Distribution Layer = Routers

Primary function: perform potentially “expensive” packet manipulations such as routing, filtering, and WAN access. Characteristics include:

• Access Layer Aggregation Point
• Routing traffic
• Broadcast/Multicast Domains
• Media Translation
• Security
• Possible point for remote access

Access Layer = Switches and Routers

End station entry point to the network

IPX

To turn on:

<>

ipx routing

Then, on interface:

ipx network {#} encapsulation {sap, arpa, snap, hdlc, novell-ether} {sec}

ipx network 3100 encapsulation sap sec

To monitor:

<>

sh ipx traffic

sh ipx int e0

Frame Types:

802.3 – novell-ether – default

802.2 – sap

Ethernet_II – arpa

Ethernet_snap – snap

Switching – examines MAC address. Same as multiport bridge

Three Switch Functions:

1. Address learning
2. Forward/filter decision
3. Loop avoidance

Address Learning: maintains MAC address table used to track the location of devices connected to the switch.

Forward/filter decision: when a frame arrives with a known destination address, it is forwarded only on the specific port connected to that station.

Broadcast and Multicast frames: may be of interest to all stations. The switch normally floods to all ports other than the origination port. A switch never learns a broadcast or multicast address because broadcast and multicast addresses never appear as the source address of a frame.

All nodes on an Ethernet network can transmit at the same time, so the more nodes you have the greater the possibility of collisions happening. This can slow the network down.

Redundant Topology – eliminates single points of failure. Causes broadcast storms, multiple frame copies, and MAC address table instability problems.

Multiple Frame Copies – when a new switch is added, the other switches may not have learned its correct MAC address. The host may send a unicast frame to the new switch. The frame is sent through several paths at the same time. The new switch will receive several copies of the frame. This causes MAC Database Instability.

MAC Database Instability – results when multiple copies of a frame arrive on different ports of a switch.

Multiple Loop Problems – complex topology can cause multiple loops to occur. Layer 2 has no mechanism to stop the loop. This is the main reason for Spanning – Tree Protocol.

Spanning-Tree Protocol (STP) IEEE 802.1d. – developed to prevent routing loops. STA (Spanning-Tree Algorithm) is implemented by STP to calculate a loop-free network topology. In most switches, BPDUs (Configuration Bridge Protocol Data Unit), are sent and received by all switches, and processed to determine the spanning-tree topology. (STP is on by default).

A port is in either a forwarding or blocking state. Forwarding ports provide the lowest cost path to the root bridge. All ports start in the blocking state to prevent bridge loops. The port stays in a blocked state if the spanning tree determines that there is another path to the root bridge that has a better cost. Blocking ports can still receive BPDUs.

Spanning-Tree operation – Selects one root bridge. All the ports are designated ports (forwarding). For non-root bridge, there will be one root port. This offers the lowest cost path from non-root bridge to the root bridge. On each segment, there is one designated part. This port also has the lowest cost to the root bridge.

Time to Convergence – the time for all the switches and bridges ports transition to either the forwarding or blocking state. When network topology changes, switches and bridges must re-compute the Spanning-Tree Protocol, which disrupts traffic.

Bridging Compared to LAN Switching –

Bridging: primarily software based. One spanning-tree instance per bridge. Usually up to 16 ports per bridge.

LAN Switching: primarily hardware based. Many spanning-tree instances per switch. More ports per switch, (up to 100). Faster than a Bridge.

Transmitting Frames through a Switch –

Store-and-Forward – copies entire frame into buffer, checks for CRC errors. Higher latency.

Cut-Through – reads only the destination address into buffer, and forwards immediately. Low latency.

Fragment free – (modified cut-through). Switch will read into the first 64 bytes before forwarding the frame. Collisions will usually occur within the first 64 bytes. (default for 1900 series).

Full-Duplex Ethernet – can provide double the bandwidth of traditional Ethernet, but requires a single workstation on a single switch port, and NIC must support it. Collision free because there are separate send and receive wires, and only one workstation is on the segment. Half-Duplex must provide for collision detection, therefore can only use 50% of bandwidth available. It sends and receives on the same set of wires.

LAN Segmentation: breaking up the collision domains by decreasing the number of workstations per segment.

Fast Ethernet (100bt) – provides 10 times the bandwidth of older 10bastT Ethernet. Must have Cat5 cable, no longer than 100 meters, and Fast Ethernet NIC’s and Hubs/Switches.

Bridges – examines MAC address, and forwards frames unless the address was local. Forwards to all other segments it is attached to. Forwards multicast packets, so broadcast storms can occur.

Routers – examines network address, and forwards using the best available route to destination network. Can have multiple active paths.

Virtual LAN’s – sets different ports on a switch to be part of different sub-networks. Some benefits: simplify moves, adds, changes; reduce administrative costs; have better control of broadcasts; tighten security; and distribute load. Relocate the server into a secured location.

Application Layer: File transfer, E-Mail, Remote Login, Network Management, Name Management.

Transport Layer: TCP (connection oriented), UDP (Connectionless).

Flow control provided by sliding windows. Reliability provided by sequence numbers and acknowledgements.

Port Numbers: Used to pass information to the upper layers.

TCP:

• FTP – 21
• Telnet – 23
• SMTP – 25
• DNS – 53

UDP:

• DNS – 53
• TFTP – 69
• SNMP – 161
• RIP - 520

Numbers below 1024 are well known ports. Above 1024 are dynamically assigned ports. Registered ports are for vendor specific applications: usually above 1024.

Internet Layer – Corresponds with OSI Network layer

• IP provides connectionless, best-effort delivery routing of datagrams
• ICMP provides control and messaging capabilities
• ARP determines the data link layer address for known IP address
• RARP determines network address when data link layer addresses are known

IP Address Classes:

Subnetting Formulas: (count the bits only from the Node portion of the address. Therefore, for a Class B address, the total masked bits + unmasked bits = 16):

Max # of Subnets: 2^{(masked bits)-}2

Max # of Hosts (per subnet): 2^{(unmasked bits)}-2 

Routers must learn destinations that are not directly connected.

Static (manual): Uses a route that the network administrator enters manually. (Must be setup bi-directional)

Enter the IP Route command in global configuration mode

ip route {destination network} {mask} {port, on remote side, to get there}

ip route 172.16.10.0 255.255.255.0 172.16.40.1

Dynamic: Uses a route that a network routing protocol adjusts automatically

router rip

network 172.16.0.0

router igrp {autonomous system #}

network 172.16.0.0

< use monitor, To>sh ip route {rip / igrp) 

Interior (within an autonomous system – AS – group of routers under the same administrative authority)

• Distance Vector – understands the direction and distance to any network connection on the internetwork. Knows how many hops (the metric) to get there. All routers w/in the internetwork listen for messages from other routers, which are sent every 30 to 90 seconds. They pass their entire routing tables. Possible problems: Slow convergence, Routing Loops, Counting to Infinity (this is solved by maximum hop count). Solutions: Split Horizon (cannot send information back in the direction it was received); Hold-Downs(prevent regular update messages from reinstating a route that’s gone down). Uses hop count for measurement.

• RIP – 15 hop count max
• IGRP – 255 hop count max, uses reliability factor (255 optimal), and bandwidth


• Link State – understands the entire network, and does not use secondhand information. Routers exchange LSP’s (hello packets). Each router builds a topographical view of the network, then uses SPF (shortest path first) algorithm to determine the best route. Changes in topology can be sent out immediately, so convergence can be quicker. Uses Bandwidth for measurement.

• OSPF – decisions based on cost of route (metric limit of 65,535)
• EIGRP – hybrid protocol (has features of Distance Vector and Link State protocols), Cisco proprietary

Exterior

• EGP (Exterior Gateway Protocol)
• BGP (Border Gateway Protocol)

Counting to Infinity

• Define a limit on the number of hops to prevent infinite loops
• Split Horizon (never sends information about a route back the same direction in which it was received)
• Route Poisoning (Routers set the distance of routes that have gone down to infinity. Used with hold-down timers)
• Hold-Down Timers (Router keeps an entry for the network possibly down state, allowing time for other routers to re-compute for this topology change)
• Poison Reverse (overrides split horizon. Informs the sending router that the destination is inaccessible)
• Triggered Updates (Sends updates when a change in its routing table occurs. Does not wait for the prescribe time to expire

• Cisco IOS (operating system) is stored in flash memory (EEPROM)
• IOS configuration is stored in NVRAM

User Mode – ordinary tasks – checking status, etc. Need password depending on how you’re entering (Virtual Terminal pw for telnet session, Auxiliary pw for aux port, Console pw for console port)

conf t

line vty 0 {line aux 0} {line con 0}

login

password letmein

Privileged Mode

conf t

enable password letmein

Banner:

conf t

banner motd #

Hostname:

conf t

hostname MyRouter

Editing:

CTRL+A – beginning of line

CTRL+E – end of line

<>show history

TAB completes command

Help:

Press ? after any command for a list of what comes next

Router Elements/Configuration:

<>show startup-config

<>show running-config

<>copy running-conifg startup-config

erase startup-config

setup

reload

boot system {flash / tftp}

copy flash tftp< to OR server) tftp software IOS (backup>

<>copy tftp flash

copy run tftp < configuration to tftp OR server) (backup>

copy tftp run

<>show proc

show mem

show buff

show flash

show cdp

Standard IP access list:

Check the source address of packets that could be routed. Permits or denies output for an entire protocol suite.

• Filters based on source
• Permit or deny entire TCP/IP protocol suite
• Range is 1 through 99
• Place close to the destination

access-list {number} {permit / deny} {source address}

access-list 10 permit 172.16.30.2

Extended IP access list:

Check for both source and destination packet address. Can also check for specific protocols, port numbers, and other parameters, which allows administrators more flexibility in describing what checking the access list will do.

• Filter based on Source and destination
• Specifies a particular IP protocol and port number
• Range is 100 though 199
• Place lists close to the source

access-list {number} {permit / deny} {protocol} {source} {destination} {port}

access-list 110 permit tcp host 172.16.50.2 host 172.16.10.2 eq 8080

Access lists may be applied to:

Inbound access lists. Saves overhead of routing lookups if the packet is to be discarded because it is denied by the filtering tests.

Outbound access lists. Packets are routed to the outbound interface and then processed through the outbound access lists.

An access list can be applied to multiple interfaces. However, there can be only one access list per protocol, per direction, per interface.

Wildcard masks – use masks to identify insignificant bits, eg

access-list 11 permit 172.16.30.0 0.0.0.255

(permits anybody with 172.16.30.x)

Note: you can use 0.0.0.0 as the mask to limit to that specific host, or prefix it with ‘host’

Applying the list to an interface (use access-group on the interface):

<>

int e0

ip access-group 110 out

IPX Access lists:

Standard: access-list {number} {permit/deny} {source} {destination}

Extended: access-list {number} {permit/deny} {protocol} {source} {socket} {destination} {socket}

access-list 810 permit 30 10

int e0

ipx access-group 810 out

IPX SAP Filters:

access-list {number} {permit/deny} {source} {service type}

To apply – on interface: ixp input-sap-filter {number}

access-list 1010 permit 11.0000.0000.0001 0

int e0

ipx input-sap-filter 1010

Access list Numbers allowed:

ISDN - digital service that runs over existing telephone networks

Normally used to support applications requiring high-speed voice, video, and data communications for home users, remote offices, etc.

ISDN Terminal equipment types:

• TE1 – understand ISDN standards
• TE2 – predate ISDN standards, require a TA (terminal adaptor)
• NT1 – Converts BRI signals into a form used by the ISDN digital line.
• NT2 – ISDN PBX
• TA – Terminal Adapter, converts V.35, and other signals into BRI signals.

Reference Points describe the point between:

• R – non-ISDN and TA
• S – user terminals and NT2
• T – NT1 and NT2 devices
• U – NT1 and line termination

ISDN Protocols:

• E – on existing telephone network
• I – concepts, terminology, and services
• Q – switching and signaling

ISDN BRI (Basic Rate Interface): 2 64K B channels, plus 1 16K D channel

ISDN PRI (Primary Rate Interface):
23 64K B channels, plus 1 64K D channel (North America & Japan)
30 64K B channels, plus 1 64K D channel (Europe & Australia)

Configuration example:

config t

isdn switch-type basic-dms100

int bri0

encap ppp

isdn spid1 775154572

isdn spid1 455145664