Router Configuration

1. The commands 'configure terminal', 'configure memory', and 'copy tftp running-config' all load configuration information into_____?

RAM. Most of the configuration commands deal with moving information into and out from RAM.

 

2. The commands 'copy running-config tftp' and 'copy running-config startup-config' store the currently running configuration from RAM to_____and_____, respectively.

A network tftp server and NVRAM, respectively.

3. What do the prompts for 'User EXEC' mode, 'Privileged EXEC' mode, and 'Global configuration' mode look like?

 

 'User EXEC' mode:                      Router>

 'Privileged EXEC' mode:                Router#

  (used for copying and managing entire configuration files)

 

 

 "Global configuration' mode:           Router(config)#

 

  used for one-line commands and commands that change the entire

  router (affect the system as a whole). Use the privileged EXEC

  command "configure" to enter global configuration mode. When

  you enter this command, the EXEC prompts for the source of the

  configuration commands. You can then specify the terminal,

  NVRAM, or a file stored on a network server as the source.

Specific Configuration Modes:

 

 Interfaces                            Router(config-if)#

 Subinterfaces                         Router(config-subif)#

 Controller                            Router(config-controller)#

 Map-list                              Router(config-map-list)#

 Map-class                             Router(config-map-class)#

 Line                                  Router(config-line)#

 Router                                Router(config-router)#

 IPX-router                            Router(config-ipx-router)#

 Route-map                             Router(config-route-map)#

If you type "exit" the router will back out one level, pressing "Control-Z" leaves configuration mode completely and returns to privileged EXEC mode.

4. When configuring routers with Release 11.x methods, once you have typed 'show running-config' and displayed a desired configuration, what commands do you use to save changes to backup?

Use 'copy running-config startup-config' and 'copy running-config tftp'.

5. What are two basic tasks when first configuring a router?

(1) Password configuration and (2) naming the router (router identification configuration).

The router provides a "host name", "a banner", and "interface descriptions" to aid in identification.

Configuration command summary:

·         "configure terminal" - Configure manually from the console terminal.

·         "configure memory" - Load configuration information from NVRAM to RAM.

·         "copy tftp running-config" - Load configuration information from a network TFTP server to RAM.

·         "copy running-config startup config" - Store the current configuration in RAM into NVRAM.

·         "copy running-config tftp" - Store the current configuration in RAM on a network TFTP server.

·         show startup-config" - Display the saved configuration, which is the contents of NVRAM.

·         "erase startup-config" - Erase the contents of NVRAM.

You can use the "copy running-config tftp" command to store the current configuration in RAM on a network TFTP server. To do so, complete the following tasks:

1.        Enter the 'copy running-config tftp' command.

2.        Enter the IP address of the host you want to store the configuration file.

3.        Enter the name you would like to assign to the configuration file.

4.        Confirm your choices by answering "Yes".

These commands manage the contents of NVRAM:

·         "configure memory" - Load configuration information from NVRAM to RAM.

·         "erase startup-config" - Erase the contents of NVRAM.

·         "copy running-config startup-config" - Store the current configuration in RAM (the running configuration) into NVRAM (as the startup configuration).

·         "show startup-config" - Display the saved configuration, which is the contents of NVRAM.

 

IP Routing Protocol Mode:

Router(config)#       router?

 

bgp          Border Gateway Protocol (EGP)

egp          Enterior Gateway Protocol (EGP)

eigrp        Enhanced Interior Gateway Routing Protocol (EIGRP)

igrp         Interior Gateway Routing Protocol (IGRP)

isis         ISO IS-IS

iso-igrp     IGRP for OSI networks

mobile       Mobile routes

odr          On Demand stub Routes

ospf         Open Shortest Path First (OSPF)

rip          Routing Information Protocol (RIP)

static       Static routes

After a routing protocol is enabled by a global command, the router configuration mode prompt Router(config-router)# is displayed. Type a question question mark (?) to list the router configuration commands.

 

Router(config)#                    router rip

Router(config-router)#             ?

Router configuration commands:

default-information                Control distribution of default

                                   information

distance                           Define an administrative

                                                                         distance

distribute-list                    Filter networks in routing

                                   updates

exit                               Exit from routing protocol

                                   configuration mode

 

Many features are enabled on a per-interface basis. Interface configuration commands modify operation of an Ethernet, Token Ring, or serial port. Interface subcommands always follow an interface command; the interface command defines the interface type.

 

Configuration Methods:

1. Enter configuration statements

2. Save the changes to a backup the router will use when it starts up

3. Examine the changes you have made

4. If necessary, modify or remove configuration statements

You can secure your system by using passwords to restsrict access. Passwords can be established both on individual lines and in the privileged EXEC mode.

The "line console 0" command establishes a password on the console terminal.The "line vty 0 4" command establishes password protection on incoming Telnet sessions.

The "enable-password" command restricts access to the privileged EXEC mode.

The "enable-secret password" from the System Configuration Dialog to setup global parameters uses a Cisco-proprietary encryption process to alter the password character string.

Password can be further protected from display through the use of the "service password-encryption" command. The encryption algorithm does not match the Data Encryption Standard (DES).

The "banner mode" command is used to configure a message of the day which is displayed at login and is useful for conveying messages that affect all network users, such as impending system shutdowns.

 

 

 

 

 

 

 

 

Semester 2, Lesson 10 Notes:

Sources for Cisco IOS Software

The default source for Cisco IOS software depends on the hardware platform, but most commonly the router looks to the 'configuration commands' saved in NVRAM.

You can specify other sources where the router should look for software, or the router will use its own "fall back sequence" as necessary to load software. Settings in the "configuration register" enable alternatives for where the router will bootstrap Cisco IOS software.

You can specify "enabled config-mode boot" (Router(config)# boot...) system commands to enter fall back sources for the router to use in sequence. Save these statments in NVRAM to use during the next startup with the command "copy running-config startup-config". The router will use these commands as needed, in sequence, when it restsarts.

However, if NVRAM lacks boot system commands the router can use; the system has its own 'fall back alternatives':

1.        the router will fall back and use defalut Cisco IOS in Flash memory.

2.        If Flash memory is empty, the router will try its next TFTP alternative. ...The router uses the configuration register value to form a filename from which to boot a default system image stored on a network.

 

2. What important command displays information about the Cisco IOS software that is currently running on the router, including the 'configuration register' setting?

"show version"

The order in which the router looks for system bootstrap information depends on the 'boot field' setting in the "configuration register". You can change the default "configuration register" setting with the 'enabled config-mode command', "config-register" (Router(config)# config-register 0x10F^Z).

The "configuration register" is a 16-bit register in NVRAM. The lowest four bits of the configuration register (bits 3, 2, 1, and 0) form the 'boot field'. Configuration register values (bits 3, 2, 1, and 0): 

 
 0x100 ROM monitor mode                boot field 0-0-0-0
 0x101 Boot from ROM                   boot field 0-0-0-1
 0x102 - 0x10F Examine NVRAM           boot field 0-0-1-0-1-1-1-1

To check the boot field setting, for example, to verify the config-register command, you must use the "show version" command. Note: You will not see evidence of any config-register setting in output from either the "show running-config" or "show startup-config comands".

The command "copy running-config startup-config" saves the command in NVRAM.

3. If both flash memory is corrupted and the network server fails to load the software image, what is the final software bootstrap option?

(3)Booting from ROM.

A 'TFTP server' can be another router, or it can be a host system. The TFTP host can be any system (Unix, DOS, Windows) with TFTP loaded and is able to contain files on the TCP/IP network. You will be copying software between the TFTP host and Flash memory in the router.

4. What comand would you use to make sure that you can see and write into Flash and verify that the router has sufficient room in Flash to accomodate the Cisco IOS software image you want to load?

"show flash"

1.        Command used to verify that you have sufficient memory on your system for the Cosci IOS software you want to load.

2.        Command used to learn the name of the system image file.

With Cisco IOS Release 11.2, the naming convention for Cisco IOS contains three parts:(Ex. igs-inr-1, c4500-aj-m, gs7-k-mz)

1.        The first part of the image name contains the platform on which the image runs. (ex. cpa25, igs, c4500, gs7)

2.        The second part of the image name identifies the special capabilities of the image. A letter or series of letters identifies the feature sets supported in the image. (Ex. 1, cg, inr, aj, k)

3.        The third part of the image name specifies where the image runs and if it has been 'zip' compressed. (Ex. 1, m, mz)

5. What two related commands are useful for transferring Cisco IOS images between tftp server and flash memory?

1. "copy tftp flash" - Copy the system image to a TFTP server.

Provides for a backup copy of the current Cisco IOS software image.

2. "copy tftp flash" - Download the new image from the TFTP server.

This command begins operation by requesting the 'IP address' of the remote host that will act as a TFTP server. Next you are prompted for the 'image name' of the update image. Following an opportunity to confirm your entries, the procedure asks if you are willing to 'erase Flash'. Each exclamation point (!) means that one User Datagram Protocol (UDP) segment has successfully transferred. The series of Vs indicates successful check run verification of a segment.

Use the "show flash" command to view the file and to compare its size with that of the original on the server before changing the 'boot system commands' to use the updated image. Following a successful copy, the "reload" command boots up the router as specified with the boot system system using the updated image.

Semester 2, Lesson 11 Notes:

Fundamentals of TCP/IP

TCP/IP - "Transmission Control Protocol/Internet Protocol". Common name for the suite of protocols developed by the U.S. DOD in the 1970s to support the construction of worldwide internetworks. TCP and IP are the two best-known protocols in the suite.

TCP - "Transmission Control Protocol". Connection-oriented 'transport layer' protocol that provides reliable full-duplex data transmission. TCP is part of the TCP/IP protocol stack.

IP - "Internet Protocol". 'Network layer' protocol in the TCP/IP stack offering a connectionless internetwork service. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security. Documented in RFC 791.

The TCP/IP protocol stack has the following components:

·         Protocols to support file transfer, e-mail, remote login, and other 'application protocols'. Network management is also supported at the Application layer. (layer 7)

·         Reliable and "unreliable" transports (layer 4)

·         Connectionless datagram delivery at the Network layer (layer 3)

·         ICMP provides control and message functions at the Network layer (layer 3).

1. How do the TCP/IP 'Conceptual layers' relate to the 'OSI layers'?

1.        TCP/IP groups the OSI 7-Application, 6-Presentation, and 5-Session layers into an "Application Layer".

2.        The OSI 4-Transport layer maps exactly to the TCP/IP "Transport Layer".

3.        TCP/IP renames the OSI 3-Network layer as an "Internet Layer".

4.        TCP/IP calls the OSI 2-Data link and 1-Physical layers the "Network Interface Layer".

2. Compare and contrast TCP and UDP Transport Layer).

1.        TCP (Transmission Control Protocol) is a connection-oriented, 'reliable protocol'. It is responsible for breaking messages into 'segments', reassembling them at the destination station, resending anything that is not received, and reassembling messages from the segments. TCP supplies a 'virtual circuit' between end-user applications.

2.        UDP (User Datagram Protocol) is a connection-less, "unreliable" protocol. Although UDP is responsible for transmitting messages, no software checking for segment delivery is provided at this layer; hence the description 'unreliable'.

The "Transport layer" performs two functions:

1.        Flow control provided by sliding windows

2.        Reliability provided by sequence numbers and acknowledgmenmts

 

3. Briefly describe everything you know about the fields in a TCP 'segment'.

TCP field segments include:

1.        Source and destination ports (what services are being requested)

2.        Sequence numbers, Acknowledgment numbers, and Header length (keeping track of segments)

3.        Code bits (setup and termination of sessions)

4.        Window (number of octets that the sender is willing to accept)

5.        Checksum (number of header and data fields, for error correction)

6.        Data (upper-layer protocol data)

Both TCP and UDP us eport (or socket) numbers to pass information to the upper layers. Port numbers are used to keep track of different conversations crossing the network at the same time. Application software developers agree to use well-known port numbers that are defined in RFC1700.

Some ports are reserved in both TCP and UDP, but applications might not be written to support them. Port numbers have the following assigned ranges:

·         Numbers below 255 are for public applications.

·         Numbers from 255 to 1023 are assigned to companies for sealable applications.

·         Numbers above 1023 are unregulated.

End systems use port numbers to select the proper application. Originating source port numbers are dynamically assigned by the source host, usually some number greater than 1023.

TCP "Three-Way Handshake" (Open Connection)

Both ends of the connection are synchronized with a three-way handshake /open connection sequence. Exchanging beginning sequence numbers during the connection sequence ensures that lost data can be recovered if problems occur later. 

 
   Host-A                                                                       Host-B
   ------                                                                           ------
1. Send SYN (seq=x)                                                  
                                                                                      Receive SYN (seq=x)
 
 
                                                                                      Send SYN (seq=y, ack=x+1)
2. Receive SYN (seq=y, ach=x+1)
 
 
 
3. Send ACK (ack=y+1)
                                                                                      Receive ACK (ack=y+1)
 
 

"Window size" - Refers to the number of messages that can be transmitted while awaiting an acknowledgment. TCP uses 'expectational acknowledgments', meaning that the acknowledgment number refers to the octet expected next.

"Par" (Positive Acknowledgment and Retransmission) - TCP provides "sequencing" of segments with a "forward reference acknowledgment". Each datagram is numbered before transmission. At the receiving station, TCP reassembles the segments into a complete message. If a sequence number is missing in the series, that segment is retransmitted. Segments that are not acknowledged within a given time period result in retransmission.

"UDP (User Datagram Protocol) uses no windowing or acknowledgments. Application-layer protocols can provide for reliability. UDP is designed for applications that do not need to put sequencses of segments together. Protocols that use UDP include TFTP, SNMP, Network File System (NFS), and Domain Name System (DNS).

4. Briefly describe everything you know about the fields in an IP 'datagram'.

IP datagram fields include:

1.        Version number and header length

2.        Type of service and total length of datagram

3.        Time-To-Live

4.        Which upper-layer Protocol has sent the Datagram (TCP or UDP)

5.        Header checksum

6.        Source and Destination IP addresses

7.        IP options (testing, debugging, security)

8.        Data

5. Briefly distinguish between IP, ICMP, ARP, and RARP (Internet layer).

Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI 3-Network layer:

"IP" (Internet protocol) provides 'connectionless', 'best-effort routing' of datagrams [packets]. It is not concerned with their content; it is looking for ways to move the datagrams to their destination. IP provides features for addressing, type-of-service specification, fragmentation and reassembly, and security.

"ICMP" (Internet Control Message Protocol) provides control and messaging capabilities. Network layer Internet protocol that reports errors and provides other information relevant to IP packet processing.

If a router receives a packet that it is unable to deliver to its destination, the router sends an ICMP :destination unreachable" message to the source and the router discards the message. The message might be undeliverable because of an invalid IP address or there is no known route to the destination. Undeliverable ICMP messages are discarded to prevent flooding of the network.

An "echo reply" is a successful reply to a "ping" command; however, the results could include other ICMP mesages, such as unreachables and timeouts.

ICMP uses the following types of defined messages. Others exist that are not included on this list:

·         Destiantion (Host) Unreachable

·         Echo Request (Ping)

·         Echo Reply (Ping Reply)

·         Time Exceeded

·         Parameter Problem

·         Source Quench

·         Redirect

·         Timestamp

·         Timestamp Reply

·         Information Request

·         Information Reply

·         Address Request

·         Address Reply

"ARP" (Address Resolution Protocol) determines the 2-Data link layer address for a known IP address. Internet protocol is used to map an IP address (network address) to a MAC sublayer address. To determine a destination address for a 'datagram' the "ARP cache" table is checked. If the address is not in the table, ARP sends a 'broadcast' looking for the destination station. Every station on the network receives the broadcast.

The term "local ARP" is used to describe resolving an address when both the requesting host and the destination host share the same media or wire. Prior to issuing the ARP, the "subnet mask" was consulted. The mask determined that the nodes are on the same subnet.

"RARP" (Reverse Address Resolution Protocol) determines network addresses (IP addresses) when data link layer addresses are known. Protocol in the TCP/IP stack that provides a method for finding IP addresses based on MAC addresses.

RARP relies on the presence of a RARP server with a table entry or other means to respond to these requests. On the local segment, RARP can be used to initiate a remote operating system load sequence

 

 

 

 

Semester 2, Lesson 12 Notes:

TCP/IP Address Overview and Configuring Router Addresses

Each node using the TCP/IP protocol suite has a unique '32-bit logical address'. This address is known as the "IP address".

Each company listed on the internetwork is seen as a 'single unique network' that must be reached before an 'individual host' within that company can be contacted. Each company network has an address; the hosts that live on that network share that same "network address", but each host is identified by the unique "host address" on the network.

"Broadcast" - Data packet that will be sent to all nodes on a network. Broadcasts are identified by a "broadcast address" a 'host address' of all ones in the 'IP address'.

The Cisco IOS software supports two kinds of broadcasts:

1.        "Directed broadcasts" - Broadcasts directed into a specific network are allowed and are forwarded by the router. These directed broadcasts contain all ones in the host portion of the address.

2.        "Flooding" - 'Flooding broadcasts' (255.255.255.255) are not propagated, but are considered local broadcasts.

"Flooding" - Traffic passing technique used by 'switches' and 'bridges' in which traffic received on an interface is sent out to all of the interfaces of that device except the interface on which the information was originally received.

"Network Addresses" - An address of all zeros means 'this network' or 'the wire itself'. The "routing table" contains entries for the 'wire' or 'network addresses'; it usually does not contain any information about hosts.

An 'IP address' and 'subnet mask' on an interface achieves three purposes:

1.        It enables the system to process the receipt and transmission of packets.

2.        It specifies the device's local address.

3.        It specifies a range of addresses that share the cable with the device.

1. If a router has:

A serial interface SO with IP address 172.16.1.2

An Ethernet interface EO with IP address 172.31.4.1

A Token Ring interface TO with IP address 172.31.16.1

and if all interfaces use a mask of 255.255.25.0, find the subnet (wire) number for each interface. 

 
SO: 172.16.1.0                                        (172.16.1.2  AND            255.255.255.0)
EO: 172.31.4.0                                        (172.31.4.1  AND            255.255.255.0)
TO: 172.31.16.0                                      (172.31.16.1                    AND            255.255.255.0)

2. What is the result of the command:

"Router(config-if)#   ip address   ip-address subnet-mask"

This command establishes the 'logical network address' (ip-address) and subnet-mask of the specified interface. Specifically, it (1) assigns an address and a subnet-mask and (2) starts IP processing on that interface.

"Router(config)# term ip netmask-format"

Command used to specify the format of network masks for the current session. Format options are:

Bit count

Dotted decimal (the default)

Hexdecimal

What does the following command do?

    "Router(config)#   ip host name ip-address"

The 'ip host' command makes a "static name-to-address entry" in the router's configuration file. Hosts and interfaces then become selctable by either their 'name' or their 'IP address'.

    "Router(config)#   ip name-server server-address [...]"

Command used to define which hosts can provide the 'name service'. A maximum of six IP addresses can be specified as name servers in a single command.

    "Router(config)#   ip domain-lookup"

The DNS (name service) is enabled by default with a server address of 255.255.255.255, which is a local broadcast.

    "Router(config)#   no ip domain-lookup"

Command used to turn off name-to-address translation in the router.

4. What type of information is obtained from the command:

"Router# show hosts"

This command displays host names, their associated IP addresses, and type and time status indicators about how and why the host name became associated with those IP addresses (Cache of host name-to-address mappings).

The Cisco IOS software maintains a 'cache' of 'host name-to-address mappings' for use by EXEC commands. This cache speeds the process of converting names to addresses.

5. Distinguish amongst the three commands which allow you to 'verify address configuration' in your internetwork.

1.        "Telnet" (a layer 7 test) verifies the allplication layer software between source and destination stations (this is the most complete test mechanism available).

2.        "Ping" (a layer 3 test) uses the IMCP protocol to verify the hardware connection and the logical address of the network layer (this is a very basic testing mechanism). The 'ping' command sends ICMP echo packets and is supported in both user and privileged EXEC mode. These are the commands that may be returned by the "ping" test (ICMP Echo Request): 

3.                            
4.                           Character    Definition
5.                              !                     Successful receipt of an echo reply
6.                              .                     Times out waiting for datagram reply
7.                              U                    Destination unreachable error
8.                              C                   Congestion-experienced packet
9.                              I                     Ping interupted (Ctrl-Shift-6 x)
10.                           ?                    Packet type unknown
11.                           &                   Packet Time To Live exceeded

"Extended Ping" is supported only from privileged EXEC mode. You can use the extended command mode of the ping command to specify the supported internet header options. To enter the extended mode, enter 'Y' at the extended commands prompt.

12.     "Trace" uses Time-To-Live (TTL) values to generate messages from each router used along the path (this is very useful for locating path failures). 'Host names' are shown if the addresses are translated dynamically or via static host table entires. The 'times' listed represent the time required for each of three probes to return.

When the trace reaches the target destination, an asterisk (*) is reported at the display. This normally is caused by the receipt of a port -unreachable packet and the time out in responce to the probe packet. Other responses include: 

 
!H    -                                   The probe was received by the router,
                         but not forwarded, usually due to an 
                         access list.
 P    -                                    The protcol was unreachable.
 N    -                                    The network was unreachable.
 U    -                                    The port was unreachable.
 *    -                                     Time out.

Semester 2, Lesson 13 Notes:

Router configuration and Routing Protocols: RIP and IGRP

"IGP" (Interior Gateway Protocol) - Internet protocol used to exchange routing information within an autonomous system. Examples of common IGPs include IGRP, OSPF, and RIP.

"RIP" (Routing Information Protocol) - IGP supplied with UNIX BSD systems. The most common IGP in the Internet. RIP uses hop count as a routing metric.

"IGRP" (Interior Gateway Routing Protocol) - IGP developed by Cisco to address the problems associated with routing in large, heterogeneous networks.

Each 'interface' on the router must be configured with a unique 'IP address' and 'subnet mask'. Information that relates an IP address to a router is called the "routing table".

Routers learn paths to destinations three different ways:

(Note: The "ip route" command is used to set up 'static routes'. The "ip default-network" command is used to set up 'default routes')

(1)"Static routes" - Manually defined by the system administrator as the only path to the destination (stub network). Route that is explicitly configured and entered into the routing table. Static routes take precedence over routes chosen by dynamic routing protocols. Useful for controlling security and reducing traffic. The "ip route" command is used to setup a static route.

Router(config)#   ip route network [mask] {address/interface) [distance] 

 
network                               Destination 'network' or subnet mask
                         Subnet mask
 
address                                IP address of next hop router
 
interface         Name of interface to use to get to 
                         destination network
 
distance          The administrative distance

"Administrative distance" - a rating of the trustworthiness of a routing information source expressed as a numeric value from 0 to 255. The higher the number, the lower the trustworthiness rating.

A 'static route' allows manual configuration of the routing table. No dynamic changes to this table entry will occur as long as the path is active. A static route may reflect some special knowledge of the networking situation known to the network administrator. Manually entered 'administrative distance' values for static routes are usually low numbers.

Routing updates are not sent on a link if only defined by a 'static route', thereby conserving bandwidth.

(2)"Default routes" - Manually defined by the system administrator as the path to take when no route to the destination is known. Routing table entry that is used to direct frames for which a next hop is not explicitly listed in the routing table. 'Default routes' are configured using the 'ip default route' command, while at the 'Router (config)# prompt.

Router(config)#   ip default-network network-number

Network-number: IP network number or subnet number defined as the default.

(3)"Dynamic routing" - Router learns of paths to destinations by receiving periodic updates from other routers. Routing that adjusts auotmatically to network topology or traffic changes. Also called adaptive routing. Dynamic routing uses 'broadcasts' and 'multicasts' to communicate with other routers. The "router" command starts a routing process.

Router(config)#   router protocol [number/word]

protocol     RIP, IGRP, OSPF, or Enhanced IGRP.

number       autonomous-number for IGRP

An "Autonomous System" (AS) is a group of routers under a common administration, An 'autonomous system' consists of touters, run by one or more operators, that present a consistent view of routing to the external world. As numbers are used to prevent updates from different Autonomous Systems being propagated amongst each other.

The "Network Information Center" (NIC) assigns a unique 'autonomous system' to enterprises. This autonomous system is a 16-bit number. A routing protocol, such as Cisco's "Interior Gateway Routing Protocol" (IGRP) requires that you specify this unique, assigned autonomous system number in your configuration.

Router(config-router)#   network network-number

network:

Such as autonomous system, which is used with those protocols that require an autonomous system, such as IGRP.

network-number:

Specifies a directly connected network.

The "network" command is required because it allows the routing process to determine which interfaces will participate in the sending and receiving of routing updates. The "network number" must be based on the NIC network numbers, not subnet numbers or individual addresses. The network command assigns a NIC-based address to which the router is directly connected. The routing process will associate interfaces with the proper addresses and will begin packet processing on the specified networks.

"Exterior routing protocols" are used to communicate between 'autonomous systems'. "Interior routing protocols" are used to communicate within a single Autonomous System.

At the "Internet layer" of the TCP/IP suite of protocols, a router can use the IP routing protocol to accomplish routing through the implementation of a specific routing algorithm. Examples of the IP routing protocols include:

RIP:

A 'distance vector' routing protocol.

IGRP:

Cisco's 'distance vector' routing protocol.

OSPF:

A 'link-state' routing protocol.

Enhanced IGRP:

A 'balanced hybrid' routing protocol.

The selection of IP as a routing protocol involves the setting of both global and interface parameters.

Global configuration tasks:

1.        Select a routing protocol, RIP or IGRP.

2.        Assign IP network numbers without specifying subnet values.

Interface configuration task:

1.        assign network/subnet addresses and the appropriate subnet mask.

RIP (Routing Information Protocol) is primarily concerned with the 'hop count'. Key characteristics of RIP include the following:

·         It is a distance vector routing protocol.

·         Hop count is used as the metric for path selection.

·         The maximum allowable hop count is 15.

·         Routing updates are broadcast every 30 seconds by default.

IGRP (Interior Gateway Routing Protocol) is a distance vector routing protocol developed by Cisco. IGRP sends routing updates at 90-second intervals that advertise networks for a particular autonomous system. The following are some key characteristics of IGRP:

·         IGRP is a distance vector routing protocol.

·         A composite metric (including bandwidth, delay, load, reliability, and MTU) is used for path selection.

·         It is versatile, flexable, and scalable, allowing for more complex topologies and large networks.

·         Routing updates are broadcast every 90 seconds.

·         Speed is the primary concern of IGRP.

"MTU" (Maximum transmission unit) - Maximum packet size, in bytes, that a particular interface can handle.

"show ip protocol" - (1) Command that displays values about routing timers and network information associated with the entire router. (2) Command that displays parameters, filters, and network information about the entire router. Use this information to indentify a router that is suspected of delivering bad routing information.

"show ip route" - Command that displays the contents of the IP routing table.

The 'routing table' contains entries for all known networks and subnetworks and contains a 'code' that indicates how that information was learned.

"show ip interface" - Command that displays the status and global parameters associated with an interface.

The Cisco IOS software automatically enters a directly connected route in the routing table if the 'interface' is one through which software can send and receive packets. Such an 'interface' is marked 'up'. If the interface is unusable, it is removed from the routing table. Removing the entry allows implementation of backup routes, if they exist.

"debug ip rip" - Command that displays RIP routing updates as they are sent and received





Semester 2, Lesson 14 Notes:

Router Access Lists, Security, and Firewalls

"Access list" - (1) List kept by Cisco routers to control access to or from the router for a number of services (for example, to prevent packets with a certain IP address from leaving a particular interface on the router). (2) Command that creates an entry in a standard traffic filter list.

·         Standard

-Simpler address specifications

-Generally permits or denies entire protocol suites

·         Extended

-More complex address specifications

-Generally permits or denies specific protocols

"Access lists" offer another powerful tool for network control. These lists add the flexibility to filter the packet flow that flows in or out of router interfaces. "Access lists" perform several functions within a Cisco router including:

·         Impliment security/access procedures

·         Act as a protocol "firewall"

"Extended Access lists" allow 'filtering' on address, protocol, and applications. Access lists are used to 'limit broadcast traffic'.

You can also use "Access lists" to:

·         Identify packets for priority or custom queing

·         Restrict or reduce the contents of routing updates

"Access lists" also process packets for other security features to:

·         Provide IP traffic dynamic access control with enhanced user authentication using the lock-and-key feature

·         Identify packets for encryption

·         Identify Telnet access allowed to the router virtual terminals

"DDR" (Dial-on-demand routing) Technique whereby a Cisco router can automatically initiate and close a 'circuit-switched session' as transmitting stations demand. The router 'spoofs keepalives' so that end stations treat the session as active. DDR permits routing over ISDN or telephone lines using an external ISDN terminal adaptor or modem.

The OSI model is the very heart of networking with every layer performing a specific task in order to facilitate data communications. In the world of networking the first four (4) layers are the focus. They define the following:

Why a Layered Network Model ?

The OSI model - seven numbered layers indicate distinct functions. In the Transmission Control Protocol/Internet Protocol (TCP/IP), the distinct functions fit into five named layers. This separation of networking functions is called "layering".

OSI Layer Functions:

7. APPLICATION (Network processes to applications)

The application layer provides network services to user applications. For example, a word processing application is serviced by file transfer services at this layer.

6. PRESENTATION (Data representation)

This layer provides data representation and code formatting. It ensures that the data that arrives from the network can be used by the application, and it ensures that information sent by the application can be transmitted on the network.

5. SESSION (Interhost communication)

This layer establishes, maintains, and manages sessions between applications.

4. TRANSPORT (End-to-end connections)

This layer segments and reassembles data into a data stream. This layer uses the TCP protocol.

3. NETWORK (Addresses and best path)

This layer determines the best way to move data from one place to another. The router operates at this layer. This layer uses the IP addressing scheme.

2. DATA LINK (Access to media)

This layer provides physical transmission across the medium. It handles error notification, network topology, and flow control. This layer uses the Media Access Control (MAC) address.

1. PHYSICAL (Binary transmission)

This layer provides the electrical, mechanical, procedural, and functional means for activating and maintaining the physical link between systems. This layer uses the physical media like twisted pair, coaxial, and fiber-optic cable.

[Host Layers] (layers 7, 6, 5, & 4)
Provide for accurate data delivery between computers

[Media Layers] (layers 3, 2, & 1)
Control physical delivery of messages over the network

Each layer uses its own 'layer protocol' to communicate with its peer layer in the other system. Each layer's protocol exchanges information, called protocol data units (PDUs), between peer layers. A given layer can use a more specific name for its "PDU".

 
7, 6, 5. ------ [data]
4. Transport--- segments [segment header][data]
3. Network----- packets [network header][data segment]
2. Data Link--- frames [frame header][network packet][frame trailer]
1. Physical---- bits [binary 1's & 0's]

This peer-layer protocol communication is achieved by using the services of the layers below it. The layer below any current layer provides its services to the current layer. Each lower-layer service takes upper-layer information as part of the lower-layer PDUs it exchanges with its layer peer.

[1-Physical Layer] (bits)
The Ethernet and IEEE 802.3 standards define a bus-topology LAN that operates at a baseband signaling rate of 10 Mbps.

1.        10Base2 - Known as 'thin Ethernet', allows network segments up to 185 meters on coaxial cable.

2.        10Base5 - Known as 'thick Ethernet', allows network segments up to 500 meters on coaxial cable.

3.        10Base-T - Carries Ethernet frames on inexpensive twisted-pair wiring.

The 10Base5 and 10Base2 standards provide access for several stations on the same LAN segment. Stations are attached to the segment by a cable that runs from an attachment unit interface (AUI) in the station to a transceiver that is directly attached to the Ethernet coaxial cable.

Because the 10Base-T standard provides access for a single station only, stations attached to an Ethernet LAN by 10BaseT are almost always connected to a hub or a LAN switch. In this arrangement, the hub or LAN switch is the same as an Ethernet segment.

[2-Data Link Layer] (physical addressing)
The Ethernet and 802.3 data links provide data transport across the physical link joining two devices Devices can be directly attached to each other over the Ethernet LAN. Computers have MAC addresses used by the data-link layer. The router also uses MAC addresses for each of its LAN side interfaces. For indicating the 802.3 interface on the router, you will use the Cisco IOS interface type abbreviation E followed by an interface number (for example, E0).

[3-Network Layer] (Path determination)
Which path should traffic take through the cloud of networks? Path determination occurs at Layer 3, the 'Network layer'. The path determination function enables a router to evaluate the available paths to a destination and to establish the preferred handling of a packet.

Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI Network layer:

[TCP/IP Network Layers] 

-[DoD TCP/IP Model]-  -[OSI 7-Layer Model]-
4. Application        (7-Application, 6-Presentation, & 5-Session)
3. Transport          (4-Transport)
2. Internet           (3-Network)
1. Network Interface  (2-Data Link & 1-Physical)

Best-effort delivery - Describes a network system that does not use a sophisticated acknowledgment system to guarantee reliable delivery of information.

[TCP/IP addresses]

Each company listed on the internetwork is seen as a single unique network that must be reached before an individual host within that company can be contacted. Each company network has an address; the hosts that live on that network share that same network address, but each host is identified by the unique host address on the network.



[Addressing with subnets]
With subnets, the network address use is more efficient. There is no change to how the outside world sees the network, but within the organization, there is additional structure.

Routers determine the destination network using the 'subnet address', limiting the amount of traffic on the other network segments.

"Routing services" use network topology information when evaluating network paths. This information can be configured by the network administrator or collected through dynamic processes running in the network.

The 3-Network layer interfaces to networks and provides best effort end-to-end packet delivery services to its user, the 4-Transport layer. The 3-Network layer sends packets from the source network to the destination network based on 'IP routing table' (contains: 'Destination network' addresses & 'Next Hop' (outgoing interface) pairs).

After the router determines which path to use, it can proceed with "switching the packet"; taking the packet it accepted on one interface and forwarding it to another interface or port that reflects the best path to the packet's destination.

Using IP addresses, the 3-Network layer can provide a 'relay connection' that interconnects independent networks. By using 'consistent end-to-end addressing' to represent the path of media connections, the 3-Network layer can find a path to the destination without unnecessarily burdening the devices or links on the internetwork with broadcasts.

The Network address identifies a path part used by the router within the network cloud. The router uses the network address to identify the source or destination network of a packet within an internetwork. For some network-layer protocols, this relationship is established by a network administrator who assigns network addresses according to some preconceived internetwork addressing plan. For other network-layer protocols, assigning addresses is partially or completely dynamic.





ICMP - Internet Control Messages Protocol

The ICMP is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams and are used to send error and control messages. ICMP uses the following types of defined messages. Others exist that are not included on this list:

If a router receives a packet that it is unable to deliver to its ultimate destination, the router sends an ICMP host unreachable message to the source. The message might be undeliverable because there is no known route to the destination.

An ICMP 'echo reply' is a successful reply to a "ping" command (ICMP echo request); however, results could include other ICMP messages, such as unreachable and timeouts.

ARP - Address Resolution Protocol

ARP is used to resolve or map a known IP address to a MAC sublayer address to allow communication on a multiaccess medium such as Ethernet. To determine a destination address for a datagram, FIRST, the ARP cache table is checked. If the address is not in the table, ARP sends a broadcast (ARP request) looking for the destination station. Every station on the network receives the broadcast (ARP request). When the destination station replies (ARP reply) only the original station (now the destination) receives the ARP replay and updates it's ARP cache.

The term "local ARP" is used to describe resolving an address when both \ the requesting host and the destination host share the same media or wire. Prior to issuing the ARP, the subnet mask was consulted. The mask determined that the nodes are on the same subnet.

[4-Transport Layer] (End-to-end connections)

Services located in the 4-Transport layer allow users to break apart or 'segment' several upper-layer application data onto the same Layer 4 data stream. These same services allow users to reassemble the same upper-layer applications data. The Layer 4 data stream provides transport services from the host to the destination. Services such as these are sometimes referred to as "end-to-end services". The Layer 4 data stream is a 'logical connection' between the endpoints of a network.

As the Transport layer sends its data segments, it can also ensure the integrity of the data. One method of doing this is called "flow control". Flow control avoids the problem of a host at one side of the connection overflowing the buffers in the host at the other side. Transport layer services also allow users to request reliable data transport between hosts and destinations. To obtain such reliable transport of data, a connection-oriented relationship is used between the communicating end systems.

Reliable transport can accomplish the following:

One reason for different layers in the OSI model is so that multiple applications can share the same transport connection. Transport functionality is accomplished segment by segment. This means that different applications can send data segments on a first-come, first-served basis. Such segments can be intended for the same destination or for many different destinations

One user of the 4-Transport layer must establish a connection-oriented session with its peer system.

 
Sender --- synchronize ------------------> Receiver
Sender <------ negotiate connection -----> Receiver
Sender <------------------ synchronize --- Receiver
Sender --- acknowledge ------------------> Receiver
       ----- connection established -----
Sender <- data transfer (send segments) -> Receiver

TCP/IP 3-way Handshake

 
(1) Send SYN(seq=x) -----\
                          \--> Receive SYN(seq=x)
(2)                       /--- Send SYN(seq=x, ack=y+1)
    Receive SYN(seq=y) <-/
            ACK(x+1)
(3) Send ACK(ack=y+1) ---\
                          \--> Receive ACK(ack=y+1)

When datagrams arrive too quickly for a host or gateway to process, they are stored in memory temporarily (buffer). If the traffic continues, the host or gateway eventually exhausts its memory and must discard additional datagrams that arrive. Instead of allowing data to be lost, the transport function can issue a 'not ready' (Window size=0) indicator to the sender. Acting like a stop sign, this indicator signals the sender to stop sending data. When the receiver can handle additional data, the receiver sends a 'ready' (Window size >0) transport indicator, which is like a go signal.

If the sender has to wait for an acknowledgment after sending each segment, throughput will be low. Because time is available after the sender finishes transmitting the data packet and before the sender finishes processing any received acknowledgment, the interval is used for transmitting more data. The number of data packets the sender is allowed to have outstanding - without yet receiving an acknowledgment - is known as the "window" or window size.

Windowing is a method to control the amount of information transferred end-to-end. Some protocols measure information in terms of the number of packets; TCP/IP measures information in terms of the number of bytes. Windowing is an end-to-end agreement between sender and receiver.

Reliable delivery guarantees that a stream of data sent from one machine will be delivered through a data link to another machine without duplication or data loss. (PAR) "Positive Acknowledgment with Retransmission" is one technique that guarantees reliable delivery of data streams. Positive acknowledgment requires a recipient to communicate with the source, sending back an acknowledgment (ACK x+1) message when it receives data. The sender keeps a record of each data packet it sends and waits for an acknowledgment before sending the next data packet. The sender also starts a timer when it sends a segment, and it retransmits a segment if the timer expires before an acknowledgment arrives.

Routing

Routers generally relay a packet from one data link to another. To relay a packet, a router uses two basic functions:

1.        a path determination function, and

2.        a switching function.

A router is responsible for passing the packet to the next network along the path. The router uses the 'network portion' of the address to make 'path selections'. The 'switching function' allows a router to accept a packet on one interface and forward it on a second interface. The 'path determination' function enables the router to select the most appropriate interface for forwarding a packet. The 'node portion' of the address refers to a specific port on the router that leads to an adjacent router in that direction.

'Routed protocol' - Protocol that can be routed by a router. A router must be able to interpret the logical internetwork as specified by that routed protocol. Any network protocol that provides enough information in its network layer address to allow a packet to be forwarded from host to host based on the addressing scheme. Routed protocols define the format and use of the fields within a packet.

Examples of routed protocols include AppleTalk, DECnet, and IP.

'Routing protocol' - Protocol that accomplishes routing through the implementation of a specific routing algorithm. Supports a routed protocol by providing mechanisms for sharing routing information. Routing protocol messages move between the routers. A routing protocol allows the routers to communicate with other routers to update and maintain tables.

Examples of routing protocols include IGRP, OSPF, and RIP.

RIP - Routing Information Protocol

IGP (Interior Gateway Routing Protocol) supplied with UNIX BSD systems. The most common IGP in the Internet. RIP uses hop count as a routing metric. Key characteristics of RIP include the following:

·         It is a distance vector routing protocol.

·         Hop count is used as the metric for path selection.

·         The maximum allowable hop count is 15.

·         Routing updates are broadcast every 30 seconds by default.

IGRP - Interior Gateway Routing Protocol

IGP developed by Cisco to address the problems associated with routing in large, heterogeneous networks.

EIGRP - Enhanced Interior Gateway Routing Protocol

Advanced version of IGRP developed by Cisco. A 'balanced hybrid' routing protocol. Provides superior convergence properties and operating efficiency, and combines the advantages of link state protocols with those of distance vector protocols.

OSPF - Open Shortest Path First

Link-state, hierarchical IGP routing protocol proposed as a successor to RIP in the Internet community. OSPF features include least-cost routing, multipath routing, and load balancing. OSPF was derived from an early version of the ISIS protocol.

[Network-Layer Protocol Operations]
When a host application needs to send a packet to a destination on a different network, a 2-Data-link frame is received on one of a router's interfaces. The 3-Network layer process examines the header to determine the destination network and then references the routing table that associates networks to outgoing interfaces. The packet is again encapsulated in the 2-Data-link frame for the selected interface and queued for delivery to the next hop in the path. This process occurs each time the packet switches through another router. At the router connected to the network containing the destination host, the packet is again encapsulated in the destination LAN's 2-Data-link frame type and delivered to the destination host.

"Static Route" - uses a protocol route that a network administrator enters into the router. Route that is explicitly configured and entered into the routing table. Static routes take precedence over routes chosen by dynamic routing protocols.

"Dynamic Route" - uses a route that a network routing protocol adjusts automatically for topology or traffic changes. Routing that adjusts automatically to network topology or traffic changes. Also called adaptive routing.

The success of "dynamic routing" depends on two basic router functions:

1.        Maintenance of a routing table, and

2.        Timely distribution of knowledge in the form of routing updates to other routers.

Dynamic routing relies on a 'routing protocol' to share knowledge. A 'routing protocol' defines the set of rules used by a router when it communicates with neighboring routers.

"Default route" - Routing table entry that is used to direct frames for which a next hop is not explicitly listed in the routing table.

"Distance vector" routing algorithm - Class of routing algorithms that iterate on the 'number of hops' in a route to find a shortest-path spanning tree. Distance vector routing algorithms call for each router to send its entire 'routing table' in each periodic update, but only to its neighbors and in the process accumulate 'distance vectors'. Distance vector routing algorithms can be prone to routing loops, but are computationally simpler than 'link state' routing algorithms. Also called Bellman-Ford routing algorithm. Distance vector algorithms do not allow a router to know the exact topology of an internetwork.

"Link state" (also called shortest path first) routing algorithm - Routing algorithm in which each router broadcasts or multicasts information regarding the 'cost of reaching each of its neighbors' to all nodes in the internetwork. 'Link state' algorithms create a consistent view of the network (they maintain a complex database of topology information) and are therefore not prone to routing loops, but they achieve this at the cost of relatively greater computational difficulty and more widespread traffic (compared with distance vector routing algorithms). Link-state routing uses link-state advertisements (LSAs), a topological database, the SPF algorithm, the resulting SPF tree, and finally, a routing table of paths and ports to each network.

'LSA' - Link-state advertisement. Broadcast packet used by 'link-state' protocols that contains information about neighbors and path costs. LSAs are used by the receiving routers to maintain their routing tables. Sometimes called a link-state packet (LSP).

The "Balanced hybrid" approach combines aspects of the 'link-state' and 'distance vector' algorithms.

'Convergence' - The speed and ability of a group of internetworking devices running a specific routing protocol to agree on the topology of an internetwork after a change in that topology. (The knowledge needs to reflect an accurate, consistent view of the new topology.) When all routers in an internetwork are operating with the same knowledge, the internetwork is said to have 'converged'.

 
[ Distance Vector Routing ] [ Link-State (SPF) Routing ]
* Views net topology from   * Gets common view of entire
  neighbor's perspective      network topology
 
* Adds distance vectors     * Calculates the shortest
  from router to router       path to other routers
 
* Frequent, periodic up-    * Event-triggered updates:
  dates: slow convergence     faster convergence
 
* Passes copies of routing  * Pass link-state routing
  table to neighbor routers   updates to other routers

·         "Exterior routing protocols" are used to communicate between autonomous systems.

·         "Interior routing protocols" are used within a single autonomous system.

Router Configuration

IP routing configuration tasks:

1.        Global Configuration

o        Select routing protocols (RIP, IGRP)

o        Specify network(s) (assign IP network numbers)

2.        Interface Configutation

o        assign network/subnet addresses & subnet masks

Use the "ip address" command to establish the logical network address of this interface.

Router(config-if)# ip address ip-address subnet-mask

Use the "term ip netmask-format" command to specify the format of network masks for the current session. Format options are:

- Bit count

- Dotted decimal (the default)

- Hexadecimal

Router(config)# term ip netmask-format



The "router" command starts a routing process.

Router(config)# router protocol [keyword]

Router(config-router)# network network-number

The "router rip" command that selects RIP as the routing protocol.

Router(config)# router rip

Router(config-router)# network network-number

The "network" command assigns a NIC-based address to which the router is directly connected. The routing process will associate interfaces with the proper addresses and will begin packet processing on the specified networks.

 
Example:
router rip         Selects RIP as the routing protocol.
network 1.0.0.0    Specifies a directly connected network.
network 2.0.0.0    Specifies a directly connected network.

The Cisco router interfaces connected to networks 1.0.0.0 and 2.0.0.0 will send and receive RIP updates. These routing updates allow the router to learn the network topology.

2. LAN Switching