Classful IP Subnet Calculations

Josh Gentry, jgentry@swcp.comv.1.2, 07 Septemeber, 2005

PDF version now available.

1. IP Addressing

At this point you should know that IP, the Internet Protocol, is a network layer (OSI layer 3) protocol, used to route packets between hosts on different networks. To suit this purpose, IP must define an addressing scheme, so that a packet's intended destination can be indicated.

An IP address is composed of 32 bits. These 32 bits are divided into 4 octets of 8 bits each. You may have seen an IP address represented like this: 172.68.15.24. We must remember, however, that the computer understands this number only in binary, so we must often deal with them in binary. Many people are intimidated by this initially, but soon find that it is not difficult. If you do not allow yourself to be flustered, you can master this topic.

IP addresses are assigned to orginazations in blocks. Each block belongs to one of three classes: class A, class B, or class C. You can tell what class an IP address is by the value in its first octet.

Class A 1-126Class B 128-191Class C 192 -->

An IP address consists of two fields. The first field identifies the network, and the second field identifies the node on the network. Which bits of the address are in the network field and which bits are in the host field is determined by the subnet mask.

When a class A IP license is granted, you are assigned something like this: 99.0.0.0. Only the value of the bits in the first octet are assigned. This means you are free to assign any values you wish in the second, third and fourth octets.

The defualt subnet mask for a class A network is 255.0.0.0. High bits, ones, indicate the bits that are part of the network field of the IP address. The default subnet mask does not create subnets. Therefor, a class A network with the default subnet mask is one network. The three octets that are unassigned and unmasked are part of the host field of the address. There is a total of 24 bits in those three octets. Each bit can be in one of two states. Therefor, 2^24 is the number of host addresses that can be assigned on that network, almost. Two addresses are reserved on every network, x.x.x.0 and x.x.x.255. So the total number of hosts possible on this network is 2^24. 2^24-2=16,777,214 hosts for a class A IP network.

When a class B license is granted, the first two octets are assigned. For example, 172.198.x.x. The default subnet mask for a class B is 255.255.0.0. One network, two octets free, 16 bits for the host address field. 2^16-2=65,534 possible host addresses on a class B IP network.

When a class C license is granted, the first three octets are assigned, for example: 193.52.16.0. The default subnet mask for a class C is 255.255.255.0. Once octet makes up the host address field. 2^8-2=254 host addresses possible on a class C network.

2. Reason for Subnetting

We said that the default subnet mask for a class A IP network is 255.0.0.0. Once octet only of a class A network address identifies the network, with this subnet mask. This leaves three octets of 8 bits each, or 24 bits, to identify the host on that one network. 2^24=16,777,216 addresses. Two addresses are reserved, x.x.x.0 and x.x.x.255. 16,777,214 nodes can be assigned an IP address on this network.

It is highly unlikely that any organization would want one network of 16,777,214 nodes. They might want that many devices connected in a wide area network (WAN), thus capablee of communicating when neccessary, but they will want to subdivide this huge network into mostly self-contained subnetworks of nodes that communicate with each other often. This is called subnetting.

To understand why, consider what would happen in either a broadcast or a token passing network that consisted of over 16,000,000 nodes. Nothing would happen. It simply would not work. Though the problem is not as drastic, class B and class C IP networks are often subnetted, also.

The subnet mask is used to subdivide an IP network into subnets. This is a division that takes place in OSI layer 3, so it is a logical division that is created by the addressing scheme. This logical division is usually combined with a physical division. Many subnets are physically isolated from the rest of the network by a device such as a router or a switch. This aspect of subnetting is discussed in Unit 3--Data Link Layer.

3. How Subnetting Works

The bits of an address that are masked by the subnet mask are the bits that make up the network field of the address. To subnet, the default subnet mask for a network is extended to cover bits of the address that would otherwise be part of the host field. Once these bits are masked, they become part of the network field, and are used to identify subnets of the larger network.

Here is where we begin dealing with both addresses and subnetmasks in binary. Get yourself a cold beverage, stretch, take a deep breath and don't worry. Once you get your brain around the concepts, it is not difficult. You just have to keep trying until the light goes on.

3.1 Translating Binary to Decimal

Both IP addresses and subnet masks are composed of 32 bits divided into 4 octets of 8 bits each. Here is how a single octet translates from binary to decimal. Consider an octet of all ones: 11111111.

128 64 32 16 8 4 2 1--- -- -- -- - - - - 1 1 1 1 1 1 1 1 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255

Here's another: 10111001

128 64 32 16 8 4 2 1--- -- -- -- - - - - 1 0 1 1 1 0 0 1128 + 0 + 32 +16 + 8 + 0 + 0 + 1 = 185

and 00000000

128 64 32 16 8 4 2 1--- -- -- -- - - - - 0 0 0 0 0 0 0 0 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 = 0

3.2 Converting Decimal to Binary

Converting decimal to binary is similar. Consider 175:

128 64 32 16 8 4 2 1--- -- -- -- - - - - 1 0 1 0 1 1 1 1128 + 0 + 32 + 0 + 8 + 4 + 2 + 1 = 175

175=10101111

3.3 Simple Subnetting

The simpliest way to subnet is to take the octet in the subnet mask that covers the first unassigned octet in the IP address block, and make all its bits high. Remember, a high bit, a 1, in the subnet mask indicates that that corresponding bit in the IP address is part of the network field. So, if you have a class B network 172.160.0.0, with the subnet mask 255.255.0.0, you have one network with 65, 534 possible addresses. If you take that subnet mask and make all the bits in the third octet high

128 64 32 16 8 4 2 1--- -- -- -- - - - - 1 1 1 1 1 1 1 1128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255

you get the subnet mask 255.255.255.0.

172.60. 0. 0255.255.255.0

Now the third octet of all the addresses on this network are part of the network field instead of the host field. That is one octet, or eight bits, that can be manipulated to create subnets. 2^8=256 possible subnets now on this class B network.

One octet is left for the host field. 2^8-2=254 possible host addressed on each subnet.

3.4 Advanced Subnetting

That is the simplist way to subnet, but it may not be the most desirable. You might not want 254 subnets on your class B network. Instead, you might use a subnet mask like 255.255.224.0. How many subnets would this give you? The first step is to see how many bits are allocated to the network by this mask.

128 64 32 16 8 4 2 1--- -- -- -- - - - - 1 1 1 0 0 0 0 0128 + 64 + 32 + 0 + 0 + 0 + 0 + 0 = 224

3 bits are allocated. 2^3=8 subnets.

How many hosts on each subnet? Well, 5 bits from this octet are left for the host field, and 8 bits in the fourth octet, for a total of 13 bits in the host field. 2^13-2=8190 possible hosts on each subnet.

The subnet mask is always extended by masking off the next bit in the address, from left to right. Thus, the last octet in the subnet mask will always be one of these: 128, 192, 224, 240, 248, 252, 254 or 255.

Given the IP address of a host and the subnet address for the network, you need to be able to calculate which subnet that host is on. To do this we compare the binary representation of the pertinent octet of the subnet mask witht he binary representation of the corresponding octet in the IP address. Example:

IP address=172.60.50.2subnet mask=255.255.224.0

50= 00110010224=11100000

We perform a logical on these two numbers. We will be left with only the bits where there is a one in both octets.

00110010

11100000--------00100000=32

This host is on subnet 172.60.32.0.

We also need to be able to find the range of assignable IP addresses on this subnet. To do this, we take the binary that tells us the subnet address, in this case 00100000, and compare it with the subnet mask.

0010000011100000

The bits convered by the mask we will leave as they are. The rest of the bits we make high. So

0010000011100000--------0011111=63

The range of assignable IP addresses on the subnet 172.60.32.0 is 172.60.32.1-172.60.63.254.

On every network and subnet, two addresses are reserved. At the low end of the range of addresses for the network or subnet, in this case 172.60.64.0, is the address for the network or subnet itself. The address at the high end of the range of addresses, in this case 172.60.95.255, is the broadcast address. Any message sent to the broadcast address will be received by every host on the network.

4. Sample Problem

Here is a sample problem for you to calculate. When you are done, you can check your answers using an online subnet calcualtor at Tactix Engineering.

IP address: 154.16.52.16subnet mask: 255.255.240.0

Find:Number of subnets possible on this network:Number of hosts possible on each subnet:Which subnet this address is on:Range of addresses on that subnet:

**************************************************************************************************************************************

Cisco Router Configuration Tutorial

Josh Gentry, jgentry@swcp.comv.1.3, 30 April, 2006

This document covers basic Cisco router IP configuration using the command-line interface

AcknowledgmentsThe following sources where extremely useful:

Leinwand, Pinsky, and Culpepper. Cisco Router Configuration. Indianapolis, Indiana: Cisco Press, 1998.

Cisco Systems, Inc., http://www.cisco.com

DisclaimerThis document carries no explicit or implied warranty. Nor is there any guarantee that the information contained in this document is accurate. It is offered in the hopes of helping others, but you use it at your own risk. The author will not be liable for any damages that occur as a result of using this document.

ConventionsImportant terms and concepts, when they are introduced, may be displayed in bold. Commands included in the body of the text will be displayed in this font. All names and addresses used in examples are just that, examples, and should not be used on your network. Do not type them in verbatim when configuring your system. Finally, in some examples where the command rquires an IP address as an argument, the IP address may be represented in this way, xx.xx.xx.xx, or aa.bb.cc.dd. You will never actually use these strings when configuring your system. They are mearly a convention of this document to specify that you should substitute the appropriate IP address at that point.

1. What this document covers

There are several methods available for configuring Cisco routers. It can be done over the network from a TFTP server. It can be done through the menu interface provided at bootup, and it can be done from the menu interface provided by using the command setup. This tutorial does not cover these methods. It covers configuration from the IOS command-line interface only. Useful for anyone new to Cisco routers, and those studying for CCNA.

Note that this tutorial does not cover physically connecting the router to the networks it will be routing for. It covers operating system configuration only.

1.1 Reasons for using the command-line

The main reason for using the command-line interface instead of a menu driven interface is speed. Once you have invested the time to learn the command-line commands, you can perform many operations much more quickly than by using a menu. This is basically true of all command-line vs. menu interfaces. What makes it especially efficient to learn the command-line interface of the Cisco IOS is that it is standard across all Cisco routers. Also, some questions on the CCNA exam require you to know command-line commands.

2. Getting started with Cisco

Initially you will probably configure your router from a terminal. If the router is already configured and at least one port is configured with an IP address, and it has a physical connection to the network, you might be able to telnet to the router and configure it across the network. If it is not already configured, then you will have to directly connect to it with a terminal and a serial cable. With any Windows box you can use Hyperterminal to easily connect to the router. Plug a serial cable into a serial (COM) port on the PC and the other end into the console port on the Cisco router. Start Hyperterminal, tell it which COM port to use and click OK. Set the speed of the connection to 9600 baud and click OK. If the router is not on, turn it on.

If you wish to configure the router from a Linux box, either Seyon or Minicom should work. At least one of them, and maybe both, will come with your Linux distribution.

Often you will need to hit the Enter key to see the prompt from the router. If it is unconfigured it will look like this:

Router>

If it has been previously configured with a hostname, it will look like this:

hostname of router>

If you have just turned on the router, after it boots it will ask you if you wish to begin initial configuration. Say no. If you say yes, it will put you in the menu interface. Say no.

2.1 Modes

The Cisco IOS command-line interface is organized around the idea of modes. You move in and out of several different modes while configuring a router, and which mode you are in determines what commands you can use. Each mode has a set of commands available in that mode, and some of these commands are only available in that mode. In any mode, typing a question mark will display a list of the commands available in that mode.

Router>?

2.2 Unprivileged and privileged modes

When you first connect to the router and provide the password (if necessary), you enter EXEC mode, the first mode in which you can issue commands from the command-line. From here you can use such unprivileged commands as ping, telnet, and rlogin. You can also use some of the show commands to obtain information about the system. In unprivileged mode you use commands like, show version to display the version of the IOS the router is running. Typing show ? will diplay all the show commands available in the mode you are presently in.

Router>show ?

You must enter privileged mode to configure the router. You do this by using the command enable. Privileged mode will usually be password protected unless the router is unconfigured. You have the option of not password protecting privileged mode, but it is HIGHLY recommended that you do. When you issue the command enable and provide the password, you will enter privileged mode.

To help the user keep track of what mode they are in, the command-line prompt changes each time you enter a different mode. When you switch from unprivileged mode to privileged mode, the prompt changes from:

Router>

to

Router#

This would probably not be a big deal if there were just two modes. There are, in fact, numerous modes, and this feature is probably indispensable. Pay close attention to the prompt at all times.

Within privileged mode there are many sub-modes. In this document I do not closely follow Cisco terminology for this hierarchy of modes. I think that my explanation is clearer, frankly. Cisco describes two modes, unprivileged and privileged, and then a hierarchy of commands used in privileged mode. I reason that it is much clearer to understand if you just consider there to be many sub-modes of privileged mode, which I will also call parent mode. Once you enter privileged mode (parent mode) the prompt ends with a pound sign (#). There are numerous modes you can enter only after entering privileged mode. Each of these modes has a prompt of the form:

Router(arguments)#

They still all end with the pound sign. They are subsumed within privileged mode. Many of these modes have sub-modes of their own. Once you enter priliged mode, you have

access to all the configuration information and options the IOS provides, either directly from the parent mode, or from one of its submodes.

3. Configuring your Cisco Router

If you have just turned on the router, it will be completely unconfigured. If it is already configured, you may want to view its current configuration. Even if it has not been previously configured, you should familiarize yourself with the show commands before beginning to configure the router. Enter privileged mode by issuing the command enable, then issue several show commands to see what they display. Remember, the command show ? will display all the showcommands aavailable in the current mode. Definately try out the following commands:

Router#show interfacesRouter#show ip protocolsRouter#show ip routeRouter#show ip arp

When you enter privileged mode by using the command enable, you are in the top-level mode of privileged mode, also known in this document as "parent mode." It is in this top-level or parent mode that you can display most of the information about the router. As you now know, you do this with the show commands. Here you can learn the configuration of interfaces and whether they are up or down. You can display what IP protocols are in use, such as dynamic routing protocols. You can view the route and ARP tables, and these are just a few of the more important options.

As you configure the router, you will enter various sub-modes to set options, then return to the parent mode to display the results of your commands. You also return to the parent mode to enter other sub-modes. To return to the parent mode, you hit ctrl-z. This puts any commands you have just issued into affect, and returns you to parent mode.

3.1 Global configuration (config)

To configure any feature of the router, you must enter configuration mode. This is the first sub-mode of the parent mode. In the parent mode, you issue the command config.

Router#configRouter(config)#

As demonstrated above, the prompt changes to indicate the mode that you are now in.

In connfiguration mode you can set options that apply system-wide, also refered to as "global configurations." For instance, it is a good idea to name your router so that you can easily identify it. You do this in configuration mode with the hostname command.

Router(config)#hostname ExampleNameExampleName(config)#

As demonstrated above, when you set the name of the host with the hostname command, the prompt immediately changes by replacing Router with ExampleName. (Note: It is a good idea to name your routers with an organized naming scheme.)

Another useful command issued from config mode is the command to designate the DNS server to be used by the router:

ExampleName(config)#ip name-server aa.bb.cc.ddExampleName(config)#ctrl-ZExampleName#

This is also where you set the password for privileged mode.

ExampleName(config)#enable secret examplepasswordExampleName(config)#ctrl-ZExampleName#

Until you hit ctrl-Z (or type exit until you reach parent mode) your command has not been put into affect. You can enter config mode, issue several different commands, then hit ctrl-Z to activate them all. Each time you hit ctrl-Z you return to parent mode and the prompt:

ExampleName#

Here you use show commands to verify the results of the commands you issued in config mode. To verify the results of the ip name-server command, issue the command show host.

3.2 Configuring Cisco router interfaces

Cisco interface naming is straightforward. Individual interfaces are referred to by this convention:

media type slot#/port#

"Media type" refers to the type of media that the port is an interface for, such as Ethernet, Token Ring, FDDI, serial, etc. Slot numbers are only applicable for routers that provide slots into which you can install modules. These modules contain several ports for a given media. The 7200 series is an example. These modules are even hot-swapable. You can remove a module from a slot and replace it with a different module, without interrupting service provided by the other modules installed in the router. These slots are numbered on the router.

Port number refers to the port in reference to the other ports in that module. Numbering is left-to-right, and all numbering starts at 0, not at one.

For example, a Cisco 7206 is a 7200 series router with six slots. To refer to an interface that is the third port of an Ethernet module installed in the sixth slot, it would be interface ethernet 6/2. Therefor, to display the configuration of that interface you use the command:

ExampleName#show interface ethernet 6/2

If your router does not have slots, like a 1600, then the interface name consists only of:

media type port#

For example:

ExampleName#show interface serial 0

Here is an example of configuring a serial port with an IP address:

ExampleName#configExampleName(config)#interface serial 1/1ExampleName(config-if)#ip address 192.168.155.2 255.255.255.0ExampleName(config-if)#no shutdownExampleName(config-if)#ctrl-ZExampleName#

Then to verify configuration:

ExampleName#show interface serial 1/1

Note the no shutdown command. An interface may be correctly configured and physically connected, yet be "administratively down." In this state it will not function. The command for causing an interface to be administratively down is shutdown.

ExampleName(config)#interface serial 1/1ExampleName(config-if)#shutdownExampleName(config-if)#ctrl-ZExampleName#show interface serial 1/1

In the Cisco IOS, the way to reverse or delete the results of any command is to simply put no infront of it. For instance, if we wanted to unassign the IP address we had assigned to interface serial 1/1:

ExampleName(config)#interface serail 1/1ExampleName(config-if)#no ip address 192.168.155.2 255.255.255.0ExampleName(config-if)ctrl-ZExampleName#show interface serial 1/1

Configuring most interfaces for LAN connections might consist only of assigning a network layer address and making sure the interface is not administratively shutdown. It is usually not necessary to stipulate data-link layer encapsulation. Note that it is often

necessary to stipulate the appropriate data-link layer encapsulation for WAN connections, such as frame-relay and ATM. Serial interfaces default to using HDLC. A discussion of data-link protocols is outside the scope of this document. You will need to look up the IOS command encapsulation for more details.

3.3 Configuring Cisco Routing

IP routing is automatically enabled on Cisco routers. If it has been previously disabled on your router, you turn it back on in config mode with the command ip routing.

ExampleName(config)#ip routingExampleName(config)#ctrl-Z

There are two main ways a router knows where to send packets. The administrator can assign static routes, or the router can learn routes by employing a dynamic routing protocol.

These days static routes are generally used in very simple networks or in particular cases that necessitate their use. To create a static route, the administrator tells the router operating system that any network traffic destined for a specified network layer address should be forwarded to a similiarly specified network layer address. In the Cisco IOS this is done with the ip route command.

ExampleName#configExampleName(config)#ip route 172.16.0.0 255.255.255.0 192.168.150.1ExampleName(config)#ctrl-ZExampleName#show ip route

Two things to be said about this example. First, the packet destination address must include the subnet mask for that destination network. Second, the address it is to be forwarded to is the specified addres of the next router along the path to the destination. This is the most common way of setting up a static route, and the only one this document covers. Be aware, however, that there are other methods.

Dynamic routing protocols, running on connected routers, enable those routers to share routing information. This enables routers to learn the routes available to them. The advantage of this method is that routers are able to adjust to changes in network topologies. If a route is physically removed, or a neighbor router goes down, the routing protocol searches for a new route. Routing protocols can even dynamically choose between possible routes based on variables such as network congestion or network reliability.

There are many different routing protocols, and they all use different variables, known as "metrics," to decide upon appropriate routes. Unfortunately, a router needs to be running the same routing protocols as its neighbors. Many routers can, however, run mutliple protocols. Also, many protocols are designed to be able to pass routing information to other routing protocols. This is called "redistribution." The author has no experience with

trying to make redistribution work. There is an IOS redistribute command you can research if you think this is something you need. This document's compagnion case study describes an alternative method to deal with different routing protocols in some circumstances.

Routing protocols are a complex topic and this document contains only this superficial description of them. There is much to learn about them, and there are many sources of information about them available. An excelent source of information on this topic is Cisco's website, http://www.cisco.com.

This document describes how to configure the Routing Information Protocol (RIP) on Cisco routers. From the command-line, we must explicitly tell the router which protocol to use, and what networks the protocol will route for.

ExampleName#configExampleName(config)#router ripExampleName(config-router)#network aa.bb.cc.ddExampleName(config-router)#network ee.ff.gg.hhExampleName(config-router)#ctrl-ZExampleName#show ip protocols

Now when you issue the show ip protocols command, you should see an entry describing RIP configuration.

3.4 Saving your Cisco Router configuration

Once you have configured routing on the router, and you have configured individual interfaces, your router should be capable of routing traffic. Give it a few moments to talk to its neighbors, then issue the commands show ip route and show ip arp. There should now be entries in these tables learned from the routing protocol.

If you turned the router off right now, and turned it on again, you would have to start configuration over again. Your running configuration is not saved to any perminent storage media. You can see this configuration with the command show running-config.

ExampleName#show running-config

You do want to save your successful running configuration. Issue the command copy running-config startup-config.

ExampleName#copy running-config startup-config

Your configuration is now saved to non-volatile RAM (NVRAM). Issue the command show startup-config.

ExampleName#show startup-config

Now any time you need to return your router to that configuration, issue the command copy startup-config running-config.

ExampleName#copy startup-config running-config

3.5 Example Cisco Router configuration1. Router>enable 2. Router#config 3. Router(config)#hostname N115-7206 4. N115-7206(config)#interface serial 1/1 5. N115-7206(config-if)ip address 192.168.155.2 255.255.255.0 6. N115-7206(config-if)no shutdown 7. N115-7206(config-if)ctrl-z 8. N115-7206#show interface serial 1/1 9. N115-7206#config 10. N115-7206(config)#interface ethernet 2/3 11. N115-7206(config-if)#ip address 192.168.150.90 255.255.255.0 12. N115-7206(config-if)#no shutdown 13. N115-7206(config-if)#ctrl-z 14. N115-7206#show interface ethernet 2/3 15. N115-7206#config 16. N115-7206(config)#router rip 17. N115-7206(config-router)#network 192.168.155.0 18. N115-7206(config-router)#network 192.168.150.0 19. N115-7206(config-router)#ctrl-z 20. N115-7206#show ip protocols 21. N115-7206#ping 192.168.150.1 22. N115-7206#config 23. N115-7206(config)#ip name-server 172.16.0.10 24. N115-7206(config)#ctrl-z 25. N115-7206#ping archie.au 26. N115-7206#config 27. N115-7206(config)#enable secret password 28. N115-7206(config)#ctrl-z 29. N115-7206#copy running-config startup-config 30. N115-7206#exit

4. Troubleshooting your Cisco router

Inevitably, there will be problems. Usually, it will come in the form of a user notifying you that they can not reach a certain destination, or any destinattion at all. You will need to be able to check how the router is attempting to route traffic, and you must be able to track down the point of failure.

You are already familiar with the show commands, both specific commands and how to learn what other show commands are available. Some of the most basic, most useful commands you will use for troubleshooting are:

ExampleName#show interfacesExampleName#show ip protocolsExampleName#show ip routeExampleName#show ip arp

4.1 Testing connectivity

It is very possible that the point of failure is not in your router configuration, or at your router at all. If you examine your router's configuration and operation and everything looks good, the problem might be be farther up the line. In fact, it may be the line itself, or it could be another router, which may or may not be under your administration.

One extremely useful and simple diagnostic tool is the ping command. Ping is an implementation of the IP Message Control Protocol (ICMP). Ping sends an ICMP echo request to a destination IP address. If the destination machine receives the request, it responds with an ICMP echo response. This is a very simple exchange that consists of:

Hello, are you alive?

Yes, I am.

ExampleName#ping xx.xx.xx.xx

If the ping test is successful, you know that the destination you are having difficulty reaching is alive and physically reachable.

If there are routers between your router and the destination you are having difficulty reaching, the problem might be at one of the other routers. Even if you ping a router and it responds, it might have other interfaces that are down, its routing table may be corrupted, or any number of other problems may exist.

To see where packets that leave your router for a particular destination go, and how far, use the trace command.

ExampleName#trace xx.xx.xx.xx

It may take a few minutes for this utility to finish, so give it some time. It will display a list of all the hops it makes on the way to the destination.

4.2 debug commands

There are several debug commands provided by the IOS. These commands are not covered here. Refer to the Cisco website for more information.

4.3 Hardware and physical connections

Do not overlook the possibility that the point of failure is a hardware or physical connection failure. Any number of things can go wrong, from board failures to cut cables to power failures. This document will not describew troubleshooting these problems, except for these simple things.

Check to see that the router is turned on. Also make sure that no cables are loose or damaged. Finally, make sure cables are plugged into the correct ports. Beyond this simple advice you will need to check other sources.

4.4 Out of your control

If the point of failure is farther up the line, the prolem might lie with equipment not under your administration. Your only option might be to contact the equipment's administrator, notify them of your problem, and ask them for help. It is in your interest to be courtious and respectful. The other administrator has their own problems, their own workload and their own priorities. Their agenda might even directly conflict with yours, such as their intention to change dynamic routing protocols, etc. You must work with them, even if the situation is frustrating. Alienating someone with the power to block important routes to your network is not a good idea.

5. References Leinwand, Pinsky and Culpepper Cisco Router Configuration. Indianapolis,

Indiana: Cisco Press, 1998. Cisco Systems, Inc., http://www.cisco.com

**************************************************************************************************************************************

Cisco Quick Tips

Josh Gentry, jgentry@swcp.comv.1.2, May 15, 2006

Quick tips for performing common tasks with Cisco networking equipment, brought to you by the author of the widely used, Cisco Router Configuration Tutorial.

Restarting or Rebooting

Restart immediately

To restart or reboot a Cisco immediately, in enable mode:

Router#reload

Restart or Reload in N Minutes

To restart or reboot a Cisco in a certain number of minutes, in enable mode:

Router#reload in 5

Extra Tip: This is useful when you are afraid that the configuration changes you are about to make might break something or lock you out of the router. You tell the router to reload in a certain number of minutes, then make your changes. If it turns out your changes are catastrophic and you can't log back into the router to fix them, the router will reload in a few minutes and go back to its previous configuration.

Cisco Routing

Add a Static Route on your Cisco routers

For example, in configuration mode:

Router(config)#ip route 192.168.1.0 255.255.255.240 192.168.1.254 1

Show route table of Cisco router

In enable mode:

Router#show ip route

Cisco ARP

Clear ARP Table of your Cisco router or switch

To clear the ARP table, in enable mode:

Router#clear arp

Show ARP table of a Cisco router or switch

To display the ARP table of a Cisco router, in enable mode:

Router#show arp

Cisco Load

Show Proccessor Load of your Cisco router or switch

Like any computer, a Cisco router can be limited by its processing power. To show the processor utilization, in enable mode:

Router#show proc cpu

At the beginning of the output, look for a line like this:

CPU utilization for five seconds: 37%/31%; one minute: 39%; five minutes: 40%

Cisco Memory

Show Used and Available Memory of your Cisco router or switch

Like any computer, a Cisco router can be limited by its available memory. To show the used and available memory, in enable mode:

Router#show proc mem

At the beginning of the output, look for a line like this:

Total: 200234528, Used: 70508188, Free: 129726340

Cisco Committed Access Rate (CAR) An example that limits an IP to 512K, with a nice, fat burst.

First create the access lists.

access-list 100 permit ip any host 192.168.100.100access-list 100 permit ip host 192.168.100.100 any

Then apply rate limiting rules to the appropriate interface:

rate-limit input access-group 100 512000 1024000 2048000 conform-action transmit exceed-action droprate-limit output access-group 100 512000 1024000 2048000 conform-action transmit exceed-action drop

Extra Tip: If, in a rate-limit rule, you reference an access list that does not exist, the rule will match all traffic. Usually not good.

Study for CCNA

A good introduction to Cisco router configuration:

Cisco Router Configuration Tutorial

How To Set Up a Network Router

This guide explains how to set up a router for home computer networks. The exact names of configuration settings on a network router vary depending on the model and whether it is wired or wireless. However, this general procedure will guide you through the process for the common kinds of home network equipment.

1. Choose a convenient location to begin installing your router such as an open floor space or table. This does not need to be the permanent location of the device. Particularly for wireless routers, you may find it necessary to re-position the unit after installing it as the cables / signals may not reach all areas needed. At the beginning, its better to choose a location where it's easiest to work with the router and worry about final placement later.

2. Plug in the router's electrical power source, then turn on the router by pushing the power button.

3. (Optional) Connect your Internet modem to the router. Most network modems connect via an Ethernet cable but USB connections are becoming increasingly common. The cable plugs into the router jack named "WAN" or "uplink" or "Internet." After connecting the cable, be sure to power cycle (turn off and turn back on) the modem to ensure the router recognizes it.

4. Connect one computer to the router. Even if the router is a wireless model, connect this first computer to the router via a network cable. Using a cable during router installation ensures the maximum reliability of the equipment. Once a wireless router installation is complete, the computer can be changed over to a wireless connection if desired.

5. Open the router's administration tool. From the computer connected to the router, first open your Web browser. Then enter the router's address for network administration in the Web address field and hit return to reach the router's home page.

Many routers are reached by either the Web address "http://192.168.1.1" or "http://192.168.0.1" Consult your router's documentation to determine the exact address for your model. Note that you do not need a working Internet connection for this step.

6. Log in to the router. The router's home page will ask you for a username and password. Both are provided in the router's documentation. You should change the router's password for security reasons, but do this after the installation is complete to avoid unnecessary complications during the basic setup.

7. If you want your router to connect to the Internet, you must enter Internet connection information into that section of the router's configuration (exact location varies). If using DSL Internet, you may need to enter the PPPoE username and password. Likewise, if you have been issued a static IP address by your provider (you would need to have requested it), the static IP fields (including network mask and gateway) given to you by the provider must also must be set in the router.

8. If you were using a primary computer or an older network router to connect to the Internet, your provider may require you to update the MAC address of the router with the MAC address of the device you were using previously. Read How to Change a MAC Address for a detailed description of this process.

9. If this is a wireless router, change the network name (often called SSID). While the router comes to you with a network name set at the factory, you will never

want to use this name on your network. Read How to Change the Router SSID for detailed instructions.

10. Verify the network connection is working between your one computer and the router. To do this, you must confirmed that the computer has received IP address information from the router. See How to Find IP Addresses for a description of this process.

11. (If applicable) Verify your one computer can connect to the Internet properly. Open your Web browser and visit a few Internet sites such as http://compnetworking.about.com/.

12. Connect additional computers to the router as needed. If connecting wirelessly, ensure the network name (SSID) of each is computer matches that of the router.

13. Finally, configure additional network security features as desired to guard your systems against Internet attackers. These WiFi Home Network Security Tips offer a good checklist to follow.

Tips:

1. When connecting devices with network cables, be sure each end of the cable connects tightly. Loose cables are one of the most common sources of network setup problems.

What You Need:

A network router (wireless or wired)

Network adapters installed on all devices to be connected to the router A working Internet modem (optional) A Web browser installed at least one computer in the network

************************************************************************************************************************************************

1. What is an IP Address? An IP address is made of 4 Octets, or 32 bits. It is usually represented in dotted decimal format like this: 131.107.2.205. Each number represents an octet. An octet is a group of 8 bits. Since we have 4 octets in an IP Address, there are 8*4=32 bits in an IP Address. Computers do not understand dotted decimal notation, as they only function in binary. All computers understand is 1 and 0. Therefore, we must find a way to transfer an IP Address from dotted decimal format to binary. We do this octet by octet. Each bit in an octet has an associated decimal value: Bit 1 2 3 4 5 6 7 8 Bit value 128 64 32 16 8 4 2 1 So you can follow, here is a decimal to binary calculator. However, I advise you to do the math at first to better understand the concepts... Insert Number: Let’s take an example. I have an IP address of 131.107.2.4. What is that in Binary? Let’s do this octet by octet: 131: Bit Value 128 64 32 16 8 4 2 1

Binary 1 0 0 0 0 0 1 1 Column with a “1” in binary mean that we count the corresponding bit value. If you add up all the bit values marked with a one, you get 128+2+1=131. 107: Bit Value 128 64 32 16 8 4 2 1 Binary 0 1 1 0 1 0 1 1 Column with a “1” in binary mean that we count the corresponding bit value. If you add up all the bit values marked with a one, you get 64+32+8+2+1=107 2: Bit Value 128 64 32 16 8 4 2 1 Binary 0 0 0 0 0 0 1 0 Column with a “1” in binary mean that we count the corresponding bit value. If you add up all the bit values marked with a one, you get 2 4: Bit Value 128 64 32 16 8 4 2 1 Binary 0 0 0 0 0 1 0 0 Column with a “1” in binary mean that we count the corresponding bit value. If you add up all the bit values marked with a one, you get 4 Now we know that another way of writing our example IP address of 131.107.2.4 is: 10000011.01101011.00000010.00000100 IP Addresses are made of two distinct parts: the Network ID and the Host ID. When you try to ping an IP address, IP at Layer 3 needs to determine whether the target IP address is local or remote to your subnet. To explain this, I like to ask my students the following question: “Let’s say I live on Maple Tree Lane. You say that you also live on Maple Tree Lane. Are we neighbors? Well, we may be, or we may not be. We do not have enough information to answer that question. Specifically, we do not know if we live in the same town. If we do live in the same town, and our street addresses are similar, then we are neighbors. If we do not live in the same town, it does not matter whether our street addresses are similar or not: we are not neighbors.” The same applies to IP addressing. Before I can find out what your Host ID is – i.e. your street address – I have to worry about what your Network ID is – i.e. your town. So how does IP know what the Host ID and Network IDs are? That is the role of the Subnet Mask. Please note that neither the network ID, the host ID nor the subnet bit can be all 0s or all ones. More to come about this later… 2. What is a Subnet Mask? A Subnet Mask is used to enable IP at Layer 3 to find out whether the target IP address you are trying to contact is local or remote to your network. That is all it does. It helps you determine which part of an IP Address is the Network ID, and which is the Host ID. So how does it do that? We have all seen a Subnet Mask before. It usually looks something like this: 255.255.255.0 This subnet mask is obviously displayed in dotted decimal format. As we already know, however, computers do not understand this format. They only understand binary. So let’s apply what we know about binary to our subnet mask: 255 Bit Value 128 64 32 16 8 4 2 1 Binary 1 1 1 1 1 1 1 1 Column with a “1” in binary mean that we count the corresponding bit value. If you add up all the bit values marked with a one, you get 128+64+32+16+8+4+2+1=255 So, 255 is “all ones”, as you may have heard before. 0: Bit Value 128 64 32 16 8 4 2 1

Binary 0 0 0 0 0 0 0 0 Column with a “1” in binary mean that we count the corresponding bit value. If you add up all the bit values marked with a one, you get 0. So, 0 is “all zeros”, as you may have heard before. In other words, our 255.255.255.0 subnet masks in binary looks like this: 11111111.11111111.11111111.00000000 Note that a subnet mask is also a 32 bit, 4 octet entity that matches the structure of our IP addresses… If I were to superimpose the IP address and subnet mask we have translated so far, I would get this: 131.107.2.4 10000011. 01101011. 00000010. 00000100 255.255.255.0 11111111. 11111111. 11111111. 00000000 I highlighted the Network bits in Red, and the Host bits in Blue. Notice anything? All the network bits are the bits that had a value of “1” in the subnet mask, and all the host bits are the bits that had a value of “0” in the subnet mask. Easy, isn’t it? In our example, the Network ID is 131.107.2, and the host ID is 4. If I change the subnet mask to 255.255.0.0, what happens? Well, let’s apply the same logic: 131.107.2.4 10000011. 01101011. 00000010 00000100 255.255.0.0 11111111. 11111111. 00000000 00000000 What happens now? My network ID is now 131.107 and my host ID is 2.4! That is why an IP address on its own cannot exist! That is why a host on a network needs at least an IP address AND a subnet mask! Let’s say that I tell you that I have 2 IP addresses: 131.107.2.4 and 131.107.5.6 Are they local to each other, or remote? You cannot answer that question, because it is incomplete! I need to give you the subnet mask as well! Let’s see why… Let’s say that the subnet mask is 255.255.255.0. Then we have: 131.107.2.4 10000011. 01101011. 00000010. 00000100 131.107.5.6 10000011. 01101011. 00000101. 00000110 255.255.255.0 11111111. 11111111. 11111111. 00000000 Do the Network IDs match? No! Look at the third octect: 0 0 0 0 0 0 1 0 0 0 0 0 0 1 0 1 If the network IDs do not match, then the two IP addresses are remote from each other. They are on different subnets, and you will need a router to go from one to the other. Let’s take the same example with a different subnet mask of 255.255.0.0: 131.107.2.4 10000011. 01101011. 00000010. 00000100 131.107.5.6 10000011. 01101011. 00000101. 00000110 255.255.0.0 11111111. 11111111. 00000000. 00000000 Do the Network IDs match now? Yes! If the network IDs match, then the two IP addresses will be on the same network. You do not need a router to go from one to the other in this scenario. Let’s sum this up: we have seen how only having an IP address is not sufficient, and how the same two IP addresses can be either remote or local to each other depending on which subnet mask you are using. This is at the basis of IP troubleshooting. 3. What are IP classes? You may have heard of the different classes for IP addresses, namely, class A, B and C. How does that work? Let’s look at the following table: Class A 1-127* 0xxxxxxx. Class B 128-191 10xxxxxx. Class C 192-223 110xxxxx. *127 is part of the class A range, but you cannot assign any 127.x.x.x IP addresses to

hosts as the entire range is reserved by InterNIC for the loop back address… What does this mean? When talking about a Class of IP addresses, you only look at the first octet to determine what class this IP address belongs to. For class A, InterNIC decided that the 1st octet would start with a bit value of 0. Therefore, the lowest binary of the 1st octet is 0000001, and the highest is 01111111 (in decimal, that would be from 1 to 127) For class B, InterNIC decided that the 1st octet would start with a bit value of 10. Therefore, the lowest binary of the 1st octet is 1000000, and the highest is 10111111 (in decimal, that would be from 128 to 191) For class C, InterNIC decided that the 1st octet would start with a bit value of 110. Therefore, the lowest binary of the 1st octet is 1100000, and the highest is 11011111 (in decimal, that would be from 192 to 223) There are other classes, D and E, but they are not used right now and are illegal on the Internet. Also, note that you can use any subnet mask classes with any IP address classes. Subnet mask classes are as follows: Class A 255.0.0.0 Class B 255.255.0.0 Class C 255.255.255.0 In other words, it is totally possible to have a Class B IP address and a class C subnet mask… hang on… isn’t that what we have been taking as an example all along? Remember our 131.107.2.4 w/ a subnet mask of 255.255.255.0? 4. What is subnetting? Subnetting is the action of taking an IP range where all IP addresses are local to each other and dividing it into different ranges – or subnets – where IP addresses from one range will be remote from any other IP addresses from any other range. If you want to find out how many hosts you have in an IP range, first you need to determine how many host bits there are. Let’s take our previous example of 131.107.2.4 and 255.255.255.0. We already established previously that the Network ID was 131.107.2 and the Host ID was 4. In other words, we have 3 octets for the Network ID and one octet – or 8 bits – for the Host ID. Now that you have determined the amount of host bits you had, apply that number to the following formula: (2^N)-2)=number of hosts, where N is your number of host bits That gives us: ((2^8)-2)=254 hosts. That means that in our example, we have the 131.107.2.x network, which contains 254 possible IP addresses, all local to each other. What if I chose a class A subnet mask? I would then have: (2^24)-2)=16,777,214 valid IP addresses in that range! What if I do not need that many – heck, who does J -- and decided to divide that range in to several other, more manageable ranges? Well, I need to subnet. Note: we have to subtract 2 because we lose the all ones and all zeroes values. If I only had 2 bits to play with, in binary, I would have 2^2=4 possibilities: 00 01 10 11 However, all zeros in IP means the whole network, and all ones is the broadcast ID, neither one being valid IP addresses that can be assigned to a host. That is why we always lose 2 and have to subtract two from (2^N)… Let’s look at the following table: Bit Value 128 64 32 16 8 4 2 1 Subnet Mask 192 224 240 248 252 254 255 Number of Subnets 2 6 14 30 62 126 254 This table is the only table you need to learn to understand IP subnetting and IP addressing! Three little lines!

Let’s look at it line by line. The first line we are already acquainted with, so I will not spend more time on it. The second line tells you what your subnet mask will be. How do we get those results? If you look at the bit value line, and add up the bit values, you will see that: 128+64=192 192+32=224 224+16=240 240+8=248 248+4=252 252+2=254 254+1=255 Easy? J Now to the third line. This one tells you how many subnets will get if you use the corresponding subnet mask. In other words: if you use the 192 in your subnet mask, you will get 2 subnets. If you use 224, you will get 6 subnets, etc… So how did I get those numbers? Well, let’s take 192 as an example. How many bits did I use to get 192? Well, I added 128 and 64, so that would be two bits, right? Let’s look at our well-known formula: ((2^2)-2)= 2 That is where the values in the third line come from. Want to check another one? Let’s look at 248. How many bits did I use to get to 248? 128+64+32+16+8=248, or a total of 5 bits. ((2^5)-2)=30 So now, we know how to build that table, and we understand how it is built. We are almost done with subnetting! Let’s say my boss shows up one morning and says: “Dave, I have an IP range of 131.107.0.0 and a subnet mask of 255.255.0.0. I want 6 subnets out of this.” What do I do now? I look at my chart, and I see that to get 6 subnets, I need a subnet mask of 224. I already have an existing subnet of 255.255.0.0, which in binary looks like this: 11111111.11111111.00000000.00000000 I cannot “borrow” any more bits from the first 2 octets, as they are already network bits – represented by a binary value of 1. So the only I can add this “224” to my subnet mask is to borrow from the host ID. I take the next available octec – the third in our example – and end up with a subnet mask of 255.255.224.0, which looks like this in binary: 11111111.11111111.11100000.00000000 Note that we “borrowed” 3 host bits – binary value of 0 -- in the third octet and made them network bits – binary value of 1. Note as well that 3 bits is what I need to make 224: 128+64+32=224. Now that I have a subnet mask, I can tell that I have 13 host bits, meaning that I will have ((2^13)-2)=8190 valid IP addresses per range J So I can go back to my boss and say “Boss, your new subnet mask for the 131.107.x.x network will be 255.255.224.0, and you will have 6 subnets with 8190 IP addresses in each range.” What’s my boss’ next question? “Dave, what are those ranges?” Oh yeah… maybe I forgot that part J 5. Calculating IP ranges in subnetted environments Bit Value 128 64 32 16 8 4 2 1 Subnet Mask 192 224 240 248 252 254 255 Number of Subnets 2 6 14 30 62 126 254 Here is our little subnetting chart again. In this section, we will learn how to derive the actual IP ranges from the network address and subnet mask. In our example, we had: Original IP range: 131.107.x.x Original Subnet Mask: 255.255.0.0 Subnetted subnet mask: 255.255.224.0

Amount of subnets: 6 The first valid range will be 131.107.32.1 to 131.107.63.254. How did I get there? I used the above chart. Once I determined that 224 was my subnet bit, I asked myself: what is the lowest bit value needed to make 224?” The answer is: 32 (128+64+32=224, and 32 is the lowest of all 3 bit values.) If you look at the chart, you can see this: Bit value 32 Subnet Mask 224 Number of subnets 6 Visually, it is easy to see that to have 6 subnets, I will use 224 as a subnet bit and will start my first range at 32. I will then increment each range by that same value of 32. I love this chart! My 6 ranges will be: 131.107.32.1 to 131.107.63.254 131.107.64.1 to 131.107.95.254 131.107.96.1 to 131.107.127.254 131.107.128.1 to 131.107.159.254 131.107.160.1 to 131.107.191.254 131.107.192.1 to 131.107.223.254 As you can see, to get the next range, I simply incremented my original value by the same value (look at the numbers in RED) I started at 32, then incremented 5 times by that same value of 32. If you look at the values in BLUE you will see that they always are the next red value minus 1. For example, if I look at the first range x.x.32.1 to x.x.63.254, I looked at the next line’s red value, here 64, and subtracted 1 to get to 63. That is all there is to it! By the way, note that my last octet on the start of range is always 1 – it cannot be 0, or else my host ID would be all 0s – and that the last octet is always 254 in the last IP of each range – it cannot be 255, or else it would be all 1s, which we know is the broadcast address, and is therefore not available for hosts to have. In this example, we subnetted a Class B network into 6 subnets. Note that it is somewhat different if you subnet a Class A and a Class C. Let’s do a Class A example.

Original IP range: 10.x.x.x Original Subnet mask: 255.0.0.0 Amount of subnets needed: 14 To get 14 subnets I need a subnet bit of 240, therefore my new subnet mask becomes 255.240.0.0. Note that my subnet bit is now the second octet, not the third as in the previous example. This will have its importance when we create our ranges. What is the smallest bit value needed to make 240? 16. Therefore I will start my ranges at 16 and will increment by that same value of 16. My ranges are: 10.16.0.1 to 10.31.255.254 10.128.0.1 to 10.143.255.254 10.32.0.1 to 10.47.255.254 10.144.0.1 to 10.159.255.254 10.48.0.1 to 10.63.255.254 10.160.0.1 to 10.175.255.254 10.64.0.1 to 10.79.255.254 10.176.0.1 to 10.191.255.254 10.80.0.1 to 10.95.255.254 10.192.0.1 to 10.207.255.254 10.96.0.1 to 10.111.255.254 10.208.0.1 to 10.223.255.254 10.112.0.1 to 10.127.255.254 10.224.0.1 to 10.239.255.254 Now let's do this with a class C. Remember, class C is the hardest, so follow this carefully! Original IP range: 192.168.2.x Original Subnet mask: 255.255.255.0 Amount of subnets needed: 6 To get 6 subnets I need a subnet bit of 224, therefore my new subnet mask becomes 255.255.255.224. Note that my subnet bit is now the 4th octet, not the third or

second as in the previous examples. This will have its importance when we create our ranges. What is the smallest bit value needed to make 224? 32. Therefore I will start my ranges at 32 and will increment by that same value of 32. (Are you getting the hang of it by now?) My ranges are: 192.168.2.33 to 192.168.2.62 192.168.2.129 to 192.168.2.158 192.168.2.65 to 192.168.2.94 192.168.2.161 to 192.168.2.190 192.168.2.97 to 192.168.2.126 192.168.2.193 to 192.168.2.222 But, you say, I thought I was starting at 32?!? My first range is starting at 33! Well, remember the other examples? We always started at .1, didn't we? Except that here, because we are already subnetting at the fourth octet, we don't have room for a fifth to add the .1, so we have to incorporate it in the last octet. So why can we not use 192.168.2.32 w/ a subnet mask of 255.255.255.224? Let's see why: 192.168.2.32 11000000. 10101000. 00000010. 00100000 255.255.255.224 11111111. 11111111. 11111111. 11100000 Looking at it in binary, it is obvious that the Host ID is all zeroes, which we know is not possible... That is it. If you know and understand this, you can subnet! Enjoy practicing...