Upload
ahmed-nadim-jilani
View
131
Download
1
Tags:
Embed Size (px)
DESCRIPTION
CCNA
Citation preview
1
2
Cisco IOS File System and Devices
3
Managing Cisco IOS Images
4
wg_ro_a#show flash
System flash directory:File Length Name/status 1 10084696 c2500-js-l_120-3.bin
[10084760 bytes used, 6692456 available, 16777216 total]16384K bytes of processor board System flash (Read ONLY)
Verifying Memory Image Filenames
5
Creating a Software Image Backup
6
Upgrading the Image from the Network
7
LAB
Install TFTP server on a virtual machineConnect the machine to a RouterTo see the content of Flash file#show FlashTo copy flash
#Copy flash tftp supply IP address of TFTP Server and file name
To copy running-configuration#copy running-config tftpsupply IP address of TFTP Server and file name
8
Resolving Host Names
To use a hostname rather than an IP address to connect to a remote device
Two ways to resolve hostnames to IP addresses– building a host table on each router– building a Domain Name System (DNS)
server
9
Resolving Host Names
Building a host table
ip host host_name ip_addressR1(config)#ip host com1 10.0.0.1
R1(config)#ip host com2 10.0.0.2
To view tableR1#show hosts
To verify that the host table resolves names, try ping hostnames at a router prompt.
10
Password Recovery
Normal Boot SequencePOSTBootstrapIOSStartupRunning
This setup is decided by configuration register value
11
Configuration Register
1415 13 12 1011 9 8 67 5 4 23 1 0
Default 00 1 0 00 0 1 00 0 0 00 1 0 2102
48 2 1 48 2 1 48 2 1 48 2 1
Bit
Decimal
This means that bits 13, 8, and 1 are on.To ignore NVRAM the 6th bit should be made ONWhen the 6th bit is turned on the value will be 2142
12
Password Recovery
Show version will give configuration register value
Password is stored in NVRAMTo by pass NVRAM during boot sequence
we need to change the configuration register value
To change the CR values press Ctr+Break and go to ROM monitor mode
13
Password Recovery
Router 2500 o/r 0x2142 iRouter 2600 confreg 0x2142>reset
14
15
WAN vs LAN
Distance between WAN and LANWAN speed is lessWAN is leased from Service provider
16
Remote Access Overview
A WAN is a data communications network covering a relatively broad geographical area.
A network administrator designing a remote network must weight issues concerning users needs such as bandwidth and cost of the variable available technologies.
17
WAN Overview
Service Provider
WANs connect sites Connection requirements vary depending on user
requirements and cost
18
WAN technology/terminology
Devices on the subscriber premises are called customer premises equipment (CPE).
The subscriber owns the CPE or leases the CPE from the service provider. A copper or fiber cable connects the CPE to the service provider’s nearest exchange or
central office (CO). A central office (CO) is sometimes referred to as a point of presence (POP)
This cabling is often called the local loop, or "last-mile".
CPE (Customer Premises Equipment) are equipments located at the customer’s site, they are owned, operated and managed by the customer.
19
WAN technology/terminology
A demarcation point is where customer premises equipment (CPE) ends, and local loop begins.
The local loop is the cabling from demarcation point to Central Office (CO).
20
WAN technology/terminology
Devices that put data on the local loop are called data communications equipment (DCE).
The customer devices that pass the data to the DCE are called data terminal equipment (DTE).
The DCE primarily provides an interface for the DTE into the communication link on the WAN cloud.
The DTE/DCE interface uses various physical layer protocols, such as V.35.
These protocols establish the codes and electrical parameters the devices use to communicate with each other.
21
WAN Devices
Modems transmit data over voice-grade telephone lines by modulating and demodulating the signal.
The digital signals are superimposed on an analog voice signal that is modulated for transmission.
The modulated signal can be heard as a series of whistles by turning on the internal modem speaker.
At the receiving end the analog signals are returned to their digital form, or demodulated
22
WANs - Data Link Encapsulation
The data link layer protocols define how data is encapsulated for transmission to remote sites, and the mechanisms for transferring the resulting frames.
A variety of different technologies are used, such as ISDN, Frame Relay or Asynchronous Transfer Mode (ATM).
These protocols use the same basic framing mechanism, high-level data link control (HDLC)
23
WAN Technologies Overview
Covers a relative broad area
Use transmission facilities leased from service provider
Carries different traffic (voice, video and data)
Dedicated• T1, E1, T3,
E3• DSL• SONET
Analog• Dial-up
modems• Cable
modems• Wireless
Switched
Circuit Switched• POTS• ISDN
Packet Switched• X.25• Frame Relay•ATM
24
Dedicated Digital Services
Dedicated Digital Services provide full-time connectivity through a point-to-point link
T series in U.S. and E series in EuropeUses time division multiplexing and
assign time slots for transmissions– T1 = 1.544 Mbps E1 = 2.048 Mbps– T3 = 44.736 Mbps E3 = 34.368 Mbps
25
Digital Subscriber Lines
Digital Subscriber Line (DSL) technology is a broadband technology that uses existing twisted-pair telephone lines to transport high-bandwidth data to service subscribers.
The two basic types of DSL technologies are asymmetric (ADSL) and symmetric (SDSL).
All forms of DSL service are categorized as ADSL or SDSL and there are several varieties of each type.
Asymmetric service provides higher download or downstream bandwidth to the user than upload bandwidth.
Symmetric service provides the same capacity in both directions.
26
Analog Services
• Dial-up Modems (switched analog)• Standard that can provides 56 kbps download speed and
33.6 kbps upload speed.• With the download path, there is a digital-to-analogue
conversion at the client side.• With the upload path, there is a analogue-to-digital
conversion at the client side.
27
Cable Modems (Shared Analog)
Cable TV provides residential premises with a coaxial cable that has a bandwidth of 750MHz
The bandwidth is divided into 6 MHz band using FDM for each TV channel A "Cable Modem" is a device that allows high-speed data access (Internet)
via cable TV network. A cable modem will typically have two connections because a splitter
delivers the TV bands to TV set and the internet access bands to PC via a cable box
The splitter delivers the TV bands to TV set and the internet access bands
to PC via a cable box
28
Wireless
TerrestrialBandwidths typically in the 11 Mbps range Cost is relatively lowLine-of-sight is usually requiredUsage is moderate
SatelliteCan serve mobile users and remote usersUsage is widespreadCost is very high
29
Circuit Switched Services
Integrated Services Digital Network (ISDN) Historically important--first dial-up digital service Max. bandwidth = 128 kbps for BRI (Basic Rate
Interface) 2 B channels @ 64kps and 1 D channel @ 16kps B channels are voice/data channels; D for signaling
B
BD
30
Integrated Services Digital Network
32
WAN Connection Types
Leased linesIt is a pre-established WAN communications
path from the CPE, through the DCE switch, to the CPE of the remote site, allowing DTE networks to communicate at any time with no setup procedures before transmitting data.
Circuit switchingSets up line like a phone call. No data can
transfer before the end-to-end connection is established.
33
WAN Connection Types
• Packet switchingWAN switching method that allows you to
share bandwidth with other companies to save money. As long as you are not constantly transmitting data and are instead using bursty data transfers, packet switching can save you a lot of money.
However, if you have constant data transfers, then you will need to get a leased line.
Frame Relay and X.25 are packet switching technologies.
34
Defining WAN Encapsulation Protocols
Each WAN connection uses an encapsulation protocol to encapsulate traffic while it crossing the WAN link.
The choice of the encapsulation protocol depends on the underlying WAN technology and the communicating equipment.
35
Defining WAN Encapsulation Protocols
Typical WAN encapsulation types include the following:
Point-to-Point Protocol (PPP)Serial Line Internet Protocol (SLIP)High-Level Data Link Control Protocol (HDLC)X.25 / Link Access Procedure Balanced (LAPB)Frame RelayAsynchronous Transfer Mode (ATM)
36
Determining the WAN Type to Use
AvailabilityEach type of service may be available in
certain geographical areas. Bandwidth
Determining usage over the WAN is important to evaluate the most cost-effective WAN service.
CostMaking a compromise between the traffic you
need to transfer and the type of service with the available cost that will suit you.
37
Max. WAN Speeds for WAN Connections
WAN TypeMaximum Speed
Asynchronous Dial-Up 56-64 Kbps
X.25, ISDN – BRI 128 Kbps
ISDN – PRI E1 / T1
Leased Line / Frame Relay E3/T3
38
Leased Line
Circuit-switched
PPP, SLIP, HDLC
HDLC, PPP, SLIP
Packet-switched
X.25, Frame Relay, ATM
Typical WAN Encapsulation Protocols: Layer 2
Telephone
Company
Service
Provider
39
WAN Protocols
• Point to Point - HDLC, PPP• Multipoint - Frame Relay, X.25 and ATM
E0 S0 S0
WAN
LANNetwork
Datalink
Physical
• HDLC – Proprietary – cisco device default
• PPP - Open
41
HDLC Command
Router(config-if)#encapsulation hdlc
• Enable hdlc encapsulation• HDLC is the default encapsulation on
synchronous serial interfaces
42
PPP Encapsulation
PPP is open standardHDLC is only for encapsulationPPP provides encapsulation and authenticationPPP is made up of LCP and NCPLCP is for link control and NCP for multiple protocol support
and call back
Link setup and control using LCP in PPP
An Overview of PPP
43
Feature How It Operates Protocol
Authentication PAP
CHAPPerform Challenge Handshake
Require a password
CompressionCompress data at source; reproduce data at destination
Error Detection
Avoid frame looping
Monitor data dropped on link
Multilink Load balancing across multiple links
Multilink Protocol (MP)
PPP LCP Configuration Options
44
PPP Authentication Overview
Two PPP authentication protocols: PAP and CHAP
PPP Session Establishment1 Link Establishment Phase2 Optional Authentication Phase3 Network-Layer Protocol Phase
Dialup or Circuit-Switched
Network
45
• Passwords sent in clear text
Selecting a PPP Authentication Protocol
Remote Router(SantaCruz)
Central-Site Router (HQ)
Hostname: santacruzPassword: boardwalk
username santacruzpassword boardwalk
PAP 2-Way Handshake
“santacruz, boardwalk”“santacruz, boardwalk”
Accept/RejectAccept/Reject
46
Selecting a PPP Authentication Protocol
(cont.)Remote Router
(SantaCruz)Central-Site Router
(HQ)
Hostname: santacruzPassword: boardwalk
username santacruzpassword boardwalk
CHAP3-Way Handshake
ChallengeChallenge
ResponseResponse
Accept/RejectAccept/Reject
•Use “secret” known only to authenticator and peer
47
Configuring PPP and Authentication Overview
ServiceProvider
Verify who you are.
Router to Be Authenticated(The router that initiated the call.)
ppp encapsulation
hostname username / password ppp authentication
Authenticating Router(The router that received the call.)
ppp encapsulation
hostname username / password ppp authentication
Enabling PPP
Enabling PPP Authentication
Enabling PPP
Enabling PPP Authentication
48
Configuring PPP
Router(config-if)#encapsulation ppp
• Enable PPP encapsulation
49
Configuring PPP Authentication
Router(config)#hostname name
• Assigns a host name to your router
Router(config)#username name password password
• Identifies the username and password of authenticating router
50
Configuring PPP Authentication
(cont.)
Router(config-if)#ppp authentication{chap | chap pap | pap chap | pap}
• Enables PAP and/or CHAP authentication
51
Configuring CHAP Example
• hostname R1• username R2 password cisco• !• int serial 0• ip address 10.0.1.1 255.255.255.0• encapsulation ppp• ppp authentication CHAP
• hostname R1• username R2 password cisco• !• int serial 0• ip address 10.0.1.1 255.255.255.0• encapsulation ppp• ppp authentication CHAP
hostname R2username R1 password cisco!int serial 0 ip address 10.0.1.2 255.255.255.0 encapsulation ppp ppp authentication CHAP
hostname R2username R1 password cisco!int serial 0 ip address 10.0.1.2 255.255.255.0 encapsulation ppp ppp authentication CHAP
R1 R2PSTN/ISDN
52
Verifying HDLC and PPP Encapsulation Configuration
Router#show interface s0Serial0 is up, line protocol is up Hardware is HD64570 Internet address is 10.140.1.2/24 MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 255/255, load 1/255 Encapsulation PPP, loopback not set, keepalive set (10 sec) LCP Open Open: IPCP, CDPCP Last input 00:00:05, output 00:00:05, output hang never Last clearing of "show interface" counters never Queueing strategy: fifo Output queue 0/40, 0 drops; input queue 0/75, 0 drops 5 minute input rate 0 bits/sec, 0 packets/sec 5 minute output rate 0 bits/sec, 0 packets/sec 38021 packets input, 5656110 bytes, 0 no buffer Received 23488 broadcasts, 0 runts, 0 giants, 0 throttles 0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort 38097 packets output, 2135697 bytes, 0 underruns 0 output errors, 0 collisions, 6045 interface resets 0 output buffer failures, 0 output buffers swapped out 482 carrier transitions DCD=up DSR=up DTR=up RTS=up CTS=up
53
Verifying PPP Authentication with the debug ppp authentication
Command
•4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up•4d20h: Se0 PPP: Treating connection as a dedicated line•4d20h: Se0 PPP: Phase is AUTHENTICATING, by both•4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from ”left"•4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from ”right"•4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from ”left"•4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from ”right"•4d20h: Se0 CHAP: O SUCCESS id 2 len 4•4d20h: Se0 CHAP: I SUCCESS id 3 len 4•4d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up
•4d20h: %LINK-3-UPDOWN: Interface Serial0, changed state to up•4d20h: Se0 PPP: Treating connection as a dedicated line•4d20h: Se0 PPP: Phase is AUTHENTICATING, by both•4d20h: Se0 CHAP: O CHALLENGE id 2 len 28 from ”left"•4d20h: Se0 CHAP: I CHALLENGE id 3 len 28 from ”right"•4d20h: Se0 CHAP: O RESPONSE id 3 len 28 from ”left"•4d20h: Se0 CHAP: I RESPONSE id 2 len 28 from ”right"•4d20h: Se0 CHAP: O SUCCESS id 2 len 4•4d20h: Se0 CHAP: I SUCCESS id 3 len 4•4d20h: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0, changed state to up
debug ppp authentication successful CHAP output
R1 R2Service Provider
debug ppp authentication
54
What is ISDN?
Providernetwork
Digital PBX
Small office
Home office
Voice, data, video
Telecommuter
Central site
55
Why ISDN?
ISDN - Integrated Services Digital Network
Telephone services -> Telecommunication services
Used for voice, data and video
56
� BRI and PRI are used globally for ISDN
Channel Mostly Used for
B Circuit-switched data (HDLC, PPP)
Capacity
64 kbps
D 2B
ISDN Access Options
Signaling informationD 16/64 kbps
23 or 30B
BRI
PRI
D
58
Interfaces and Devices
TE1
TE2 TA
NT12W4W
ISDN ReadyBRI Port
Analog devices:phone, Serial port
After connecting to TA it becomes TE1
S/T interface
U interface
ISDN Switch
59
Interfaces and Devices
Function Group – A set of functions implemented by a device or softwareReference Point – The interface between two function group
60
Reference Points
61
LAB-ISDN
E0
192.168.0.2 192.168.1.2
R2ISDN Switch
BRI
192.168.1.1
R1
E0BRI
192.168.0.110.0.0.1 10.0.0.2
Router(config)#hostname R1R1(config)#username R2 password ciscoR1(config-if)#int bri 0 R1(config-if)# ip address 10.0.0.1 255.0.0.0R1(config-if)#enacapsulation pppR1(config-if)#PPP authentication CHAPR1(config-if)#no shutStatic Routes or default routeR1(config)#ip route 0.0.0.0 0.0.0.0 10.0.0.2R1(config)#isdn switch-type basic-net3
Access ListR1(config)#dialer-list 1 protocol ip permitR1(config)#int bri 0R1(config-if)# dialer–group 1 R1(config-if)#dialer map ip 10.0.0.2 name R2 20R1(config-if)#no shutR1(config-if)#dialer idle-timeout 100
62
ISDN DDR configuration Commands
Command Description
iproute Global command that configure static route or default route
username name name password secret
Global command that configure CHAP username and password
access-list Global command that creates ACL’s to define a subset of traffic as interesting
dialer-list 1 protocol IP Global command that creates a dialer list that makes all IP traffic interesting or reference to ACL for subset
dialer–group 1 Interface subcommand that references dialer list to define what is interesting
dialer idle-timeout 100 Interface subcommand that settles idle time out values
dialer string number Interface subcommand that define dial numbers
int bri 0 Global command that selects BRI interface
63
Packet Switched Services
X.25 (Connection-oriented) Reliable--X.25 has been extensively debugged and is now very stable--
literally no errors in modern X.25 networks Store & Forward--Since X.25 stores the whole frame to error check it
before forwarding it on to the destination, it has an inherent delay (unlike Frame Relay) and requires large, expensive memory buffering capabilities.
Frame Relay (Connectionless) More efficient and much faster than X.25 Used mostly to forward LAN IP packets
64
Frame Relay Basics
• FR is WAN layer2 protocol• FR developed in 1984, its a faster
packet switching technology• In 1990 FR consortium was
developed and extension added
65
Terminology
Frame Relay Network
R2R1
End Device Interface DeviceEncapsulate Data
FR Network
DCE – Dedicated FR Switches, can be one or multiple
Access Line Trunk Line
Virtual Circuit – an end to end connection between interface device - PVC or SVC Data Link connection Identifiers (DLCI) number is the identification for VC, 16-1007 Committed Information Rate or CIR - agreed-upon bandwidth Frame Relay there are two encapsulation types: Cisco and IETF Local Management Interface (LMI) is a signaling standard used between your router
and the first Frame Relay switch i - Cisco, ANSI, and Q.933A.
67
LAB - Frame Relay
192.168.1.2/24 192.168.2.2/24
R2FR Switch
S0
192.168.2.1/24
R1
E0S0
192.168.1.1/24192.168.3.9/29
E0100 200
192.168.3.10/29
DCE DCE
Frame Relay SwitchRouter#config tRouter(config)#hostname FRSwitchFRSwitch(config)# frame-relay switchingFRSwitch(config)# int s 1/0FRSwitch(config-if)#enacapsulation frame-relayFRSwitch(config-if)# frame-relay intf-type DCEFRSwitch(config-if)# clock rate 64000FRSwitch(config-if)# frame-relay route 100 int serial 1/1 200FRSwitch(config-if)#no shut
R1Router#config tRouter(config)#hostname R1R1(config)# int s 0R1(config-if)#ip address 192.168.3.9 255.255.255.248R1(config-if)#enacapsulation frame-relayR1(config-if)# frame-relay intf-type DTER1(config-if)# frame-relay interface-dlci 100 R1(config-if-dlci)# exit R1(config-if)#framerelay map ip 192.168.3.10 100R1(config-if)#no shut