CCNA Report

TABLE OF CONTENTS

1. Chapter 1 1 – 5 INTRODUCTION

2. Chapter 2 6 – 7 THEORY OF NETWORK

3. Chapter 3 8 – 22 ROUTING PROTOCOL

3.1 Routing Protocol 8

3.2 Routed Protocols 9

3.3 OSI Layer Designation 9

3.4 Basic Router Configuration 10

3.5 Static Routing 11 – 12

3.6 Default Routing 13

3.7 Routing Information Protocol 14 – 16

3.8 Enhanced Interior Gateway Routing Protocol 17 – 19

3.9 Open Shortest Path First 20 – 22

4. Chapter 4 23 – 36 SWITCHING

4.1 Network Switch 23

4.2 Spanning Tree Protocol 24

4.3 Virtual Local Area Networks 25 – 26

4.4 Inter VLAN Routing 27

4.5 Switch Virtual Interface 28

4.6 Port Security 29

4.7 Dynamic Host Configuration Protocol 30

4.8 VLAN Trunking Protocol 31

4.9 Hot Standby Routing Protocol 32

4.10 Access Control List 33 – 34

4.11 Network Address Translation 35 – 36

5. Chapter 5 37 – 38 Internet Protocol version 6

References 39

Chapter 1

INTRODUCTION

Networking is simply defined as something that connects things together for a specific task or purposes.

The term NETWORK is to use in a variety of contexts, telephone, television, computers or even people

networks.

1.1 Cisco CCNA is an IT certification from Cisco. The Cisco exams have changed several times. In

2013, Cisco announced an update to its certification program that “aligns certification and training

curricula with evolving industry job roles. There are now several different types of Cisco-Certified

Network Associate, with “CCNA Routing and Switching” being closest to the original CCNA

focus; other types of CCNA focus on security, collaboration, datacenters, service providers, video,

voice, and wireless.

A computer network connects two or more devices together to share a nearly limitless range of

information and services, including:

o Documents o Email and messaging o Websites o Printers and faxes o Telephony and videoconferencing

1.2 OSI Model The Open Systems Interconnection model (OSI model) is conceptual model that characterizes

and standardizes the communication functions of a telecommunication or computing system

without regard to their underlying internal structure and technology. Its goal is the interoperability

of diverse communication systems with standard protocols. The model partitions a communication

system into abstraction layers. The original version of the model defined seven layers.

A layer serves the layer above it and is served by the layer below it. For example, a layer that

provides error-free communications across a network provides the path needed by applications

above it, while it calls the next lower layer to send and receive packets that comprise the contents

of that path. Two instances at the same layer are visualized as connected by a horizontal connection

in that layer.

The model is a product of the Open Systems Interconnection project at the International

Organization for Standardization (ISO).

APPLICATION

PRESENTATION

SESSION

TRANSPORT

NETWORK

DATA LINK

PHYSICAL

Figure 1.1 Seven Layers of OSI model

1

Layer 1: Physical Layer

The physical layer has the following major functions:

It defines the electrical and physical specifications of the data connection. It defines the

relationship between a device and a physical transmission medium (e.g., a copper, optical

cable, radio frequency). This includes the layout of pins, voltages,

line impedance, cable specifications, signal timing and similar characteristics for

connected devices and frequency (5 GHz or 2.4 GHz etc.) for wireless devices.

It defines transmission mode i.e. simplex, half duplex, full duplex.

It defines the network topology as bus, mesh, or ring being some of the most common.

Encoding of bits is done in this layer.

Layer 2: Data Link Layer

The data link layer provides node-to-node data transfer—a link between two directly connected

nodes. It detects and possibly corrects errors that may occur in the physical layer. It, among

other things, defines the protocol to establish and terminate a connection between two

physically connected devices. It also defines the protocol for flow control between them.

IEEE 802 divides the data link layer into two sublayers.

Media Access Control (MAC) layer – responsible for controlling how devices in a

network gain access to medium and permission to transmit it.

Logical Link Control (LLC) layer – responsible for identifying Network layer protocols

and then encapsulating them and controls error checking and frame synchronization.

Layer 3: Network Layer

The network layer provides the functional and procedural means of transferring variable

length data sequences (called datagrams) from one node to another connected to the

same network. It translates logical network address into physical machine address. A network is

a medium to which many nodes can be connected, on which every node has address and which

permits nodes connected to it to transfer messages to other nodes connected to it by merely

providing the content of a message and the address of the destination node and letting the network

find the way to deliver the message to the destination node, possibly routing it through

intermediate nodes.

Layer 4: Transport Layer

The transport layer provides the functional and procedural means of transferring variable-length

data sequences from a source to a destination host via one or more networks, while maintaining

the quality of service functions. An example of a transport-layer protocol in the standard Internet

stack is Transmission Control Protocol (TCP), usually built on top of the Internet

Protocol (IP).The transport layer controls the reliability of a given link through flow

control, segmentation/de-segmentation, and error control.

2

Layer 5: Session Layer

The session layer controls the dialogues (connections) between computers. It establishes,

manages and terminates the connections between the local and remote application. It provides

for full-duplex, half-duplex, or simplex operation, and establishes check pointing, adjournment,

termination, and restart procedures.

Layer 6: Presentation Layer

The presentation layer establishes context between application-layer entities, in which the

application-layer entities may use different syntax and semantics if the presentation service

provides a big mapping between them. If a mapping is available, presentation service data units

are encapsulated into session protocol data units, and passed down the protocol stack.

Layer 7: Application Layer

The application layer is the OSI layer closest to the end user, which means both the OSI

application layer and the user interact directly with the software application. This layer interacts

with software applications that implement a communicating component. Such application

programs fall outside the scope of the OSI model. Application-layer functions typically include

identifying communication partners, determining resource availability, and synchronizing

communication.

1.3 Ethernet Ethernet is a family of computer networking technologies commonly used in local area

networks (LANs) and metropolitan area networks (MANs). It was commercially introduced in

1980 and first standardized in 1983 as IEEE 802.3, and has since been refined to support higher bit

rates and longer link distances. Over time, Ethernet has largely replaced competing wired LAN

technologies such as token ring, FDDI and ARCNET.

The original 10BASE5 Ethernet uses coaxial cable as a shared medium, while the newer Ethernet

variants use twisted pair and fiber optical links in conjunction with hubs or switches. Over the

course of its history, Ethernet data transfer rates have been increased from the original

2.94 megabits per second (Mbit/s) to the latest 100 gigabits per second (Gbit/s), with 400 Gbit

/s expected by late 2017. The Ethernet standards comprise several wiring and signaling variants of

the OSI physical layer in use with Ethernet.

1.4 Hub A hub is the central part of a wheel that connects the axle to the wheel itself. Many expressions

use the term for a literal or figurative central structure connecting to a periphery. Hub is a

component of a network, a high- degree node. It refers to a node that has significantly bigger

number of links in comparison with other nodes in the network.

1.5 Router A router is a networking device that forwards data packets between computer networks. Routers

perform the “traffic directing” functions on the Internet. A data packet is typically forwarded from

one router to another through the networks that constitute the internetwork until it reaches its

destination node.

3

A router is connected to two or more data lines from different networks (as opposed to a network

switch, which connects data lines from one single network). When a data packet comes in on one

of the lines, the router reads the address information in the packet to determine its ultimate

destination. Then, using information in its routing table or routing policy, it directs the packet to

the next network on its journey. This creates an overlay internetwork.

Figure 1.1

1.6 Switch LAN switching is a form of packet switching used in Local Area Network (LAN). Switching

technologies are crucial to network design, as they allow traffic to be sent only where it is needed

in most cases, using fast, hardware –based methods. LAN switching uses different kinds

of network switches. A standard switch is known as a layer 2 switch and is commonly found in

nearly any LAN. Layer 3 or layer 4 switches require advanced technology (see managed switch)

and are more expensive, and thus are usually only found in larger LANs or in special network

environments. Layer 2 switching uses the media access control address (MAC address) from the

host’s network interface cards (NICs) to decide where to forward frames. Layer 2 switching is

hardware-based, which means switches use application-specific integrated circuit (ASICs) to

build and maintain filter tables (also known as MAC address tables or CAM tables). One way to

think of a layer 2 switch is as a multiport bridge.

Figure 1.2

1.7 Server In computing, a server is a computer program or a device that provides functionality for other

programs or devices, called “clients”. This architecture is called the client–server model, and a

single overall computation is distributed across multiple processes or devices. Servers can provide

various functionalities, often called “services”, such as sharing data or resources among multiple

clients, or performing computation for a client. A single server can serve multiple clients, and a

single client can use multiple servers. A client process may run on the same device or may connect

over a network to a server on a different device. Typical servers are database servers, file server,

mail servers, print servers, web servers, game servers, and application servers.

1.8 Internet Protocol Version 4 Internet Protocol version 4 (Ipv4) is the fourth version of the Internet Protocol (IP). It is one of the

core protocols of standards-based internetworking methods in the Internet, and was the first

version deployed for production in the ARPANET in 1983. It still routes most Internet traffic

today, despite the ongoing deployment of a successor protocol, Ipv6.

4

Ipv4 is a connectionless protocol for use on packet-switched networks. It operates on a best effort

delivery model, in that it does not guarantee delivery, nor does it assure proper sequencing or

avoidance of duplicate delivery. These aspects, including data integrity, are addressed by an upper

layer transport protocol, such as the Transmission Control Protocol (TCP).

Ipv4 addresses may be represented in any notation expressing a 32-bit integer value. They are most

often written in the dot-decimal notation, which consists of four octets of the address expressed

individually in decimal numbers and separated by periods. The CIDR notation standard combines

the address with its routing prefix in a compact format, in which the address is followed by a slash

character (/) and the count of consecutive 1 Bits in the routing prefix (subnet mask).

Originally, an IP address was divided into two parts: the network identifier was the most significant

(highest order) octet of the address, and the host identifier was the rest of the address. The latter

was therefore also called the rest field. This enabled the creation of a maximum of 256 networks.

This was quickly found to be inadequate. To overcome this limit, the high order octet of the

addresses was redefined to create a set of classes of networks, in a system which later became

known as classful networking. The system defined five classes, Class A, B, C, D, and E. The

Classes A, B, and C had different bit lengths for the new network identification. The rest of an

address was used as previously to identify a host within a network, which meant that each network

class had a different capacity to address hosts. Class D was allocated for multicast addressing and

Class E was reserved for future applications.

The hierarchical structure created by CIDR is managed by the Internet Assigned Numbers

Authority (IANA) and the regional Internet registries (RIRs). Each RIR maintains a publicly

searchable whose database that provides information about IP address assignments.

CLASS DEFAULT SUBNET MASK A 255.0.0.0 B 255.255.0.0 C 255.255.255.0

Table 1.2

Table 1.3 Range of Classes

5

CLASS A 1 - 126

CLASS B 128 - 191

CLASS C 192 - 223

CLASS D 224 - 239

CLASS E 240 - 255

Chapter 2

THEORY OF NETWORK

The network theory is completely based on the OSI model. There is also another model known as

TCP/IP model.

OSI (Open System Interconnection)

TCP/IP (Transmission Control Protocol / Internet

Protocol)

OSI provides layer functioning and also defines functions of all the layers.

TCP/IP model is more based on protocols and protocols are not flexible with other layers.

In OSI model the transport layer guarantees the delivery of packets

In TCP/IP model the transport layer does not guarantees delivery of packets.

OSI model has a separate presentation layer TCP/IP does not have a separate presentation layer

OSI is a general model. TCP/IP model can’t be used in any other application.

Network layer of OSI model provide both connection oriented and connectionless

service.

The Network layer in TCP/IP model provides connectionless service.

OSI model has a problem of fitting the protocols in the model

TCP/IP model does not fit any protocol

Protocols are hidden in OSI model and are easily replaced as the technology changes.

In TCP/IP replacing protocol is not easy.

OSI model defines services, interfaces and protocols very clearly and makes clear

distinction between them.

In TCP/IP it is not clearly separated its services, interfaces and protocols.

It has 7 layers It has 4 layers

6

Assume there is a company in South America (California) which opens its branches among various

parts of the world such as in India, Singapore and USA. Now generally what it needed to do is

create a complete new setup of tools and techniques required for his company, it need to buy or

hire for new data storage facility and application process, and even for his important documents it

has to transport from its head office.

Networking is possible only with the help of network devices available, network devices consists

of layer 3 devices and layer 2 devices (routers and switches). For communicating in Local Area

Network, i.e. among your own premises you need layer 2 devices such as switch which can

communicate among 24 or 48 synchronous or asynchronous devices depending upon the

characteristic of device. The layer 2 devices work on the 2nd layer i.e. Data link layer of the OSI

Model. It understands only MAC address (media access control).

For communication between different areas having different LAN`s, layer 3 devices such as

routers are needed. The layer 2 devices work on the 3rd layer i.e. Network layer of the OSI Model.

The layer devices understand only internet protocol (internet protocol is a 32 bit unique address

represented in 4 octets by a dotted decimal format). The routers perform the function of

transferring the data packet to the next designated routers according to the requirements. The

routers performs the process of transferring the data packet with the help of routing protocols.

A routing protocol specifies how routers communicate with each other, disseminating information

that enables them to select routes between any two nodes on a computer

network. Routing algorithms determine the specific choice of route. Each router has a priori

knowledge only of networks attached to it directly. A routing protocol shares this information first

among immediate neighbors, and then throughout the network. This way, routers gain knowledge

of the topology of the network.

7

Chapter 3

ROUTING PROTOCOLS

3.1 Routing Protocol

A routing protocol specifies how routers communicate with each other, disseminating information

that enables them to select routes between any two nodes on a computer

network. Routing algorithms determine the specific choice of route. Each router has a priori

knowledge only of networks attached to it directly. A routing protocol shares this information first

among immediate neighbors, and then throughout the network. This way, routers gain knowledge of

the topology of the network.

Types of Routing Protocols:

Static Routing

Default Routing

Dynamic Routing

IGP (Interior Gateway Protocol)

o Distance Vector

o Link State

o Hybrid

EGP (Exterior Gateway Protocol)

o BGP (Border Gateway Protocol)

Interior gateway protocols type 1, link-state routing protocols, such as OSPF and IS-IS

Interior gateway protocols type 2, distance-vector routing protocols, such as Routing

Information Protocol, IGRP.

Exterior gateway protocols are routing protocols used on the Internet for exchanging routing

information between Autonomous Systems, such as Border Gateway Protocol (BGP), Path

Vector Routing Protocol.

3.1.1 Interior gateway protocols

Interior gateway protocols (IGPs) exchange routing information within a single routing

domain. Examples of IGPs include:

Open Shortest Path First (OSPF)

Routing Information Protocol (RIP)

Intermediate System to Intermediate System (IS-IS)

Enhanced Interior Gateway Routing Protocol (EIGRP)

3.1.2 Exterior Gateway Protocols

Exterior gateway protocols exchange routing information between autonomous systems.

Examples include:

Border Gateway Protocol (BGP)

8

3.2 Routed protocols Some network certification courses distinguish between routing protocols and routed protocols.

A routed protocol is used to deliver application traffic. It provides appropriate addressing

information in its Internet Layer (Network Layer) addressing to allow a packet to be forwarded from

one network to another.

3.3 OSI Layer Designation Routing protocols, according to the OSI routing framework, are layer management protocols for the

network layer, regardless of their transport mechanism:

IS-IS runs on the data link layer (Layer 2)

Open Shortest Path First (OSPF) is encapsulated in IP, but runs only on the IPv4 subnet, while

the IPv6 version runs on the link using only link-local addressing.

IGRP and EIGRP are directly encapsulated in IP. EIGRP uses its own reliable transmission

mechanism, while IGRP assumed an unreliable transport.

RIP runs over UDP

BGP runs over TCP

9

3.4 Basic Routing Configuration

Figure 3.1

10

Router>enable // user mode

Router#configure terminal // privilege mode

Router(config)#hostname R1 // to change the name of Router (hostname - keyword)

R1(config)#interface f0/0 // global mode or Configuration mode

R1(config-if)#ip address 192.168.1.1 255.255.255.0 // global interface mode

R1(config-if)#no shutdown

R1(config-if)#exit

R1(config)#exit

To Set PASSWORD in CONSOLE PORT / AUX PORT

R1(config)#line con 0

R1(config-line)#password abcd

R1(config-line)#login

R1(config-line)#exit

R1(config)#enable secret 1234

R1(config)#line aux 0

R1(config-line)#password abcd

R1(config-line)#login

R1(config-line)#exit

R1(config)#enable secret 1234

3.5 Static Routing Static routing is a form of routing that occurs when a router uses a manually-configured routing

entry, rather than information from a dynamic routing traffic. Static routers are manually configured

by a network administrator by adding entries into routing table.

Static routing has the following benefits:

There is no overhead on the router CPU, which means you could possibly buy a cheaper

router than if you were using dynamic routing.

There is no bandwidth usage between routers, which means you could possibly save money

on WAN links.

It adds security, because the administrator can choose to allow routing access to certain

networks only.

Static routing has the following disadvantages:

The administrator must really understand the internetwork and how each router is connected

in order to configure routers correctly.

If a network is added to the internetworks, the administrator has to add a route to it on all

routers manually.

It’s not feasible in large networks because maintaining it would be a full-time job in itself.

Command syntax to add a static route to a routing table:

Router(config)#ip route <destination_network> <mask> <next-hop_address or exitinterface>

- ip route : The command used to create the static route.

- destination_network : The network you’re placing in the routing table

- mask : The subnet mask being used on the network

- next-hop_address : The address of the next-hop router that will receive the packet and forward

it to the remote network. This is the router that’s on a directly connected network.

- exitinterface : You can use it in place of the next-hop address if you want, but it’s got to be on a

point-to-point link.

Example of Static Routing Configuration :

Figure 3.2

11

Syntax for Static Routing

R1(config)#int f0/0

R1(config-if)#ip address 192.168.1.1 255.255.255.0


R1(config-if)#exit

R1(config)#int s2/0



R1(config-if)#exit

R1(config)#ip route 172.16.0.0 255.255.0.0 s2/0

R1(config)#exit

R2(config)#int f0/0



R2(config-if)#exit

R2(config)#int s2/0



R2(config-if)#exit


R2(config)#exit

Router# show ip route // to check the status of static routing

12

3.6 Default Routing To make all unknown networks reachable we use default routing.

Default routing suppresses the routing table

STUB ROUTER – The router who has only single exit interface point to share the traffic.

Default routing is implemented on stub router

R1 and R2 are stub routers. Default routing will be implemented. On R2 we will implement static

routing.

Command syntax for default routing

Router(config)# ip route <unknown n/w> <unknown mask> < next-hop_address or exitinterface > Example of Default Routing

Figure 3.3

R1(config)#int f0/0



R1(config-if)#exit

R1(config)#int s2/0



R1(config-if)#exit

R1(config)# ip route 0.0.0.0 0.0.0.0 s2/0

R1(config)#exit

R3(config)#int f0/0



R3(config-if)#exit

R3(config)#int s2/0



R3(config-if)#exit


R3(config)#exit

On R2 Static Routing Protocol will be implemented (Ref. 3.5)

13

3.7 Routing Information Protocol (RIP)

The Routing Information Protocol (RIP) is one of the oldest distance-vector routing

protocols which employ the hop count as a routing metric. RIP prevents routing loops by

implementing a limit on the number of hops allowed in a path from source to destination. The

maximum number of hops allowed for RIP is 15, which limits the size of networks that RIP can

support. A hop count of 16 is considered an infinite distance and the route is consider unreachable.

RIP implements the split horizon, route poisoning and hold down mechanisms to prevent incorrect

routing information from being propagated.

Originally, each RIP router transmitted full updates every 30 seconds. In the early deployments,

routing tables were small enough that the traffic was not significant. As networks grew in size,

however, it became evident there could be a massive traffic burst every 30 seconds, even if the

routers had been initialized at random times.In most networking environments, RIP is not the

preferred choice for routing as its time to converge and scalability are poor compared

to EIGRP, OSPF, or IS-IS. However, it is easy to configure, because RIP does not require any

parameters unlike other protocols.

RIP uses the User Datagram Protocol (UDP) as its transport protocol, and is assigned the

reserved port number 520.

3.7.1 Versions of RIP

There are two versions of the Routing Information Protocol: RIPv1, RIPv2.

3.7.1.1 RIP version 1

The original specification of RIP, defined in RFC 1058, was published in 1988 and

uses classful routing. The periodic routing updates do not carry subnet information, lacking

support for variable length subnet masks (VLSM).

3.7.1.2 RIP version 2

Due to the deficiencies of the original RIP specification, RIP version 2 (RIPv2) was developed

in 1993 and last standardized in 1998. It included the ability to carry subnet information, thus

supporting Classless Inter-Domain Routing (CIDR). To maintain backward compatibility, the

hop count limit of 15 remained.

14

RIP version 1 (RIPv1) RIP version 2 (RIPv2)

RIPv1 is a Distance-Vector Routing protocol RIPv2 is a Hybrid Routing Protocol.

RIPv1 is a Classfull routing protocol.

Classfull routing protocols support only the

networks which are not subnetted. Classful

routing protocols do not send subnet mask

information with their routing updates.

RIPv2 is classless routing, which allows us

to use subnetted networks also. RIPv2 has

the option for sending network mask in the

update to allow classless routing.

RIPv1 does not support VLSM (Variable

Length Subnet Masking).

RIPv2 support maximum metric (hop

count) value of 15. Any router farther than

15 hops away is considered as unreachable.


count) value of 15. Any router farther than 15

hops away is considered as unreachable.


count) value of 15. Any router farther than

15 hops away is considered as unreachable.

RIPv1 send routing updates periodically every

30 seconds as broadcasts using destination IP

address as limited broadcast IP adddress

255.255.255.255.

RIPv2 supports triggered updates.

RIPv2 routing updates are sent as Multicast

traffic at destination multicast address of

224.0.0.9. Multicast updates reduce the

network traffic. The Multicast routing

updates also helps in reducing routing

update message processing overhead in

routers which are not running RIPv2.

RIPv1 does not support authentication of

update messages (plain-text or MD5).

RIPv2 support authentication of rip (plain

text or MD5). Authentication helps in

confirming that the updates are coming

from authorized sources.

Table 3.1 Difference between RIPv1 and RIPv2

3.7.2 RIP Timers

Route Update Timer - The update timer controls the interval between two gratuitous

Response Messages. By default the value is 30 seconds. The response message is

broadcast to all its RIP enabled interface.

Route Invalid Timer - The invalid timer specifies how long a routing entry can be

in the routing table without being updated. This is also called as expiration Timer. By

default, the value is 180 seconds. After the timer expires the hop count of the routing

entry will be set to 16, marking the destination as unreachable.

15

Route Holddown Timer - The hold-down timer is started per route entry, when the

hop count is changing from lower value to higher value. This allows the route to get

stabilized. During this time no update can be done to that routing entry. The default

value of this timer is 180 seconds.

Route Flush Timer - The flush timer controls the time between the routes is

invalidated or marked as unreachable and removal of entry from the routing table. By

default the value is 240 seconds. This is 60 seconds longer than Invalid timer. So for

60 seconds the router will be advertising about this unreachable route to all its

neighbors. This timer must be set to a higher value than the invalid timer.

Example of Routing Information Protocol:

Figure 3.4

R1(config)#router rip R1(config-router)#network 192.168.1.0 R1(config-router)#network 10.0.0.0 R1(config-router)#version 2 R1(config-router)#no auto-summary R1(config-router)#exit R2(config)#router rip R2(config-router)#network 11.0.0.0 R2(config-router)#network 10.0.0.0 R2(config-router)#version 2 R2(config-router)#no auto-summary R2(config-router)#exit R3(config)#router eigrp 10 R3(config-router)#network 12.0.0.0 R3(config-router)#network 11.0.0.0 R3(config-router)#version 2 R3(config-router)#no auto-summary R3(config-router)#exit Router(config-router)# no auto-summary is used to make the protocol classless

16

3.8 Enhanced Interior Gateway Routing Protocol (EIGRP)

The Enhanced Interior Gateway Routing Protocol replaced Interior Gateway Routing

Protocol (IGRP) in 1993.One of the major reasons for this was because the design of the Internet

Protocol had been changed to support classless IPv4 addresses, which IGRP could not support.

Almost all routers contain a routing table that contains rules by which traffic is forwarded in a

network. If the router does not contain a valid path to the destination, the traffic is discarded. EIGRP

is a dynamic routing protocol by which routers automatically share route information. This eases the

workload on a network administrator who does not have to configure changes to the routing

table manually.

In addition to the routing table, EIGRP uses the following tables to store information:

Neighbor Table: The neighbor table keeps a record of the IP addresses of routers that have a

direct physical connection with this router. Routers that are connected to this router indirectly,

through another router are not recorded in this table as they are not considered neighbors.

Topology Table: The topology table stores routes that it has learned from neighbor routing

tables. Unlike a routing table, the topology table does not store all routes, but only routes that

have been determined by EIGRP. The topology table also records the metrics for each of the

listed EIGRP routes, the feasible successor and the successors. Routes in the topology table

are marked as “passive” or “active”. Passive indicates that EIGRP has determined the path for

the specific route and has finished processing. Active indicates that EIGRP is still trying to

calculate the best path for the specific route. Routes in the topology table are not usable by

the router until they are inserted into the routing table IGRP is a distance vector routing

protocol that uses the diffusing update algorithm (DUAL) to improve the efficiency of the

protocol and to help prevent calculation errors when attempting to determine the best path to

a remote network.

- Multicast address : 224.0.0.10

- Algorithm : Diffusing Update Algorithm (DUAL)

- AD Value = 90 {for internal routes} ; 170 {for external routes}

- Independent protocol, Protocol No. – 88

- Classful routing protocol (by default), can be used as classless also

- Hello Time = 5 seconds

- Holddown time = 15seconds

EIGRP works on the concept of Autonomous System (AS)

Autonomous system is a domain where a group of routers belongs. Its value ranges from

1 to 65535.

17

Matric Calculation Formula

[10^7 / least bandwidth + sum of delay / 10] *256

Matric Values

K1 Bandwidth 1

K2 Load 0

K3 Delay 1

K4 Reliability 0

K5 MTU (Maximum Transfer Unit) 0

EIGRP can do unequal host load sharing.

18

FC = FD > RD or AD

FC – Feasible Condition

FD – Feasible Distance

RD – Reported Distance

AD – Advertise Distance

FC = FD > RD

FC = 32 > 17

FC = 26 > 16 (feasible successor)

FC = 20 > 10 (successor)

Table 3.2

Figure 3.5

3.2

Example of EIGRP

Figure 3.6

R1(config)#router eigrp 10 R1(config-router)#network 192.168.1.0 R1(config-router)#network 10.0.0.0 R1(config-router)#no auto-summary R1(config-router)#exit R2(config)#router eigrp 10 R2(config-router)#network 11.0.0.0 R2(config-router)#network 10.0.0.0 R2(config-router)#no auto-summary R2(config-router)#exit R3(config)#router eigrp 10 R3(config-router)#network 12.0.0.0 R3(config-router)#network 11.0.0.0 R3(config-router)#no auto-summary R3(config-router)#exit

19

3.9 Open Shortest Path First (OSPF) Open Shortest Path First (OSPF) is perhaps the most widely used interior gateway protocol (IGP) in large enterprise networks. Intermediate System to Intermediate System (IS-IS), another link-state dynamic routing protocol, is more common in large service provider networks. The most widely used exterior gateway protocol is the Border Gateway Protocol (BGP), the principal routing protocol between autonomous systems on the Internet. OSPF is an interior gateway protocol (IGP) for routing Internet Protocol (IP) packets solely within a single routing domain, such as an autonomous system. It gathers link state information from available routers and constructs a topology map of the network. The topology is presented as a routing table to the Internet Layer which routes datagrams based solely on the destination IP address found in IP packets. OSPF supports Internet Protocol Version 4 (IPv4) and Internet Protocol Version 6 (IPv6) networks and features variable-length subnet masking (VLSM) and Classless Inter-Domain Routing (CIDR) addressing models.

OSPF detects changes in the topology, such as link failures, and converges on a new loop-free routing structure within seconds. It computes the shortest path tree for each route using a method based on Dijkstra's algorithm, a shortest path first algorithm.

The OSPF routing policies for constructing a route table are governed by link cost factors (external metrics) associated with each routing interface. Cost factors may be the distance of a router (round-trip time), data throughput of a link, or link availability and reliability, expressed as simple unit less numbers.

• Works on link state routing protocol • Unlimited hop counts • Hop counts divided into areas • Area 0 is created first and is known as backbone area or management area • All the areas must be connected with area 0 • AD Value = 110 • Multicast Address: 224.0.0.5 (for updates / to send a hello message) : 224.0.0.6 (for DR/BDR) • Metric = cost (Bandwidth) • Algorithm = SPF (Shortest Path First) • Hello Time = 10 seconds • Holddown time = 40 seconds

Table 3.3 Inverse Mask Table

20

Wild Card Mask or Inverse Mask Table

Class A 0.255.255.255

Class B 0.0.255.255

Class C 0.0.0.255

Example of OSPF

Figure 3.7

R1(config)#router ospf 10 R1(config-router)#network 192.168.1.0 0.0.0.255 area 0 R1(config-router)#network 10.0.0.0 0.255.255.255 area 0 R1(config-router)#exit R2(config)#router ospf 10 R2(config-router)#network 10.0.0.0 0.255.255.255 area 0 R2(config-router)#network 11.0.0.0 0.255.255.255 area 1 R2(config-router)#exit R3(config)#router ospf 10 R3(config-router)#network 11.0.0.0 0.255.255.255 area 1 R3(config-router)#network 12.0.0.0 0.255.255.255 area 1 R3(config-router)#exit

Concept of ABR and ASBR

Figure 3.8

Area Boarder Router (ABR) – to make a router ABR one of the interface must be present in AREA 0. From Figure 3.8 R2 and R3 are Area Boarder Router (ABR).

Autonomous System Boarder Router (ASBR) – to make a router ASBR one of the interface

must be present in OSPF and another interface in different routing protocol. From Figure 3.8 R4 is ASBR.

21

AREA 0 is created first. It is known as the Backbone Area or Management Area.

3.9.1 Link State Advertisement (LSA)

The link- state advertisement (LSA) is a basic communication means of OSPF routing

protocol for the IP. It communicates the router’s local routing topology to all other local

routers in the same OSPF area.

Types of LSA

Router LSA (LSA 1): Each and every router generates it. They will flood their router table into the complete area

Network LSA (LSA 2): It is generated by Designated Router. It will flood its

physical interface IP address in the complete area.

Summary LSA (LSA 3): It is generated by Area Border Router (ABR). Summary of two different areas will be exchanged by ABR.

ASBR Summary LSA (LSA 4): It is also generated by ABR and it will generate

Autonomous System Boarder Router ID. The Router ID generated will be send it to Area 0.

External LSA (LSA 5): It is generated by ASBR. It will generate extra routes

and will be flooded into the respective areas.

22

Chapter 4

Switching

4.1 Network Switch

A network switch (officially MAC Bridge) is a computer networking device that connects devices together on a computer network, by using packet switching to receive, process and forward data to the destination device.

Layer 2 Switch: A network switch is a multiport network bridge that uses hardware addresses to process and forward data at the data link layer of the OSI model.

Layer 3 Switch: Switches that process data at the networking layer by additionally incorporating routing functionality that most commonly uses IP addresses to perform packet forwarding. It is also known as multilayer switches.

Switch works on single broadcast domain. With the help of Virtual Local Area Network (VLAN) the broadcast domain is divided. VLAN no. ranges from 0 to 4095. Total 4096 VLANs are present.

4.1.1 Switching Services

Unlike bridges that use software to create and manage a filter table, switches use application specific integrated circuits (ASICs) to build and maintain their filter tables. But it’s still okay to think of a layer 2 switch as a multiport bridge because their basic reason being is the same: to break up collision domains.

Layer 2 switches and bridges are faster than routers because they don’t take up time looking at the network layer header information. Instead, they look at the frame’s hardware addresses before deciding to either forward the frame or drop it. Switches create private domains.

Layer 2 switching provides the following: Hardware- based bridging (ASIC) Wire speed Low latency Low cost

What makes layer 2 switching so efficient is that no modification to the data packet takes place. The device only reads the frame encapsulating the packet, which makes the switching process considerably faster and less error-prone than routing processes are. Layer 2 switching increases bandwidth for each user because, again, each connection (interface) into the switch is its own collision domain. This feature makes it possible for you to connect multiple devices to each interface.

4.1.2 Switch functions at Layer 2

There are 3 distinct functions of layer 2 switching:

Address learning – Layer 2 switches and bridges remember the source hardware address of each frame received on an interface, and they enter this information into a MAC database called a forward/filter table.

Forward / Filter decisions – When a frame is received on an interface, the switch looks at the destination hardware address and finds the exit interface in the MAC database. The frame is only forwarded out the specified destination port

23

Loop avoidance – If multiple connections between switches are created for redundancy purposes, network loops can occur. Spanning Tree Protocol (STP) is used to stop network loops while still permitting redundancy.

4.2 Spanning Tree Protocol (STP)

STP’s main task is to stop network loops from occurring on layer 2 network (bridges or switches). It

vigilantly monitors the network to find all links, making sure that no loops occur by shutting down

any redundant links. STP uses the spanning-tree algorithm (STA) to first create a topology database,

then search out and destroy redundant links. With STP running, frames will be forwarded only on the

premium, STP-picked links.

By default every switch has 32768 priority. Least priority is always preferred.

STP Election Process

I. Finding Root Bridge

II. Finding Root Port

III. Finding Designated Port

IV. Blocking

Root Bridge – Least bridge ID will generate root bridge. Bridge ID contains the information of priority no. and MAC address. Combination of priority and MAC address form Bridge ID. Least priority and least MAC address is preferred to make a switch root bridge.

Root Port – To select the root port we consider the link cost depending upon the connecting wires. From non- root bridge to root bridge when the link cost is minimum than that port (interface) is considered as root port.

Connecting Wires Type Link Cost

Giga Ethernet 4 Fast Ethernet 19

Ethernet 100 Table 4.1

Designated Report – The port opposite to root port is considered as the designated port. For

the designated port it checks for the half cost. Blocking – The interface of switch which has highest mac address is blocking.

All the STP election process takes 30 seconds – 50 seconds.

Bridge Protocol Data Unit (BPDU) – It’s a kind of hello message for switch. Time duration

is for 2 seconds. Maximum aging time for 20 seconds.

Types of Spanning Tree Protocol Common Spanning Tree (CST) Per VLAN Spanning Tree (PVST) Rapid Spanning Tree Protocol (RSTP) Multiple Spanning Tree Protocol (MSTP)

Command to check the status of STP – Switch# show spanning-tree

24

Figure 4.1 Scenario of Spanning Tree Protocol

4.3 Virtual Local Area Networks (VLANs)

A VLAN is a logical grouping of network users and resources connected to administratively defined ports on a switch. When we create VLANs, you are given the ability to create smaller broadcast domains within a layer 2 switched internetwork by assigning different ports on the switch to different subnetworks. A VLAN is treated like its own subnet or broadcast domain, which means that frames broadcast onto the network are only switched between the ports logically grouped within the same VLAN.

Total No. of VLAN = 4096 Range: 0 – 4095

Table 4.2 Description about VLAN no.

TRUNK: Trunk is used to carry the traffic of multiple VLANS. It is used when we are transferring from one switch to another switch or one network to another network.

Access: It is used to transfer single VLANs traffic.

VLAN 1’s IP address is known as management IP Address.

Two types of Trunking protocols:

Inter Switch Link (ISL): It is cisco proprietary. It can tag only 1024 VLAN. IEEE 802.1 Q (dot 1 Q): It is open to all. It can tag 4094(all) VLAN.

25

VLAN No. Description 0, 4095 Reserved for systems

1 Default / Management / Native / Untagged VLAN

2 - 1001 Normal VLAN

1001 - 1005 Reserved for different technologies

1006 - 4094 Extended VLAN

Scenario: Traffic of SALE Department shouldn’t be shared with IT Department. Put SALE

Department in VLAN 10 and IT Department in VLAN 20.

Figure 4.2

Solution and Command for VLANs as follows:

For Switch 1 Switch>enable

Switch#configure terminal Switch(config)#hostname Switch1 Switch1(config)#VLAN 10 Switch1(config-vlan)#name sale Switch1(config-vlan)#VLAN 20 Switch1(config-vlan)#name IT Switch1(config-vlan)#exit Switch1(config)#interface range f0/1-02 Switch1(config-if-range)#switchport mode access Switch1(config-if-range)#switchport access VLAN 10 Switch1(config-if-range)#exit Switch1(config)#interface range f0/3-04 Switch1(config-if-range)#switchport mode access Switch1(config-if-range)#switchport access VLAN 20 Switch1(config-if-range)#exit

For Switch 2

Switch>enable Switch#configure terminal Switch(config)#hostname Switch2 Switch2(config)#VLAN 10 Switch2(config-vlan)#name sale Switch2(config-vlan)#VLAN 20 Switch2(config-vlan)#name IT Switch2(config-vlan)#exit Switch2(config)#interface range f0/2-03 Switch2(config-if-range)#switchport mode access Switch2(config-if-range)#switchport access VLAN 10 Switch2(config-if-range)#exit Switch2(config)#interface range f0/4-05 Switch2(config-if-range)#switchport mode access Switch2(config-if-range)#switchport access VLAN 20 Switch2(config-if-range)#exit

26

SALE SWITCH 1 IT SALE SWITCH 2 IT

To share the traffic of different VLANs in Switch 1 with Switch 2 we use an interface as trunk which will carry the traffic of different VLANs through that particular interface. Therefore in switch 1 port F0/5 will be made as trunk. Command to make an interface trunk as follows:

Switch1(config)#interface f0/5 Switch1(config-if)#switchport mode trunk

4.4 Inter VLAN Routing

By default only hosts that are member of same VLAN can communicate. To change this and allow inter-VLAN communication to be possible, we need a router or layer 3 switch.

This process is also known as router on a stick.

Figure 4.3

Switch>enable

Switch#configure terminal

Switch(config)#hostname Switch1

Switch1(config)#VLAN 10

Switch1(config-vlan)#VLAN 20

Switch1(config-vlan)#exit

Router(config)#interface f0/0

Router(config-if)#no shutdown

Router(config-if)#exit

Router(config)#int f0/0.10

Router(config-subif)#encapsulation dot1Q 10

Router(config-subif)#ip address 192.168.1.1 255.255.255.0

Router(config)#int f0/0.20

Router(config-subif)#encapsulation dot1Q 20

Router(config-subif)#ip address 10.0.0.1 255.0.0.0

Router(config-subif)#exit

27

4.5 Switch Virtual Interface Router breaks the layered 2 broadcast domain whereas switch generates the layered 2 broadcast domain. By default switch maintains MAC or CAM table. The scenario is same as discussed in section 4.4 however in this case we are using a layer 3 switch.

Figure 4.4

Switch(config)#vlan 10 Switch(config-vlan)#vlan 20 Switch(config-vlan)#exit Switch(config)#interface range f0/1-02 Switch(config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 10 Switch(config-if-range)#exit Switch(config)#interface range f0/3-04 Switch(config-if-range)#switchport mode access Switch(config-if-range)#switchport access vlan 20 Switch(config-if-range)#exit Switch(config)#interface vlan 10 Switch(config-if)#ip address 192.168.1.1 255.255.255.0 Switch(config-if)#exit Switch(config)#interface vlan 20 Switch(config-if)#ip address 10.0.0.1 255.0.0.0 Switch(config-if)#exit Switch(config)#ip routing // to maintain the routing table for switch

28

4.6 Port Security

Port security is implemented on layer 2 switch. This is also known as MAC binding.

Figure 4.5

Switch>enable Switch#configure terminal Switch(config)#interface f0/1 //port where security to be enabled Switch(config-if)#switchport mode access Switch(config-if)#switchport access vlan 1 Switch(config-if)#switchport port-security Switch(config-if)#switchport port-security maximum 1 Switch(config-if)#switchport port-security violation shutdown Switch(config-if)#switchport port-security mac-address FFFF.FFFF.FFFF

Switch# show port-security: command to check the status of port security Switch# show mac-address-table: command to check the mac address connected to

the ports

29

4.7 Dynamic Host Configuration Protocol (DHCP)

- DHCP is a standardized network protocol used on Internet Protocol (IP) networks for dynamically distributing network configuration parameters.

- Computers request IP addresses and networking parameters automatically from a DHCP server - Port No. 67 for request - Port No. 68 for reply

DHCP works on the concept of D O R A.

DISCOVER OFFER REQUEST ACKNWOLEDGEMENT

• Discover

- Discovers message generated by client. - Broadcasts message sent to all, - accepted by only server, - rejected by other clients due to port no. 67

• Offer

- Server offers IP address, gateway, DNS server to all clients (broadcast) - Packets are accepted and discarded with the help of mac address • Request - To cross check whether the same IP address has been assigned to any other clients or

not. - Requests for time of expiry • Acknowledgement

- Sent from server to client if everything is okay and all right

Automatic Private IP Address (APIPA) : It is an error which provides IP address in the range of 169.254.0.0 - 169.254.254.254 automatically to the systems

Commands for providing IP addresses using DHCP:

Figure 4.6

30

Router(config)# ip dhcp pool abcd Router(dhcp-config)#network 192.168.1.0 255.255.255.0 Router(dhcp-config)#default-router 192.168.1.1

Router(config)# ip dhcp excluded-address 192.168.1.4 192.168.1.11

(To exclude the IP addresses from pool and to provide it manually)

4.8 VLAN Trunking Protocol (VTP)

VTP is cisco proprietary. It carries information of multiple VLAN. VTP has 3 modes server, client and transparent.

Server: It can create, delete and update VLAN. Database of server is shared by client. It is locally not significant.

Client: It cannot create, delete and update VLAN. Transparent: It can create, delete and update VLAN. Database is not shared. It is locally

significant i.e. retains the information with itself. It bypasses the information from server to client.

Figure 4.7 Scenario of VTP

Commands for Server, Client and Transparent

For Server

Switch(config)# vtp mode server Switch(config)#vtp domain cisco Switch(config)#vtp password abcd For Client Switch(config)# vtp mode client Switch(config)#vtp domain cisco Switch(config)#vtp password abcd For Transparent Switch(config)# vtp mode transparent Switch(config)#vtp domain cisco Switch(config)#vtp password abcd

Switch# show vtp status : Command to check the status of VTP

Switch# show vtp password : Command to check the password set for VTP domain.

31

4.9 Hot Standby Routing Protocol (HSRP)

To overcome the problem of link damage of default gateway we use HSRP. It is cisco proprietary.

To make a router active following parameters are checked:

a) Highest priority value (by default priority value is 100) It ranges from 0 to 255

b) Highest interface IP address is preferred. Hello time = 3 seconds Hold down time = 10 seconds

Figure 4.8 Scenario of HSRP

Router1(config)#interface f0/0 Router1(config-if)#standby 1 ip 192.168.1.254 Router1(config-if)#standby 1 priority 150 Router1(config-if)#standby 1 preempt // for the automatic elections to find out the active router Router1(config-if)#exit Router2(config)#interface f0/0 Router2(config-if)#standby 1 ip 192.168.1.254 Router2(config-if)#standby 1 priority 50 Router2(config-if)#standby 1 preempt Router2(config-if)#exit

Switch# show standby : Command to check the status of HSRP. For all other organizations we use Virtual Root Routing Protocol (VRRP).

32

4.10 Access Control List (ACL)

An access list is essentially a list of conditions that categorize packets. One of the most common and easiest to understand uses of access lists is filtering unwanted packets when implementing security policies. Applying an access list causes the router to analyse every packet crossing that interface in the specified direction and take the appropriate action.

Types of access lists:

I. Standard Access Lists II. Extended Access Lists

STANDARD EXTENDED

Group no. range : 1-99 Group no. range

100-199

Blocks all services or complete protocol. e.g. – UDP, ICMP, IGRP and other routing

protocols

Filtering can be done i.e. few services should be allowed and others should be

blocked

Takes decision based on source address Takes decision based on both source and destination address

Implemented near to destination Implemented near to source

Table 4.3 Difference between Standard and Extended access list

Named access lists are either standard or extended and instead of group no. we use a name.

Figure 4.9 Scenario for ACL

33

To block a network

R2 (config)#access-list 1 deny 192.168.1.0 0.0.0.255 R2 (config)#interface f0/0 R2 (config-if)#ip access-group 1 out

To block particular IP addresses

R2(config)#access-list 5 deny host 192.168.1.2 R2(config)#access-list 5 deny host 192.168.1.3 R2(config)#access-list 5 permit any R2(config)#int f0/0 R2(config-if)#ip access-group 5 out

Block IP address using extended

R1(config)#access-list 100 deny tcp host 192.168.1.2 host 192.168.3.5 eq 80 R1(config)#access-list 100 deny tcp host 192.168.1.2 host 192.168.3.5 eq 443 R1(config)#access-list 100 permit ip any any R1(config)#int s2/0 R1(config-if)#ip access-group 100 out

34

4.11 Network Address Translation (NAT)

Whether network is the home or the corporate type, if it uses the private IP addresses, we have to translate our private inside addresses to a global outside address by using NAT. The main idea is to conserve internet global address space, but it also increases network security by hiding internal IP addresses from external networks. In NAT terminology, the inside network is the set of networks that are subject to translation. The outside network refers to all other addresses – usually those located on the internet. Types of NAT

Static NAT: Designed to allow one-to-one mapping between local and global addresses. This type requires to have one real internet IP address for every host on network.

Dynamic Nat: Designed to map an unregistered IP address to a registered IP address from out of a pool of registered IP addresses. It’s allow many-to-many mapping. We need enough real IP addresses for everyone who wants to send packets to and from the internet.

Port Address Translation (PAT): This is the most popular type of NAT configuration. It

is a form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address (many-to-one) by using different ports. It is also known as overloading. By using PAT (NAT Overload), we can have thousands of users connect to the internet using only one real global IP address. NAT Overload is the only reason we have not run out of valid IP address on the internet.

Figure 4.10 Scenario of NAT

35

Commands for NAT:

Static Type

R1(config)#ip nat inside source static 192.168.1.2 121.1.1.3

R1(config)#interface f0/0

R1(config-if)#ip nat inside

R1(config-if)#interface s2/0

R1(config-if)#ip nat outside

R1(config-if)#exit

Dynamic Type

R1(config)#access-list 1 permit host 192.168.1.2

R1(config)#access-list 1 permit host 192.168.1.3

R1(config)#ip nat inside source list 1 pool abcd

R1(config)#ip nat pool abcd 121.1.1.3 121.1.1.10 netmask 255.0.0.0

Port Address Translation (PAT)

R1(config)#access-list 1 permit 192.168.1.0 0.0.0.255

R1(config)#ip nat inside source list pool abcd overload

R1(config)#ip nat pool abcd 121.1.1.3 121.1.1.3 netmask 255.0.0.0

36

Chapter 5

Internet Protocol Version 6 (IPv6)

Internet Protocol version 6 (IPv6) is the most recent version of the Internet Protocol (IP), the

communications protocol that provides an identification and location system for computers on

networks and routes traffic across the Internet. IPv6 was developed by the Internet Engineering

Task Force (IETF) to deal with the long-anticipated problem of IPv4 address exhaustion. IPv6 is

intended to replace IPv4.

Every device on the Internet is assigned an IP address for identification and location definition.

With the rapid growth of the Internet after commercialization in the 1990s, it became evident that

far more addresses than the IPv4 address space has available were necessary to connect new

devices in the future. By 1998, the Internet Engineering Task Force (IETF) had formalized the

successor protocol. IPv6 uses a 128-bit address, theoretically allowing 2128, or approximately

3.4×1038 addresses. The actual number is slightly smaller, as multiple ranges are reserved for

special use or completely excluded from use. The total number of possible IPv6 address is more

than 7.9×1028 times as many as IPv4, which uses 32bit addresses and provides approximately 4.3

billion addresses. The two protocols are not designed to be interoperable, complicating the

transition to IPv6. However, several IPv6 transition mechanisms have been devised to permit

communication between IPv4 and IPv6 hosts.

IPv6 provides other technical benefits in addition to a larger addressing space. In particular, it

permits hierarchical address allocation methods that facilitate route aggregation across the Internet,

and thus limit the expansion of routing tables. The use of multicast addressing is expanded and

simplified, and provides additional optimization for the delivery of services. Device mobility,

security, and configuration aspects have been considered in the design of the protocol.

IPv6 addresses are represented as eight groups of four hexadecimal digits with the groups being

separated by colons, for example 2001:0db8:0000:0042:0000:8a2e:0370:7334.

5.1 Addressing IPv6 addresses have 128 bits. The design of the IPv6 address space implements a very different design philosophy than in IPv4, in which subnetting was used to improve the efficiency of utilization of the small address space. In IPv6, the address space is deemed large enough for the foreseeable future, and a local area subnet always uses 64 bits for the host portion of the address, designated as the interface identifier, while the most-significant 64 bits are used as the routing prefix. The identifier is only unique within the subnet to which a host is connected. IPv6 has a mechanism for automatic address detection,so that address autoconfiguration always produces unique assignments.

5.1.1 Address Representation The 128 bits of an IPv6 address are represented in 8 groups of 16 bits each. Each group is written as four hexadecimal digits and the groups are separated by colons (:). An example of this representation is 2001:0db8:0000:0000:0000:ff00:0042:8329.

37

For convenience, an IPv6 address may be abbreviated to shorter notations by application of the following rules.

One or more leading zeroes from any groups of hexadecimal digits are removed; this is usually done to either all or none of the leading zeroes. For example, the group 0042is converted to 42.

Consecutive sections of zeroes are replaced with a double colon (::). The double colon may only be used once in an address, as multiple use would render the address indeterminate. RFC 5952 recommends that a double colon must not be used to denote an omitted single section of zeroes.

An example of application of these rules: Initial address: 2001:0db8:0000:0000:0000:ff00:0042:8329 After removing all leading zeroes in each group: 2001:db8:0:0:0:ff00:42:8329 After omitting consecutive sections of zeroes: 2001:db8::ff00:42:8329

5.2 Differences between IPv4 and IPv6

IPv4 IPv6

32 bits 128 bits

Dotted decimal Hexadecimal

4 octant (1 octant = 8 bits) 8 field (1 field = 16 bits)

Separated by “ . ” (dot) Separated by “ : ” (colon)

Broadcast Any cast

IP Security – Not Available IP Security – Available

No. of IP Addresses = 2^32 No. of IP Addresses = 2^128

38

REFERENCES

CCNA Official Exam Certification Guide by Wendell Odom

https://learningnetwork.cisco.com/community/learning_center/ccna-routing-switching-

training-videos

https://learningnetworkstore.cisco.com/cisco-learning-labs

http://www.techexams.net/forums/ccna-ccent/

http://www.dslreports.com/faq/cisco/70.0_Cisco_Learning:_CCNA

39