are contiguous and the subnet masks are consistent. Consider the

following example:

This particular scenario will still work when using IGRP, despite the fact

that we’ve subnetted the major 10.0.0.0 network. Notice that the subnets are

contiguous (that is, they belong to the same major network), and use the

same subnet mask.

When Router A sends an IGRP update to Router B via Serial0, it will not

include the subnet mask for the 10.1.0.0 network. However, because the

10.3.0.0 network is in the same major network as the 10.1.0.0 network, it

will not summarize the address. The route entry in the update will simply

state “10.1.0.0”.

Router B will accept this routing update, and realize that the interface

receiving the update (Serial0) belongs to the same major network as the

route entry of 10.1.0.0. It will then apply the subnet mask of its Serial0

interface to this route entry.

Router C will similarly send an entry for the 10.2.0.0 network to Router B.

Router B’s routing table will thus look like:

RouterB# show ip route

Gateway of last resort is not set

10.0.0.0/16 is subnetted, 4 subnets

C 10.3.0.0 is directly connected, Serial0

C 10.4.0.0 is directly connected, Serial1

I 10.1.0.0 [120/1] via 10.3.5.1, 00:00:00, Serial0

I 10.2.0.0 [120/1] via 10.4.5.1, 00:00:00, Serial1

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

165

Limitations of IGRP (continued)

Consider the following, slightly altered, example:

We’ll assume that IGRP is configured correctly on all routers. Notice that

our networks are no longer contiguous. Both Router A and Router C contain

subnets of the 10.0.0.0 major network (10.1.0.0 and 10.2.0.0 respectively).

Separating these networks now are two Class C subnets (192.168.123.0 and

192.168.111.0).

Why is this a problem? Again, when Router A sends an IGRP update to

Router B via Serial, it will not include the subnet mask for the 10.1.0.0

network. Instead, Router A will consider itself a border router, as the

10.1.0.0 and 192.168.123.0 networks do not belong to the same major

network. Router A will summarize the 10.1.0.0/16 network to its classful

boundary of 10.0.0.0/8.

Router B will accept this routing update, and realize that it does not have a

directly connected interface in the 10.x.x.x scheme. Thus, it has no subnet

mask to apply to this route. Because of this, Router B will install the

summarized 10.0.0.0 route into its routing table.

Router C, similarly, will consider itself a border router between networks

10.2.0.0 and 192.168.111.0. Thus, Router C will also send a summarized

10.0.0.0 route to Router B.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

166

Limitations of IGRP (continued)

Router B’s routing table will then look like:

RouterB# show ip route

Gateway of last resort is not set

C 192.168.123.0 is directly connected, Serial0

C 192.168.111.0 is directly connected, Serial1

I 10.0.0.0 [120/1] via 192.168.123.1, 00:00:00, Serial0

[120/1] via 192.168.111.2, 00:00:00, Serial1

That’s right, Router B now has two equal metric routes to get to the

summarized 10.0.0.0 network, one through Router A and the other through

Router C. Router B will now load balance all traffic to any 10.x.x.x network

between routers A and C. Suffice to say, this is not a good thing.

It gets better. Router B then tries to send routing updates to Router A and

Router C, including the summary route of 10.0.0.0/8. Router A’s routing

table looks like:

RouterA# show ip route

Gateway of last resort is not set

C 192.168.123.0 is directly connected, Serial0

10.0.0.0/16 is subnetted, 1 subnet

C 10.1.0.0 is directly connected, Ethernet0

Router A will receive the summarized 10.0.0.0/8 route from Router B, and

will reject it. This is because it already has the summary network of 10.0.0.0

in its routing table, and it’s directly connected. Router C will respond

exactly the same, and the 10.1.0.0/16 and 10.2.0.0/16 networks will never be

able to communicate.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

167

IGRP Timers

IGRP has four basic timers:

Update Timer (default 90 seconds) – indicates how often the router will

send out a routing table update.

Invalid Timer (default 270 seconds) – indicates how long a route will

remain in a routing table before being marked as invalid, if no new updates

are heard about this route. The invalid timer will be reset if an update is

received for that particular route before the timer expires.

A route marked as invalid is not immediately removed from the routing

table. Instead, the route is marked (and advertised) with a metric of 101

(remember, 100 maximum hops is default), indicating it is unreachable, and

placed in a hold-down state.

Hold-down Timer (default 280 seconds) – indicates how long IGRP will

“suppress” a route that it has placed in a hold-down state. IGRP will not

accept any new updates for routes in a hold-down state, until the hold-down

timer expires.

A route will enter a hold-down state for one of three reasons:

• The invalid timer has expired.

• An update has been received from another router, marking that route

with a metric of 101 (unreachable).

• An update has been received from another router, marking that route

with a higher metric than what is currently in the routing table (this is

to prevent loops).

Flush Timer (default 630 seconds) – indicates how long a route can remain

in a routing table before being flushed, if no new updates are heard about

this route. The flush timer runs concurrently with the hold-down timer, and

thus will flush out a route 350 seconds after it has been marked invalid.

IGRP timers must be identical on all routers on the IGRP network, otherwise

massive instability will occur.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

168

IGRP Loop Avoidance Mechanisms

IGRP, as a Distance Vector routing protocol, is susceptible to loops.

Let’s assume no loop avoidance mechanisms are configured on either router.

If the 172.18.0.0 network fails, Router B will send out an update to Router A

within 30 seconds (whenever its update timer expires) stating that route is

unreachable.

But what if an update from Router A reaches Router B before this can

happen? Router A believes it can reach the 172.18.0.0 network in one hop

(through Router B). This will cause Router B to believe it can reach the

failed 172.18.0.0 network in two hops, through Router A. Both routers will

continue to increment the metric for the network until they reach an infinity

hop count (by default, 101). This behavior is known as counting to infinity.

How can we prevent this from happening? There are several loop avoidance

mechanisms:

Split-Horizon – Prevents a routing update from being sent out the interface

it was received on. In our above example, this would prevent Router A from

sending an update for the 172.18.0.0 network back to Router B, as it

originally learned the route from Router B. Split-horizon is enabled by

default on Cisco Routers.

Route-Poisoning – Works in conjunction with split-horizon, by triggering

an automatic update for the failed network, without waiting for the update

timer to expire. This update is sent out all interfaces with an infinity metric

for that network.

Hold-Down Timers – Prevents IGRP from accepting any new updates for

routes in a hold-down state, until the hold-down timer expires. If Router A

sends an update to Router B with a higher metric than what is currently in

Router B’s routing table, that route will be placed in a hold-down state.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

169

IGRP Passive Interfaces

It is possible to control which router interfaces will participate in the IGRP

process.

Consider the following scenario. Router C does not want to participate in the

IGRP domain. However, it still wants to listen to updates being sent from

Router B, just not send any updates back to Router B:

RouterC(config)# router igrp 10

RouterC(config-router)# network 10.4.0.0

RouterC(config-router)# network 10.2.0.0

RouterC(config-router)# passive-interface s0

The passive-interface command will prevent updates from being sent out of

the Serial0 interface, but Router C will still receive updates on this interface.

We can configure all interfaces to be passive using the passive-interface

default command, and then individually use the no passive-interface

command on the interfaces we do want updates to be sent out:

RouterC(config)# router igrp 10

RouterC(config-router)# network 10.4.0.0

RouterC(config-router)# network 10.2.0.0

RouterC(config-router)# passive-interface default

RouterC(config-router)# no passive-interface e0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

170

Advanced IGRP Configuration

To change the maximum hop-count to 255 for IGRP:

Router(config)# router igrp 10

Router(config-router)# metric maximum-hops 255

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

171

Section 19

- Enhanced Interior Gateway Routing Protocol -

EIGRP (Enhanced Interior Gateway Routing Protocol)

EIGRP is a Cisco-proprietary Hybrid routing protocol, incorporating

features of both Distance-Vector and Link-State routing protocols.

EIGRP adheres to the following Hybrid characteristics:

• EIGRP uses Diffusing Update Algorithm (DUAL) to determine the

best path among all “feasible” paths. DUAL also helps ensure a loopfree

routing environment.

• EIGRP will form neighbor relationships with adjacent routers in the

same Autonomous System (AS).

• EIGRP traffic is either sent as unicasts, or as multicasts on address

224.0.0.10, depending on the EIGRP packet type.

• Reliable Transport Protocol (RTP) is used to ensure delivery of most

EIGRP packets.

• EIGRP routers do not send periodic, full-table routing updates.

Updates are sent when a change occurs, and include only the change.

• EIGRP is a classless protocol, and thus supports VLSMs.

Other characteristics of EIGRP include:

• EIGRP supports IP, IPX, and Appletalk routing.

• EIGRP applies an Administrative Distance of 90 for routes originating

within the local Autonomous System.

• EIGRP applies an Administrative Distance of 170 for external routes

coming from outside the local Autonomous System

• EIGRP uses Bandwidth and Delay of the Line, by default, to

calculate its distance metric. It also supports three other parameters to

calculate its metric: Reliability, Load, and MTU.

• EIGRP has a maximum hop-count of 224, though the default

maximum hop-count is set to 100.

EIGRP, much like OSPF, builds three separate tables:

• Neighbor table – list of all neighboring routers. Neighbors must

belong to the same Autonomous System

• Topology table – list of all routes in the Autonomous System

• Routing table – contains the best route for each known network

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

172

EIGRP Neighbors

EIGRP forms neighbor relationships, called adjacencies, with other routers

in the same AS by exchanging Hello packets. Only after an adjacency is

formed can routers share routing information. Hello packets are sent as

multicasts to address 224.0.0.10.

By default, on LAN and high-speed WAN interfaces, EIGRP Hellos are sent

every 5 seconds. On slower WAN links (T1 speed or slower), EIGRP Hellos

are sent every 60 seconds by default.

The EIGRP Hello timer can be adjusted on a per interface basis:

Router(config-if)# ip hello-interval eigrp 10 7

The above command allows us to change the hello timer to 7 seconds for

Autonomous System 10.

In addition to the Hello timer, EIGRP neighbors are stamped with a Hold

timer. The Hold timer indicates how long a router should wait before

marking a neighbor inactive, if it stops receiving hello packets from that

neighbor.

By default, the Hold timer is three times the Hello timer. Thus, on highspeed

links the timer is set to 15 seconds, and on slower WAN links the

timer is set to 180 seconds.

The Hold timer can also be adjusted on a per interface basis:

Router(config-if)# ip hold-interval eigrp 10 21

The above command allows us to change the hold timer to 21 seconds for

Autonomous System 10.

Changing the Hello timer does not automatically change the Hold timer.

Additionally, Hello and Hold timers do not need to match between routers

for an EIGRP neighbor relationship to form.

(Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080093f07.shtml#eigrp_work)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

173

EIGRP Neighbors (continued)

A neighbor table is constructed from the EIGRP Hello packets, which

includes the following information:

• The IP address of the neighboring router.

• The local interface that received the neighbor’s Hello packet.

• The Hold timer.

• A sequence number indicating the order neighbors were learned.

Adjacencies will not form unless the primary IP addresses on connecting

interfaces are on the same subnet. Neighbors cannot be formed on secondary

addresses.

If connecting interfaces are on different subnets, an EIGRP router will log

the following error to console when a multicast Hello is received:

00:11:22: IP-EIGRP: Neighbor 172.16.1.1 not on common

subnet for Serial0

Always ensure that primary IP addresses belong to the same subnet between

EIGRP neighbors.

To log all neighbor messages and errors to console, use the following two

commands:

Router(config)# router eigrp 10

Router(config-router)# eigrp log-neighbor-changes

Router(config-router)# eigrp log-neighbor-warnings

(Reference: http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a0080093f09.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

174

The EIGRP Topology Table

Once EIGRP neighbors form adjacencies, they will begin to share routing

information. Each router’s update contains a list of all routes known by that

router, and the respective metrics for those routes.

All such routes are added to an EIGRP router’s topology table. The route

with the lowest metric to each network will become the Feasible Distance

(FD). The Feasible Distance for each network will be installed into the

routing table.

The Feasible Distance is derived from the Advertised Distance of the router

sending the update, and the local router’s metric to the advertising router.

Confused? Consider the following example:

Router A has three separate paths to the Destination Network, either through

Router B, C, or D. If we add up the metrics to form a “distance” (the metrics

are greatly simplified in this example), we can determine the following:

• Router B’s Feasible Distance to the Destination Network is 8.

• Router C’s Feasible Distance to the Destination Network is 23.

• Router D’s Feasible Distance to the Destination Network is 9.

Router B sends an update to Router A, it will provide an Advertised

Distance of 8 to the Destination Network. Router C will provide an AD of

23, and D will provide an AD of 9.

Router A calculates the total distance to the Destination network by adding

the AD of the advertising router, with its own distance to reach that

advertising router. For example, Router A’s metric to Router B is 8; thus, the

total distance will be 16 to reach the Destination Network through Router B.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

175

The EIGRP Topology Table (continued)

Remember, however, that Router A’s Feasible Distance must be the route

with the lowest metric. If we add the Advertised Distance with the local

metric between each router, we would see that:

• The route through Router B has a distance of 16 to the destination

• The route through Router C has a distance of 27 to the destination

• The route through Router D has a distance of 11 to the destination

Thus, the route through Router D (metric of 11) would become the Feasible

Distance for Router A, and is added to the routing table as the best route.

This route is identified as the Successor.

To allow convergence to occur quickly if a link fails, EIGRP includes

backup routes in the topology table called Feasible Successors (FS). A

route will only become a Successor if its Advertised Distance is less than the

current Feasible Distance. This is known as a Feasible Condition (FC).

For example, we determined that Router A’s Feasible Distance to the

destination is 11, through Router D. Router C’s Advertised Distance is 23,

and thus would not become a Feasible Successor, as it has a higher metric

than Router A’s current Feasible Distance. Routes that are not Feasible

Successors become route Possibilities.

Router B’s Advertised Distance is 8, which is less than Router A’s current

Feasible Distance. Thus, the route through Router B to the Destination

Network would become a Feasible Successor.

Feasible Successors provide EIGRP with redundancy, without forcing

routers to re-converge (thus stopping the flow of traffic) when a topology

change occurs. If no Feasible Successor exists and a link fails, a route will

enter an Active (converging) state until an alternate route is found.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

176

EIGRP Packet Types

EIGRP employs five packet types:

• Hello packets - multicast

• Update packets – unicast or multicast

• Query packets – multicast

• Reply packets – unicast

• Acknowledgement packets - unicast

Hello packets are used to form neighbor relationships, and were explained

in detail previously. Hello packets are always multicast to address

224.0.0.10.

Update packets are sent between neighbors to build the topology and

routing tables. Updates sent to new neighbors are sent as unicasts. However,

if a route’s metric is changed, the update is sent out as a multicast to address

224.0.0.10.

Query packets are sent by a router when a Successor route fails, and there

are no Feasible Successors in the topology table. The router places the route

in an Active state, and queries its neighbors for an alternative route. Query

packets are sent as a multicast to address 224.0.0.10.

Reply packets are sent in response to Query packets, assuming the

responding router has an alternative route (feasible successor). Reply

packets are sent as a unicast to the querying router.

Recall that EIGRP utilizes the Reliable Transport Protocol (RTP) to

ensure reliable delivery of most EIGRP packets. Delivery is guaranteed by

having packets acknowledged using…..Acknowledgment packets!

Acknowledgment packets (also known as ACK’s) are simply Hello packets

with no data, other than an acknowledgment number. ACK’s are always sent

as unicasts. The following packet types employ RTP to ensure reliable

delivery via ACK’s:

• Update Packets

• Query Packets

• Reply Packets

Hello and Acknowledgments (ha!) packets do not utilize RTP, and thus do

not require acknowledgement.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

177

EIGRP Route States

An EIGRP route can exist in one of two states, in the topology table:

• Active state

• Passive State

A Passive state indicates that a route is reachable, and that EIGRP is fully

converged. A stable EIGRP network will have all routes in a Passive state.

A route is placed in an Active state when the Successor and any Feasible

Successors fail, forcing the EIGRP to send out Query packets and reconverge.

Multiple routes in an Active state indicate an unstable EIGRP

network. If a Feasible Successor exists, a route should never enter an Active

state.

Routes will become Stuck-in-Active (SIA) when a router sends out a Query

packet, but does not receive a Reply packet within three minutes. In other

words, a route will become SIA if EIGRP fails to re-converge.

To view the current state of routes in the EIGRP topology table:

Router# show ip eigrp topology

IP-EIGRP Topology Table for AS(10)/ID(172.19.1.1)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

r - reply Status, s - sia Status

P 10.3.0.0/16, 1 successors, FD is 2297856

via 172.16.1.2 (2297856/128256), Serial0

P 172.19.0.0/16, 1 successors, FD is 281600

via Connected, Serial 1

To view only active routes in the topology table:

Router# show ip eigrp topology active

IP-EIGRP Topology Table for AS(10)/ID(172.19.1.1)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

r - Reply status

A 172.19.0.0/16, 1 successors, FD is 23456056 1 replies,

active 0:00:38, query-origin: Multiple Origins

(Reference: http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a008010f016.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

178

EIGRP Metrics

EIGRP can utilize 5 separate metrics to determine the best route to a

destination:

• Bandwidth (K1) – Slowest link in the route path, measured in kilobits

• Load (K2) – Cumulative load of all outgoing interfaces in the path,

given as a fraction of 255

• Delay of the Line (K3) – Cumulative delay of all outgoing interfaces

in the path in tens of microseconds

• Reliability (K4) – Average reliability of all outgoing interfaces in the

path, given as a fraction of 255

• MTU (K5) – The smallest Maximum Transmission Unit in the path.

The MTU value is actually never used to calculate the metric

By default, only Bandwidth and Delay of the Line are used. This is

identical to IGRP, except that EIGRP provides a more granular metric by

multiplying the bandwidth and delay by 256. Bandwidth and delay are

determined by the interfaces that lead towards the destination network.

By default, the full formula for determining the EIGRP metric is:

[10000000/bandwidth + delay] * 256

The bandwidth value represents the link with the lowest bandwidth in the

path, in kilobits. The delay is the total delay of all outgoing interfaces in the

path.

As indicated above, each metric is symbolized with a “K” and then a

number. When configuring EIGRP metrics, we actually identify which

metrics we want EIGRP to consider. Again, by default, only Bandwidth and

Delay are considered. Thus, using on/off logic:

K1 = 1, K2 = 0, K3 = 1, K4 = 0, K5 = 0

If all metrics were set to “on,” the full formula for determining the EIGRP

metric would be:

[K1 * bandwidth * 256 + (K2 * bandwidth) / (256 - load)

+ K3 * delay * 256] * [K5 / (reliability + K4)]

Remember, the “K” value is either set to on (“1”) or off (“0”).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

179

Configuring EIGRP Metrics

EIGRP allows us to identify which metrics the protocol should consider,

using the following commands:

Router(config)# router eigrp 10

Router(config-router)# metric weights 0 1 1 1 0 0

The first command enables the EIGRP process for Autonomous System 10.

The second actually identifies which EIGRP metrics to use. The first number

(0) is for Type of Service, and should always be zero. The next numbers, in

order, are K1 (1), K2 (1), K3 (1), K4 (0), and K5 (0). Thus, we are

instructing EIGRP to use bandwidth, load, and delay to calculate the total

metric, but not reliability or MTU.

Our formula would thus be:

[K1 * bandwidth * 256 + (K2 * bandwidth) / (256 - load)

+ K3 * delay * 256]

The actual values of our metrics (such as bandwidth, delay, etc.) must be

configured indirectly. We can adjust the bandwidth of an interface:

Router(config)# int s0/0

Router(config-if)# bandwidth 64000

Router(config-if)# ip bandwidth-percent eigrp 10 30

However, this command does not actually dictate the physical speed of the

interface. It merely controls how EIGRP considers this interface. Best

practice is to set the bandwidth to the actual physical speed of the interface.

The ip bandwidth-percent eigrp command limits the percentage of

bandwidth EIGRP can use on an interface. The percentage is based on the

configured bandwidth value. By default, EIGRP will use up to 50% of the

bandwidth of an interface. The above command adjusts this to 30% for

Autonomous System 10.

If adjustments to the EIGRP metric need to be made, the delay metric (in

tens of microseconds) on an interface should be used:

Router(config)# int s0/0

Router(config-if)# delay 10000

Metric settings must be identical on the connecting interfaces of two

routers; otherwise they will not form a neighbor relationship.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

180

Configuring Basic EIGRP

Routing protocol configuration occurs in Global Configuration mode. On

Router A, to configure EIGRP, we would type:

RouterA(config)# router eigrp 10

RouterA(config-router)# network 172.16.0.0

RouterA(config-router)# network 10.0.0.0

The first command, router eigrp 10, enables the EIGRP process. The “10”

indicates the Autonomous System number that we are using. The

Autonomous System number can range from 1 to 65535.

Only other EIGRP routers in Autonomous System 10 will form neighbor

adjacencies and share updates with this router.

The network statements serve two purposes in EIGRP:

• First, they identify which networks you wish to advertise to other

EIGRP routers (similar to RIP).

• Second, they identify which interfaces on the local router to attempt to

form neighbor relationships out of (similar to OSPF).

Prior to IOS version 12.0(4), the network statements were classful, despite

the fact that EIGRP is a classless routing protocol. For example, the above

network 10.0.0.0 command would advertise the networks of directlyconnected

interfaces belonging to the 10.0.0.0/8 network and its subnets. It

would further attempt to form neighbor relationships out of these interfaces.

IOS version 12.0(4) and later provided us with more granular control of our

network statements. It introduced a wildcard mask parameter, which allows

us to choose the networks to advertise in a classless fashion:

RouterA(config)# router eigrp 10

RouterA(config-router)# network 172.16.0.0 0.0.255.255

RouterA(config-router)# network 10.1.4.0 0.0.0.255

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

181

EIGRP Passive Interfaces

It is possible to control which router interfaces will participate in the EIGRP

process. Just as with RIP, we can use the passive-interface command.

However, please note that the passive-interface command works differently

with EIGRP than with RIP or IGRP. EIGRP will no longer form neighbor

relationships out of a “passive” interface, thus this command prevents

updates from being sent or received out of this interface:

RouterC(config)# router eigrp 10

RouterC(config-router)# network 10.4.0.0

RouterC(config-router)# network 10.2.0.0

RouterC(config-router)# passive-interface s0

Router C will not form a neighbor adjacency with Router B.

We can configure all interfaces to be passive using the passive-interface

default command, and then individually use the no passive-interface

command on the interfaces we do want neighbors to be formed on:

RouterC(config)# router eigrp 10

RouterC(config-router)# network 10.4.0.0

RouterC(config-router)# network 10.2.0.0

RouterC(config-router)# passive-interface default

RouterC(config-router)# no passive-interface e0

Always remember, that the passive-interface command will prevent EIGRP

(and OSPF) from forming neighbor relationships out of that interface. No

routing updates are passed in either direction.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

182

EIGRP Auto-Summarization

EIGRP is a classless routing protocol that supports Variable Length Subnet

Masks (VLSMs). The above example would pose no problem for EIGRP.

However, EIGRP will still automatically summarize when crossing major

network boundaries.

For example, when Router A sends an EIGRP update to Router B via

Serial0, by default it will still summarize the 10.1.0.0/16 network to

10.0.0.0/8. This is because the 10.1.0.0/16 and 192.168.123.0/24 networks

do not belong to the same major network. Likewise, the 66.115.33.0/24

network will be summarized to 66.0.0.0/8.

An auto-summary route will be advertised as a normal internal EIGRP

route. The best metric from among the summarized routes will be applied to

this summary route.

The router that performed the auto-summarization will also add the

summary route to its routing table, with a next hop of the Null0 interface.

This is to prevent routing loops.

This auto-summarization can be disabled:

RouterA(config)# router eigrp 10

RouterA(config-router)# no auto-summary

The no auto-summary command will prevent Router A from summarizing

the 10.1.0.0/16 and 66.115.33.0/24 networks.

(Reference: http://www.cisco.com/en/US/tech/tk365/technologies_white_paper09186a0080094cb7.shtml#summarization)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

183

EIGRP Load-Balancing

By default, EIGRP will automatically load-balance across equal-metric

routes (four by default, six maximum). EIGRP also supports load-balancing

across routes with an unequal metric.

Consider the following example:

Earlier in this section, we established that Router A would choose the route

through Router D as its Feasible Distance to the destination network. The

route through Router B became a Feasible Successor.

By default, EIGRP will not load-balance between these two routes, as their

metrics are different (11 through Router D, 16 through Router B). We must

use the variance command to tell EIGRP to load-balance across these

unequal-metric links:

RouterA(config)# router eigrp 10

RouterA(config-router)# variance 2

RouterA(config-router)# maximum-paths 6

The variance command assigns a “multiplier,” in this instance of 2. We

multiply this variance value by the metric of our Feasible Distance (2 x 11

= 22). Thus, any Feasible Successors with a metric within twice that of our

Feasible Distance (i.e. 12 through 22) will now be used for load balancing

by EIGRP.

Remember, only Feasible Successors can be used for load balancing, not

Possibilities (such as the route through Router C).

The maximum-paths command adjusts the number of links EIGRP can loadbalance

across.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

184

Troubleshooting EIGRP

To view the EIGRP Neighbor Table:

Router# show ip eigrp neighbor

IP-EIGRP neighbors for process 10

H Address Interface Hold Uptime SRTT RTO Q Seq Type

(sec) (ms) Cnt Num

0 172.16.1.2 S0 13 00:00:53 32 200 0 2

0 172.18.1.2 S2 11 00:00:59 32 200 0 3

To view the EIGRP Topology Table, containing all EIGRP route

information:

Router# show ip eigrp topology

IP-EIGRP Topology Table for AS(10)/ID(172.19.1.1)

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

r - reply Status, s - sia Status

P 10.3.0.0/16, 1 successors, FD is 2297856

via 172.16.1.2 (2297856/128256), Serial0

P 172.19.0.0/16, 1 successors, FD is 281600

via Connected, Serial 1

P 172.18.0.0/16, 1 successors, FD is 128256

via Connected, Serial 2

P 172.16.0.0/16, 1 successors, FD is 2169856

via Connected, Serial0

To view information on EIGRP traffic sent and received on a router:

Router# show ip eigrp traffic

IP-EIGRP Traffic Statistics for process 10

Hellos sent/received: 685/429

Updates sent/received: 4/3

Queries sent/received: 0/0

Replies sent/received: 0/0

Acks sent/received: 1/2

Input queue high water mark 1, 0 drops

SIA-Queries sent/received: 0/0

SIA-Replies sent/received: 0/0

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

185

Troubleshooting EIGRP (continued)

To view the bandwidth, delay, load, reliability and MTU values of an

interface:

Router# show interface s0

Serial0 is up, line protocol is up

Hardware is HD64570

Internet address is 172.16.1.1/16

MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec,

reliability 255/255, txload 1/255, rxload 1/255

To view information specific to the EIGRP protocol:

Router# show ip protocols

Routing Protocol is "eigrp 10"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Default networks flagged in outgoing updates

Default networks accepted from incoming updates

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP maximum hopcount 100

EIGRP maximum metric variance 1

Redistributing: eigrp 10

Automatic network summarization is not in effect

Maximum path: 4

Routing for Networks:

172.16.0.0

172.18.0.0

172.19.0.0

Routing Information Sources:

Gateway Distance Last Update

(this router) 90 00:26:11

172.16.1.2 90 00:23:49

Distance: internal 90 external 170

This command provides us with information on EIGRP timers, EIGRP

metrics, summarization, and the specific networks RIP is advertising.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

186

Troubleshooting EIGRP (continued)

To view the IP routing table:

Router# show ip route

Gateway of last resort is not set

C 172.16.0.0 is directly connected, Serial0

C 172.19.0.0 is directly connected, Serial1

D 10.3.0.0 [90/2297856] via 172.16.1.2, 00:00:15, Serial0

To view a specific route within the IP routing table:

Router# show ip route 10.3.0.0

Routing entry for 10.3.0.0/16

Known via “eigrp 10”, distance 90, metric 2297856 type internal

Last update from 172.16.1.2 on Serial 0, 00:00:15 ago

To debug EIGRP in realtime:

Router# debug eigrp neighbors

Router# debug eigrp packet

Router# debug eigrp route

Router# debug eigrp summary

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

187

Section 20

- Open Shortest Path First -

OSPF (Open Shortest Path First)

OSPF is a standardized Link-State routing protocol, designed to scale

efficiently to support larger networks.

OSPF adheres to the following Link State characteristics:

• OSPF employs a hierarchical network design using Areas.

• OSPF will form neighbor relationships with adjacent routers in the

same Area.

• Instead of advertising the distance to connected networks, OSPF

advertises the status of directly connected links using Link-State

Advertisements (LSAs).

• OSPF sends updates (LSAs) when there is a change to one of its links,

and will only send the change in the update. LSAs are additionally

refreshed every 30 minutes.

• OSPF traffic is multicast either to address 224.0.0.5 (all OSPF

routers) or 224.0.0.6 (all Designated Routers).

• OSPF uses the Dijkstra Shortest Path First algorithm to determine

the shortest path.

• OSPF is a classless protocol, and thus supports VLSMs.

Other characteristics of OSPF include:

• OSPF supports only IP routing.

• OSPF routes have an administrative distance is 110.

• OSPF uses cost as its metric, which is computed based on the

bandwidth of the link. OSPF has no hop-count limit.

The OSPF process builds and maintains three separate tables:

• A neighbor table – contains a list of all neighboring routers.

• A topology table – contains a list of all possible routes to all known

networks within an area.

• A routing table – contains the best route for each known network.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

188

OSPF Neighbors

OSPF forms neighbor relationships, called adjacencies, with other routers in

the same Area by exchanging Hello packets to multicast address 224.0.0.5.

Only after an adjacency is formed can routers share routing information.

Each OSPF router is identified by a unique Router ID. The Router ID can

be determined in one of three ways:

• The Router ID can be manually specified.

• If not manually specified, the highest IP address configured on any

Loopback interface on the router will become the Router ID.

• If no loopback interface exists, the highest IP address configured on

any Physical interface will become the Router ID.

By default, Hello packets are sent out OSPF-enabled interfaces every 10

seconds for broadcast and point-to-point interfaces, and 30 seconds for nonbroadcast

and point-to-multipoint interfaces.

OSPF also has a Dead Interval, which indicates how long a router will wait

without hearing any hellos before announcing a neighbor as “down.” Default

for the Dead Interval is 40 seconds for broadcast and point-to-point

interfaces, and 120 seconds for non-broadcast and point-to-multipoint

interfaces. Notice that, by default, the dead interval timer is four times the

Hello interval.

These timers can be adjusted on a per interface basis:

Router(config-if)# ip ospf hello-interval 15

Router(config-if)# ip ospf dead-interval 60

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

189

OSPF Neighbors (continued)

OSPF routers will only become neighbors if the following parameters within

a Hello packet are identical on each router:

• Area ID

• Area Type (stub, NSSA, etc.)

• Prefix

• Subnet Mask

• Hello Interval

• Dead Interval

• Network Type (broadcast, point-to-point, etc.)

• Authentication

The Hello packets also serve as keepalives to allow routers to quickly

discover if a neighbor is down. Hello packets also contain a neighbor field

that lists the Router IDs of all neighbors the router is connected to.

A neighbor table is constructed from the OSPF Hello packets, which

includes the following information:

• The Router ID of each neighboring router

• The current “state” of each neighboring router

• The interface directly connecting to each neighbor

• The IP address of the remote interface of each neighbor

(Reference: http://www.cisco.com/warp/public/104/29.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

190

OSPF Designated Routers

In multi-access networks such as

Ethernet, there is the possibility of

many neighbor relationships on the

same physical segment. In the above

example, four routers are connected

into the same multi-access segment.

Using the following formula (where

“n” is the number of routers):

n(n-1)/2

…..it is apparent that 6 separate adjacencies are needed for a fully meshed

network. Increase the number of routers to five, and 10 separate adjacencies

would be required. This leads to a considerable amount of unnecessary Link

State Advertisement (LSA) traffic.

If a link off of Router A were to fail, it would flood this information to all

neighbors. Each neighbor, in turn, would then flood that same information to

all other neighbors. This is a waste of bandwidth and processor load.

To prevent this, OSPF will elect a Designated Router (DR) for each multiaccess

networks, accessed via multicast address 224.0.0.6. For redundancy

purposes, a Backup Designated Router (BDR) is also elected.

OSPF routers will form adjacencies with the DR and BDR. If a change

occurs to a link, the update is forwarded only to the DR, which then

forwards it to all other routers. This greatly reduces the flooding of LSAs.

DR and BDR elections are determined by a router’s OSPF priority, which

is configured on a per-interface basis (a router can have interfaces in

multiple multi-access networks). The router with the highest priority

becomes the DR; second highest becomes the BDR. If there is a tie in

priority, whichever router has the highest Router ID will become the DR.

To change the priority on an interface:

Router(config-if)# ip ospf priority 125

Default priority on Cisco routers is 1. A priority of 0 will prevent the router

from being elected DR or BDR. Note: The DR election process is not

preemptive. Thus, if a router with a higher priority is added to the network, it

will not automatically supplant an existing DR. Thus, a router that should

never become the DR should always have its priority set to 0.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

191

OSPF Neighbor States

Neighbor adjacencies will progress through several states, including:

Down – indicates that no Hellos have been heard from the neighboring

router.

Init – indicates a Hello packet has been heard from the neighbor, but twoway

communication has not yet been initialized.

2-Way – indicates that bidirectional communication has been established.

Recall that Hello packets contain a neighbor field. Thus, communication is

considered 2-Way once a router sees its own Router ID in its neighbor’s

Hello Packet. Designated and Backup Designated Routers are elected at

this stage.

ExStart – indicates that the routers are preparing to share link state

information. Master/slave relationships are formed between routers to

determine who will begin the exchange.

Exchange – indicates that the routers are exchanging Database Descriptors

(DBDs). DBDs contain a description of the router’s Topology Database. A

router will examine a neighbor’s DBD to determine if it has information to

share.

Loading – indicates the routers are finally exchanging Link State

Advertisements, containing information about all links connected to each

router. Essentially, routers are sharing their topology tables with each other.

Full – indicates that the routers are fully synchronized. The topology table of

all routers in the area should now be identical. Depending on the “role” of

the neighbor, the state may appear as:

• Full/DR – indicating that the neighbor is a Designated Router (DR)

• Full/BDR – indicating that the neighbor is a Backup Designated

Router (BDR)

• Full/DROther – indicating that the neighbor is neither the DR or

BDR

On a multi-access network, OSPF routers will only form Full adjacencies

with DRs and BDRs. Non-DRs and non-BDRs will still form adjacencies,

but will remain in a 2-Way State. This is normal OSPF behavior.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

192

OSPF Network Types

OSPF’s functionality is different across several different network topology

types. OSPF’s interaction with Frame Relay will be explained in another

section

Broadcast Multi-Access – indicates a topology where broadcast occurs.

• Examples include Ethernet, Token Ring, and ATM.

• OSPF will elect DRs and BDRs.

• Traffic to DRs and BDRs is multicast to 224.0.0.6. Traffic from

DRs and BDRs to other routers is multicast to 224.0.0.5.

• Neighbors do not need to be manually specified.

Point-to-Point – indicates a topology where two routers are directly

connected.

• An example would be a point-to-point T1.

• OSPF will not elect DRs and BDRs.

• All OSPF traffic is multicast to 224.0.0.5.

• Neighbors do not need to be manually specified.

Point-to-Multipoint – indicates a topology where one interface can connect

to multiple destinations. Each connection between a source and destination

is treated as a point-to-point link.

• An example would be Point-to-Multipoint Frame Relay.

• OSPF will not elect DRs and BDRs.

• All OSPF traffic is multicast to 224.0.0.5.

• Neighbors do not need to be manually specified.

Non-broadcast Multi-access Network (NBMA) – indicates a topology

where one interface can connect to multiple destinations; however,

broadcasts cannot be sent across a NBMA network.

• An example would be Frame Relay.

• OSPF will elect DRs and BDRs.

• OSPF neighbors must be manually defined, thus All OSPF traffic

is unicast instead of multicast.

Remember: on non-broadcast networks, neighbors must be manually

specified, as multicast Hello’s are not allowed.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

193

Configuring OSPF Network Types

The default OSPF network type for basic Frame Relay is Non-broadcast

Multi-access Network (NBMA). To configure manually:

Router(config)# interface s0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay map ip 10.1.1.1 101

Router(config-if)# ip ospf network non-broadcast

Router(config)# router ospf 1

Router(config-router)# neighbor 10.1.1.1

Notice that the neighbor was manually specified, as multicasting is not

allowed on an NBMA. However, the Frame-Relay network can be tricked

into allowing broadcasts, eliminating the need to manually specify

neighbors:

Router(config)# interface s0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay map ip 10.1.1.1 101 broadcast

Router(config-if)# ip ospf network broadcast

Notice that the ospf network type has been changed to broadcast, and the

broadcast parameter was added to the frame-relay map command. The

neighbor no longer needs to be specified, as multicasts will be allowed out

this map.

The default OSPF network type for Ethernet and Token Ring is Broadcast

Multi-Access. To configure manually:

Router(config)# interface e0

Router(config-if)# ip ospf network broadcast

The default OSPF network type for T1’s (HDLC or PPP) and Point-to-Point

Frame Relay is Point-to-Point. To configure manually:

Router(config)# interface s0

Router(config-if)# encapsulation frame-relay

Router(config)# interface s0.1 point-to-point

Router(config-if)# frame-relay map ip 10.1.1.1 101 broadcast

Router(config-if)# ip ospf network point-to-point

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

194

Configuring OSPF Network Types (continued)

The default OSPF network type for Point-to-Multipoint Frame Relay is still

Non-broadcast Multi-access Network (NBMA). However, OSPF supports

an additional network type called Point-to-Multipoint, which will allow

neighbor discovery to occur automatically. To configure:

Router(config)# interface s0

Router(config-if)# encapsulation frame-relay

Router(config)# interface s0.2 multipoint

Router(config-if)# frame-relay map ip 10.1.1.1 101 broadcast

Router(config-if)# ip ospf network point-to-multipoint

Additionally, a non-broadcast parameter can be added to the ip ospf network

command when specifying point-to-multipoint.

Router(config)# interface s0

Router(config-if)# encapsulation frame-relay

Router(config)# interface s0.2 multipoint

Router(config-if)# frame-relay map ip 10.1.1.1 101

Router(config-if)# ip ospf network point-to-multipoint non-broadcast

Router(config)# router ospf 1

Router(config-router)# neighbor 10.1.1.1

Notice the different in configuration. The frame-relay map command no

longer has the broadcast parameter, as broadcasts and multicasts are not

allowed on a non-broadcast network.

Thus, in the OSPF router configuration, neighbors must again be manually

specified. Traffic to those neighbors will be unicast instead of multicast.

OSPF network types must be set identically on two “neighboring” routers,

otherwise they will never form an adjacency.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

195

The OSPF Hierarchy

OSPF is a hierarchical system that separates an Autonomous System into

individual areas. OSPF traffic can either be intra-area (within one area),

inter-area (between separate areas), or external (from another AS).

OSPF routers build a Topology Database of all links within their area, and

all routers within an area will have an identical topology database. Routing

updates between these routers will only contain information about links local

to their area. Limiting the topology database to include only the local area

conserves bandwidth and reduces CPU loads.

Area 0 is required for OSPF to function, and is considered the “Backbone”

area. As a rule, all other areas must have a connection into Area 0, though

this rule can be bypassed using virtual links (explained shortly). Area 0 is

often referred to as the transit area to connect all other areas.

OSPF routers can belong to multiple areas, and will thus contain separate

Topology databases for each area. These routers are known as Area Border

Routers (ABRs).

Consider the above example. Three areas exist: Area 0, Area 1, and Area 2.

Area 0, again, is the backbone area for this Autonomous System. Both Area

1 and Area 2 must directly connect to Area 0.

Routers A and B belong fully to Area 1, while Routers E and F belong fully

to Area 2. These are known as Internal Routers.

Router C belongs to both Area 0 and Area 1. Thus, it is an ABR. Because it

has an interface in Area 0, it can also be considered a Backbone Router.

The same can be said for Router D, as it belongs to both Area 0 and Area 2.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

196

The OSPF Hierarchy (continued)

Now consider the above example. Router G has been added, which belongs

to Area 0. However, Router G also has a connection to the Internet, which is

outside this Autonomous System.

This makes Router G an Autonomous System Border Router (ASBR). A

router can become an ASBR in one of two ways:

• By connecting to a separate Autonomous System, such as the Internet

• By redistributing another routing protocol into the OSPF process.

ASBRs provide access to external networks. OSPF defines two “types” of

external routes:

• Type 2 (E2) – Includes only the external cost to the destination

network. External cost is the metric being advertised from outside the

OSPF domain. This is the default type assigned to external routes.

• Type 1 (E1) – Includes both the external cost, and the internal cost to

reach the ASBR, to determine the total metric to reach the destination

network. Type 1 routes are always preferred over Type 2 routes to the

same destination.

Thus, the four separate OSPF router types are as follows:

• Internal Routers – all router interfaces belong to only one Area.

• Area Border Routers (ABRs) – contains interfaces in at least two

separate areas

• Backbone Routers – contain at least one interface in Area 0

• Autonomous System Border Routers (ASBRs) – contain a

connection to a separate Autonomous System

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

197

LSAs and the OSPF Topology Database

OSPF, as a link-state routing protocol, does not rely on routing-by-rumor as

RIP and IGRP do.

Instead, OSPF routers keep track of the status of links within their respective

areas. A link is simply a router interface. From these lists of links and their

respective statuses, the topology database is created. OSPF routers forward

link-state advertisements (LSAs) to ensure the topology database is

consistent on each router within an area.

Several LSA types exist:

• Router LSA (Type 1) – Contains a list of all links local to the router, and

the status and “cost” of those links. Type 1 LSAs are generated by all

routers in OSPF, and are flooded to all other routers within the local area.

• Network LSA (Type 2) – Generated by all Designated Routers in OSPF,

and contains a list of all routers attached to the Designated Router.

• Network Summary LSA (Type 3) – Generated by all ABRs in OSPF,

and contains a list of all destination networks within an area. Type 3

LSAs are sent between areas to allow inter-area communication to occur.

• ASBR Summary LSA (Type 4) – Generated by ABRs in OSPF, and

contains a route to any ASBRs in the OSPF system. Type 4 LSAs are

sent from an ABR into its local area, so that Internal routers know how to

exit the Autonomous System.

• External LSA (Type 5) – Generated by ASBRs in OSPF, and contain

routes to destination networks outside the local Autonomous System.

Type 5 LSAs can also take the form of a default route to all networks

outside the local AS. Type 5 LSAs are flooded to all areas in the OSPF

system.

Multicast OSPF (MOSPF) utilizes a Type 6 LSA, but that goes beyond the

scope of this guide.

Later in this section, Type 7 NSSA External LSAs will be described in

detail.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

198

LSAs and the OSPF Topology Database (continued)

From the above example, the following can be determined:

• Routers A, B, E, and F are Internal Routers.

• Routers C and D are ABRs.

• Router G is an ASBR.

All routers will generate Router (Type 1) LSAs. For example, Router A

will generate a Type 1 LSA that contains the status of links FastEthernet 0/0

and FastEthernet 0/1. This LSA will be flooded to all other routers in Area 1.

Designated Routers will generate Network (Type 2) LSAs. For example, if

Router C was elected the DR for the multi-access network in Area 1, it

would generate a Type 2 LSA containing a list of all routers attached to it.

Area Border Routers (ABRs) will generate Network Summary (Type 3)

LSAs. For example, Router C is an ABR between Area 0 and Area 1. It will

thus send Type 3 LSAs into both areas. Type 3 LSAs sent into Area 0 will

contain a list of networks within Area 1, including costs to reach those

networks. Type 3 LSAs sent into Area 1 will contain a list of networks

within Area 0, and all other areas connected to Area 0. This allows Area 1 to

reach any other area, and all other areas to reach Area 1.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

199

LSAs and the OSPF Topology Database (continued)

ABRs will also generate ASBR Summary (Type 4) LSAs. For example,

Router C will send Type 4 LSAs into Area 1 containing a route to the

ASBR, thus providing routers in Area 1 with the path out of the

Autonomous System.

ASBRs will generate External (Type 5) LSAs. For example, Router G will

generate Type 5 LSAs that contain routes to network outside the AS. These

Type 5 LSAs will be flooded to routers of all areas.

Each type of LSA is propagated under three circumstances:

• When a new adjacency is formed.

• When a change occurs to the topology table.

• When an LSA reaches its maximum age (every 30 minutes, by

default).

Thus, though OSPF is typically recognized to only send updates when a

change occurs, LSA’s are still periodically refreshed every 30 minutes.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

200

The OSPF Metric

OSPF determines the best (or shortest) path to a destination network using a

cost metric, which is based on the bandwidth of interfaces. The total cost of

a route is the sum of all outgoing interface costs. Lowest cost is preferred.

Cisco applies default costs to specific interface types:

Type Cost

Serial (56K) 1785

Serial (64K) 1562

T1 (1.544Mbps) 64

Token Ring (4Mbps) 25

Ethernet (10 Mbps) 10

Token Ring (16 Mbps) 6

Fast Ethernet 1

On Serial interfaces, OSPF will use the configured bandwidth (measured in

Kbps) to determine the cost:

Router(config)# interface s0

Router(config-if)# bandwidth 64

The default cost of an interface can be superseded:

Router(config)# interface e0

Router(config-if)# ip ospf cost 5

Changing the cost of an interface can alter which path OSPF deems the

“shortest,” and thus should be used with great care.

To alter how OSPF calculates its default metrics for interfaces:

Router(config)# router ospf 1

Router(config-router)# ospf auto-cost reference-bandwidth 100

The above ospf auto-cost command has a value of 100 configured, which is

actually the default. This indicates that a 100Mbps link will have a cost of 1

(because 100/100 is 1). All other costs are based off of this. For example, the

cost of 4 Mbps Token Ring is 25 because 100/4 = 25.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

201

Configuring Basic OSPF

Routing protocol configuration occurs in Global Configuration mode. On

Router A, to configure OSPF:

RouterA(config)# router ospf 1

RouterA(config-router)# router-id 1.1.1.1

RouterA(config-router)# network 172.16.0.0 0.0.255.255 area 1

RouterA(config-router)# network 172.17.0.0 0.0.255.255 area 0

The first command, router ospf 1, enables the OSPF process. The “1”

indicates the OSPF process ID, and can be unique on each router. The

process ID allows multiple OSPF processes to run on the same router. The

router-id command assigns a unique OSPF ID of 1.1.1.1 for this router.

Note the use of a wildcard mask instead of a subnet mask in the network

statement. With OSPF, we’re not telling the router what networks to

advertise; we’re telling the router to place certain interfaces into specific

areas, so those routers can form neighbor relationships. The wildcard mask

0.0.255.255 tells us that the last two octets can match any number.

The first network statement places interface E0 on Router A into Area 1.

Likewise, the second network statement places interface S0 on Router A into

Area 0. The network statement could have been written more specifically:

RouterA(config)# router ospf 1

RouterA(config-router)# network 172.16.1.2 0.0.0.0 area 1

RouterA(config-router)# network 172.17.1.1 0.0.0.0 area 0

In order for Router B to form a neighbor relationship with Router A, its

connecting interface must be put in the same Area as Router A:

RouterB(config)# router ospf 1

RouterA(config-router)# router-id 2.2.2.2

RouterB(config-router)# network 172.17.1.2 0.0.0.0 area 0

RouterB(config-router)# network 172.18.1.1 0.0.0.0 area 2

If Router B’s S0 interface was placed in a different area than Router A’s S0

interface, the two routers would never form a neighbor relationship, and

never share routing updates.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

202

OSPF Passive-Interfaces

It is possible to control which router interfaces will participate in the OSPF

process. Just as with EIGRP and RIP, we can use the passive-interface

command.

However, please note that the passive-interface command works differently

with OSPF than with RIP or IGRP. OSPF will no longer form neighbor

relationships out of a “passive” interface, thus this command prevents

updates from being sent or received out of this interface:

RouterC(config)# router ospf 1

RouterC(config-router)# network 10.4.0.0 0.0.255.255 area 0

RouterC(config-router)# network 10.2.0.0 0.0.255.255 area 0

RouterC(config-router)# passive-interface s0

Router C will not form a neighbor adjacency with Router B.

It is possible to configure all interfaces to be passive using the passiveinterface

default command, and then individually use the no passiveinterface

command on the interfaces that neighbors should be formed on:

RouterC(config)# router ospf 1

RouterC(config-router)# network 10.4.0.0 0.0.255.255 area 0

RouterC(config-router)# network 10.2.0.0 0.0.255.255 area 0

RouterC(config-router)# passive-interface default

RouterC(config-router)# no passive-interface e0

Always remember, that the passive-interface command will prevent OSPF

(and EIGRP) from forming neighbor relationships out of that interface. No

routing updates are passed in either direction.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

203

OSPF Virtual Links

Earlier in this guide, it was stated that all areas must directly connect into

Area 0, as a rule. In the above example, Area 2 has no direct connection to

Area 0, but must transit through Area 1 to reach the backbone area. In

normal OSPF operation, this shouldn’t be possible.

There may be certain circumstances that may prevent an area from directly

connecting into Area 0. Virtual links can be used as a workaround, to

logically connect separated areas to Area 0. In the above example, a virtual

link would essentially create a tunnel from Area 2 to Area 0, using Area 1 a

transit area. One end of the Virtual Link must be connected to Area 0.

Configuration occurs on the Area Border Routers (ABRs) connecting Area

1 to Area 2 (Router B), and Area 1 to Area 0 (Router C). Configuration on

Router B would be as follows:

RouterB(config)# router ospf 1

RouterB(config-router)# router-id 2.2.2.2

RouterB(config-router)# area 1 virtual-link 3.3.3.3

The first command enables the ospf process. The second command manually

sets the router-id for Router B to 2.2.2.2.

The third command actually creates the virtual-link. Notice that it specifies

area 1, which is the transit area. Finally, the command points to the remote

ABR’s Router ID of 3.3.3.3.

Configuration on Router C would be as follows:

RouterC(config)# router ospf 1

RouterC(config-router)# router-id 3.3.3.3

RouterC(config-router)# area 1 virtual-link 2.2.2.2

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

204

OSPF Virtual Links (continued)

It is also possible to have two separated (or discontiguous) Area 0’s. In order

for OSPF to function properly, the two Area 0’s must be connected using a

virtual link.

Again, configuration occurs on the transit area’s ABRs:

RouterB(config)# router ospf 1

RouterB(config-router)# router-id 2.2.2.2

RouterB(config-router)# area 1 virtual-link 3.3.3.3

RouterC(config)# router ospf 1

RouterC(config-router)# router-id 3.3.3.3

RouterC(config-router)# area 1 virtual-link 2.2.2.2

Always remember: the area specified in the virtual-link command is the

transit area. Additionally, the transit area cannot be a stub area.

As stated earlier, if authentication is enabled for Area 0, the same

authentication must be configured on Virtual Links, as they are “extensions”

of Area 0:

RouterB(config)# router ospf 1

RouterB(config-router)# area 1 virtual-link 3.3.3.3 message-digest-key 1 md5 MYKEY

RouterC(config)# router ospf 1

RouterC(config-router)# area 1 virtual-link 2.2.2.2 message-digest-key 1 md5 MYKEY

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

205

Troubleshooting OSPF

To view the OSPF Neighbor Table:

Router# show ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

7.7.7.7 1 FULL/ - 00:00:36 150.50.17.2 Serial0

6.6.6.6 1 FULL/DR 00:00:11 150.50.18.1 Ethernet0

The Neighbor Table provides the following information about each

neighbor:

• The Router ID of the remote neighbor.

• The OSPF priority of the remote neighbor (used for DR/BDR

elections).

• The current neighbor state.

• The dead interval timer.

• The connecting IP address of the remote neighbor.

• The local interface connecting to the remote neighbor.

To view the OSPF topology table:

Router# show ip ospf database

OSPF Router with ID (9.9.9.9) (Process ID 10)

Router Link States (Area 0)

Link ID ADV Router Age Seq# Checksum Link count

7.7.7.7 7.7.7.7 329 0x80000007 0x42A0 2

8.8.8.8 8.8.8.8 291 0x80000007 0x9FFC 1

Summary Net Link States (Area 0)

Link ID ADV Router Age Seq# Checksum

192.168.12.0 7.7.7.7 103 0x80000005 0x13E4

192.168.34.0 7.7.7.7 105 0x80000003 0x345A

The Topology Table provides the following information:

• The actual link (or route).

• The advertising Router ID.

• The link-state age timer.

• The sequence number and checksum for each entry.

(Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps5187/products_command_reference_chapter09186a008017d02e.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

206

Troubleshooting OSPF (continued)

To view the specific information about an OSPF process:

Router# show ip ospf 1

Routing Process "ospf 1" with ID 9.9.9.9

Supports only single TOS(TOS0) routes

Supports opaque LSA

SPF schedule delay 5 secs, Hold time between two SPFs 10 secs

Minimum LSA interval 5 secs. Minimum LSA arrival 1 secs

Number of external LSA 0. Checksum Sum 0x0

Number of opaque AS LSA 0. Checksum Sum 0x0

Number of DCbitless external and opaque AS LSA 0

Number of DoNotAge external and opaque AS LSA 0

Number of areas in this router is 1. 1 normal 0 stub 0 nssa

External flood list length 0

Area BACKBONE(0)

Number of interfaces in this area is 1

Area has no authentication

SPF algorithm executed 3 times

Area ranges are

Number of LSA 2. Checksum Sum 0xDDEC

Number of opaque link LSA 0. Checksum Sum 0x0

Number of DCbitless LSA 0

Number of indication LSA 0

Number of DoNotAge LSA 0

Flood list length 0

The show ip ospf command provides the following information:

• The local Router ID.

• SPF Scheduling information, and various SPF timers.

• The number of interfaces in specific areas, including the type of area.

• The link-state age timer.

• The sequence number and checksum for each entry.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

207

Troubleshooting OSPF (continued)

To view OSPF-specific information on an interface:

Router# show ip ospf interface s0

Serial0 is up, line protocol is up

Internet Address 192.168.79.2/24, Area 0

Process ID 10, Router ID 9.9.9.9, Network Type POINT_TO_POINT, Cost: 64

Transmit Delay is 1 sec, State POINT_TO_POINT,

Timer intervals configured, Hello 10, Dead 40, Wait 40, Retransmit 5

Hello due in 00:00:04

Index 1/1, flood queue length 0

Next 0x0(0)/0x0(0)

Last flood scan length is 1, maximum is 1

Last flood scan time is 0 msec, maximum is 0 msec

Neighbor Count is 1, Adjacent neighbor count is 1

Adjacent with neighbor 7.7.7.7

Suppress hello for 0 neighbor(s)

The show ip ospf interface command provides the following information:

• The local Router ID.

• The interface network type.

• The OSPF cost for the interface.

• The interface Hello and Dead timers.

• A list of neighbor adjacencies.

To view routing protocol specific information for OSPF:

Router# show ip protocols

Routing Protocol is “ospf 10"

Invalid after 0 seconds, hold down 0, flushed after 0

Outgoing update filter list for all interfaces is

Incoming update filter list for all interfaces is

Routing for Networks:

192.168.79.0 0.0.0.255 area 0

192.168.109.0 0.0.0.255 area 0

Routing Information Sources:

Gateway Distance Last Update

7.7.7.7 110 00:01:05

Distance: (default is 110)

The show ip protocols command provides the following information:

• Locally originated networks that are being advertised.

• Neighboring sources for routing information

• The administrative distance of neighboring sources.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

208

Troubleshooting OSPF (continued)

To reset an OSPF process, including neighbor adjacencies:

Router# clear ip ospf process

To display information about OSPF virtual-links:

Router# show ip ospf virtual-links

To display routes to both ABRs and ASBRs:

Router# show ip ospf border-routers

To debug OSPF in realtime:

Router# debug ip ospf adj

Router# debug ip ospf events

Router# debug ip ospf hello

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

209

________________________________________________

Part IV

VLANs, Access-Lists, and Services

________________________________________________

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

210

Section 21

- VLANs and VTP -

Review of Collision vs. Broadcast Domains

In a previous guide, it was explained that a “collision domain” is a segment

where a collision can occur, and that a Layer-2 switch running in Full

Duplex breaks up collision domains. Thus, Layer-2 switches create more

collision domains, which results in fewer collisions.

However, Layer-2 switches do not break up broadcast domains, and thus

belong to only one broadcast domain. Layer-2 switches will forward a

broadcast or multicast out every port, excluding the port the broadcast or

multicast originated from.

Only Layer-3 devices can break apart broadcast domains. Because of this,

Layer-2 switches are not well suited for large, scalable networks. Layer-2

switches make forwarding decisions solely based on Data-Link layer MAC

addresses, and thus have no way of differentiating between one network and

another.

Virtual LANs (VLANs)

Virtual LANs (or VLANs) separate a Layer-2 switch into multiple

broadcast domains. Each VLAN is its own individual broadcast domain

(i.e. IP subnet).

Individual ports or groups of ports can be assigned to a specific VLAN.

Only ports belonging to the same VLAN can freely communicate; ports

assigned to separate VLANs require a router to communicate. Broadcasts

from one VLAN will never be sent out ports belonging to another VLAN.

Please note: a Layer-2 switch that supports VLANs is not necessarily a

Layer-3 switch. A Layer-3 switch, in addition to supporting VLANs, must

also be capable of routing, and caching IP traffic flows. Layer-3 switches

allow IP packets to be switched as opposed to routed, which reduces

latency.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

211

VLAN Example

Consider the following example:

Four computers are connected to a Layer-2 switch that supports VLANs.

Computers A and B belong to VLAN 1, and Computers C and D belong to

VLAN 2.

Because Computers A and B belong to the same VLAN, they belong to the

same IP subnet and broadcast domain. They will be able to communicate

without the need of a router.

Computers C and D likewise belong to the same VLAN and IP subnet. They

also can communicate without a router.

However, Computers A and B will not be able to communicate with

Computers C and D, as they belong to separate VLANs, and thus separate IP

subnets. Broadcasts from VLAN 1 will never go out ports configured for

VLAN 2. A router will be necessary for both VLANs to communicate.

Most Catalyst multi-layer switches have integrated or modular routing

processors. Otherwise, an external router is required for inter-VLAN

communication.

By default on Cisco Catalyst switches, all interfaces belong to VLAN 1.

VLAN 1 is considered the Management VLAN (by default).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

212

Advantages of VLANs

VLANs provide the following advantages:

Broadcast Control – In a pure Layer-2 environment, broadcasts are

received by every host on the switched network. In contrast, each VLAN

belongs to its own broadcast domain (or IP subnet); thus broadcast traffic

from one VLAN will never reach another VLAN.

Security – VLANs allow administrators to “logically” separate users and

departments.

Flexibility and Scalability – VLANs remove the physical boundaries of a

network. Users and devices can be added or moved anywhere on the

physical network, and yet remain assigned to the same VLAN. Thus, access

to resources will never be interrupted.

VLAN Membership

VLAN membership can be configured one of two ways:

• Statically – Individual (or groups of) switch-ports must be manually

assigned to a VLAN. Any device connecting to that switch-port(s)

becomes a member of that VLAN. This is a transparent process – the

client device is unaware that it belongs to a specific VLAN.

• Dynamically – Devices are automatically assigned into a VLAN

based on its MAC address. This allows a client device to remain in the

same VLAN, regardless of which switch port the device is attached to.

Cisco developed a dynamic VLAN product called the VLAN Membership

Policy Server (VMPS). In more sophisticated systems, a user’s network

account can be used to determine VLAN membership, instead of a device’s

MAC address.

Catalyst switches that participate in a VTP domain (explained shortly)

support up to 1005 VLANs. Catalyst switches configured in VTP

transparent mode support up to 4094 VLANs.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

213

Static VLAN Configuration

The first step in configuring VLANs is to create the VLAN:

Switch(config)# vlan 100

Switch(config-vlan)# name MY_VLAN

The first command creates VLAN 100, and enters VLAN configuration

mode. The second command assigns the name MY_VLAN to this VLAN.

Naming a VLAN is not required.

The list of VLANs is stored in Flash in a database file named vlan.dat.

However, information concerning which local interfaces are assigned to a

specific VLAN is not stored in this file; this information is instead stored in

the startup-config file of each switch.

Next, an interface (or range of interfaces) must be assigned to this VLAN.

The following commands will assign interface fa0/10 into the newly created

MY_VLAN.

Switch(config)# interface fa0/10

Switch(config-if)# switchport mode access

Switch(config-if)# switchport access vlan 100

The first command enters interface configuration mode. The second

command indicates that this is an access port, as opposed to a trunk port

(explained in detail shortly). The third command assigns this access port to

VLAN 100. Note that the VLAN number is specified, and not the VLAN

name.

To view the list of VLANs, including which ports are assigned to each

VLAN:

Switch# show vlan

VLAN Name Status Ports

---- -------------------------- --------- -----------

1 default active fa0/1-9,11-24

100 MY_VLAN active fa0/10

1002 fddi-default suspended

1003 token-ring-default suspended

1004 fddinet-default suspended

1005 trnet-default suspended

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

214

VLAN Port “Types”

There are two types of ports supported on a VLAN-enabled switch, access

ports and trunk ports.

An access port belongs to only one VLAN. Host devices, such as computers

and printers, plug into access ports. A host automatically becomes a member

of its access port’s VLAN. This is done transparently, and the host is usually

unaware of the VLAN infrastructure. By default, all switch ports are access

ports.

VLANs can span multiple switches. There are two methods of connecting

these VLANs together. The first requires creating “uplink” access ports

between all switches, for each VLAN. Obviously, in large switching and

VLAN environments, this quickly becomes unfeasible.

A better alternative is to use trunk ports. Trunk ports do not belong to a

single VLAN. Any or all VLANs can traverse trunk links to reach other

switches. Only Fast or Gigabit Ethernet ports can be used as trunk links.

The following diagram illustrates the advantage of using trunk ports, as

opposed to uplinking access ports:

VLAN A

VLAN B

VLAN C

VLAN A

VLAN B

VLAN C

VLAN A, B, C VLAN A, B, C

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

215

VLAN Frame-Tagging

When utilizing trunk links, switches need a mechanism to identify which

VLAN a particular frame belongs to. Frame tagging places a VLAN ID in

each frame, identifying which VLAN the frame belongs to.

Tagging occurs only when a frame is sent out a trunk port. Consider the

following example:

If Computer 1 sends a frame to Computer 2, no frame tagging will occur.

The frame never leaves the Switch 1, stays within its own VLAN, and will

simply be switched to Computer 2.

If Computer 1 sends a frame to Computer 3, which is in a separate VLAN,

frame tagging will still not occur. Again, the frame never leaves the switch,

but because Computer 3 is in a different VLAN, the frame must be routed.

If Computer 1 sends a frame to Computer 5, the frame must be tagged

before it is sent out the trunk port. It is stamped with its VLAN ID (in this

case, VLAN A), and when Switch 2 receives the frame, it will only forward

it out ports belonging to VLAN A (fa0/0, and fa0/1). If Switch 2 has

Computer 5’s MAC address in its CAM table, it will only send it out the

appropriate port (fa0/0).

Cisco switches support two frame-tagging protocols, Inter-Switch Link

(ISL) and IEEE 802.1Q.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

216

Inter-Switch Link (ISL)

ISL is Cisco’s proprietary frame-tagging protocol, and supports Ethernet,

Token Ring, FDDI, and ATM frames.

ISL encapsulates a frame with an additional header (26 bytes) and trailer (4

bytes), increasing the size of an Ethernet frame up to 30 bytes. The header

contains the 10 byte VLAN ID. The trailer contains an additional 4-byte

CRC for data-integrity purposes.

Because ISL increases the size of a frame, non-ISL devices (i.e. non-Cisco

devices) will actually drop ISL-tagged frames. Many devices are configured

with a maximum acceptable size for Ethernet frames (usually 1514 or 1518

bytes). ISL frames can be as large as 1544 bytes; thus, non-ISL devices will

see these packets as giants (or corrupted packets).

ISL has deprecated in use over time. Newer Catalyst models may not

support ISL tagging.

IEEE 802.1Q

IEEE 802.1Q, otherwise known as DOT1Q, is the standardized frametagging

protocol supported by most switch manufacturers, including Cisco.

Thus, switches from multiple vendors can be trunked together.

Instead of adding an additional header and trailer, 802.1Q actually embeds a

4-byte VLAN ID into the Layer-2 frame header. This still increases the

size of a frame from its usual 1514 bytes to 1518 bytes (or from 1518 bytes

to 1522 bytes). However, most modern switches support 802.1Q tagging and

the slight increase in frame size.

Neither ISL nor 802.1Q tagging alter the source or destination address in the

Layer-2 header.

Manual vs. Dynamic Trunking

ISL or 802.1Q tagging can be manually configured on Catalyst trunk ports.

Catalyst switches can also dynamically negotiate this using Cisco’s

proprietary Dynamic Trunking Protocol (DTP).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

217

Configuring Trunk Links

To manually configure a trunk port, for either ISL or 802.1Q tagging:

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk encapsulation isl

Switch(config-if)# switchport mode trunk

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk encapsulation dot1q

Switch(config-if)# switchport mode trunk

The first line in each set of commands enters interface configuration mode.

The second line manually sets the tagging (or encapsulation) protocol the

trunk link will use. Always remember, both sides of the trunk line must be

configured with the same tagging protocol. The third line manually sets the

switchport mode to a trunk port.

The Catalyst switch can negotiate the tagging protocol:

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk encapsulation negotiate

Whichever tagging protocol is supported on both switches will be used. If

the switches support both ISL and 802.1Q, ISL will be selected.

By default, trunk ports allow all VLANs to traverse the trunk link. However,

a list of allowed VLANs can be configured on each trunk port:

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk allowed vlan remove 50-100

Switch(config-if)# switchport trunk allowed vlan add 60-65

The first switchport command will prevent the trunk port from passing

traffic from VLANs 50-100. The second switchport command will re-allow

the trunk port to pass traffic from VLANs 60-65. In both cases, the

switchport trunk allowed commands are adding/subtracting from the current

list of allowed VLANs, and not replacing that list.

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk allowed vlan all

Switch(config-if)# switchport trunk allowed vlan except 2-99

Certain VLANs are reserved and cannot be removed from a trunk link,

including VLAN 1 and system VLANs 1002-1005.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

218

Native VLANs

A native VLAN can also be configured on trunk ports:

Switch(config)# interface fa0/24

Switch(config-if)# switchport mode trunk

Switch(config-if)# switchport trunk native vlan 42

Frames from the native VLAN are not tagged when sent out trunk ports. A

trunking interface can only be assigned one native VLAN. Only 802.1Q

supports native VLANs, whereas ISL does not. (More accurately, ISL will

tag frames from all VLANs, even if a VLAN is configured as native). The

native VLAN should be configured identically on both sides of the 802.1Q

trunk).

Native VLANs are often configured when plugging Cisco VoIP phones into

a Catalyst Switch (beyond the scope of this section). Native VLANs are also

useful if a trunk port fails. For example, if an end user connects a computer

into a trunk port, the trunking status will fail and the interface will

essentially become an access port. The user’s computer will then be

transparently joined to the Native VLAN.

Native VLANs provide another benefit. A trunk port will accept untagged

frames and place them in the Native VLAN. Consider the following

example:

Assume that both 802.1Q switches have trunk links configured to the non-

802.1Q switch, and that the trunk ports are configured in Native VLAN 42.

Not only will the 802.1Q switches be able to communicate with each other,

the non-802.1Q switch will be placed in Native VLAN 42, and be able to

communicate with any device in VLAN 42 on any switch.

(Please note, that the author of this study guide finds the “benefit” of the

above example of Native VLANs to be……dubious at best, and confusing

as hell at worst).

By default on all trunking interfaces, the Native VLAN is VLAN 1.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

219

Dynamic Trunking Protocol (DTP) Configuration

Not only can the frame tagging protocol of a trunk port be auto-negotiated,

but whether a port actually becomes a trunk can be negotiated dynamically

as well using the Dynamic Trunking Protocol (DTP).

To manually set a port to be a trunk:

Switch(config)# interface fa0/24

Switch(config-if)# switchport mode trunk

To allow a port to dynamically decide whether to become a trunk, there are

two options:

Switch(config)# interface fa0/24

Switch(config-if)# switchport mode dynamic desirable

Switch(config)# interface fa0/24

Switch(config-if)# switchport mode dynamic auto

If a switchport is set to dynamic desirable (the default dynamic setting), the

interface will actively attempt to form a trunk with the remote switch. If a

switchport is set to dynamic auto, the interface will passively wait for the

remote switch to initiate the trunk.

This results in the following:

• If both ports are manually set to trunk - a trunk will form.

• If one port is set to dynamic desirable, and the other is set to manual

trunk, dynamic desirable, or dynamic auto - a trunk will form.

• If one port is set to dynamic auto, and the other port is set to manual

trunk or dynamic desirable - a trunk will form.

• If both ports are set to dynamic auto, the link will never become a

trunk, as both ports are waiting for the other to initialize the trunk.

Trunk ports send out DTP frames every 30 seconds to indicate their

configured mode.

In general, it is best to manually specific the trunk link, and disable DTP

using the switchport nonegotiate command:

Switch(config)# interface fa0/24

Switch(config-if)# switchport mode trunk

Switch(config-if)# switchport nonegotiate

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

220

Troubleshooting Trunks

When troubleshooting a misbehaving trunk link, ensure that the following is

configured identically on both sides of the trunk:

• Mode - both sides must be set to trunk or dynamically negotiated

• Frame-tagging protocol - ISL, 802.1Q, or dynamically negotiated

• Native VLAN

• VTP Domain

• Allowed VLANs

If the above parameters are not set identically on both sides, the trunk link

will never become active.

To view whether a port is an access or trunk port (such as fa0/5):

Switch# show interface fa0/24 switchport

Name: Fa0/24

Switchport: Enabled

Administrative Mode: trunk

Operational Mode: trunk

Administrative Trunking Encapsulation: dot1q

Operational Trunking Encapsulation: dot1q

Negotiation of Trunking: On

Access Mode VLAN: 1 (default)

Trunking Native Mode VLAN: 42

To view the status of all trunk links:

Switch# show interface trunk

Port Mode Encapsulation Status Native VLAN

Fa0/24 on 802.1q trunking 42

Port Vlans allowed on trunk

Fa0/24 1,100-4094

Port Vlans allowed and active in management domain

Fa0/24 1,100

Port Vlans in spanning tree forwarding state and not pruned

Fa0/24 1,100

If no interfaces are in a trunking state, the show interface trunk command

will return no output.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

221

VLAN Trunking Protocol (VTP)

In large switching environments, it can become difficult to maintain a

consistent VLAN database across all switches on the network. The Ciscoproprietary

VLAN Trunking Protocol (VTP) allows the VLAN database to

be easily managed throughout the network.

Switches configured with VTP are joined to a VTP domain. Only switches

belonging to the same domain will share VLAN information, and a switch

can only belong to a single domain. When an update is made to the VLAN

database, this information is propagated to all switches via VTP

advertisements.

By default, VTP updates are sent out every 300 seconds, or anytime a

change to the database occurs. VTP updates are sent across VLAN 1, and

are only sent out trunk ports.

There are three versions of VTP. The key additions provided by VTP

Version 2 are support for Token Ring and Consistency Checks.

VTP Version 1 is default on Catalyst switches, and is not compatible with

VTP Version 2.

Cisco describes VTP Version 3 as such: “VTP version 3 differs from earlier

VTP versions in that it does not directly handle VLANs. VTP version 3 is a

protocol that is only responsible for distributing a list of opaque databases

over an administrative domain.”

(If you are confused, don’t be alarmed. The author of this guide is not

certain what that means either).

Cisco further defines the enhancements that VTP version 3 provides:

• Support for extended VLANs

• Support for the creation and advertising of private VLANs

• Support for VLAN instances and MST mapping propagation instances

• Improved server authentication

• Protection from the “wrong” database accidently being inserted into a

VTP domain.

• Interaction with VTP version 1 and VTP version 2

• Ability to be configured on a per-port basis.

(Reference: http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml,

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/catos/8.x/configuration/guide/vtp.html#wp1017196)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

222

VTP Modes

VTP-enabled switches can operate in one of three modes:

• Server

• Client

• Transparent

Only VTP Servers can create, modify or delete entries in the shared VLAN

database. Servers advertise their VLAN database to all other switches on the

network, including other VTP servers. This is the default mode for Cisco

Catalyst switches. VTP servers can only advertise VLANs 1 - 1005.

VTP Clients cannot make modifications to the VLAN database, and will

receive all of their VLAN information from VTP servers. A client will also

forward an update from a server to other clients out its trunk port(s).

Remember, VTP switches must be in the same VTP Domain to

share/accept updates to the VLAN database.

A VTP Transparent switch maintains its own separate VLAN database,

and will neither advertise nor accept any VLAN database information from

other switches (even a server). However, transparent switches will forward

VTP updates from servers to clients, thus acting as a pass-through.

Transparent switches handle this pass-through differently depending on the

VTP version:

• VTP Version 1 – the transparent switch will only pass updates from

the same VTP domain.

• VTP Version 2 – the transparent switch will pass updates from any

VTP domain.

As a best practice, a new switch should be configured as a VTP client in the

VTP domain, before being installed into a production network. Recall that

the default VTP mode on a Cisco Catalyst switch is server. If by some

circumstance the configuration revision number (explained in the next

section) is higher than that of the existing production switches, a new VTP

server could conceivably advertise a blank VLAN database to all other

switches.

Configuring the new switch as a VTP client will allow it to learn the current

VLAN database, and poses no risk to your existing infrastructure.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

223

VTP Updates

VTP updates contain a 32-bit configuration revision number, to ensure

that all devices have the most current VLAN database. Every change to the

VLAN database increments the configuration revision number by 1.

A VTP switch will only accept or synchronize an update if the revision

number is higher (and thus more recent) than that of the currently installed

VLAN database. Updates with a lower revision number are ignored.

The simplest way to reset the configuration revision on a VTP server is to

change the VTP domain name, and then change it back to the original name.

VTP utilizes three message types:

• Summary Advertisement – sent out every 300 seconds, informing all

VTP switches of the current configuration revision number.

• Subset Advertisement – sent out when there is a change to the

VLAN database. The subset advertisement actually contains the

updated VLAN database.

• Advertisement Request – sent out when a switch requires the most

current copy of the VLAN database. A switch that is newly joined to

the VTP domain will send out an Advertisement Request.

A switch will also send out an Advertisement Request if it receives a

Summary Advertisement with a configuration revision number higher than

its current VLAN database. A Subset Advertisement will then be sent to that

switch, so that it can synchronize the latest VLAN database.

A Subset Advertisement will contain the following fields:

• VTP Version

• VTP Domain

• VTP Configuration Revision

• VLAN IDs for each VLAN in the database

• VLAN-specific information, such as the VLAN name and MTU

(Reference: http://www.cisco.com/en/US/tech/tk389/tk689/technologies_tech_note09186a0080094c52.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

224

Configuring VTP

To configure the VTP domain (the domain name is case sensitive):

Switch(config)# vtp domain MYDOMAIN

To configure the VTP mode:

Switch(config)# vtp mode server

Switch(config)# vtp mode client

Switch(config)# vtp mode transparent

The VTP domain can be further secured using a password:

Switch(config)# vtp password PASSWORD

All switches participating in the VTP domain must be configured with the

same password. The password will be hashed into a 16-byte MD5 value.

By default, a Catalyst switch uses VTP version 1. VTP Version 1 and 2 are

not compatible. If applied on a VTP server, the following command will

enable VTP version 2 globally on all switches:

Switch(config)# vtp version 2

To view status information about VTP:

Switch# show vtp status

VTP Version : 2

Configuration Revision : 42

Maximum VLANs supported locally : 1005

Number of existing VLANs : 7

VTP Operating Mode : Server

VTP Domain Name : MYDOMAIN

VTP Pruning Mode : Disabled

VTP V2 Mode : Enabled

VTP Traps Generation : Disabled

MD5 digest : 0x42 0x51 0x69 0xBA 0xBE 0xFA 0xCE 0x34

Configuration last modified by 0.0.0.0 at 3-12-09 4:07:52

To view VTP statistical information and error counters:

Switch# show vtp counters

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

225

VTP Pruning

VTP pruning is a process of preventing unnecessary VLAN broadcast or

multicast traffic throughout the switching infrastructure.

In the following example, VTP pruning would prevent VLAN C broadcasts

from being sent to Switch 2. Pruning would further prevent VLAN A and B

broadcast traffic from being sent to Switch 3.

With VTP pruning, traffic is only sent out the necessary VLAN trunk ports

where those VLANs exist.

VTP pruning is disabled by default on Catalyst IOS switches. If applied on

a VTP server, the following command will enable VTP pruning globally on

all switches:

Switch(config)# vtp pruning

On trunk ports, it is possible to specify which VLANs are pruning eligible:

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk pruning vlan add 2-50

Switch(config-if)# switchport trunk pruning vlan remove 50-100

Switch(config)# interface fa0/24

Switch(config-if)# switchport trunk pruning vlan all

Switch(config-if)# switchport trunk pruning vlan except 2-100

VLAN 1 is never eligible for pruning. The system VLANs 1002-1005 are

also pruning-ineligible.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

226

Section 22

- Access Control Lists -

Access Control Lists (ACLs)

Access control lists (ACLs) can be used for two purposes on Cisco devices:

to filter traffic, and to identify traffic.

Access lists are a set of rules, organized in a rule table. Each rule or line in

an access-list provides a condition, either permit or deny:

• When using an access-list to filter traffic, a permit statement is used to

“allow” traffic, while a deny statement is used to “block” traffic.

• Similarly, when using an access list to identify traffic, a permit

statement is used to “include” traffic, while a deny statement states

that the traffic should “not” be included. It is thus interpreted as a

true/false statement.

Filtering traffic is the primary use of access lists. However, there are several

instances when it is necessary to identify traffic using ACLs, including:

• Identifying interesting traffic to bring up an ISDN link or VPN tunnel

• Identifying routes to filter or allow in routing updates

• Identifying traffic for QoS purposes

When filtering traffic, access lists are applied on interfaces. As a packet

passes through a router, the top line of the rule list is checked first, and the

router continues to go down the list until a match is made. Once a match is

made, the packet is either permitted or denied.

There is an implicit ‘deny all’ at the end of all access lists. You don’t create

it, and you can’t delete it. Thus, access lists that contain only deny

statements will prevent all traffic.

Access lists are applied either inbound (packets received on an interface,

before routing), or outbound (packets leaving an interface, after routing).

Only one access list per interface, per protocol, per direction is allowed.

More specific and frequently used rules should be at the top of your access

list, to optimize CPU usage. New entries to an access list are added to the

bottom. You cannot remove individual lines from a numbered access list.

You must delete and recreate the access to truly make changes. Best practice

is to use a text editor to manage your access-lists.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

227

Types of Access Lists

There are two categories of access lists: numbered and named.

Numbered access lists are broken down into several ranges, each dedicated

to a specific protocol:

1–99 IP standard access list

100-199 IP extended access list

200-299 Protocol type-code access list

300-399 DECnet access list

400-499 XNS standard access list

500-599 XNS extended access list

600-699 Appletalk access list

700-799 48-bit MAC address access list

800-899 IPX standard access list

900-999 IPX extended access list

1000-1099 IPX SAP access list

1100-1199 Extended 48-bit MAC address access list

1200-1299 IPX summary address access list

1300-1999 IP standard access list (expanded range)

2000-2699 IP extended access list (expanded range

Remember, individual lines cannot be removed from a numbered access list.

The entire access list must be deleted and recreated. All new entries to a

numbered access list are added to the bottom.

Named access lists provide a bit more flexibility. Descriptive names can be

used to identify your access-lists. Additionally, individual lines can be

removed from a named access-list. However, like numbered lists, all new

entries are still added to the bottom of the access list.

There are two common types of named access lists:

• IP standard named access lists

• IP extended named access lists

Configuration of both numbered and named access-lists is covered later in

this section.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

228

Wild Card Masks

IP access-lists use wildcard masks to determine two things:

1. Which part of an address must match exactly

2. Which part of an address can match any number

This is as opposed to a subnet mask, which tells us what part of an address

is the network (subnet), and what part of an address is the host. Wildcard

masks look like inversed subnet masks.

Consider the following address and wildcard mask:

Address: 172.16.0.0

Wild Card Mask: 0.0.255.255

The above would match any address that begins “172.16.” The last two

octets could be anything. How do I know this?

Two Golden Rules of Access Lists:

1. If a bit is set to 0 in a wild-card mask, the corresponding bit in the

address must be matched exactly.

2. If a bit is set to 1 in a wild-card mask, the corresponding bit in the

address can match any number. In other words, we “don’t care”

what number it matches.

To see this more clearly, we’ll convert both the address and the wildcard

mask into binary:

Address: 10101100.00010000.00000000.00000000

Wild Card Mask: 00000000.00000000.11111111.11111111

Any 0 bits in the wildcard mask, indicates that the corresponding bits in the

address must be matched exactly. Thus, looking at the above example, we

must exactly match the following in the first two octets:

10101100.00010000 = 172.16

Any 1 bits in the wildcard mask indicates that the corresponding bits can be

anything. Thus, the last two octets can be any number, and it will still match

this access-list entry.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

229

Wild Card Masks (continued)

If wanted to match a specific address with a wildcard mask (we’ll use an

example of 172.16.1.1), how would we do it?

Address: 172.16.1.1

Wild Card Mask: 0.0.0.0

Written out in binary, that looks like:

Address: 10101100.00010000.00000001.00000001

Wild Card Mask: 00000000.00000000.00000000.00000000

Remember what a wildcard mask is doing. A 0 indicates it must match

exactly, a 1 indicates it can match anything. The above wildcard mask has

all bits set to 0, which means we must match all four octets exactly.

There are actually two ways we can match a host:

• Using a wildcard mask with all bits set to 0 – 172.16.1.1 0.0.0.0

• Using the keyword “host” – host 172.16.1.1

How would we match all addresses with a wildcard mask?

Address: 0.0.0.0

Wild Card Mask: 255.255.255.255

Written out in binary, that looks like:

Address: 00000000.00000000.00000000.00000000

Wild Card Mask: 11111111.11111111.11111111.11111111

Notice that the above wildcard mask has all bits set to 1. Thus, each bit can

match anything – resulting in the above address and wildcard mask matching

all possible addresses.

There are actually two ways we can match all addresses:

• Using a wildcard mask with all bits set to 1 – 0.0.0.0 255.255.255.255

• Using the keyword “any” – any

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

230

Standard IP Access List

access-list [1-99] [permit | deny] [source address] [wildcard mask] [log]

Standard IP access-lists are based upon the source host or network IP

address, and should be placed closest to the destination network.

Consider the following example:

In order to block network 172.18.0.0 from accessing the 172.16.0.0 network,

we would create the following access-list on Router A:

Router(config)# access-list 10 deny 172.18.0.0 0.0.255.255

Router(config)# access-list 10 permit any

Notice the wildcard mask of 0.0.255.255 on the first line. This will match

(deny) all hosts on the 172.18.x.x network.

The second line uses a keyword of any, which will match (permit) any other

address. Remember that you must have at least one permit statement in your

access list.

To apply this access list, we would configure the following on Router A:

Router(config)# int s0

Router(config-if)# ip access-group 10 in

To view all IP access lists configured on the router:

Router# show ip access-list

To view what interface an access-list is configured on:

Router# show ip interface

Router# show running-config

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

231

Extended IP Access List

access-list [100-199] [permit | deny] [protocol] [source address] [wildcard

mask] [destination address] [wildcard mask] [operator [port]] [log]

Extended IP access-lists block based upon the source IP address, destination

IP address, and TCP or UDP port number. Extended access-lists should be

placed closest to the source network.

Consider the following example:

Assume there is a webserver on the 172.16.x.x network with an IP address

of 172.16.10.10. In order to block network 172.18.0.0 from accessing

anything on the 172.16.0.0 network, EXCEPT for the HTTP port on the web

server, we would create the following access-list on Router B:

Router(config)# access-list 101 permit tcp 172.18.0.0 0.0.255.255 host 172.16.10.10 eq 80

Router(config)# access-list 101 deny ip 172.18.0.0 0.0.255.255 172.16.0.0 0.0.255.255

Router(config)# access-list 101 permit ip any any

The first line allows the 172.18.x.x network access only to port 80 on the

web server. The second line blocks 172.18.x.x from accessing anything else

on the 172.16.x.x network. The third line allows 172.18.x.x access to

anything else.

We could have identified the web server in one of two ways:

Router(config)# access-list 101 permit tcp 172.18.0.0 0.0.255.255 host 172.16.10.10 eq 80

Router(config)# access-list 101 permit tcp 172.18.0.0 0.0.255.255 172.16.10.10 0.0.0.0 eq 80

To apply this access list, we would configure the following on Router B:

Router(config)# int e0

Router(config-if)# ip access-group 101 in

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

232

Extended IP Access List Port Operators

In the preceding example, we identified TCP port 80 on a specific host use

the following syntax:

Router(config)# access-list 101 permit tcp 172.18.0.0 0.0.255.255 host 172.16.10.10 eq 80

We accomplished this using an operator of eq, which is short for equals.

Thus, we are identifying host 172.16.10.10 with a port that equals 80.

We can use several other operators for port numbers:

eq Matches a specific port

gt Matches all ports greater than the port specified

lt Matches all ports less than the port specified

neq Matches all ports except for the port specified

range Match a specific inclusive range of ports

The following will match all ports greater than 100:

Router(config)# access-list 101 permit tcp any host 172.16.10.10 gt 100

The following will match all ports less than 1024:

Router(config)# access-list 101 permit tcp any host 172.16.10.10 lt 1024

The following will match all ports that do not equal 443:

Router(config)# access-list 101 permit tcp any host 172.16.10.10 neq 443

The following will match all ports between 80 and 88:

Router(config)# access-list 101 permit tcp any host 172.16.10.10 range 80 88

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

233

Access List Logging

Consider again the following example:

Assume there is a webserver on the 172.16.x.x network with an IP address

of 172.16.10.10.

We wish to keep track of the number of packets permitted or denied by each

line of an access-list. Access-lists have a built-in logging mechanism for

such a purpose:

Router(config)# access-list 101 permit tcp 172.18.0.0 0.0.255.255 host 172.16.10.10 eq 80 log

Router(config)# access-list 101 deny ip 172.18.0.0 0.0.255.255 172.16.0.0 0.0.255.255 log

Router(config)# access-list 101 permit ip any any log

Notice we added an additional keyword log to each line of the access-list.

When viewing an access-list using the following command:

Router# show access-list 101

We will now have a counter on each line of the access-list, indicating the

number of packets that were permitted or denied by that line. This

information can be sent to a syslog server:

Router(config)# logging on

Router(config)# logging 172.18.1.50

The logging on command enables logging. The second logging command

points to a syslog host at 172.18.1.50.

We can include more detailed logging information, including the source

MAC address of the packet, and what interface that packet was received on.

To accomplish this, use the log-input argument:

Router(config)# access-list 101 permit ip any any log-input

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

234

ICMP Access List

Consider this scenario. You’ve been asked to block anyone from the

172.18.x.x network from “pinging” anyone on the 172.16.x.x network. You

want to allow everything else, including all other ICMP packets.

The specific ICMP port that a “ping” uses is echo. To block specific ICMP

parameters, use an extended IP access list. On Router B, we would

configure:

Router(config)# access-list 102 deny icmp 172.18.0.0 0.0.255.255 172.16.0.0 0.0.255.255 echo

Router(config)# access-list 102 permit icmp 172.18.0.0 0.0.255.255 172.16.0.0 0.0.255.255

Router(config)# access-list 102 permit ip any any

The first line blocks only ICMP echo requests (pings). The second line

allows all other ICMP traffic. The third line allows all other IP traffic.

Don’t forget to apply it to an interface on Router B:

Router(config)# int e0

Router(config-if)# ip access-group 102 in

Untrusted networks (such as the Internet) should usually be blocked from

pinging an outside router or any internal hosts:

Router(config)# access-list 102 deny icmp any any

Router(config)# access-list 102 permit ip any any

Router(config)# interface s0

Router(config-if)# ip access-group 102 in

The above access-list completed disables ICMP on the serial interface.

However, this would effectively disable ICMP traffic in both directions on

the router. Any replies to pings initiated by the Internal LAN would be

blocked on the way back in.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

235

Telnet Access List

We can create access lists to restrict telnet access to our router. For this

example, we’ll create an access list that prevents anyone from the evil

172.18.x.x network from telneting into Router A, but allow all other

networks telnet access.

First, we create the access-list on Router A:

Router(config)# access-list 50 deny 172.18.0.0 0.0.255.255

Router(config)# access-list 50 permit any

The first line blocks the 172.18.x.x network. The second line allows all other

networks.

To apply it to Router A’s telnet ports:

Router(config)# line vty 0 4

Router(config-line)# access-class 50 in

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

236

Named Access Lists

Named access lists provide us with two advantages over numbered access

lists. First, we can apply an identifiable name to an access list, for

documentation purposes. Second, we can remove individual lines in a named

access-list, which is not possible with numbered access lists.

Please note, though we can remove individual lines in a named access list,

we cannot insert individual lines into that named access list. New entries are

always placed at the bottom of a named access list.

To create a standard named access list, the syntax would be as follows:

Router(config)# ip access-list standard NAME

Router(config-std-nacl)# deny 172.18.0.0 0.0.255.255

Router(config-std-nacl)# permit any

To create an extended named access list, the syntax would be as follows:

Router(config)# ip access-list extended NAME

Router(config-ext-nacl)# permit tcp 172.18.0.0 0.0.255.255 host 172.16.10.10 eq 80

Router(config-ext-nacl)# deny ip 172.18.0.0 0.0.255.255 172.16.0.0 0.0.255.255

Router(config-ext-nacl)# permit ip any any

Notice that the actual configuration of the named access-list is performed in

a separate router “mode”:

Router(config-std-nacl)#

Router(config-ext-nacl)#

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

237

Time-Based Access-Lists

Beginning with IOS version 12.0, access-lists can be based on the time and

the day of the week.

The first step to creating a time-based access-list, is to create a time-range:

Router(config)# time-range BLOCKHTTP

The above command creates a time-range named BLOCKHTTP. Next, we

must either specify an absolute time, or a periodic time:

Router(config)# time-range BLOCKHTTP

Router(config-time-range)# absolute start 08:00 23 May 2006 end 20:00 26 May 2006

Router(config)# time-range BLOCKHTTP

Router(config-time-range)# periodic weekdays 18:00 to 23:00

Notice the use of military time. The first time-range sets an absolute time

that will start from May 23, 2006 at 8:00 a.m., and will end on May 26,

2006 at 8:00 p.m.

The second time-range sets a periodic time that is always in effect on

weekdays from 6:00 p.m. to 11:00 p.m.

Only one absolute time statement is allowed per time-range, but multiple

periodic time statements are allowed.

After we establish our time-range, we must reference it in an access-list:

Router(config)# access-list 102 deny any any eq 80 time-range BLOCKHTTP

Router(config)# access-list 102 permit ip any any

Notice the time-range argument at the end of the access-list line. This will

result in HTTP traffic being blocked, but only during the time specified in

the time-range.

Source:

(http://www.cisco.com/univercd/cc/td/doc/product/software/ios120/120newft/120t/120t1/timerang.htm)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

238

Advanced Wildcard Masks

Earlier in this section, we discussed the basics of wildcard masks. The

examples given previously matched one of three things:

• A specific host

• A specific octet(s)

• All possible hosts

It is also possible to match groups or ranges of hosts with wildcard masks.

For example, assume we wanted a standard access-list that denied the

following hosts:

172.16.1.4

172.16.1.5

172.16.1.6

172.16.1.7

We could create an access-list with four separate lines:

Router(config)# access-list 10 deny 172.16.1.4 0.0.0.0

Router(config)# access-list 10 deny 172.16.1.5 0.0.0.0

Router(config)# access-list 10 deny 172.16.1.6 0.0.0.0

Router(config)# access-list 10 deny 172.16.1.7 0.0.0.0

However, it is also possible to match all four addresses in one line:

Router(config)# access-list 10 deny 172.16.1.4 0.0.0.3

How do I know this is correct? Let’s write out the above four addresses, and

my wildcard mask in binary:

172.16.1.4: 10101100.00010000.00000001.00000100

172.16.1.5: 10101100.00010000.00000001.00000101

172.16.1.6: 10101100.00010000.00000001.00000110

172.16.1.7: 10101100.00010000.00000001.00000111

Wild Card Mask: 00000000.00000000.00000000.00000011

Notice that the first 30 bits of each of the four addresses are identical. Each

begin “10101100.00010000.00000001.000001”. Since those bits must match

exactly, the first 30 bits of our wildcard mask are set to 0.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

239

Advanced Wildcard Masks (continued)

Notice now that the only bits that are different between the four addresses

are the last two bits. Not only that, but we use every computation of those

last two bits: 00, 01, 10, 11.

Thus, since those last two bits can be anything, the last two bits of our

wildcard mask are set to 1.

The resulting access-list line:

Router(config)# access-list 10 deny 172.16.1.4 0.0.0.3

We also could have determined the appropriate address and wildcard mask

by using AND/XOR logic.

To determine the address, we perform a logical AND operation:

1. If all bits in a column are set to 0, the corresponding address bit is 0

2. If all bits in a column are set to 1, the corresponding address bit is 1

3. If the bits in a column are a mix of 0’s and 1’s, the corresponding

address bit is a 0.

Observe:

172.16.1.4: 10101100.00010000.00000001.00000100

172.16.1.5: 10101100.00010000.00000001.00000101

172.16.1.6: 10101100.00010000.00000001.00000110

172.16.1.7: 10101100.00010000.00000001.00000111

Result: 10101100.00010000.00000001.00000100

Our resulting address is 172.16.1.4. This gets us half of what we need.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

240

Advanced Wildcard Masks (continued)

To determine the wildcard mask, we perform a logical XOR (exclusive OR)

operation:

1. If all bits in a column are set to 0, the corresponding wildcard bit is 0

2. If all bits in a column are set to 1, the corresponding wildcard bit is 0

3. If the bits in a column are a mix of 0’s and 1’s, the corresponding

wildcard bit is a 1.

Observe:

172.16.1.4: 10101100.00010000.00000001.00000100

172.16.1.5: 10101100.00010000.00000001.00000101

172.16.1.6: 10101100.00010000.00000001.00000110

172.16.1.7: 10101100.00010000.00000001.00000111

Result: 00000000.00000000.00000000.00000011

Our resulting wildcard mask is 0.0.0.3. Put together, we have:

Router(config)# access-list 10 deny 172.16.1.4 0.0.0.3

Please Note: We can determine the number of addresses a wildcard mask

will match by using a simple formula:

Where “n” is the number of bits set to 1 in the wildcard mask. In the above

example, we have two bits set to 1, which matches exactly four addresses

(22 = 4).

There will be occasions when we cannot match a range of addresses in one

line. For example, if we wanted to deny 172.16.1.4-6, instead of 172.16.1.4-

7, we would need two lines:

Router(config)# access-list 10 permit 172.16.1.7 0.0.0.0

Router(config)# access-list 10 deny 172.16.1.4 0.0.0.3

If we didn’t include the first line, the second line would have denied the

172.16.1.7 address. Always remember to use the above formula (2n) to

ensure your wildcard mask doesn’t match more addresses than you intended

(often called overlap).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

241

Advanced Wildcard Masks (continued)

Two more examples. How would we deny all odd addresses on the

10.1.1.x/24 subnet in one access-list line?

Router(config)# access-list 10 deny 10.1.1.1 0.0.0.254

Written in binary:

10.1.1.1: 00001010.00000001.00000001.00000001

Wild Card Mask: 00000000.00000000.00000000.11111110

What would the result of the above wildcard mask be?

1. The first three octets must match exactly.

2. The last bit in the fourth octet must match exactly. Because we set this

bit to 1 in our address, every number this matches will be odd.

3. All other bits in the fourth octet can match any number.

Simple, right? How would we deny all even addresses on the 10.1.1.x/24

subnet in one access-list line?

Router(config)# access-list 10 deny 10.1.1.0 0.0.0.254

Written in binary:

10.1.1.0: 00001010.00000001.00000001.00000000

Wild Card Mask: 00000000.00000000.00000000.11111110

What would the result of the above wildcard mask be?

4. The first three octets must match exactly.

5. The last bit in the fourth octet must match exactly. Because we set this

bit to 0 in our address, every number this matches will be even.

6. All other bits in the fourth octet can match any number.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

242

Section 23

- DNS and DHCP -

Name Resolution

Name resolution systems provide the translation between alphanumeric

names and numerical addresses, alleviating the need for users and

administrators to memorize long strings of numbers.

There are two common methods for implementing name resolution:

• A static file on each host on the network, containing all the name-toaddress

translations (examples include the HOSTS/LMHOSTS files).

• A centralized server that all hosts on the network connect to for

name resolution.

The two most common name resolution systems are Domain Name System

(DNS) and Windows Internet Name Service (WINS). WINS was used in

Microsoft networks to translate IP addresses to NetBIOS names, and is

mostly deprecated.

DNS is heavily utilized on the Internet and on systems such as Active

Directory.

Domain Name System (DNS)

Domain Name System (DNS) translates between domain names and IP

addresses, and is supported by nearly every operating system. All Internetbased

name resolution utilizes DNS.

DNS is organized as a hierarchy. Consider the following translation:

www.google.com = 209.85.225.104

The above domain name represents a Fully Qualified Domain Name

(FQDN):

• .com represents a top level domain.

• .google represents a secondary level domain

• www represents a host computer in the .google.com domain.

Other top level domains include .org, .net, and .gov. Top level domains can

also include country codes, such as .ca, .nl, and .de

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

243

Methods of configuring DNS

Recall that DNS name resolution can be implemented in the form of local

HOSTS files, or a centralized name server(s). When employing HOSTS

files, each translation must be statically configured on each device. In

Windows 2000/XP operating systems, this file is located:

c:\windows\system32\drivers\etc\hosts

In UNIX/Linux operating systems, this file is generally located: /etc/hosts

There are many disadvantages to using HOSTS files. The HOSTS file must

be configured on every device. If a change occurs, every device’s HOSTS

file must be updated.

Using one or more DNS servers provides several advantages over HOSTS

files. All devices point to this centralized DNS server for name resolution,

ensuring that changes only need to occur in one place.

If a particular DNS server does not contain the required DNS information,

the request will can be forwarded to servers up the DNS hierarchy.

BIND (Berkeley Internet Name Domain) is the standard implementation

of DNS. Microsoft, UNIX/Linux, and Novell all employ some version of

BIND.

DNS servers assume one of three roles:

• Primary (or master) DNS Server - maintains the SOA (Start of

Authority), and contains the master zone file containing the DNS

records for the domain. This server is often referred to as the

Authoritative Name Server for a specific domain.

• Secondary (or slave) DNS Server - maintains a current copy of the

master zone file, obtained from the primary server. The secondary

server cannot make changes to the zone file, but instead forwards

changes to the primary server.

• Caching DNS Server - does not maintain a zone file, and is not

authoritative for any domain. This server will merely cache the results

of DNS queries.

Both hosts and DNS servers will cache the result of DNS queries for a

period of time.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

244

DNS Zone File Example

There are two types of zones in DNS:

• Forward Lookup Zones - translates a host name to an IP address.

• Reverse Lookup Zones - translates an IP address to a hostname

(otherwise known as the IN-ADDR.ARPA zone).

The following is an example zone file for the fictional example.com domain:

$ORIGIN example.com

$TTL 86400

@ IN SOA dns1.example.com.

hostmaster.example.com. (

2001062501 ; serial

21600 ; refresh after 6 hours

3600 ; retry after 1 hour

604800 ; expire after 1 week

86400 ) ; minimum TTL of 1 day

IN NS dns1.example.com.

IN NS dns2.example.com.

IN MX 10 mail.example.com.

IN MX 20 mail2.example.com.

IN A 10.0.1.5

server1 IN A 10.0.1.5

server2 IN A 10.0.1.7

dns1 IN A 10.0.1.2

mail IN CNAME server1

mail2 IN CNAME server2

www IN CNAME server2

Entries within a zone file are referred to as DNS records. There are a variety

of DNS record types, including:

• NS (Name Server) – identifies a DNS server for the domain.

• SOA (Start of Authority) – identifies the primary (authoritative)

DNS server for the domain.

• A (Address) – identifies an individual host in the domain.

• CNAME (Canonical Name) – assigns an alias for another host name.

• MX (Mail Exchanger) - identifies a mail server in the domain.

• PTR (Pointer) - used for reverse DNS lookups.

The number defined in the MX record is a priority. A lower priority is more

preferred.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

245

DNS Process

DNS follows a strict process when performing a query. The process is as

follows:

1. The local DNS cache on the host is queried first.

2. If there is no entry in the local cache, the local HOSTS file is

queried next.

3. If there is no entry in the local HOSTS, the query is forwarded to

any configured DNS servers on the host. If no DNS servers are

configured, the query will fail.

4. If the configured DNS server is not authoritative for that domain,

and does not have that DNS entry locally cached, the query will be

forwarded up the DNS hierarchy. DNS servers can be configured

with one or more forwarders. Organizations often point to their

ISP’s DNS servers for DNS forwarding purposes.

5. If no forwarders are available, the query is forwarded to the Root

DNS server(s), which will likely have the entry cached.

6. In the rare circumstance that the Root servers do not have a cached

entry, the query will be forwarded back down the hierarchy to the

authoritative DNS server for that domain.

Dynamic DNS allows DNS to be integrated with Dynamic Host

Configuration Protocol (DHCP). When DHCP hands out an IP address lease,

it will automatically update the DNS entry for that host on the DNS server.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

246

Resolving Hostnames on Cisco IOS Devices

There are two methods of name resolution on Cisco IOS devices:

• A static host table on each device (similar to a HOSTS file).

• A centralized DNS server(s) configured on each device.

To manually build a local host table on an IOS device:

Router(config)# ip host Router1 172.16.1.1

Router(config)# ip host Router2 172.17.1.2

To view the local host table:

Router# show hosts

To point an IOS device to a centralized DNS server:

Router(config)# ip name-server 10.0.1.2

To disable DNS lookups on an IOS device:

Router(config)# no ip domain-lookup

To configure the local domain on an IOS device:

Router(config)# ip domain-name CISCO.COM

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

247

DHCP (Dynamic Host Control Protocol)

In networks with a large number of hosts, statically assigning IP addresses

and other IP information quickly becomes impractical.

Dynamic Host Control Protocol (DHCP) provides administrators with a

mechanism to dynamically allocate IP addresses, rather than manually

setting the address on each device.

DHCP servers lease out IP addresses to DHCP clients, for a specific period

of time. There are four steps to this DHCP process:

• When a DHCP client first boots up, it broadcasts a DHCPDiscover

message, searching for a DHCP server.

• If a DHCP server exists on the local segment, it will respond with a

DHCPOffer, containing the “offered” IP address, subnet mask, etc.

• Once the client receives the offer, it will respond with a

DHCPRequest, indicating that it will accept the offered protocol

information.

• Finally, the server responds with a DHCPACK, acknowledging the

clients acceptance of offered protocol information.

By default, DHCP leases an address for 8 days. Once 50% of the lease

expires, the client will try to renew the lease with the same DHCP server. If

successful, the client receives a new 8 day lease.

If the renewal is not successful, the client will continue “attempting” to

renew, until 87.5% of the lease has expired. Once this threshold has been

reached, the client will attempt to find another DHCP server to bind to.

In addition to IP address and subnet mask information, DHCP can provide

the following protocol parameters:

• Default Gateway

• Domain Name and DNS servers

• Time Servers

• WINS servers

These are just a few examples of the many DHCP “options” that exist.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

248

Configuring a Cisco Router as a DHCP Server

Cisco routers can be configured to function as DHCP servers. The first step

is to create a DHCP pool:

Router(config)# ip dhcp pool MYPOOL

Router(dhcp-config)# network 192.168.1.0 255.255.255.0

The first command creates a dhcp pool named MYPOOL. The second

command creates our DHCP scope, indicating the range of addresses to be

leased. The above command indicates any address between 192.168.1.1 –

192.168.1.255 can be leased.

Specific addresses can be excluded from being leased:

Router(config)# ip dhcp excluded-address 192.168.1.1

Router(config)# ip dhcp excluded-address 192.168.1.5 192.168.1.10

The first command excludes only address 192.168.1.1. The second

command excludes address 192.168.1.5 through 192.168.1.10.

To specify DHCP options to be leased with the address:

Router(config)# ip dhcp pool MYPOOL

Router(dhcp-config)# default-router 192.168.1.1

Router(dhcp-config)# dns-server 192.168.1.5

Router(dhcp-config)# domain-name MYDOMAIN

To specify the duration of the DHCP lease:

Router(config)# ip dhcp pool MYPOOL

Router(dhcp-config)# lease 1 12

The above changes the default lease from 8 days to 1 day, 12 hours. To view

current DHCP leases:

Router# show ip dhcp binding

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

249

IP Helper Address

Recall that DHCP clients broadcast their DHCPDiscover packets, when

searching for a DHCP server.

What would happen if the DHCP server is on a different network, separated

from the clients by a router? Routers, by default, will never forward a

broadcast.

Thus, in the above example, the client would never be able to reach the

DHCP server to acquire its IP address. That is, unless the ip helper-address

command is used:

Router(config)# interface fa0

Router(config-if)# ip helper-address 10.1.1.5

Notice that the ip helper-address command is configured on the interface

connecting to the DHCP client, pointing to the IP address of the DHCP

server. When the client broadcasts its DHCPDiscover packet, the router will

direct that broadcast to the DHCP server. And there was much rejoicing.

By default, the ip helper-address command will forward the following UDP

traffic:

• TFTP (port 69)

• DNS (port 53)

• Time (port 37)

• NetBIOS (ports 137-138)

• ND (Network Disks – used by Sun workstations)

• TACACS (port 49)

• BOOTP/DHCP (ports 67-68)

Customized UDP traffic can be specified using the following command:

Router(config)# ip forward-protocol udp 107

Router(config)# no ip forward-protocol udp 69

(Reference: http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_command_reference_chapter09186a0080238b72.html#wp1182972)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

250

________________________________________________

Part V

WANs

________________________________________________

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

251

Section 24

- Basic WAN Concepts -

What is a WAN?

There are two prevailing definitions of a Wide Area Network (WAN). The

book definition of a WAN is a network that spans large geographical

locations, usually to interconnect multiple Local Area Networks (LANs).

The practical definition of a WAN is a network that traverses a public

network or commercial carrier, using one of several WAN technologies.

Consider the following example.

A connection between two

buildings using Ethernet as a

medium would generally be

considered a LAN. However, this

is because of the technology

used, and not the zombie-infested

distance between the two

buildings.

A connection between the

same two buildings, using a

dedicated T1 line as a

medium, would generally be

considered a WAN.

Remember, the difference is the

technology used. A variety of

WAN technologies exist, each

operating at both the Physical and

Data-link layers of the OSI

models. Higher-layer protocols

such as IP are encapsulated when

sent across the WAN link.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

252

WAN Connection Types

WANs are generally grouped into three separate connection types:

• Point-to-Point technologies

• Circuit-switched technologies

• Packet-switched technologies

Point-to-Point technologies (often called dedicated or leased lines) are

usually the most expensive form of WAN technology. Point-to-Point

technologies are leased from a service provider, and provide guaranteed

bandwidth from location to another (hence point-to-point). Cost is

determined by the distance of the connection, and the amount of bandwidth

allocated.

Generally, point-to-point links require no call-setup, and the connection is

usually always on. Examples of point-to-point technologies include:

• T1 lines

• T3 lines

Circuit-Switched technologies require call-setup to occur before

information can be transferred. The session is usually torn down once data

transfer is complete (this is identified as an On-Demand Circuit). Circuitswitched

lines are generally low-speed compared to point-to-point lines.

Examples of circuit-switched technologies include:

• Dial-up

• ISDN

Packet-Switched technologies share a common infrastructure between all

the provider’s subscribers. Thus, bandwidth is not guaranteed, but is instead

allocated on a best effort basis. Packet-switched technologies are ill-suited

for applications that require consistent bandwidth, but are considerably less

expensive than dedicated point-to-point lines.

Examples of packet-switched technologies include:

• Frame-Relay

• X25

(Reference: http://www.cisco.com/univercd/cc/td/doc/cisintwk/ito_doc/introwan.htm

http://www.ciscopress.com/content/images/chap01_1587051486/elementLinks/1587051486content.pdf)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

253

Common WAN Terms

A wide variety of hardware is used with WANs. Equipment that is housed at

the subscriber is referred to as Customer Premise Equipment (CPE).

The above example demonstrates the basic equipment required for a T1 line.

A CSU/DSU (Channelized Service Unit/Data Service Unit) provides the

clocking and channelization for T1 or T3 technology. The CSU/DSU

converts the signal for use on an Ethernet (or other LAN technology)

network. If a WAN technology other than a T1 line is used, a different

device will be required. Examples include (but are no limited to):

• ISDN – a terminal adapter

• Dialup – a modem

The Demarc (short for demarcation) refers to the point of last responsibility

for the service provider. All equipment on the Customer Premises side of the

Demarc is the customer’s responsibility to maintain. The Demarc is not

always physically labeled or identifiable. Occasionally, a two-port or fourport

patch-panel will be used as a physical Demarc.

The Smart Jack physically terminates the T1 line. If there is a connectivity

issue, the provider will perform a ping test to the smart jack. If

communication to the smart jack is successful, the provider will assume the

issue resides on the customer’s side of responsibility. The smart jack is often

locked in a glass enclosure, and labeled with the T1’s circuit number.

The Local Loop (or Last Mile) refers to the physical line connecting from

the Customer Premises to the provider’s nearest Central Office (CO).

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

254

WAN Encapsulation

Recall that WAN technologies operate at both Physical and Data-link

layers of the OSI models, and that higher-layer protocols such as IP are

encapsulated when sent across the WAN link.

A WAN is usually terminated on a Cisco device’s serial interface. Serial

interfaces support a wide variety of WAN encapsulation types, which must

be manually specified.

By default, a serial interface will utilize HDLC for encapsulation. Other

supported encapsulation types include:

• SDLC

• PPP

• LAPB

• Frame-Relay

• X.25

• ATM

Regardless of the WAN encapsulation used, it must identical on both sides

of a point-to-point link.

Each encapsulation type is described in detail in separate guides.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

255

Section 25

- PPP -

WAN Encapsulation

Recall that WAN technologies operate at both Physical and Data-link

layers of the OSI models, and that higher-layer protocols such as IP are

encapsulated when sent across the WAN link.

A WAN is usually terminated on a Cisco device’s serial interface. Serial

interfaces support a wide variety of WAN encapsulation types, which must

be manually specified.

By default, a serial interface will utilize HDLC for encapsulation. Other

supported encapsulation types include:

• SDLC

• PPP

• LAPB

• Frame-Relay

• X.25

• ATM

Regardless of the WAN encapsulation used, it must identical on both sides

of a point-to-point link.

HDLC Encapsulation

High-Level Data-link Control (HDLC) is a WAN encapsulation protocol

used on dedicated point-to-point serial lines.

Though HDLC is technically an ISO standard protocol, Cisco’s

implementation of HDLC is proprietary, and will not work with other

routers.

HDLC is also Cisco’s default encapsulation type for serial point-to-point

links. HDLC provides no authentication mechanism.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

256

PPP Encapsulation

Point-to-Point Protocol (PPP) is a standardized WAN encapsulation protocol

that can be used on a wide variety of WAN technologies, including:

• Serial dedicated point-to-point lines

• Asynchronous dial-up (essentially dialup)

• ISDN

PPP has four components:

• EIA/TIA-232-C – standard for physical serial communication

• HDLC – for encapsulating packets into frames over serial lines

• LCP – for establishing, setting-up, and terminating point-to-point

links

• NCP – allows multiple Layer-3 protocols (such as IP and IPX) to be

encapsulated into frames

PPP supports several features that HDLC does not:

• Authentication

• Compression

• Multi-link

• Error Control

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

257

Configuring PPP

To configure a serial interface for PPP encapsulation:

Router(config)# int s0/0

Router(config-if)# encapsulation ppp

PPP supports two methods of authentication, PAP and CHAP. PAP

(Password Authentication Protocol) sends passwords in clear text, and

thus does not provide much security. CHAP (Challenge Handshake

Authentication Protocol) uses MD5 to apply an irreversible hash.

To configure PPP authentication:

Router(config)# hostname Router1

Router(config)# username Router2 password PASSWORD

Router(config)# int s0/0

Router(config-if)# ppp authentication chap

The first line sets the hostname of the router. The second line sets the

username and password used for PPP authentication. The username must be

the hostname of the remote router, and the password must be the same on

both routers.

The above configuration sets the authentication to chap. To instead

configure pap authentication:

Router(config)# int s0/0

Router(config-if)# ppp authentication pap

To view the encapsulation configured on the interface:

Router# show interface s0/0

To troubleshoot PPP authentication between two routers:

Router# debug ppp authentication

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

258

Section 26

- Frame-Relay -

Frame-Relay

Frame-Relay is a packet-switched technology, which shares bandwidth between

users on the switched network. Frame-relay service providers assume that all

clients will not need the full capacity of their bandwidth at all times. Thus, in

general, frame-relay is less expensive than dedicated WAN lines, but customers

are not guaranteed bandwidth.

All locations plug into the frame relay “cloud,” which is a conglomeration of

dozens or hundreds of Frame-Relay switches and routers. The cloud is the Frame

provider’s network, and the customer has no control (or even knowledge) of what

occurs inside that infrastructure.

For communication to occur between locations, virtual circuits (VC) must be

created. A VC is a one-way path through the Frame-Relay cloud.

In the above example, in order to establish full communication between Detroit

and Houston, we would need to create two virtual circuits:

• A virtual circuit between Detroit and Houston

• A separate virtual circuit between Houston and Detroit

Frame-relay circuits can either be permanent (PVC), or switched (SVC). A

permanent virtual circuit is always kept active, and is the most common virtual

circuit. A switched virtual circuit is created only when traffic needs to be sent, and

is torn down when communication is complete.

Virtual circuits are identified with Data Link Connection Identifiers (DLCIs).

Frame-Relay switches make decisions based on DLCIs, whereas Ethernet switches

make decisions based on MAC addresses.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

259

Frame-Relay Global vs Local DLCI

The difference between a globally or locally significant DLCI is all based on

perspective. Remember that a DLCI identifies a one-way virtual circuit. For

example, the connection between Detroit and Chicago would be considered

one virtual circuit, and Chicago to Detroit would be a separate virtual circuit.

To get this to work, we need to map a DLCI to an IP address. For example,

on router Detroit, we’re going to create a virtual circuit to router Chicago.

We’ll assign it a DLCI of “102,” and point it to Chicago’s IP address.

We call this locally significant, because it only affects the interface on the

Detroit router. We could, on the Chicago router, set a DLCI of “102” and

point it to the IP address of the Detroit router. Because the DLCI is set on a

different router (and interface), there will be no conflict.

When we set a globally significant DLCI, it is really only an administrative

feature. It means that an administrator has consciously decided that all

virtual circuits going to Chicago will be set to DLCI 102 (or whatever DLCI

number you choose), whether it is from Detroit or Houston.

In essence, you are symbolically assigning the DLCI of 102 to the Chicago

location. Keep in mind that you are still technically assigning the DLCI to

the virtual circuits connecting to Chicago.

Virtual circuits pointing to other locations will be configured with different

DLCIs (Detroit could be 101; Houston could be 103, etc.). The advantage to

this is that it is now easy to determine the destination of a packet, based on

its DLCI.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

260

Frame-Relay CIR

Bandwidth is provided on a best effort basis in Frame-Relay.

The Frame provider and customer agree on a Committed Information Rate

(CIR), which is not always a guarantee of bandwidth. The provider will give

a best effort to meet the CIR, which is measured in bits per second:

• 256000 bps

• 512000 bps

• 1544000 bps

The above are examples of possible CIR settings, though technically the CIR

can be set to anything. At times, bandwidth speeds can burst (Be) above the

CIR. However, speeds above the CIR are certainly not guaranteed, and if the

Frame Network becomes congested, any data exceeding the CIR becomes

Discard Eligible, and is at risk of being dropped.

Frame-Relay Encapsulation Types

On Cisco routers, two possible Frame encapsulations can be configured on

the router’s serial ports.

• Cisco – the default, and proprietary, Frame-Relay encapsulation

• IETF – the standardized Frame-Relay encapsulation.

Frame-Relay Local Management Interface (LMI)

LMI is the type of signaling used between your router and your provider’s

Frame-Relay switch. LMI provides status updates of Virtual Circuits

between the Frame switch and the router.

There are three LMI-types:

• Cisco – default and proprietary (naturally)

• ANSI

• Q.933a

LMI type is auto-sensed on Cisco routers, but can be manually set if desired.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

261

Frame-Relay Point-to-Point Configuration Example

Point-to-Point is the simplest form of Frame-Relay configuration.

Remember that PVCs are only one-way circuits, and thus we need to create

two PVCs in order for full communication to occur.

Configuration on the Detroit and Chicago routers would be as follows:

Detroit Router:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.1 255.255.0.0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay lmi-type q933a

Router(config-if)# frame-relay interface-dlci 102

Router(config-if)# no shut

Chicago Router:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.2 255.255.0.0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay lmi-type q933a

Router(config-if)# frame-relay interface-dlci 201

Router(config-if)# no shut

Notice that both routers are in the same IP subnet.

The encapsulation frame-relay command sets the frame encapsulation type

to the default of cisco. The encapsulation must be the same on both routers.

To change the default encapsulation type, simply append the ietf keyword to

the encapsulation frame-relay command:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.1 255.255.0.0

Router(config-if)# encapsulation frame-relay ietf

The frame-relay lmi-type command sets the signaling type. The Frame-

Relay provider dictates which LMI-type to use. Remember that cisco is the

default LMI-type, and that LMI is usually auto-sensed.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

262

Frame-Relay Point-to-Point Configuration Example (continued)

Detroit Router:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.1 255.255.0.0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay lmi-type q933a

Router(config-if)# frame-relay interface-dlci 102

Router(config-if)# no shut

Chicago Router:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.2 255.255.0.0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay lmi-type q933a

Router(config-if)# frame-relay interface-dlci 201

Router(config-if)# no shut

The frame-relay interface-dlci command identifies the one-way PVC. The

connection between Detroit and Chicago has been assigned DLCI 102. The

connection between Chicago and Detroit has been assigned DLCI 201.

The Frame-Relay provider usually dictates which DLCI numbers to use, as

the provider’s Frame switch is configured with the appropriate DLCI

information.

The router can actually receive all PVC and DLCI information directly from

the Frame-Relay switch via LMI, using Inverse-ARP. Inverse-ARP is

enabled by default on Cisco routers.

Thus, if the Frame-Relay switch is configured correctly, the frame-relay

interface-dlci command could theoretically be removed, and the frame-relay

connection will still work.

There are circumstances when DLCIs should be manually assigned. Inverse-

ARP can be disabled on an interface with the following command:

Router(config)# int s0/0

Router(config-if)# no frame-relay inverse-arp

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

263

Frame-Relay Full Mesh Configuration Example

Consider the above example, a full mesh between three locations. All routers

can still belong to the same IP subnet; however, DLCI’s must now be

mapped to IP addresses, as multiple PVCs are necessary on each interface.

This can be dynamically configured via Inverse-Arp, which is enabled by

default (as stated earlier). Otherwise, the DLCI-to-IP mapping can be

performed manually. Looking at the Detroit and Chicago router’s

configuration:

Detroit Router:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.1 255.255.0.0

Router(config-if)# encapsulation frame-relay ietf

Router(config-if)# no frame-relay inverse-arp

Router(config-if)# frame-relay lmi-type ansi

Router(config-if)# frame-relay map ip 172.16.1.2 102 broadcast

Router(config-if)# frame-relay map ip 172.16.1.3 103 broadcast

Router(config-if)# no shut

Chicago Router:

Router(config)# int s0/0

Router(config-if)# ip address 172.16.1.2 255.255.0.0

Router(config-if)# encapsulation frame-relay ietf

Router(config-if)# no frame-relay inverse-arp

Router(config-if)# frame-relay lmi-type ansi

Router(config-if)# frame-relay map ip 172.16.1.1 201 broadcast

Router(config-if)# frame-relay map ip 172.16.1.3 203 broadcast

Router(config-if)# no shut

Inverse-ARP was disabled using the no frame-relay inverse-arp command.

The frame-relay map command maps the remote router’s IP address to a

DLCI. On the Detroit router, a map was created to Chicago’s IP

(172.16.1.2), and that PVC was assigned a DLCI of 102. The broadcast

option allows broadcasts and multicasts to be forwarded to that address, so

that routing protocols such as OSPF can form neighbor relationships.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

264

Frame-Relay Partial Mesh Configuration Example

Full-mesh Frame-Relay environments can get quite expensive. Partial-mesh

environments are often more cost-effective. A partial-mesh is essentially a

hub-and-spoke design, with one central or hub location that all other

locations must connect through.

In the above example, the Detroit router serves as the hub router. In a

partial-mesh environment, each spoke must be on a different IP subnet,

which presents a special problem.

If both spokes terminate on the Detroit router’s physical serial interface,

split-horizon will prevent Chicago’s routing updates from ever reaching

Houston, and vice versa. Recall that split-horizon dictates that updates

received on an interface cannot be sent back out the same interface.

Thus, on router Detroit, sub-interfaces must be created off of the serial

interface. Sub-interfaces are virtual interfaces that the router treats as

separate physical interfaces, providing a workaround for the split-horizon

problem.

The network type must be specified when creating a sub-interface. A pointto-

point sub-interface has only a single Virtual Circuit to another router. A

multipoint sub-interface can have multiple Virtual Circuits to multiple

locations.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

265

Frame-Relay Partial Mesh Configuration Example (continued)

Configuration of the Detroit and Chicago routers would be as follows:

Detroit Router:

Router(config)# int s0/0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay lmi-type ansi

Router(config)# int s0/0.102 point-to-point

Router(config-subif)# no frame-relay inverse-arp

Router(config-subif)# ip address 172.16.1.1 255.255.0.0

Router(config-subif)# frame-relay interface-dlci 102

Router(config-subif)# no shut

Router(config)# int s0/0.103 point-to-point

Router(config-subif)# no frame-relay inverse-arp

Router(config-subif)# ip address 172.17.1.1 255.255.0.0

Router(config-subif)# frame-relay interface-dlci 103

Router(config-subif)# no shut

Chicago Router:

Router(config)# int s0/0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay lmi-type ansi

Router(config)# int s0/0.201 point-to-point

Router(config-subif)# no frame-relay inverse-arp

Router(config-subif)# ip address 172.16.1.2 255.255.0.0

Router(config-subif)# frame-relay interface-dlci 201

Router(config-subif)# no shut

Notice first that the Detroit router, serving as the hub, has two sub-interfaces

configured pointing to Chicago and Houston. The Chicago router only has

one sub-interface pointing to Detroit.

On the Detroit router, the int s0/0.102 command creates a sub-interface

numbered 102 on the Serial0/0 interface. Using the DLCI number for the

sub-interface number is an arbitrary choice, useful for documentation

purposes. On the Detroit router, each sub-interface contains only one virtual

circuit, thus the interface’s network type was set to point-to-point.

Notice also that encapsulation and LMI-type information is set on the

physical interface, but IP address and DLCI information is set on the subinterface.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

266

Frame-Relay Traffic Shaping (FRTS)

Frame-Relay’s method of QoS is called traffic-shaping, which controls the

amount of traffic sent out an interface, and dictates congestion control

mechanisms.

Frame-Relay Traffic-Shaping (FRTS) is used for two purposes:

• Adhering to the Frame provider’s traffic rates.

• Preventing an oversubscription of the line between hub and spoke

routers.

Several terms must be understood before configuring traffic-shaping:

• Committed Information Rate (CIR) – the “average” traffic rate

provided on a best-effort basis. By default, the CIR on a serial

interface configured for traffic shaping is 56000 bits per second.

• Available Rate (AR) – the maximum traffic rate, dictated either by

the speed of the physical interface (using the clock rate command), or

the restrictions of the Frame Provider.

• Minimum CIR (MinCIR) – the minimum traffic rate the router will

“throttle” down to if congestion occurs on the Frame-Relay network

(i.e., a BECN is received). This is usually the provider’s guaranteed

traffic rate. By default, the MinCIR is half that of the CIR.

• Discard Eligible (DE) – a bit that is set for all traffic sent above the

MinCIR. Essentially, traffic that is sent above the Frame Provider’s

guaranteed rate can or will be dropped when congestion occurs.

• Committed Burst (Bc) – the amount of bits sent during a specific

interval, measured as Time Committed (Tc). Tc is measured in

milliseconds (default is 125ms, or 8 intervals a second), and

determines the number of intervals per second. The CIR is derived

from the Bc and Tc using the following formula:

CIR = Bc X 1000/Tc

• Excess Burst (Be) – the amount of bits that can be sent exceeding the

Bc (or CIR). Any bits sent at this rate will be marked as DE.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

267

Configuring Frame-Relay (FRTS)

To configure FRTS, a map-class must be created:

Router(config)# map-class frame-relay MYCLASS

Router(config-map-class)# frame-relay cir 64000

Router(config-map-class)# frame-relay bc 8000

Router(config-map-class)# frame-relay be 0

Router(config-map-class)# frame-relay mincir 32000

Router(config-map-class)# frame-relay adaptive-shaping becn

A map-class was created for frame-relay called MYCLASS. The first three

commands configure the CIR, Bc, and Be respectively.

The final commands must be used in conjunction with each other. The

adaptive-shaping feature has been specified, indicating that the router will

throttle back to the mincir if a becn is received. The router does not throttle

down to the mincir immediately, but rather will lower the rate by 25% until

either the congestion stops, or the mincir is reached.

A map-class applied to an interface affects all PVCs on that interface.

Additionally, map classes can be applied to a specific PVC, providing more

granular control of FRTS.

To apply a map class to an interface:

Router(config)# interface s0/0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay traffic-shaping

Router(config-if)# frame-relay class MYCLASS

To apply a map class to a specific PVC:

Router(config)# interface s0/0

Router(config-if)# encapsulation frame-relay

Router(config-if)# frame-relay traffic-shaping

Router(config-if)# frame-relay interface-dlci 101 class MYCLASS

Do not forget the frame-relay traffic-shaping command. Once this command

is configured, all PVCs are configured with the default CIR of 56,000 bps.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

268

EIGRP and Frame-Relay

Detroit

Chicago

Houston

Frame-Relay Cloud

Observe the above Frame-Relay network. Two possible configuration

options exist for the Detroit router:

• Configure frame-relay map statements on the physical interface

• Create separate sub-interfaces for each link, treating them as separate

point-to-points.

If choosing the latter, EIGRP will treat each sub-interface as a separate link,

and routing will occur with no issue.

If choosing the former, EIGRP will be faced with a split-horizon issue.

Updates from Houston will not be forwarded to Chicago, and visa versa, as

split horizon prevents an update from being sent out the link it was received

on.

It is possible to disable split horizon for EIGRP:

Detroit(config)# interface s0/0

Detroit(config-router)# no ip split-horizon eigrp 10

Using sub-interfaces is Cisco’s preferred method of circumventing the splithorizon

issue, however.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

269

Troubleshooting Frame-Relay

To view information concerning each PVC:

Router# show frame-relay pvc

The above command includes the following information:

• DLCI numbers

• Status of PVCs (active, inactive, deleted)

• Congestion information

• Traffic counters

To list Frame-Relay DLCI-mappings, whether manually created using the

frame-relay map command, or created dynamically using Inverse ARP:

Router# show frame-relay map

To display the LMI-type configured on each interface, and LMI traffic

statistics:

Router# show frame-relay lmi

To troubleshoot communication problems between the router and Frame-

Relay switch:

Router# debug frame-relay lmi

To display information on packets received on a Frame-Relay interface:

Router# debug frame-relay

To display information on packets sent on a Frame-Relay interface:

Router# debug frame-relay packet

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

270

Section 27

- Network Address Translation -

NAT (Network Address Translation)

The rapid growth of the Internet resulted in a shortage of IPv4 addresses. In

response, the powers that be designated a specific subset of the IPv4 address

space to be private, to temporarily alleviate this problem.

A public address can be routed on the Internet. Thus, devices that should be

Internet accessible (such as web or email servers) must be configured with

public addresses.

A private address is only intended for use within an organization, and can

never be routed on the internet. Three private addressing ranges were

allocated, one for each IPv4 class:

• Class A - 10.x.x.x

• Class B - 172.16-31.x.x

• Class C - 192.168.x.x

NAT (Network Address Translation) is used to translate between private

addresses and public addresses. NAT allows devices configured with a

private address to be stamped with a public address, thus allowing those

devices to communicate across the Internet.

NAT is not restricted to just public-to-private address translations, though

this is the most common application of NAT. NAT can perform a public-topublic

address translation, or a private-to-private address translation as well.

NAT provides an additional benefit – hiding the specific addresses and

addressing structure of the internal network.

Both Cisco IOS devices and PIX/ASA firewalls support NAT.

(Reference: http://www.cisco.com/en/US/tech/tk648/tk361/technologies_white_paper09186a0080194af8.shtml)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

271

Types of NAT

NAT can be implemented using one of three methods:

Static NAT – performs a static one-to-one translation between two

addresses, or between a port on one address to a port on another address.

Static NAT is most often used to assign a public address to a device behind a

NAT-enabled firewall/router.

Dynamic NAT – utilizes a pool of global addresses to dynamically translate

the outbound traffic of clients behind a NAT-enabled device.

NAT Overload or Port Address Translation (PAT) – translates the

outbound traffic of clients to unique port numbers off of a single global

address. PAT is necessary when the number of internal clients exceeds the

available global addresses.

NAT Terminology

Specific terms are used to identify the various NAT addresses:

• Inside Local – the specific IP address assigned to an inside host

behind a NAT-enabled device (usually a private address).

• Inside Global – the address that identifies an inside host to the

outside world (usually a public address). Essentially, this is the

dynamically or statically-assigned public address assigned to a private

host.

• Outside Global – the address assigned to an outside host (usually a

public address).

• Outside Local – the address that identifies an outside host to the

inside network. Often, this is the same address as the Outside Global.

However, it is occasionally necessary to translate an outside (usually

public) address to an inside (usually private) address.

For simplicity sake, it is generally acceptable to associate global addresses

with public addresses, and local addresses with private addresses.

However, remember that public-to-public and private-to-private translation

is still possible. Inside hosts are within the local network, while outside

hosts are external to the local network.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

272

NAT Terminology Example

Consider the above example. For a connection from HostA to HostB, the

NAT addresses are identified as follows:

• Inside Local Address - 10.1.1.10

• Inside Global Address - 55.1.1.1

• Outside Global Address – 99.1.1.2

• Outside Local Address – 99.1.1.2

HostA’s configured address is 10.1.1.10, and is identified as its Inside Local

address. When HostA communicates with the Internet, it is stamped with

RouterA’s public address, using PAT. Thus, HostA’s Inside Global address

will become 55.1.1.1.

When HostA communicates with HostB, it will access HostB’s Outside

Global address of 99.1.1.2. In this instance, the Outside Local address is also

99.1.1.2. HostA is never aware of HostB’s configured address.

It is possible to map an address from the local network (such as 10.1.1.5) to

the global address of the remote device (in this case, 99.1.1.2). This may be

required if a legacy device exists that will only communicate with the local

subnet. In this instance, the Outside Local address would be 10.1.1.5.

HostA

10.1.1.10

HostB

192.168.1.5

RouterA

NAT-Enabled

10.1.1.1 55.1.1.1

Internet

RouterA

NAT-Enabled

99.1.1.1 192.168.1.1

Static NAT Translation

99.1.1.2 = 192.168.1.5

SRC Address = 10.1.1.10

DST Address = 99.1.1.2

SRC Address = 55.1.1.1:31092

DST Address = 99.1.1.2

SRC Address = 55.1.1.1:31092

DST Address = 192.168.1.5

The above example demonstrates how the source (SRC) and destination

(DST) IP addresses within the Network-Layer header are translated by NAT.

(Reference: http://www.cisco.com/warp/public/556/8.html)

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

273

Configuring Static NAT

The first step to configure Static NAT is to identify the inside (usually

private) and outside (usually public) interfaces:

Router(config)# int e0/0

Router(config-if)# ip nat inside

Router(config)# int s0/0

Router(config-if)# ip nat outside

To statically map a public address to a private address, the syntax is as

follows:

Router(config)# ip nat inside source static 172.16.1.1 158.80.1.40

This command performs a static translation of the source address 172.16.1.1

(located on the inside of the network), to the outside address of 158.80.1.40.

Configuring Dynamic NAT

When configuring Dynamic NAT, the inside and outside interfaces must

first be identified:

Router(config)# int e0/0

Router(config-if)# ip nat inside

Router(config)# int s0/0

Router(config-if)# ip nat outside

Next, a pool of global addresses must be specified. Inside hosts will

dynamically choose the next available address in this pool, when

communicating outside the local network:

Router(config)# ip nat pool POOLNAME 158.80.1.1 158.80.1.50 netmask

255.255.255.0

The above command specifies that the pool named POOLNAME contains a

range of public addresses from 158.80.1.1 through 158.80.1.50.

Finally, a list of private addresses that are allowed to be dynamically

translated must be specified:

Router(config)# ip nat inside source list 10 pool POOLNAME

Router(config)# access-list 10 permit 172.16.1.0 0.0.0.255

The first command states that any inside host with a source that matches

access-list 10 can be translated to any address in the pool named

POOLNAME.

The access-list specifies any host on the 172.16.1.0 network.

CCNA Study Guide v2.44 – Aaron Balchunas

* * *

This material may be copied and used freely, but may not be altered or sold without the expressed written

consent of the owner of the above copyright. Updated material may be found at http://www.routeralley.com.

274

Configuring NAT Overload (or PAT)

Recall that NAT Overload (or PAT) is necessary when the number of

internal clients exceeds the available global addresses. Each internal host is

translated to a unique port number off of a single global address.

Configuring NAT overload is relatively simple:

Router(config)# int e0/0

Router(config-if)# ip nat inside

Router(config)# int s0/0

Router(config-if)# ip nat outside

Router(config)# ip nat inside source list 10 interface Serial0/0 overload

Router(config)# access-list 10 permit 172.16.1.0 0.0.0.255

Any inside host with a source that matches access-list 10 will be translated

with overload to the IP address configured on the Serial0/0 interface.

Troubleshooting NAT

To view all current static and dynamic translations:

Router# show ip nat translations

To view whether an interface is configure as an inside or outside NAT

interface, and to display statistical information regarding active NAT

translations:

Router# show ip nat statistics

To view NAT translations in real-time:

Router# debug ip nat

To clear all dynamic NAT entries from the translation table:

Router# clear ip nat translation

Jamthy's Blog

Monday, April 25, 2011

CCNA guide

No comments:

Facebook Badge

Blog Archive