H.

NAT

1. NAT (Network Address Translation) can be broadly classified as below:

1. Static NAT: Static NAT maps an unregistered IP address to registered IP (globally

unique) addresses on one-to-one basis.
The command used for this purpose is: ip nat inside source static <local-ip> <global-ip>,
where, <local-ip> is the local IP address assigned to a host on the inside network.
<global-ip> is the globally unique IP address of an inside host as it appears to the outside
world.
2. Dynamic NAT: Maps an unregistered IP address to a registered (globally unique) IP
address from a group of registered (globally unique) IP addresses.
3. Overloading - A special case of dynamic NAT that maps multiple unregistered IP
addresses to a single registered (globally unique) IP address by using different port
numbers. Dynamic NAT with overloading is also known also as PAT (Port Address
Translation).
4. Overlapping - This occurs when your internal IP addresses belong to global IP address
range that belong to another network. In such case, the internal IP addresses need to be
hidden from the outside network to prevent duplication. NAT overlapping allows the use
of internal global addresses by mapping them to globally unique IP addresses using static
or dynamic NAT.

2. 1. NAT allows several hosts be connected to Internet by using fewer globally unique
IP addresses. This in turn results in conserving the scarce public IP addresses. The terms
public / global is used in the sense that the IP addresses are globally unique and officially
registered.
2. NAT supports load sharing on inside machines. The inside machines are accessed in a
round robin fashion, thus sharing load.
3. NAT offers some degree of security since IP addresses are not easily traceable. This is
because, the actual host IP that is accessing the Internet is translated into outside IP
address and vice versa. Thus, NAT offers protection against hacking.
4. One disadvantage of NAT is that it increases delay. This is obvious since address
translation is involved.
5. Another disadvantage of NAT is that, when an application uses physical IP address, it
may not function properly. This is because the physical IP address is changed by NAT.

3. When you are configuring NAT, NAT should be enabled on at least one inside and one
outside interface. The command for enabling NAT on inside interface is:
R(config-if)#ip nat inside
The command for enabling NAT on the outside interface is:
R(config-if)#ip nat outside
Remember to enter into appropriate configuration modes before entering the commands.
Usually, the inside NAT will be configured on an Ethernet interface, whereas the outside
NAT is configured on a serial interface.

The command, ip nat inside source static <local ip> <global ip>configures address
translation for static NAT.
The command, ip nat inside source list <access-list-number> pool <name>
is used to map the access-list to the IP NAT pool during the configuration of Dynamic
NAT.

4. The following command configures a static NAT translation by mapping inside local
address to the inside global address.
ip nat inside source static 192.168.0.100 88.248.153.137
Here, 192.168.0.100 is the inside local address, and 88.248.153.137 is the inside global
address. A packet’s source address 192.168.0.100 is changed to 88.248.153.137 by the
NAT device.

5. Enable dynamic NAT on an interface include the following:

1. Defining a standard IP access-list using the command:

access-list <access-list-number> {permit | deny} <local-ip-address>
2. Defining an IP NAT pool for the inside network using the command:
ip nat pool <pool-name> <start-ip> <end-ip> {netmask <net-mask> | prefix-length
<prefix-length>} [type-rotary]
Note that type-rotary is optional command. It indicates that the IP address range in the
address pool identifies hosts among which TCP load is distributed.
3. Mapping the access-list to the IP NAT pool by using the command:
ip nat inside source list <access-list-number> pool <pool-name>
4. Enabling NAT on at least one inside and one outside interface using the command:
ip nat {inside | outside}

6. The syntax for enabling dynamic NAT to translate many inside hosts to an inside
global IP address is:
ip nat inside source list <access-list-number> pool <pool-name> overload
where <access-list-number> is the standard access list number, and <pool-name> is the
pool name.
Note that the option 'overload' specifies many to one relationship.
This configuration is typically used when many hosts with private IP addresses need to
access Internet through a specified globally unique IP address.

7. The following two statements are true about dynamic NAT translations:

1. The inside IP addresses eligible for address translation are defined in a standard IP
access-list.
2. Only packets moving between inside and outside networks will get translated. This is
true even for static NAT. If a packet is destined for another host, but does not require to
cross the NAT boundary, the packet source /destination addresses are not translated. This
is understandable, since the packet is not crossing the inside network boundary.

E. Routing Protocols

1. Classful routing protocols: RIP v1, IGRP are examples of classful routing protocols. It
is important to know that classful routing protocols do not exchange subnet information
during routing information exchanges. The summarization is always done automatically
at major network boundaries.

Classless routing protocols: RIP v2, EIGRP, OSPF, BGP v4, and IS-IS are examples of
classless routing protocols. In classless routing protocols, subnet information is
exchanged during routing updates. This results in more efficient utilization of IP
addresses. The summarization in classless networks is manually controlled.
Maximum hop count supported by RIP is 15.

2. Routed and Routing Protocols: Routing protocols job is to maintain routing tables and
route packets appropriately. Examples of routing protocols are RIP, IGRP, EIGRP,
OSPF. Routers can support multiple independent routing protocols and can update and
maintain routing tables for each protocol independently.
Routed protocols are used to transport user traffic from source node to destination node.
Examples of routed protocols are IP, IPX, and AppleTalk.

3. There are broadly three types of routing protocols:

1. Distance Vector (Number of hops) - Distance vector routing determines the direction
(vector) and distance to any link in the internetwork. Typically, the smaller the metric,
the better the path. EX: Examples of distance vector protocols are RIP and IGRP.
Distance vector routing is useful for smaller networks. The limitation is that any route
which is greater than 15 hops is considered unreachable. Distance vector protocols listen
to second hand information to learn routing tables whereas, Link state protocols build
routing tables from first hand information. Routers with distance vector protocols send its
entire routing table to each of its adjacent neighbors.

2. Link State Routing: Link State algorithms are also known as Shortest Path First (SPF)
algorithms. SPF generates the exact topology of the entire network for route computation,
by listening to the first hand information. Link State protocols take bandwidth into
account using a cost metric. Link State protocols only send updates when a change
occurs, which makes them more efficient for larger networks. Bandwidth and delay are
the most widely used metrics when using Link-State protocols. EX: OSPF and NLSP.

Benefits of Link State protocols:

1. Allows for a larger scalable network

2. Reduces convergence time
3. Allows “supernetting”
The metric limit for link-state protocols is 65,533

3. Balanced Hybrid - Balanced Hybrid combines some aspects of Link State and Distance
Vector routing protocols. Balanced Hybrid uses distance vectors with more accurate
metrics to determine the best paths to destination networks. Ex: EIGRP
4. Distance vector protocol depends only on Hop count to determine the nearest next hop
for forwarding a packet. One obvious disadvantage is that, if you have a destination
connected through two hops via T1 lines, and if the same destination is also connected
through a single hop through a 64KBPS line, RIP assumes that the link through 64KBPS
is the best path!

5. RIP (and IGRP) always summarizes routing information by major network numbers.
This is called classful routing.

6. RIP, RIP2, and IGRP use distance vector algorithms.

RIP2 transmits the subnet mask with each route. This feature allows VLSM (Variable
Length Subnet Masks) by passing the mask along with each route so that the subnet is
exactly defined.

7. IP RIP based networks send the complete routing table during update. The default
update interval is 30 seconds. IGRP update packet is sent every 90 seconds by default.

8. Default administrative distances some important routing protocols are as below:

Route Source Default Distance
Directly connect Interface 0
Static Route 1
IGRP 100
RIP 120
Unknown 255
An administrative distance of 0 represents highest trustworthiness of the route.
An administrative distance of 255 represents the lowest trustworthiness of the route.

9. The port numbers used by different programs are as below:

I. FTP: Port #21
II. Telnet: Port #23
III. SMTP: Port #25
IV. SNMP: Port #161
It is important to know that FTP, Telnet, SMTP uses TCP; whereas TFTP, SNMP use
UDP.

10. Address Resolution Protocol (ARP) is used to resolve or map a known IP address to a
MAC sub layer address to allow communication on a multi-access medium such as
Ethernet. Reverse ARP (RARP) is used to obtain an IP address using an RARP broadcast.
RARP can be used to boot diskless workstations over a network.

i. EIGRP1

Some of the important terms used in Enhanced IGRP are:

1. Successor: A route (or routes) selected as the primary route(s) used to transport packets
to reach destination. Note that successor entries are kept in the routing table of the router.
2. Feasible successor: A route (or routes) selected as backup route(s) used to transport
packets to reach destination. Note that feasible successor entries are kept in the topology
table of a router. There can be up to 6 (six) feasible successors for IOS version 11.0 or
later. The default is 4 feasible successors.
3. DUAL (Diffusing Update Algorithm): Enhanced IGRP uses DUAL algorithm to
calculate the best route to a destination.

2. Routing metrics used by IGRP:

Bandwidth, MTU, Reliability, Delay, and Load.

1. Bandwidth: This is represents the maximum throughput of a link.

2. MTU (Maximum Transmission Unit): This is the maximum message length that is
acceptable to all links on the path. The larger MTU means faster transmission of packets.
3. Reliability: This is a measurement of reliability of a network link. It is assigned by the
administrator or can be calculated by using protocol statistics.
4. Delay: This is affected by the band width and queuing delay.
5. Load: Load is based among many things, CPU usage, packets processed per sec.

3. For IGRP routing, you need to provide the AS (Autonomous System) number in the
command. Routers need AS number to exchange routing information. Routers belonging
to same AS exchange routing information. OSPF, and IGRP use AS numbers.

ii. OSPF

1. OSPF is a link state technology that uses Dijkstra algorithm to compute routing
information. It has the following advantages over Distance Vector protocols such as RIP:

1. Faster convergence: OSPF network converges faster because routing changes are
flooded immediately and computer in parallel.

2. Support for VLSM: OSPF supports VLSM. However, please note that RIP version2
also supports VLSM.

3. Network Reachability: RIP networks are limited to 15 hops. Therefore, networks with
more than 15 hops can not be reached by RIP by normal means. On the other hand, OSPF
has practically no reachability limitation.

4. Metric: RIP uses only hop count for making routing decisions. This may lead to severe
problems in some cases, for example, that a route is nearer but is very slow compared to
another route with plenty of bandwidth available. OSPF uses "cost" metric to choose best
path. Cisco uses "bandwidth" as metric to choose best route.

5. Efficiency: RIP uses routing updates every 30 seconds. OSPF multicasts link-state
updates and sends the updates only when there is a change in the network.
2. An OSPF area is a collection of networks and routers that have the same area
identification.OSPF process identifier is locally significant. Two neighboring router
interfaces can have same or different process ids. It is required to identify a unique
instance of OSPF database.

3. OSPF keeps up to six equal-cost route entries in the routing table for load
balancing.Further, OSPF uses Dijkstra algorithm to calculate lowest cost route. The
algorithm adds up the total costs between the local router and each destination network.
The lowest cost route is always preferred when there are multiple paths to a given
destination.

4. OSPF determines the router ID using the following criteria:

1. Use the address configured by the ospf router-id command

2. Use the highest numbered IP address of a loopback interface

3. Use the highest IP address of any physical interface

4. If no interface exists, set the router-ID to 0.0.0.0

If no OSPF router ID is explicitly configured, OSPF computes the router-ID based on the
items 2, 3, and 4 and restarts OSPF (if the process is enabled and router-ID has changed).

5. When two or more routers are contending to be a DR (designated Router) on a

network segment, the router with the highest OSPF priority will become the DR for that
segment. The same process is repeated for the BDR. In case of a tie, the router with the
highest RID will win. The default for the interface OSPF priority is one. Remember that
the DR and BDR concepts are per multiaccess segment. Setting the ospf priority on an
interface is performed using the ip ospf priority <value> interface command.A priority
value of zero indicates an interface which is not to be elected as DR or BDR. The state of
the interface with priority zero will be DROTHER

I. Switching

1. Switches forward packets based on the physical address (such as MAC address)
whereas, routers forward packets based on logical address (such as IP address). A frame’s
IP address doesn’t change when being forwarded through a switch.

2. The MAC address table of a switch would be empty to begin with. However, it builds
the MAC table learning from the frames that arrive at its ports by adding the MAC
address and the corresponding port that it had arrived to the MAC table.

3. Cisco switches can be managed out-of-band or In-band. Examples of Out-of-band

management are:
1. Console 0
2. Auxiliary 0
Examples of in-band management are:
1. TFTP servers
2. Network management software like CiscoWorks,
3. Virtual terminal (vty) ports.

4. The “show version” command on a Catalyst switch displays

a. The current version of IOS running in a switch
b. Available hardware, RAM, Flash memory,
c. Switch uptime
d. Configuration register’s content
e. Reason for the last reload etc.

5. Port security enables securing switch ports as required. Typical configuration

commands for enabling port security are given below:
Switch#config t
Switch(config)#int fa0/1
Switch(config-if)#switchport port-security
By default, the port is locked to the first MAC address that it learns via the port. You can
also manually associate a specific MAC address to a given port by issuing the command:
switchport port-security mac-address {MAC address} in the interface configuration
mode.

6. Cisco Visual Switch Manager (CVSM) is software that allows access to Cisco switches
over the internet using a web browser, such as Internet Explorer or Netscape Navigator.
You can monitor and configure the CVSM compatible switches over the network
(remotely). The requirement is that the IP address, gateway and CVSM must be
configured on the switch, so that it is accessible over the network using a web browser.

7. The command "no switchport" enables a switch port for layer 3 operation. On the other
hand, the command "switchport" enables a switch port for layer 2 operation.

8. To associate a switch with a management VLAN, you need to assign an IP address to

the switch. The subnet portion of the switch IP address must match the subnet number of
the management VLAN. Note that switches can maintain an IP stack, which enables us to
manage the switches either locally, as well as remotely by Telnet.

9. The options available with switchport port security are:

1. Switchport port-security maximum {max # of MAC addresses allowed}: You can use
this option to allow more than the default number of MAC addresses, which is one. For
example, if you had a 12-port hub connected to this switch port, you would want to allow
12 MAC addresses, one for each device.
2. Switchport port-security violation {shutdown | restrict | protect}: This command tells
the switch what to do when the number of MAC addresses on the port has exceeded the
maximum. The default is to shut down the port. However, you can also choose to alert
the network administrator (i.e., restrict) or only allow traffic from the secure port and
drop packets from other MAC addresses (i.e., protect).
3. Switchport port-security mac-address {MAC address}: You can use this option to
manually define the MAC address allowed for this port rather than letting the port
dynamically determine the MAC address.

10. To telnet to a switch, the following are required:

1. Assignment of ip address and subnetmask to the management vlan,

2. Assignment of default gateway IP address.

The following are the typical steps in preparing a switch for telnet access:
Switch(config)#interface vlan <vlan-id>
Switch(config-if)#ip address <ip-address> <subnet-mask>
Switch(config-if)#ip default-gateway <ip-address>
Switch(config-if)#no shutdown

11. The command syntax for assigning a management domain for a switch is:
Switch# vtp domain <domain-name>
For example, if the domain name is newyork, the command is:
Switch# vtp domain newyork
You need to create a domain while configuring the first switch in a switch network. For
subsequent switches, you only need to join the existing domain. The password is required
if the domain need to be secured by a password. The command allows you to create a
new domain (in case the first switch is being configured) or to join an existing domain
(one or more switches have already been assigned a domain).

12. The enable a switch port for layer 2 functionality use the following commands:
1. switch(config)#interface <type> <mod>/<num>
2. switch(config-if)#switchport

The first command enters interface configuration mode for the switch interface
<mod>/<num>, and the second command enables layer 2 functionality on the port.
Use the “no” form of the switchport command to enable layer3 functionality.

13. Switching methods:

1. Store-and-Forward switching: Here the LAN switch copies the entire frame into its
buffers and computes the CRC. The frame is discarded if there are any CRC errors. Giant
(more than 1518 bytes0 and Runt (less than 64 bytes) frames are also dropped, if found.
2. Cut-Through (Real-Time) switching: Here, the LAN switch copies only the destination
address into its buffers. It immediately looks up the switching table and starts forwarding
the frame. The latency is very less because, the frame is forwarded as soon as the
destination address is resolved.
3. Fragment-Free switching: Here, the switch waits for the collision window before
forwarding the entire frame. The collision window is 64 bytes long.
i. Spanning Tree Protocol

1. Spanning Tree Protocol (STP) IEEE Specification 802.1d is used to prevent routing
loops. In Cisco Catalyst 5000 series switches, use BDPUs (Bridge Protocol Data Units)
to determine the spanning tree topology. STP uses a Tree Algorithm (STA) to prevent
loops, resulting in a stable network topology.

2. Following are the possible solutions for preventing routing loops.

1. Split Horizon - based on the principle that it is not useful to send the information about
a route back in the direction from which the information originally came.
2. Poison Reverse - A router that discovers an inaccessible route sets a table entry
consistent state (infinite metric) while the network converges.
3. Hold-down Timers - Hold down timers prevent regular update messages from
reinstating a route that has gone bad. Here, if a route fails, the router waits a certain
amount of time before accepting any other routing information about that route.
4. Triggered Updates - Normally, new routing tables are sent to neighboring routers at
regular intervals (IP RIP every 30 sec / and IPX RIP every 60 sec). A triggered update is
an update sent immediately in response to some change in the routing table. Triggered
updates along with Hold-down timers can be used effectively to counter routing loops.

3. Spanning Tree Protocol (STP) is enabled on every port on Cisco switches, by default.
It is preferred to leave it enabled, so that bridging loops don't occur. STP can be disabled
selectively on any specific port by issuing the command:
Switch (enable) set spantree disable <mod-number>/<port-number>.
Ex: Switch (enable) set spantree disable 2/4
The above command disables STP on port 4 of module 2.

4. All switches participating in STP exchange information with other switches in the
network through messages, known as, Bridge Protocol Data Units (BDPUs). BDPUs are
sent out at a frequency of 2 seconds on every port.

5. Internally, STP assigns to each bridge (or switch) port a specific role. The port role
defines the behavior of the port from the STP point of view. Based on the port role, the
port either sends or receives STP BPDUs and forwards or blocks the data traffic. The
different port roles are given below:

1. Designated: One designated port is elected per link (segment). The designated port is
the port closest to the root bridge. This port sends BPDUs on the link (segment) and
forwards traffic towards the root bridge. In an STP converged network, each designated
port is in the STP forwarding state. The switch with the lowest cost to reach the root,
among all switches connected to a segment, becomes a DP (Designated Port) on that
switch. If the cost is tied (that is two or more switches have the same cost), the switch
with the lowest bridge ID will have the DP (the switch on which DP is elected is called
Designated Switch or Designated Bridge). Bridge ID: Priority + MAC address
2. Root: A bridge can have only one root port. The root port is the port that leads to the
root bridge. In an STP converged network, the root port is in the STP forwarding state.
All bridges except the root bridge will have a root port.
3. Alternate: Alternate ports lead to the root bridge, but are not root ports. The alternate
ports maintain the STP blocking state.
4. Backup: This is a special case when two or more ports of the same bridge (switch) are
connected together, directly or through shared media. In this case, one port is designated,
and the remaining ports block. The role for this port is backup.

6. A switch, participating in Spanning-Tree protocol, passes through the following states:

1. Blocked state: This is the initial state. All ports are put in a blocked state to prevent
bridging loops.
2. Listen state: This is the second state of switch ports. Here all the ports are put in listen
mode. The port can listen to frames but can't send. The period of time that a switch takes
to listen is set by "fwd delay".
3. Learn state: Learn state comes after Listen state. The only difference is that the port
can add information that it has learned to its address table. The period of time that a
switch takes to learn is set by "fwd delay".
4. Forward state: A port can send and receive data in this state. Before placing a port in
forwarding state, Spanning-Tree Protocol ensures that there are no redundant paths or
loops.
5. Disabled state: This is the state when the switch port is disabled. A switch port may be
disabled due to administrative reasons or due to switch specific problems.

7. During the process of Spanning-Tree Protocol execution, Root switch (say, switch A)
is elected first. Next, the switch closest to the root switch is selected. This switch is
known as Designated switch or Parent switch (say switch B). The frames are forwarded
to the root switch(A) through the designated switch(B). Now the lowest cost port on a
switch (say switch C) is selected. This is known as the Root port. A Root Port is the port
on a switch that has the lowest cost path to the Root Bridge. All Non-Root Switches will
have one Root Port. Here, switch B is the designated switch for switch C and switch A is
known as the root switch for switch C. Note that switch C is connected to the root switch
(A) through its designated switch (B).

8. During the process of Spanning-Tree Algorithm execution, some redundant ports need
to be blocked. This is required to avoid bridging loops. To choose which port to use for
forwarding frames, and which port to block, the following three components are used by
the Spanning-Tree Protocol:

1. Path Cost: The port with lowest path cost is placed in the forwarding mode. Other ports
are placed in blocking mode.
2. Bridge ID: If the path costs are equal, then the bridge ID is used to determine which
port should forward. The port with the lowest Bridge ID is elected to forward, and all
other ports are blocked.
3. Port ID: If the path cost and bridge ID are equal, the Port ID is used to elect the
forwarding port. The lowest port ID is chosen to forward. This type of situation may arise
when there are parallel links, used for redundancy.
9. When a bridge starts up, the bridge ID is set as root ID. That is, it considers itself as the
root bridge. However, while exchanging BDPUs, if it comes across a BDPU that has a
bridge ID lower than its own, then the bridge corresponding to the BDPU is considered as
root bridge, and this information is propagated. The bridge ID consists of the following:

1. 2-byte priority: The default value on Cisco switches is 0X8000 (32,768), lower the
priority, higher the chances of becoming a root bridge.
2. MAC address: The 6 byte MAC address of the bridge. Lower the MAC address, higher
the chances of becoming a root bridge.
Note that, the bridge (or switch) with lowest value of 2-byte priority will become the root
bridge. If the priority value is same, then the bridge with lowest value of 6-byte MAC
address will become the root bridge.

10. The command "show spantree" includes information about the following:
1. VLAN number
2. Root bridge priority, MAC address
3. Bridge timers (Max Age, Hello Time, Forward Delay)

ii. VLANS

1. The following are the advantages of LAN segmentation using VLANs:

1. Segmentation of broadcast domains using VLANs result in creation of more bandwidth

per user.
2. Security is provided by isolating users corresponding to different VLANs. Users
belonging to one VLAN will not receive frames mean for some other VLAN.
3. LAN segmentation using VLANs can be done based on job function rather than
physical location, if required.

2. VLANs are typically configured on switch ports. However, note that a router is
required to switch traffic between VLANs. A switch identifies the VLAN associated with
a given frame and forwards the frame to associated ports. Separate VLANs for voice and
data traffic improves the privacy and reliability of voice communication.

F. Routed protocol - Frame-Relay

1. The following are true about Frame Relay:

1. Frame Relay is purely, a Layer 2 standard.

2. Frame Relay DLCIs have local significance.
3. Cisco supports three types of LMIs (Link Management Interface): cisco, ansi, and
q933a
4. Cisco supports two types of Frame Relay encapsulation: cisco, and ietf. When you are
connecting a Cisco router with a non-Cisco router, use ietf as the encapsulation method.

2. Frame Relay supports two types of virtual circuits (VCs):

1. Permanent Virtual Circuits (PVCs): these are permanently established connections that
are used for frequent and consistent data transfers between DTEs across a Frame Relay
cloud.
2. Switched Virtual Circuits (SVCs): these are temporary connections used in situations
requiring only occasional data transfers between DTEs across Frame Relay cloud.
The terms "Call Setup", "Data Transfer", "Idle", and "Call Termination" are associated
with SVCs. Frame Relay SVCs are not widely supported by manufacturers.

3. Frame-Relay support point-point and multipoint connection types. In point-to-point

connection type, a single sub interface establishes a PVC connection to another physical
interface or sub-interface. In multipoint connection type, a single sub-interface is used to
establish multiple PVC connections to several physical interfaces or sub-interfaces. In
multipoint Frame-Relay network, split horizon rule is applicable to broadcast traffic.
Another important thing to note when configuring Frame-Relay using sub-interfaces: The
physical interface on which sub-interfaces are configured would not be assigned any IP
address. Even if one is assigned, it should be removed prior to configuring Frame-Relay.
Note that if an IP address is assigned to a physical interface, the sub-interfaces defined
within the physical interface will not receive any frames.

4. When the sub-interfaces on a serial interface are to be configured for Frame Relay,
each sub interface needs to be assigned individual DLCI.
The following command assigns a dlci of 100 to any sub-interface:
R(config-if)#frame-relay interface-dlci 100
Note that prior to issuing the above command; issue the following command to get into
proper sub interface configuration mode:
R(config)#interface serial0.1 point-to-point

5. Given below are salient features of Frame Relay DLCIs:

1. DLCIs (Data Link Connection Identifier) have only local significance. It means, the
end devices over FR network can have different DLCI numbers.
2. DLCI number is provided by the FR service provider. DLCI number is mapped to
Layer 3 protocol address using 'frame-relay map' statement.
3. DLCI numbers must be unique on a router.

6. In Frame Relay NBMA networks, if no sub-interfaces are defined, then the routers will
not be able to communicate routing information due to split horizon rule.
Split horizon is a method of preventing a routing loop in a network. The basic principle is
simple: Information about the routing for a particular packet is never sent back in the
direction from which it was received.
To overcome the split horizon, sub-interfaces can be configured on NBMA networks. A
sub interface is a logical way of defining an interface. The same physical interface can be
split into multiple logical interfaces, with each sub interface being defined as point-to-
point.
 RIP (Routing Information Protocol)
RIP is a true distance vector routing protocol. It sends the complete routing table out to
all other active interfaces every 30 seconds. RIP uses Hop Count as it's only metric.
The maximum number of hops in a RIP network is 15, one hop is a directly connected
network, and 16 hops is an unreachable network.

RIP v1 uses only classful routing. RIP v2 uses classless routing.

RIP uses three different kinds of timers to regulate its performance:

Route Update timer sets the interval (30 seconds) between periodic routing updates in
which the routers sends a complete copy of its routing table out to all neighbors.

Route Invalid timer determines the length of time that must expire (90 seconds) before
a router determines that a route has become invalid.

Router Flush timer sets that time between a route becoming invalid and its remove
from the routing table (240 seconds).

RIP Configurations

RIP is very simple to configure. All you need to do is enable RIP and add each
network that uses RIP. However, RIPv2 has a few more possible commands; you can
use two of them: version and no auto-summary.

Because the router will by default use RIPv1, you must use the version command to
tell the router to use RIPv2. In addition, by default RIPv2 will summarize major
networks across boundaries. Use the no auto-summary command to stop
summarization.

RIPv1 Configuration Example

Router A (config)#router rip
Router A (config_router)#network 208.28.3.0
Router A (config_router)#network 192.38.56.0

Router B (config)#router rip

Router B (config-router)#network 134.80.0.0
Router B (config-router)#network 192.38.56.0
Router B (config-router)#network 192.38.57.0
Router B (config-router)#network 192.38.58.0

Router C (config)#router rip

Router C (config-router)#network 192.38.58.0
Router C (config-router)#network 208.28.1.0

Router D (config)#router rip

Router D (config-router)#network 192.38.57.0
Router D (config-router)#network 208.28.2.0

Monitoring and Verifying RIP

Command Description
Show ip protocols Shows the entire routing table
Show ip route Shows routing protocol parameters and current timer values
Debug ip rip Issues log message for each RIP update
Ping Sends and receive ICMP echo messages to verify
 connectivity
trace Sends a series of ICMP echoes with increasing TTL value

IGRP (Interior Gateway Routing Protocol)

The Interior Gateway Routing Protocol (IGRP) is a Cisco proprietary protocol. Like
RIP, IGRP is a distance-vector interior routing protocol. However, unlike RIP, IGRP
can be used in larger autonomous systems due to its large maximum hop-count limit of
255, compared to RIP's maximum hop count of 16.

IGRP uses bandwidth and delay of the line by default as metric for determining the
best route to an internetwork. This is called a composite metric. Reliability, load and
maximum transmission unit (MTU) can also be used, although they are not used by
default.

To control performance IGRP uses different kind of timers:

Update Timers specifies how frequently IGRP routing messages will be sent. The
default is 90 seconds.

Invalid Timer specifies how long a router should wait in the absence of a routing-
update message of a specific route before declaring it invalid. The default is three times
the Update timer, 270 seconds.

Holddown Timer specifies the holddown period. The default is three times the update
timer plus 10 seconds, 280 seconds.

Flush Timer indicates how much time should pass before an IGRP route is flushed
from the routing table. The default is seven times the routing update period, 630
seconds.

IGRP Configurations

Configuring IGRP is similar to configuring RIP in that after the router command you
must specify only directly connected (system routes) networks. The only difference is
in the command to enable the routing protocol. You must specify an AS number when
enabling IGRP. The AS number parameter specifies the autonomous system number
that is supported by this IGRP process and allows multiple IGRP processes to run on a
single router. The AS number can be between 1 and 65,655.

For example:
RTR(config)# router igrp 10
RTR(config-router)# network 200.40.0.0
RTR(config-router)# network 200.30.0.0

Monitoring and Verifying IGRP

Command Description
Show ip protocols Shows routing protocol parameters and current timer
values
Debug ip igrp transactions Issues log messages with details of the IGRP updates.
Debug ip igrp events Issues log messages for each igrp updates
Ping Sends and receive ICMP echo messages to verify
connectivity
trace Sends a series of ICMP echoes with increasing TTL
value
Show ip route Shows routing protocol parameters and current timer
values
Routing

Routing is the process of forwarding packets from one network to another. All the
information needed for a router to forward packets to a hop (router/relay device) can be
found in the router's routing table.

Static Routing

Static routing occurs when you manually add routes in each router's routing table. Static
routes are routes that are administratively configured in routers. They are typically used
when dynamic protocols are either unnecessary or unwanted.

Static routing has following benefits:

• There is no overhead on the routers CPU

• There is no bandwidth usage between routers, which mean u could possibly save
money on WAN links

Static routing has following disadvantages:

• The administrator must really understand the internetwork and how each router is
connected in order to configure routes properly
• If a network is added to internetwork, the administrator has to add a route to it on
all routers

Default Routing
Default routing useto send packets with a remote destination network not in the routing
table to the next-hop router. You can only use default routing on stub networks-those
with only one exit path out of the network.

Dynamic Routing

Dynamic routing is the process of using protocols to find and update routing tables on
routers and to maintain a loop-free, single path to each network. This is easier than using
static routing but it will cost u in terms of router CPU processes and bandwidth on the
network links.

There are two types of dynamic routing protocols used in internetwork.Interior Gateway
Protocols (IGP) and Exterior Gateway Protocols (EGP). IGP routing protocol are used to
exchange routing information with routers in the same autonomous system (AS). An AS
is a collection of network under a common administrative domain. EGP's are used to
communicate between ASes. BGP is an example of EGP.

Link State versus Distance Vector Routing Protocols

In determining the best route to a destination, different routing protocols use a number of
different measurements. These measurements are called metrics. Each routing protocol
uses one or more metric to calculate the best route to a particular destination. The most
common metrics include path length (hop count), reliability, delay, bandwidth, load, and
financial cost of a link.

Another major difference between routing protocols is how they handle updating each
other with current information. There are many methods of doing this. Given these major
differences, routing protocols are broken into two main categories: Distance Vector and
Link State.

Distance Vector protocols include RIP and IGRP. They send their entire routing tables
out in all directions at regularly scheduled intervals.

Link State protocols are more advanced than distance vector protocols because, unlike
distance vector, they do not send periodic routing updates. Link State protocols include
OSPF, NLSP, BGP, and IS-IS.

They send partial routing tables (of their own networks) to everyone and then send
updates when necessary.

Classful Versus Classless Routing

The basic definition of classful routing is that subnet mask information is not carried
within the routine, periodic routing updates. This means that every interface and host on
the network must use the same subnet mask. In other words, a classful routing protocol
abides strictly to the bit boundaries of the IP address classes. For example, the 10.0.0.0
network-a Class A network-cannot be advertised as anything Other than a route to
10.0.0.0, since the default network mask of a Class A network is 255.0.0.0. In other
words, VLSMs are effectively useless. This is because the routing update packet has no
field for subnet mask, so the default mask according to the class is assumed. Classful
routing protocols include RIP v1 and IGRP.

Classless routing protocols include the subnet mask information when an update is sent.
This allows different length subnet masks to be used on the network called Variable
Length Subnet Masks (VLSM).

Default Administrative Distances

Administrative distances are used to rate the trustworthiness of routing information

received on a router from a neighbor router. If a router learns of different types of routes
to the same destination (statically configured or advertised via a dynamic routing
protocol), it must select which route to include in its routing table. Typically, only one
route to a specific destination (same address and mask) is in a router's routing table. One
method of route "selection" is accomplished by comparing the administrative distance of
all the routes to the same destination. Administrative Distance is a value, which rates the
reliability of the source of the route. If the source that provides a route to a router is
considered to be less reliable-less trustworthy-it receives a higher administrative distance
value. The lowest administrative distance becomes the preferred route entered in the
routing table. Administrative distance values range from 0 to 255. If desired, the
administrator can configure administrative distances so that the default administrative
distance is not used.

Network Devices:
In a typical LAN, there are various types of network devices available as outlined below.

• Hub Repeat signals received on each port by broadcasting to all the other
connected ports.
• Repeaters Used to connect two or more Ethernet segments of any media type,
and to provide signal amplification for a segment to be extended. In a network
that uses repeater, all members are contending for transmission of data onto a
single network. We like to call this single network a collision domain. Effectively,
every user can only enjoy a percentage of the available bandwidth. Ethernet is
subject to the "5-4-3" rule regarding repeater placement, meaning we can only
have five segments connected using four repeaters with only three segments
capable of accommodating hosts.
• Bridge A layer 2 device used to connect different networks types or networks of
the same type. It maps the Ethernet addresses of the nodes residing on each
segment and allows only the necessary traffic to pass through the bridge. Packet
destined to the same segment is dropped. This "store-and-forward" mechanism
inspects the whole Ethernet packet before making a decision. Unfortunately, it
cannot filter out broadcast traffic. Also, it introduces a 20 to 30 percent latency
when processing the frame. Only 2 networks can be linked with a bridge.
 • Switch Can link up four, six, eight or even more networks. Cut-through switches
run faster because when a packet comes in, it forwards it right after looking at the
destination address only. A store-and-forward switch inspects the entire packet
before forwarding. Most switches cannot stop broadcast traffic. Switches are layer
2 devices.
• Routers Can filter out network traffic also. However, they filter based on the
protocol addresses defined in OSI layer 3(the network layer), not based on the
Ethernet packet addresses. Note that protocols must be routable in order to pass
through the routers. A router can determine the most efficient path for a packet to
take and send packets around failed segments.
• Brouter Has the best features of both routers and bridges in that it can be
configured to pass the unroutable protocols by imitating a bridge, while not
passing broadcast storms by acting as a router for other protocols.
• Gateway Often used as a connection to a mainframe or the internet. Gateways
enable communications between different protocols, data types and environments.
This is achieved via protocol conversion, whereby the gateway strips the protocol
stack off of the packet and adds the appropriate stack for the other side. Gateways
operate at all layers of the OSI model without making any forwarding decisions.

The goal of LAN segmentation is to effectively reduce traffic and collisions by

segmenting the network. In a LAN segmentation plan, we do not consider the use of
gateways and hubs at all and the focus turns to device such as switches and routers.

Bridging/Switching:
 Bridge - A layer 2 device used to connect different networks types or networks of the
same type. It maps the Ethernet addresses of the nodes residing on each segment and
allows only the necessary traffic to pass through the bridge. Packet destined to the same
segment is dropped. This "store-and-forward" mechanism inspects the whole Ethernet
packet before making a decision. Unfortunately, it cannot filter out broadcast traffic.
Also, it introduces a 20 to 30 percent latency when processing the frame. Only 2
networks can be linked with a bridge.
 Switch - Switches are layer 2 devices that can link up four, six, eight or even more
networks. Switches are the only devices that allow for microsegmentation. Cut-through
switches run faster because when a packet comes in, it forwards it right after looking at
the destination address only. A store-and-forward switch inspects the entire packet before
forwarding. Most switches cannot stop broadcast traffic. Switches are considered
dedicated data link device because they are close to a 100 % of the bandwidth. While
bridging does most of its work by hardware, switches use fabric/software to handle most
of its work.

Store-and-forward - The entire frame is received before any forwarding takes place.
The destination and/or the source addresses are read and filters are applied before the
frame is forwarded. Latency occurs while the frame is being received; the latency is
greater with larger frames because the entire frame takes longer to read. Error detection is
high because of the time available to the switch to check for errors while waiting for the
entire frame to be received. This method discards frames smaller than 64 bytes (runts)
and frames larger than 1518 bytes (giants).

Cut-Through - The switch reads the destination address before receiving the entire
frame. The frame is then forwarded before the entire frame arrives. This mode decreases
the latency of the transmission and has poor error detection. This method has two forms,
Fast-forward and fragment-free.

• Fast-forward switching - Fast-forward switching offers the lowest level of

latency by immediately forwarding a packet after receiving the destination
address. Because fast-forward switching does not check for errors, there may be
times when frames are relayed with errors. Although this occurs infrequently and
the destination network adapter discards the fault frame upon receipt. In networks
with high collision rates, this can negatively affect available bandwidth.
• Fragment Free Switching - Use the fragment-free option to reduce the number
of collisions frames forwarded with errors. In fast-forward mode, latency is
measured from the first bit received to the first bit transmitted, or first in, first out
(FIFO). Fragment-free switching filters out collision fragments, which are the
majority of packets errors, before forwarding begins. In a properly functioning
network, collision fragments must be smaller then 64 bytes. Anything greater than
64 byes is a valid packet and is usually received without error. Fragment-free
switching waits until the received packet has been determined not to be a collision
fragment before forwarding the packet. In fragment-free, latency is measured as
FIFO.

Spanning-Tree Protocol - Allows duplicate switched/bridged paths without incurring

the latency effects of loops in the network.

The Spanning-Tree Algorithm, implemented by the Spanning-Tree Protocol, prevents

loops by calculating stable spanning-tree network topology. When creating a fault-
tolerant network, a loop-free path must exist between all nodes in the network The
Spanning-Tree Algorithm is used to calculate a loop-free paths. Spanning-tree frames,
called bridge protocol data units (BPDUs), are sent and received by all switches in the
network at regular intervals and are used to determine the spanning-tree topology. A
switch uses Spanning-Tree Protocol on all Ethernet-and Fast Ethernet-based VLANs.
Spanning-tree protocol detects and breaks loops by placing some connections in standby
mode, which are activated in the event of an active connection failure. A separate
instance Spanning-Tree Protocol runs within each configured VLAN, ensuring
topologies, mainly Ethernet topologies that conform to industry standards throughout the
network. These modes are as follows:

• Blocking- NO frames forwarded, BPDUs heard.

• Listening – No frames forwarded, listening for frames
• Learning- No frames forwarded, learning addresses.
• Forwarding- Frames forwarded, learning addresses.
• Disabled- No frames forwarded, no BPDUs heard.
The state for each VLAN is initially set by the configuration and later modified by the
Spanning-Tree Protocol process. You can determine the status, cost and priority of ports
and VLANs, by using the show spantree command. After the port-to-VLAN state is set,
Spanning-Tree Protocol determines whether the port forwards or blocks frames.

VLANs:
A VLAN is a logical grouping of devices or users. These devices or users can be grouped
by function, department application and so on, regardless of their physical segment
location. VLAN configuration is done at the switch via switching fabric. A VLAN can be
used to reduce collisions by separating broadcast domains within the switch. In other
words, VLANs create separate broadcast domains in a switched network. Frame tagging
at layer 2 does this. Frame tagging is a gaining recognition as the standard for
implementing VLANs, and is recognized by IEEE 802.1q. Frame tagging uniquely
assigns a VLAN ID to each frame. This identifier is understood and examined by each
switch prior to any broadcasts or transmissions to other switches, routers, and end-
stations devices. When the frame exits the network backbone, the switch removes the
identifier before the frame is transmitted to the target end station. This effectively creates
an environment with fewer collisions. The key to this is that ports in a VLAN share
broadcasts, while ports not in that VLAN cannot share the broadcasts. Thus users in the
same physical location can be members of different VLANs. We can plug existing hubs
into a switch port and assign them a VLAN of their own to segregates users on the hubs.
Frame filtering examines particular information about each frame. A filtering table is
developed for each switch; this provides a high level of administrative control because it
can examine many attributes of each frame. Frame filtering is slowly being erased and
replaced by the frame tagging method.

VLANs can be complicated to set up. VLANs use layer 2 addressing, meaning that
routers are required between separate VLANs. The advantage of deploying layer 2
addresses is that layer 2 addressing is faster to process. It is also quite common for
administrators to set up multiple VLANs with multiple access lists to control access.
Layer 3 routing provides the ability for multiple VLANs to communicate with each other,
which means that users in different locations can reside on the same VLAN. This is a
flexible approach to network design.

VLANs are configured on the switch three ways, port centric, static and dynamically. In
port-centric VLANs, all the nodes connected to ports in the same VLAN are assigned the
same VLAN ID. Packets do not “leak” into other domains, and are easily administered
and provide great security between VLANs. Some say that static configured VLANs are
the same as port centric, because static VLANs use the port centric method for assigning
them to switch ports. Dynamic VLANs are ports on a switch that can automatically
determine their VLAN assignments. Dynamic VLAN functions are based on MAC
addresses, logical addressing, or protocol type of the data packets. When a station is
initially connected to an unassigned switch port, the appropriate switch checks the MAC
entry in the management database and dynamically configures the port with the
corresponding VLAN configuration. The major high points of this method are less
administration overhead, of course only after the first administration of the database
within the VLAN management software.
Creating and Maintaining VLANs
VLAN Considerations

Lan Protocols:
The following sections will introduce the core LAN protocols that you will need to know
for the exam.

TCP/IP:
Every IP address can be broken down into 2 parts, the Network ID(netid) and the Host
ID(hostid). All hosts on the same network must have the same netid. Each of these hosts
must have a hostid that is unique in relation to the netid. IP addresses are divided into 4
octets with each having a maximum value of 255. We view IP addresses in decimal
notation such as 124.35.62.181, but it is actually utilized as binary data so one must be
able to convert addresses back and forth.

The following table explains how to convert binary into decimal and visa versa:

Decimal Binary Explanation

128 10000000 When converting binary data to
64 01000000 decimal, a "0" is equal to 0. "1"
32 00100000 is equal to the number that
16 00010000 corresponds to the field it is in.
For example, the number 213
8 00001000
would be 11010101 in binary
4 00000100
notation. This is calculated as
2 00000010 follows:
128+64+0+16+0+4+0+1=213.
Remember that this only
represents 1 octet of 8 bits, while
1 00000001 a full IP address is 32 bits made
up of 4 octets. This being true,
the IP address 213.128.68.130
would look like 11010101
10000000 01000100 10000010.

IP addresses are divided into 3 classes as shown below:

Class Range Explanation

A 1-126 IP addresses can be class A, B or C. Class A addresses are for
B 128-191 networks with a large number of hosts. The first octet is the netid
C 192-223 and the 3 remaining octets are the hostid. Class B addresses are
224-239 used in medium to large networks with the first 2 octets making up
D the netid and the remaining 2 are the hostid. A class C is for
(Multicasting)
smaller networks with the first 3 octets making up the netid and the
E 240-255
last octet comprising the hostid. The later two classes aren’t used
(Experimental)
 for networks.
A subnet mask blocks out a portion of an IP address and is used to differentiate between
the hostid and netid. The default subnet masks are as follows:

Class Default Subnet # of Subnets # of Hosts Per Subnet

Class A 255.0.0.0 126 16,777,214
Class B 255.255.0.0 16,384 65,534
Class C 255.255.255.0 2,097,152 254

In these cases, the part of the IP address blocked out by 255 is the Net ID.

In the table above, the it shows the default subnet masks. What subnet mask do you use
when you want more that 1 subnet? Lets say, for example, that you want 8 subnets and
will be using a class C address. The first thing you want to do is convert the number of
subnets into binary, so our example would be 00001000. Moving from left to right, drop
all zeros until you get to the first "1". For us that would leave 1000. It takes 4 bits to
make 8 in binary so we add a "1" to the first 4 high order bits of the 4th octet of the
subnet mask(since it is class C) as follows: 11111111.11111111.11111111.11110000 =
255.255.255.240. There is our subnet mask.
Lets try another one...Lets say that you own a chain of stores that sell spatulas in New
York and you have stores in 20 different neighborhoods and you want to have a separate
subnet on your network for each neighborhood. It will be a class B network. First, we
convert 20 to binary - 00010100. We drop all zeros before the first "1" and that leaves
10100. It takes 5 bits to make 20 in binary so we add a "1" to the first 5 high order bits
which gives: 11111111.11111111.11111000.00000000 = 255.255.248.0. The following
table shows a comparison between the different subnet masks.

Mask # of Subnets Class A Hosts Class B Hosts Class C Hosts

192 2 4,194,302 16,382 62
224 6 2,097,150 8,190 30
240 14 1,048,574 4,094 14
248 30 524,286 2,046 6
252 62 262,142 1,022 2
254 126 131,070 510 Invalid
255 254 65,534 254 Invalid

Note: 127.x.x.x is reserved for loopback testing on the local system and is not used on
live systems.

TCP/IP Ports - Ports are what an application uses when communicating between a client
and server computer. Some common TCP/IP ports are:
 20 FTP-DATA
 21 FTP
 23 TELNET
 25 SMTP
 69 TFTP
 70 GOPHER
 80 HTTP
 110 POP3
 137 NetBIOS name service
 138 NetBIOS datagram service
 139 NetBIOS
 161 SNMP

You need to understand Buffering, Source quench messages and Windowing. Buffering
allows devices to temporarily store bursts of excess data in memory. However, if data
keep arriving at high speed, buffers can go overflow. In this case, we use source quench
messages to request the sender to slow down.

Windowing is for flow-control purpose. It requires the sending device to send a few
packets to the destination device and wait for the acknowledgment. Once received, it
sends the same amount of packets again. If there is a problem on the receiving end,
obviously no acknowledgement will ever come back. The sending source will then
retransmits at a slower speed. This is like trial and error, and it works. Note that the
window size should never be set to 0 - a zero window size means to stop transmittion
completely.

3COM’s IP addressing tutorial is just superior. It covers basic IP addressing options as

well as subnetting and VLSM/CIDR.

IPX/SPX:
IPX will also be an important issue to consider in network management given the fact
there many companies still use Netware servers. There are two parts to every IPX
Network address - the Network ID and the Host ID. The first 8 hex digits represent the
network ID, while the remaining hex digits represent the host ID, which is most likely the
same as the MAC address, meaning we do not need to manually assign node addresses.
Note that valid hexadecimal digits range from 0 through 9, and hexadecimal letters range
from A through F. FFFFFFFF in hexadecimal notation = 4292967295 in decimal.

Sequenced Packet Exchange(SPX) belongs to the Transport layer, and is connection-

oriented. It creates virtual circuits between hosts, and that each host is given a connection
ID in the SPX header for identifying the connection. Service Advertisement
Protocol(SAP) is used by NetWare servers to advertise network services via broadcast at
an interval of every 60 minutes by default.

WAN Protocols:
In general, there are three broad types of WAN access technology. With Leased Lines,
we have point-to-point dedicated connection that uses pre-established WAN path
provided by the ISP. With Circuit Switching such as ISDN, a dedicated circuit path exist
only for the duration of the call. Compare to traditional phone service, ISDN is more
reliable and is faster. With Packet Switching, all network devices share a single point-to-
point link to transport packets across the carrier network - this is known as virtual
circuits.

When we talk about Customer premises equipment(CPE), we are referring to devices

physically located at the subscriber’s location. Demarcation is the place where the CPE
ends and the local loop begins. A Central Office(CO) has switching facility that provides
point of presence for its service. Data Terminal Equipment(DTE) are devices where the
switching application resides, and Date Circuit-terminating Equipment(DCE) are devices
that convert user data from the DTE into the appropriate WAN protocol. A router is a
DTE, while a DSU/CSU device or modem are often being referred to as DCEs.

Frame Relay:
Frame Relay has the following characteristics:

• successor to X.25
• has less overhead than X.25 because it relies on upper layer protocols to perform
error checking.
• Speed in between the range of 56 Kbps to 2.078 Mbps.
• uses Data Link Connection Identifiers(DLCI) to identify virtual circuits, with
DLCI number between 16 and 1007.
• uses Local Management Interfaces(LMI) to provide info on the DLCI values as
well as the status of virtual circuits. Cisco routers support Cisco(Default), ANSI
and Q933a.
• to set up frame relay, we need to set the encapsulation to frame-relay in either the
Cisco(Default) mode or the IETF mode, although Cisco encapsulation is required
to connect two Cisco devices.
• LMI type is configurable, but by default it is being auto-sensed.
• generally transfer data with permanent virtual circuits (PVCs), although we can
use switched virtual circuits (SVCs) as well.
• SVC is for transferring data intermittently.
• PVC does not have overhead of establishing and terminating a circuit each time
communication is needed.
• Committed Information Rate(CIR) is the guaranteed minimum transfer rate of a
connection

Cisco has a web page that describes the configuration and troubleshooting of Frame relay
- Comprehensive Guide to Configuring and Troubleshooting Frame Relay

ATM:
ATM stands for Asynchronous Transfer Mode and is a high-speed, packet-switching
technique that uses short fixed length packets called cells which are about 53 bits in
length. ATM can transmit voice, video, and data over a variable-speed LAN and WAN
connections at speeds ranging from 1.544Mbps to as high as 622Mbps. I recently read
that the new standard may be 2Gbps. ATM's speed is derived from the use of short fixed
length cells, which reduce delays, and the variance of delay for delay-sensitive services
such as voice and video. ATM is capable of supporting a wide range of traffic types such
as voice, video, image and data.

PPP:
As an improvement to Serial Line Internet Protocol (SLIP), Point-to-Point Protocol (PPP)
was mainly for the transfer of data over slower serial interfaces. It is better than SLIP
because it provides multiprotocol support, error correction as well as password
protection. It is a Data Link Layer protocol used to encapsulate higher protocols to pass
over synchronous or asynchronous communication lines. PPP is capable of operating
across any DTE/DCE device, most commonly modems, as long as they support duplex
circuits. There are 3 components to PPP:

• HDLC(High-level Data Link Control) - Encapsulates the data during transmission

and is a link layer protocol which is also the default Cisco encapsulation protocol
for synchronous serial links. HDLC is supposed to be an open standard, but
Cisco's version is proprietary, meaning it can only function with Cisco routers.
• LCP(Link Control Protocol) - Establishes, tests and configures the data link
connection.
• NCPs(Network Control Protocols) - Used to configure the different
communication protocols, allowing them on the same line simultaneously.
Microsoft uses 3 NCPs for the 3 protocols at the Network Layer (IP, IPX and
NetBEUI)

PPP communication occurs in the following manner: PPP sends LCP frames to test and
configure the data link. Next, authentication protocols are negotiated to determine what
sort of validation is used for security. Below are 2 common authentication protocols:

• PAP is similar to a network login but passwords are sent as clear text. It is
normally only used on FTP sites.
• CHAP uses encryption and is a more secure way of sending passwords.

Then NCP frames are used to setup the network layer protocols to be used. Finally,
HDLC is used to encapsulate the data stream as it passes through the PPP connection.

Point-to-Point Tunneling Protocol(PPTP) provides for the secure transfer of data from a
remote client to a private server by creating a multi-protocol Virtual Private
Network(VPN) by encapsulating PPP packets into IP datagrams. There are 3 steps to
setup a secure communication channel:

1. PPP connection and communication to the remote network are established.

2. PPTP creates a control connection between the client and remote PPTP server
3. PPTP creates the IP datagrams for PPP to send.

The packets are encrypted by PPP and sent through the tunnel to the PPTP server which
decrypts the packets, disassembles the IP datagrams and routes them to the host. Setting
Up PPTP requires a PPTP Client, PPTP Server and a Network Access Server(NAS).
Cisco IOS:
Cisco routers use the Internetworking Operating System(IOS) which stores the
configuration information in Non-Volatile RAM(NVRAM) and the IOS itself is stored in
flash. The IOS can be accessed via Telnet, console connection(such as hyperterminal) or
dialin connection. You can also configure the router as a web server and then access a
web-based configuration panel via http.

There are a variety of sources for booting include Flash memory, TFTP and ROM. It is
always recommended that new image of IOS be loaded on a TFTP server first, and then
copy the image from the TFTP server to the flash memory as a backup mechanism. The
copy command such as "copy tftp flash" allows us to copy the IOS image from TFTP
server to the Flash memory. And of course, we can always do the reverse. Now, we need
to inform the router to boot from the correct source. The following commands are
examples of what we should type in depending on the situation. Typically, it is a good
idea to specify multiple boot options as a fall back mechanism.

 boot system flash {filename}

 boot system tftp {filename} {tftp server IP address}
 boot system rom

After the boot up process we can prepare to login. The User EXEC is the first mode we
encounter. It gives us a prompt of "Router>". To exit this mode means to log out
completely, this can be done with the logout command. If we want to proceed to the
Privileged EXEC, we need to use the enable EXEC command. Once entered, the prompt
will be changed to ‘Router#". To go back to user EXEC mode, we need to use the disable
command. Note that all the configuration works requires the administrator to be in the
Privileged mode first. Put it this way, Privileged EXEC mode includes support for all
commands in user mode plus those that provide access to global and system settings.

The setup command facility is for making major changes to the existing configurations,
such as adding a protocol suite, modifying a major addressing scheme changes, or
configuring a newly installed interface.

If you aren't big on reading manuals, finding out the way to access help information is a
MUST. To display a list of commands available for each command mode, we can type in
a ? mark. IOS also provides context-sensitive help feature to make life easier. In order to
pass this exam, you will need to be able to find your away around the IOS. We will list
some the information here, but there is too much to list all of it. You will definitely need
access to a router or get the software listed at the beginning of this study guide so that
you can practice.

Useful editing commands include:

Command Purpose
Recall commands in the history buffer starting with the most recent
Crtl-P
command.
 Return to more recent commands in the history buffer after recalling
Crtl-N
commands with Crtl-P or the up arrow key.
Crtl-B Move the cursor back one character
Crtl-F Move the cursor forward one character
Crtl-A Move the cursor to the beginning of the command line
Crtl-E Move the cursor to the end of the command line
Esc B Move the cursor back one word
Esc F Move the cursor forward one word
Crtl-R or Crtl-
Redisplay the current command line
L

You will find most of the IOS commands at the following 2 links:
Router and Switch Commands
http://www.cisco.com/warp/cpropub/45/tutorial.htm

Security:
Access Lists allow us to implement some level of security on the network by inspecting
and filtering traffic as it enters or exits an interface. Each router can have many access
lists of the same or different types. However, only one can be applied in each direction of
an interface at a time (keep in mind that inbound and outbound traffic is determined from
the router's perspective). The two major types of access lists that deserve special attention
are the IP Access Lists and the IPX Access Lists.

Standard IP access lists can be configured to permit or deny passage through a router
based on the source host's IP address. Extended IP access list uses destination address, IP
protocol and port number to extend the filtering capabilities. Access can be configured to
be judged based on a specific destination address or range of addresses, on an IP protocol
such as TCP or UDP, or on port information such as http, ftp, telnet or snmp. We use
access list number to differentiate the type of access list. In standard IP access lists we
have numbers from 1 through 99, and in extended IP access lists we have numbers from
100 through 199:

1-99 Standard IP
100-199 Extended IP
200-299 Protocol type-code
300-399 DECnet
600-699 Appletalk
700-799 Standard 48-bit MAC Address
800-899 Standard IPX
900-999 Extended IPX
1000-1099 IPX SAP
1100-1199 Extended 48-bit MAC Address
1200-1299 IPX Summary Address
When dealing with Access Control Lists or preparing for your CCNA exam, you have to
deal with a 32-bit wild card address in dotted-decimal form, known as your inverse mask.
By Cisco’s definition it is called inverse, but you can think of it as the “reverse” of your
subnet mask in most cases. When dealing with your wild card mask, you have two values
that you are working with. Like subnetting you have a 0 as "off" and a 1 as the "on"
value. Wild cards deal with the 0 value as “match” and the 1 value as "ignore". What do I
mean by ignore or match? If you have studied ACLs you should know that your goal is to
set criteria to deny or permit and that is where your Inverse mask comes into play. It tells
the router which values to seek out when trying to deny or permit in your definition. If
you have dealt with subnetting you know that most of your address ended with an even
number. With your inverse mask you will end up with an odd number. There are several
different ways to come up with your inverse mask; the easiest is to subtract your subnet
mask from the all routers broadcast address of 255.255.255.255.

Example: You have a subnet mask of 255.255.255.0. To get your wild card mask all you
have to do is:

255.255.255.255.
-255.255.255.0
0.0.0.255

Then you can apply it to the definition, whether using a standard or extended ACL.

Standard example:
Router(config)# access-list 3 deny 170.10.1.0 0.0.0.255

How you would read this list. With this wild card you told the router to “match” the first
three octets and you don’t care what’s going on in the last octet.

Extended example:
Router(config)# access-list 103 permit 178.10.2.0 0.0.0.255 170.10.1.0 0.0.0.255 eq 80

How you would read this list? With this wild card you have told the router to match the
first three octets and you don’t care what’s going on in the last octet.

Think of it this way. If you had broken the decimal form down to binary, the wild card
mask would look like this. 00000000.00000000.00000000.11111111

As you know the “1” means ignore and “0” means match. So in that last octet it could
have been any value on that subnet line ranging from 0-255.

For more information on IP Access Lists, read Configuring IP Access Lists

Routing:
There are 2 main types of routing, which are static and dynamic, the third type of routing
is called Hybrid. Static routing involves the cumbersome process of manually configuring
and maintaining route tables by an administrator. Dynamic routing enables routers to
"talk" to each other and automatically update their routing tables. This process occurs
through the use of broadcasts. Next is an explanation of the various routing protocols.

RIP:
Routing Information Protocol(RIP) is a distance vector dynamic routing protocol. RIP
measures the distance from source to destination by counting the number of hops(routers
or gateways) that the packets must travel over. RIP sets a maximum of 15 hops and
considers any larger number of hops unreachable. RIP's real advantage is that if there are
multiple possible paths to a particular destination and the appropriate entries exist in the
routing table, it will choose the shortest route. Routers can talk to each other, however, in
the real routing world, there are so many different routing technologies available, that it is
not as simple as just enabling Routing Information Protocol (RIP).

For information on RIP configuration, read Configuring RIP

OSPF:
Open Shortest Path First (OSPF) is a link-state routing protocol that converges faster than
a distance vector protocol such as RIP. What is convergence? This is the time required
for all routers to complete building the routing tables. RIP uses ticks and hop counts as
measurement, while OSPF also uses metrics that takes bandwidth and network
congestion into making routing decisions. RIP transmits updates every 30 seconds, while
OSPF transmits updates only when there is a topology change. OSPF builds a complete
topology of the whole network, while RIP uses second handed information from the
neighboring routers. To summarize, RIP is easier to configure, and is suitable for smaller
networks. In contrast, OSPF requires high processing power, and is suitable if scalability
is the main concern.

We can tune the network by adjusting various timers. Areas that are tunable include: the
rate at which routing updates are sent, the interval of time after which a route is declared
invalid, the interval during which routing information regarding better paths is
suppressed, the amount of time that must pass before a route is removed from the routing
table, and the amount of time for which routing updates will be postponed. Of course,
different setting is needed in different situation. In any case, we can use the "show ip
route" command to display the contents of routing table as well as how the route was
discovered.

For commands and methods to configure OSPF read OSPF Commands

IGRP and EIGRP:

RIP and OSPF are considered "open", while IGRP and EIGRP are Cisco proprietary.
Interior Gateway Routing Protocol(IGRP) is a distance vector routing protocol for the
interior networks, while Enhanced Interior Gateway Routing Protocol (EIGRP) is a
hybrid that combines distance vector and link-state technologies. Do not confuse these
with NLSP. Link Services Protocol (NLSP) is a proprietary link-state routing protocol
used on Novell NetWare 4.X to replace SAP and RIP. For IGRP, the metric is a function
of bandwidth, reliability, delay and load. One of the characteristics of IGRP is the
deployment of hold down timers. A hold-down timer has a value of 280 seconds. It is
used to prevent routing loops while router tables converge by preventing routers from
broadcasting another route to a router which is off-line before all routing tables converge.
For EIGRP, separate routing tables are maintained for IP, IPX and AppleTalk protocols.
However, routing update information is still forwarded with a single protocol.

he Border Gateway Protocol (BGP) is the protocol backing the core routing decisions
on the Internet. It maintains a table of IP networks or 'prefixes' which designate network
reachability among autonomous systems (AS). It is described as a path vector protocol.
BGP does not use traditional Interior Gateway Protocol (IGP) metrics, but makes routing
decisions based on path, network policies and/or rulesets. For this reason, it is more
appropriately termed a reachability protocol rather than routing protocol.

BGP was created to replace the Exterior Gateway Protocol (EGP) routing protocol to
allow fully decentralized routing in order to allow the removal of the NSFNet Internet
backbone network. This allowed the Internet to become a truly decentralized system.
Since 1994, version four of the BGP has been in use on the Internet. All previous
versions are now obsolete. The major enhancement in version 4 was support of Classless
Inter-Domain Routing and use of route aggregation to decrease the size of routing tables.
Since January 2006, version 4 is codified in RFC 4271, which went through more than 20
drafts based on the earlier RFC 1771 version 4. RFC 4271 version corrected a number of
errors, clarified ambiguities and brought the RFC much closer to industry practices.

Most Internet users do not use BGP directly. Since most

Internet service providers must use BGP to
establish routing between one another (especially if
they are multihomed), it is one of the most
important protocols of the Internet. Compare this
with Signaling System 7 (SS7), which is the inter-
provider core call setup protocol on the PSTN. Very
large private IP networks use BGP internally. An
example would be the joining of a number of large
Open Shortest Path First (OSPF) networks where
OSPF by itself would not scale to size. Another
reason to use BGP is multihoming a network for
better redundancy either to multiple access points of
 a single ISP (RFC 1998) or to multiple ISPs. Border
Gateway Protocol

Introduction
The Border Gateway Protocol (BGP) is an interautonomous system routing protocol. An
autonomous system is a network or group of networks under a common administration
and with common routing policies. BGP is used to exchange routing information for the
Internet and is the protocol used between Internet service providers (ISP). Customer
networks, such as universities and corporations, usually employ an Interior Gateway
Protocol (IGP) such as RIP or OSPF for the exchange of routing information within their
networks. Customers connect to ISPs, and ISPs use BGP to exchange customer and ISP
routes. When BGP is used between autonomous systems (AS), the protocol is referred to
as External BGP (EBGP). If a service provider is using BGP to exchange routes within an
AS, then the protocol is referred to as Interior BGP (IBGP). Figure 39-1 illustrates this
distinction.

Figure 39-1 External and Interior BGP

BGP is a very robust and scalable routing protocol, as evidenced by the fact that BGP is
the routing protocol employed on the Internet. At the time of this writing, the Internet
BGP routing tables number more than 90,000 routes. To achieve scalability at this level,
BGP uses many route parameters, called attributes, to define routing policies and
maintain a stable routing environment.

In addition to BGP attributes, classless interdomain routing (CIDR) is used by BGP to

reduce the size of the Internet routing tables. For example, assume that an ISP owns the
IP address block 195.10.x.x from the traditional Class C address space. This block
consists of 256 Class C address blocks, 195.10.0.x through 195.10.255.x. Assume that the
ISP assigns a Class C block to each of its customers. Without CIDR, the ISP would
advertise 256 Class C address blocks to its BGP peers. With CIDR, BGP can supernet the
address space and advertise one block, 195.10.x.x. This block is the same size as a
traditional Class B address block. The class distinctions are rendered obsolete by CIDR,
allowing a significant reduction in the BGP routing tables.

BGP neighbors exchange full routing information when the TCP connection between
neighbors is first established. When changes to the routing table are detected, the BGP
routers send to their neighbors only those routes that have changed. BGP routers do not
send periodic routing updates, and BGP routing updates advertise only the optimal path
to a destination network.

BGP Attributes
Routes learned via BGP have associated properties that are used to determine the best
route to a destination when multiple paths exist to a particular destination. These
properties are referred to as BGP attributes, and an understanding of how BGP attributes
influence route selection is required for the design of robust networks. This section
describes the attributes that BGP uses in the route selection process:

• Weight

• Local preference

• Multi-exit discriminator

• Origin

• AS_path

• Next hop

• Community

Weight Attribute

Weight is a Cisco-defined attribute that is local to a router. The weight attribute is not
advertised to neighboring routers. If the router learns about more than one route to the
same destination, the route with the highest weight will be preferred. In Figure 39-2,
Router A is receiving an advertisement for network 172.16.1.0 from routers B and C.
When Router A receives the advertisement from Router B, the associated weight is set to
50. When Router A receives the advertisement from Router C, the associated weight is
set to 100. Both paths for network 172.16.1.0 will be in the BGP routing table, with their
respective weights. The route with the highest weight will be installed in the IP routing
table.

Figure 39-2 BGP Weight Attribute

Local Preference Attribute

The local preference attribute is used to prefer an exit point from the local autonomous
system (AS). Unlike the weight attribute, the local preference attribute is propagated
throughout the local AS. If there are multiple exit points from the AS, the local
preference attribute is used to select the exit point for a specific route. In Figure 39-3, AS
100 is receiving two advertisements for network 172.16.1.0 from AS 200. When Router
A receives the advertisement for network 172.16.1.0, the corresponding local preference
is set to 50. When Router B receives the advertisement for network 172.16.1.0, the
corresponding local preference is set to 100. These local preference values will be
exchanged between routers A and B. Because Router B has a higher local preference than
Router A, Router B will be used as the exit point from AS 100 to reach network
172.16.1.0 in AS 200.

Figure 39-3 BGP Local Preference Attribute

Multi-Exit Discriminator Attribute

The multi-exit discriminator (MED) or metric attribute is used as a suggestion to an

external AS regarding the preferred route into the AS that is advertising the metric.

The term suggestion is used because the external AS that is receiving the MEDs may be
using other BGP attributes for route selection. We will cover the rules regarding route
selection in the next section. In Figure 39-4, Router C is advertising the route 172.16.1.0
with a metric of 10, while Route D is advertising 172.16.1.0 with a metric of 5. The lower
value of the metric is preferred, so AS 100 will select the route to router D for network
172.16.1.0 in AS 200. MEDs are advertised throughout the local AS.

Origin Attribute

The origin attribute indicates how BGP learned about a particular route. The origin
attribute can have one of three possible values:

• IGP—The route is interior to the originating AS. This value is set when the network
router configuration command is used to inject the route into BGP.

• EGP—The route is learned via the Exterior Border Gateway Protocol (EBGP).

• Incomplete—The origin of the route is unknown or learned in some other way. An

origin of incomplete occurs when a route is redistributed into BGP.

The origin attribute is used for route selection and will be covered in the next section.

Figure 39-4 BGP Multi-Exit Discriminator Attribute

AS_path Attribute

When a route advertisement passes through an autonomous system, the AS number is

added to an ordered list of AS numbers that the route advertisement has traversed. Figure
39-5 shows the situation in which a route is passing through three autonomous systems.

AS1 originates the route to 172.16.1.0 and advertises this route to AS 2 and AS 3, with
the AS_path attribute equal to {1}. AS 3 will advertise back to AS 1 with AS-path
attribute {3,1}, and AS 2 will advertise back to AS 1 with AS-path attribute {2,1}. AS 1
will reject these routes when its own AS number is detected in the route advertisement.
This is the mechanism that BGP uses to detect routing loops. AS 2 and AS 3 propagate
the route to each other with their AS numbers added to the AS_path attribute. These
routes will not be installed in the IP routing table because AS 2 and AS 3 are learning a
route to 172.16.1.0 from AS 1 with a shorter AS_path list.

Next-Hop Attribute

The EBGP next-hop attribute is the IP address that is used to reach the advertising router.
For EBGP peers, the next-hop address is the IP address of the connection between the
peers. For IBGP, the EBGP next-hop address is carried into the local AS, as illustrated in
Figure 39-6.

Figure 39-5 BGP AS-path Attribute

Figure 39-6 BGP Next-Hop Attribute

Figure 39-6 BGP Next-Hop Attribute

Making a New Dial-up Connection

1. You can get to the Dial-Up Networking Folder by clicking the Start button and
selecting Settings and then clicking Network and Dial-up Connections

2. Double click the Make New Connection icon. If you haven�t previously
configured Dialup Networking then the screen below will ask you for some basic
information. If you don�t see the screen below, than skip to step three
3. In the Network Connection Wizard window, click Next

4. Select Dial-up to the Internet and then click Next

5. Select I want to I want to set up my Internet connection manually, or I want
to connect through a Local Area Network (LAN), as shown below and click
Next
6. Select I connect through a phone line and a modem, then click Next
7. Type in the dial-up number, 6123445525, as shown below. Click Next
8. Enter your User name and Password (you should have received this on your
Welcome Letter). Click Next
9. Enter in Real Time for the connection name. Click Next
10. Select No and Click Next
11. Click Finish
Configuring your Dial-up Connection

1. You should now see a Real Time icon in the Dial-Up Networking window.
Right Mouse Click on the Real Time Icon and select Properties
2. A new window entitled Real Time will come up, click the Server Types Tab
3. Select PPP: Internet, WIndows NT Server, Windows 98 for the type of Dial-
Up Server. The only check marked box should be TCP/IP. Click on the TCP/IP
Settings.. button

Another window will open with the title TCP/IP Settings. Select Server
assigned IP address and Server assigned name server addresses. Also,
place a check in front of Use IP header compression and Use default
gateway on remote network. Click OK. And click OK on the Real Time
window to close it
Connecting to Real Time

1. To connect to Real Time, double-click the Real Time icon

 2. Enter your Real Time User name and Password and click Connect

Network Addressing

One thing all network nodes have in common is that in order for their addresses to be
considered proper network addresses, they must have two parts present: a host address
and a network address. The host address portion identifies the individual node. The
network address portion identifies the network or network segment on which the host
address can be found.

MAC addresses, which are Data Link layer addresses, differ from Netowkr layer
addresses. MAC addresses are flat addresses in that they identify only the node with
which they are associated and have no relationship to any other netowkr elements. In
many ways, MAC addresses are like Social Security numbers for NICs, identifying only
one NIC at a time.

A MAC address consists of a 48-bit or 6-byte hexadecimal number. It's represented in the
form of six two-digit numbers separated by dashes. The first 24 bits of the MAC address
contain a code assigned by the IEEE to uniquely identify the manufacturer of the card,
and the 24 bits are a number uniquely assigned by the manufacturer.

Here are two points relating to MAC addresses that you're likely to see on the test:

 ARP (Address Resolution Protocol): Uses broadcast messages to learn the MAC or
Ethernet address of a known IP address. The node with the broadcasted IP address
responds with its MAC address, completing the set.
 Reverse ARP (RARP): Broadcasts messages to learn the IP address corresponding
to a known MAC address. This requires the presence of a RARP server on the network.
An example of where this procedure is used is booting a diskless workstation.

An IPX address is 10 bytes (80 bits) long. Four bytes is the network number and 6 bytes
is the node number. The node number is normally the MAC address of the node.

Remember
Unlike IP addresses IPX addresses are not structured into classes. It's not uncommon for
the network number not to use the entire 6 bytes. any zeros at the beginning of the
network address are dropped.

The 32-bit IP address is broken up into four octets, which are arranged into a dotted-
decimal notation scheme. An octet is a set of 8 bits.

Converting to Decimal

The positions of the binary number represent powers of two:

27 26 25 24 23 22 21 20

Placing a 1 in one of the binary positions turns on that value and adds it into the decimal
number representation. A zero in any position turns off the value in that position and it
doesn't add into the number representation.
Example 1

Binary number 1111 1111

27 26 25 24 23 22 21 20
1 1 1 1 1 1 1 1
128 64 32 16 8 4 2 1

Result is: 128 + 64 + 32 + 16 + 8 + 4 + 2 + 1 = 255

Example 2

Binary number 1011 1110

27 26 25 24 23 22 21 20
1 0 1 1 1 1 1 0
128 0 32 16 8 4 2 0

Result is: 128 + 0 + 32 + 16 + 8 + 4 + 2 + 0 = 190

IP addresses are divided into five classes, each of which is designated with the alphabetic
letters A to E. For the exam, forget about Classes D and E. Class D addresses are used for
multicasting, and Class E addresses are reserved for testing and some mysterious future
use.

IP Address Class Assignments

Class First Octet Value

Class A 0-127
Class B 128-191
Class C 192-223

Network and Host Representation by IP Address Class

Class Octet1 Octet2 Octet3 Octet4

Class A Network Host Host Host
Class B Network Network Host Host
Class C Network Network Network Host

Special IP Addresses

Network Address Host Address Description Example

0's 0's Default Cisco route 0.0.0.0
0's Host address Local network hosts 0.0.0.115
1's 1's Broadcast to local network 255.255.255.255
Network Addresss 1's Broadcast to network address 192.21.12.255
127 anything Loopback testing 127.0.0.1

Subnet Mask

The function of a subnet mask is to determine whether an IP address exists on the local
network or whether it must be routed outside the local network. The subnet mask is
applied to a message's destination address to extract the network address. If the extracted
network address matches the local network ID, the destination is located on the local
network. However, if they don't match, the message must be routed outside the local
network. The process used to apply the subnet mask involves Boolean algebra to filter
out non-matching bits to identify the network address.

Working with subnet masks, you need only four basic principles of Boolean algebra:

 1 and 1 = 1
 1 and 0 = 0
 0 and 1 = 0
 0 and 0 = 0

The process of combining binary values with Boolean algebra is called anding.

There are default standard subnet masks for Class A, B and C addresses. The commonly
used subnet masks for each IP address class are:

Address Class Subnet Mask

Class A 255.0.0.0
Class B 255.255.0.0
Class C 255.255.255.0

Verifying an IP Address

IP addresses are verified using PING, Trace and Telnet. For the exam it's important that
you know that PING is used to verify IP address connections to the Network layer and
that Telnet is used to verify network IP address connections to the Application layer.

Cisco PING Response Codes

Response Meaning
! (exclamation mark) Success
. (period) Timed out waiting for reply
U Destination unreachable
| (vertical bar) Ping process interrupted
? (question mark) Unknown packet type
C Congestion-experienced

Subnetting

The key concept in subnetting is borrowing bits from the host portion of the network to
create a subnetwork.Rules govern this borrowing, ensuring that some bits are left for a
host ID. The rules require that two bits remain available to use for the host ID and that all
of the subnet bits cannot be all 1s or 0s at the same time. For each IP address class, only a
certain number of bits can be borrowed from the host portion for use in the subnet mask.

Remember - Subnetting, a subnet, and subnet mask are all different. In fact, the first
creates the second and is identified by the third.
subnetting is the process of dividing a network and its IP addresses into segments, each
of which is called a subnetwork, or subnet. The subnet mask is the 32-bit number that
the router uses to cover up the network address to show shich bits are being used to
identify the subnet.

Bits Available for Creating Subnets

Address Class Host Bits Bits Available for Subnet

A 24 22
B 16 14
C 8 6

Calculating Subnets

There are two simple formulas to calculate these numbers:

Number of hosts per subnet = ( 2 number of bits used for host ) - 2

Number of subnets = ( 2 number of bits used for subnets ) - 2