Switch floods frame in two cases:
Switches are devices used in computer networks to forward frames (data packets) based on the destination MAC (Media Access Control) address. Unlike hubs, switches operate at the data link layer (Layer 2) of the OSI model and are capable of making intelligent forwarding decisions. Switches use a MAC address table to map MAC addresses to the physical ports on the switch.
Switches flood frames in specific scenarios, such as:
1. **Unknown Unicast Frames:**
- When a switch receives a frame with a destination MAC address that is not in its MAC address table, it doesn't know which port to forward the frame to. In this case, the switch floods the frame to all ports except the one on which the frame was received. This is done to ensure that the frame reaches its destination device, and the device can respond, allowing the switch to learn the MAC address/port mapping for future frames.
2. **Broadcast Frames:**
- Broadcast frames are intended for all devices on the network segment. When a switch receives a broadcast frame, it floods the frame to all ports (except the port on which it was received). This ensures that all devices on the network segment receive the broadcast frame.
3. **Multicast Frames with Unknown Destination:**
- Similar to unknown unicast frames, if a switch receives a multicast frame (addressed to a group of devices) with a destination MAC address not in its MAC address table, it will flood the frame to all ports (except the one on which it was received) to ensure that all potential members of the multicast group receive the frame.
It's important to note that switches are designed to minimize unnecessary flooding by learning MAC address/port mappings and making forwarding decisions based on that information. This makes switches more efficient than hubs, which simply broadcast frames to all connected devices.
Efficient MAC address learning and forwarding strategies help switches avoid unnecessary flooding and optimize network performance.
Issues with flooding
Switch flooding, while necessary in certain scenarios, can create issues within a network. Here are some of the problems associated with switch flooding:
1. **Network Congestion:**
- Flooding frames to all ports can lead to increased network traffic and congestion. Unnecessary flooding consumes bandwidth and can affect the overall performance of the network, particularly in large and busy networks.
2. **Security Risks:**
- Flooding may expose sensitive information to unintended recipients. For example, if a switch floods frames containing sensitive data, it could be intercepted by unauthorized devices connected to other ports on the switch.
3. **Broadcast Storms:**
- Broadcast frames are flooded to all ports, and if not properly controlled, they can lead to broadcast storms. A broadcast storm occurs when broadcast frames circulate endlessly in the network, creating a high volume of unnecessary traffic and degrading network performance.
4. **Resource Utilization:**
- Frequent flooding can lead to increased resource utilization on the switch. This includes CPU and memory usage, which can impact the switch's ability to handle other tasks efficiently.
5. **Delayed Frame Delivery:**
- The flooding process itself introduces some delay in delivering frames to their intended destinations. In scenarios where timely communication is critical, delays caused by flooding can be problematic.
6. **Learning Delays:**
- In cases where the switch needs to flood frames to learn MAC address/port mappings, there may be initial delays as the switch builds its MAC address table. During this learning phase, frames may be flooded until the switch has learned the necessary mappings.
7. **Impact on Power Consumption:**
- Unnecessary flooding contributes to increased power consumption on network devices. In environments where power efficiency is a concern, minimizing flooding is beneficial.
To mitigate these issues, network administrators often employ strategies such as VLANs (Virtual Local Area Networks), spanning tree protocols to prevent broadcast storms, and implementing security measures to control and monitor network traffic. Additionally, using more advanced switches with features like MAC address aging and dynamic MAC address learning can help improve efficiency and reduce the impact of flooding.
spanning tree IEEE 802.1d
stable state: forward or blocking state
switches shares BPDU among themselves which determine the state
enable = forwarding
disable = blocking
STP is by default enabled in cisco switches .
cost of fast ethernet interface 100 mbps ie 19
all interfaces of switch which are connected to pcs are DP which will be always in forwarding state
bridge id = mac address + priority (2 bytes)
priority = 1-65635
default is: 32768
Hello BPDU send by switch contains:
root bridge id + sender bridge id + cost to reach root + timer value on a root switch
forward + delay timer default time is 15 sec each.
election process:
root bridge
1. priority
2.MAC address
Root port
1.cost to reach root
2.interface with lower no.
designated switch/port
1.cost to reach root
2.switch with lower bridge id
3.port with lowest no
In blocking state port receives BPDU but does not send/receive frames
RSTP has three states
discarding
learning
forwarding
RSTP (802.1w) Rapid spanning Tree Protocol
rstp supports portfast and BPDUguard
in rstp root port backup is called alternate port and designated port backup is called as backup port
cisco came up with new stp to support vlan knows as pVSTp+ per vlan stp
cisco switches runs PVSTP+ and PVRSTP+
finally ieee came up with MIST(802.1s) multiple stance of spanning tree which supports vlan
stp by default is configured on switches . we can do just fine tuning.
Interface cost in case of STP:
100 for 10 Mbps
19 for 100Mbps
4 for 1Gbps
2 for 10 Gbps
VLAN (Virtual Local Area Network)
with the help of vlan we can divide one lan into several lans without using l3 router .
vlan can be in a single switch or it can extend up to multiple switches.
trunk interface can't be assigned to any vlan
vlan id range is 0-4095 ie 2power12 , vlan id field is of 12bits
here 0 and 4095 are reserved so useable is 1-4094
802.1q is preferred over ISL since ISL use 30 bytes of extra info to represent vlan instead dot1q use 4 bytes of vlan id. ISL is a cisco propriety
802.1q supports native valn
vlan1 is by default in native valn
In case of native vlan switches doesn't add vlan tag while forwarding frames to other switches. ie only layer 2 frame is forwared.
fast ethernet means 100mbps
store and forward
cut-through ==send first byte (mac address)
fragment free === first 64 bytes
The bridge priority is first examined (the lowest wins). In case of a tie, the lowest bridge ID wins.
native vlan with 802.1q encap doesn't support vlan tagging.
switch interface modes:
1.administrative
-dynamic auto (passively waits to receive trunk negotiation)
-dynamic desirable (initiates and respond to negotiation message)
-trunk
-access
switch of 2950 don't have ISL they supports only 802.1q
condition for no trunk
-if both back to back connected interfaces of switch are in dynamic auto mode
-if any one of the interface is in access mode.
2.Operational Mode
-trunk
-access (no trunk will establish)
with the help of vtp there is no need to create vlan in every switch ,switches will automatically learn the vlan information, only u need to assign interfaces to vlan.
VTP (Vlan Trunk Protocol)
vtp is a cisco propriety.
VTP ensures that all switches in the VTP domain are aware of all VLANs
vtp works in any of three modes.
-server (create , edited , deletion), can create vlan through console and will learn vlan messages from client too.
-client (can't create , can't edit and can't delete, learn vlan info from other vtp switch).
-transparent (only forward the vlan info don't learn it or use it, can create vlan thro CLI).it will pass the information but won't use.
Domain name should be same across all the vtp domain and domain name is case-sensitive and link between switch should be trunk and password is optional but it should be same if it is there.
storing vlan configuration.
for switch in server and client mode ,in case of vlan or vtp in switch , information/configuration gets saved in flash in file valn.dat but in case of transparent mode config will be saved in both running and flash.
if we want to remove vlan info use delete flash:vlan.dat
vtp version
1 lower end (in case of transparent mode , switch used to learn information from server only if they both have same domain name and password also should match)
2 lower end (in this version there is no restriction for domain name and password to exchange vtp info).
3 higher end switches (vtp pruning is enabled, switches will know which of all these interfaces are in which vlans).
normal range vlan (1-1005)
extended-range (1006-4095)
server and client create and sends periodic vtp updates every 5 mins.
vtp conf revision no : which is the latest updated revision no. for every change it will increase by 1 , intitially it will be 0
if server revision no > client one ..clinet will overwrite its database with server conf.
by default vtp is enabled in switch. we can't disable it.
by default switch know about native vlan but router doesn't know hence we need to configure in case of router.
10BaseT allows 100 meters between the device and the hub or switch, as does
100BaseTX.
The root port is the port in which the CBPDU with the lowest-cost value is received. The
root port is placed in forwarding state on each bridge and switch
ip phone work as a mini switch
PPP’s IPCP protocol can assign an IP address to the device on the other end of the link.
Link Access Procedure, D-channel. LAPD is not used on bearer channels, but instead on
the signaling channel. PPP is typically used on bearer channels.
Non-broadcast multiaccess. PPP is nonbroadcast, but not multiaccess. X.25 and Frame
Relay are NBMA networks. Multiaccess really means more than two devices connected
to the data link; therefore, when one device sends data, the intended receiver is not
obvious.
DTE refers to the device that looks for clocking from the device on the other end of the
cable on a synchronous link. The DCE supplies that clocking. An X.25 switch is a DCE
in the X.25 use of the word but probably is a DTE receiving clock from a DSU/CSU or
Mux from the physical layer perspective
In a partial mesh network, not all DTEs are connected with a VC. In a full mesh network,
all DTEs are connected with a VC.
Sub-interfaces can be used and are preferred with a partial mesh because this removes
split horizon issues by treating each VC as its own interface. Likewise, subinterfaces are
optional when the network is a full mesh.
What benefit related to routing protocols can be gained by using subinterfaces with a
partial mesh?
Split horizon issues are avoided by treating each VC as a separate interface. Split horizon
is still enabled; routing loops are not a risk, but all routes are learned
802.11a=54 Mbit/s and (5 GHz) and
802.11g 54Mbit/s bw n (2.4 GHz) standards
802.1n supports both
Ethernet speed cost
10 mbps --------- 100
100Mbps----------19
1Gbps-------------4
10Gbps------------2
STP Timers
hello == 2sec
Max Age == 10 times hello
Forward delay == 15sec
state forward data frames learn MACs Transitory/stable
blocking no no stable
listening no no trans
learning no yes trans
forwarding yes yes trans
disabled no no stable
rstp calls blocking state the discarding state
rstp --discarding--discarding--learning--forwarding--discarding.
Ethernet interfaces using speeds faster than 1 Gbps always use full duplex.
ospf does not support auto-summarization
0.0.0.0 ===the entire ip address must match
255.255.255.255==automatically considered to match any or all address
port no protocol app
20 tcp ftp-data
21 tcp ftp-control
22 tcp ssh
23 tcp telnet
25 tcp smtp
53 udp,tcp dns
67,68 udp dhcp
69 udp tftp
80 tcp http
110 tcp pop3
161 udp snmp
443 tcp ssl
16,384-32,767 udp rtp-based voice and video
extended access-list 100-199 and 2000-2699
bgp(external)----ad 20
bgp(internal routes)---200
eigrp (internal) ==90
eigrp(external) ===170
Unusable ----- 255
connected --- 0
ospf(Open shortest Path first) neighbor states
down
attempt
init
two-way
exstart
exchange
loading
full
cost value can be between 1-65,535
ospf authentication types
0- ip ospf authenticall null
1- ip ospf authentication clear text
2- ip ospf authentication message-digest
RTP ie real time transport which is used to transmit voice and video IP packets.
eigrp:
metric = ((10^7/least-bw)+cumulative-delay)*256
FD= the metric of the best route to reach a subnet, as calculated on a router
RD= The metric as calculated on a neighboring router and then reported and learned in a EIGRP Update.
Frame relay LMI types
Cisco--propriety
ANSI---ansi
ITU---q933a
troubleshooting
clockrate is at layer 1 show controllers s 0
encap is at layer2 by default hdlc issue no shut sh ip int br
common net id in layer3 ping trace
locally significant only:
-frame relay dlci
-ospf process number
-stp port costs
The minimum and the maximum number of trunks we can place into a single etherchannel are 2 and 8
Router(config)#line console 0
Router(config-line)#logging ?
synchronous Synchronized message output
Router(config-line)#logging synchronous
disables console messages.
by default router exec timeout is 5 mins and 0 sec
Router(config-line)#exec-timeout 0 0 so disable it by setting exec-timeout 0 0
above things can be also be done on vty lines for telnet and ssh
RIP (Routing information protocol) defaults
sending --v1
rx --v1 n v2
to see this show ip protocols
following things differ between RIP1 and 2
-level of support for routing protocol authentication
-support of vlsm
-destination of routing updates (multicast)
administrative distance of the static route is optional with the ip route command
The default stp port cost of a fast ethernet port on cisco switch is 19
ppp offered all of these but not hdlc
-pap
-multilink capabilities
-dailer callback
-chap
the manager of a PPP connection is LCP
you will not see disable state of port in STP through cli but after shutdown it will be in disable mode.
ripv1 ====== 255.255.255.255
ripv2===== 224.0.0.9
ospf=======224.0.0.5 (all ospf routers) dr send messages to all neighbors including bdr
while any link goes down , the router connected to that link will send message to 224.0.0.6 ( ie id for DR and BDR)
eigrp======224.0.0.10
DR(Designated Router)/BDR(Backup Designated Router) for every shared segment.
for point to point there is no DR/BDR ..only ip used is 224.0.0.5
By default all ospf router has priority of 1
Driver query command is used to see all the drivers installed in your PC.
ospf throw away the backup path or does not have backup but eigrp has backup path.
ospf cost = 10^8/BW in mbps
fa== 1
ethernet = 10
T1(1.544) = 65
E1(2.048) = 48
all gig has cost of 1
ospf packet types:
hello
database description
link-state request
link- state advertisement==update abt individual routes
link state update
link state ack
ospf doesn't use tcp/udp ..it uses its own L4 ack
loopback has preference over physical and manual router-id has preference over loopback
router-id -- loopback--physical address
to clear ospf process
clear ip ospf process should clear ospf process and loopback should take into effect without reloading.
summarization is different in case of ospf under ospf process u need to define summarization ie
router ospf 1
area 1 range 192.168.0.0 255.255.0.0
but summary address command is used for ASBR router.
LSA(Link state advertisement) types 7:
lsa1
lsa2:network lsa (dr generated)
lsa3:summary lsa (abr summary route)
lsa4: summary lsa (asbr location) ip add of asbr
lsa5: external lsa (asbr summary route)summary routes coming from diff area ie T5
lsa7: created by asbr in nnsa
UDP is used in DNS , online gaming , voip, streaming video
ethernet II Frame
des-source-type-data-checksum
IEEE 802.3 Frame
des-source-lenght-LLC-data-checksum
Type field identifies which l3 protocol is being transported to ethernet ie ip , apple-talk , ipx
LAN Deployment
Fiber optics 1000BaseLX10 == 10km
FO 1000BaseLX === 5km
FO Ethernet 10BaseF ==2km
Thick Ethernet 10base5==500m
Thin Ethernet 10base2 == 185m
twisted Pair Ethernet 10BaseT = 100m
Fast Ethernet 100BaseT==100m
Gigabit Ethernet 1000BaseT== 100m
5-4-3 rule for ethernet
5 segments -4 repeters-3 populated segments
Bridge:
Half-duplex data transmission
end user device share bw in each port
vlan are not possible
Switch:
Full duplex transmission
each port is dedicated to a single device; bandwidth is not shared
vlan are possible
Difference between Bridge vs Switch
vtp works in any of three modes.
-server (create , edited , deletion), can create vlan through console and will learn vlan messages from client too.
-client (can't create , can't edit and can't delete, learn vlan info from other vtp switch).
-transparent (only forward the vlan info don't learn it or use it, can create vlan thro CLI).it will pass the information but won't use.
Domain name should be same across all the vtp domain and domain name is case-sensitive and link between switch should be trunk and password is optional but it should be same if it is there.
storing vlan configuration.
for switch in server and client mode ,in case of vlan or vtp in switch , information/configuration gets saved in flash in file valn.dat but in case of transparent mode config will be saved in both running and flash.
if we want to remove vlan info use delete flash:vlan.dat
vtp version
1 lower end (in case of transparent mode , switch used to learn information from server only if they both have same domain name and password also should match)
2 lower end (in this version there is no restriction for domain name and password to exchange vtp info).
3 higher end switches (vtp pruning is enabled, switches will know which of all these interfaces are in which vlans).
normal range vlan (1-1005)
extended-range (1006-4095)
server and client create and sends periodic vtp updates every 5 mins.
vtp conf revision no : which is the latest updated revision no. for every change it will increase by 1 , intitially it will be 0
if server revision no > client one ..clinet will overwrite its database with server conf.
by default vtp is enabled in switch. we can't disable it.
by default switch know about native vlan but router doesn't know hence we need to configure in case of router.
10BaseT allows 100 meters between the device and the hub or switch, as does
100BaseTX.
The root port is the port in which the CBPDU with the lowest-cost value is received. The
root port is placed in forwarding state on each bridge and switch
ip phone work as a mini switch
PPP’s IPCP protocol can assign an IP address to the device on the other end of the link.
Link Access Procedure, D-channel. LAPD is not used on bearer channels, but instead on
the signaling channel. PPP is typically used on bearer channels.
Non-broadcast multiaccess. PPP is nonbroadcast, but not multiaccess. X.25 and Frame
Relay are NBMA networks. Multiaccess really means more than two devices connected
to the data link; therefore, when one device sends data, the intended receiver is not
obvious.
DTE refers to the device that looks for clocking from the device on the other end of the
cable on a synchronous link. The DCE supplies that clocking. An X.25 switch is a DCE
in the X.25 use of the word but probably is a DTE receiving clock from a DSU/CSU or
Mux from the physical layer perspective
In a partial mesh network, not all DTEs are connected with a VC. In a full mesh network,
all DTEs are connected with a VC.
Sub-interfaces can be used and are preferred with a partial mesh because this removes
split horizon issues by treating each VC as its own interface. Likewise, subinterfaces are
optional when the network is a full mesh.
What benefit related to routing protocols can be gained by using subinterfaces with a
partial mesh?
Split horizon issues are avoided by treating each VC as a separate interface. Split horizon
is still enabled; routing loops are not a risk, but all routes are learned
802.11a=54 Mbit/s and (5 GHz) and
802.11g 54Mbit/s bw n (2.4 GHz) standards
802.1n supports both
Ethernet speed cost
10 mbps --------- 100
100Mbps----------19
1Gbps-------------4
10Gbps------------2
STP Timers
hello == 2sec
Max Age == 10 times hello
Forward delay == 15sec
state forward data frames learn MACs Transitory/stable
blocking no no stable
listening no no trans
learning no yes trans
forwarding yes yes trans
disabled no no stable
rstp calls blocking state the discarding state
rstp --discarding--discarding--learning--forwarding--discarding.
Ethernet interfaces using speeds faster than 1 Gbps always use full duplex.
ospf does not support auto-summarization
0.0.0.0 ===the entire ip address must match
255.255.255.255==automatically considered to match any or all address
port no protocol app
20 tcp ftp-data
21 tcp ftp-control
22 tcp ssh
23 tcp telnet
25 tcp smtp
53 udp,tcp dns
67,68 udp dhcp
69 udp tftp
80 tcp http
110 tcp pop3
161 udp snmp
443 tcp ssl
16,384-32,767 udp rtp-based voice and video
extended access-list 100-199 and 2000-2699
bgp(external)----ad 20
bgp(internal routes)---200
eigrp (internal) ==90
eigrp(external) ===170
Unusable ----- 255
connected --- 0
ospf(Open shortest Path first) neighbor states
down
attempt
init
two-way
exstart
exchange
loading
full
cost value can be between 1-65,535
ospf authentication types
0- ip ospf authenticall null
1- ip ospf authentication clear text
2- ip ospf authentication message-digest
RTP ie real time transport which is used to transmit voice and video IP packets.
eigrp:
metric = ((10^7/least-bw)+cumulative-delay)*256
FD= the metric of the best route to reach a subnet, as calculated on a router
RD= The metric as calculated on a neighboring router and then reported and learned in a EIGRP Update.
Frame relay LMI types
Cisco--propriety
ANSI---ansi
ITU---q933a
troubleshooting
clockrate is at layer 1 show controllers s 0
encap is at layer2 by default hdlc issue no shut sh ip int br
common net id in layer3 ping trace
locally significant only:
-frame relay dlci
-ospf process number
-stp port costs
The minimum and the maximum number of trunks we can place into a single etherchannel are 2 and 8
Router(config)#line console 0
Router(config-line)#logging ?
synchronous Synchronized message output
Router(config-line)#logging synchronous
disables console messages.
by default router exec timeout is 5 mins and 0 sec
Router(config-line)#exec-timeout 0 0 so disable it by setting exec-timeout 0 0
above things can be also be done on vty lines for telnet and ssh
RIP (Routing information protocol) defaults
sending --v1
rx --v1 n v2
to see this show ip protocols
following things differ between RIP1 and 2
-level of support for routing protocol authentication
-support of vlsm
-destination of routing updates (multicast)
administrative distance of the static route is optional with the ip route command
The default stp port cost of a fast ethernet port on cisco switch is 19
ppp offered all of these but not hdlc
-pap
-multilink capabilities
-dailer callback
-chap
the manager of a PPP connection is LCP
you will not see disable state of port in STP through cli but after shutdown it will be in disable mode.
ripv1 ====== 255.255.255.255
ripv2===== 224.0.0.9
ospf=======224.0.0.5 (all ospf routers) dr send messages to all neighbors including bdr
while any link goes down , the router connected to that link will send message to 224.0.0.6 ( ie id for DR and BDR)
eigrp======224.0.0.10
DR(Designated Router)/BDR(Backup Designated Router) for every shared segment.
for point to point there is no DR/BDR ..only ip used is 224.0.0.5
By default all ospf router has priority of 1
Driver query command is used to see all the drivers installed in your PC.
ospf throw away the backup path or does not have backup but eigrp has backup path.
ospf cost = 10^8/BW in mbps
fa== 1
ethernet = 10
T1(1.544) = 65
E1(2.048) = 48
all gig has cost of 1
ospf packet types:
hello
database description
link-state request
link- state advertisement==update abt individual routes
link state update
link state ack
ospf doesn't use tcp/udp ..it uses its own L4 ack
loopback has preference over physical and manual router-id has preference over loopback
router-id -- loopback--physical address
to clear ospf process
clear ip ospf process should clear ospf process and loopback should take into effect without reloading.
summarization is different in case of ospf under ospf process u need to define summarization ie
router ospf 1
area 1 range 192.168.0.0 255.255.0.0
but summary address command is used for ASBR router.
LSA(Link state advertisement) types 7:
lsa1
lsa2:network lsa (dr generated)
lsa3:summary lsa (abr summary route)
lsa4: summary lsa (asbr location) ip add of asbr
lsa5: external lsa (asbr summary route)summary routes coming from diff area ie T5
lsa7: created by asbr in nnsa
UDP is used in DNS , online gaming , voip, streaming video
ethernet II Frame
des-source-type-data-checksum
IEEE 802.3 Frame
des-source-lenght-LLC-data-checksum
Type field identifies which l3 protocol is being transported to ethernet ie ip , apple-talk , ipx
LAN Deployment
Fiber optics 1000BaseLX10 == 10km
FO 1000BaseLX === 5km
FO Ethernet 10BaseF ==2km
Thick Ethernet 10base5==500m
Thin Ethernet 10base2 == 185m
twisted Pair Ethernet 10BaseT = 100m
Fast Ethernet 100BaseT==100m
Gigabit Ethernet 1000BaseT== 100m
5-4-3 rule for ethernet
5 segments -4 repeters-3 populated segments
Bridge:
Half-duplex data transmission
end user device share bw in each port
vlan are not possible
Switch:
Full duplex transmission
each port is dedicated to a single device; bandwidth is not shared
vlan are possible
Difference between Bridge vs Switch
Bridges and switches are both network devices that operate at the data link layer (Layer 2) of the OSI model and are used to connect and manage traffic between different segments of a network. While they share some similarities, there are key differences between bridges and switches:
### Bridge:
1. **Basic Functionality:**
- A bridge is a network device that connects multiple network segments and operates at the data link layer. It filters and forwards traffic based on MAC addresses.
2. **Topology:**
- Bridges were historically used to connect separate collision domains within a network. They were common in early Ethernet networks and were designed to reduce collisions by segmenting the network.
3. **Filtering Decisions:**
- Bridges make filtering decisions based on MAC addresses. They maintain a MAC address table to associate MAC addresses with specific ports. If a destination MAC address is not found in the table, the bridge will forward the frame to all ports (flooding).
4. **Spanning Tree Protocol:**
- Bridges use the Spanning Tree Protocol (STP) to prevent loops in the network topology. STP helps avoid broadcast storms and ensures a loop-free logical topology.
### Switch:
1. **Basic Functionality:**
- A switch is an evolution of the bridge and is a more advanced and efficient device for connecting and managing network traffic. Like a bridge, a switch operates at the data link layer and makes forwarding decisions based on MAC addresses.
2. **Topology:**
- Switches are commonly used in modern networks to connect devices within the same broadcast domain. They provide full-duplex communication and operate more efficiently than bridges.
3. **Filtering Decisions:**
- Switches use MAC address tables similar to bridges but often have larger table capacities. They can make more granular forwarding decisions and reduce the need for broadcast flooding, leading to improved network efficiency.
4. **Port Speed and Full Duplex:**
- Switches typically support higher port speeds (e.g., 1 Gbps, 10 Gbps) and full-duplex communication, allowing devices to send and receive data simultaneously.
5. **Collision Domains:**
- Unlike bridges, which reduce collision domains, switches effectively eliminate collision domains for devices connected to individual ports. This results in improved network performance and less contention for the network medium.
In summary, switches are an evolution of bridges and provide more advanced features and better performance. While both devices operate at the data link layer and make forwarding decisions based on MAC addresses, switches are better suited for modern networks due to their increased capacity, full-duplex capabilities, and efficiency in handling network traffic. The terms "bridge" and "switch" are often used interchangeably, and many modern switches incorporate the functionalities of both bridges and switches.
multicast mac address begins with 01
MPLS is not a WAN technology, but a WAN service that operates between L2 and L3 also called layer 2.5protocol
to connect to the ISP we require our router to connect to DCE ie modem which puts data in the correct format in the local loop. which will indeed connect to central office or local exchange.
dte dce voice
pc--------modem---------------wan
digital analog
router---------csu/dsu-----------wan
digital digital
csu/dsu channel service unit/data service unit is used to covert the data in the format router can understand . there can be separate device or a single device with csu/dsu. in some cases csu/dsu is installed inside the router only.
digital lines can be fibre or copper.
WAN at L1
T1 digital telephone line transmit data at 1.544mbps also called point to point in north america and US.
T1 can multiplex several voice and digital data
T1==DS1==24DS0
out of 24 timeslots some can be allocate for data and some for voice . each time slot is called DS0 . it is a digital signal ie 64kbps
-DS1 refers to the digital signal service provided over the wire . A DS1 signal offers 1.54 mbps of bandwidth and has a specific format.It might be transported over a T1 line or another type of line.
-T1 refers to the physical line ,a copper wire , carrying DS1 signal.
-If a DS1 circuit is transported over another type of material, such as fiber, it is no longer T1.
North American standard
DS1 24DS0 1.544 Mbps on a T1 line
Ds3 28DS1 44.74 Mbps on a T3 line
Europe
E1 32DS0 2.05mbps
E3 16E1s 34.37 Mbps
these speeds were not enough later on fiber optics evolved
north amercia === sonet===frame format STS==base signal STS-1 operate at 51.84Mbps, enough to carry DS3 link
sometime we use OC optical carrier analogous to STS but there is difference.
OC means optical carrier over fiber
STS means electronic signal over cable.
europe=== SDH==STM frame format base level signal STM-1 operates at 155Mbps.
WAN at layer2: wan layer 2 protocols :PPP , frame realy and ATM
WAN operates ta L1and L2
PPP:
used over leased line and for dial up
Ethernet is a connectionless protocol but PPP is connection oriented
Establishing a PPP connection
1.Establish connection and configure link using a link control protocol(LCP).
2.Use authentication to verify identity(optional)
3.configure L3 protocol using network control protocol (NCP)
dis; requires a dedicated ckt between each location.
Frame-relay is an eg of packet switched n/w
using vc(virtual ckt).
it is eg of layer2 virtual private network (VPN)
virtual ckt should be predefined
Two types of virtual circuits:
pvc: service provider defined path always ready to use
svc: are defined when data is sent
frame-realy pvc are identified by DLCI similar to L2 address
dlci is assigned by service provider . FR is connection oriented protocol.
DLCI identify the VC used. DLCI only exists between customer router to CO.Between CO's data flows in different ways.
DLCI is a 10 bit field .
FECN,BECN and DE bits are used for congestion control.
DE(discard eligible) indicates that the frames is eligible for discard if congestion occurs.
Most routers set frames to be discard eligible if the traffic exceeds the PVC's committed information rate(CIR).The CIR is a transmission rate guarantee by service provider.
Frame layer header does not have L3 protocol like in PPP.Instead it use NLPID.
frame relay look up table.
Incoming port and dlci ===outgoing port and dlci
Frame relay is cost efficient and ideal for traffic that is
-intermittent
-not delay sensitive
If one needs higher BW connections to support dealy-sensitive traffic , like voice and video,in addition to data ,it might need to consider next different network technology ie ATM.
ATM
can transport voice , video , and data on the same network with guaranteed performance or quality of service for each type of traffic. it works for both LAN and WAN.
works at data link layer.used primarily as a WAN backbone technology.
Residential and business DSL use ATM
It used cell-switching technology.
Fix length 53 byte cells
also considered packet switched n/w
uses single physical connection to connect to multiple devices
connection type used is VCC (virtual channel connection).
ATM is connection oriented. supports PVC and SVC's.
it can also be used for VPN.
MPLS:
provides the privacy and security of a Frame relay or atm n/w, yet allows for inherent any to any connectivity and flexibility typical of an IP based network.
Ethernet can be used as LAN and WAN technology
MPLS is a 2.5 layer protocol.MPLS is encapsulation and packet switching technology.sits between L2 and L3.Mpls can be used over any l2 technology.supports any L3 protocol.MPLS use label switched path(LSP) to connect devices.LSP is unidirectional.Each LSP must be matched at each location.
Router running MPLS are called LSR (label switch router).
Label edge router(LER): is responsible for assigning the appropriate MPLS label to a packet.The incoming frame can be encapsulated as ethernet, ppp or other format.
FEC : forwarding equivalance class:A group of packets that will be treated or forwarded the same way within the provider's MPLS domain.
MPLS VPNs
MPLS L2 vpns
MPLS L3 vpns (IP VPNs)
Virtual private LAN Services (VPLS)
Generalized MPLS (GMPLS)
MPLS traffic Engineering
MPLS network management
CE router doesn't run mpls
PE router runs mpls(also exchange routing information with CE).The routes are stored in CE vrf(virtual routing and forwarding table).PE router only do label switching also called transit router.
WAN Technologies:
PPP ATM FR
frame lengths are variable yes yes
Packet switched n/w yes yes
cell-switching technology yes
dedicated ckt yes
mutiple conn over leasedline yes yes
Summary
============
PPP
===
dedicated ckt required between each location
LCP and NCP used to establish conneection
challenge handshake authetication protocol (CHAP)
FR
==
data link connection identifier (DLCI)
FECN, BECN, and DE manage congestion
Network Layer protocol identifier(NLPID)
ATM
====
Fixed-length cells
virtual channel identifiers(VCIs) and virtual path identifiers(VPIs)
defined service categories
MPLS
====
Layer2 agnostic
label switched path (LSP)
Forward class equivalency
s/w ports ==layer 4 ports
interfaces ==layer3
h/w ports ===NIC or MAC L2 ports
UDP:
multiplexes data using ports
unreliable
datagrams (directly interact with ip)
No flow control
limited error checking capabilities
No recovery mechanisms
checksum is optional
used whenver faster speed is needed
DNS, tftp,snmp
TCP:
multiplexes data using ports
reliable
segment
flow control
provides a reliable service by using
-sequence no
-acknowledgments
-flags
-Timers
http, smtp, ftp
TCP three-way handshake.
client
source port :1146 send sync
desitnation port : 80 ==================> server
SYN=1 Seq #0
Rx SYN+ACK <=====================source port 80 dest port 1146 SYN=1, Seq #101 ACK=1 Ack #1 Source port :1146 dest port : 80 SYN =1, Seq #1======================> rx ACk
ACK=1 Ack #102
when server starts to send data it will start with seq #102.
TCP supports full duplex transmission
Explanation:
The TCP three-way handshake is a process used by TCP (Transmission Control Protocol) to establish a connection between two devices in a network. It is a fundamental part of TCP's connection establishment mechanism. The three-way handshake involves three steps: SYN, SYN-ACK, and ACK. Here's a breakdown of each step along with an example:
1. **SYN (Synchronize):**
- The client (initiator of the connection) sends a TCP segment with the SYN (synchronize) flag set to the server, indicating its intention to establish a connection.
- The sequence number (Seq) is set to an initial value chosen by the client.
Example:
```
Client ----[SYN Seq=X]----> Server
```
2. **SYN-ACK (Synchronize-Acknowledge):**
- Upon receiving the SYN segment, the server responds with a TCP segment that has both the SYN and ACK (acknowledge) flags set. The ACK flag acknowledges the receipt of the client's SYN, and the server also sends its own SYN to initiate a connection.
- The acknowledgment number (Ack) is set to the client's sequence number incremented by 1.
- The server also chooses an initial sequence number (Seq) for its side of the connection.
Example:
```
Client <---[SYN, ACK Seq=Y, Ack=X+1]--- Server
```
3. **ACK (Acknowledge):**
- Finally, the client acknowledges the server's SYN-ACK by sending a TCP segment with the ACK flag set. The acknowledgment number (Ack) is set to the server's sequence number incremented by 1.
- At this point, the connection is established, and both client and server can exchange data.
Example:
```
Client ----[ACK Seq=X+1, Ack=Y+1]----> Server
```
After this three-way handshake, the TCP connection is established, and both sides can begin exchanging data. The sequence numbers are used to keep track of the order of transmitted data and to handle flow control and retransmission in case of packet loss.
It's important to note that the actual sequence numbers (X, Y, etc.) are numerical values chosen by each side of the connection and play a crucial role in ensuring reliable and ordered data transfer. The three-way handshake helps synchronize these sequence numbers and establish a reliable connection before data transmission begins.
Stations
Wireless stations fall into one of two categories: access points, and clients. Access points (APs), normally routers, are base stations for the wireless network. They transmit and receive radio frequencies for wireless enabled devices to communicate with. Wireless clients can be mobile devices such as laptops, personal digital assistants, IP phones and other smartphones, or fixed devices such as desktops and workstations that are equipped with a wireless network interface.
Basic service set
The basic service set (BSS) is a set of all stations that can communicate with each other. Every BSS has an identification (ID) called the BSSID, which is the MAC address of the access point servicing the BSS.
There are two types of BSS: Independent BSS (also referred to as IBSS), and infrastructure BSS. An independent BSS (IBSS) is an ad-hoc network that contains no access points, which means they can not connect to any other basic service set. An infrastructure BSS can communicate with other stations not in the same BSS by communicating through access points.
[edit]Extended service set
An extended service set (ESS) is a set of connected BSSs. Access points in an ESS are connected by a distribution system. Each ESS has an ID called the SSID which is a 32-byte (maximum) character string.
[edit]Distribution system
A distribution system (DS) connects access points in an extended service set. The concept of a DS can be used to increase network coverage through roaming between cells.
DS can be wired or wireless. Current wireless distribution systems are mostly based on WDS or MESH protocols, though other systems are in use
the 802.11 designers also included shared-key encryption mechanisms: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA, WPA2), to secure wireless computer networks.
The 802.11 has two basic modes of operation: Ad-hoc mode enables peer-to-peer transmission between mobile units. Infrastructure mode in which mobile units communicate through an access point that serves as a bridge to a wired network infrastructure is the more common wireless LAN
802.11 designers also included shared-key encryption mechanisms: Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA, WPA2), to secure wireless computer networks.
VLAN Trunking Protocol (VTP) is a Cisco proprietary protocol that propagates the definition of Virtual Local Area Networks (VLAN) on the whole local area network.[1] To do this, VTP carries VLAN information to all the switches in a VTP domain. VTP advertisements can be sent over ISL, 802.1q, IEEE 802.10 and LANE trunks. VTP is available on most of the Cisco Catalyst Family products
Telnet char:
it sends data in a clear text format
it requires that the destination device be configured to support telnet connections.
RIPing is enabled in each interface separately.
In VTP client mode , u can't create, change , or delete VLANs on the local device.
Two security appliances used in a network are IDS and IPS
Loopback:
it provides stability for the ospf process on router.
it provides stability for the ospf process on router.
DHCP:
Assign and renew IP address from the default pool
configure IP address parameters from DHCP server to host.
one to nearest address in IPv6 is called anycast.
Devices like flash memory and tftp server can be configure as a source for a IOS image in a the boot system command.
RIPv2 does not support equal cost path.
IPV6:
a single interface may be assigned multiple IPv6 address of any type.
every IPv6 interface contains at least one loopback address.
In IPv6 broadcast is replaced by multicast.
Three basic parameters to configure on a wireless access point?
-SSID
-RF channel
-authentication method
The two main reasons network administrator would use cdp are:
-to verify L2 connectivity between two devices when L3 fails.
-to obtain the IP address of a connected device in order to telnet ot the device.
OSPF features:
-It supports VLSM
-It confines network instability to one area of the network
-It allows extensive control of the routing updates.
WAN connectivity methods:
-ppp
-hdlc
-atm
Ethernet fiber-optic modes that support distance of greater than 550m are
-1000BASE-LX
-1000BASE-ZX
Wireless Encryption - WEP, WPA, and WPA2.
WEP uses RC4 stream encryption, for a fresh key stream for each packet.
WPA
It is an interim solution that is used now until 802.11i comes out.
It still using RC4, but the Key was changed to TKIP.
WAN opeates at L2 and L3 of an OSI model.
The cdp run command is used to enable CDP globally on the router.
To enable cdp on an interface , use the cdp enable command
Valid modes for a switch port used as a VLAN trunk are:
-auto
-on
-desirable
Two characteristics of FR point-to-point subinterfaces
-They require a unique subnet within a routing domain.
-they emulate lease line.
ospf provides common view of entire topology.
The application layer is responsible for identifying and establishing the availability of the intended communication partner.
Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.
means total ram size is 128MB
63488K bytes of ATA CompactFlash (Read/Write) ie 63Mb of flash memory.
write erase will erase nvram content
by default telnet connections are disabled in router.
to allow these connections, use commands in vty lines .
Router(config)#line con 0
Router(config-line)#logging synchronous
Router(config-line)#exec-timeout 0 0
Router(config-line)#exit
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password vegas
for the incoming telnet session
Router(config-line)#privilege level 15(highest level is 15).
Telnet allows the use of a password that's configured directly ont he VTY lines, but ssh does not.
To use SSH, we'll have to use one of the following authentication
methods:
-a local database on the router.
-authentication via AAA, enabled with a new model
When using a local database for SSH , the first step is to configure login local on the vty lines, rather than the login command we used for the telnet configuration. Remove any passwords from the vty lines as well. The login local tells the switch to look to a database on the local device for a vlaid username/password combinations.
r1(config)#line vty 0 4
R1(config-line)#login local
R1(config-line)#transport input ssh
moreover ssh configuration requires the following where telnet does not.
-A domain name must be specified with the ip domain-name command
-A crypto key must be created with the crypto key generate rsa command.
R1(config)#ip domain-name lekhaknawraj.blogspot.com
R1(config)#crypto key generate rsa
The two features did WPA add to address the inherent weakness found in WEP.
-key mixing using temporal keys
-per frame sequence counters
`EIGRP successor routes:
-a successor route is used by EIGRP to forward traffic to a destination
-a successor route may be backed up by a feasible successor route.
QOS:
it is a network security mechanism, which is used to resolve the network delay problem. This mechanism is essential to multimedia application. When the network is overloaded , Qos will prevent a possible delay in the important data transmission and ensure the efficient operation of the n/w.
process identifier that is used to run OSPF on a router
-it is locally significant
-it is needed to identify a unique instance of a ospf database.
when troubleshooting a frame-relay connection , the first step used to perform a loopback test is :
-set the encapsulation of the interface to HDLC
The default priority of an interface of an ospf segemnt is 1.
In RIPv1 send is 1 and receive is 1
In RIPv2 send is 1 and rx is 1 and 2 and which is the default too.
Bridge priority must be in the increment of 4096
ie 0-4096-8192-12288
STP convergence in 50 sec , RSTP in 2 sec
compress ipv6 address
-use double colon (only once per address)
-replaces leading double zeros
Eigrp:
-uses ip protocol 88
-uses feasible successor to determine alternative ports
-feasible successor a backup route based on topology table.
IPv6:
leading zeros can be omitted
eg ::192:168:0:1
one or any number of consecutive groups of 0 value may be replaced with two colons eg 2002:c0a8:101::42
VTP:
vtp simplifies switch administration by allowing switches to automatically share vlan configuration information.
vtp helps to limit configuration errors by keeping vlan naming consistent across the vtp domain.
The largest configuration file that can be stored on router is the bytes of NVRAM present.
The commands like
-terminal monitor
-logging host ip-address
are used to send logs to a remote address.
show file systems is used to get the nvram and flash memory size.
"transmit input all" is necessary to permit ssh and telnet access to a catalyst.
EIGRP:
the AD of the feasible successor must be smaller than the FD of a successor.
The additional configuration step that is necessary in order to connect to an access point that has SSID broadcasting disabled is :
-set the SSID value on the client to the SSID configured on the AP.
The way to create EUI-64 format interface ID from a 48-bit MAC address is :
-by inserting 0xFFFE between the upper three bytes and the lower three bytes of the MAC address.
The valid reason for a switch to deny port access to new devices when port security is enabled is:
-the denied mac address are statically configured on the port.
If the rip route is marked as invalid, the time that will elapse before that route is removed from the routing table is 240sec.
The command to display the CHAP authentication process is: debug PPP authentication.
DHCP:
if an address conflict is detected, the address is removed from the pool for an amount of time configurable by the administrator.
The Three ipv6 transition mechanism are :
-6to4 tunneling
-ISATAP tunneling
-Teredo tunneling
The results of executing following commands is :
switch(config-if)# switchport port-security
switchport port-security mac-adddress sticky
-a dynamically learned mac address is saved in a running -configuration mode.
The following points need to be taken care prior to backing up an IOS image to tftp server:
-make sure that the server can be reached across the network
-assure that the network server has adequate space for the IOS image.
-verify file naming and path requirements
Compare to dynamic routes static routes have following advantages.
-control
-easy configuration
-less WAN bandwidth
The output of the show frame-realy pvc command shows "PVC STATUS=INACTIVE". What does that mean?
- the pvc is configured correctly on the local switch, but there is a problem on the remote end of the PVC.
When the frame first enters a port switch first looks for a source mac address.
The valid port security mode that can result ina err-disabled port is a shutdown.
The following ospf adjacency states are unique to an NBMA network:
-attempt
In case of eigrp, following things should match between potential neighbors
-AS number
-metric weights.
The default port security mode is operational
Three port security modes in switches are :
shutdown which is default
restrict
protect
whenever switch port goes into err-disabled state , to resolve this we need to reopen it.
The following command will allow u to see only the non-static l2 address that a cisco switch learned
-show mac-address-table dynamic
EIGRP(Enhanced Interior Gateway routing protocol):
internal AD = 90
external AD = 170 in case of route redistribution .
summary 5
Router(config)#line vty 0 4
Router(config-line)#password lekhak
Router(config-line)#login
Router(config-line)#privilege level 15
This configuration will allow an incoming telnet user directly into enable mode(privilege exec mode) upon successfully entering the password configured on the vty lines.
regular ping will work in both enable and privilege mode but extended ping will work only in privilege mode .extended ping is used for the following reasons
-set a multicast bit stream
-set datagrams, timeout ...
The minimum administrative distance of a floating static route that should "float" and only be used in case the matching RIP route is lost is : 121
The default static route is indicated by S and *
Some commands:
S1#show interface trunk
S1#show vtp status
R1#show frame map
R1# show controller s1
debug ppp negotiation
clear ip route
ospf neighbor adjacency states
down
attempt == only in NBMA
init
2 way
exstart
exchange
loading
full
command for eigrp summary
int e0
ip summary-sddress eigrp 100 ip mask
default variance value in case of eigrp is 1
wildcard mask is optional in case of eigrp
Bandwidth and delay are default metric in case of eigrp.
Difference between below two commands
1. default-information originate
use to advertise the default route in case of ospf for this one default route should be there in the routing table
2.default-information originate always
this will always advertise the default route irrespective of any condition.
If a port is in trunking state, we r not going to see it in a show vlan brief since those ports are parts of all vlan
unknown unicast frame means switch does not have an entry of its destination addressin mac table ie it does not know through which port to forward that add to the des.
In a multilayer switch ..switching is enabled by default but not routing.
Two switches are connected via three cables. of six ports, how many are in forwarding for default vlan.
--forwarding mode --4
-block --2
For point to point n/w it is shown as - in show ip ospf neighbor instead of DR and BDR. In point to point no need to have DR /BDR
for point to multipoint also we don't have DR election
only multicast and broadcast will have DR .
Eigrp "successor route" is found in two places :
topolgy table and route table but
eigrp feasible successor route is found only in topology table.
route learned through redistribution is indicated by D EX
In frame relay map command we use remote device interface ip address and local dlci
channel-group is a command which is used to create an ether-channel
ether channel will help to bundles the channel so that bw can be increased and cost will be less. cost for port channel is 12.
if we have three ports inside an etherchannel on a given cisco switch and if one port goes down then the EC port cost will rise and trunk won't goes down.
The following requires a cisco router reload or other kind of reset for the change or command to take place
-changing the ospf router id
-changing the configuration register
Response Meaning
* Timed out
!H router received packet but did not forward it
N network unreachable
P protocol unreachable
U port unreachable
! Each exclamation point indicates receipt of a successful reply
. Each period indicates the network server timed out while waiting for a reply
U A destination unreachable error PDU was received
Q Source quench (destination is too busy)
M Could not fragment
? Unknown packet type
& Packet lifetime exceeded
All cisco routers are classful by default. U need to configure ip classless command
Config reg 2100 rom monitor mode
Config reg 2101 tells the router boot from rom
Config reg 2102 specifies a default boot file name and tells the router to look in NVRAM for boot sequence.
Config reg 2142 tells the router to not to load the startup-config in NVRAM to provide password recovery.
Keyboard Shortcut Action
Up Arrow Displays your previous commands. (command history)
TAB Key Completes a partially typed CLI commands.
CTRL+Z Takes you back to Privileged EXEC Mode.
CTRL+A Places the cursor at the beginning of a line.
CTRL+E Places the cursor at the end of a line.
CTRL+R Redisplays the current command line.
CTRL+W Erases a word (behind the cursor).
CTRL+U Erases an entire line.
session layer is considered as a manager of an end-to-end session.
standard access-list = 1-99 and 1300-1999
extended access-list = 100-199 and 2000-2699
authentication runs at application layer and encryption runs at the presentation layer
port-based security use source mac address to allow or deny access to a switch port.
The default port-based security mode is shut down.
Three different types of eigrp routes
internal -90
external -170 -d EX
summary -5
You can have two default static route one with local interface name and other with next hop IP for same destination.
To get the IP address of neighbor use show CDP neighbor detail.
reliable eigrp packets
update , query and reply
unreliable eigrp packets
hello
physically up -logically down
-missing clock rate
-lack of LMI (frame-relay)
-mismatch encap type.
two ways to configure IP nat pool are
-prefix-length
-netmask
clear counters serial 0 is used to clear the errors in serial interface.
Assign and renew IP address from the default pool
configure IP address parameters from DHCP server to host.
one to nearest address in IPv6 is called anycast.
Devices like flash memory and tftp server can be configure as a source for a IOS image in a the boot system command.
RIPv2 does not support equal cost path.
IPV6:
a single interface may be assigned multiple IPv6 address of any type.
every IPv6 interface contains at least one loopback address.
In IPv6 broadcast is replaced by multicast.
Three basic parameters to configure on a wireless access point?
-SSID
-RF channel
-authentication method
The two main reasons network administrator would use cdp are:
-to verify L2 connectivity between two devices when L3 fails.
-to obtain the IP address of a connected device in order to telnet ot the device.
OSPF features:
-It supports VLSM
-It confines network instability to one area of the network
-It allows extensive control of the routing updates.
WAN connectivity methods:
-ppp
-hdlc
-atm
Ethernet fiber-optic modes that support distance of greater than 550m are
-1000BASE-LX
-1000BASE-ZX
Wireless Encryption - WEP, WPA, and WPA2.
WEP uses RC4 stream encryption, for a fresh key stream for each packet.
WPA
It is an interim solution that is used now until 802.11i comes out.
It still using RC4, but the Key was changed to TKIP.
WAN opeates at L2 and L3 of an OSI model.
The cdp run command is used to enable CDP globally on the router.
To enable cdp on an interface , use the cdp enable command
Valid modes for a switch port used as a VLAN trunk are:
-auto
-on
-desirable
Two characteristics of FR point-to-point subinterfaces
-They require a unique subnet within a routing domain.
-they emulate lease line.
ospf provides common view of entire topology.
The application layer is responsible for identifying and establishing the availability of the intended communication partner.
Cisco 1841 (revision 5.0) with 114688K/16384K bytes of memory.
means total ram size is 128MB
63488K bytes of ATA CompactFlash (Read/Write) ie 63Mb of flash memory.
write erase will erase nvram content
by default telnet connections are disabled in router.
to allow these connections, use commands in vty lines .
Router(config)#line con 0
Router(config-line)#logging synchronous
Router(config-line)#exec-timeout 0 0
Router(config-line)#exit
Router(config)#line vty 0 4
Router(config-line)#login
Router(config-line)#password vegas
for the incoming telnet session
Router(config-line)#privilege level 15(highest level is 15).
Telnet allows the use of a password that's configured directly ont he VTY lines, but ssh does not.
To use SSH, we'll have to use one of the following authentication
methods:
-a local database on the router.
-authentication via AAA, enabled with a new model
When using a local database for SSH , the first step is to configure login local on the vty lines, rather than the login command we used for the telnet configuration. Remove any passwords from the vty lines as well. The login local tells the switch to look to a database on the local device for a vlaid username/password combinations.
r1(config)#line vty 0 4
R1(config-line)#login local
R1(config-line)#transport input ssh
moreover ssh configuration requires the following where telnet does not.
-A domain name must be specified with the ip domain-name command
-A crypto key must be created with the crypto key generate rsa command.
R1(config)#ip domain-name lekhaknawraj.blogspot.com
R1(config)#crypto key generate rsa
The two features did WPA add to address the inherent weakness found in WEP.
-key mixing using temporal keys
-per frame sequence counters
`EIGRP successor routes:
-a successor route is used by EIGRP to forward traffic to a destination
-a successor route may be backed up by a feasible successor route.
QOS:
it is a network security mechanism, which is used to resolve the network delay problem. This mechanism is essential to multimedia application. When the network is overloaded , Qos will prevent a possible delay in the important data transmission and ensure the efficient operation of the n/w.
process identifier that is used to run OSPF on a router
-it is locally significant
-it is needed to identify a unique instance of a ospf database.
when troubleshooting a frame-relay connection , the first step used to perform a loopback test is :
-set the encapsulation of the interface to HDLC
The default priority of an interface of an ospf segemnt is 1.
In RIPv1 send is 1 and receive is 1
In RIPv2 send is 1 and rx is 1 and 2 and which is the default too.
Bridge priority must be in the increment of 4096
ie 0-4096-8192-12288
STP convergence in 50 sec , RSTP in 2 sec
compress ipv6 address
-use double colon (only once per address)
-replaces leading double zeros
Eigrp:
-uses ip protocol 88
-uses feasible successor to determine alternative ports
-feasible successor a backup route based on topology table.
IPv6:
leading zeros can be omitted
eg ::192:168:0:1
one or any number of consecutive groups of 0 value may be replaced with two colons eg 2002:c0a8:101::42
VTP:
vtp simplifies switch administration by allowing switches to automatically share vlan configuration information.
vtp helps to limit configuration errors by keeping vlan naming consistent across the vtp domain.
The largest configuration file that can be stored on router is the bytes of NVRAM present.
The commands like
-terminal monitor
-logging host ip-address
are used to send logs to a remote address.
show file systems is used to get the nvram and flash memory size.
"transmit input all" is necessary to permit ssh and telnet access to a catalyst.
EIGRP:
the AD of the feasible successor must be smaller than the FD of a successor.
The additional configuration step that is necessary in order to connect to an access point that has SSID broadcasting disabled is :
-set the SSID value on the client to the SSID configured on the AP.
The way to create EUI-64 format interface ID from a 48-bit MAC address is :
-by inserting 0xFFFE between the upper three bytes and the lower three bytes of the MAC address.
The valid reason for a switch to deny port access to new devices when port security is enabled is:
-the denied mac address are statically configured on the port.
If the rip route is marked as invalid, the time that will elapse before that route is removed from the routing table is 240sec.
The command to display the CHAP authentication process is: debug PPP authentication.
DHCP:
if an address conflict is detected, the address is removed from the pool for an amount of time configurable by the administrator.
The Three ipv6 transition mechanism are :
-6to4 tunneling
-ISATAP tunneling
-Teredo tunneling
The results of executing following commands is :
switch(config-if)# switchport port-security
switchport port-security mac-adddress sticky
-a dynamically learned mac address is saved in a running -configuration mode.
The following points need to be taken care prior to backing up an IOS image to tftp server:
-make sure that the server can be reached across the network
-assure that the network server has adequate space for the IOS image.
-verify file naming and path requirements
Compare to dynamic routes static routes have following advantages.
-control
-easy configuration
-less WAN bandwidth
The output of the show frame-realy pvc command shows "PVC STATUS=INACTIVE". What does that mean?
- the pvc is configured correctly on the local switch, but there is a problem on the remote end of the PVC.
When the frame first enters a port switch first looks for a source mac address.
The valid port security mode that can result ina err-disabled port is a shutdown.
The following ospf adjacency states are unique to an NBMA network:
-attempt
In case of eigrp, following things should match between potential neighbors
-AS number
-metric weights.
The default port security mode is operational
Three port security modes in switches are :
shutdown which is default
restrict
protect
whenever switch port goes into err-disabled state , to resolve this we need to reopen it.
The following command will allow u to see only the non-static l2 address that a cisco switch learned
-show mac-address-table dynamic
EIGRP(Enhanced Interior Gateway routing protocol):
internal AD = 90
external AD = 170 in case of route redistribution .
summary 5
Router(config)#line vty 0 4
Router(config-line)#password lekhak
Router(config-line)#login
Router(config-line)#privilege level 15
This configuration will allow an incoming telnet user directly into enable mode(privilege exec mode) upon successfully entering the password configured on the vty lines.
regular ping will work in both enable and privilege mode but extended ping will work only in privilege mode .extended ping is used for the following reasons
-set a multicast bit stream
-set datagrams, timeout ...
The minimum administrative distance of a floating static route that should "float" and only be used in case the matching RIP route is lost is : 121
The default static route is indicated by S and *
Some commands:
S1#show interface trunk
S1#show vtp status
R1#show frame map
R1# show controller s1
debug ppp negotiation
clear ip route
ospf neighbor adjacency states
down
attempt == only in NBMA
init
2 way
exstart
exchange
loading
full
command for eigrp summary
int e0
ip summary-sddress eigrp 100 ip mask
default variance value in case of eigrp is 1
wildcard mask is optional in case of eigrp
Bandwidth and delay are default metric in case of eigrp.
Difference between below two commands
1. default-information originate
use to advertise the default route in case of ospf for this one default route should be there in the routing table
2.default-information originate always
this will always advertise the default route irrespective of any condition.
If a port is in trunking state, we r not going to see it in a show vlan brief since those ports are parts of all vlan
unknown unicast frame means switch does not have an entry of its destination addressin mac table ie it does not know through which port to forward that add to the des.
In a multilayer switch ..switching is enabled by default but not routing.
Two switches are connected via three cables. of six ports, how many are in forwarding for default vlan.
--forwarding mode --4
-block --2
For point to point n/w it is shown as - in show ip ospf neighbor instead of DR and BDR. In point to point no need to have DR /BDR
for point to multipoint also we don't have DR election
only multicast and broadcast will have DR .
Eigrp "successor route" is found in two places :
topolgy table and route table but
eigrp feasible successor route is found only in topology table.
route learned through redistribution is indicated by D EX
In frame relay map command we use remote device interface ip address and local dlci
channel-group is a command which is used to create an ether-channel
ether channel will help to bundles the channel so that bw can be increased and cost will be less. cost for port channel is 12.
if we have three ports inside an etherchannel on a given cisco switch and if one port goes down then the EC port cost will rise and trunk won't goes down.
The following requires a cisco router reload or other kind of reset for the change or command to take place
-changing the ospf router id
-changing the configuration register
Response Meaning
* Timed out
!H router received packet but did not forward it
N network unreachable
P protocol unreachable
U port unreachable
! Each exclamation point indicates receipt of a successful reply
. Each period indicates the network server timed out while waiting for a reply
U A destination unreachable error PDU was received
Q Source quench (destination is too busy)
M Could not fragment
? Unknown packet type
& Packet lifetime exceeded
All cisco routers are classful by default. U need to configure ip classless command
Config reg 2100 rom monitor mode
Config reg 2101 tells the router boot from rom
Config reg 2102 specifies a default boot file name and tells the router to look in NVRAM for boot sequence.
Config reg 2142 tells the router to not to load the startup-config in NVRAM to provide password recovery.
Keyboard Shortcut Action
Up Arrow Displays your previous commands. (command history)
TAB Key Completes a partially typed CLI commands.
CTRL+Z Takes you back to Privileged EXEC Mode.
CTRL+A Places the cursor at the beginning of a line.
CTRL+E Places the cursor at the end of a line.
CTRL+R Redisplays the current command line.
CTRL+W Erases a word (behind the cursor).
CTRL+U Erases an entire line.
session layer is considered as a manager of an end-to-end session.
standard access-list = 1-99 and 1300-1999
extended access-list = 100-199 and 2000-2699
authentication runs at application layer and encryption runs at the presentation layer
port-based security use source mac address to allow or deny access to a switch port.
The default port-based security mode is shut down.
Three different types of eigrp routes
internal -90
external -170 -d EX
summary -5
You can have two default static route one with local interface name and other with next hop IP for same destination.
To get the IP address of neighbor use show CDP neighbor detail.
reliable eigrp packets
update , query and reply
unreliable eigrp packets
hello
physically up -logically down
-missing clock rate
-lack of LMI (frame-relay)
-mismatch encap type.
two ways to configure IP nat pool are
-prefix-length
-netmask
clear counters serial 0 is used to clear the errors in serial interface.
No comments:
Post a Comment