Practical Workbook - NED University

Practical Workbook COMPUTER COMMUNICATION NETWORKS

Name

: _____________________________

Year

: _____________________________

Batch

: _____________________________

Roll No

: _____________________________

Department: _____________________________

5th edition: 2012 Department of Computer & Information Systems Engineering NED University of Engineering & Technology, Karachi – 75270, Pakistan

INTRODUCTION The days of mainframe computing using dumb terminals are long gone. The present time is the era of very powerful personal computers, interconnecting with each other and even better equipped servers, sometimes connecting across continental boundaries. Computer Communication Networks is a senior level undergraduate course in Computer and Information Systems Engineering, which covers various aspects of computer networks. It covers various classifications of computer networks and gives the students a good grasp on the various topics in computer networks. This laboratory manual aims to augment the classroom teaching of the course and to provide the students essential practical knowledge in the subject. The first lab deals with networking using Windows workstation based client. In this lab, the student will setup a small Ethernet LAN based on Windows workstation clients in a workgroup environment. The second lab deals with making crossover and straight-through UTP cables. This skill will come in very handy in various trades when the students go into practical life. It introduces some related standards and equipment used in this regard. The third lab jumps into Cisco routers. It is a hands-on exercise using some commonly used Cisco IOS commands. In this lab, the students will learn how to connect to and interact with Cisco routers. The fourth lab teaches the students how to copy a new IOS image to a Cisco router as well as how to backup an IOS image from a router. It uses a TFTP (Trivial File Transfer Protocol) server on the host computer. The same basic technique is also used to copy and backup router configuration data. The fifth lab configures routing using static routes while the sixth lab introduces dynamic routing using a simple routing protocol, namely RIP (Routing Information Protocol). In these two labs, the students will learn how to interconnect several different IP networks. The seventh lab builds on this and here, the student will learn some advanced configuration parameters and techniques for RIP. In the eighth, ninth and tenth labs, the students will learn the configuration of OSPF, IGRP and EIGRP routing protocols respectively. As careful as one might be, the disaster of lost or forgotten or stolen password will, nonetheless, strike sooner or later. The eleventh lab teaches how to do disaster recovery on a Cisco router in terms of recovering a forgotten password. The twelfth lab teaches the configuration of access lists. The last three labs are based on switching and cover basic LAN switch operation, loop avoidance using Spanning Tree Protocol and Virtual LANs.

CONTENTS Lab Session No. 1.

2. 3. 4.

Object

Page No.

Installing network card in Windows environment, and performing following configurations:TCP/IP, IP and default gateway Making the following kinds of UTP cables:Straight through and cross Practicing some basic commands to interact with the Cisco IOS (Internetwork Operating System) CLI Software Copying IOS image and configuration to and from CISCO router.

1

10 17 23

5.

Configuring static routes on Cisco routers.

28

6.

Configuring RIP(Routing Information Protocol).

31

7.

Configuring RIP Version 2

34

8.

Configuring OSPF (Open Shortest Path First) Single Area

36

9.

Configuring IGRP (Interior Gateway Routing Protocol).

41

10.

ConfiguringEIGRP Protocol)

11.

Recovering lost router password.

50

12.

Studying and configuring Access Lists

54

13.

Studyingbasic LAN switch operation.

57

14.

Learning Loop Avoidance with Spanning Tree.

60

15.

Configuring Virtual LANs

66

(Enhanced

Interior

Gateway

Routing

45

Computer Communication Networks Lab Session 1 NED University of Engineering & Technology - Department of Computer & Information Systems Engineering

Lab Session 01 OBJECT Installing network card in Windows environment, and performing following configurations:   

TCP/IP IP configuration Default Gateway

EQUIPMENT AND APPARATUS   

Network Interface Cards Ethernet hub or switch UTP cables

THEORY Networking in Windows NT and later versions allows computers running the Windows operating system to participate in a domain or peer-to-peer network and share resources with other computers, running Windows NT, 9x, 2000, XP or some other operating system. It also allows you to connect to the Internet using dial-up connection or LAN. Windows network can use a variety of protocols. NetBEUI is a protocol most suitable for smaller networks, as a rule of thumb, not exceeding 10 hosts. TCP/IP is a protocol suite well suited for larger networks, but it can also be used on smaller networks. It is the protocol that the Internet uses. As you know TCP/IP is a collection of many different protocols, with IP being the protocol that runs on the network layer. Among other things, IP defines addressing requirements for the hosts. An IP (Internet Protocol) address uniquely identifies a node or host connection to an IP network. System administrators or network designers assign IP addresses to nodes. IP addresses are configured by software and are not hardware specific. An IP address is a 32 bit binary number usually represented as four fields each representing 8 bit numbers in the range 0 to 255 (sometimes called octets) separated by decimal points. For example: 150.215.17.9 It is sometimes useful to view the values in their binary form. 150.215.17.9 10010110.11010111.00010001.00001001 An IP address consists of two parts, one identifying the network and one identifying the node. The class of the address determines which part belongs to the network address which part belongs to the node address.

1

ter Commun nication Nettworks Lab b Session 1 versity of Engin neering & Tech hnology - Depa artment of Com mputer & Inforrmation System ms Engineeringg

CEDURE Windows XP X CD into the CD RO OM and folllow the steeps to instaall the prodduct onto stem. ork settings.. Choose the installattion proceduure, you wiill be asked to configurre the netwo m settings:

Figure 1.1:Configur 1 ring Custom Networking g Settings

working Com mponents dialog d box will appearr. Make surre that all the t componnents are d, as shown::

Figurre 1.2:Selectiing the netwoorking compponents

2


dialogue will w appear allowing connfiguration of o TCP/IP properties. p

F Figure 1.3: General G TCP P/IP propertiees

ure the IP adddress, subnnet mask, deefault gatew way and DN NS server seettings for yoour as shown:

Figgure 1.4:Speecifying IP ad ddress, subneet mask and default gatew way

3


OK and selecct if you waant to make the computter a part off Computer Domain D or roup, as sho own:

Figure 1.5: 1 Specifyiing path to neetwork adaptter driver

e done with the TCP/IP P configurattions. Wait for f the instaallation proccess to com mplete. figure TCP//IP settings on SUSE 11.4 Linux, you y must firrst logon ass administraator. YAST from the applicaations menu u. Again youu will be askked for a paassword. he root passw word:

Figure 1.6: Enter roott password

4


pen YaST Control C Cennter and clicck on Netwoork Devicess:

Figure 1.77: Click netw work devices in YaST conntrol center

Network Setttings from the Networrk Devices window: w

Figure 1.8: Click netw work settings

5


r the networrk configurations to iniitialize:

Figure 1.9: Initiaalizing netwoork configuraations

xt dialogue will w give yoou an overview of netw work settings.

Figgure 1.10: Overview O of network n settiings

6


network carrd setup andd select ‘staatically assiign IP addrress’. Enter the IP adddress, the mask of youur subnet annd a hostnam me as shownn and click Next:

F Figure 1.11:: Assigning IP I address, suubnet mask and a hostnam me

Hostname/D DNS tab to set s the requiired hostnam me, domainn and DNS server’s s IP address. a

Figure 1.12: Networkk Settings

7


n the routing tab and sppecify the default d gatew way for you ur network as a shown:

Figure 1.13: Sp pecifying thee default gateeway

OK. You are now done w with TCP/IP P configuraations on SU USE Linux.

RCISES the parameteers that musst be config gured when configuringg TCP/IP on n a host. __________ ___________________________________________________________________ __________ ___________________________________________________________________ __________ ___________________________________________________________________ __________ ___________________________________________________________________ __________ ___________________________________________________________________ __________ ___________________________________________________________________

would you u find out thhe IP addresss of a machhine from command c lin ne in Winddows and x? __________ __________________________________________________________________ __________ __________________________________________________________________ __________ __________________________________________________________________

8

Computer Communication Networks Lab Session 1 NED University of Engineering & Technology - Department of Computer & Information Systems Engineering

________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ ________________________________________________________________________ 3. Using the same command as in exercise 2, give a detailed view of network settings. Also give commands to release and renew the leases if the IP address is obtained from a DHCP server. _________________________________________________________________________ _________________________________________________________________________ _________________________________________________________________________ _________________________________________________________________________ _________________________________________________________________________ _________________________________________________________________________ _________________________________________________________________________ _________________________________________________________________________

9

Computter Commun nication Nettworks

Lab Session S 2

NED Univversity of Engin neering & Tech hnology – Depaartment of Com mputer & Inforrmation System ms Engineering

Lab b Sessioon 02 OBJECT Makking the folllowing kindds of UTP cables: c 1. 2.

Straaight througgh cable Crooss cable

THEO ORY There are several claassificationss of twisted d pair cable.. Let’s skip right over fo all new them andd state that we’ll use Category 5 (or CAT 5) cable for installatioons. Likewise, there are several fire code classificatio c ons for the outer insuulation of CA AT 5 cable. We’ll use CMR cablee, or “riser cable,” for most of thhe wiring we w do. Youu should alsso be awarre of CMP or plenum cable (a plenum p is ussed to distriibute air in a building)) you may be b required by local or o national codes c to usee the more expensive e plenum-jack p keted cable if it runs through t susspended ceiilings, ductss, or other areas, a if theey are used to circulaate air or acct as an airr passage from f one rooom to anoother. If in doubt, usee plenum. CMR C cable is generallly acceptable for all appplications not requirring plenum m cable.

Figure 2.1: 2 UTP cabble

T is very handy for CAT 5 caable is available in reeel-in-box paackaging. This pulling the wire withhout putting twists in it. Without thhis kind of package p or ulling wire is i a two-perrson job. Beefore the advvent of the a cable reel stand, pu o a broom handle to pull p it. One reel-in-boox, we used to put a reeel of wire on person woould hold th he broom haandle and thhe other wouuld pull brooom handle to pull it. You will prroduce a tanngled mess,, if your pull the wire off o the end of the reel allone.

Standard wirre patch cabbles are ofteen specified for cable seegments runnning form a wall jaack to a PC C and for paatch panels. They are more m flexiblle than solidd core wire.. However, the ratioonale for using it is that the t constantt flexing off patch cablles may wear-out solidd core cablee and breakk it. This is not a reaal concern in i the averaage small neetwork. g we do sim mply connectts computerrs directly to t other com mputers or hubs. h Solid Most off the wiring core cabble is quite suitable forr this purposse and for many m home and small business b nettwork. It is also quiite acceptabble for use as a patch cabbles. You might m considder a stranded wire pattch cable if you havve a noteboook computerr you are coonstantly mooving aroun nd. ndividually insulated w wires. Each CAT 5 cable has foour twisted pairs of wirre for a totaal of eight in o greeen, or brow wn) twisted pair is ccolor codedd with one wire havinng solid collor (blue, orange, around a second wire w with a white backg ground andd a stripe off the same color. c The solid color s cablees. Cable colors c are commonly described using the may haave white stripe in some backgroound color followed f byy the color of the strippe; e.g; whiite-orange is a wire wiith a white backgroound and ann orange striipe.

10


Lab Session S 2


Connecctors

gh and crooss-over pattch cables are discusssed in this The straaight throug article which w are terminated t with CAT 5 RJ-45 modular m pluugs. RJ-45 plugs arre similar too those youu’ll see on the end of your telephhone cable except thhey have eiight as oppoosed to fourr or six conttacts on the end of the plug andd they are about a twice as big. Mak ke sure they y are rated for CAT 5 wiring. (RJ stands stered Jack ”). Also, th here are RJJ-45 plugs for “Regis Figure 2.2: 2 RJ-45 s core wire w and strranded wiree. Others aree designed designedd for both solid Connectoor specificaally for onee kind of wire w or thee other. Bee sure you buy plugs approprriate for the wire you are a going to use. We noormally usee plugs desiggned to acccommodate both kinnds of wire. t Networrk cabling tools dular Plug Crimp Toool 1. Mod m crimp tool. This T is veryy You wiill need a modular similar to the oness which havve been useed for manyy w and it i years foor all kindss of telephone cable work Figure 2.3:Modularr plug crimp tool works juust fine for Ethernet caables. You don’t d need a lot of bbells and whistles, juust a tool which willl securelyy crimp RJ-45 connectoors. Some crimpers c havve cutters which w can bee used to cuut the cable and indiividual wirees, and posssibly stripping the outerr jacket.

2. Uniiversal UTP P Strippingg Tool (Ecliipse) It makees a much neater n cut. Itt is highly recommend r ding for anyoone who will make a loot of cables..

3. Diaggonal Cutters

Figure 2..4: Eclipse

d cuutters (“diaggs” or “dikees”) It is eassier to use diagonal to cut thhe cable offf at the reel and to fine--tune the caable ends duuring assem mbly. Alsoo, if you don’t havee a stripperr, you can strip the cabble by usingg a small knnife Figure 2.5 Diagonal Cutters to carefu fully slice th he outer jackket longituddinally and use the diaggs to cut it off o around thhe circumfeerence. Figure 2.5: Diagonnal cutters

UTP baasics E consist of two transm mission linnes. Each The 100BASE-T and 100BASE-TX Ethernet transmisssion line is i a pair off twisted wiires. One pair receivess data signaals and the other pair transmitts data sign nals. A balaanced line driver d or traansmitter is at one endd of one of these lines and a linne receiver is at the otther end. A (much) sim mplified schematic for one o of thesee lines and its transsmitter and receiver r folllows:

11


Lab Session S 2


Figure 2.6: Schem matic diagram m of transmisssion line

wn the trannsmission line at about the speeed of lightt (186,000 Pulses of energy travel dow c s of these pulses p of ennergy are th he potential difference miles/seecond). Thee principal components betweenn the wires and the currrent flowinng near the surface s of the t wires.Th his energy can c also be considered as resid ding in the magnetic field whichh surrounds the wires and the eleectric field betweenn the wires. In other words, w an electromagn e netic wave which is guided g by, and a travels down thhe wires. ound the wires w and thee magnetic The maain concern are the trannsient magnnetic fields which surro fields ggenerated exxternally byy the other transmissioon lines in the cable, other o netwoork cables, electric motors, fluuorescent liights, teleph hone and electric liness, lightningg, which maay literally bury thee Ethernet pulses, p the conveyor c off the informaation being sent down the line. mbating noisse. The firstt is the use The twiisted-pair Etthernet empploys two principal meeans for com of balannced transm mitters and receivers. A signal pulse p actually consists of two sim multaneous pulses rrelative to ground: g a negative n pullse on one line and a positive puulse on the other. The receiverr detects thhe total diffference betw ween these two pules.. Since a pulse p of noiise usually producees pulses off the same polarity p on both b lines, it is essentiially canceleed out at thhe receiver. Also, thhe magneticc field surroounding onee wire from m a signal puulse is a mirror of the one on the other wire. At a verry short disttance from the two wirres the magnnetic fields are oppositte and have This reducees the line’ss impact onn the other a tendenncy to canccel the effect of each other out. T pairs off wires and the t rest of thhe world. he primary means of reducing r crooss-talk (the term crosss-talk camee from the The seccond and th ability to t overhear conversatioons on otherr lines on yoour phone) between thhe pairs in thhe cable, is the douuble helix configuratio c on produced by twistiing the wirres togetheer. This connfiguration producees symmetriical (dentinal) noise sig gnals in eacch wire. Ideeally, their difference d a detected as at the reeceiver, is zero. In actuuality it is much m reducedd. ht through and a cross over o cable Straigh ds may havee white strip pes and may y be denoteed that way Again, tthe wire with colored bbackground in diagrrams foundd elsewhere.. For examp ple, the greeen wire maay be labelled Green-W White. The backgroound color is always sppecified firstt.

12


Lab Session S 2


Fiigure 2.7: Sttraight throuugh and crosssover cable wire w scheme

h cable has identical i endds, whereass a Crossoveer cable hass different ennds. A Straigght-through nd 568B staandards EIA/TIIA 568A an

F Figure 2.8: Cable C conneector standardd ordering

onal differeence which standard yoou use It makees no functio for a sttraight-throuugh cable. Your can start a crosssover cable w with either standard s as long as thee other end is the other sttandard. It makes no functional f difference d w which end is which. w Desppite what yoou may havee read elsew where, a 568A A patch cable will worrk in a netw work with 568B wiring and 568B patch cabble will work w in a 568A networkk. The electrrons couldnn’t care less.

PROC CEDURE To Mak ke Cable

Figure 2.9: 2 EIA/TIA A 568A and 568B 5

1. Pulll the cable off the reell to the dessired lengthh and cut th he total lenngth of wiree segments betw ween a PC and a a hub or o between two t PC’s cannot exceeed 100 Metters (328 feeet or about the llength of a football fielld) for 100B BASE-TX aand 300 Metters for 100 0BASE-T. o the cable with the strripper or a knife k and diiags. If you are using thhe stripper, 2. Stripp one end of placce the cable in the grooove on the blade b (left) side of the stripper an nd align the end of the cablle with the right side of o the stripp per. This wiill strip abou ut ½” of the jacket offf the cable. 13


Lab Session S 2


Turnn the stripp per about 1 ¼ turn and d pull. If yoou turn it more, m you will w probablly nick the wirees. If you are a using knnife and diaags, carefullly slit the cable for about an inchh or so and neattly trim arouund the circcumference of the cablee with diagss to remove the jacket. i you see any. a You m may have to 3. Insppect the wirres for nickss. Cut off thhe end and start over if adjuust the bladee with the screw s at thee front strippper. Cable diameters and a jacket thicknesses t varyy. 4. Spreead and arraange the paiirs roughly in the orderr of the desiired cable ennd. wist the paiirs and arrannge the wirres in the orrder of the desired d cablle end. Flattten the end 5. Untw betw ween your thumb t and forefinger. Trim the ends e of the wires so thhey are evenn with one anotther. It is very imporrtant that thhe unstrippeed (untwisteed) end be slightly s lesss than w be out--of-spec an nd susceptibble to ½” long. If it is longer thhan ½” it will hed when RJ-45 R crossstalk. If it is less thann ½” it will not be prooperly clinch plugg is crimpedd on. Flattenn again. Theere should be b little or no n space bettween the w wires. 6. Holdd the RJ-455 plug with the clip faccing down or o away froom you. Pussh the wiree firmly intto the plug. Now, insppect beforee crimping and wastin ng the plugg!Looking through t thee bottom off the plug, the t wire on the far-left ft side will have a wh hite backgroound. The wires w shouldd alternativve light and d dark m left to righ ht. The furtthest right wire w is brow wn. The wirees should alll end from evennly at the frront of the plug. p The jaacket shoulld end just about a wheree you see it in the diaagram-right on the line. Figurre 2.10: Prreparing the RJ-45 Conneector

BOUT CR RIMPING ALL AB

n the RJ--45 plug witth the clip down d and fiirmly 7. Holdd the wire near pushh it into thee left side of o the front of the Crim mper (it willl only go in i one way)). Hold the wiree in place annd squeeze the crimperr handles quuite firmly. This T is whaat will happeen:

Figurre 2.11:Crim mping

t plungerrs down on the RJ-45 plug. p One foorces, what (Criimp it once)). The crimpper pushes two amoounts to, a cleverly deesigned plasstic plug/weedge onto the t cable jaacket and very v firmly clincches it. Thee other seatss the “pins””, each withh two teeth at its end, through t thee insulation and into the con nductors off their respecctive wires.

14


Lab Session S 2


8. Testt the crimp,, if done prroperly an average a persson will noot be able to o pull the plug off the cablle with his or her baree hands. Annd that quitee simply, beesides loweer cost, is thhe primary advaantage of tw wisted-pair cables overr the older thin t wire, co oaxial cablees. In fact, the t ease of instaallation and d the modular RJ-45 plug is the main m reason coaxial c cable is no lonnger widely usedd for small Ethernet. But, B don’t puull that hardd on the pluug. It couldd stretch thee cable and channge its charracteristics. Look at th he side of thhe plug and d see if it loooks like thhe diagram and give it a faiirly firm tugg to make suure it is crim mped well. i has the deesired end and a crimp. 9. Preppare the othher end of thhe cable so it a within reeach, hold thhem next too each otherr and with RJ-45 R clips 10. If booth ends of the cable are facinng away. Loook throughh the bottom m of the pluugs. If the pllugs are wirred correctlyy, and they are identical, i itt is a straighht-through cable. c If theey are wired d correctly and a they aree different, it is a crossoverr cable.

PREC CAUTION NS 1. Try to avoid running cablees parallel too power cabbles. ot over-clinch them. It 2. If yoou bundle a group of cables togethher with cabble ties (zip ties), do no is okkay to snugg them togeether firmly y; but don’tt tighten theem so much h that you deform d the cablles. way from devices d whiich can intrroduce noisse into them m. Here’s a short list: 3. Keeep cables aw elecctric heaters, loud sppeakers, priinters, TV sets, fluoorescent ligght, copierss, welding macchines, miccrowave ovvens, telephhones, fanss, elevator motors, ellectric ovenns, dryers, washing machinnes, and shoop equipmeent. 4 LBS). 4. Avooid stretchinng UTP cablles (the forcce should noot exceed 24 s to seecure UTP cables. c Use telephone wire w hangerrs, which are available 5. Donn not use a stapler at m most hardwaare stores.

EXER RCISES i not advisable to beend UTP cables c moree than four times the 1. Givee the reasoon why it is diam meter of the cable. ______________ ____________________________________________________________________ ______________ ____________________________________________________________________ ______________ ____________________________________________________________________ ______________ ____________________________________________________________________

r UTP caable outside of a buildin ng? 2. Whyy is it not addvisable to run ______________ ____________________________________________________________________ ______________ ____________________________________________________________________

15


Lab Session S 2


______________ ____________________________________________________________________ ______________ ____________________________________________________________________

fine the reco ommended maximum m c cable lengthh for UTP annd cite a reaason for it. 3. Defi ______________ ____________________________________________________________________ ______________ ____________________________________________________________________ ______________ ____________________________________________________________________ ______________ ____________________________________________________________________ ______________ ____________________________________________________________________ ______________ ____________________________________________________________________

16


Lab Sessioon 3

NEDUnivversity of Engin neering & Tech hnology – Depa artment of Com mputer & Inform mation Systemss Engineering

Lab b Session 03 OBJECT Practiicing some basic b comm mands to intteract with the Cisco IOS I (Internetwork Opeerating System m) CLI Sofftware

THEO ORY me to “hands on routingg”. The goal of this lab is to introd duce you to Cisco routeers and Welcom other eqquipment thhat you will be using thrroughout thhe semester.. In order too do well inn the labs, wee need to unnderstand thhe basic set--up of the laab. 

The lab has onee rack, whicch is conneccted to a PC C. You will be using the PC as a terminal to taalk to the roouters.



The routers are labeled alpphanumericaally (Exampple R1, R2, etc).



Eachh rack has two t patch paanels. One of o them hass RJ-45 connnectors andd the other has h serial connnectors. Etthernet portts are pre-connected too the RJ-45 5 patch paneel. Serial ports p are pre--connected to t the seriall patch paneel. The portts are labeleed on their left.



To connect c thee PC to a sppecific routeer, connect the PC’s coonsole cablee to the apppropriate conssole port on n the patch panel p in the rack. You will w find thee console caable as a UT TP cable withh one of its ends conneccted through small devvices to a serial port on the PC.

When you access Cisco roouters suppoort differentt modes of operation. o a a rouuter, it will typicallyy be in the user u mode. User modee gives a useer access to o simple sho ow commandds. From usser mode th he next step is Privilegeed Mode. Inn the privilegged mode a user can haave full access tto all the dattabases maiintained by the router. Cisco routeers use manny other moddes, but let us keeep it simplle for now. Config guration mod de

Privileged mode m

User mode

17


Lab Sessioon 3


PROC CEDURE me to have fuun: It is tim C to R1. 1. Connnect the PC 2. Presss “enter”” a few timees and you should s get a prompt thaat looks likee: router> > m 3. Youu are now inn the “user mode”. 4. Typpe “?”. Queestion mark lists comm mands that caan be used in i a certain context. First tyype “help”” T typing these Try t comm mands: p p? p pi? omplete com mmands forr you with thhe help of the t TAB keyy. 5. The IOS will co Type sh F Finish the command c w a “?” too see what commands with c y can use with show.. you (show?) c command for the IOS to execute it. You Y only need n to 6. Youu don’t havee to type a complete typee enough off a commandd to differenntiate it from m all other commands. c o inn User Modde (identifiedd by the pro ompt endingg in >), now w we 7. We have been operating wannt to go into the Privilegged Mode: Type “enable” or “e T en” T promptt should endd with a # (R The Router#) T Type “?” to o see all thee commandss possible frrom this moode 8. Onee of the mosst useful com mmands in the Cisco IOS is “sho ow.” Try th hese variatioons: ““show “ “show “ “show “ “show “ “show “ “show “ “show “ “show

co onfigurat tion” – shhows saved router confi figuration ve ersion” - shows s IOS statistics st tartup-co onfigura ation” – shhows the co onfigurationn during starrtup ru unning co onfigura ation” – shhows the dyynamic conffiguration fl lash ” – givves details of o flash mem mory wheree IOS is storred pr rotocols”” – shows protocol p andd interface statistics in nterface”” – gives deetailed statisstics on eachh interface in nterface s0” - Try this commaand with som me other in nterfaces as well.

w let’s movee to configuuration modde. Type thee following commands:: 9. Now

18


Lab Sessioon 3


c configur re termin nal Thiss will take you y to confiiguration mo ode. The prrompt endsw with r routerco onfig)#? ; to see the available commandds 10. Nexxt we will chhange the naame of routter to R1 uration modde (if you haave followeed the step 6 then you are a already in i the Go iinto configu conffig mode) and a type the following commands c : h hostname e R1 c ctrl+Z w m wr

;thiis commandd will changge name. ;thiis is to come out of privvilegemodee ;wriite to the meemory.

a interface for a TCP/IIP network. 11. Noow we want to set up an T Type these commands:: c config t A After this you will be in config mo ode same ass you did inn step ‘6’. i interfac ce Ethern net 0 T This puts yo ou in interfaace mode. Now N you caan configuree interface Ethernet0. E i ip addre ess 130.1 10.20.5 255.255. .255.0 T This gives the t interfacee an IP addrress and subbnet mask. n no shutd down B By default all a interfacee are adminiistratively down. d This command c will w bring thhem up. c ctrl+Z T This is to coome out of privilege p mode. m Now tyype the folllowing com mmand: s sh inter rface e0 O Observe andd record carrefully whaat you see. N Now connect a cable frrom router R1`s R Ethernnet ‘e0’ inteerface to a hub h or switch. A Again type this commaand: s sh inter rface e0 A Again obserrve and recoord carefullly what youu see. N Note: Ciscoo commandss are not casse-sensitivee.

19


Lab Sessioon 3


EXER RCISES 1. Determine D w which modee you operaate in when you first acccess the rou uter. _ __________ __________________________________________________________________ Local acceess to the router is done via ____________ ports.. (serial, Ethernet, E 2. L a asynchrono ous) A Etherneet cable has ____________ pins. 3. An nfiguration is stored in RAM(true or false). 4. Start-up con 5. Running-co R onfigurationn is stored inn _______________.

6. T The commaand used too save channges made in the runnning configguration to start-up c configuratio on is: _ __________ __________________________________________________________________

T version n of the Ciscco IOS used d on R1 is __________ _ ____. 7. The H are ussed in ____________ annd MAUs arre used in _____________ networks. 8. Hubs You have to t connect 14 machinees on samee LAN. Ussing two 8--ports hubss (shown 9. Y b below), sho ow the necesssary conneections. Hub1 1

Hub b2 8

1

8

10. List L the intterfaces on three routeers of yourr choice. Be B sure to indicate thhe router n number. _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ _________________________________________________________________ 11. Elaborate E on o the inform mation preseented by thee commandd “show ve ersion.” _ __________ __________________________________________________________________ _ __________ __________________________________________________________________

20


Lab Sessioon 3


_ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________

E is used to connnect to________________ whereass serial portt is used to connect 12. Ethernet t _______________ annd Token ring is used to to t connect to t ______________. (Choose f from the folllowing: ISD DN, WAN,, LAN, FDD DI) 13. Elaborate E on o the cascadding of twoo or more huubs. _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ 14. Specify thee differencee in output when you gave g the coommand “s shint e0” before a after coonnecting thhe cable in step and s 11. _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ 15. Which W of thhe conditionn(s) are posssible for an interface: a. b. c. d.

adm ministrativelyy down, lin ne protocol down d adm ministrativelyy down, lin ne protocol up u adm ministrativelyy up, line protocol up adm ministrativelyy up, line protocol dow wn

C you connect a DTE of a seriaal interface to t a DTE off another serrial interfacce? Will 16. Can i work? it _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ 17. Explain E thee possibilityy and effectt of giving the clock rate commannd on a DT TE serial i interface.

21


Lab Sessioon 3


_ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________ _ __________ __________________________________________________________________

22


Lab Sessioon 4


Lab b Session 04 OBJECT Copyiing IOS imaage and con nfiguration n to and from m CISCO router. r

THEO ORY S image off a Cisco roouter can bee upgraded or replaced d for additioonal compaatibilities The IOS and suppport as welll as bug fixxes. The IOS S image cann be upgrad ded by meanns of a flashh card or throughh TFTP filee transfer. Not all routers have slots for flash f cards. So, TFTP P is the dominannt means of IOS upgrrade. Not on nly can an IOS image be downlooaded from a TFTP server, it i can also be b backup up u to a TFT TP server. The T utility would w be too save an im mage for later usee, in case so omething gooes wrong. r can also a be backked up to In addittion to the IOS image, the runningg configurattion of the router or restoored from a TFTP servver. You caan setup a TFTP T serveer on a Ciscco router, with w IOS image oor running configuratio c on data file in i memory,, or on a PC C with a TFTP server software. s In our laab, we havee setup a TF FTP server on o the PC thhat acts as a console for the router rack.

PROC CEDURE l is to traain you to copy the IOS I image and config guration on CISCO The goaal of this lab routers. In this labb you will be introducced to the utility u on which w all neetworking engineers thrive i.e. ping. 1. Connnect to roouter R1 annd copy thhe IOS im mage from the TFTP server at address 130.10.10.1. Folllow the folloowing stepss: t router Step 1: Establish a console session with the d with a direct conssole connecction or virtu ual telnet co onnection. A direct This cann either be done console connectionn is preferreed over a teelnet conneection becauuse a telnet connectionn will be lost during the rebooot phase off the softwaare installatiion. Step 2: Configure the Router outer with the t IP address 130.10.10.34 with a 24-bit Configuure the Etheernet interfaace of the ro subnet mask m (255.2 255.255.0). Connect thhe Ethernet interface of the routerr and that of the PC onto thee same hub. s has IP connectivvity to the ro outer Step 3: Verify thatt the TFTP server T serverr. Double cllick the TFT TP server icon on the Desktop The PC is configurred as the TFTP w the IP address to start the TFTP server. Thhe Ethernet card on thhe PC is coonfigured with

23


Lab Sessioon 4


130.10.10.1/24. Ping P the PC C from thee router console and make sure the ping is i 100% successfful. Router r#ping 130.10.10 1 0.1 to abor Type escape e s sequence rt. Sendin ng 5, 100-byte ICMP Ec choes to o 130.10 0.10.1, timeout is 2 second ds: !!!!! Succes ss rate is 100 0 percen nt (5/5) ), round d-trip min/avg/ m max = 1/2/4 ms Step 4: Begin thee process off copying thhe new softtware imagee from the TFTP serveer to the router Router r> enabl le Router r# Router r# copy tftp fla ash Step 5:S Specify the IP address of the TFTP P server. When pprompted, en nter the IP address a of th he TFTP seerver as in thhe following g example: Addres ss or na ame of re emote ho ost [255.255.255 5.255]? 130.10.1 10.1 Step 6:S Specify the filename of the new Cisco C IOS sooftware imaage The IOS S images arre stored inn the directo ory c:\temp\\ios_imagess. You can use any of the files under thhis directoryy for this laab. All the images aree the same except e that their filenaames are differennt. When pprompted, ennter the fileename of th he Cisco IOS software image to be installed as a in the followinng example: Source e file name? n ios s_image1 1.bin Step 7: Specify thee destinationn image fileename This is tthe name thhe new softw ware image will have once o it is loaaded onto th he router. Destin nation file f name e [80180 0812.bin]? ios_i image1.b bin Step 8: Clear flash h for new im mage When prompted, p ennter "yes" to erase the existing sofftware imagge resident in i the routeer's Flash memoryy before cop pying the neew one: Erase flash device d be efore wr riting? [confirm m]y

24


Lab Sessioon 4


Flash contai ins [confi irm]y

fil les.

Are e

you

sure

you y

want t

to

e erase?

The rouuter asks you u to confirm m the copy process p agaiin, this timee specifyingg what exacttly it is going too do. Copy 'ios_im mage1.bin n' from m Flash WITH er rase? [ye es/no]y

server r

as

'i ios_imag ge1.bin'

into

The rouuter reloads after this point p using the emergency IOS stoored in the ROM. It errases the flash fille system and a then conntinues loadding the IO OS image frrom the TFTP Server onto the flash. The T entire coopying proccess takes several minuutes and difffers from network n to network. n During the transferr process, messages m inndicate if thhe specifiedd file has been b accesseed. The exclamaation point (!) indicatees that the copy c processs is taking place. Eachh exclamation point (!) indiccates that teen packets have h been transferred t successfullly. A checkksum verificcation of the imagge occurs after the imaage is writteen to Flash memory. m Th he router wiill reload itsself with the new w image once the softwaare upgradee has been completed. c Step 9:V Verify new software im mage has beeen loaded mplete, the router r shouuld be runninng the desirred Cisco IO OS image. Use the After reeload is com "show version n" command to verify. Followiing is the sccreen shot duuring the coopy process. r#ping 130.10.10 1 0.1 Router to abor Type escape e s sequence rt. Sendin ng 5, 100-byte ICMP Ec choes to o 130.10 0.10.1, timeout is 2 second ds: !!!!! max = Succes ss rate is 100 0 percen nt (5/5) ), round d-trip min/avg/ m 1/2/4 ms Router r#copytf ftp flash h *** ** NOTICE **** * Flash load he elper v1. .0 This process p will acc cept the e copy options and a then n termina ate the c current system image to o use the t ROM based image i fo or the copy. Routin ng funct tionality y will not n be available e during g that ti ime. If you are logged d in via v teln net, th his conn nection will termin nate. of the copy Users with console c access can see the results r operat tion. ---- ******** ---Procee ed? [con nfirm]y

25


Lab Sessioon 4


System m flash director ry: File Length Name/s status 5435532 1 2 igs-in nr-l.111 1-15.bin [54355 596 byte es used, 2953012 2 available, 838 88608 total] Addres ss or na ame of re emote ho ost [130.10.10.1 1]? Source e file name? n ios s_image1 1.bin Destin nation file f name e [ios_i image1.bin]? Access sing fil le 'ios_i image1.b bin' on 130.10.1 10.1... Loadin ng ios_ _image1.b bin fro om 130.1 10.10.1 (via Ethernet0 E 0): [OK] Erase flash device d be efore wr riting? [confirm m]y Flash contai ins fil les. Are e you sure you y [confi irm]y

want t

to

!

e erase?

Copy 'ios_ima ' age1.bin' ' from server s as 'ios_ima ' age1.bin' ' into Flash F WITH erase e? [yes/no]y %SYS-5 5-RELOAD D: Reload d reques sted %FLH: ios_ima age1.bin from 13 30.10.10.1 to fl lash ... System m flash director ry: File Length Name/s status 5435532 1 2 igs-in nr-l.111 1-15.bin [54355 596 byte es used, 2953012 2 available, 838 88608 total] Access sing fil le 'ios_i image1.b bin' on 130.10.1 10.1... Loadin ng ios_ _image1.b bin .fro om 130.10.10.1 (via Ethernet0 E 0): [OK]

!

Erasin ng devic ce......e erased Loadin ng ios_ _image1. .bin fr rom 130 0.10.10.1 1 (via Ethern net0): !!!!!! !!!!!!!! !!!!!!!!! !!! !!!!!! !!!!!!!! !!!!!!!!! !!!!!!!! !!!!!!!!!!!!!!!! !!!!!!!!!!!!!!!! !!!!! !!!!!! !!!!!!!! !!!!!! [OK - 543553 32/838860 08 bytes s] Verify ying che ecksum... . OK (0 0x9E40) Flash copy to ook 0:03: :05 [hh: :mm:ss] %FLH: Re-boot ting syst tem afte er download 2. Now w copy the configuratio c on from the same TFTP server at address 1330.10.10.1. Copying C configuuration is mu uch easier thhan copyingg the IOS im mage. The connfiguration for f R1 is stoored in the file f R1conf fig. Begin thhe process off copying thee configuratio on from the TFTP T server to the routerr’s runningconfigurration.

26


Lab Sessioon 4


Router r# copy tftp run nning-co onfig uration filenname Specify the configu Addres ss of re emote hos st[255.2 255.255.255]? a 130.10.100.1 Enter thhe address as nter the connfiguration filename f loaaded as in thhe followin ng example: When pprompted, en Source e file name? n R1c config.t txt nfiguration of o router R11. 3. Loook at the con

EXER RCISES t configuuration file has been looaded to thhe router 1. Deteermine the interface sttates after the from m the TFTP server. Reaason why thhe states aree that way. ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

2. Backup the runnning configguration of the t router too the TFTP server. __________________________________________________________________ ______________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

27


Lab Sessioon 5


Lab b Session 05 OBJECT Conffiguring sta atic routes on o Cisco rou uters.

Figure 5.1: Scenario forr static routess

THEO ORY mplest metho od to route packets on a network is i static rouutes. Although dynamicc routing The sim protocols are flexib ble and adjust to netw work changees, they do have h associaated networrk traffic b w the userr data traffic. with which ccompetes for network bandwidth r speccify a fixedd route forr a certain destinationn network. They neeed to be Static routes configuured on any router that needs n to reaach a netwoork that it iss not directlyy connectedd to. The IOS com mmand usedd to configuure static rou utes is ip route. Thhe syntax is: ip ro outedest tination-address ssubnet-m mask{ip-address | outg goinginterf face} [d distance] ] [tagta ag] [per rmanent] where:    

ddestination--address is the destinaation address prefix foor the netw work that we w would l the rouuter to reachh like s subnet-mas k is the suubnet mask k to be ussed on the address prrefix to match m for d destination addresses. Multiple neetworks maay be combined such that t the destinationa address andd subnet-maask combinaation matches all hosts on those neetworks. i ip-address specifies whhat ip addreess to forwaard a packett to if an IP packet arrives with a destinatio on address that t matchees the destinnation-addreess subnet-m mask pair specified s i this comm in mand. A Alternativel ly outgoingg-interface specifies which w interfface the paccket shouldd be sent o of. Addding a staticc route to an out n Ethernet or o other bro oadcast inteerface (for example, e i route ip e 0.0.0. .0 0.0.0 0.0 Ethe ernet 1/2) will cau use the rouute to be i inserted into the routinng table onlly when thee interface is i up. This configuratio c on is not g generally reecommendeed. When th he next hop of a static route r pointss to an interface, the r router consiiders each of o the hosts within the range r of thee route to bee directly coonnected t through thaat interfacee, and thereefore it willl send AR RP requests to any desstination a addresses thhat route thrrough the sttatic route. 28


Lab Sessioon 5


  

ddistance is the optionaal administrrative distannce value foor the routee. If unspecified the d default valu ue is 1. t value caan be used as tag a a "match" value for controlling redistributiion via routee maps. p permanent specifies thhat the rouute will nott be removeed even if the interface shuts d down.

DTE/D DCE DCE annd DTE are the interfacces.The DCE E-DTE connnection bettween routerrs is referreed to as a null seriial cable DC CE(data com mmunicatioon equipmennt) and DTE E (Data term minal equipm ment). DCE is located at the t service provider p endd while the DTE is attaached device. t the DTE E is often accessed a via modems or channell service The serrvices that are given to unit/datta service un nit(CSU/DS SU). DCE provides cloccking and DTE D receivees the clockk

PROC CEDURE C thee network as a shown in the networkk diagram. 1. Connect ip addressees and clockk rates(if neeeded) on the Configure appropriate a t router innterfaces 2. C a specifiedd in the netw as work diagram m. F R1, enter the follow wing static routes 3. For ip ro oute 172. .16.20.0 0 255.255.255.0 192.168.10.2 ip rou ute 192. .168.20.0 255.25 55.255.0 192.168 8.10.2 O R2 enter: 4. On ip rou ute 172. .16.10.0 255.255 5.255.0 192.168. .10.1 ip route 17 72.16.20 0.0 255.255.255. .0 192.168.20.2 O R3 enter: 5. On oute 172. .16.10.0 0 255.255.255.0 192.168.20.1 ip ro ip rou ute 192. .168.10.0 255.25 55.255.0 192.168 8.20.1 After that verify v the sttatic routes by enteringg the follow wing commaands in the privilege p 6. A m mode: rou uter# shi ip route e

EXER RCISES 1. Run the t comman nd show IP route and write w its outpput.

29


Lab Sessioon 5


2. Whatt is the defaault adminisstrative disttance of staatic route? Write W the IP P route com mmand to modiify the samee.

nd assign ann IP addresss 10.1.0.1 /16 to it. Now N add 3.Createe a loop baack interface on R3 an statiic routes too each of thhe other ro outers to reeach this in nterface. Veerify your work w by pingging the new wly created interface frrom routers R1 and R2 respectively. _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

30


Lab Sessioon 6


Lab b Session 06 OBJECT Configu uring RIP(R Routing Infformation Protocol). P

Figure 6.1: 6 Scenarioo for RIP

THEO ORY Routingg Informatio on Protocol is an Interioor Gatewayy Protocol (IIGP), meaniing it is useed within an autonomous syystem. An autonomous a s system is a collectioon of netwo orks under a single mmon routting strateggy. A distannce-vector protocol, RIP R was adminisstration, shaaring a com designed to work with w small too medium-ssized networks. The oriiginal versiion of RIP P is based on the proogram routeed (pronouunced "routte dee"), distribuuted with th he 4.3 Berkkeley Softw ware Distribbution. RIP P was in widespread w u as a use d in RFC R 1058. RIP R Versionn 2, definedd in RFC routing protocol beefore it wass formally defined o verrsion. Both versions 2453, addded some additional features andd functionaality to the original of RIP are discusssed in this module. RF FC 2091 sppecified add ditional exttensions forr RIP to d circcuits (Trigggered RIP). Support foor Triggeredd RIP was added a in allow suupport for demand 12.0(1)T T and will not n be discuussed here. Some aadvantages of using RIP, R especially in small network ks, is that there is veery little overheaad, in termss of bandwiidth used an nd configurration and managemen m nt time. RIP P is also easy to implement, compared to newer IGPs, I and has h been imp mplemented in networkss around the world. RIP usees timers both to regulaate its perforrmance andd to help preevent routinng loops. Alll routers that usee RIP sendd an updatee message to all of their neighhbors appro oximately every e 30 secondss; this proceess is termeed advertisin ng. The RFC specifies that adverttisements shhould be random mized by up to +/– five seconds in order to prrevent synch hronization of routing updates. The Cissco implem mentation seends updatees every 30 seconds minus m up to 15 percentt, or 4.5 secondss. If a neigghbor has not n respondded in 180 seconds, s it is assumed d that the neeighboring router r is unavailaable or thee network connecting it to the router has become unnusable. When W the neighboor has not reesponded foor 180 secon nds, the rouute is markeed invalid; 180 seconds is long

31


Lab Sessioon 6


enough that a routee won't be invalidated i by a singlee missed update message. The neiighbor is s a no ormal updaate message with a mettric of "infiinity;" in shown tto be unreachable by sending the casee of RIP, thhis number is 16. If ann advertisement is recceived from m a neighboor with a metric oof infinity, then the rouute is placeed into holdddown statee, advertisedd with a disstance of 16, andd kept in th he routing taable. No uppdates from m other neigghbors for the same rroute are acceptedd while the route is in holddown h state. s If otheer neighborss are still addvertising thhe same route w when the hollddown tim mer expires, then their updates will then be accepted. a T route The will be advertised with an inffinity metricc for a periiod of time after the hoolddown staate if no alternatee paths are found. The acttual timers used to acccomplish thhe above taasks are a routing-upd r date timer, a routeinvalid timer, a rou ute-holddow wn timer, annd a route-fflush timer. The RIP ro outing-updaate timer is generrally set to 30 secondds, ensuringg that each router willl send a coomplete coppy of its routing table to all neighbors every e 30 seconds. The route-invallid timer dettermines hoow much time muust expire without w a roouter havinng heard aboout a particcular route before that route is considered invalid. When a rooute is marrked invalidd or put in holddown state, s neighhbors are he route-flussh timer. notifiedd of this facct. This notiification muust occur prrior to expirration of th When the t route fllush-timer expires, e thee route is rremoved froom the rouuting table. Typical initial vvalues for thhese timers are a 180 seco onds for thee route-invaalid and rou ute-holddow wn timers and 2400 seconds foor the route--flush timerr. The valuees for each of o these tim mers can be adjusted with thee timers ba asic routerr configurattion command. n sttability featuures that To adjuust for rapidd network-toopology chaanges, RIP specifies numerous are com mmon to man ny routing protocols. p R implem RIP ments split hoorizon withh poison-revverse and holddow wn mechaniisms to prevvent incorreect routing informationn from beinng propagated. Split horizonn prevents inncorrect meessages from m being proopagated by not advertiising routess over an r is using to reach h the route. Implemen nting split horizon h helpps avoid interface that the router o by y advertisingg routes thatt are unreacchable with a metric routing loops. Poison reverse operates Holddown is a method d of markinng routes of infinity back to the originaal source off the route. H A discussedd above, noo updates froom other neeighbors forr the same route r are invalid (expired). As h state. s acceptedd while the route is in holddown s feature. Upddates are Triggereed updatess are also an includeed convergeence and stability triggereed whenever a metric for a routee changes. Triggered T u updates mayy also contain only informaation regardding routess that havee changed, unlike sccheduled uppdates. Theere is a minimuum delay of five secondds between triggered t uppdates to prrevent updatte storms.

PROC CEDURE C up thhe network as a shown inn the diagram m. 1. Cable Assign the IP address as shown in i the diagrram to the appropriate a interfaces. For the 2. A u to indiccate a DCE port. serial links,, has been used I RIP roouting comm mands on all a the routerrs starting from fr the gloobal config mode. m 3. Issue

32


Lab Sessioon 6


4. On O R1: uter rip rou net twork 172 2.16.10. .0 net twork 192 2.168.10 0.0 O R2 On uter rip rou net twork 192 2.168.10 0.0 net twork 192 2.168.20 0.0 On R 3 O r router r rip net twork 10. .0.0.0 net twork 192 2.168.20 0.0 wo comman nds enable the t routing protocol p RIIP. These tw 5.

Ping the hoost from R1.

to abor e s sequence rt. Type escape Sendin ng 5, 10 00-byte ICMP I Ech hos to 10.0.0.1, , timeou ut is 2 second ds: !!!!! Succes ss rate is 100 percent p rip min/avg/max = (5/5), round-tr 1/2/4 ms

EXER RCISES 1. Conffigure RIP version v 1 onn two routeers. Run Deebug ip rip and a note thhe address on o which updaates are sent. _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

n timers for RIP v1. 2. Writee commandss to modifyy the defaultt update andd hold-down _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ 33


Lab Seession7


Lab b Session 07 OBJECT Configu uring RIP Version V 2

Figure 7..1: Scenario for RIPv2

THEO ORY RIPv2 is i almost thee same as thhe RIP verssion 1. RipV V2 also send ds its complete routingg table to its active interfacces at periiodictime intervals.Th i he timers,looop avoidaance schem mes and R is considered c c classless adminisstrative disttance are thhe same ass Rip versiion 1.But RIPv2 routing protocol because it also a sends subnet s inforrmation’s with w each roouter.It alsoo allows ng MD5 enccryption schheme. And it also suppoorts discontiiguous netw works. authentiication usin Configuuring routerr with RIP version v 2 iss very simpple. Just addd the comm mand versionn 2under the (co onfig-rou uter) # prompt and a the routeer is running RIPv2. rou uter rip ver rsion 2 net twork 172 2.16.10. .0 net twork 192 2.168.10 0.0

EXER RCISES 1. Note down the roouting tablee for Routerr R1. _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

34


Lab Seession7


2. Run the t commannd debug ripp and note down d the multicast m add dress on whhich RIPv2 forwards f the uupdates. _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

3. Writee down the source s IP adddress for thhe ping pacckets when you y ping H1 1 from R1. _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

w could you u check if H1 H can reacch the loop pback interfface? In 4. Whille working on R1, how otherr words, how w can you verify v if a piing from H1 to loopbacck of R1 is successful?? _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________ _________________________________________________________________________________

35


Lab Seession8


Lab b Session 08 OBJECT Coonfiguring OSPF (Open Shortestt Path Firstt) Single Arrea

THEO ORY Open S Shortest Patth First (OSPF) was developed by the Inteernet Engin neering Tassk Force (IETF) as a replaceement for thhe problem matic RIP annd is now th he IETF-reccommendedd Interior SPF is a liink state protocol thaat, as the name n impliies, uses Gatewaay Protocol (IGP). OS Dijkstraa's Shortest Path First (SPF) ( algoriithm. It is aan open stanndards protoocol—that is, it isn't propriettary to any vendor v or organization n Like alll link state protocols, p O OSPF's major advantagges over disstance vectoor protocolss are fast reconveergence, sup pport for much m larger internetworrks, and lesss susceptibbility to badd routing informaation. Other features off OSPF are: 

      

The use of areaas, which reeduces the protocol's p im mpact on CPU C and meemory, conttains the w of routin ng protocol traffic, annd makes possible p thee construction of hierrarchical flow interrnetwork toopologies Fullly classless behavior, eliminatingsuch classful problems as discontigguous subneets Support of classless routee table look kups, VLSM M, and suppernetting fo or efficient address mannagement A diimensionlesss, arbitraryy metric Equual-cost load d balancing for more effficient use of multiple paths. The use of resserved mullticast addreesses to reduce the im mpact on non-OSPF-s n speaking deviices Support of authhentication for f more secure routingg The use of routte tagging foor the trackiing of exterrnal routes

Table 8.1 Characteeristics of OSPF Characteristtic

OSP PF

VLSM support

Yess

Manual summarizaation

Yess

Type off protocol

Link sttate

Classlesss support

Yess

36


Lab Seession8


Auto-suummarizatioon

N No

Disconttiguous supp port

Y Yes

Route ppropagation

M Multicast onn change

Hop couunt limit

N None

Converggence

F Fast

Peer autthenticationn

Y Yes

Hierarchhical networkkUpdates/ Route R computaation

Event triggeered/ E D Dijkstra

nd BDR DR an DR (Deesignated Ro outers): The DR R has the folllowing dutiies:  

To represent the t multi-aaccess netw work and iits attached d routers to t the restt of the interrnetwork To m manage the flooding prrocess on th he multi-acccess network k

The conncept behin nd the DR is that the network ittself is connsidered a "pseudonod " de," or a virtual rrouter. Eachh routeron the network k forms an adjacency with the DR which reepresents the pseuudonode. Onnly the DR will send LSAs L to the rest of the internetwork i k. Note: rrouter might be a DR on o one of itss attached multi-access m s networks, and it mighht not be the DR on another of its attached multi-a access netwoorks. In other words, thhe DR is a property p of a rouuter's interfaace, not the entire routeer. BDR(Backup Desiignated Rou uter): A Backkup Design nated Routeer (BDR) is a hot staandby for the t DR onnmulti-accesss links. TheBDR R receives all routingg updates frrom OSPF adjacent roouters but doesn’t floood LSA updates.

37


Lab Seession8


Note: iff the router interface priority p valu ue is set to zero z then th hat router won’t w particcipate in the DR or BDR eleections on thhat interfacee. Lo 0 11.1.1.1/24 Fa0/1 10.1.1.1/24

172.16.68.1//21 Fa0/0 P=2

E0 1.2/24 10.1.1

P=1

P=1 Cisco 2801

R1

Configu urations for cisco 2801    

 

First form the physical p toppology as abbove Enteer interface configuratiion mode for f fa0/0 annd assign thhe given ip address andd subnet massk In thhe interface configuratiion mode giive the com mmand ipos spf prio ority 2 Exitt from fa0//0 and enteer interface configuratiion mode of o fa0/1. Assign A the given g IP addrress and sub bnet mask. Assign A prioority is in thee previous step. s Notee: As the given g prioriity value iss 1, which is default, therefore there t is no need of expllicit assignm ment Quitt the interfaace configurration modee Now w start confi figuring the interfaces of o R1

urations for R1 Configu    

Enteer the interfface configuuration modde of R1 foor e0 and ennter the IP address andd subnet massk Quitt from intterface connfiguration of e0 andd type int terface lo 0 inn global conffiguration mode m Now w as you hav ve entered interface i coonfigurationn of loop bacck 0 interfaace, assign thhe given IP aaddress and subnet massk Quitt from interrface configguration moode and invvoke routerr configurattion mode on both routters simultanneously

Simultaaneous configurationss on both roouters 

Enteer the folloowing com mmands onn both routters simultaaneously ( one routeer to be conffigured by the studentt and the otther one byy the demo onstrator) an nd press ennter after syncchronizationn of each coommand router rospf 1 

Enteer each of network n com mmands on both b routerss simultaneoously

38


Lab Seession8


networ rk m area 0

attach hed

to

the

Checkin ng the outccome of thee election  

 

First check thee routing taable by issu uing show w ip rou ute comm mand on prrivileged modde or ping frrom cisco28801 to the lo oopback intterface of R1 R Now w to check the state of o your routter, issue show s ipospf inte erface coommand from m priviledgeed mode annd note dow wn 1) your router ID, 2) your staate 3) Router ID of desiignated routter Issuue show ip pospf ne eighbors command to t further coonfirm the status s of adjjacency Now w type ipo ospf database to find out whhich LSA’ss have beenn exchangedd and to notee their respeective sequeence numbers

RCISES EXER r numberr and for 1. Chaange the rouuter priorityy for Cisco 2801’s fa00/1 interface to your roll R1‘s e0 interfacce to the prresent year. Write the configuratio c on commandd in the spaace given beloow.___________________________ _______________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______

n N Now note 2. Conntinuing exeercise 1, resstart the ospf process and reconffigure the networks. dow wn the routeer ID’s of thhe designatted router and a backup designated router in thhe space giveen below. Also A note down the defaault value off Hello timeer ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

39


Lab Seession8


______________ __________________________________________________________________ ______________ __________________________________________________________________

3. Givee command ds to changee the default value of Hello H timer to your rolll number annd router deadd interval = 5 times thee Hello interrval. ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

40

Computer Communiccation Netwo orks

Lab b Session 9

NED University of Engineeering & Technollogy – Departmeent of Computerr & Information n Systems Engin neering

Lab Session S 09 OBJEC CT Configuring C IGRP (Inteerior Gatewaay Routing P Protocol).

A

4 mplementatioon Fig 9..1: Scenario for IGRP im

THEOR RY In this laab, we will introduce you y to your second rouuting protocool Interior G Gateway Roouting Protocol (IGRP). Intterior Gatew way Routing Protocol (IG GRP) is a roouting protoocol developped in the mid-1 1980s by Cissco Systems, Inc. In creaating IGRP, Cisco had thhe principal goal to provvide a robust prrotocol for routing r with hin an auton nomous systtem (AS) haaving mplex 1 an arbbitrarily com topology, and consistting of mediia with diverrse bandwiddth and delayy characterisstics. When IIGRP was deveeloped, the most m popularr intra-AS ro outing protoccol was the R Routing Infoormation Prootocol (RIP). Th he small hop p-count limiit (16) of RIIP restricted the size of internetworrks, and its ssingle metric (h hop count) diid not allow for much routing flexibiility in compplex environnments. To provide additionaal flexibility y, IGRP permits multipaath routing. Dual equall-bandwidth lines may run a single sttream of traaffic in roun nd-robin fasshion, with automatic sswitchover tto the second liine if one lin ne goes dow wn. Also, mu ultiple pathss can be usedd, even if thhe metrics foor the paths are different. For F example,, if one path h is three tim mes better thaan another bbecause its m metric t lower, the better path p will be used three ttimes as oftten. Only rouutes with m metrics is three times that are within w a certaain range of the best routte are used aas multiple ppaths. IGRP is a distance-vector protocol. Distancee-vector routting protocolls call for eaach router too send all or a portion p of itss routing tab ble in a routiing update m message at reegular intervvals to each of its neighboriing routers. As routing informatiion proliferaates throughh the netw work, routerss can calculate distances to o all nodes within w the internetwork. IGRP usees a combinaation of adm ministrative distance d and route metriccs to aid in rrouting decissions. The distaance value iss the relative believability of a route,, and the metric is the reelative desiraability of the rou ute. In IGRP P, distance allways takes precedence over the meetric. The meetric is used when routes haave an equal distance. 41


Lab b Session 9


Administrative Disttance Every rou uting protocol supported d by Cisco ro outers has a default-distaance value aassociated w with it. This valu ue is used to o determine the relativee believabiliity of a routte. If the router has muultiple entries in n its routing table to thee same destiination netw work, it will "believe" thhe route witth the lowest diistance valuee over routes with higheer distance vvalues. It wiill then chooose the routee with the shorteest distance value. Conn nected and sttatic routes aalso have disstances associated with tthem. RIP has an a administrative distancce of 120 wh hereas IGRP P has an adm ministrative ddistance of 1000. Distance is a factor when w a routeer is running g two differeent routing pprotocols andd learns abouut the same netw work from both b protoco ols. The prottocol that haas a lower diistance assocciated with iit will be the on ne whose en ntry is installled in the ro outing table of the routeer. For exam mple, a netwoork is running both b RIP and d IGRP. Fro om the abovee table, you can see thatt the distancee of IGRP iss 100, whereas the t distance of RIP is 120. In this case, c the IGR RP routes w will be installled in the roouting table of th he router. Beecause runniing more thaan one proto col is comm mon, distancee will alwayss play a part in routing deccisions. Disttance is locaal to the rouuter. It is noot advertisedd by any roouting protocolss. Metrics IGRP usees a combination of mettrics. Interneetwork delayy, bandwidthh, reliability, and load can all be factoreed into the ro outing decision: 

Intern network dela ay—Delay measures m thee time it takees an interfaace to serialiize the maxiimum size for f a packet that t an interrface can acccept onto thee physical m media. The IG GRP internettwork delay y is the speed d of the med dia in units of o 10 microsseconds. To find the dellay in a pathh, add all thee delays from m the outgoiing interfacees and dividee this numbeer by 10. (Thhe delay is inn tens of microseconds). Sloweer links havee higher delaays, and fastter links havve lower delaays. Delay ccan be configgured by a network n adm ministrator, or o you can use u the Cisco default. W With a Cisco router, the delay seen with the show inte erface co ommand is in units of microseconnds. The de elay comm mand, which h allows us to o change thee default dellay for an intterface, speccifies the dellay in tens of o microseco onds.



Band dwidth—Ban ndwidth is th he measure of o the speed of the physsical networkk connected to an interfface. Bandw width is usu ually expresssed in unitss of kilobitss per seconnd (Kbps). IIGRP bandw width is thee inverse off the media bandwidth scaled by a factor of 107. To finnd the bandw width in a path, p find th he smallest of o all the baandwidths ffrom outgoinng interfaces and dividee 10,000,000 by that nu umber. (Thee bandwidthh is scaled bby 10,000,0000 in kilobitts per secon nd.) Cisco o uses a facto or of 1000 when w using the t bandwi idth commaand. A 64K serial conneection has a bandwidth h of 64,000 bits per seecond. Withh a Cisco rrouter, if yoou configurre the band dwidth 64 4 command on a serial in nterface, thee result is a 664K bandwiddth. 42


Lab b Session 9




Reliability—IGR RP reliability y reflects thee stability off the link, ggiven as a frraction of 2555. A valuee of 255 indiicates a 100--percent stab ble link. This value is baased upon reeceived keeppalive inform mation for th he link. Reliability also incorporatees how oftenn the link traansitions froom an up staate to a down n state, as well as the errror rate of frames arrivinng on the linkk.



Load— —IGRP loaad reflects th he saturation n of the linkk, given as a fraction off 255. A vallue of 255 indicates i thaat the link iss 100-percen nt saturated.. A value off 1 indicatess that there is no trafficc on the link k. Load refleccts the utilizzation of a linnk.

These meetric compon nents are co ombined in a user-definaable algorithhm, with thee result know wn as the comp posite metriic. By defau ult, IGRP uses u only bbandwidth annd delay inn determininng its compositte metric. To calcu ulate the co omposite metric, m IGRP P adds togeether the w weighted vallues of diff fferent characterristics of the link to th he network in questionn. These vaalues (bandw width, bandw width divided by b load, and d delay) aree weighted with the coonstants K1,, K2, K3, K K4, and K5. The formula follows: f Metric = K1 * Bandw width + (K2 * Bandwidth h)/(256 – Looad) + K3 * Delay The defau ult constant values are K1 K = K3 = 1 and K2 = 0, so, whenn using the ddefault valuees, the metric vaalue can be simplified s to: Metric = Bandwidth + Delay Additionaally, K4 and d K5 default to 0. If K5 does d not equual 0, an addiitional operaation is donee: Metric = Metric * [K K5/(Reliabilitty + K4)] w the smaallest metric is the best ppath. Remember, the path with

PROCE EDURE 1. Use a /16 mask on all the inteerfaces. he address range 130.10 0.0.0-130.13..0.0 for all thhe links. 2. Use th 3. Use a bandwidth of 64000 bp ps for serial links. l o1 Scenario me that the ethernet lin nk between R1 R and R3 is a 100Mbbps back bonne link. Yoou are 1. Assum asked d not to have any broad dcast traffic on this linkk. But only unicast pacckets are alloowed.

43


Lab b Session 9


Using g the networrks (a)10.0.0 0.0 for R1-faa0/0 (b)11.00.0.0 for R1--s0/0 and R22 s0/0 (c)12.0.0.0 for R2 2 s0/1 and R3 R s0/0 (d) 13.0.0.0 for R3 R fa0/0.Connfigure IGRP P appropriattely. 2. Change the mask on the R1-R R2serial link k from /16 too /24. Checkk for networkk connectiviity. If you have h any pro oblems with full connectivity, use thhe commandds that you hhave learnt sso far in this course to get g full connectivity.

Scenario o2 1. Change the mask on R1-R3 serial link baack to /24. 2. Confiigure IGRP on R3 such that R3 equ ually load baalances betw ween the etheernet link annd the seriall link to reach the loopbaack interfacee on R1. 3. The serial s link beetween R3 and R1 is beiing providedd by a new IISP. It has been seen thaat this link is i highly unrreliable and a decision has h been takken to use itt only when the link bettween R2 an nd R3 goes down. Make suitable ch hanges to yoour IGRP coonfigurationn on R3 to rreflect this. o3 Scenario The seriaal link betweeen R3 and R1 R is now being provideed by a diffeerent ISP annd has been ffound to have a very high reeliability. Also the link between b R3 and R2 has been upgradded to T3 annd the link betw ween R2 and R1 is a T1. Make necesssary changees to your IG GRP configuuration on R R3 and R2 so thaat it correctly y reflects thee bandwidthss and delays. Also IGRP P should loadd balance.

EXERC CISES bove given sccenarios and d write downn the configuuration comm mands for eaach of 1. Impleement the ab them,, using Cisco o routers. _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ 44


Lab S Session 10


Lab Session S 10 OBJEC CT Config guringEIGR RP (Enhanceed Interior G Gateway Rou uting Protoccol)

THEOR RY EIGRP iss a proprietaary Cisco prrotocol that runs on Cissco routers. It is importaant to underrstand EIGRP because b it is probably on ne of the tw wo most popuular routing protocols inn use today.. Like IGRP, EIIGRP uses th he concept of o an autono omous system m to describbe a set of contiguous roouters that run the same ro outing proto ocol and share routing informationn. But unlikke IGRP, EIIGRP includes the t subnet mask m in its ro oute updates.. Why preefer EIGRP? EIGRP iss sometimes referred to as a a hybrid routing r protoocol becausee it has charaacteristics off both distance vector and link l state pro otocols. Forr example, E EIGRP doesnn’t send linkk-state packeets as oes; instead it sends traaditional disstance vectoor updates ccontaining innformation about OSPF do networkss plus the co ost of reach hing them from fr the perrspective off the advertiising router.. And EIGRP has h link statee characteristics as well – it synchroonizes routinng tables bettween neighhbours at startup p and then seends specificc updates onlly when topoology changges occur. Thhis makes EIIGRP suitable for f very larg ge networkss. EIGRP haas a maximum um hop counnt of 255 (the default is set to 100). EIGRP metric m calcu ulation: EIGRP unlike u many other protoccols that vusee a single facctor to comppare routes aand select thee best possible path, p EIGRP P can use a combination c of four: 1) Bandw width 2) Delaay 3) Load 4) Reliaability P Configurring EIGRP Consider the topology:

Routerr1

R Router2 PC2

PC1

172.16.16.2/2 24

172.16.3 32.2/24

Fig 10..1:Scenario for EIGRP iimplementattion Following are the IP addresses asssigned to th he interfaces 45


Lab S Session 10


Router2 2#sh ipint brief ace Interfa Pr rotocol FastEth hernet0/0 FastEth hernet1/0 Serial2 2/0 Serial3 3/0 down FastEth hernet4/0 down FastEth hernet5/0 down Modem6/ /0 down Modem7/ /0 down /0 Modem8/ down

Address IP-A unassigned 172.16.32.1 172.16.64.2 unas ssigned una assigned una assigned

OK? ?

Method d

Stat tus

YES YES YES YES

do m manual up own up m manual u up up m manual u up m manual ad dministra atively d down

YES

m manual ad dministra atively d down

YES m manual ad dministra atively d down

igned unassi

YES

m manual

d down

unassi igned

YES

manual m

d down

unassi igned

YES

m manual

d down

Router1 1#sh ipint brief ace Interfa

IP-AddressOK?

Method

Status s

Protoc col

172.16.32.1YES man Fa0/0 nual up p up u ed YES manual adminis strativel ly down d down Fa1/0 unassign manual up Serial2 2/0 172.16.64.1 YES up p Serial3 3/0 unassigned d YES manual administ tratively y down d down Fa4/0 unassign u ed YES manu ual admin nistrativ vely down n down ed YES Fa5/0 unassign u manu ual admin nistrativ vely down n down Tostart EIGRP E proceess on both ro outers the fo ollowing connfigurations w will be donee. Router1 1(config)#router eigrp 1 Router1 1(config-router)#network k 172.16. 64.0 0.0 0.0.255 Router1 1(config-router)#network k 172.16. 32.0 0.0 0.0.255 Router1 1(config-router)#exit Router2 2(config)#router eigrp 1 Router2 2(config-router)#network k 172.16. 64.0 0.0 0.0.255 Router2 2(config-router)#network k 172.16. 64.0 0.0 0.0.255 Router2 2(config-router)#network k 172.16. 16.0 0.0 0.0.255 Router2 2(config-router)#exit

46


Lab S Session 10


Now veriifying the routing tables.. Router2 2#sh ip route Codes: C - con nnected, S - stat tic, I - IGRP, R - RIP, M - mobi ile, B - BGP P D - EIG GRP, EX - EIGRP external, e , O - OS SPF, IA - OSPF in nter area N1 - OS SPF NSSA externa al type 1 1, N2 - OSPF NS SSA exter rnal type 2 E1 - OS SPF exter rnal type e 1, E2 - OSPF e external type 2, E EGP i - IS-IS, L1 - IS-IS level-1, , L2 - I IS-IS level-2, i ia i area IS-IS inter * - candidate default, d U - per-user sta atic rout te, o - O ODR P - periodic downloaded d static route y of last resort is not set Gateway 17 72.16.0.0/24 is subnetted, 3 sub bnets C 172.16.16.0 is directly connec cted, Fas stEtherne et0/0 D 172 2.16.32.0 0 [90/205 514560] via 172.16.64.1 1, 00:01: :36, Serial2 2/0 C 172.16.64.0 is directly connec cted, Ser rial2/0 Router1 1#sh ip route Codes: C - con nnected, S - stat tic, I - IGRP, R - RIP, M - mobi ile, B - BGP P D - EIG GRP, EX - EIGRP external, e , O - OS SPF, IA - OSPF in nter area N1 - OS SPF NSSA externa al type 1 1, N2 - OSPF NS SSA exter rnal type 2 E1 - OS SPF exter rnal type e 1, E2 - OSPF e external type 2, E EGP i - IS-IS, L1 - IS-IS level-1, , L2 - I IS-IS level-2, i ia i area IS-IS inter * - candidate default, d U - per-user sta atic rout te, o - O ODR P - periodic downloaded d static route y of last resort is not set Gateway 72.16.0.0/24 is subnetted, 3 sub bnets 17 D 2.16.16.0 0 [90/205 514560] via 172.16.64.2, 00:01: :53, 172 Serial2 2/0 C 172.16.32.0 is directly connec cted, Fas stEtherne et0/0 C 172.16.64.0 is directly connec cted, Ser rial2/0 47


Lab S Session 10


Now we will check end e to end co onnectivity from f PCs. PC2>pin ng 172.16.32.2 g 172.16.32.2 with 32 by ytes of d data: Pinging Reply Reply Reply Reply

from f from f from f from f

172.16.32.2: 172.16.32.2: 172.16.32.2: 172.16.32.2:

bytes= =32 bytes= =32 bytes= =32 bytes= =32

time= =156ms time= =125ms time= =127ms time= =141ms

TT TL=126 TT TL=126 TT TL=126 TT TL=126

Ping st tatistics for 172.16.32.2: Pac ckets: Sent = 4, Received = 4, L Lost = 0 (0% loss s), Approxi imate round trip times in milli-seconds: Min nimum = 125ms, Maximum M = 156ms, Average = 137ms PC1>pin ng 172.16.16.2 Pinging g 172.16.16.2 with 32 by ytes of d data: Reply Reply Reply Reply

from f from f from f from f

172.16.16.2: 172.16.16.2: 172.16.16.2: 172.16.16.2:

bytes= =32 bytes= =32 bytes= =32 bytes= =32

time= =140ms time= =156ms time= =125ms time= =141ms

TT TL=126 TT TL=126 TT TL=126 TT TL=126

Ping st tatistics for 172.16.16.2: Pac ckets: Sent = 4, Received = 4, L Lost = 0 (0% loss s), Approxi imate round trip times in milli-seconds: Min nimum = 125ms, Maximum M = 156ms, Average = 140ms Now disp playing EIGR RP topology y on R2 only y Router2 2#sh ipeigrp topology IP-EIGR RP Topology Table for AS 1 Codes: P - Passive, A - Active, U - Up pdate, Q - Query, R - Rep ply, r - Reply status P 172.1 16.64.0/24, 1 successors, FD is 20512000 0 via Connected d, Serial2/0 16.16.0/24, 1 successors, FD is 28160 P 172.1 via Connected d, FastEthernet0/ /0 P 172.1 16.4.0/24, 1 successors, FD is 2 20512000 via Connected d, Serial3/0 P 172.1 16.32.0/24, 1 successors, FD is 20514560 0 48


Lab S Session 10


via 172.16.64.1 (20514560/281 160), Ser rial2/0 16.8.0/24, 2 successors, FD is 2 21024000 P 172.1 via 172.16.64.1 (21024000/205 512000), Serial2/ /0 via 172.16.4.1 (21024000/2051 12000), S Serial3/0 0 Router2 2#sh ipeigrp

neighbors

RP neighbors for process 1 IP-EIGR H Ad ddress In nterface Seq

Hol ld Uptim me

SRT TT

(se ec) CntNum 0 172.16.64.1 20 1 172.16.4.1 24

RTO

Q ( (ms)

Se e2/0

12

00:02 2:50

40

1000 0

0

Se e3/0

10

00:02 2:50

40

1000 0

0

EXERC CISES 1. Whatt four routed protocols arre supported d by EIGRP?? _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

2. When n is redistribution requireed for EIGR RP? _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

49


Lab Session n 11


Lab Session S 11 OBJEC CT Recovering R lost l router ppassword.

RY THEOR In this lab b you will leearn the proccedures requ uired to recoover a lost loogin or enablle password.. The procedurees differs deepending on n the platform m and the ssoftware useed, but in alll cases, passsword recovery requires thaat the router be b taken outt of operationn and powerred down. Note: 1. Please use cisco as a the passw word where necessary. n 2. Please be prepareed to do passsword recoveery right awaay. The grooup before yoou might havve set a passsword other than cisco. 3. Use show s ver rsion comm mand to deetermine thee platform bbefore you ttry the passsword recov very. nfiguration register r as paart of this labb. The conffig-register iss a 16 You will be working with the con bit registter. Look up p informatio on about thee config-regiister on docuumentation CD, CISCO O web site, or an ny other reso ources availaable to you. Softwaree Configura ation Registeer Bits (Wh hat do they m mean) Bit Number 0 to 3 6

Valu ue 0x00 000 to 0x000 0F 0x00 040 (setting bit b 6 to 1)

8 13

0x0100 0x20 000

Meeaning Booot field Cauuses system m software too ignore NV VRAM conteents Breeak disabledd Booot default Flash softtware if netw fails work boot fa

Explanattion of Boott Field Boot Fielld 0x0000 0xXXX1 0xXXX2 2 0xXXXF F

Meaning M Sttays at the sy ystem bootstrrap prompt Bo oots the firstt system imaage in onboar ard Flash mem mory If you set the boot field value v to 0x2 through 0xF F and there is a valid bo oot system command c sto ored in the c onfigurationn file, the rouuter boots the system so oftware as directed d by that value. If there iss no boot sy ystem command, the rou uter forms a ddefault boott filename foor booting fro om a networrk server. Iff there is no network serrver configuured, as is the case in ourr lab, the standard setup dialogue is started. 50


Lab Session n 11


PROCE EDURE Assume you y have been locked ou ut of the rou uter. You haave access onnly to the usser mode. Foollow the instru uctions below w from the user u mode. Do D not get innto privilegeed mode. show vers sion and reecord the value of the coonfiguration register. 1. Types 2. Using g the power switch, turn off the routeer and then tturn it on. 3. Press CTRL+Breeak on the teerminal key yboard withinn 60 secondds of the poowerup to puut the routerr into ROMM MON mode.. 4. This is i where the procedure differs d depen nding on the platform. For 25XX 2 and 40 000:  

Type o/r 0x2142or0 0 x42at the > prompt tto boot from m flash witthout loadinng the co onfiguration. Typeiorrese etat the > prompt. p The router rebooots but ignorres its savedd configuratioon.

For 2600, 2 3600, 4500, 4 4700:  

Type confre eg 0x2142 at the rom mmon 1> proompt to booot from Flashh without loading th he configurattion. Type reset t at the rom mmon 2> prompt. p Thhe router reeboots but iignores its saved co onfiguration.

5. Type no after eacch setup quesstion or press Ctrl-C to sskip the initial setup proccedure. > prompt. You'll Y be in eenable modee and see thee Router# proompt. 6. Type enable at the Router> emorcopy start s run nningto coopy the nonvvolatile RAM M (NVRAM M) into 7. Type configme memo ory. Do not type config term. 8. Type config termand t maake the chang ges. The proompt is now w hostname(cconfig)#. 9. Type enable password p to set thhe passwordd to the new vvalue or issuue the comm mand no en nable pas ssword. register 0x2102, or o the value yyou recordedd in step 1. 10. Type config-r emorcopy running r startup s too commit thee changes. 11. Type write me 12. Type show ver rsion and observe o the configuration c n register seetting carefullly. 51


Lab Session n 11


EXERC CISES ng when the configuratio on-register iss set to 0x25442. 1. Explaain the settin _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

2. Theree are many different d way ys to access a router. Wrrite down theese ways. _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

3. Explaain the need for step 7 in n password reecovery proccedure. _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

4. Writee down thee difference between “enable “ p password d” and “enable sec cret pass sword.” _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ 52


Lab Session n 11


_____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ 5. Whatt happens iff “enable password” and “en nable sec cret pas ssword” arre the same?? _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

6. When n you config gure enable password p an nd issue the ccommand shhow runningg, you can seee the passw word set for the t privilegeed mode. Is there a methhod to preveent it from beeing visible?? _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

7. Set th he configuraation-registerr to 0x2542. Reload thee router. Dooes the breakk sequence w work? Crosss check with h configuratiion-register settings andd see if it m matches with the settingss.

Is

there any differen nce? Explain n. _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________ _____ __________ ___________ __________ _______________________________________________

53

Computeer Communiccation Netwoorks

Lab Sessioon 12


Lab b Session 12

OBJECT Stu udying and d configurin ng Access Lists

THEO ORY

An acceess list is essentially e a list of coonditions thhat categorrize packetss. One of the t most commonn and easieest to underrstand usess of access lists is filttering unwaanted packeets when implem menting secu urity policiies. Accesss lists can even be used u in sittuations thaat don’t necessaarily involvee blocking packets. p There arre a few im mportant rulees that a paccket followss when it’s being comppared with anaccess a list: Rule#1 It’s always comparred with eacch line of thhe access lisst in sequen ntial order— —that is, it’lll always start witth the first line l of the aaccess list, th hen go to line 2, then liine 3, and so s on. Rule#2 mpared with h lines of the access list only until u a mattch is madee. Once thee packet It’s com matchess the condittion on a liine of the access a list, the packett is acted upon u and noo further compariisons take place. p Rule#3 There iss an impliciit “deny” att the end off each accesss list—this means thatt if a packett doesn’t match thhe condition n on any off the lines inn the accesss list, the paacket will bee discardedd.Each of these ruules has som me powerfull implication ns when filttering IP paackets with access a lists,, so keep in mindd that creatinng effectivee access listss truly takess some pracctice. There arre two mainn types of acccess lists: 1. Standard acccess lists 2. Extended E acccess lists Standarrd access liists These uuse only thee source IP address in an IP packket as the coondition tesst. All decissions are made baased on the source IP address. a Thiis means thaat standard access listss basically permit p or deny ann entire suitee of protocools. They doon’t distingguish betweeen any of thhe many typpes of IP traffic such as web, Telnet, UD DP, and so on. o

54


Lab Sessioon 12


Its comm mand syntaax is -list {perm mit| deny} [log] access-

Fig 12.11: Standard Access A list to allowmyy network Commaands on routter will be R1(con nfig)#ac ccess-lis st 1 per rmit 172.16.0.0 0.0.255.255 R1(con nfig)#in nterface etherne et 0 R1(con nfig)#ip p access-group 1 out R1(con nfig)#in nterface etherne et 1 R1(con nfig)#ip p access-group 1 out The aboove commaands will peermit the neetwork 172.16.0.0 onlyy and will block b other network throughh the router on o its ethernnet interfacees in its outtside directions Extended access liists Extendeed access lissts can evaluuate many of o the otherr fields in thhelayer 3 and layer 4 heeaders of an IP paacket. Theyy can evaluaate source and a destinattion IPaddrresses, the protocol p fielld in the Networkk layer head der, and thee port numb ber at the Trransport layyer header. This T gives extended e access llists the abillity to makee much more granular decisions d whhen controllling traffic. mand syntaax is Its comm s-list {permit| { | deny} access [
]< [po orts][] ]

55


Lab Sessioon 12


Fig 12.2:: Extended access a list r will be: b Commaands on the router s-list 101 1 deny tcp 172 2.16.4.0 0.0.0.2 255 any eq 23 access access s-list 101 1 permi it ip an ny any interf face eth hernet 0 ip acc cess-gro oup 101 out o The aboove commannds will denny only the telnet from subnet 172 2.16.40.0 ou ut of E0 andd will permit aall other trafffic.

EXER RCISES Give coommands to enable loggging for thee given acceess list and to t show the entries thatt have been bloocked. ____________________ ______________________________________________________________________________ ____________________ ______________________________________________________________________________ ____________________ ______________________________________________________________________________ ____________________ ______________________________________________________________________________ ____________________ ______________________________________________________________________________ ____________________ ______________________________________________________________________________ ____________________ ______________________________________________________________________________

56


Lab Sessioon 13


Lab b Session 13 OBJECT Sttudyingbasiic LAN swittch operatioon.

THEO ORY LAN sw witch perforrms 3 operattions   

Adddress learninng Forw ward filter decision d Looop avoidancee

a Ethernet switch s learnns addressess of the attaached In this lab session, we will expplore how an hosts. Addresss learning A new switch has empty MA AC address table. t As eaach frame transits t swittch, it learnns source witch does not know to which port the MAC aaddress agaainst the soource port. As the sw destinattion is attacched, it iniitially transsmits the frrame to all ports. Thiis process is i called floodingg. As the responses aree received, the MAC adddress table is further populated. p

PROC CEDURE wing scenarrio: Consideer the follow

`

`

Cisco3560

mainCSDsw

`

Fig 13.1: Scenarrio for LAN N switch opeeration d off Cisco3560 will be Initiallyy the MAC database h#sh mac c-address s-table Switch

Mac Ad ddress Ta able ------------------------------------------V Vlan

Mac Addr ress

Type 57

Ports


Lab Sessioon 13


---1

-----------

--------

0006.2a7 75.100c

DYNA AMIC

-----

Fa0/1

Switch h# SDsw is And thaat of mainCS ISDsw#sh h mac-add dress-ta able mainCI Mac Ad ddress Ta able ------------------------------------------Vlan V ---1

Mac Addr ress -----------

Type --------

Ports -----

0060.471 1b.ae01

DYNA AMIC

Eth0/1

mainCI ISDsw# p for anyy of the rem maining compputers, the MAC M Now as any of the computers generates ping g address table will grow h#sh mac c-address s-table Switch Mac Addr M ress Tabl le ------------------------------------------Vlan V ---1 1 1


Type --------

Ports -----

0006.2a7 75.100c 0040.0ba a5.183a 00e0.f7a a4.475c

DYNA AMIC DYNA AMIC DYNA AMIC

Fa0/1 Fa0/1 Fa0/2

Switch h# Also forr mainCSDsw ISDsw#sh h mac-add dress-ta able mainCI Mac Add dress Tab ble ------------------------------------------Vlan V ---1 1 1 mainCI ISDsw#


Type --------

Ports -----

0040.0ba a5.183a 0060.471 1b.ae01 00e0.f7a a4.475c

DYNA AMIC DYNA AMIC DYNA AMIC

Eth1/1 Eth0/1 Eth0/1

58


Lab Sessioon 13


EXER RCISES 1. If a destination n MAC adddress is not in the forw ward/filter table, t what will the sw witch do withh the frame?? ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

h port and the sourcee MAC adddress is noot in the 2. If a frame is received on a switch forw ward/filter taable, what will w the swittch do? ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

59


Lab Sessioon 14


Lab b Session 14 OBJECT Learnin ng Loop Avvoidance wiith Spannin ng Tree.

THEO ORY The Spaanning Treee Protocol (STP) is a link layernnetwork prootocol that ensures a loop-free topology for any sw witched LA AN. Thus, th he basic function of STP is to prevvent switchinng loops and ensuuing broadccast radiatioon. In the OSI O model for f computeer networkinng, STP fallls under the OSI layer-2. It is standdardized as 802.1D. As thee name sugggests, it creates c a sppanning treee within a mesh network of connectted layer-2 switches (tyypically Ethhernetswitchhes), and disables thosse links thatt are not part of tthe spanningg tree, leaviing a single active pathh between anny two netw work nodes.. Spanninng tree allow ws a networrk design too include spaare (redund dant) links too provide auutomatic backup paths if an active link fails, withoout the dangger of switchh loops, or the t need forr manual enablingg/disabling of these baackup links. Switch looops must be avoided beecause they result in floodingg the local network. n STP is based on an algoritthm inventted by Raddia Perlmann while working w forr Digital ment Corporaation. Equipm

ation Protoccol Opera The colllection of switches s in a LAN cann be consideered a graphh whose noodes are thee bridges and the LAN segm ments (or cabbles), and whose w edgess are the intterfaces connnecting thee bridges T break looops in the LAN L while maintainingg access to all LAN seegments, to the segments. To nning tree. The spannning tree iss not necesssarily a the briddges collecttively comppute a span minimuum cost span nning tree. A network administrattor can reduuce the costt of a spannning tree, if necesssary, by alttering somee of the con nfiguration parameters p in such a way w as to affect a the choice oof the root of o the spannning tree. The spaanning treee that the bridges coompute usinng the Spaanning Tree Protocol can be determined using thhe followinng rules. Select a root brid dge. The rooot bridge of o the spannning tree iss the bridge with the smallest (lowest)) bridge ID D. Each briidge has a unique ideentifier (ID D) and a coonfigurable priority numberr; the bridgee ID contaiins both nu umbers. To compare tw wo bridge IDs, the prriority is compareed first. If two t bridges have equall priority, thhen the MAC addressess are compaared. For examplee, if switchees A (MAC C=0200.00000.1111) andd B (MAC= =0200.00000.2222) bothh have a priority of 10, then n switch A will w be selected as the root bridgee. If the netw work adminnistrators would like switch B to becomee the root bridge, they must set itss priority to be less thann 10.

60


Lab Sessioon 14


Determ mine the least cost path hs to the rooot bridge. The compuuted spanninng tree has the t propertyy that messaages from any a connecteed device too the root brridge traverrse a least coost path, i.e., a paath from thee device to the t root thaat has minim mum cost am mong all patths from thee device to the rooot. The cosst of traverssing a path is i the sum of o the costs of o the segm ments on the path. Differennt technologgies have diifferent defaault costs foor network segments. s An A administrrator can connfigure the cost c of traveersing a partticular netw work segmen nt. The prooperty that messages m a always traveerse least-coost paths too the root iss guaranteed by the followinng two ruless. Least ccost path from fr each bridge. Aft fter the rooot bridge has h been chhosen, eachh bridge determines the costt of each poossible pathh from itselff to the roott. From thesse, it picks one o with hat path beccomes the root r port the smaallest cost (aa least-costt path). Thee port conneecting to th (RP) off the bridge. om each network segm ment. The brridges on a network seegment colllectively Least coost path fro determine which brridge has thhe least-costt path from the networkk segment to t the root. The T port connectting this brridge to thee network segment iss then the designated port (DP) for the segmennt. oot paths. Any A active port that iss not a roott port or a designated d p is a port Disable all other ro blockedd port (BP). Bridge Protocol Data D Units (BPDUs) ( ng tree will be b computeed by the The aboove rules deescribe one way of deteermining whhat spannin algorithhm, but the rules r as wriitten requiree knowledgge of the enttire networkk. The bridgges have to deterrmine the rooot bridge and compu ute the port roles (root, designatedd, or blockeed) with only thee informatioon that theyy have. To ensure that each bridg ge has enouugh informaation, the bridges use speciaal data fram mes called Bridge B Prootocol Dataa Units (BP PDUs) to exchange e ation about b bridge IDs a and root pat th costs. informa A bridgge sends a BPDU B fram me using thee unique MAC M address of the porrt itself as a source address, and a destiination addrress of the STP S multicaast address 01:80:C2:00:00:00. pes of BPDU Us: There arre three typ   

Connfiguration BPDU B (CBP PDU), used d for Spanniing Tree com mputation Toppology Chan nge Notificaation (TCN)) BPDU, used to annou unce changees in the nettwork topoology Toppology Chan nge Notificaation Ackno owledgmentt (TCA)

BPDUs are exchannged regulaarly (every 2 seconds by default)) and enablle switches to keep track off network chhanges and to start and stop forwaarding at porrts as requirred. When a device is first f attacheed to a switcch port, it w will not imm mediately sttart to forwaard data. It will iinstead go through t a number n of states s whilee it processees BPDUs and determ mines the topology of the nettwork. When a host is attached a succh as a com mputer, printer or serverr the port 61


Lab Sessioon 14


will alw ways go intoo the forwarrding state, albeit after a delay of about 30 seeconds while it goes throughh the listeniing and leaarning states (see beloow). The tim me spent inn the listenning and learningg states is determined d b a value known by k as thhe forward delay (defaault 15 secoonds and set by thhe root brid dge). Howevver, if insteead another switch is co onnected, thhe port mayy remain in blockking mode if it is determined that it wouldd cause a lo oop in the network. Topology T Change Notificatio on (TCN) BPDUs B are used u to infoorm other sw witches of port p changees. TCNs he network by a non-root switch and propaggated to thee root. Uponn receipt are injected into th CN, the roo ot switch wiill set a Toppology Channge flag in its i normal BPDUs. B Thiis flag is ofthe TC propagaated to all other o switches to instrruct them to t rapidly age a out theeir forwarding table entries. Spannin ng Tree poort states: 

 





Bloccking - A po ort that wouuld cause a switching loop, no useer data is sen nt or receivved but it mayy go into foorwarding mode m if the other links in use werre to fail an nd the spannning tree algoorithm deterrmines the port may trransition too the forwarrding state. BPDU datta is still receeived in bloccking state. Listeening - Thee switch proocesses BPD DUs and aw waits possibble new infoormation thaat would causse it to returrn to the bloocking statee. Learrning - Wh hile the porrt does nott yet forwarrd frames (packets) ( itt does learnn source addrresses from m frames received r an nd adds theem to the filtering database d (sw witching dataabase) Forw warding - A port receeiving and sending daata, normal operation. STP still monitors m incooming BPD DUs that woould indicatte it should return to the t blockingg state to prevent p a loopp. Disaabled - Not strictly partt of STP, a network addministrator can manuaally disable a port

f toopology: Now coonsider the following

`

`

Cisco3560

mainCSDsw

`

Fig 14.11:Scenario for f implemeenting spann ning tree op can be obbserved Here a pphysical loo panning treee calculations for main nCSDsw firrst Now obbserve the sp ISDsw#sh h spannin ng-tree mainCI VLAN00 001 62

Lab Sessioon 14



Span nning tr ree enabl led prot tocol ieee Root t ID Priority y 327 769 Address 001 10.1100.58CE This bri idge is the root Hello Ti ime 2 sec s Max Age 20 sec 15 sec c Brid dge ID

Forward De elay

Priority y Address Hello Ti ime

327 769 (priority 32768 3 sy ys-id-ext t 1) 001 10.1100.58CE 2 sec s Max Age 20 sec Forward De elay

Aging Ti ime

20

15 sec c

Interf face ---------------Et3/1 Et2/1 Et0/1 Et1/1

Role e ---Desg g Desg g Desg g Desg g

Sts --FWD FWD FWD FWD

Co ost --------10 00 10 00 10 00 10 00

Prio.Nb br -------128.4 128.3 128.1 128.2

Type ----------------P2p P2p P2p P2p

For ci isco3560 0 the cal lculatio ons will be Switch h#sh spa anning-tr ree VLAN00 001 Span nning tr ree enabl led prot tocol ieee Root t ID Priority y 327 769 Address 001 10.1100.58CE Cost 100 0 Port 1(F FastEthernet0/1) ) Hello Ti ime 2 sec s Max Age 20 sec 15 sec c Brid dge ID

Forward De elay


327 769 (priority 32768 3 sy ys-id-ext t 1) 00E E0.B02B.5EA0 2 sec s Max Age 20 sec Forward De elay

Aging Ti ime

20

15 sec c

Interf face ---------------Fa0/1 Fa0/3 Fa0/2

Role e ---Root t Altn n Desg g

Sts --FWD BLK FWD

Co ost --------10 00 10 00 19 9

Prio.Nb br -------128.1 128.3 128.2

Modifyying priorities and oth her parameeters p onee can use thee followingg command. To channge default priority mainCIS SDsw(confi ig)#spanni ing-tree vlan 1 priority 36864

63

Type ----------------P2p P2p P2p


Lab Sessioon 14


Now see what happpens to the root r bridge.. mainCI ISDsw#sh h spannin ng-tree VLAN00 001 Span nning tr ree enabl led prot tocol ieee Root t ID Priority y 327 769 Address 00E E0.B02B.5EA0 Cost 100 0 Port 1(E Ethernet0/1) Hello Ti ime 2 sec s Max Age 20 sec 15 sec c Brid dge ID

Forward De elay


368 865 (priority 36864 3 sy ys-id-ext t 1) 001 10.1100.58CE 2 sec s Max Age 20 sec Forward De elay

Aging Ti ime

20

15 sec c

Interf face ---------------Et3/1 Et2/1 Et0/1 Et1/1

Role e ---Altn n Desg g Root t Desg g

Sts --BLK FWD FWD FWD

Co ost --------10 00 10 00 10 00 10 00

br Prio.Nb -------128.4 128.3 128.1 128.2

Type ----------------P2p P2p P2p P2p

Other details on ST TP can be obbserved throough the following set of commannds under sppanning tree. h#sh spa anning-tr ree ? Switch acti ive Report on o activ ve interfaces on nly deta ail Detailed d inform mation inte erface Spanning g Tree interfac i e status s and configurat tion summ mary Summary of port t states VL vlan LAN Switc ch Spann ning Trees

EXER RCISES witching loo ops in a netw work with reedundant sw witched pathhs? 1. Whaat is used too prevent sw ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ 64


Lab Sessioon 14


2. Wheen is STP coonsidered said to be coonverged? ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

65


Lab Session n 15


Lab b Session 15 OBJECT Configu uring Virtuaal LANs

THEO ORY A virtual LAN, coommonly knnown as a VLAN, is a group off hosts withh a commoon set of ments that communicaate as if th hey were attached a to the same broadcast domain, requirem regardleess of their physical loccation. A VLAN V has thhe same atttributes as a physical LAN, L but it allow ws for end stations s to be b groupedd together even e if they y are not loocated on thhe same networkk switch. Neetwork recoonfigurationn can be done through software innstead of phhysically relocatinng devices. To physsically repliicate the funnctions of a VLAN, itt would be necessary n to install a separate, s parallel collection of networkk cables annd switchess/hubs whicch are keptt separate from f the p separate network, n VLANs V must share primaryy network. However unlike a physically bandwiddth; two seeparate one--gigabit VL LANs using a single on ne-gigabit interconnec i ction can both suffer reduced throughpuut and conggestion. It virtualizes v VLAN V behhaviors (connfiguring w enterin ng VLAN, lookup MA AC table to switch/flood s d frames switch pports, tagginng frames when to trunkk links, and untagging u w when exit frrom VLAN.)

Implem mentation n A basicc switch nott configuredd for VLAN Ns will eithher have VL LAN functionality disaabled, or will havve it perm manently enaabled with what is knnown as a default VL LAN whichh simply containss all ports on o the devicee as membeers. Configuuration of thhe first custom VLAN N port groupp usually in nvolves subbtracting poorts from the defaault VLAN N, such that the first cuustom grouup of VLAN N ports is actually a thee second VLAN on the device, apart froom the defaault VLAN. The defaullt VLAN typpically has an ID of 1. AN port group were too only existt on the onee device, alll ports that are members of the If a VLA VLAN group only y need to be b "untaggeed". It is onnly when the port grooup is to exxtend to witch, an another device thatt tagging iss used. For communicaations to occcur from switch to sw t be a taggged memberr of every VLAN V on th he switch thhat uses thaat uplink uplink pport needs to port, inccluding the default VLA AN. Some switches eith her allow or o require a name be created c for the VLAN N, but it is only the mportant froom one swiitch to the next. n VLAN group numbber that is im Where a VLAN grroup is to siimply pass through t an intermediatte switch viia two pass--through ports, only the two o ports needd to be a meember of thhe VLAN, and a are tagg ged to pass both the mediate swittch. requiredd VLAN annd the default VLAN onn the interm Manageement of thee switch reqquires that the t manageement functtions be associated withh one of the conffigured VLA ANs. If the default VL LAN were deleted d or reenumbered without w mooving the 66


Lab Session n 15


b locked out of thee switch manageement to a different VLAN firsst, it is poossible to be configuuration, requ uiring a forcced clearing g of the deviice configurration to reggain control. y have no built-in b metthod to inddicate VLA AN port meembers to someone s Switchees typically workingg in a wirin ng closet. It is necessarry for a techhnician to either e have managemen m nt access to the ddevice to vieew its configguration, orr for VLAN N port assign nment chartts or diagram ms to be witches in eaach wiring closet. c Thesse charts mu ust be manuually updateed by the kept nexxt to the sw technicaal staff wheenever port membership m p changes are a made to the VLANss. Remotee configuraation of VLANs V preesents seveeral opporttunities forr a techniician to accidenntally cut off o communnications and a lock thhemselves out of thee devices they t are attemptiing to conffigure. Actioons such ass subdividinng the defaault VLAN by splittingg off the switch uplink po orts into a separate new VLA AN can su uddenly cu ut off all remote communnication, reequiring the technician to physically visit thee device in the distant location to continnue the connfiguration process. p When innside the woorld of VLA ANs there are a two typees of links. These linkss allow us too connectt multiple sw witches togeether or justt simple nettwork devicces e.g PC, that t will acccess the VLAN nnetwork. Depending onn their conffiguration, thhey are callled Access Links, L or Trrunk Links. Access Links mmon type of links on any VLAN N switch. Alll network hosts Access Links are thhe most com he local nettwork. Thesse links connectt to the switch's Accesss Links in orrder to gainn access to th are yourr ordinary ports p found on every sw witch, but coonfigured in n a special way, w so youu are able to pplug a compputer into thhem and acccess your neetwork. Link Trunk L A Trunkk Link, or 'T Trunk' is a port p configuured to carryy packets fo or any VLA AN. These tyype of ports are usually foound in connnections bettween switcches. These links requirre the abilitty to b VL LANs span over o multiplle switches.. carry paackets from all availablle VLANs because

PROC CEDURE VLAN 1 is the defa fault Switch h #shint tvlan 1 Vlan1 is admi inistrati ively do own, line protoc col is down d Hard dware is s CPU Int terface, , address is 00e e0.b02b.5ea0 (bi ia 00e0.b b02b.5ea a0) MTU 1500 by ytes, BW 100000 Kbit, DLY 10000 000 usec c, r reliabil lity 255/ /255, tx xload 1/255, rxl load 1/255 Configu uring IP on n default VLAN Switch h(config g)#intvla an 1 Switch h(config g-if)#ip address s 172.16.68.2 25 55.255.248.0 67


Lab Session n 15


Creatin ng VLANs Switch h(config g)#intvla an 2 Assigniing ports too vlans Switch h(config g)#intfa 0/2 Switch h(config g-if)#swi itchport t mode access Switch h(config g-if)#swi itchport t access vlan 2 Configu uring trunk k link Consideer the follow wing topology

`

`

Cisco3560

mainCSDsw

`

Fig 15.1:Scenari 1 io for impleementing VL LANs Supposee mainCSD Dsw has two VLANs coonfigured VLAN1 V and VLAN2, whereas w ciscoo3560 has onlyy VLAN1. Now N both sw witched mu ust have at least l one common trunkk link conneecting the two switches, so that the PCs P which are a in VLAN N1 may com mmunicate. Here we haave interface fa 0/1 on each switchh connectedd to the otheer. Hence the configuraation would be Switch h(config g)#intfa 0/1 Switch h(config g-if)#swi itchport t mode trunk Verificaation of con nfiguration ns Switch h#show interface i e switch hport Name: Fa0/1 Switch hport: Enabled E Admini istrativ ve Mode: trunk Operat tional Mode: M tru unk Admini istrativ ve Trunki ing Enca apsulation: dot1 1q Operat tional Trunking T Encapsu ulation: dot1q Negoti iation of o Trunki ing: On Access s Mode VLAN: V 1 (default ( t) Trunki ing Nati ive Mode VLAN: 1 (default) Voice VLAN: none n Admini istrativ ve privat te-vlan host-associatio on: none Admini istrativ ve privat te-vlan mapping: none 68


Lab Session n 15


istrativ ve privat te-vlan trunk native VL LAN: non ne Admini Admini istrativ ve privat te-vlan trunk encapsula ation: dot1q d Admini istrativ ve privat te-vlan trunk normal VL LANs: none Admini istrativ ve privat te-vlan trunk private VLANs: V n none Operat tional private-v p vlan: no one Trunki ing VLAN Ns Enable ed: All Prunin ng VLANs s Enabled d: 2-100 01 Captur re Mode Disabled d Captur re VLANs s Allowed d: ALL Protec cted: fa alse Unknow wn unica ast block ked: dis sabled Unknow wn multi icast blo ocked: disabled d d Applia ance tru ust: none e Name: Fa0/2 Switch hport: Enabled E Admini istrativ ve Mode: static access Operat tional Mode: M sta atic acc cess Admini istrativ ve Trunki ing Enca apsulation: dot1 1q Operat tional Trunking T Encapsu ulation: native Negoti iation of o Trunki ing: Off f Access s Mode VLAN: V 1 (default ( t) Trunki ing Nati ive Mode VLAN: 1 (default) Voice VLAN: none n Admini istrativ ve privat te-vlan host-associatio on: none Admini istrativ ve privat te-vlan mapping: none Admini istrativ ve privat te-vlan trunk native VL LAN: non ne Admini istrativ ve privat te-vlan trunk encapsula ation: dot1q d Admini istrativ ve privat te-vlan trunk normal VL LANs: none Admini istrativ ve privat te-vlan trunk private VLANs: V n none Operat tional private-v p vlan: no one Trunki ing VLAN Ns Enable ed: All A more handy wayy of verifyinng VLAN memberships m s would be mainCI ISDsw#sh hvlan bri ief VLAN Name N ---- -------------------------------1 d default Eth3/1 1, Eth4/ /1 2 V VLAN0002 2 1002 fddi-def f fault 1003 token-ri t ing-defau ult 1004 fddinetf -default 1005 trnet-de t efault

69

Statu us Ports --------- -------------activ ve Eth2/1, activ ve activ ve activ ve activ ve activ ve

Eth1/1


Lab Session n 15


EXER RCISES 1. Whaat does trunnking providde? ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

2. Whaat type of liink is only part of onee VLAN annd is referreed to as the “native VL LAN” of the pport? ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________ ______________ __________________________________________________________________

70