Author Archives: ccnablog

EIGRP part II

Overview

In part 1 of EIGRP, we explored some of the EIGRP concepts, we saw how it works and how routes are learnt, we also looked at the tables in EIGRP as well as the algorithm used and the different packet types. We also configured EIGRP and verified operation using the various show commands. in this second part, we will at the EIGRP metric, we will also learn the concepts of DUAL algorithm and implement them in our lab. Further, there will be configuration of manual summarization, as well as redistributing the default gateway as well as the passive interfaces concept. By the end of this chapter, you will be expected to configure EIGRP and explain the various concepts that make it work.

The EIGRP metric

In previous chapters, we learnt that routing protocols measure the distance to a path using a value known as the METRIC. The metric is calculated by the routing protocol algorithm and it is usually the cost to reach a particular destination.

EIGRP uses a metric that is comprised of several values. This is known as a composite metric and in EIGRP it is made up of the values shown below.

  • Bandwidth
  • Delay
  • Reliability
  • Load

NOTE: the MTU is not used in the metric calculation.

When changing the metric in EIGRP, the measures above are assigned values known as K-values.

Bandwidth –K1

Delay – K2

Reliability – K3

Load –K4

MTU – K5

The K values are not used if they are 0.

NOTE: in as much as the above formulae are mentioned, CISCO recommends that you do not change them in the real world configuration of routers and as such, we will not discuss them any further. The metric will be discussed further in the CCNP level.

DUAL concepts

In the previous part, we mentioned that EIGRP uses the DUAL (Diffusion Update Algorithm) to calculate routes. In this section, we will learn how DUAL calculates the best paths and finds alternative or redundant loop free paths.

There are several terms we will discuss in this section. These terms are crucial to understanding EIGRP.

  • Successor
  • (FD) Feasible Distance
  • (FS) Feasible Successor
  • (RD) Reported Distance or (AD) Advertised Distance
  • (FC) Feasibility Condition

These terms are critical in understanding how EIGRP finds loop free paths. To understand these concepts better, we will use the topology shown below.

The topology above consists of 4 routers and 2 PCs. The connections are configured with the bandwidth shown in the Key which is the default for these types of links. EIGRP has been configured on all the four routers and the network is fully converged.

The ip addressing scheme is shown in the table below.

A successor in EIGRP is the neighbor router that is used to forward packets to a destination. This is a loop free path that has the lowest-cost or metric. By examining the ip route table in an EIGRP domain, the successor is the router that is shown with an IP address preceding the keyword “VIA”.

In our scenario, we can examine the routing table of R1 to determine the successor to network 192.168.4.0/24.

1

As you can see from the output above, highlighted in the RED box, the successor to the network 192.168.4.0/24 is via 192.168.14.2 which is the ip address of interface FastEthernet 2/0 on R4. Therefore the successor for this route is router R4.

Feasible Distance – is the metric that is used to reach a network. This is usually determined as the lowest cost loop free path by DUAL.

In the output above, the feasible distance to network 192.168.24.0/30 which is the link between R2 and R4 is shown in the blue box as 2172416.

When a route goes down, EIGRP usually converges very quickly and uses a backup path if any, this is because the backup paths are usually calculated by DUAL algorithm and stored in the topology table.

The output of the “show ip eigrp topology” on R1 is shown below, and as you can see in the the highlighted section, the network 192.168.24.0 has 2 paths which are via 192.168.14.2 which is R4 and 192.168.12.2 which is on R2.

1

  • . In the scenario shown below, the feasible distance to reach network 10.10.2.0/24 from R1 is equal to the distance between (R1 to R3) + distance from R3 to S1 which is equal to 110. The distance from (R1 to R4 ) + the distance from R4 to S1 is 220 therefore this is more costly.

REMEMBER: the lower the metric, the better the route

The advertised distance or the reported distance, is the metric to reach a network from the neighbor’s perspective.

In the scenario above, the reported distance to reach network 10.1.2.0/24 on R1, would be the distance from R3 to the switch, this is shown as 10 as indicated by the Red arrow above.

A feasible successor (FS) this is a neighbor who has satisfied the feasibility condition, and has a loop free redundant path for the successor.

The feasibility condition (FC) is the method that DUAL uses to determine whether a redundant path is viable. This condition usually states that the only way a path can qualify as a feasible successor is if, and only if, a neighbors Advertised Distance to a destination network, is less than the current successors feasible distance to that same network.

To better understand the feasibility condition, we use the diagram above with the explanation shown below.

In our scenario, above, the router R4 would be considered to be a feasible successor, if the distance from R4 to S1 is less than the distance from R1 to S1. i.e

The RD of network 10.1.2.0/24 through R4 is 10.

The FD of network 10.1.2.0/24 is 110

If 10 < 110, then this router satisfies the feasibility condition and can become the feasible successor.

In this topology, the feasibility condition has been met and therefore, the backup path to network 10.1.2.0/24 will be through R4.

NOTE: these concepts are very vital in understanding EIGRP and are often examined in the ICND 1, ICND 2 and CCNA composite exams.

These concepts will be explored further in CCNP level but they are a loop prevention measure in EIGRP.

Route summarization

EIGRP automatically summarizes at major network boundaries using the default auto-summary command. However, it is one of the most flexible routing protocols in that it allows for route summarization at any appropriate point in the network.

As we discussed earlier, automatic summarization can be disabled with the no auto-summary command in the router configuration mode for EIGRP. This command is shown below.

Router(config-router)#no auto-summary

Manual summarization

When doing manual summarization, we use a supernet route.

As discussed in the chapter on subnetting, a Supernet is a network address whose subnet mask is less than that of the classful mask in which it resides. If we have several subnets, we can summarize them to give a new address that will be advertised by the router.

The table below shows five subnets that we need to summarize.

To summarize these addresses, we follow the following steps.

Step 1.

Convert the ip addresses to their binary equivalents as shown below.

Step 2.

Consider the number of bits that match, when you find a column of bits that do not match, stop. You are at the summary boundary. In our scenario, the first 2 octets, and the first five bits in the third octet. Shown below by the red line.

1

The total number of matching bits will be the new subnet mask, in our case this will be: the first two octets and the first five bits of the third octet.

REMEMBER: the subnet mask is comprised on ONLY “1s” on the network side, therefore in our case this will be:

255.255.248.0, this is the same as /21 in slash notation.

Now we need to determine the new network address.

Step 3. Determining the network address.

The network address is made up of the matching bits in the subnets. In our case, this will be:

192.168.0.0 since the matching bits in the third octet are only zeros. If we had “1s”, then the subnet mask would have been the addition of these values.

The supernet will be 192.168.0.0/21, this will be the summary address that will be advertised on a router which had the four subnets shown above.

In EIGRP, when advertising the summary address, we use the interface configuration mode. The summary address should be advertised out all the interfaces that participate in EIGRP. The command for configuring the summary address is as shown below:

Router(config-if)#ip summary-address eigrp <process-ID> <NETWORK_ADDRESS> <SUBNET_MASK>

The PROCESS_ID is the process ID that we used when configuring EIGRP.

The NETWORK_ADDRESS is the supernet that we derived from the manual summarization

The SUBNET_MASK is the new subnet mask for the supernet.

To understand manual summarization better, you should practice with different ip addresses.

Default route and route summarization configuration

We may need to connect the enterprise’s network to other network such as the internet. Since we do not have control over these networks, we may need to configure a default route that will forward any unknown traffic to the internet. The scenario shown below will be the example we will use for this lab.

The topology consists of three routers; the interfaces in use are all shown. The two hosts PCs use the first useable ip address in their subnet, while the lan interfaces on the routers use the last useable ip address in their subnets as shown below.

Our task is to configure a default route and redistribute it in EIGRP so that R2 and R3 can access internet resources. Further, there are 5 loopback interfaces on R2 and R3, we should also configure summary addresses that will be advertised to R1.

NOTE: to simulate a default route on the Internet, a network with the address 60.200.200.0/30 has been configured on the ISP.

All the basic configurations including the ip addresses have been configured on the routers so we will just begin with the EIGRP configuration.

We will be using EIGRP AS 1 on all the routers.

NOTE: when asked to configure EIGRP and there is a requirement to disable automatic summarization, this should be the first step. The configuration on the routers is shown below:



After this configuration, all routes should be propagated across the network except the default route. Now we need to examine the routing table of R1, to see how many routes it has.

As you can see, we have 10 routes that we have learnt via EIGRP, we want to reduce this number and the way we can do this is by manual summarization of the loopback networks on R2 and R3.

Route summarization configuration

As mentioned earlier, the steps taken in supernetting of routes or route summarization are:

  1. Write out the networks that you want to summarize in binary.
  2. To find the subnet mask for summarization, start with the left-most bit.
  3. Work your way to the right, finding all the bits that match consecutively.
  4. When you find a column of bits that do not match, stop. You are at the summary boundary.
  5. count the number of left-most matching bits, this number becomes your subnet mask for the summarized route
  6. To find the network address for summarization, copy the matching 22 bits and add all 0 bits to the end to make 32 bits.

On R2, these steps are shown below.

Step 1.

Step 2 -4.

The number of bits that match in this scenario are the first two octets and the first four bits in the third octet. This is indicated by the red line.

Step 5.

The number of matching bits are: 20 therefore the new subnet mask is 255.255.240.0

Step 6.

The new network address will be. 10.10.0.0/20

This is the summary address we will advertise out serial 0/0 on R2. The command used is shown below.

R2(config)#int s0/0

R2(config-if)#ip summary-address eigrp 1 10.10.0.0 255.255.240.0

Now we need to configure the same on R3 for its loopback networks.

Step 1.


Step 2 -4.

The number of bits that match in this scenario are the first two octets and the first three bits in the third octet. This is indicated by the red line.

Step 5.

The number of matching bits are: 19 therefore the new subnet mask is 255.255.224.0

Step 6.

The new network address will be. 172.16.0.0/19

This is the summary address we will advertise out serial 0/0 on R3. The command used is shown below.

R3(config)#int s0/0

R3(config-if)#ip summary-address eigrp 1 172.16.0.0 255.255.224.0

After executing these two commands on R2 and R3, we need to look at the routing table of R1 to confirm whether we are getting the summary routes instead of individual routes as we saw earlier.

1

As you can see from the output above, R1 is now only receiving the summary routes from R2 and R3. These routes are highlighted in red.

Redistribute the Default route

To configure the default route, we follow the following steps.

Step 1. Configure a static default route on R1, this is done using the command:

R1(config)#ip route 0.0.0.0 0.0.0.0 s0/2

This will make any unknown traffic be forwarded out to the internet via serial 0/2 interface on R1. The routing table on R1 will now have this route as shown below in the red highlighted box.

1

However, we also need R2 and R3 to forward unknown traffic to the internet and as you can see in the figure below, R2 does not have a default gateway in its routing table. This is also the case in R3. This means that any traffic destined to the internet from hosts on R2 and R3 will be dropped.

To solve this problem, we need to redistribute the static default route configured on R1 to R2 and R3.

In EIGRP, we need the redistribute command to enable the router configured with the static default update other routers in the EIGRP routing domain with the default route. This command when executed tells EIGRP to include the default route in its updates. When the routers in the EIGRP domain receive this route, they recognize it as the default route and add it to their routing tables.

The command on R1 is: R1(config-router)#redistribute static

When this command is executed on R1, a new route should appear on both R2 and R3. The default route will now be redistributed on R2 and R3 as shown in R3’s routing table below.

Now if we ping from PC_B to the network is in the internet we should be able to get replies, as shown in the output below. The ip address we will ping is 60.200.200.1.

As you can see from above we are receiving replies from the ip address which is on the internet, which means that the default gateway has worked.

Passive interfaces

The final command that we will discuss in this chapter on EIGRP is the passive interface command. This command is used to limit the propagation of routing updates out of certain interfaces. In our networks, we need security, we do not need to send routing updates to areas where there are only end users such as our LANs. As such, this command is used to limit the EIGRP updates. When it is executed, this command will stop any routing updates out of a particular interface. In most cases, these are usually the LAN interfaces such as the FastEthernet links.

The command needed to configure passive interfaces in the EIGRP configuration mode is shown below.

Router(config-router)#passive-interface <interface_NAME><interface_ID>

Summary

In this chapter, on EIGRP, we have looked at the basics, and concepts behind the operation of EIGRP. We also discussed the dual concepts and did several lab configurations on EIGRP. In the CCNA exams, you will be presented with many questions on EIGRP and it is imperative that you understand this routing protocol well.

In the next chapter, we will look at link state routing protocols and especially OSPF, which is the last routing protocol we will discuss in this course.

EIGRP part 1

Overview

Welcome to the world of EIGRP. In this chapter, we will look at CISCO’s proprietary routing protocol which is EIGRP. In part 1, we will look at the foundation concepts into distance vector routing protocols operation. We will then look at the EIGRP concepts and get to know how it works as well as basic configuration of EIGRP, we will also look at verification of EIGRP. In the second part we will look at other EIGRP concepts such as load balancing, and passive interfaces. So let’s get into it.

Distance vector routing protocols

As we discovered from the previous chapter, Interior Gateway Protocols, can be classified into two; distance vector routing protocols and link-state routing protocols. In this section, we will explore distance vector routing protocols, these concepts will be crucial in understanding EIGRP.

The name Distance Vector means that the routes that are advertised by these routing protocols are usually sent as vectors of direction and distance.

If we were to use an analogy of a tourist in a foreign land, distance vector protocols would be described as road signs that only state the direction and the distance to get to a particular destination. They do not give any inclination as to the whole country. The tourist only knows of another point once they get to the point they were directed to by another road sign.

In this same way, distance vector routing protocols only say the next hop or the direction to a destination and the metric or the distance to get there.

A router using a distance vector routing protocol does not have the knowledge of the entire path to a destination network. Instead the router knows only:

  • The direction or outbound interface
  • Distance or metric towards the destination

There are several characteristics inherent with distance vector routing protocols.

  • Periodic updates sent at regular intervals or bounded updates.
  • Neighbors are directly connected routers.
  • Entire routing table updates with the exception of EIGRP

Like all other routing protocols, the use of an algorithm is usually to determine the best path. The routing update usually defines mechanisms for:

  • Exchange of Routing information by sending and receiving messages.
  • A means to calculate the best path
  • A method to determine topology changes and updating accordingly.

When the routers configured with the same routing protocol boot up, the following happens before communication can happen between hosts.

  • Exchange of initial information. This may include routing protocol security, discovery packets among others.
  • Exchange of routes. The routers exchange routes by examining updates they receive via broadcast from other routers. They examine the routes they have learnt from their neighbors and based on the algorithm calculations, the best path is added to the routing table.
  • Convergence. This is the state where all routers in the routing domain have exchanged routing information. All the routers can communicate. The speed by which this happens depends on;
    • How many routers are in the routing domain.
    • The speed by which the routers learn of new routes when there is a topology change.
    • The speed of the algorithm to calculate the costs to each network in the topology.

The concepts behind the distance vector routing protocols are crucial to understanding routing using EIGRP. In the next section we will begin our discussion on EIGRP.

Introduction to EIGRP

EIGRP (Enhanced Interior Gateway Routing Protocol), is CISCO’s second proprietary routing protocol that was first released in 1992. It was a classless advancement to CISCO’s first proprietary routing protocol IGRP. Since this is a CISCO proprietary protocol, it only runs on CISCO routers.

In previous chapters, we looked at the difference between classful and classless routing protocols. We said that the classless routing protocols include the subnet mask in advertising networks and thus VLSM and CIDR can be used.

Some of the most notable features of EIGRP include the following.

  • RTP – Reliable Transport Protocol
  • Bounded updates – updates are only sent if and when there is a topology change and to affected routers.
  • It uses the DUAL algorithm (Difussion Update Algorithm) to find the best paths
  • It establishes adjacencies with neighboring routers
  • It maintains the neighbor table, the topology table as well as the routing table

The operation of EIGRP has some similarities with link-state routing protocols such as OSPF, however, it is still a distance vector routing protocol.

The Algorithm

The DUAL algorithm is the engine that is used by EIGRP in path determination and maintaining updated routes. This is unlike other distance vector routing protocols which use the Bellman-Ford algorithm. When a change is detected in an EIGRP routing domain, the routers exchange several messages to establish redundant links or to update accordingly. The updates in EIGRP are usually partial and bounded, this means that if a route goes down, the router will only notify affected routers of the missing route and it will only notify them of the missing route.

The routing updates that are sent using EIGRP are vectors of distance and are only transmitted to the directly connected and affected neighboring routers in the routing domain.

Protocol-dependent modules (PDM)

The operation of EIGRP is not limited to the IP protocol, EIGRP can route for different network layer protocols such as IP, IPX and apple talk. This support is made possible through the use of (PDMs) Protocol-Dependent Modules.

Reliable Transport Protocol (RTP)

The messages that are transmitted in an EIGRP routing domain are supported by RTP (Reliable Transport Protocol). This protocol requires that acknowledgement packets be sent for the various messages by the recipient of a particular message. The address used by this protocol to run is the EIGRP multicast address of 224.0.0.10.

EIGRP Packet Types

The packet types in EIGRP are crucial in understanding how it exchanges routing information. It is important to note that there are 5 packet types that EIGRP uses to maintain adjacencies. Some of them are used in pairs as discussed below.

Hello packets

The Hello packet is the first packet that is sent when EIGRP is configured, this packet is sent to discover neighbors and form adjacencies with those neighbors. The hello packet is usually sent in intervals of 60 seconds on slow links and at intervals of 5 seconds on links with bandwidth exceeding 1.544mbps such as T1 links.

The EIGRP hello packet also has a hold timer, which is three times the length of the hello packet. if a router in an EIGRP routing domain does not respond to three hellos, it is usually considered as down. The reply to hellos means that the routes are still active.

NOTE: the hello packet is one of the best ways to diagnose EIGRP issues. The use of debugging commands can help establish where the problems occur in EIGRP.

Update

In EIGRP, the update packets are used to send routing information to its neighbors. As we mentioned earlier, the routing updates that are sent by EIGRP are usually partial and bounded. This means that unless there is a topology change, the updates are not usually sent. When a topology change has been detected, the EIGRP update packets are either sent as a unicast to a single affected router or multicast to several affected routers in the routing domain.

Acknowledgement (ACK)

The ACK packets are used to verify that updates or other types of messages were received. RTP ensures that ACK messages are delivered using Reliable delivery.

Query and reply packets

When a router is missing a route, it is the work of the query and reply packets to probe neighbors for the missing routes. The queries are usually sent as multicast messages, while the replies are usually unicast messages.

EIGRP and routes propagation

When routers configured with EIGRP boot up, the hello messages are usually sent to all the routers in the domain to form adjacencies, when the neighbors reply, they form neighbor relationships. The routers then send updates containing their information to the neighbors. When this is done, the routers draw up a topology table with all the best routes as well as alternative or backup paths. From this the best path is determined and used for packet forwarding.

NOTE: we will learn more on this when we discuss DUAL in more detail at a subsequent chapter.

Advantages and disadvantages of EIGRP

Some of the advantages of EIGRP are listed below.

  • As compared to other routing protocols, EIGRP is very fast to converge and re-converge in the event of failure.
  • Simplified configuration compared to link-state routing protocols and static routing
  • The range of features is more than any other IGP
  • Route summarization at any point in the network
  • Supports load balancing

The main disadvantage of EIGRP in the networking world is the fact that it is CISCO proprietary. This means that a network that may have router brands other than CISCO would not be able to run EIGRP.

EIGRP tables

In EIGRP, there are three tables we need to know about.

Neighbor table

This contains all the directly connected routers in the same autonomous system that are running EIGRP. The formation of neighbor relationships is started by the hello packets.

Topology table

The topology table shows all the routes that are known by the router in the EIGRP domain. The topology table shows the main routes, and the backup paths.

Routing table

The routing table shows the best route as calculated by DUAL and is used to forward packets in EIGRP.

We will explore more on these concepts further in the coming chapters.

Basic configuration and verification of EIGRP

Now that we have understood some of the concepts that make EIGRP work, it is time to do the basic configuration.

The diagram shown below will be the main topology that will be used in EIGRP. We will switch things up a bit but it will be the main reference diagram.

The topology that is shown consists of four routers and four host PCs. Each router has several routers connected to it. LAN 1 on each of the routers is the network segment for the PCs. The other LANs have been configured using loopback interfaces.

Please note that this will be the main topology used in EIGRP although some segments may change, this should be kept in mind.

The table below shows the ip addressing scheme used on this network.

The first step will be the initial configuration on all the routers. We will not repeat these steps but you as a student and for practice you are expected to configure the following parameters on all the routers:

  • Host name
  • Enable a plain password “cisco”
  • Disable ip domain lookup
  • Configure the line console with the password “cisco” and require login to access console
  • change the executive timeout to 45 minutes in the line console
  • Configure synchronous logging in the console line
  • Configure 4 telnet lines with the password “cisco” and require login to access console
  • change the executive timeout to 25 minutes in the vty
  • Configure synchronous logging in the vty
  • Configure all the ip addresses and clock rates according to the scheme shown above and enable all interfaces
  • Save the configuration to the NVRAM.

After these configurations we can now start configuration for EIGRP.

The first thing we need to understand is the autonomous system.

The autonomous system, is a way to identify all networks which are controlled or owned by a single entity and which may have the same policies. In EIGRP, the AS is always the same. A different name is the routing domain.

The process ID, is needed to identify the EIGRP process on the routing domain. If we needed several instances of EIGRP to run on 1 router, we would need different process IDs to identify each of them.

NOTE: the process id must match on all routers in the routing domain for EIGRP to work.

On all the routers, we need to go into the global configuration mode, and start the EIGRP routing protocol by entering the command:

router eigrp <process_ID>

This command is used to initiate EIGRP on a router. The process-ID, in EIGRP is a numeric value between 1 and 65536. And it identifies the EIGRP process as 1. This means that we can have several instances of EIGRP running on a router, however, communication will only work when the process_ID is the same in the routing domain. Therefore and EIGRP process 1 cannot communicate with and EIGRP process 2.

In our scenario, the process-ID we will use will be 100. And the command needed on R1 is as shown below.

This command should be entered on all the routers in this routing domain. When this command is executed, we will enter the specific configuration mode for EIGRP which is denoted by the prompt shown below.

Dynamic routing protocols work by advertising their directly connected networks. Therefore, on the routers, we need to advertise these networks using the command shown below.

Router(config-router)# network <network-ID>

The network should be the specific subnet that is being advertised. On R1 for example, we will advertise all the subnets that are directly connected to it.

Even though EIGRP is a classless routing protocol, it behaves as a classful routing protocol. This means that the routes will be automatically summarized to their default classes. This means that we can miss some routes even though our configuration is correct. This means that we need to disable default route summarization to the classful boundaries using the command:

Router(config-router)# network no auto-summary

NOTE: for this command to work effectively, it is usually best practice to execute it immediately after the router eigrp command.

In our scenario, the commands needed to configure EIGRP on all the routers successfully are shown in the table below. You should enter these commands carefully so as to avoid misconfiguration.

After this configuration, you should be able to see the following output on each of the routers. The figure below shows the output on router R1.

Verification of EIGRP

After the configuration on all the routers, we need to verify that EIGRP is indeed configured and working on all the routers. The commands needed to do this are:

  • Show ip eigrp interfaces – this will show the interfaces participating in EIGRP as well as the process ID
  • Show ip route – this will show the main routes used for traffic forwarding that have been learnt via EIGRP
  • Show ip eigrp topology – this will show all the primary and backup routes that EIGRP has learnt as well as the process ID
  • Show ip eigrp neighbors – this will show the neighbors that each router has as well as the process ID
  • Debug ip eigrp – this will show the eigrp statistics for each router actively.

The diagrams below show the output of each of the above commands on router R1.

Show ip eigrp interfaces:

8

As you can see from the output above, highlighted in RED the process ID is shown as 100 and all the interfaces participating in EIGRP are also shown.

This command will be useful in verifying passive interfaces.

Show ip route

The table below shows the output of the show ip route on R1.

8

As you can see from the output above, R1 has all the routes to all networks in the network diagram.

The line highlighted in RED shows the routing protocol indicator as “D” which means EIGRP. 192.168.24.8 is the network that has been learnt and it has an EIGRP administrative distance of 90 and a metric of 3193856, this router learnt of this route from 192.168.13.14, which is R3 and this information was learnt via interface s0/1 which is the connection to R3.

Show ip eigrp topology

This command will show all the routes that this router has learnt via EIGRP. This includes the main routes as well as the backup routes.

1

These are all the routes R1 knows about. The line highlighted in RED shows that this router has a route to 172.16.1.64/29, which was learnt via 192.168.13.14.

The successor and the FD will be discussed in the next part.

Show ip eigrp neighbors

This command will show the directly connected routers that are participating in EIGRP.

As shown in the output above, R1 has 2 neighbors which it learnt of via interface se0/0 and se0/1. This command will be useful in discovery of routers that are not participating in EIGRP.

After this configuration, all the host PCs should be able to ping.

This marks the end of the EIGRP basic configuration, YES, it is as easy as that.

Summary

In this chapter, we have learnt about EIGRP, we have looked at the various key terminology used in EIGRP as well as some concepts. We have also done basic configuration of EIGRP. In the next part, we will continue looking at EIGRP, we will explore more concepts and do more EIGRP configurations.

Dynamic routing protocols

Overview

In the previous chapter, we looked at static routing. We saw how the router finds the best path to a network. We configured static routes and traffic was able to flow between two points.

In this chapter, we will give an overview of dynamic routing protocols. We will define them and learn how they are different from static routes. We will discuss their advantages over static routes, learn the different categories of dynamic routing protocols as well as classless and classful nature. We will also talk about the administrative distance and the metric.

Consider the network diagram shown below.

The administrative overhead that would be needed to make communication between all these devices would be considerable. All the static routes would have to be configured.

Wouldn’t it be much easier, for the network administrator to just “Teach” the routers how to get from one point to another? The solution to this problem would be dynamic routing protocols.

Dynamic routing protocols are a solution that is used in large networks so as to reduce the complexity in configuration that would be occasioned by having to configure static routes. In most networks you will see a mix of both dynamic and static routes.

Definition of dynamic routing protocols

Routing protocols are used to enable the routers exchange routing information, they allow routers to learn about remotely connected networks dynamically. This information is then added to their routing tables as a basis for forwarding packets.

Classification

Dynamic routing protocols can be classified in several ways.

  • Interior and exterior gateway routing protocols,
  • Distance vector, path vector and link state routing protocols,
  • Classful and classless.

The table below shows the various categories of dynamic routing protocols and the ones highlighted in red
will be the focus of this course. Others will be discussed at the CCNP and the CCIE level.

In this course, we will look at EIGRP, OSPFv2 and OSPFv3. These topics will be crucial in passing both your ICND1 and ICND 2 exam, and the CCNA composite exams.

The table below shows more information on the routing protocols to be covered in this course.

Acronym

Full name

standard

year

RFC

EIGRP

Enhanced Interior Gateway Routing Protocol

CISCO

1992

NULL

OSPFv2

Open Shortest Path First version 2

Open

1991

5709

OSPFv3

Open Shortest Path First version 3

Open

1999

5838

Although you may not be examined on the information above directly, both exams will have questions that require knowledge of this information.

Operation of routing protocols

Now that we have an overview of routing protocols, we need to understand how they work.

Routing protocols are comprised of processes, messages and algorithms that are used by routers to learn about remotely connected networks from routers that have been configured with the same routing protocols, the routes that have been learnt are added to the routing table and used as a basis for forwarding packets.

  • Routing protocols function by:
  • Discovering remote networks
  • Maintaining current routing information
  • Path determination

The routing protocol is made up of these components.

  1. Data structures – this is information about remote networks. It is usually stored in the RAM and may be comprised of tables such as neighbor tables and topology tables.
  2. Algorithm – this is the sequential list of steps that the routing takes when determining the best path to a particular network.
  3. Routing protocol messages – these are messages that are used to maintain updated routing information. Examples include; hello messages, update messages among others.

The way routing protocols operate may differ depending on the routing protocol, however, there are certain characteristics inherent in every routing protocol.

  • Exchange of information on interfaces to discover neighboring routers
  • Exchange of routes that have been advertised
  • Running of the algorithm so as to determine the best path
  • Adding of best paths to the routing table
  • Detection of topology changes and making the necessary changes

These are the general steps routers will take. However, the processes differ with each routing protocol and will be discussed at a later stage.

Advantages and disadvantages

Now that we have seen the dynamic routing protocols to be covered in this course, we need to know the advantages and disadvantages of using dynamic routing protocols. We also need to compare them to static routes.

Advantages

  • Exchange of routing information when there is a topology change is dynamic.
  • Less administrative overhead as compared to static routes which have to be manually configured
  • Less error prone than static routing which.
  • Scalability, since there is less administrative overhead than static routes.

Disadvantages

  • Require more expertise by the administrator, they are not as simple to configure as static routes.
  • They use more of the routers resources; such as CPU and RAM.

Egp vs igp

As mentioned earlier, routing protocols fall into two main categories which are;

  • EGP – Exterior Gateway Protocols
  • IGP – Interior Gateway Protocols

This categorization, is based on the Autonomous Systems.

Autonomous systems also known as routing domains; are collections of routers under the same administration. This may mean the routers that are owned by one company.

For example, company XYZ, could have 1 branch connected to the headquarters through a leased line. The networks owned and managed by XYZ would be one autonomous system, while the leased line and interconnections between the branch office and the headquarters which are controlled by the ISP would be another autonomous system. This is shown in the exhibit below.

The networks controlled by XYZ are labelled as AS 100 while AS 650 represents the ISP.

Interior Gateway Protocols (IGP) are used for intra-autonomous system routing – routing inside an autonomous system.

Exterior Gateway Protocols (EGP) are used for inter-autonomous system routing – routing between autonomous systems.

In this scenario for example, routing between XYZ headquarters and the branch office would use and IGP, whilst routing between company XYZ and the ISP would use an EGP.

Distance vector routing protocols vs. link state routing protocols

Interior Gateway Protocols (IGPs) can be classified as two types:

  • Distance vector routing protocols
  • Link-state routing protocols

Distance vector means that routes are advertised as vectors of distance and direction. If we take an example of a tourist getting directions, distance vector protocols would be where the tourist would only use road signs to get to where they are going. They do not know the exact landscape and possible blocks, they only know of the next point towards their destination.

Distance vector protocols work best in situations where:

  • The network is simple and flat and does not require a special hierarchical design.
  • The administrators do not have enough knowledge to configure and troubleshoot link-state protocols.
  • Specific types of networks, such as hub-and-spoke networks, are being implemented.
  • Worst-case convergence times in a network are not a concern

On the other hand, if the tourist had an entire map of the desired destination, with details of different paths to where they were going, they would be using a link-state routing protocol.

Link state routing protocols usually have a complete view of the topology. They usually know of the best paths as well as backup paths to networks. Link state protocols use the shortest-path first algorithm to find the best path to a network.

Link-state protocols work best in situations where:

  • The network design is hierarchical, usually occurring in large networks.
  • The administrators have a good knowledge of the implemented link-state routing protocol.
  • Fast convergence of the network is crucial.

Classful and classless

Classful Routing Protocols

Classful routing protocols don’t include the subnet mask in their routing updates. This is because they were designed prior to the introduction of CIDR and VLSM. RIPv1 is an example of such protocols.

Since they do not include the subnet mask in their routing updates, they cannot work where the networks have been subnetted.

Classless routing protocols

Classless routing protocols include the subnet mask with the network address in routing updates.

In this course, we will focus on the classless routing protocols since the use of classful routing protocols is outdated and no longer used in most modern networks.

Administrative distance and metric

Metric

Suppose a router has more than 1 destination to a network, how would it determine the best path to that network?

The metric, is the mechanism used by the routing protocol to assign costs to reach remote networks. In the tourist example, this may be the amount of fuel the tourist has to use to get to their destination. The metric is used to determine the best path to a network when there are multiple paths.

The table below shows the various metrics used by routing protocols which will be covered in this course.

Routing protocol

Metric

Description

RIPv1

Hop count

The number of routers between the source and destination network.

RIPv2

Hop count

The number of routers between the source and destination network.

EIGRP

Composite metric

A combination of several values used to determine the best path. The composite metric will be discussed in the chapter on EIGRP.

OSPFv2

Cost

The bandwith or cost configured from the router to the destination network

OSPFv3

Cost

The bandwith or cost configured from the router to the destination network

Understanding the different costs types will be crucial in your final exam.

Administrative distance

What if we had configured several routing protocols on one router, how would the router determine the best path to the desired network?

The administrative distance is the way routers use to give preference to routing sources. For example if a router learns of the same route via EIGRP and RIP, it will prefer the route it learnt via EIGRP.

All routes in the routing table are prioritized. With the best and most preferred paths being the directly connected routes. The AD is the trustworthiness of a route.

The AD is usually a value from 0 to 255, the lower the value the better the routing source, a route with an administrative distance of 255 will never be trusted.

If we use the tourist example, the administrative distance would be the trust placed on each means of transport, for example an airline would be more trusted over walking.

The table below shows the various administrative distances for the routing protocols which will be covered in this course.

Routing protocol

Administrative distance

RIP

120

OSPF

110

EIGRP

90

Static routes

1

Summary

In this chapter, we have learnt about dynamic routing protocols. We defined and classified the various routing protocols. We explained how they work as well as their advantages and disadvantages. We also looked at the various classifications of routing protocols such as; EGP and IGP and distance vector and link state routing protocols. We also looked at classful and classless routing protocols as well as explained what the metric and administrative distance mean.

NOTE: The concepts learnt in this chapter are crucial in understanding routing. These concepts are usually examined in both ICND 1 and ICND 2 as well as the CCNA composite exam. These concepts will also be useful at the CCNP and CCIE levels.

In the next chapter, we will look at the first routing of this course which is EIGRP.

 

 

Static routing

Overview

Welcome to the world of routing. In the next few chapters, we will look at how packets find their way in networks through routers. In this chapter, we will learn static routing.

Routers in our networks discover remote networks in one of two ways;

  1. Statically configured routes
  2. Dynamic routing protocols

We will learn various concepts on static routes such as how to configure static routes, how the routing table bases its decisions, routing interfaces among other concepts.

Introduction

as you may already know, the work of the router is to forward packets from the source device to the destination device. In between there may be several routers. The router uses a database known as the routing table to forward these packets.

In previous chapters, we connected a router to computer and verified communication by using ping. However, refer to the topology shown in the exhibit below.

 

The network above shows a small network consisting of 3 routers and 2 hosts. As discussed earlier, each connection to a router should have its own network segment and this is shown in the diagram.

The network administrator also configured R1’s and R3’s serial interfaces as the DCE and all other configurations are correct.

In this scenario, R1 can ping HOST A, R1 can ping R2 s0/0/0 interface but not interface s0/0/1.

R3 can ping HOST B, R3 can ping R2’s s0/0/1 interface ONLY. HOST A and HOST B cannot communicate. As shown in the exhibit below.

In this chapter, we will explain the reasons as to why these two computers cannot communicate and resolve this problem.

KEEP THIS TOPOLOGY IN MIND AS IT WILL BE USED THROUGHOUT THIS CHAPTER.

Directly connected networks

The routing table is the database that contains information about various networks, we have said that these remote networks may either be learnt through routing protocols or manually configured routes.

The output of the “show ip route” command on a router, shows the routes that a particular router can reach. By default, a router will only know of directly connected routes.

Directly connected routes in our scenario, from R1’s perspective are the network connected to HOST A and the network between R1 and R2.

Since no other configuration has been made on these routers, R2 and R3, should only have directly connected routes.

The directly connected networks are the only networks that can be reached by a particular router. In our scenario, this means that;

  • Host A can ping R1
  • R1 can ping R2’s s0/0/0 interface but not interface s0/0/1
  • R2 can ping R1’s s0/0/0 interface but not interface fa0/0 or HOST A
  • R2 can ping R3’s s0/0/0 interface but not interface fa0/0 or HOST B
  • R3 can ping R2’s s0/0/1 interface but not interface s0/0/0
  • HOST B can ping R3.
  • Neither hosts can ping each other
  • R1 and R3 cannot ping each other.

The figure shown below shows all the directly connected networks.

Static routing

Static routes are one way we can communicate to remote networks. In production networks, static routes are mainly configured when routing from a particular network to a stub network.

stub networks are networks that can only be accessed through one point or one interface.

In the above scenario, the 192.168.1.0/24 and 192.168.4.0/24 networks are stub networks. This means that for hosts in these network segments only have one way to communicate with other hosts, which is R1 and R3 for the 192.168.1.0/24 and 192.168.4.0/24 networks respectively.

Understanding stub networks is crucial in understanding static routing.

The command needed to configure a static route is shown below.

Router(config)# ip route (network-address) (subnet-mask) (next-hop ip address/ exit interface)

The table below explains the meaning of each of the parameters in the ip route command as well as an example of the command which would be used on R1 to configure a static route to R3’s LAN network (192.168.4.0/24).

Parameter Meaning example
Ip route State that the route being configured is a static route Ip route
Network-address The network address of the destination network. This is the network I am trying to reach. 192.168.4.0
Subnet-mask The network address of the destination network that I am trying to reach 255.255.255.0
Next hop ip address This is the ip address of the router that is connecting me to the desired network 192.168.2.4
Exit interface This is the exit point interface on my router that connects to the router that will take me to the desired network s0/0/0

 

Refer to the exhibit. Therefore to configure a static route on R1 for network 192.168.4.0/24, the command to be issued on R1 is:

R1(config)# ip route 192.168.3.0 255.255.255.0 192.168.2.4

R1(config)# ip route 192.168.4.0 255.255.255.0 192.168.2.4

OR

R1(config)# ip route 192.168.3.0 255.255.255.0 s0/0/0

R1(config)# ip route 192.168.4.0 255.255.255.0 s0/0/0

NOTE: When configuring static routes
you should only use either the exit interface or the next hop ip address and not both. This will be explained later.

EXAMINE THE ROUTING TABLE ON R1:

1

Highlighted in
red at the bottom of the show ip route output on R1, is the static route that we just added. The “S” at the beginning means that the routing table got this route as a result of a static route configuration.

In the braces, “1”, is the administrative distance for static routes, and “0” is the metric.

From this we can assume that pings from HOST A to HOST B should work. Right?

Let’s try a ping from HOST A TO HOST B and see what happens.

2

As you can see from the exhibit above, all four pings to HOST B are shown as request timed out. Further, highlighted in red
at the bottom, no packets were received by HOST B. this means that they could not communicate.

In the next section, we will explore why the two hosts could not communicate yet R1 was correctly configured with a static route.

Routing table principles

There are three routing table principles that dictate how routers communicate.

Principle 1:

routers forward packets based on information contained in their routing tables ONLY.”

R1 has 2 routes 192.168.3.0/24 which is the connection between R2 and R3, and 192.168.4.0/24, which is the network on which HOST B is located. Therefore, based on the first principle, R1 will make its forwarding decisions based on this information only. It will not consult R2 or R3.Nor does it know whether or not those routers have routes to other networks. As a network administrator, it is your responsibility to make sure that all the routers in a network know about remote networks.

Principle 2:

” Routing information on one router does not mean that other routers in the domain have the same information.”

R1 doesn’t know about the information in R2’s routing table. The same can be said of R2 and R3. Therefore, the fact that R1 has a path to the networks connected to R2 and R3 does not mean that R2 and R3 have the same information.

For example, can reach the network 192.168.4.0/24 on R3 through R2. R1 does not know whether R2 can reach the network connected to R3. Therefore, we need to configure routes from R2 to the LAN connected to R3.

Using Principle 2, we still need to configure the proper routing on the other routers (R2 and R3) to make sure that they have routes to these three networks.

Principle 3:


“Routes on a router to a remote network do not mean that the remote router has return paths.”

This principle means that when a route is configured on one router, the remote router must be configured with a return route. In our networks, most of the communication is bidirectional, this means that for every message we send, a reply is expected.

If we use the analogy of the post office, it would be like sending a letter without a return address. The recipient cannot reply to a letter without a return address, and the postman would not know where to send the letter.

In our scenario, this means that, when we configure a route to network 192.168.4.0/24 on R1, we need to configure a route on the remote routers that leads to the LANs connected to R1.

Using Principle 3 as guidance, we will configure proper static routes on the other routers to make sure they have routes back to the 192.16.1.0/24 network.

Applying the principles:

In this scenario, we need to apply all the three principles on all the routers so that the static routes can work.

Principle 1

R1 knows how to get to network 192.168.3.0/24, and network 192.168.4.0/24, however, R2 and R3 do not know how to get there. Therefore, we need to configure a static route on R2 so that it can know how to get to 192.168.4.0/24.

Principle 2

We configured a static route on R1, however, this does not mean that R2 knows a path to 192.168.4.0/24 network. Therefore this router needs to know about that network.

Principle 3

Even though R1 and R2 have a route to network 192.168.4.0, a ping would still fail because both R2 and R3 would not know how to get to R1. Therefore, we need to configure a route that gets back to network 192.168.1.0/24 on R1.in this case we are using the next-hop ip address on both R2 and R3.

From this. We can now make the necessary configurations on all the routers to make communication between HOST A and HOST B possible.

On router R2:

R2(config)# ip route 192.168.1.0 255.255.255.0 192.168.2.3

R2(config)# ip route 192.168.4.0 255.255.255.0 192.168.3.3

On router R3:

R3(config)# ip route 192.168.1.0 255.255.255.0 192.168.3.4

R3(config)# ip route 192.168.4.0 255.255.255.0 192.168.3.4

When all the configurations have been made on all the three routers, communication between HOST A and HOST B should be possible. The figure below shows the routing tables of all the three routers, the static routes have been highlighted in red.

R1:

3

R2:

4

R3:

5

As a result of this output. We should be able to ping from HOST A to HOST B. the output below shows the results of the ping from HOST A to HOST B.

6

The output shows that there are replies coming from HOST B which has the ip address 192.168.4.2, the highlighted section in red shows that 4 packets were sent and all 4 were received by HOST B, with 0% loss.

Therefore, we have successfully configured static routing on the routers.

Resolving the next- hop ip address

Suppose we configured R2 with the next-hop ip address not an exit interface, how would the router know which interface to send the packets through?

Refer to the output of the show ip route command on R2, below.

7

When the router wants to send a packet to the 192.168.1.0 network, it will look at the routing table.

There is a route to that network via 192.168.2.3. Then the router checks to see whether it has an interface that to the 192.168.2.3 network. In this scenario, that would be the network highlighted in blue. The exit interface is serial 0/0/0.

Routes that only have the next-hop ip address and no exit interfaces, must have resolve the next hop ip address using a route on their routing table that connects to the remote network.

In most cases, the route that the next hop is resolved to is usually a directly connected network.

As such, this is usually an issue, since the router has to process a packet twice before it can determine where to forward it. This is known as a recursive lookup.

It is recommended that static routes have an exit interface as opposed to the next hop ip address.

Summary and default routes

Suppose a router has more than 1 LAN connected to it. It would be more practical to use an address that covers all the LANS, and configure 1 static route. Take this scenario, R1 has 5 LANs connected to it;

  • 192.168.1.0/24
  • 192.168.2.0/24
  • 192.168.3.0/24
  • 192.168.4.0/24
  • 192.168.5.0/24

Summarizing these routes is shown in the table below.

8

The first 2 octets and the first 5 bits from the left, in the third octet.

Therefore the new summary network address and subnet mask for the 5 networks will be: 192.168.0.0/21 with the subnet mask as 255.255.248.0.

When configuring a static route to the summary network out serial0/0/0 on R2, the command would be;

R2(config)# ip route 192.168.0.0 255.255.248.0 s0/0/0

Refer to the exhibit shown below. Suppose HOST A wants to send an email to a friend or wants to view a website on the internet, how would the router know where to send the packets?

The internet has many ip addresses, and configuring one static route to a specific network would not work. Therefore, a default route is needed.

A default static route is a route that will match all packets. Default static routes are used:

When no other routes in the routing table match the packet’s destination IP address. In other words, when a more specific match does not exist. A common use is when connecting a company’s edge router to the ISP network.

When a router has only one other router to which it is connected. This condition is known as a stub router.

The syntax for configuring a static default route is:

Router(config)# ip route 0.0.0.0 0.0.0.0 [next-hop ip address/ exit interface]

A route to this network would tell the router to forward any packet for which it does not have a route to the indicated next-hop ip address or exit interface.

In this scenario, to configure a default static route, the command sequence on R1 would be.

R1(config)# ip route 0.0.0.0 0.0.0.0 12.145.3.2

Or

R1(config)# ip route 0.0.0.0 0.0.0.0 s0/0/0

Summary

In this chapter, we have learnt how a router finds a path to a remote network, we have configured static routes using the principles of the routing table, learnt about the recursive lookup, as well as configured summary routes and default static routes.

In the next chapter, we will get into the world of dynamic routing protocols.

Configuring and testing the network

Overview

In this chapter, we will learn how to configure the various internetwork devices such as the router and the switch. We will also cable the network correctly according to the requirements and learn the various CISCO IOS – CISCO internetwork operating system basics that we will use throughout the course. As we mentioned in the beginning of the course, this will be a lab oriented course and therefore, you are expected to have lab equipment. If you do not have the physical devices, do not worry because we will discuss an alternative that can be used for learning purposes in this course.

Upon completion of this chapter, you will be able to:

  • Understand the role of the CISCO IOS
  • understand the config file on routers and switches
  • Understand the IOS command structure
  • Configure basic configuration of a router or a switch
  • Verify the configuration on a router using show commands.

Internetwork operating system

I am sure that you already know that computers have operating systems. The operating system allows the computer to function and also allows us to input and receive output. The operating system is the intermediary between us and the computer’s internal components. Similarly, the router also has an operating system.

CISCO uses the IOS (internetwork operating system) to allow us to use the various capabilities in the routers.

The CISCO IOS allows us to perform functions such as:

  • Routing
  • Security for the network
  • Expand the network based on requirements among others.

Unlike other operating systems that you may be accustomed to however, the CISCO IOS is accessed using a CLI (Command Line Interface). If you have used programs such as DOS™ then you are familiar with the CLI prompt.

Access methods

The CLI on routers may be accessed using one of the following ways:

  • Console port
  • Auxiliary port
  • Virtual terminal lines.

There are several programs that we can use to access the CLI on routers.

  1. The console port is the main port that is used to configure a router. When the router is new and out of the box, this is the interface that is used to configure the router. After the initial configuration, we can use other configuration methods. The console port is also used for disaster recovery in case the router is unusable or as a way to troubleshoot the router when other connectivity means are unavailable.
  2. The second way we can configure a router is using an auxiliary port. The auxiliary port is used to configure the router through the use of a modem. This port is rarely used and as such we will not discuss its use further.
  3. The third way we can configure a router is by using the virtual terminal lines. As the name suggests, the virtual terminal lines are configured as a way to access the router remotely.

The administrator can configure the router to be accessed from a remote location using these lines.

In this course, we will learn how to configure the two types of VTY lines, either through telnet or the more secure SSL.

NOTE: the operation of the router depends on the commands that we issue during configuration as well as the IOS functioning.

Configuration files on the router

As mentioned earlier, the router is a computer and it the configuration we do determines its operation. The router has two types of memory; volatile and non-volatile memory. The configuration we make is stored in one of these two types of memory depending on the commands we issue.

There are two types of configuration files on the router.

The startup configuration file (startup-config) – this is the file that is used during the startup of the router. It is stored in the non-volatile memory which is called the NVRAM. The startup configuration consists of all the commands we have issued and saved in the router. Once the router boots up, this file is loaded from the NVRAM to the RAM where it is used as the running configuration file.

The running configuration the operation of the router is determined by the running configuration. Any command that we issue on a router is immediately executed and stored in the running- configuration. This file is stored in the RAM or the volatile memory. This means that if the router loses power, any unsaved changes in this file will be lost. When the running- configuration is saved, it is stored in the NVRAM and becomes the startup-config.

CISCO IOS modes

The CISCO CLI is structured hierarchically. The modes are executed from the top to bottom. Each mode gives access to certain commands that can be issued. The list below shows the CISCO IOS modes from the top to bottom.

  • User exec mode
  • Privileged exec mode
  • Global config mode
  • Other specific configuration modes

On gaining access to the router, there will be various prompts that will denote the specific level in which the administrator is in. however, the beginning of the prompt will be the router’s name. The various prompts are discussed below.

  1. User executive mode

This is the main or the first mode that one can access on a router. It is limited to few verification and troubleshooting commands. By default, authentication is not required but as best practice we will configure security so as to ensure protection of our routers.

On accessing the router, you will notice the prompt that ends with this symbol “>” after the router’s name. By default the name of the router is usually “Router“. This prompt is shown below.

Router>

In this mode, we can view basic information using the “show” command.

  1. Privileged executive mode

This is the second mode in the IOS CLI. In this mode, we can view various troubleshooting and verification commands such as “show and debug“. By default, this mode is also not secured, as best practice we will also secure this mode using a password.

This mode is denoted by the HASH (#) symbol preceeded by the name of the router. To enter this mode, we issue the command “enable” from the user exec mode.

Router#

NOTE: To move from the user exec mode to the privileged mode the command – “enable” should be entered from the user exec mode.

The “disable” command is used to exit the privileged exec mode and return to the user exec mode.

  1. Global configuration mode

The main configuration on a router is executed in this mode. Parameters such as the router’s name, ip domain lookup, banners among others can be configured. In this mode, we can also gain access to other specific configuration parameters such as interface configuration.

The global configuration mode is shown by the prompt: (config)# as shown below:

Router(config)#

NOTE: To enter this mode from the privileged exec mode we enter the command: “Configure terminal”

To exit we to the privileged mode we enter the command: “exit”

  1. Specific configuration mode.

There are other specific configuration modes on the router. These are entered in the global configuration mode and are used to configure various functions and options on the router such as the interfaces, routing options, console lines among others. The specific configuration mode commands will be discussed progressively throughout the course.

commands format

When configuring the router, we need to understand the format used in configuration. The image below shows the IOS command structure.

We can also obtain help when typing a command we are unsure of in CISCO IOS. This is done by using a question mark “?” followed by the <enter> key. As shown in the image below.

We can use this command when we are unsure of the correct command to use or we have made an error.

We can also use the <tab> key to autocomplete commands. This may be useful when the command is too long and used frequently. However, we recommend that as we are beginning to learn the IOS, we should use the full command till at a later stage.

There are other shortcut keys used and these are shown below.

  1. Ctrl-R – to re-display a line
  2. Ctrl-Z – exit the configuration mode and returns the user to the user exec mode.
  • Down and up arrows – these are used to scroll through previously entered commands.
  • Ctrl-Shift-6 – this command is used to interrupt a command that has been issued.
  • Ctrl-C – this command can be used to abort a configuration line and return to the privileged mode.

There are other basics that are used in CISCO IOS, however, these we will learn as we continue in this course.

NOTE: you will be expected to know and memorize all the commands used in this course for the exam. In the ICND 1, ICND 2 and CCNA composite exams, the use of these commands will be frequent and you will NOT have anywhere to refer to.

Examination commands

When configuring a router, you may need to troubleshoot different configurations. The use of examination commands is vital in this respect. The examination commands are viewed in the privileged executive mode and will start with “show” in the prompt. Some of these commands and their functions are shown below.

  1. Show version – shows information on the CISCO IOS running on a router or a switch. Such as the version, release date.
  2. Show startup-config – this command shows the configuration file that is stored in the NVRAM.
  3. Show running-config – the commands that are currently being used by the router for its operation can be viewed using this command. This information is usually stored in the router’s RAM.

Network simulation using packet tracer

As mentioned earlier, access to physical network devices may at some times be difficult, and since this course is based mainly in a lab environment where we need to access and configure these devices, we need an alternative.

Your instructor should be able to give you access to packet tracer. A program that can be used to simulate networks in the lab environment. This software will give you access to most if not all, commands and devices needed in CCNA. In this course, we will use packet tracer and real devices in configurations.

After installation, the main window of packet tracer will be as shown below.

Familiarize yourself with the software. At the bottom left, we have the various categories of devices that may be used in the network. These include routers, switches, and connections among others. Clicking on any of these icons will bring a list of more devices in each category.

To use a device, simply click on its icon and drag it to the main work area shown in white.

On the right hand side, near the bottom, there are two icons in the shape of envelopes. These icons are used to capture packets and you will use them at a later stage. As you continue to use this software, you will become more and more experienced and gradually you will know all the capabilities and functions.

The scenario

In this chapter, we will configure 2 routers and 1 host PC in packet tracer. This will be basic configuration, aimed at showing you the main features of IOS and immersing you into the CISCO configuration environment using packet tracer.

The topology shown below shows 2 routers and a PC. The connection from the PC to router R1 is done using a crossover cable while the interconnection between the two routers is done using a serial cable.

The serial interface on R1 is the DCE side while the connection on router R2 is the DTE side. If you are using physical devices you should be aware of this cabling.

In this topology, we have 2 routers labeled R1 and R2. We have a connection between them which is S0/0/0 DCE on R1 and S0/0/0 on R2.

Router R1 is connected to PC A through 2 interfaces. One is the console port which will be used to configure the router, while the other will be the network port to PCA’s NIC via Fa0/0 on R1.

In packet tracer, the diagrams shown below are a guide to making this topology.

Step 1:

Drag and drop into the main work area the devices that will be used in the configuration as shown in the topology. In this case we use 2 1841 CISCO ISR routers. By default they are labeled Router0 and Router1. Also in the end device section drag and drop a PC icon, as shown in the diagram.

Step 2:

Click on the router0 icon. A new panel opens up and details the back panel of the router. At the top, there are three tabs – physical, config, CLI. In this case we are interested in the physical. This router, does not have a WAN connection interface as shown in the part highlighted by the red arrow. We need to install the WAN interface module on both routers so that we can interconnect them using serial links.

To do this, we have to shut down the router and look for the appropriate module on the left which can be used for serial WAN connections. To turn off the router, you need click the switch button shown by the blue arrow in the diagram above.

Step 3:

We need to add the correct WAN module. From the left to the panel on the right highlighted by the red arrow in the previous diagram. In this case and most other scenarios, we will be using the WIC-2T module highlighted in red. Drag and drop it to the empty space as shown above.

NOTE: the router goes off when the power button is switched. After installing the module you need to switch it back on.

Step 4:

Next we need to connect the devices with the correct cable. The connection from the PC to Router0 uses a crossover cable while the connection between the two routers uses a serial DCE cable. In the connections tab at the bottom make sure you use the correct cable.

To connect devices:

  1. Select a cable by clicking on it.
  2. Click on the device you want to connect to
  3. Choose the correct interface number
  4. Repeat process on the other end of the cable by dragging it to the opposite device and clicking on the correct interface.

These steps are shown in the diagrams below

The connections shown are for router0 and router1.

Connection on Router0 shown above using serial0/0/0

The connection on Router1 using serial0/0/0 there are two connections from PC0 to Router0. One connection shown by the black dotted line is the LAN interface on PC0’s fastethernet interface while the blue one is the console cable used to configure Router0 as shown below.

As you can see from the diagram above, the interface labels are visible. To enable this, go to options, then click on preferences and in the preferences tab select the option that says “always show device labels” as shown below marked by a red arrow.

The console cable connects to the RS 232 port on the PC and the console port on the router.

Now that we have interconnected the devices, we need to access the CLI interface on the router from the PC0.

To do this, we need to click on PC0’s icon. Whereby we will receive this output.

As mentioned earlier, packet tracer simulates the operation of different network devices, in we click on the desktop tab, we will see the same options as we would a physical computer.

In this tab, we have several options such as the ip address configuration, the terminal and command prompt among others. In this case we will use the prompt which will connect us to the routers CLI.

After clicking the terminal tab, leave the configurations options on default and click OK. This will connect you to the router in its boot-up process shown by the several “#” output.

After the boot-up process is complete, you should receive a command prompt shown below. Type in “no” and press enter.

After this prompt, we will enter the user exec mode. As we mentioned earlier, this is the first access point in the CISCO IOS CLI.

It is denoted by the output:

Router>

To enter the privileged configuration mode we should type in “enable” and enter. This will take us to the privileged executive mode denoted by the output shown below.

Router#

In this mode we can do various troubleshooting commands such as show and debug commands.

Next we need to access the global configuration mode so that we can begin our configuration. To do this, we need to type in:

“configure terminal” followed by ENTER. This will take us into the global configuration mode which is shown in the prompt output as:

Router(config)#

NOTE: if you are using real devices, the steps followed should be the same, and the output received should not be different. However, if you need more information, contact your trainer.


Configuration

In this section, we should configure the following.

  1. Hostname on router0
  2. Limit access to the router
  3. Configure banners
  4. Disable ip domain lookup
  5. Configure the interfaces
  6. Verify the configuration
  7. Test local network connectivity
  8. Document the network

The commands used will be done mainly from the global configuration mode on router0. We will not configure Router1 but the same concepts will be used. Keep this in mind.

Hostname on Router0

In the topology diagram, the first router was R1 not Router0, when naming routers, remember to only use alphanumeric symbols and the underscore only. There should be no space between the names because this will return an error.

To change a hostname of a router or a switch the command needed in the global configuration mode is:

Router(config)# hostname <NAME_OF_ROUTER>

The parameter shown in angle braces will be the name used on the router or switch.

In this scenario, In the global configuration mode on Router0, the command needed to change the name of this router from Router0 to R1 will be:

Router(config)#hostname <R1>

After entering this command, you should be able to see the change reflected immediately from:

“Router(config)# ” to “R1(config)#

Now with that command we have successfully changed the name of the router.

Limit access to the router

The next thing we need to do is to limit access to the router. We need to do this so as to strengthen the security. Every device should have locally configured passwords to limit access.

We have seen that the CISCO IOS is organized hierarchically. One of the reasons behind this is to enhance security. In this respect we need to configure security on our router. The passwords we will configure are to require authentications at various points on our routers. The passwords we will configure are:

  • the console line password – to limit connection to the router using the console port
  • the enable password – to limit access to the privileged Executive mode
  • enable secret password – to configure encrypted passwords to protect the privileged EXEC mode
  • VTY lines password – to protect access to the router via telnet
  1. Console line

We first need to secure the console lines. As we saw earlier, the console lines allow access to configuration of the router through the router’s console port. To do this, we need to access the console line in the global configuration mode.

The command to access the console line is:

Router(config)# <line console 0>

The first line is usually 0 as shown above. After entering this command, we will enter the specific configuration mode for the console line which is shown below:

Router(config-line)#

From this mode, we need to enter a password and also a command to require authentication before accessing the console line. The commands needed to do this are:

Router(config-line)#password <cisco>

Router(config-line)# login

The first line specifies that the password for the console on this router is “cisco” and the second line – “login” states that for anyone to access this router, you will need to enter a password to access the CLI using the console port.

To verify this command, the next time someone tries to access this router after it is rebooted, they will be required to enter this password.

In this scenario, we will use the password “cisco123” and the commands needed on R1 will be

  1. Privileged exec mode – enable password

The privileged executive mode allows us to access the global configuration commands, therefore, it is important to secure this mode so as to limit access.

To do this, we need to configure the “enable password” on the router’s global configuration mode. This will require the use of a password to enter the privileged executive mode.

In the global configuration mode enter the following:

Router(config)#enable password cisco

The above command specifies that to be able to access the privileged access mode, the user has to enter the password cisco in the user exec mode.

On R1, we configure the password “cisco1” for the privileged executive mode using the following command.

R1(config)#enable password cisco1

To verify this command, enter the command “end” to return to the privileged exec mode, then enter the command “disable” to return to the user exec mode.

To login to the privileged exec mode on R1, you will be required to enter the password “cisco1”.

  1. Enable secret command

The use of the enable password, is not secure since the password is stored in the flash memory as plain text and it can be easily cracked. To enable a more secure password for the privileged exec mode, we use the enable secret command.

The enable secret command will create an encrypted password.

To enter this command on a router use the following command:

R1(config)#enable secret <cisco12>

This specifies that we should use an encrypted password of “cisco12

If we use this command on R1, it will override the enable password and replace it with the secure password. To do this on R1 enter the following command.

R1(config)#enable secret cisco12

  1. Vty lines

We also need to limit remote access to the router, the vty lines allow access to a router via Telnet. By default, many Cisco devices support five VTY lines that are numbered 0 to 4. A password needs to be set for all available vty lines.

To enable a password for the telnet lines, we need to enter the specific configuration mode for these lines. To do this, we enter the command shown below:

R1(config)#line vty 0 4

The above command specifies that we want to configure the 5 telnet lines on this router. After entering this command, we will enter the vty lines configuration mode shown by the prompt below.

R1(config-line)#

In this mode, we can configure the password and require authentication when a user wants remote access to a router. The commands needed to accomplish this are:

R1(config-line)#password <telnet_password>

R1(config-line)#login

The commands above specify that this router should be configured with a password and should require authentication with said password for access.

On R1, to secure the vty lines using the password cisco1234, the commands needed to accomplish this will be:

  1. Encrypting Password Display

The commands that we have used to configure the passwords are insecure since the passwords are stored in plain text. To enhance the security of the passwords that we have configured, we use the command “service password-encryption“. When this command is executed, the plain text passwords will be encrypted. This means that they one cannot see the password in plain text from the running- config.

To configure this on router R1, enter the command shown below in the global configuration mode:

R1(config)#service password-encryption

This will ensure that no password can be viewed from the running configuration.

Configure banners

Configuring passwords is a good measure to protect the router from unauthorized access. However, we also need to warn would be attackers.

Banners are a way in which we notify unauthorized personnel who would want to access the router. In some cases, failure to apply banners can cause attackers to escape legal ramifications since they can argue that there was no information against unauthorized access.

One way to configure the banner is using the MOTD (message of the Day). To do this, we need to enter the command shown below in the global configuration mode:

R1(config)#banner motd <# insert message in here #>

The # in the banner motd command denotes the beginning and end of the message to be displayed.

On R1, to configure a banner that states “!!!! WARNING, AUTHORIZED ACCESS ONLY!!!!” the command shown below will be used.

R1(config)banner motd #!!!! WARNING, AUTHORIZED ACCESS ONLY!!!! #

Once the command is executed, the banner will be displayed on all subsequent attempts to access the device until the banner is removed.

Configure the interfaces

In this scenario, there are 2 interfaces on R1 and 1 on the PC0 that we need to configure. The addressing scheme used is shown below.

Device Interface Ip address Subnet mask Default gateway
PC0 FastEthernet 192.168.1.2 255.255.255.0 192.168.1.1
R1 FastEthernet0/0 192.168.1.1 255.255.255.0
Serial0/0/0 192.168.12.1 255.255.255.252

We will not configure Router1. When configuring the PC, the following steps should be taken:

  1. Click on the PC0 icon
  2. Click on the desktop tab
  3. Click on the ip configuration tab
  4. Enter the values shown above
  5. Close the ip configuration tab

On the router, we need to configure the interfaces and also activate them. By default, interfaces on routers are usually deactivated.

To configure the interface on a router, the following commands will be used.

Router(config)#interface <interface_name><interface_number>

Router(config-if)#ip address <interface_ip_address> <subnet_mask>

Router(config-if)#no shutdown

Router(configu-if)exit

  • In the above configuration, the first line is used to enter into the specific interface configuration mode. This will allow us to enter various interface configuration options.
  • The second line will assign the ip address and the subnet mask according to the specifications
  • The third line will activate the interface and make it usable.

In this scenario, we have 2 interfaces on R1. To configure R1’s FastEthernet0/0 interface, the following commands will be used:

To configure the serial interface the following commands will be used.

As you can remember, we connected the router R1 using a serial DCE cable, this means that this interface must have a clocking signal simulated as you would using a CSU/DSU. The command:

Clock rate 64000 above, specifies that this interface is the DCE side and it has a clock rate of 64000.

In packet tracer, after configuring the interfaces and executing the “no shutdown” command, the end points on the fast Ethernet link from the PC0 to R1, should turn from red to green as shown in the figure below:

Verifying the configuration

After all these configurations are done, we need to verify that they have been executed as well as save the configuration to the NVRAM from the RAM.

To save the configuration, we need to exit to the privileged executive mode and enter the following command:

Router#copy <running-config> <startup config>

The command above when executed will save the running configuration to the NVRAM of the router, this will make the running configuration the startup-configuration in the next boot-up of the router.

On R1, the command needed to save the running configuration to the flash memory will be as shown below.

R1#copy running-config startup-config

After saving the configuration, we also need to verify the operation of the router, as well as check for connectivity to our host PC.

The verification commands we will use will also be used when troubleshooting. More on troubleshooting will be discussed in subsequent chapters.

In this chapter, we will check for the interface configuration, the running configuration, and the connectivity to the PC using ping command.

The running-configuration

After configuring the router, we need to check all the configurations used, to do this we need to check the running configuration. The running configuration as we mentioned earlier is stored in the RAM and therefore, any additional commands we make will need to be saved to the startup configuration.

The running configuration will show us all the commands that we have used while configuring a device.

The command used to check the running configuration is executed in the privileged executive mode and it is shown below.

router# show running config

When executed, this command will show us all the configuration commands used on a router or a switch.

The output of the show running-config on R1 is shown in the exhibit below:

Verify interface operation

When verifying the interfaces on routers, we need to check whether they are operational and whether they have been assigned the correct ip addresses. To accomplish this, we will use the commands shown below in the privileged executive mode:

  • Show ip interface brief
  • Show interface <interface name> <interface number>

Show ip interface brief

The output of this command will show the operational status of an interface at layer 1 and layer 2. The output shows the interface, the ip address assigned, the status, and the status of the protocol which is connectivity at layer 2. If the interface is operational, the status and protocol should be up/up.

Show interface <interface name> <interface number>

The output of this command shows the status of the specific interface as shown in the output below for interface FastEthernet 0/0.

As you can see from the above output, the interface is shown as on and it is operational. This is another way we can verify the status of an interface.

Summary

In this chapter, we have looked at the basic configuration in CISCO IOS. We have configured a router in packet tracer given the requirements of the lab. We have also looked at the command structure of IOS. In the next chapter, we will begin routing by looking at how routing works and configuration of static routes.

Planning and cabling the network

Overview

In our previous chapters, we have looked at the OSI and TCP/IP models in detail and explained how they aid in communication. All these concepts lead up to this chapter and beyond. In this chapter, we will learn how to plan our networks and look at the various cabling options to use in our networks at the end of this chapter, we should also learn how to plan for the IPv4 addressing we will use in our networks.

Introduction

There are many considerations to make when planning the network. In this section we will consider the LAN connections and the WAN. The choice of which router to deploy is determined by the Ethernet interfaces that match the technology of the switches at the center of the LAN. The internetwork devices that we will be using in this course will be primarily routers and switches.

Router

The routers in our networks are used to interconnect the various LAN networks. Each LAN is usually connected to others using an interface on the router. The router has various LAN interfaces that it connects to these segments. Therefore, when choosing a router, you should consider the number of LANs in your global network. The router should also have interfaces that connect to outside interfaces such as to an ISP.

The figure shown below shows the various ports that can be found on a router as well as explanations on their use.

 

 

  • The fast Ethernet interface will be used to connect to our LAN networks while the serial interface will be used to connect to the WAN.
  • The console port is the main configuration port on a router, and it is where we will connect to the router and issue configuration commands through. The auxiliary port shown as aux port is used as an alternative to the console port.
  • The power button on a router is used to turn on and off the router.

 

Switch

The switch will be used to connect to the various end user devices in our network. These may be PCs, notebooks, IP phones among others. The switch is connected to the router using one of its interfaces so that other networks can be reached through the router.

The image shown below shows a 48 port CISCO switch.

 

Device selection factors

In our networks, there are several factors that will affect which devices we will install. These factors may affect network performance and may be influenced by the factors shown below.

Cost – the various models of CISCO routers and switches, the choice of router or switch may be influenced by the budget that the organization may have.

The speed of the ports on a device may influence the decision to install a particular device. We will learn about the various speeds and how they influence the network performance in upcoming chapters.

Other factors that may influence our choice of device are the manageability of a device, support, durability, whether it has expansion bays, among others.

Whatever device is chosen for your network, however, the successful implementation of the network will depend on the configuration and careful planning that has been done.

Cabling the network

Cabling factors

When cabling the network there are several factors to consider.

  • The length of the cable
  • Telecoms room
  • Backbone and distribution cabling
  • Environmental factors

The length of the cable is one of the most important factors to consider. In most networks we will use the UTP (Unshielded Twisted Pair) cable. This cable is made of copper the range should be limited to 100 meters.

Telecommunications room – in many organizations, this is the central area where intermediary devices such as routers, backbone switches, among others are located. The cabling in this room should be correctly labeled so as to avoid misconfiguration and other problems.

Backbone cables are the cables used to connect to devices such as servers, distribution cables connect to end user devices and are mainly straight through UTP cables.

 

When cabling the network, there are several types of cables that may be used. We will discuss the use of the UTP cable and the serial cables.

UTP cable

The UTP cable will be used to connect the following devices

  1. Router to router – depending on scenario
  2. Router to switch
  3. Router to PC – or other hosts end devices
  4. Switch to switch
  5. Switch to hosts.

These configurations use three main types of UTP cable configurations which are.

  • Straight through
  • Cross over
  • Rollover cable

TIA/EIA governs the UTP cabling standards, the figure below shows an example of the UTP cable. It has four pairs of cables with different color codes.

There are 8 wires in pairs. These are

  1. Blue
  2. White+blue
  3. Orange
  4. White+orange
  5. Green
  6. White+green
  7. Brown
  8. White+brown

The two T568 standards i.e T568A and T568B, determine the arrangement of these wires so as to suit the various configuration needs.

T568A and T568B arrangements are shown in the image below.

These configurations are constant and cannot change.

  1. Straight through configuration – both sides of the UTP cable have the same standard i.e both are either T568A or T568B.
  2. Crossover cable configuration – one end is T568A the other end T568B.

Where to use these cables

The straight through cable is used to connect devices that work on different layers of the OSI models. i.e

  • Routers and hosts such as PCs work on layer 3 – logical addressing
  • Switches work on layer 2 – physical or MAC addressing

Therefore, to interconnect a router to a switch or a switch to a PC, we use a straight through cable.

To interconnect devices working on the same layer in the OSI model, we use crossover cables. Ie – switch to switch, router to router and router to PC.

The table below shows the various connections used in the LAN using these standards.

Device 1 Device 2 Cable type
Router Router Crossover cable
Router Switch Straight through cable
Router PC Crossover cable
Switch Router Straight through cable
Switch PC Straight through cable
Switch Switch Crossover cable

 

The rollover cable

The rollover cable is used to configure the router. This is shown below. This cable has a special configuration as shown.

There are different router models and as such they determine the connector used on the rollover cable.

The RJ45 connector side is connected to the router, while the other side connects to the PC’s port. This will be discussed in the next chapter when we will be doing the basic configuration.

These are the standards used in cabling in the LAN. When it comes to the WAN, we will use the serial connections.

Serial connections

Serial connections are used to connect the gateway router to the external network such as the ISP or the internet. There are several standards that are used in serial connections, however, we will focus on the V.35 cable.

In the labs in this course, we will use the V.35 cable with a 60 pin connector to the router’s side. This cable comes in two specifications.

In the real world, the male side of this cable which has 15 pins is usually connected to a CSU/DSU device to provide clocking. However, in lab environments, the male side of this cable is connected to the female V.35 cable to simulate a CSU/DSU connection.

In the WAN environment, the following terms are used to describe the types of devices and connections used.

DCE – this is a device that provides a clocking signal to the router from the WAN service provider.

DTE – typically the router will serve as the DTE device in our networks. It is the device that receives the clock rate from the DCE.

The CSU/DSU device is the device that provides the clock rate and is considered the DCE.

NOTE: we will discuss more on the WAN connections in the chapters on connecting to the WAN.

The figure below shows the serial V.35 DTE cable

The figure below shows the V.35 DCE side cable

In the lab environments such as the ones we will be running our labs in, the V.35 DCE cable will connect to the router which will be providing the clocking signal while the male side will connect to the DTE as shown in the figure below.

Lab environments

NOTE: in our lab environments we will simulate the clocking signal on the routers therefore we will use a different type of serial connection. In this case we will use a serial DCE cable and a serial DTE cable. Normally in real world scenarios, routers are the DTE devices while the CSU/DSU the DCE. However, since this is a lab environment we can use a router as a DCE device. The real world use of serial cables is shown below.

The serial DCE cable is a V.35 serial cable with one male Winchester on one end and a female connector on the other end. This is shown below.

 

Developing an ip addressing scheme

Developing an IP addressing scheme is one of the most important tasks that you as a network technician are supposed to be perform. There are several factors that are to be considered in this respect.

  • The current needs
  • The number of devices needing ip addresses
  • The future needs

When developing an addressing scheme for a network, the first task is to determine the number of host or end user devices in the network. These may include: IP phones, servers, User PCs among others.

We also need to consider the number of internetworking devices and interfaces on those devices that may need ip addresses. These may include: router LAN interfaces, WAN interfaces, firewalls among others.

The third consideration we need to make is for the devices in our networks that may need management ip addresses. These IP addresses are the means to connecting to devices that we need to configure such as switches and wireless access points.

For these devices, we need to list all the categories of devices and determine the number of ip addresses that are needed. We also need to account for future growth of the network.

After this determination, we need to recall the formula for the number of host ip addresses as learnt in the chapter on addressing in IPv4.

The formula is 2^n- 2= number of host addresses, where n is the number host bits we need.

Another consideration that we need to make is the number of subnets that we require in our networks.

Remember:

  • Each connection to a router from our LANs is supposed to be on a separate subnet. The IP address that is configured on the router’s LAN interface is usually the default gateway for the devices in that subnet.
  • The interconnection between the routers on the WAN links is supposed to be on its own subnet.

Given a particular addressing space, the formula to calculate the number of subnets we require is “2^n” where n are the bits that have been borrowed from the host portion.

The next step, after subnetting is to apply the appropriate subnet mask for the different subnets in our network.

The last step is proper documentation of the IP addressing scheme. This is necessary so as to avoid misconfiguration issues as well as to simplify troubleshooting when issues arise.

NOTE: we will learn how to properly assign ip addresses in subsequent chapters.

Summary

In this chapter, we have looked at how we plan and cable our network. We looked at the role of various devices in the network including the router and the switch. We also looked at the different connections used in the LAN and the WAN. We concluded by refreshing our knowledge of IPv4 addressing by planning the subnet for use in the network. In the next chapter, we will do the basic configuration of a router. This will lead into the routing chapters.

 

Data link layer, Ethernet and physical layer

Overview

In the previous chapters, we learnt about the application layer and transport layer port communication, we also looked at the network layer and IPv4 addressing for remote delivery of packets. In this chapter we look at the data link layer and discuss how it prepares packets for transport over different types of media and physical network components, we will also look at some of the Ethernet concepts and finally look at the physical layer.

Data link layer

The data link layer is the 2nd layer in the OSI model. its function is to primarily prepare packets for transmission over the physical media. It also serves to control the flow of data that will traverse the physical media. The Data Link PDU is the Frame. The two main functions performed at this layer include.

  • Framing of packets received from the network layer
  • Control of how data is handled by the physical media through MAC (Media Access Control) and detection of errors.

The devices at this layer are referred to as nodes.

Protocols and services

In the other layers, most of the protocols were defined by the RFCs. However, in the Data Link layer, the IEEE defines most of the protocols. We will discuss some of these protocols in chapters on switching.

Physical layer

The OSI model layers that we have discussed previously mainly focus on conversion of the data from the user to a form that can be transmitted over the physical media. The physical layer which is the 1st layer of the OSI model, is responsible for transmitting the data over the different types of physical media that may be present.

The frames that are received from the data link layer are converted into bits for transmission over the medium in this layer. Depending on the type of physical medium, the physical layer may represent the bits as either; light signals, electrical signals or waves for transmission over wireless media.

The transmission of this bits over the physical media depends on the following:

  • The type of medium and its connectors
  • The form of representation of the bits; either electrical, light or wave signals
  • The data encoding and the control information
  • The types of transmitters and receivers in the networks

As we have learnt earlier; by this stage in communication, the user data has undergone several processes; segmentation at the transport layer, packets in the network layer, encapsulation into frames at the data link layer and finally, the data is converted into one of the three forms that can be transmitted over the physical media; electrical, light signals or microwaves in the physical layer.

The three main forms of transmission media that we use in networks are:

  1. Copper cable
  2. Fiber
  3. Wireless

Just like the data link layer, the standards in the data link layer are not defined under RFC, however, other standards do exist.

Data carrying capacity in the physical layer

The various physical media offer transfer of data at different speeds. The data transfer rate can be measured using three metrics.

  1. Bandwidth – the capacity of the line. This is measured in bp/s (bits per second), kb/s kilobit per second and mb/s megabit per second.

NOTE: you should be careful not to confuse the bandwidth units. The symbol used to represent bandwidth is bps or b/s. the letter b is in small letters, this is not the same as the storage speed which is measured in Bytes per second (Bps) with a capital B.

  1. Throughput – this is the actual transferred data over a certain amount of time, in most cases it is usually less than the bandwidth.
  2. Goodput – the actual useable data that has been transferred over a certain period of time is known as goodput.

Ethernet

The standards at the layer 1 and 2 of the OSI model are defined as Ethernet standards. The different standards used in Ethernet define the different layer 1 and layer 2 protocols, however, the format of the frame does not change.

As we mentioned in the previous sections, the data link layer provides mechanisms for converting packets to frames while the physical layer converts frames to bits which are then transmitted over the physical media.

The hub

In the yester years, the main Ethernet standards in many Local area networks was the HUB. The hub used a technique known as the CSMA/CA (Carrier Sense Multiple Access/ Collision Avoidance) and CSMA/CD (Carrier Sense Multiple Access/ Collision Detection). This was implemented using either the bus or hub technologies.

Like the name suggests, the hub was at the heart of communication in a network segment and devices could only transmit data one at a time.

The HUB operates at layer 1, this means that when data is received by a hub, it floods this information to all the devices in the network. This is a major performance issue since there may be congestion, network failure among others.

NOTE: the area in which the Hub is the center of communication is refer to as a collision domain. This is because there is a high possibility of collisions.

The communication in a collision domain such as the one by a hub has the following characteristics.

  • Flooding – where frames are sent to all devices in connected to the hub.
  • Only one device can communicate at any instance
  • Communication is only one way
  • One collision domain

The switch

The problems associated with hubs, such as high failure rate due to collisions were a major hindrance to growth of networks. As a result, a new solution to combat this was introduced. The switch, changed communication in networks in many ways, each port on a switch acted as a single collision domain, therefore, the switch had as many collision domains as it had ports. This meant that the likelihood of collisions was reduced. The switch worked at layer 2 as opposed to layer one which meant that the switch could learn of the devices on its network and instead of flooding frames, unicast communication was possible.

Further development lead to bidirectional communication, instead of only one way communication as seen in hubs, also with switches many devices can communicate simultaneously.

The area where a switch is center of communication is known as a broadcast domain. In this type of communication, each port is its own collision domain therefore, there are as many collision domains as there are switch ports.

Some of the other characteristics of a switch include:

  • Communication at data-link layer instead of the physical layer
  • Full duplex communication
  • Broadcast domains instead of a single collision domain

NOTE: Some of the concepts of switching will be discussed at a later stage. These concepts are vital and are frequently examined in the CCNA composite exam and the ICND 1 and ICND 2 exams.

Summary

In this chapter, we have looked at the data link layer and how communication at layer 2 occurs. We have also looked at the physical layer and sending of data over the physical medium as bits. We concluded with the Ethernet and looked at communication over a switch and a hub. In the next chapter, we will do the basic configuration of a router and look at some of the CISCO IOS basics.

Addressing in ipv4 – part 2

Welcome to part 2 of addressing in ipv4. In part 1 we looked at how IP addresses are assigned in ipv4. We looked at the various types of ipv4 addresses and we also did basic subnetting. In part 2, we will continue subnetting and introduce a few more concepts.

Classful addressing in ipv4

When IPv4 addresses were introduced, the standard was based on classes on the RFC 791 standard. There were three classes that were introduced and this was based on requirements of companies at the time; class A was for large organizations, class B for medium size enterprises and class C for small organizations.

The table below shows the different classes in ipv4.

Class A addresses start with a 0 bit, and they range from 0.0.0.0 to 127.255.255.255 the first address which is 0.0.0.0 with a subnet mask of 0.0.0.0 is reserved for default routes. This will be discussed in a subsequent chapter.

Class B IPv4 addresses start with the high-order bits of 10. Their range is shown above.

Class C IPv4 addresses start with two 1bits and one 0 bit. They range from 192.0.0.0 to 223.255.255.255.

The remaining IPv4 address ranges were reserved either for experiments or for multicasts. However, with classful IPv4 addressing there were several problems. For example, suppose a company only required 100 hosts and they were assigned a class B ip address range, this would mean that there would be very many wasted IP addresses that would bring problems in expansion and future use of IPv4 addresses. To address this, classless IPv4 addressing was introduced.

Classless ip addressing

Classless IPv4 addressing is a solution to the wastage of ip addresses occasioned by classful addressing. The Classless Inter-Domain Routing (CIDR) addressed this problem with the use of the subnet mask instead of the number of high order bits.

CIDR AND VLSM

With CIDR, the use of variable length Subnet Masks (VLSM) is possible. The VLSM is used to allocate IP addresses based on the needs of the organization as opposed to the class. The networks can also be subdivided into smaller parts based on the organization’s internal needs.

In this chapter, we will discuss sub subnetting and suppernetting, in future chapters, we will cover route summarization when we begin routing.

Subnetting continued

As we have seen in the concepts discussed above, it is possible to subnet a subnet. In most of this section, we will learn how to subnet subnets to fit the particular needs that we may have in our organizations.

Take the ip address 192.168.1.0/24 we will sub-subnet it to see how we can effectively assign IP addresses to hosts.

Subnetting a subnet

In this section, we will look at how we can subnet a subnet. This is part of VLSM.

In this scenario, we have been given the ip network 192.168.1.0/24, our task is to subnet this network according to the requirements.

Subnet 192.168.1.0/24 to give 6 subnets with 1 subnet with 125 hosts, 1 subnet with 60 hosts, 1 subnet with 30 hosts and 3 subnets with 2 host ip addresses.

Task 1. 1 network with 125 hosts

We need to calculate how many right hand side bits we need, then the rest will be allocated to the network portion.

2^n=125 – 2

2^7=128

128-2 = 126

Therefore, we only need 7 host bits. 1 bit will be in the network portion.

The new subnet mask after we add 1 bits to the network portion will be:

192.168.1.0/25

Therefore, the increment will be 128. In this case the first network will be 192.168.1.0/25

The second network will be 192.168.1.128/25 as shown below

These will provide enough host ip addresses for 125 hosts which is task 1.

Task 2. 1 subnet with 60 hosts

In task 1, we have assigned the network 192.168.1.0/25 to the first network, this means that we have 192.168.1.128/25 to work with. This subnet needs to be subnetted to give 60 hosts ip addresses.

Therefore, we need to calculate how many host bits we need to accommodate this.

2^n-2= 60

2^5- 2=30, this is less than 60 therefore it will not be adequate.

2^6-2 = 62. This therefore will be enough for the hosts in LAN A.

The host bits will be 6 and we will borrow 2 host bits to get these new networks.

The new subnet mask for the 192.168.1.128/25 network after subnetting will be:

255.255.255.192

NOTE: in the first task, we remained with the second subnet which is 192.168.1.128/25, therefore, the new subnets have to come from this subnet.

The increment number will be 64, therefore the 2 networks will be:

  1. 192.168.1.128/26
  2. 192.168.1.192/26

The first network after subnetting will be assigned to the network which requires 60 hosts. i.e, 192.168.1.128/26. The second subnet will be subnetted further according to task 3.

Task 3. 1 subnet with 30 hosts

We need 30 host ip addresses, this addresses will be gained by the third subnet we gained in task 2. i.e. 192.168.1.92/26

First, we need to determine how many host bits will be needed in the hosts portion.

2^n-2= 30

2^4-2=14, which will not be enough.

2^5-2= 30, which will be enough and will allow for expansion.

Therefore, the hosts portion will have 5 bits and the network portion will borrow 3 bit from the fourth octet.

The new subnet mask for the network 192.168.1.192/26 will be as shown below.

This is 255.255.255.224

Therefore, the increment will be 32

The first network will be as shown below. 192.168.1.192/27

The second and last network will be 192.168.1.224/27

Task 4. 3 subnets with 2 host ip addresses.

The final task is to subnet the 192.168.1.224/27 subnet to give three subnets each with 2 host ip addresses.

First we determine how many host ip address bits will be needed.

2^n-2=2

2^2-2=2 will be enough.

Therefore, the host portion will have 2 bits, while the network segment will borrow 6 bits.

The new subnet mask for the network 192.168.1.224/27 will be.

The subnet mask is: 255.255.255.252

The increment in this network will be 4.

The three networks that we require will be:

These networks are appropriate for point to point links. Such as a link between two routers.

Suppernetting

In the previous section we have discussed subnetting which is the dividing up of a large network into smaller ones. Suppernetting is the opposite of this and it is where we combine small networks to give us one large networks. This concept will be discussed in detail when we will be looking at route summarization, however, the steps taken to supernet are shown in the next scenario.

Supernetting lab

In this scenario we have been given the following subnets:

Our task is to supernett these ip addresses to give us a summary address.

Step 1. Write down the ip networks in binary form.

Step 2. Determine the number of similar bits on each network and draw a line to mark the end of matching bits.

Step 3. Count the number of matching bits and write their equivalent in decimal format.

In this scenario, the matching bits are the first and second octet as well as the first six bits in the third octet.

They can be represented as shown below.

192.168.0.0

Step 4. We need to determine the new subnet mask for this summary address:

For the matching bits, place all “1s”.

This will be: 11111111.11111111.11111100.00000000

This is the new subnet mask which is equivalent to the decimal shown below.

255.255.252.0

Therefore the new network will be: 192.168.0.0/22

This is the supernet for the networks that we had.

NOTE: in this chapter, we have discussed supernetting briefly, these concepts will be better understood when we are in the routing chapters.

Summary

With the brief discussion on supernetting, we have come to the end of this chapter on IPv4 addressing. These concepts will be applied throughout the course therefore, be sure to grasp them well. You are advised to practice as much as you can on subnetting, VLSM subnetting and supernetting. In the next chapter, we will look at the data link layer of the OSI model.

Addressing in ipv4 – part 1

Overview

In the previous chapter, we looked at the network layer and its involvement in communication. in this chapter, we will look at ipv4 addressing. This is one of the most important concepts in networking and will be critical in your overall success in networking. Understanding this chapter is critical to the rest of your studies. This chapter is divided into two parts so that it can better understood. In the first part, we will look at binary vs decimal, then we will be introduced to subnetting. Then we will finish up by subnetting a few addresses.

Decimal vs binary

We are used to decimals. The number systems used everywhere today is mostly binary. Base of 10.

10^0=1

10^1=10

10^2=100

This is what we use in day to day activities. However, computers are limited to only 2 digits. “1” and “0”, which represent “ON” and “OFF”. The ip addressing system we use is based on this concept. All ipv4 addresses that we use are a decimal representation of the binary form that the computer knows about.

The table below shows the difference between decimal and binary connotations.

You will be seeing the binary table more frequently as we continue in this chapter and others.

How networks are addressed

I believe the most of you have seen an ip address. The ip addressing scheme used contains two parts.

  • The network part – from the left hand side
  • The host part – from the right hand side

In IPv4 addresses, the high-order bits (bits starting from the left side) represent the network address, the low-order bits (bits on the right hand side) represent the host portion. In IPv4 addressing, hosts who have matching high-order bits are said to be in the same network.

The number of bits in each side either the network portion or the hosts portion determine the number of networks and hosts respectively.

To understand how networks work, we need to understand binary to decimal and decimal to binary conversion.

Take 192.168.1.0 as the ip address example. We need to convert this to binary. The figure shown below shows how this is done.

The figure below shows how this can be done.

Keep these steps in mind:

  1. Divide the 32 bits into 4 octets.
  2. Convert each octet to decimal.
  3. Add a “dot” between each decimal

NOTE: you need to practice converting decimal form addresses to binary form for you to understand IPv4 addressing, therefore, practice is vital.

Now that we have learnt this concept, the table below shows a way you can convert each number into binary easily.

Based on this table, you can convert any number to binary or decimal easily.

For example, if we want to convert 255 to binary, we would take the following steps.

Take 255, compare it to 128, if it is larger, subtract 128 to give 127

Is 127 larger than 64 if yes then subtract 64 to give 63

is 63 larger than 32, if yes subtract 32 to give 31

is 31 larger than 16, if yes subtract 16 to give 15

is 15 larger than 8, if yes subtract 8 to give 7,

is 7 larger than 4, if yes subtract 4 to give 3

is 3 larger than 2, if yes then subtract 2 to give 1

is 1 larger or equal to 1, yes. This is the last step of the process.

This can be summarized in the flowchart shown below.

Now if a number from the example above is larger or equal to the binary equivalent, the binary number will be 1, if it is less than that then the binary will be 0.

Therefore, the binary conversion of 255 will be, 11111111.

 

Now based on these two forms, can you convert the following to binary?

178, 168, 150, 10, 4.

These sequential steps will be useful in knowing how to subnet.

Because our representation of addresses is limited to decimal values for a single octet, we will only examine the process of converting 8-bit binary to the decimal values of 0 to 255.

Types of addresses

In any IPv4 network address range, we have 3 main types of addresses:

  • Network address – this is the address we use to name the network.
  • Broadcast address – this is a special type of IPv4 address that is used to send packets to all hosts in a particular network
  • Host addresses – these addresses can be assigned to hosts or devices in our networks such as PCs, laptops, IP phones among others.

Network Address

The network address is the name we give to a network, for example a network with the address shown below is known as “the 10.0.0.0” network. All hosts in this network belong to the 10.0.0.0 network. The network portion for these hosts would all be the same.

In networking the first IPv4 address in a network is usually the network address.

Broadcast Address

The broadcast address in IPv4 is a special address that is used to send information to all the hosts in a network. The broadcast address is always the highest or last address in a network. In the example below, the broadcast address is the address with all 1’s in the host region.

The last address in any network will always be the broadcast address.

The first three octets represent the network portion, the third represents the broadcast address.

Host Addresses

As we discussed earlier, the hosts in our networks need to be assigned an IPv4 address. The address that can be assigned to these hosts is any IP address that falls in between the network IP address and the broadcast IP address.

NOTE: you cannot assign the network and broadcast address to a host and these are reserved.

From the above, we can ask ourselves, how can we tell how many bits represent the network and host portion? Well, for this, we use a prefix length. This is done by counting the number of bits in the network portion. When we represent the address in decimal form, we use a back slash “/” followed by the number of high-order bits as shown in the table below.

In this case the network 172.16.1.0 has 24 high-order bits and therefore is represented as 172.16.1.0/24

The number of hosts on the network or the number of network bits determine the prefix number to be used.

NOTE: when the number of high-order bits increases, the number of low-order bits decreases, and therefore less addresses for hsots.

The formula to get the number of hosts per prefix is

2^n-2= host addresses, where n is the number of host bits.

So for 192.168.3.0/28 the number of network bits are 28, since ipv4 addresses have 32 bit, 4 bits will make up the host portion.

From the above formula, the hosts in this network will be:

2^n-2= hosts in the network

2^4-2= 14

Therefore there will be 14 host IP addresses.

Subnet mask

As we saw earlier, the IPv4 address is divided into the network and host portions. We have also said that the prefix length is the number of bits in the network portion or high order bits. And it tells us the number of host IP addresses and networks.
The routers and other devices in the network also need to know the number of high-order bits and low-order bits, for this they use the subnet mask which is a representation of the prefix length in decimal. As we mentioned earlier, the prefix length is the number of 1’s from the left hand side and it denotes the network and the host portion.

To represent the prefix length in network devices use a special type of IPv4 address known as the subnet mask. It is made up of 32 bits just like in the regular IPv4 address. The subnet mask is shown by placing a 1 in the network portion and a 0 in the host portion. For example, a /24 prefix is expressed as a subnet mask as 255.255.255.0 (11111111.11111111.11111111.00000000). The remaining bits (low order) of the subnet mask are zeroes, indicating the host address within the network.

When we configure the IP address on the network devices, it must be accompanied by the subnet mask.

Binary ANDing

So the question is, how does the router know to which network an ip address from a packet it just received belongs to, when making it’s forwarding decision?

The IPv4 host address is logically ANDed with its subnet mask to determine the network address to which the host is associated. When this ANDing between the address and the subnet mask is performed, the result yields the network address.

The AND Operation

ANDing is a logic operation, the ANDing process is used to compute the network address, given the subnet mask and an IP address. The Logical ANDing operation gives the following results when the comparison is made on an IP address and subnet mask bits.

  1. 1 AND 1 = 1
  2. 1 AND 0 = 0
  3. 0 AND 1 = 0
  4. 0 AND 0 = 0

The reasons for binary ANDing are:

  • Network devices in one network can decide whether the packet belongs to the local network or it should be forwarded to a remote network
  • The router bases its forwarding decisions on the results of the binary ANDing process.

The table below shows the ANDing process for the network 192.168.2.45/24

Therefore, the network address for the Ip address 192.168.2.45/24 would be 192.168.2.0

You should learn binary ANDing by practicing. The ip addresses shown below would be a good place to start.

Do you think you can determine the network addresses of the following ip addresses?

  • 192.168.1.35/27
  • 10.10.10.23/14
  • 172.16.3.134/19

All about subnetting

So now that we understand how to convert ip addresses from decimal to binary, it is time to introduce subnetting.

Subnetting allows us to create more networks from a single ip address block. These networks are interconnected using routers and therefore each interface on a router has to be on a different network.

NOTE: the networks we will create through subnetting will be referred to as subnets. Therefore you should not get confused when you see the word subnet instead of network.

Subnetting is a simple process where we borrow bits from the host portion in order to create new networks. Take the example shown in the figure below. The address 192.168.1.0/24 is the major class, if we were to borrow 2 bits from the hosts portion, the new prefix length would be 26. Therefore, the 2 bits would be assigned to the network portion.

When we borrow the host bits, the new binary address would be the same, however, the subnet mask which shows the network portion will be different as shown below:

When we extend the subnet mask by borrowing the bits in the host portion, we essentially double the number of networks. However, the more bits we borrow from the host portion, the less the number of host IP addresses available per subnet that is created.

The formula for calculating how many subnets are created whenever we borrow host bits is:

2^n= number of new networks.

To calculate the number of hosts per network, we use the formula of

2^n – 2 where n = the number of bits left for hosts.

Take the example shown below of network 172.16.1.0/24, if we want to subnet this network to give 2 networks we would need to borrow 1 host bits from the host side and add them to the network portion.

After borrowing the two host bits from the fourth octet, the new network will be as shown below.

The subnet mask would have 1 more 1 bits.

Therefore after borrowing 1 host bits we will have created 2 more networks but we will have decreased the number of hosts.

Now the new subnets would be as shown below

172.16.1.0/25

172.16.1.128/25

The subnet mask would be 255.255.255.128

NOTE: whenever we subnet, the last subnet will always have the same bits as the last octet of the new subnet mask.

Take the example shown below.

If we subnet 172.16.1.0/24 to give 8 new networks.

Step 1. How many bits do we need to borrow from the hosts segment?

2^n=8

2^3=8

Therefore we need to borrow 3 host bits.


New subnet mask – 255.255.255.224

The first 2 and the last subnets will be:

 

172.16.1.0/27


172.16.1.32/27


Last subnet – 172.16.1.224


 

The increment number is usually the last borrowed host bit. In the above scenario, this is 32.

The subnets for 172.16.1.0/24 after subnetting to /27 will be:

Why subnet

In our networks, the IP address requirements may vary. We may need few ip addresses for connections such as point-to-point, we may have a department that has 200 users while another only has 20.

Subnetting allows us to divide the networks so as to optimally use the ip addresses. If we assigned 200 ip addresses to a network that only needs 20, we would be wasting very many addresses.

If we use an analogy of a telephone service provider, not subnetting would be like giving a customer 100 telephone numbers whilst they only require 1.

When subnetting, we should carefully consider expansion plans since our networks may grow due to demand.

In the scenario shown below, we will subnet based on the number of HOSTS. This is a crucial element in understanding subnetting.

The scenario

In the scenario below, we are expected to subnet three network addresses:

192.168.1.0/24 for the wan connections LINK A AND LINK B.

172.16.1.0/24 for LAN A

172.16.2.0/24 for LAN B

192.168.2.0/24 for LAN C

So we will begin with the WAN links.

WAN links

For such a link we need only 2 ip addresses per link, therefore, we need to ask which as which subnet mask will allow for only 2 host addresses.

We need to calculate how many right hand side bits we need, then the rest will be allocated to the network portion.

2^n=2 – 2

2^2=4

4-2 = 2

Therefore, we only need 2 host bits. 6 bits will be in the network portion.

The new subnet mask after we add 6 bits to the network portion will be:

192.168.1.0/30

Therefore, the increment will be 4. In this case the first network will be 192.168.1.0/30

The second network will be 192.168.1.4/30 as shown below

These will provide enough host ip addresses for the WAN links.

LAN A

For part 2 we need to provide enough host ip addresses for LAN A.

LAN A requires 40 ip addresses.

Therefore, we need to calculate how many host bits we need to accommodate this.

2^n-2= 40

2^5- 2=30, this is less than 40 therefore it will not be adequate.

2^6-2 = 62. This therefore will be enough for the hosts in LAN A.

The host bits will be 6 and we will borrow 2 host bits to get these new networks.

The new subnet mask for the 172.16.1.0/24 network after subnetting will be:

255.255.255.192

The increment number will be 64, therefore the four networks will be:

LAN B

We need 65 host ip addresses, given the network 172.16.2.0/24

First, we need to determine how many host bits will be needed in the hosts portion.

2^n-2= 65

2^6-2=62, which will not be enough.

2^7-2= 126, which will be enough and will allow for expansion.

Therefore, the hosts portion will have 7 bits and the network portion will borrow 1 bit from the fourth octet.

The new subnet mask for the network 172.16.2.0 will be as shown below.

This is 255.255.255.128

Therefore, the increment will be 128.

The first network will be as shown below. 172.16.2.0/25

The second and last network will be 172.16.2.128/25

LAN C

In LAN C, we need to have subnets that will accommodate 12 hosts per subnet using network 192.168.2.0/24.

First we determine how many host ip address bits will be needed.

2^n-2=12

2^4-2=14 will be enough.

Therefore, the host portion will have 4 bits, while the network segment will borrow 4 bits.

The new subnet mask for the network 192.168.2.0 will be.

The subnet mask is: 255.255.255.240

The increment in this network will be 16.

The first and second networks will be 192.168.2.0/28 and 192.168.2.16/28 respectively.

Summary

This marks the end of the first part of ipv4 addressing. In part 2 we will delve deeper into subnetting and also explore other concepts such as suppernetting.

Network layer

Overview

In the previous chapter, we looked at the role of the OSI transport layer in communication. In this chapter, we will look at the network layer. We will discuss the addressing used, the functions, and the different network layer protocols, introduce IPv4, understand how packets move in the network and finally give an overview in how we address the network using IPv4. You should be able to understand these concepts as they will be used in the chapter on addressing in IPv4 as well as in subsequent chapters.

Introduction

The network layer defines communication over the network through four basic processes which are addressing, routing, encapsulation and decapsulation. These concepts are vital in understanding routing.

Addressing

You may have sent a letter through the post office, while doing this, you are required to write the address of the recipient on the envelope and most likely your address for reply purposes.

In the same manner, the network layer is responsible for identifying the various devices in the network. However, unlike the postal addresses, addressing in the network layer is logical. This means that addresses are not fixed to the devices and they may change.

The addresses that are used in this layer are for remote delivery, if we use the post office analogy, remote delivery would be sending a letter to another organization. Local delivery – which will be discussed in a later chapter can be likened to sending a note to a colleague who is seated next to you.

Encapsulation

The network layer PDU- protocol Data Unit is the packet. Encapsulation entails adding layer 3 specific information based on the segments from the transport layer. Such information includes headers and trailers. It also divides the segments from the transport layer for remote delivery.

Routing

In the network layer, these are the services that direct the data from the host to the destination. In many scenarios, the packets might have to travel through many intermediary devices such as routers. Routing ensures that the path taken to the destination is the most efficient as defined by the administrator.

Decapsulation

When the packet arrives at the destination, it must be decoded and moved up the OSI layers to the application layer and thus the human network. The network layer carries packets and does not contain information about the upper levels such as the application type. Decapsulation is used to reassemble the packets to segments which are then used in the transport layer.

Network layer protocols

In the network layer, there are two main protocols that are used to carry data. These are:

  1. Internet Protocol version 4 (IPv4)
  2. Internet Protocol version 6 (IPv6)

There are other protocols that are used, however, they are beyond the scope of this course and will not be discussed.

IP (Internet Protocol) – Ipv4 and IPv6.

In most of this course we will look at IPv4, we will also discuss IPv6 briefly since the concepts in IPv6 are discussed in more detail in more advanced courses such as CCNP.

IP defines functions that are needed to transfer a packet from the source device to the destination device over the network. The network may consist of many nodes and for this reason the IP address does not change. IP does not track the various packets or manage their flow. These functions are performed at other layers. Some of IP’s characteristics include the following.

  • Connectionless – this means that it is not necessary to have an established connection before packets can be sent.
  • Media independent – regardless of the media; i.e. wireless, copper wire or fiber optic, the IP address does not change.
  • Unreliable delivery (Best effort) – this means that the delivery of packets is not guaranteed, when packets are lost during transmission, they may be retransmitted depending on the protocols at other layers such as the transport layer. For example, if VOIP packets are lost they are not retransmitted since VOIP uses UDP, however, when HTTP packets are lost they have to be retransmitted since HTTP uses TCP.

Dividing Networks

One of the functions of the network layer is to address the hosts in the network. As the network grows, the network administrator, will need a way to manage these addresses. Take for example a country, can you imagine the chaos there would be while trying to send a letter, if all the addresses were not planned for? It would be a nightmare. Similarly, as the network grows the network administrator will need to work out a way to define different network segments.

It would be more manageable if the hosts in the network were divided into different network groups. These network groups are known as subnets.

The networks can be divided into different ways such as:

  • Purpose
  • Geographical scope
  • Ownership

To divide networks according to these criteria please visit the link shown below for more guidelines.

http://www.cisco.com/c/en/us/td/docs/internetworking/design/guide/idg4/nd2002.html

So why divide the network?

As the network grows some of the Common issues that may be faced include:

  • Performance degradation
  • Security issues
  • Address Management

To address these issues we need to subnet.

Dividing hosts into different subnets or networks can help improve performance.

Subnetting may help create security boundaries since not all the hosts in the network should communicate with each other. For example, the hosts in sales department may need to be separated from the hosts in the finance department.

The internet uses layer 3 addresses. If all the hosts connected to the internet were on one network, it would be almost impossible to communicate. As such, subnetting separates and makes networks more manageable when communicating on a large network such as the internet.

How networks are divided – hierarchical addressing

When we divide networks, we generally use a hierarchical addressing structure. A hierarchical address is important since each host can be identified. You can liken this to using a family tree to trace relatives.

When dividing a network, hierarchical addresses work similarly to addresses that you may use when sending a letter. Consider the diagram shown below.

South Korea,

Seoul,

134- 00100.

 

In this diagram, the address structure is hierarchical, the first level is the country that we are sending to, the second level is the city and the third level is the exact address of the recipient. Similarly, the logical addresses in the network layer contain a network portion and a host portion.

At the post office, the postman only needs to know the post office where the letter is to be sent to, which is similar to the code. When the letter gets to the post office, the post man there is responsible for delivering the letter to the intended recipient.

A layer 3 address also has a network and host portion. The routers in the network forward packets between the various separate networks by only looking at the destination network. When the packet arrives at the destination, the router will have to look at the whole address so as to deliver the packet to the intended destination.

When dividing large networks into smaller ones, we need to create other levels or layers of addressing. Just like the postal example we had above, when we use hierarchical addressing schemes, we can retain the higher level such as the country. We can then divide the country into various cities, and finally address the various hosts or users in the lowest level.

The IPv4 address is made up of 2 parts which are the network and the host portion. The address should have both parts for communication to be successful.

Network portion

Host portion

192

168

1

83

 

The IPv4 address is made up of 32 bits, we can divide these bits differently to either create more hosts addresses or more networks, however, in either case, the address has to be 32 bits long for the address to be complete.

Communication at layer 3

When a host wants to communicate with a host on a different network, an intermediary device such as a router has to be used. The router acts as a gateway to the other network as shown in the figure below.

As you can see from the diagram above, there are two hosts on 2 different networks. In order to make communication between them possible, an intermediary device is needed between them, in this case a router. The router has the default gateway for the hosts and traffic from these hosts will pass through the routers. It is the job of the routers to determine where the packets belong.

Packets can only be forwarded when a route is present. All layer 3 devices must have a logical address so as to forward packets.

In our scenario above, the network connected to host B is a remote network from Host A, as such, we must have routes to this network from HOST A to HOST B. routers can forward packets based on routes that have either been statically configured or learned dynamically.

NOTE: we will discuss routing in upcoming chapters.

The router forward the packets using a routing table contained in its memory which contains information such as the Destination network, the metric and the next-hop device.

Summary

In this chapter, we have looked at the network layer. We have seen how communication is aided through logical addressing. We outlined the protocols in the network layer and discussed how networks are divided as well as how communication between hosts happens. In the next chapter, we will look at IPv4 addressing in depth and also discuss subnetting.