From Cisco Manuals

8/14/2019 From Cisco Manuals

1/21

Cisco Documentation CD and Training books.

7. Application Layer

6. Presentation layerImplementations are not typically associated with a particular protocol stack.

Some well known standards follow:Data: ASCII, EBCDIC, Encryption Visual

Imaging: PICT, TIFF, GIF, JPEG

Video: MIDI, MPEG, Quick Time

5.SessionLayer establishes, manages, and terminates communication sessions between presentation layer

entities. Communication sessions consist of service requests and service responses that occur betw

applications located in different network devices. These requests and responses are coordinated by

protocols implemented at the session layer.

Some examples of session layerimplementations follow:

Apple ZIP, DEC SCP, NFS, SQL, RPC, X Windows, ASP.

4.TransportThis layer segments and reassembles data into a data stream. It implements reliable internetwork

data transport services that are transparent to upper layers. Transport layer functions typically

nclude the following:

Flow controlFlow control manages data transmission between devices so that the transmitting device does not sendmore data than the receiving device can process.

MultiplexingMultiplexing allows data from several applications to be transmitted onto a single physical link.

Virtual circuit managementVirtual circuits are established, maintained, and terminated by the transport layer.

Error checking and recoveryError checking involves various mechanisms for detecting transmission errors. Error recovery involvesaking an action (such as requesting that data be retransmitted) to resolve any errors that occur.

Some examples of transport layer implementations follow:Transmission Control Protocol (TCP), Name Binding Protocol (NBP), OSI transport protocols.


2/21

3. NetworkThis layer provides routing and related functions that allow multiple data links to be combined into

nternetwork, and determines the best way to move to data from one place to another. (It manages

device addressing and tracks the location of devices on the network.) This is accomplished by the

ogical addressing (as opposed to the physical addressing) of devices. The network layer supports b

connection-oriented and connectionless service from higher-layer protocols. The router operates at

this layer.

2. Data Linkprovides reliable transit of data across a physical network link. Different data link layer specificati

define different network and protocol characteristics, including the following:

Physical addressingPhysical addressing (as opposed to network addressing) defines how devices are addressed at the data ayer.

Network topology

Data link layer specifications often define how devices are to be physically connected (such as in a bus oring topology).

Error notificationError notification involves alerting upper layer protocols that a transmission error has occurred.

Sequencing of framesSequencing of data frames involves the reordering of frames that are transmitted out of sequence.

Flow controlFlow control involves moderating the transmission of data so that the receiving device is not overwhelmed

with more traffic than it can handle at one time. The Institute of Electrical and Electronics Engineers ( IEEEhas subdivided the data link layer into two sub layers: Logical Link Control (LLC) and Media Access ContMAC). The LLC sublayer (defined in the IEEE 802.2 specification) manages communications between

devices over a single link of a network. The MAC sublayer manages protocol access to the physical netwomedium.

1. PhysicalThis layer defines the electrical, mechanical, procedural, and functional specifications for activatin

maintaining, and deactivating the physical link between communicating network systems. Physical lay

specifications define such characteristics as voltage levels, timing of voltage changes, physical data

rates, maximum transmission distances, and the physical connectors to be used.


3/21

Describe connection-oriented network service and connectionless network service, and identify thkey differences between them.

Connection-oriented data handling involves using a specific path that is established for the duration of aconnection.

Connectionless data handling involves passing data through a permanently established connection.

Connection-oriented service involves three phases:

Connection establishmentDuring the connection establishment phase, a single path between the source and destination systems isdetermined. Network resources are typically reserved at this time to ensure a consistent grade of servicesuch as a guaranteed throughput rate). Data transfer -- During the data transfer phase, data is transmitte

sequentially over the path that has been established. Data always arrives at the destination system in theorder in which it was sent.

Connection terminationDuring the connection termination phase, an established connection that is no longer needed is terminateFurther communication between the source and destination systems requires that a new connection be

established. Connection-oriented service has two significant disadvantages as compared to connectionlenetwork service:

Static path selectionBecause all traffic must travel along the same static path, a failure anywhere along that path causes theconnection to fail.

Static reservation of network resourcesA guaranteed rate of throughput requires the commitment of resources that cannot be shared by othernetwork users. Unless full, uninterrupted throughput is required for the communication, bandwidth is notused efficiently. Connection-oriented services are useful for transmitting data from applications that are

ntolerant of delays and packet re-sequencing. Voice and video applications are typically based onconnection-oriented services.

Connectionless network service does not predetermine the path from the source to the destination systemnor are packet sequencing, data throughput, and other network resources guaranteed. Each packet mustcompletely addressed because different paths through the network might be selected for different packetsbased on a variety of influences. Each packet is transmitted independently by the source system and ishandled independently by intermediate network devices.

Connectionless service, however, offers two important advantages over connection-oriented service:dynamic-path selection and dynamic-bandwidth allocation.

Dynamic-path selection enables traffic to be routed around network failures because paths are selected opacket-by-packet basis.

Dynamic-bandwidth allocation, bandwidth is used more efficiently because network resources are notallocated a bandwidth that they will not use.

Connectionless services are useful for transmitting data from applications that can tolerate some delay anesequencing. Data-based applications typically are based on connectionless service.


4/21

Describe data link addresses and networkaddresses, and identify the key differences between the

A data link layerAddress uniquely identifies each physical network connection of a network device. Data link addresses arsometimes referred to as physical or hardware addresses. Data link addresses usually exist within a flataddress space and have a pre-established and typically fixed relationship to a specific device. End systemypically have only one physical network connection, and thus have only one data link address. Routers aother internetworking devices typically have multiple physical network connections. They therefore havemultiple data link addresses.

A network-layer address identifies an entity at the network layer of the OSI layers. Network addressesusually exist within a hierarchical address space and sometimes are called virtual or logical addresses.

The relationship between a network address and a device is logical and unfixed; it typically is based eitheon physical network characteristics (the device is on a particular network segment) or on groupings thathave no physical basis (the device is part of an Apple Talk zone). End systems require one network-layeraddress for each network-layer protocol they support. (This assumes that the device has only one physicnetwork connection.) Routers and other internetwork devices require one network-layer address per physnetwork connection for each network-layer protocol supported.

A router, for example, with three interfaces each running Apple Talk, TCP/IP, and OSI must have threenetwork-layer addresses for each interface. The router therefore has nine network-layer addresses.

dentify at least 3 reasons why the industry uses a layered model.

Reduces complexityDividetheinterrelatedaspectsofnetworkoperationintolesscomplexelements.Standardizes interfacesDefinestandardinterfacesfor"plug-and-play"compatibilityandmultivendorintegration.Facilitates module re engineeringEnableengineerstospecializedesignanddevelopmenteffortsonmodularfunctions.

Ensures inter operable technologyPromotesymmetryinthedifferentinternetworkmodularfunctionssotheyinteroperate.Accelerates evolutionPreventchangesinoneareafromimpactingotherareas,soeacharecanevolvemorequickly.Simplifies teaching and learningDividethecomplexityofinternetworkingintodiscrete,moreeasilylearnedoperationsubsets.

Define and explain the 5 conversion steps of data encapsulation.User information is converted to Data.

Data

As an user sends an email message, the messages alphanumeric characters are converted to use thenternetwork. This is the data. Data is converted to Segments

SegmentOne change packages the message "data" for the internetwork transport subsystem. By using segments,he transport function ensures that the message hosts at both ends of the email system can reliablycommunicate. Segments are converted to Packets

PacketThe next change prepares the data by putting the data into a packet or datagram that contains a networkheader with source and destination logical addresses. These addresses help network devices send the

packets across the network alone a chosen path. Packets are converted to Frames


5/21

FrameEach network devices must put the packet into a frame so it can communicate over its interface to thenetwork. The frame allows connection to the net directly connected network device on the link. Each devicn the chosen network path requires framing to connect to the next device. Frames are converted to Bits

BitsThe frame must be converted into a pattern of 1s and 0s for transmission on the medium ( usually a wire Some clocking function enables the devices to distinguish these bits as they traverse the medium.

Define flow control and describe the three basic methods used in networking.

Flow controlt's a function that prevents network congestion by ensuring that transmitting devices do not overwhelmeceiving devices with data. The three commonly used methods for handling network congestion are

buffering, transmitting source-quench messages, and windowing.

BufferingBuffering is used by network devices to temporarily store bursts of excess data in memory until thecan be processed. Occasional data bursts are easily handled by buffering. However, excess data

bursts can exhaust memory, forcing the device to discard any additional datagrams that arrive.

Source quench messagesSource quench messages are used by receiving devices to help prevent their buffers fromoverflowing. The receiving device sends source quench messages to request that the source reducts current rate of data transmission, as follows:

1. The receiving device begins discarding received data due to overflowing buffers.

2. The receiving device begins sending source quench messages to the transmitting device, at the rate oone message for each packet dropped.

3. The source device receives the source quench messages and lowers the data rate until it stops receivithe messages.

4. The source device then gradually increases the data rate as long as no further source quench requestsare received.

WindowingWindowing is a flow-control scheme in which the source device requires an acknowledgement fromthe destination after a certain number of packets have been transmitted. With a window size of threthe source requires an acknowledgment after sending three packets, as follows:

1. The source device sends three packets to the destination device.

2. After receiving the three packets, the destination device sends an acknowledgment to the

source.

3. The source receives the acknowledgment and sends three more packets.

4. If the destinationdoes not receive one or more of the packets for some reason (such as

overflowing buffers), it does not receive enough packets to send an acknowledgment. The

source, not receiving an acknowledgment, retransmits the packets at a reduced transmission

rate.


6/21


7/21

and flexible transfers. The advantage of this technique is that it accommodates more flexibility andmore efficient use of bandwidth.

Frame Relay provides connection-oriented data link layer communication. (This means that a defincommunication exists between each pair of devices and that these connections are associated witconnection identifier.) This service is implemented by using a Frame Relay virtual circuit, which is alogical connection created between two data terminal equipment (DTE) devices across a FrameRelay packet-switched network (PSN). Virtual circuits provide a bi-directional communications pathfrom one DTE device to another and are uniquely identified by a data-link connection identifier

(DLCI). A number of virtual circuits can be multiplexed into a single physical circuit for transmissionacross the network. This capability often can reduce the equipment and network complexity requireto connect multiple DTE devices. Frame Relay virtual circuits fall into two categories: switched virtucircuits (SVCs) and permanent virtual circuits (PVCs).

Some terms frequently when discussing Frame Relay follow:Local access rate. The clock speed (port speed) of the connection (local loop) to the Frame Relaycloud. It is the rate at which data travels into or out of the network, regardless of other settings.

Data-link connection identifier (DLCI)A number that identifies the logical circuit between the CPE/DTE and the Frame Relay switch. The

FR switch maps the DLCIs between each pair of routers to create a PVC. DLCIs have localsignificance in that the identifier references the point between the local router and the Frame Relayswitch to which it is connected.

Local Management Interface (LMI)A signaling standard between the CPE device and the Frame Relay switch that is responsible formanaging the connection and maintaining status between the devices. LMIs include support for akeepalive mechanism, which verifies that data is flowing; a multicast mechanism, which provides tnetwork server with it's local DLCI; the multicast addressing, which gives DLCIs global rather thanlocal significance in Frame Relay networks; and a status mechanism, which provides an ongoingstatus on the DLCIs known to the switch.

The following types of LMIs are supported by Cisco routers (IOS 11.2 or later):

ciscoLMI type define jointly bye Cisco, Northern Telecom, StrataCom and DEC

ansiAnnex D defined by ANSI standard T1.617

q933aAnnex A ITU-T Q.933

Frame Relay Terminology

Committed information rate (CIR) - the average rate (bps) that the Frame Relay switch agrees totransfer data.

Committed burst - the maximum number of bits that the switch agrees to transfer during anyCommitted Rate Measurement Interval.

Excess burst - the maximum number of uncommitted bits that the FR switch will attempt to transfebeyond the CIR (typically limited to the port speed of the local access loop.


8/21

Backward explicit congestion notification (BECN) - when a FR switch recognizes congestion inthe network, It sends a BECN packet to the source router instructing it to reduce its packet sendingrate.Forward explicit congestion notification (FECN) - when a FR switch recognizes congestion in tnetwork, It sends a FECN packet to the destination device indicating that congestion has occurred

Discard eligibility(DE) indicator -when the router detects network congestion, the FR switch willdrop packets with the DE bit set first. The DE bit is set on the oversubscribed traffic; that is the traff

that was received after the CIR was met.

List commands to configure Frame Relay LMIs, maps, and subinterfaces.

router(config-if)#encapsulation frame-relay [ cisco | ietf ] (cisco is the default)router(config-if)# frame-relay lmi-type [ ansi | cisco | q933i ] (autosensed 11.2 and up)router(config-if)# bandwidth kilobits (configur bandwidth for the link, default is T1)router(config-if)# frame-relay inverse-arp [ protocol ] [dlci ] (enabled by default)router(config-if)# ip bandwidth-percent eigrp as-number percent (total bandwidth EIGRP canuse)

router(config-if)# keepalive number( increase/decrease keepalive interval, default is 10 secs.)router(config-if)# frame-relay local-dlci number(to specify DLCI for local interface)router(config-if)# frame-relay map protocol protocol-address dlci [broadcast ] [ ietf | cisco ]payload-compress packet-by-packet (Cisco compression) (broadcast - forward broadcasts to thisaddress when multicast is not enabled)router(config-if)# interface serial number. Subinterface-number [multipoint | point-to-point ](multipoint - forwards broadcasts and routing updates, for routing IP when all routers are in samesubnet) (point-to-point -no broadcasts or updates, each router is in its own subnet)router(config-if)#ip unnumbered interface (point-to-point IP sub-interface)router(config-if)#frame-relay interface-dlci dlci-number(local DLCI number being linked tosub-interface)

The following is a partial config example:

interface Serial 0encapsulation frame-relayframe-relay lmi-type ansi!interface Serial 0.1point-to-pointip address 192.168.155.1 255.255.255.252frame-relay

interface-dlci 123 interface Serial 0encapsulation frame-relayframe-relaylmi-type ansi!interface Serial 0.1 point-to-pointip address 192.168.155.2255.255.255.252frame-relay interface-dlci 124


9/21

List commands to monitor

Frame Relay operation in the router. To monitor Frame Relay connections, perform any of thefollowing tasks in EXEC mode:

Task Command

Clear dynamically created Frame Relay maps, which are created by the use of Inverse ARP.#clear frame-relay-inarp

Display information about Frame Relay DLCIs and the LMI.show interfaces type number Display Lstatistics.#show frame-relay lmi [type number]Display the current Frame Relay map entries.#show frame-relay mapDisplay PVC statistics.#show frame-relay pvc [type number[dlci]]Display configured static routes.#show frame-relay routeDisplay Frame Relay traffic statistics.#show frame-relay traffic

Display information about the status of LAPF.#show frame-relay lapfDisplay all the SVCs under a specified map list.#show frame-relay svc maplist

Identify PPP operations to encapsulate WAN data on Cisco routers.The Point-to-Point Protocol (PPP) originally emerged as an encapsulation protocol for transportingtraffic over point-to-point links. PPP also established a standard for the assignment and managemeof IP addresses, asynchronous (start/stop) and bit-oriented synchronous encapsulation, networkprotocol multiplexing, link configuration, link quality testing, error detection, and option negotiation such capabilities as network-layer address negotiation and data-compression negotiation. PPP

supports these functions by providing an extensible Link Control Protocol (LCP) and a family ofNetwork Control Protocols (NCPs) to negotiate optional configuration parameters and facilities. Inaddition to IP, PPP supports other protocols, including Novell's Internetwork Packet Exchange (IPXand DECnet. PPP provides a method for transmitting datagrams over serial point-to-point links. PPcontains three main components:

A method for encapsulating datagrams over serial linksPPP uses the High-Level Data Link Control (HDLC) protocol as a basis for encapsulating datagramover point-to-point links. (See "Synchronous Data Link Control and Derivatives," for more information HDLC.) An extensible LCP to establish, configure, and test the data-link connection.A family of NCPs for establishing and configuring different network-layer protocols---PPP is design

to allow the simultaneous use of multiple network-layer protocols.

The following is a commonprocedure to configure PPP in your Cisco routers:

Router(config)# username name password secret (name=host name of remote routerSecret=identical on both routers)Router(config-if)# encapsulation pppRouter(config-if)# ppp authentication [chap | pap ] (pap is clear text)Router(config-if)# ppp pap sent-username username password password (for router respondto pap request, 11.1 and up)Router(config-if)# ppp chap hostname hostname (for same host name on multiple routers)


10/21

Router(config-if)# ppp chap password secret (to send to hosts that want to authenticate therouter)

State a relevant use and context for ISDN networking.The goal is of support applications requiring high speed voice, video, and data communications.Digital service with fast connection setup and higher bandwidth than traditional modems.Integrated Services Digital Network (ISDN) is comprised of digital telephony and data-transportservices offered by regional telephone carriers. ISDN involves the digitalization of the telephone

network, which permits voice, data, text, graphics, music, video, and other source material to betransmitted over existing telephone. The emergence of ISDN represents an effort to standardizesubscriber services, user/network interfaces, and network and internetwork capabilities. ISDNapplications include high-speed image applications (such as Group IV facsimile), additional telepholines in homes to serve the telecommuting industry, high-speed file transfer, and video conferencinVoice service is also an application for ISDN. ISDN components include terminals,terminal adapte(TAs), network-termination devices, line-termination equipment, and exchange-terminationequipment.

Identify ISDN protocols,function groups, reference points, and channels.ITU-T groups and organizes the ISDN protocols according to general topic areas.

Protocols that begin with "E" recommend telephone network standards for ISDN. For example, TheE.164 protocol describes international adressing for ISDN.

Protocols that beginwith "I" Deal with concepts, terminology, and general methods. The I.100 serieincludes general ISDN concepts and the structure of other I-series recommendations; I.200 deals wservice aspects of ISDN; I.300 describes network aspects; I.400 describes how the User-NetworkInterface (UNI) is provided.

Protocols beginning with "Q" cover how switching and signaling should operate. The term signalingthis context means the process of call set used. Q.921 describes the ISDN data-link processes ofLAPD, which functions like Layer 2 processes in the ISO/OSI reference model. Q.931 specifies

ISO/OSI reference model Layer 3 functions.

To access ISDN, you must provide functions and reference points that comply with ISDN serviceprovider standards. By using these functions and reference points, you can improve communicatiowith vendors and service providers while you engineer, install, and support your ISDN facilities:

FunctionsDevice types or hardware functions that represent transition points between the reference-pointinterfaces.

Reference points

CCITT has defined the ISDN local loop characterized by different interfaces. The standards call thekey reference points R, S, T, U,and V.R--The reference point between non-ISDN equipment and a TA.S--The reference point between user terminals and the NT2.T--The reference point between NT1 and NT2 devices.U--The reference point between NT1 devices and line-termination equipment in the carrier networkThe U reference point is relevant only in North America, where the NT1 function is not provided by carrier network.

This Figure illustrates a sample ISDN configuration and shows three devices attached to an ISDNswitch at the central office. Two of these devices are ISDN-compatible, so they can be attachedthrough an S reference point to NT2 devices. The third device (a standard, non-ISDN telephone)


11/21

attaches through the reference point to a TA. Any of these devices also could attach to an NT1/2device, which would replace both the NT1 and the NT2. In addition, although they are not shown,similar user stations are attached to the far right ISDN switch.

Describe Cisco's implementation of ISDN BRI.Two 64 Kbps B channels and one 16 Kbps D channel.Accessing ISDN with a Cisco router means that you will need to purchase either a NetworkTermination 1 (NT1) or an ISDN modem. If your router has a BRI interface, you're ready to rock.Otherwise, you can use one of your router's serial interfaces if you can get a hold of a TA. A router

with a BRI interface is call a TE1, and one that requires a TA is called a TE2. ISDN supports virtuaevery upper-layer network protocol (IP, IPX, and AppleTalk), and you can choose PPP, HDLC, orLAPD as your encapsulation protocol.

IOSCisco routers using remote access. Cisco IOS software provides a command interpretercalled EXEC. EXEC interprets the commands you type and carries out the corresponding operatioYou must log in to the router before you can enter an EXEC command.

For security purposes, the EXEC has two levels of access to commands: user mode and privilegedmode.

User ModeTypical tasks include those that check the router status.( The prompt is:Router> )

Privileged modeTypical tasks include those that change the router configuration.( The prompt is:Router# )

Use the context-sensitive help facility.Typing a quesion mark (?) at the user mode prompt or the privileged mode prompt displays a handlist of commonly used commands. With the context-sensitive help, you can do the following:

Last command recall

Command prompting

Syntax checkingThe caret symbol (^) and help response indicate and error. It appears at the point in the commandstring where you have entered and in correct command, keyword, orargument. The error locationindicator and interactive help system allow you to find and correct syntax error easily.

Use the command history and editing features.The user interface includes and enhanced editing mode that provides a set of editing key functions; Move to the beginning of the command line.

; Move to the end of the command line.; Move back one word.; Move forward one character.; Move back one character.; Move forward one word.

or UP arrow; Last (previous) command recallor DOWN arrow; More recent command recallRouter> show history; Show command bufferRouter> terminal history size number-of-lines; Set command buffer sizeRouter> no terminal editing; Disable advanced editing featuresRouter> terminal editing; Re enable advanced editing

; Entry completion


12/21

Examine router elements (RAM, ROM, CDP, show).ROM -Read Only, Hard Wired, Boot Strap, IOS, ROM MonitorRAM - IOS & Running Configuration (Main Memory)NVRAM - Startup Config --Saved via battery (10 yr Life Span)Flash - IOS (PCMCIA Cards or SIMMs)Shared RAM - Packet Buffering(Not all platforms)

The Cisco Discovery Protocol (CDP) is a media- and protocol-independent protocol that runs on a

Cisco-manufactured equipment including routers, bridges, access servers and switches. CDP runsall media that supports Subnetwork Access Protocol (SNAP) including local area network, FrameRelay and ATM media. CDP runs over the data link layer only. Specify the frequency of transmissioof CDP updates.

show version --- Displays the configuration of the system hardware, the software version, the namand sources of configuration files, and boot images.

show mem --- Shows statistics about the router's memory, including memory free pool statistics.

show cdp [interface | neighbors | entry device-name] --- Shows CDP statistics.

show protocols --- Displays the protocols configured on the router.

Manage configuration files from the privileged exec mode.

show startup-config --- To view the configuration in NVRAM (show config = pre10.3)show running-config ---To view the current running configuration (write term = pre 10.3)show version--- Displays the configuration of the system hardware, the software version, thenames and sources of configuration files, and the boot images.show processes--- Displays information about the active processes.show protocols ---Displays the configured protocols and status of any configured Layer 3 protoco

show mem --- Shows statistics about the router's memory, including memory free pool statistics.show ip route --- Displays the entries in the routing table.show flash ---Shows information about the Flash memory device.show interfaces--- Displays statistics for all interfaces configured on the router.

Control router passwords, identification, and banner.

Cisco routers have two levels of passwords that can be applied; user and privileged EXEC. The usEXEC Passwords are applied to the console, auxiliary and virtual terminal lines of the Cisco routerPassword authentication can be either on the line, through a local username definition or a TACACextended TACACS, TACACS+ or RADIUS server. To enter privileged EXEC mode, use the enable

command. By default, the password will be compared against the password entered with the enabsecret global command.

You can secure your system by using passwords to restrict access. Passwords can be establishedboth on individual lines and in the privileged EXEC mode.

line console 0 --- Establishes a password on theconsole terminal.line vty 0 4 --- Establishes password protection on incoming Telnet sessions.enable password --- Restricts access to the privileged EXEC mode.


13/21


14/21

Serial0 unassigned YES not set administratively down downSerial1 172.16.72.2 YES not set up upConfiguring global parameters:Enter host name [Router]:The enable secret is a one-way cryptographic secret used instead of the enable password when itexists.Enter enable secret []: The enable password is used when thereis no enable secret and when usinolder software and some boot images.Enter enable password [ww]:

Enter virtual terminal password [ww]:Configure SNMPNetwork Management? [yes]:Community string [public]:Configure IP? [yes]:Configure IGRP routing? [yes]:Your IGRP autonomous system number [15]:Configuring interface Ethernet0:Is this interface in use? [yes]:Configure IP on this interface? [yes]:IP address for this interface [172.16.72.2]:

Number of bits in subnet field [8]:Class B network is 172.16.0.0, 8 subnet bits; mask is /24

Copy and manipulate configuration files.copy running-config tftp --- Store the current configuation in RAM on a network TFTP server.erase startup-config --- Erase the contents of NVRAM.copy running-config startup-config --- Store the cunrrent configuration in RAM into NVRAM.

List the commands to load Cisco IOS software from: flash memory, a TFTP server, orROM. To configure a router to automatically boot an image in Flash memory, perform the followingtasks:

Step 1 Enter configuration mode from the terminal configure terminalStep 2 Enter the filename of an image stored in Flash memory boot system flash [filename]boot system flash slot0:[filename]boot system flash slot1:[filename]boot system flash bootflash:[filename]

Step 3 Set the configuration register to enable loading image from Flash memory (generally 0x210config-register valueStep 4 Save configuration filecopy running-config startup-configTo configure a router to load a system image from a network server using TFTP, rcp or MOP:

Step 1 Enter configuration mode form the terminal configure terminalStep 2 Specify the system image to be booted from a network server using rcp, TFTP or MOP.Boot system [rcp | tftp] filename [ip address]boot system mop filename[mac-address] [int]Step 3 Set the configuration register to enable loading image from a network server (generally0x010F)config-register valueStep 4 Save configuration filecopy running-config startup-configTo specify the use of the ROM system image as a backup to other boot instructions in theconfiguration file:


15/21


16/21

portion of the address; the remaining 12 hex digits (0000.8609.33E9) represent the node portion aare the MAC address of the workstation.

Configure IP addresses.

Use command ip address ip-address subnet-mask to configure IP address.Router(config-if)# ip address ip-address subnet-mask (assigns address & subnet mask, starts

processing on an interface)Router# term ip netmask-format {bitcount | decimal | hexadecimal } (sets format of network masfor current session. Defaults back to bit count.)Router(config-if)# ip netmask-format {bitcount | decimal | hexadecimal } (sets format of networkmask for a specific line)

Verify IP addresses.Telnet - verifies application-layer software between source and destination stations.Ping - uses ICMP to verify hardware connection and logical address of network layer.Trace - uses TTL values to generate messages from each router used along the path.

List the required IPX address and encapsulation type.

Interface TypeEncapsulation IPX Frame Type

Ethernetnovell-ether (default) Ethernet_802.3 arpaEthernet_IIsap Ethernet_802.2 snapEthernet_SnapToken Ringsap (default)Token-Ring snapToken-Ring_SnaFDDIsnap (default)Fddi_Snap sap Fddi_802.2

Novell NetWare IPX supports multiple encapsulation schemes on a single router interface, providethat multiple network numbers are assigned. Encapsulation is the process of packaging upper-layeprotocol information and data into a frame. NetWare supports the following four encapsulationschemes:

Novell Proprietary---Also called "802.3 raw" or Novell Ethernet_802.3, Novellproprietary serves as the initial encapsulation scheme Novell uses. It includes an Institute of Electrand Electronic Engineers (IEEE) 802.3 Length field but not an IEEE 802.2 (LLC) header. The IPXheader immediately follows the 802.3 Length field.

802.3---Also called Novell_802.2, 802.3 is the standard IEEE 802.3 frame format.

Ethernet Version 2---Also called Ethernet-II or ARPA, Ethernet Version 2 includes the standardEthernet Version 2 header, which consists of Destination and Source Address fields followed by anEtherType field.

SNAP---Also called Ethernet_SNAP, SNAP extends the IEEE 802.2 header by providing a type codsimilar to that defined in the Ethernet Version 2 specification.

Enable the Novell IPX protocol and configure interfaces.Configuration of Novell IPX as a routing protocol involves both global and interface parameters.

Start the IPX routing process Enable load sharing, if appropriate for your network. Load sharing is


17/21


18/21

Identify the functions performed by ICMP.

The Internet Control Message Protocol (ICMP) is a network-layer Internet protocol that providesmessage packets to report errors and other information regarding IP packet processing back to thesource. ICMPs generate several kinds of useful messages, including Destination Unreachable, EchRequest and Reply, Redirect, Time Exceeded, and Router Advertisement and Router Solicitation.Destination Unreachable - The ICMP destination unreachable message is sent by a router if it isunable to deliver a packet to the ultimate destination. The router discards the original packet.

Destinations might be unreachable for these reasons:The source host specified a nonexistent address.The router does not have a route to the destination (less frequent).

Destination unreachable messages include the following:Network unreachable-- This message usually implies routing or addressing failures.Host unreachable -- This message usually implies delivery failures such as a wrong subnet maskProtocol unreachable This message usually implies that the destination does not support uppelayer protocol specified in the packet.Port unreachable -- This message usually implies that the Transmission Control Protocol (TCP) p

(socket) is not available.

Echo Request and Reply - The ICMP echo request message is sent by any host to test nodereachability across an internetwork. It is generated by the ping command. The ICMP echo replymessage indicates that the node can be successfully reached.Redirect - An ICMP redirect message is sent by the router to the source host to stimulate moreefficient routing. The router still forwards the original packet to the destination. ICMP redirects allowhost routing tables to remain small because knowing the address of only one router is required (evif that router does not provide the best path). Even after receiving an ICMP redirect message, somedevices might continue using the less efficient route.Time Exceeded - An ICMP time-exceeded message is sent by the router if an IP packet's Time-to-

Live field (expressed in hops or seconds) reaches zero. The Time-to-Live field prevents packets frocontinuously circulating the internetwork if the internetwork contains a routing loop. The routerdiscards the original packet.

Router Advertisement and Router Solicitation - The ICMP Router Discovery Protocol (IRDP) usrouter advertisement and router solicitation messages to discover the addresses of routers on direattached subnets.

IRDP works as follows:1.Each router periodically multicasts router advertisement messages from each of itsinterfaces.2.Hosts discover addresses of routers on directly attached subnets by listening for these message

3.Hosts can use router solicitation messages to request immediate advertisements, rather thanwaiting for unsolicited messages.

IRDP offers several advantages over other methods of discovering addresses of neighboring routePrimarily, it does not require hosts to recognize routing protocols, nor does it require manualconfiguration by an administrator. Router advertisement messages allow hosts to discover theexistence of neighboring routers, but not which router is best to reach a particular destination. If ahost uses a poor first-hop router to reach a particular destination, it receives a redirect messageidentifying a better choice.

Undeliverable ICMP messages (for whatever reason) do not generate a

second ICMP message. Doing so could create an endless flood of ICMP messages.


19/21

Configure IPX access lists and SAP filters to control basic Novell traffic.

The Service Advertisement Protocol (SAP) is an IPX protocol through which network resources, suas file servers and print servers, advertise their addresses and the services they provide.Advertisements are sent via SAP every 60 seconds. Services are identified by a hexadecimalnumber, which is called a SAP identifier (for example, 4 = file server, and 7 = print server).Using the SAP identifier, SAP advertisements can be filtered on a router's input or output port, or fra specific router. SAP filters conserve network bandwidth and are especially useful in large Novellinstallations where hundreds of SAP services exist. In general, the use of SAP filters is

recommended for services that are not required for a particular network. Remote sites, for exampleprobably do not need to receive SAP advertising print services located at a central site. A SAP outpfilter at the central site (preferred) or a SAP input filter that uses the SAP identifier for a print serverthe remote site prevents the router from including print services in SAP updates.

Access lists can control most protocols on a Cisco router.ProtocolTypeRange IdentifierIPStandard Extended1-99 100-199 Named (IOS 11.2 orlater)IPXStandardExtendSAP Filter800-899 900-999 1000-1099AppleTalk600-699

For example:

access-list 1000 deny3c01.0000.0000.0001access-list 1000 permit -1

interfaceethernet 0ipx network 3c

ipx input-sap-filter 1000interface ethernet 1ipx network 4dinterface serial 0ipx network 2b

Routing Add the RIP routing protocol to your configuration.The Routing Information Protocol (RIP) is a distance-vector protocol that uses hop count as its meRIP is widely used for routing traffic in the global Internet and is an interior gateway protocol (IGP)which means that it performs routing within a single autonomous system. RIP has the following keycharacteristics:It is a distance vector routing protocol.Hop count is used as the metirc for path selection.The maximum allowable hop count is 15.Routing updates are broadcast every 30 seconds by default.To configure RIP to your network, use the following commands:

Router(config)# router rip;To select RIP as the routing protocolRouter(config-router)# network{network_number;To assign a NIC-based address to which therouter is directly connected.

The routing process will associate interfaces with the proper addresses and will begin packetprocessing on the specified networks.

Add the IGRP routing protocol to your configuration.

Interior Gateway Routing Protocol (IGRP) is a distance vector routing protocol developed by


20/21

Cisco. IGRP sends routing updates at 90-second intervals to advertise networks for a particularautonomous system. The following are some key characteristics of IGRP:Design emphasizes: Versatility to automatically handle indefinite, complex topologies.Flexibility for segments having different bandwidth and delay characteristics.Scalability to function in very large networks.

The IGRP routing protocol uses a combination of variables to determine a composite metric.

Variables IGRP uses include: Bandwidth, Delay, Load, Reliability, Maximum transmission unit (MTUTo configure IGRP to your network, use the following commands:Router(config)# router igrp {autonomous_system}; Identifies the IGRP router processes that willshare routing information.

Router(config-router)# network {network_number} ; Specifies any directly connected networks tobe included, it's a NIC network number, not a subnet number or individual address.

Explain the services of separate and integrated multi protocol routing.

Separate routing --- The ships-in-the-night approach involves the use of a different routing protoco

for each network protocol.

Integrated routing --- Integrated routing involves the use of a single routing protocol (for examplelink state protocol) that determines the least cost path for different routed protocols.

List problems that each routing type encounters when dealing with topology changes anddescribe techniques to reduce the number of these problems.

Distance Vector protocols,like RIP and IGRP, use the Bellman-Ford algorithm. They are slow toconverge in a large LAN. This can lead to inconsistent routing entries and cause routing loops.

Hop-Count Limit --- RIP permits a maximum hop count of 15. Any destination greater than 15 hopaway is tagged as unreachable. RIP's maximum hop count greatly restricts its use in largeinternetworks, but prevents a problem called count to infinity from causing endless network routingloops.

Hold-Downs -- Hold-downs are used to prevent regular update messages from inappropriatelyreinstating a route that has gone bad. When a route goes down, neighboring routers will detect thisThese routers then calculate new routes and send out routing update messages to inform theirneighbors of the route change. This activity begins a wave of routing updates that filter through thenetwork.

Triggered updates-- do not instantly arrive at every network device. It is therefore possible that adevice that has yet to be informed of a network failure may send a regular update message(indicating that a route that has just gone down is still good) to a device that has just been notified othe network failure. In this case, the latter device now contains (and potentially advertises) incorrecrouting information. Hold-downs tell routers to hold down any changes that might affect recentlyremoved routes for some period of time.The hold-down period is usually calculated to be just greater than the period of time necessary toupdate the entire network with a routing change. Hold-down prevents the count-to-infinity problem.

Split Horizons --Split horizons derive from the fact that it is never useful to send information aboutroute back in the direction from which it came. The split-horizon rule helps prevent two-node routinloops.


21/21

Poison Reverse Updates - Whereas split horizons should prevent routing loops between adjacenrouters, poison reverse updates are intended to defeat larger routing loops. The idea is that increain routing metrics generally indicate routing loops. Poison reverse updates are then sent to removethe route and place it in hold-down. Poison Reverse update are updates sent to other routers with aunreachable metric.

Link StateLink State routing uses the Dijkstra algorithm to compute the shortest path first to another network

Link State routing protocols, like OSPF & NLSP, notify other routers of topology changes with link-state updates. The router receiving these LSP's recalculate their routing table.The 2 link-state concerns are:Processing and memory required for link-state routing.Bandwidth consumed for initial link-state"flood".Link state updates can arrive at different times based on bandwidth between routers.To solve this problem:Dampen the periodic update (longer intervals)Use time stampsUse targeted mulitcast (not flood), define router hierarchies (i.e. partition network)

Describe the benefits of network segmentation with routers.

Manageability --- There are explicit protocols operating among routers, giving the networkadministrator greater control over path selection; and network routing behavior is more visible.Functionality --- Because routers are visible to the end stations, you can implement mechanisms provide flow control, error and congestion control, fragmentation and reassembly services, andexplicit packet lifetime control.Multiple active paths --- With the implementation of a router, you can use a network topology usinmore than one path between stations. Operating at the network layer, routers can examine protocodestination service access point (DSAP), source service access point (SSAP), and path metricinformation before making forwarding or filtering decisions.

Network Security

Configure standard and extended access lists to filter IP traffic. Access lists are statements thatspecify conditions that an administrator sets so the router will handle the traffic covered by the acclist in an out-of-the ordinary manner. Access lists give added control for processing the specificpackets in a unique way. The two main types of access lists are standard and extended.

Standard access lists for IP check the source address of packets that could be routed. The result

permits or denies output for an entire protocol suite, based on the network/subnet/host address.

Extended access lists check for both source and destination packet addresses. The also can checfor specific protocols, port numbers, and other parameters, which allows administrators more flexibto describe what checking the access list will do. Packets can be permitted or denied output basedwhere the packet originated and on its destination.

Documents

From Cisco Manuals