NETMETRIC SOLUTIONS. © NETMETRIC SOLUTIONS WWW.NETMETRIC-SOLUTIONS.COM CISCO CERTIFIED NETWORK PROFESSIONAL CCNA R&SLABMANUAL VER 2.0 Sikandar Gouse Moinuddin CCIE (R&S, SP) # 35012 sikandarbaaadshah(@gmailcom All contents are copyright @2010 ~ 2012 All rights reserved. CCNA R&S Workbook by CCIE (R&S, SP) #35012 All content ights reservedNETMETRIC SOLUTIONS. fs) NETMETRIC SOLUTIONS Sikandar Shaik Senior Technical instructor ‘Sikandar Shaic has aon actualy working ity data netwowking as 2 Network Enginaertor ower 6 yaar, anc has. been working with Cisco routs ard sniching tecmpigy. Sikandar has been teacing anc developing canent fr the CCIE RAS track sinee 2003. You wld Sandan ve Claseocm oF RAS castes here at Nottie Sikarder i responsi for updating, supporting and leaching Nelmatr’s RAS-elatad courses. Over tha past few yaars Sikancarhas assisted more CCIE RAS engineers n passing tne lb han ary ether Instsetr, worderc Core Networking 3k Route ac Rowing, RIPV1, RIPV2, RIPNG, IGRF, EIGRP, OSPF, IS18, BGPW4, QDR, GRE, MPLS, IPAS, Traffe Enginosring,Pelity Based Routh PER, Route Fiterrg, Redierbuton, ‘Summarzaten ‘Securly _ Zone- Based Ficeuall,$SL VPNIPsec VPNIDMVPNIGET VPN, VPN QS, IPS Tuning, ANA, iowa Recaney Swiiching _: Calaiyst CatOS anc 10S baced Switches, VIR, STR, RSTR, Trunking, VLANG, Layo" 8 Switchos, egal Etherenennels wan {Leased lines (PPP / HDLC), Channoized ines (E1 71/2/73), Frame Relay, ATL ISDN Soft Skis ‘Gonmmunicaton Skle:Actaar cpakar in Erich ané comfortable eosaking fon! of audienco, he ean eae facilisi cnesvocm sessions and as address age gamer, Inierersona Sits: With poste attude ne nas proven ably to deal with cfc situations in a careful and constorate manner {Learning Sts: Can easy pick up new skils and general tive on challenges. rola Solving Sidi: His analytical skils helps him vaublesnoat problems & uncover root causes. Personal Details: Eaueaton Bachelors Degree in Comparer Seance CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE ( R&S, SP) #35012 All concen are copyright @2010— 2012 AIL rights reserved. sikundarbaaadshalia gmailcomNETMETRIC SOLUTIONS. IP ADDRESS IP Addressis Logical Address. It isa Network Layer address (Layer 3) Two Versions of IP: IP version 4isa 32 bit address IP version 6 isa 128 bit address IP version 4 + Bitis represent by 0 or 4 (i.e. + IP address in binary form (32 bits): 01010101000001011011111100000001 * 32 bits are divided into 4 Octets: First Octet Second Octet Third Octet Forth Octet 01010101. 00000101. 10111111. 00000001 * IP address in decimal form: 85.5.191.1 IP version 6 Format. 128-bit addressis divided along 16-bit boundaries, and each 16-bit block is converted to a 4- digit hexadecimal number and separated by colons (Colon-Hex Notation) FD 00 : OD BS : 7654: 3210 : 2C4C : BA17 : 7124 : 0032 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ; ; 3 SOLUTIONS Binary to Decimal Conversion Taking Example for First Octet : Total 8 bits, Value will be 0's and 1's ie. 2* = 256 combination bide a al ae ae ° IPV4 Total IP Address Range of IPv4is 0.0.0.0 IP Addresses are divided into 5 Classes Class Ranges No. Networks & Hosts 00.00 = 127.255.256.255 126 Networks & 1677214 Hoss, per Network 128.0.0.0- 16384 Networks & 65604 Hosts 191.255.255.255 per Network 192.0.0.0 - N.N.N.H 2097152 Networks & 254 Hosts (223.255.255.255 per Network 224.000 - Reserved for multicast traffic 239.256.255.255, 240.0.0.0- (255.256.255.255, Reserved for Research and development Network:- collection / group hosts Host: « Single PC/ computer. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNetwork Address First IP address of the range It represents the complete network and cannot be assigned to any device The network address is represented with all bits as ZERO in the host portion of the. address Broadcast Address Thelast IP of the range Used to send the broadcast with the network and cannot beassigned to any devioein the network The broadcast address is represented with all bits as ONESin the host portion of the address Valid addresses: Valid IP Addresses lie between the Network Address and the Broadcast Address. Only Valid IP Addresses are assigned to hosts! dients CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE ( R&S, SP) #35012 All concen are copyright @2010— 2012 AIL rights reserved. sikandarbaaadshahiagmailcom|NETMETRIC SOLUTIONS. Subnet Mask ‘Subnet Mask:-It’'s an address used to identify the network and host portion of the ip address Class A NHHH 2550.00 Class B N.N.H.H 255,255.00 Class C N.N.N.H — 255,255.255.0 ‘Subnet Mask differentiates Network portion and Host Portion Subnet Mask is been given for Network Identification of a Host Id Represented with all 1’sin the network portion and with all O'sin the host portion. Private IP Address There are certain addresses in each class of IP address that are reserved for Private Networks. These addresses are called private addresses. RANGE OF PRIVATE IP: ClassA 10.0.0 to 10.255.255,255 ClassB 172.16.00 to 17231.255.255 ClassC 192,168.00 to 192.168.255.255 Default Gateway Itsan entry and exit point of the network. ‘The ip address of the router ethernet address. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conentsare copyright 20102012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SUBNETTING SOLUTIONS. ‘Subnetting isthe process of Dividing a Sngle Network into Multiple networks. Converting Host bits into Network Bitsi.e. Converting O'sinto 1's ‘Subnetting can be performing in two ways. 1. FLSM (Fixed Length Subnet Mask) 2. VLSM (Variable Length subnet mask) Subnetting can be done based on requirement. + Requirement of Hosts? 2h- 2>= requirement Requirement of Networks? 2" >= requirement POWER TABLE 29 =512 | 217= 131072 | 22 = 33554432 20 = 1024 | 219= 262144 | 27 = 67108864 2s 2048 | 2 = 524288 | 227 = 134217728 2? = 4096 | 2 = 1048576 | 2” = 268435456 213 = 8192 | 221 = 2097152 | 2” = 536870912 2:4 = 16384] 272 = 4194304 | 2% = 1073741824 2*5 = 32768| 273 = s3sg6os | 2° = 2147483648 286 = 65536| 274 = 16777216| 2%? = 4294967296 VALUES IN SUBNET MASK Value ‘Mask 128 10000000 [192 | a1000000 224 11100000 [240 | aaai10000 [248 | 41111000 252 21411100 [284 | daiiiii0 255 14114111 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright @2010 — 2012 All rights reserved. Sihandarbaaads comNETMETRIC SOLUTIONS: FLSM: Example-- 1 Req = 40 hosts using C-dlass address network 192.168.1.0/ 24 Host bits required (h) = 6 Converted network Bits(n) = Total. H. Bits — req. H. Bits -6=2 Converted network Bits (n! Total .N. Bits= default N bits + converted N bits = 24+ 2= / 26 Hosts! Subet = 2-2 = 2-2 = 64-2 = 62 Hosts) Subet Subnets = = 2?= 4 Subnets Customized subnet mask = (/ 26) = 256.255.255.192 Range: = = 64 Network ID -- Broadcast ID 192.168.1.0/ 26 192.168.1.63/ 26 192.168.1.64/ 26 192.168.1.12/1 26 192.168.1.128) 26 192.168.1.191/ 26 192.168.1.192/ 26 192.168.1.255/ 26 : Example~ 2 Req = 500 hosts using B-class address network 172.16.0.0/16 2)-2>= req 2—2>= 500 512—2 >= 500 510 >= 500 Host bits required (h) = 9 Converted network Bits(n) = Total. H. Bits--req. H. Bits =16—9=7 Converted network Bits (n)= 7 Total. N. Bits= default N bits + converted N bits =16+7= /23 Hosts Subet = 2-2 = 2-2 = 512-2 = 510 Hosts! Subet Subnets = 2" = 27= 128 Subnets Customized subnet mask = (/ 23)= 255.255.254.0 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Range: ( Network ID Broadcast ID 172.16.0.0/ 23 172.16.1.255/ 23 172.16.2.0/ 23 172.16.4.0/ 23 172.16.254.0/ 23 == 172.16,255.255/ 23 FLSM: Example~ 3 Req = 2000 hosts using A-class address network 10.0.0.0/8 2-2 >=req 211-2 >= 2000 Host bits required (h)= 11 Converted network Bits(n) = Total. H. Bits--reg. H. Bits 224 —11=13 Converted network Bits(n) = 13 Total .N. Bits = default N bits + converted N bits = 8+ 13=/21 Hosts/ Subet = 2"-2 = 2"—2= 2048-2 = 2046 Hosts! Subet Subnets = 2 = 2! = 8192 Subnets Customized subnet mask = (/ 21) = 255.255.248.0 Range: Network ID -- Broadcast ID 10.0.7.255/ 21 10.0.15.255/ 21 10.0.16.0/ 21 10.0.23.256/ 21 10.0.248.0/ 21 vs 10.0.255.255/ 21 10.1.0.0/ 21 — — 10.1.7.255/ 21 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom10.1.8.0/ 21 10.1.16.0/ 21 10.1.248.0/ 21 10.2.0.0/ 21 10.2.8.0/ 21 10.2.16.0/ 21 10.2.248.0/ 21 10.255.0.0/ 21 10.255.8.0/ 21 10.255.16.0/ 21 10.255.248.0/ 21 NETMETRIC 10.1.18.2551 21 soumons 10.1.23.256/ 21 10.1.255.255/ 21 10.2.7.255/ 21 10.2.15.255/ 21 10.2.23.255/ 21 10.2.255.255/ 21 10.0.7.255/ 21 10.0.15.256/ 21 10.0.23.255/ 21 10.255.255,255) 21 Variable-Length Subnet Mask (VLSM): VLSM is used for proper implementation of IP addresses which dlowsmore than one subnet mask for a given network according to the individual needs Logically dividing one network into smaller networks is called as Subnetting or VLSM One subnet can be subnetted for multiple times for efficient use Requires Classless Routing Protocols. Advantages Efficient Use of IP addresses: Without VLSMs, networks would have to use the same subnet mask throughout the network. But all your networks don't have the same number of hosts. Example of a VLSMs Networks CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 200.200.200.32/27 200.200.200.164/30 25 Hosts 200.200-200.168)30. 200, 200.200.64/27 25 Hosts 200.200.200.96/27 200.200.200.128/27 200.200.200.172/30 What is Supernetting or CIDR? Classless Inter-Domain Routing (CIDR) merges or combines network addresses of same class into one single address to reduce the size of the routing table. Itisdone on core router to reduce the size of routing table. Itisimplemented by ISP (internet service providers) Routing Table 150.50.33,0/24 4150.50.33. 0/24 150.50.34.0/24 150.50.35.0/24 180.50.34.0/24 Routing Table 150.50.35.0/24 150.50.0.0/ 16 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC OSI Reference Model SOLUTIONS OS was developed by the International Organization for Aandardization (ISO) and introduced in 1984. Itisa layered architecture (consists of seven layers). Each layer defines set of functions in data communication. Application User support or | session 1} sottware Layers Core layer of the OSI Network support Layers or Hardware Layers jer_(Layer ‘Application Layer is responsible for providing an interface for the users to interact with application services or Networking Services. Ex: Web browser etc. Identification of Servicesis done using Port Numbers. Port isa logical communication Channel Port number isa 16 bit identifier. § Total No. Ports 065535 § Server Ports 41-1023 § Client Ports 1024 — 65535 Port No. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Presentation Layer (Layer soumions Presentation Layer Isresponsible for defining a standard format to the data. It deals with data presentation The major functions described at this layer are. Encoding — Decoding Ex: ASCII, EBCDIC (Text) .PEG,GIF,TIFF (Graphics) MIDI,WAV (Voice) MPEG,DAT.AVI (Video) Enaryption — Decryption Ex: DES 3.DES AES Compression — Decompression Ex: Predictor, Stacker, MPPC Session Layer (Layer It dealswith sessions or Interactions between the applications. Itis responsible for establishing, maintaining and terminating the sessions. Session ID is used to identify a session or interaction Ex: RPC, SQL, NFS ‘Transport Layer (Layer 4 Itisresponsible for end-to-end transportation of data between the applications. ‘The maior functions described at the Transport Layer are... Identifying Service Multiplexing & De-multiplexing Segmentation Sequencing & Reassembling Error Correction Flow Control Identifying a Service: Services are identified at thislayer with the hap of Port No’s. The major protocols which takes care of Data Transportation at Transport layer are... TCP, UDP TCP UDP. Transmission Control Protocol User Datagram Protocol Connection Oriented Connection Less Reliable communication( with Unrdliable communication (no Ack's) Ack's) Slower data Transportation Faster data Transportation Protocol Nois 6 Protocol No is 17 Eg: HTTP, FTP, SMTP Eg: DNS, DHCP, TFTP CCNA R&S Workbook by Sikandar Gouse Moluuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Network Layer_(Layer 3) § Itisresponsible for end-to end Transportation of data across multiple n § Logical addressing & Path determination (Routing) are desoribed at § Theprotocols works at Network layer are Routed Protocols: § Routed protocols acts as data carriers and defines logical addressing. § IP, IPX, AppleTalk... Ete Routing Protocols: § Routing protocols performs Path determination (Routing). § RIP, IGRP, EIGRP, OSPF.. Etc § Devices works at Network Layer are Router, Multilayer switch etc. Datalink Layer (Layer 2) § Itisresponsible for end-to-end ddivery of data between the devices on aNetwork segment. Data link layer comprises of two sub-layers, 4) MAC (Media Access Control) § It dealswith hardware addresses (MAC addresses). § MAC addresses are 12 digit Hexa-decimal identifiers used to identify the devices uniquely on thenetwork segment. § It also provides ERROR DETECTION using CRC (Cydic Redundancy Check) and FRAMING (Encapsulation). Ex. Ethernet, Toker 2) LLC (Logical Link Control) {It deals with Layer 3 (Network layer) § Devices works at Data link layer are Switch, Bridge, NIC card. It dealswith physical transmission of Binary data on the given media (copper, Fiber, wireless...) It also deals with electrical, Mechanical and functional specifications of the devices, media. etc ‘The mar functions described at this layer are.. Encoding/decoding: It isthe process of converting the binary data into signals based on the typeof the media. Copper media Electrical signals of different voltages Fibermedia Light pulsesof different wavelengths Wireless media Radio frequency waves Mode of transmissions of signals: Signal Communication happensin three different modes Smplex, Half-duplex, Full-duplex Devices worksat physical layer are Hub, Modems, Repeater, and Transmission Media CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. TCP/IP The Transmission Control Protocol/ Internet Protocol (TCP/IP) suit was created by the Department of Defense (DoD). The DoD Model The Process/ Application Layer The Host-to-Host Layer The Internet Layer The Network-access Layer Comparing OSI & TCP/IP Model OSI Layers TCP/IP Layers Application re Application Process/A pplication Layer The Process / Application layer defines protocols for node-to- node application communication and also controls user interface specification Examplesfor this layer are: + Telnet, FTP, TFTP, NFS, SMTP, SNMP, DNS DHCP etc. Telnet Telnet isused for Terminal Emulation. It allows user sitting on aremote machine to access the resources of another machine. FT P (File Transfer Protocol) § It allowsyou to transfer files from one machine to another. § Italso allows acess to both directories and files. § _It uses TCP for data transfer and hence slow but reliable. TFT P (File Transfer Protocol) © Thisisstripped down version of FTP. © Ithasno directory browsing abilities. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ©. It can only send and receive files. SOLIMIONS © Ituses UDP for data transfer and hence faster but not reliable. ‘Simple Network Management Protocol © SNMPenablea central management of Network Using SNMP an administrator can watch the entire network. SNMP works with TCPY IP, IT uses UDP for transportation of thedata DNS (Domain Name Service) § DNSresolves FQDN with IP address. § DNSallows you to use a domain name to specify and IP address. § It maintains a database for IP address and Hostnames. DHCP (Dynamic Host Configuration Protocol) § Dynamically assigns IP address to hosts. H Host layer TCP UDP Transmission Control Protocol User Datagram Protocol Connection Oriented Connection Less Reliable communication( with Unreliable communication (no Ack's) Ack's) Slower data Transportation Faster data Transportation Protocol Nois 6 Protocol No is 17 Eg: HTTP, FTP, SMTP Eg: DNS DHCP, TFTP ‘The Internet Layer Protocols + Internet Protocol (IP) + Internet Control Message Protocol (ICMP) + Address Resolution Protocol (ARP) + Reverse Address Resolution Protocol (RARP) Internet Protocol (IP) © Provides connectionless, best-effort delivery routing of datagram’s. ©. IPisnot concerned with the content of the datagrams. © It looks for away to move the datagram's to their destination. Internet Control M essage Protocol (ICM P) © ICMP messages are carried in IP datagram's and used to send error and control messages. © The following are some common events and messages that ICMP relates to: Destination Unreachable Ping Traceroute CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ‘Address Resolution Protocol (ARP) coer © ARPworksat Internet Layer of DoD Moda © Itisused to resolve MAC address with the help of aknown IPaddress. RARP (Reverse ARP) ©. This also worksat Internet Layer. © It works exactly opposite of ARP. ©. Itresolves an IP address with the help of aknown MAC address. © DHCPisthe example of an RARP implementation. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC INTRODUCTION TO ROUTERS SOLUTIONS What isa Router? Router is a device which makes communication possible between two or more different networks present in same or different geographical locations. It is an internetworking device used to connect two or more different networks It works on layer 3i.¢. network layer. + Itdoestwo basic things- Select the best path from the routing table. Forward the packet on that path Other Vendors apart from Cisco Many companies are manufacturing Router: Nortel Multicom Cydades duniper Dlink Linksys 3Cun Router Classification FIXED ROUTER MODULAR ROUTER Fixed router (Non Upgradeable cannot add and remove the Ethernet or serial interfaces) Doesn't have any sot Example Modular Router Modular router (Upgradeable can add and remove interfaces as per therequirement) Number of slots available depend on the series of the router CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. Example of Fixed Router aur Attachment vatt 1 Power Switch Auxitary Power ‘Aux 0 ‘Supply EXTERNAL PORTS OF ROUTER + WAN interfaces — Serial interface (SO, St etc) —60 pin/ 26 pin(smart serial) —_ ISDN interface(BRI0 etc) — RMS + LAN interfaces - Ethernet — AUI (Attachment Unit Interface) (E0)- 15 pin = 1baseT — RMS + Administration interfaces = Console-RH5—Local Administration — Auxiliary —RM5—Remote Administration 2601 Model Router (Modular Router) Console Auxiliary Power Power Gord Por! Port ‘Switch Connection CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright @2010 ~ 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. Attachment Unit Interface ay ‘UI pin configuration is 15 pin female. It isknown as Ethernet Port or LAN port or Default Gateway. Itis used for connecting LAN to the Router. Transceiver is used for converting 8 wires to 15 wires. i.e. RUS to 15 pin converter. Console Port It isknown as Local Administrative Port It is generally usad for Initial Configuration, Password Recovery and Local Administration of the Router. It is R45 Port IMP: It is the most delicate port on the Router. So make less use of ’ the Console Port. . S45, Lan - toa.tee.t.0/28 Console Connectivity Connect a rollover cable to the router console port (Ru-45 connector), Connect the other end of the rollover cable to the RU-45 to DB-9 converter Attach the female DB-9 converter toa PC Serial Port. Open Emulation Software Serial Port Szrial pin configuration is 60 pin configuration female (i.e. 15 pins and 4 rows) and Smart Serial pin configuration is 26 pin configurations female. Itisknown as WAN Port It is used for connecting to Remote Locations V.35 cable is having 60 pin configuration male at one end and on the other end 18 pin configurations male. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS: Auxiliary Port + Itisknown as Remote Administrative Port, + Used for remote administration + Itsan R45 port + A console or arollover cableisto be used Internal Components + ROM A bootstrap program is located here. It is same as the BIOS of the PC. Bootstrap program current version is 11.0 Flash Internetwork Operating System (|OS) developed by Cisco is stored here. |OSis Command lineinterface. NVRAM Non volatile RAM, which stores your configurations permanent. It is also known as Permanent Storage or Startup Configuration. Generally size of NVRAM is 32 KD. RAM Itisalso known as Temporary Storage or running Configuration. Minimum size of RAM is 2MB. The size of RAM is greater than NVRAM in the Router. Processor Motorola Processor 70 Mhz, RISC based processor (Reduced Instruction Set Computer) Router Start-up Sequence Bootstrap program loaded from ROM Bootstrap runs the POST Bootstrap locates IOSin Flash 1OSis expanded and then loaded into RAM Once IOSis loaded into RAM, it looks for startup-config in NVRAM If found, the configuration is loaded into RAM CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS: Modes of Routers User Mode:- + Only some basic monitoring + (limited show commands, ping , trace) Privileged Mode:- + monitoring and some troubleshooting + all show commands, ping , trace , copy , erase Global Configuration mode: All Configurations that affect the router globally Interface mode: Configurations done on the specific interface Rommon Mode: Reverting Password Setup mode if the NVRAM isblank Console Connectivity Connect a rollover cable to the router console port (R45 connector) Connect the other end of the rollover cable tothe RJ45to DB- converter Attach the female DB-9 converter to a PC Serial Port. Open emulation software on the PC. IN WINDOWS Start@ Programsé A jes’. Communications HyperTerminal 8 HyperTerminal. Give the Connection Name & Select Any Icon ‘Select Serial (Com) Port where Router is connected. In Port Settingsa Click on Restore Defaults IN LINUX + #minicom—s (used instead of HyperTerminal in Windows) CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. man Hi Exe anene eet nicmfathecormon | Esra te shew urbthtyavn ode Burtylegin, [aie — =] Aso FE — ee eres Te] coca Fowcernat [ladrae =] HewweDenie (3) COM Properties CCNA R&S Workbook by Sikandar Gouse Motuuddin All conentsare copyright 20102012 All rights reserved. sikundarbaaadshalia gmailcom CCIE ( R&S, SP) 435012NETMETRIC SOLUTIONS. Preston cond i no avaiable —S—SS SSS BASIC COMMANDS Router > enable Privilege mode: Router # show running-config Router # show startup-config Router # show flash Router # show version Router #show ip interface brief Router # configure terminal (toenter in Globe configuration mod) Global configuration mode: Router(config) # hostname Sikandar Assianing ip address to Ethernet interface: Router(config) # interface Router(config-if) # ip address (Interface Mode) Router (config-if) # no shutdown CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Assigning Telnet password: SOUIHONE Router (config) # line vty 04 (toenter into VTP line moda Router(config-line) #password Router(config-line) #login Router(config-line) #exit Router(config) #exit Assigning console password: Router(config) # line con 0 (toenter into Consfeline mada) Router(config-line) # password Router(config-line) # login Router(config-line) # exit Router(config) # exit Assigning Auxiliary password: Router (config) # line aux 0 (toenter intoAuxiliery linemodg Router(config-line) # password Router(config-line) # login Router(config-line) # exit Router(config) # exit Assigning enable password: Router(config) # enable secret (The password will besaved in encrypted text) Or Router(config) # enable password —_( thewill bepasswerd saved in dex text) To encrypt all passwords (config}#service password-encryption Commands to save the configuration: Router # copy running-config startup-config (OR) Router # write memory (OR) Router # write Routeri#erase startup-config (toerasethe NVRAM ) POWER on the router and observe the booting Process (sample Output shown below) CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS: System Bootstrap, Version 12.1(3r)T2, RELEASE SOFTWARE (fet) Copyright (c) 2000 by cisco Systems, Inc. cisco 2621 (MPC860) processor (revision 0x200) with 60416K/ 5120K bytes of memory Saif decompressing theimage: FHA AHA HHH E A AH AME RAHA AHHH RRA HH AHHH EA ‘EHH [OK] Restricted Rights Legend Use, duplication, or disclosure by the Government is subject to restrictions as set forth in subparagraph (0) of the Commercial Computer Software - Restricted Rights cause at FAR sec. 52.227-19 and subparagraph (6) (1) (i) of the Rights in Technical Data and Computer Software dause at DFARS sec. 252.227-7013, cisco Systems, Inc. 170 West Tasman Drive San bse, California 95134-1706 Cisco Internetwork Operating System Software 10S (tm) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http:/ / www.cisoo.com/ techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang (4180012621 (MPCBEO) processor (revision 0200) with GO4T6KISI20K bytes of memory Processor board ID JADOS190MTZ (4292891495) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. 2 FastEthernet/ IEEE 802.3 interface(s) 32K bytes of non-volatile configuration memory. 63488K bytes of ATA CompactFlash (Read/ Write) ~~ System Configuration Dialog --- Continue with configuration dialog? [yes! no]: % Please answer 'yes' or ‘no’. Continue with configuration dialog? [yes! no]: no CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Press RETURN to get started! souuTions Router> Router>show flash System flash directory File Length Name status 3 5571584 [5827403 bytes used, 58188981 available, 64016384 total] 63488K bytes of processor board System flash (Read/ Write) Router>show version Cisco Internetwork Operating System Software 10S (1m) C2600 Software (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (fc5) Technical Support: http:/ / www .cisco.com/ techsupport Copyright (c) 1986-2005 by cisco Systems, Inc. Compiled Wed 27-Apr-04 19:01 by miwang Image text-base: 0x8000808C, data-base: 0x80A 1FECC ROM: System Bootstrap, Version 124(3r)T2, RELEASE SOFTWARE (fc1) Copyright (c) 2000 by cisco Systems, Inc. ROM: (C2600-I-M), Version 12.2(28), RELEASE SOFTWARE (c5) System returned to ROM by reload 5st Image les Mashi2600A2228BIN* (G8662624 (MPC8E0) processor (revision 0x200) with 6O4T6KI5120K bytes of memory Processor board ID JADOS190MTZ (4292891495) M860 processor: part number 0, mask 49 Bridging software. X.25 software, Version 3.0.0. Configuration register is 0x2102 Router>sh ip interface brief Interface IP-Address OK?Method Status Protocol FastEthernet0/0 unassigned + YESunset administratively down down FastEthernet0/ 1 unassigned + YESunset_ administratively down down’ CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Router>ping 1.1.1.1 ‘Type escape sequencs to abort. Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds: ‘Success rate is 0 percent (0! 3) Router>traceroute 1.1.1.1 Type escape sequence to abort. Tracing therouteto 1.1.1.1 To enter in to privilege mode Router>enable To enter in to privilege mode Router#conf terminal Enter configuration commands, one per line. End with CNTL/ Z. TO change the Hostname of the router Router(config)#hostname HYDERABAD HYDERABAD (config)# TO assign console Password HYDERABAD (config}#line console 0 HYDERABAD (config-line}#password cisco123 HYDERABAD (config-line}#login HYDERABAD (config-line}#end HYDERABAD# %SY'S-5-CONFIG_|: Configured from console by console HYDERABAD# exit HYDERABAD con0 isnow available Press RETURN to get started. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC User Access Verification SOLUTIONS Password: HYDERABAD> CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conten are copyright @.2010 2012 AU rights reserve sikandarbaaadshahva gmailcomNETMETRIC WAN CONNECTIONS. SOLUTIONS WAN connections are divided into three types 1) Dedicated line 2) Circuit switched 3) Packet switched a Dedicated T Leased lines: Fractional T1/E1 TVE1 T3/E3 DSL I I 2B eee schon Pesce AT™ Switched 56 Bits Dedicated lin« Permanent connection for the destination Usad for short or long distance Bandwidth is fixed Availability is 24/7 Charges are fixed whether used or not. Uses analog circuits Always same path is used for destination Exampleis Leased Line Cirouit switched: It is also used for short and medium distances. Bandwidth is fixed Charges depend on usage of line Also called aslineon demand Usually used for backup line Connects at BRI port of router ISDN and PSTN are the examples CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Packet switched: soumions Note:- 7 Used for medium or longer connections J Bandwidth is shared J Many virtual connections on one physical connection Example: - Frame Relay ‘A permanent! dedicated physical connection which is used to connect two different geographical areas. This connection is provided by telecommunication companies like BSNL in India Leased line provides service 24/ 7 throughout the year, not like Dial-up Connection which can be connected when required. Leased Lines are obtained depending on the annual rental basis. Moreover, its rent depends on the distance between the sites. LEASED LINEIS OF THREE TYPES: 1) SHORT LEASED LINE 2) MEDIUM LEASED LINE 3) LONG LEASE LINE (IPLC) ‘Short leased line which is used with in the city and cost is also less for it. Medium leased line is used to connect sites in two different states like Hyderabad and Chennai. Long Leased Line also called as IPLC. It stands for International private lease Girouit uses to connect two different countries. It's the most expensive among all. Leased Line provides excellent quality of service with high speed of data transmission. Asit'saprivate physical connection assures complete security and privacy even with voice. ‘Sheed of the leased line varies from 64 kbps to 2 Mbps or more. Always Leased Line has fixed bandwidth. Once leased lineis setup nat anly wean send deta but transmission of voioeis aso possible In ankition tothis bath vaiceand detecan besent simultanecusly. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Example of Leased Line oie \ oS HYDERABAD KSA OFFICE OFFICE ares EXCHANGE) Modem HYDERABAD MUX Fiber Optic Cable DCE DTE Data Communication Equipment Data Termination Equipment Generate locking (i.e. Speed). Aovept docking (i.e. Speed). Example of DCE device in Leased Example of DTE devicein line setup : V.35 & G.703 Modem & Leased line setup : Router Exchange (Modem & MUX) Example of DTE devicein Dial Example of DCE device in Dial up up setup : Computer setup : Dialup Modem Coming to the hardware requirements 1) Leased Line Modem 2) V.35 connector & cable 3) G.703 connector & cable Leased line Modem also called as CSU/ DSU (Channel Service Unit and Data Service Unit). It acts as a DCE device which generates clock rate. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Wan Representation + A Back to Back Cable is used which emulates the copper wire, modemsand MUX, the complete exchange setup. Without DCE & DTE device communication is not possible. V.35 Back to Back Cable Note: - while practicing labs we use V.35 cable for back to back connection with router where asin real time V.35 cable terminates at the Lease Line Modem. That's the reason we have to use dock rate command in the labs where asit’s not require in the real scenario. CSU/ DSU is used to Igenerate the speed In different countries different codes are used for Leased Line with different speeds. In Europeits is identified as E whereasin UK itsisidentified with letter T In Europe, there are five types of lines distinguished according to their speed: E0 (64Kbps), E1= 32E0 lines (2Mbps), E1= 128 E0 lines (8Mbps), E3= 16E1 lines (34Mbps), E4 = 641 lines (140Mbps) In the United States, the concept is as follows: 1. T1 (1.544 Mbps) 2. T2= 471 lines (6 Mbps), 3. T3=28T1 lines (45 Mbps), 4, T4= 16871 lines(275 Mbps) ADVANTAGES DISADVANTAGES CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS COMPLETE SECURE 0 EXPENSIVE HIGH BANDWIDTH 0 PERMANENT PHYSICAL HIGH SPEED CONNECTION CONNECTION SUPERIOR QUALITY RELIABLE WAN Protocols Leased Lines uses two types of WAN encapsulation protocols: 4) High Data Link Protocol (HDLC) 2) Point to Point Protocol (PPP) HDLC PPP Higher level data link Control Point to Point Protocol protocol Standard Layer 2WAN Cisco Proprietary Layer 2WAN Protocol Protocol Supports Authentication Doesn't support Authentication Support error correction Doesn't support Compression and error correction PPP supports two authentication protocols: PAP (Password Authentication Protocol) CHAP (Challenge Handshake Authentication Protocol) PAP (Password Authentication Protocol) + PAP provides a simplemethod for a remote node to establish its identity using a two-way handshake. PAPis done only upon initial link establishment PAPisnot a strong authentication protocol Passwords are sent across the link in clear text. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Peer in control of attempts CHAP (Challenge Handshake Authentication Protocol) After the PPP link establishment phases complete, the local router sends a unique “challenge” message to the remote node. The remote node responds with a value (MD5) The local router checks the response against its own calaulation of the expected hash value. If the values match, the authentication is acknowledged. Otherwise, the connedtion is terminated immediately. Selecting a PPP Authentication Protocol (con't) t known only to authenticator Configuration of HDLC:- Router(config)# interface serial O/ 0 Router(config-if}# encapsulation hdle (default is HDLC even if u don’t configurethis commend ) Configuration of PPP: Router# configure terminal Router (config)# interface serial O/ 0 Router(config-if}# encapsulation ppp CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE ( R&S, SP) #35012 All contents are copyright @2010 ~ 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. To Enable CHAP Authentication Router(config}# interface serial O/ 0 Router(config-if}# encapsulation ppp Router(config-if}# ppp authentication chap To Enable PAP Authentication Router(config)# interface serial O/ 0 Router(config-if}# encapsulation ppp Router(config-if}# ppp authentication pap Rules to assign the IP address to the router: Router ethernet IP and the LAN network assigned should bein the same network. Both the interfaces of router facing each other should be in the same network. Allthe LAN and WAN should bein different networks ( or should not repeat the same network ). All the interfaces of routers should bein the different network. The below diagram demonstrates the above rules: CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC LAB: Assigning IP address SOLUTIONS 10.0.0.1 Se0/0 ay 2ozkxm Fao/ofer2 192. 168.2. 10% Pc-pr PC-PT 192,168.11 192.168.1.2 PCr Pc-Pr 492.168.2.4 192,168.2.2 192.168.1.0/24 192.168.2.0)24 On ROUTER -1 Router(config}# hostname R-1 R-4(config)# interface fastEthernet 0/0 R-(config-if}# ip address 192.168.1.100 255.255.255.0 R-((config-if}# no shutdown R-4(config-ify# R(config-if}# exit R-4(config# interface serial OF 0 Rel(config-if}# ip address 10.001 255.000 CCNA R&S Workbook by Sikandar Gouse Moiuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Ret(config-if}# no shutdown SOLIMIONS R-1(config-if}# clock rate 64000 NOTE: dock rateisonly required in thelab somario.as weareusing a back to back cable instead of the real exchange where the modans will beinstaled which will generate the docking here dock rate has to be generated manually using dock rate commend R-1#show ip interface brief Interface IP-Address OK?Method Satus Protocol FastEthernet0 1 unassigned + YESunset administratively down down Serial 1 unassigned YESunset administratively down down ON ROUTER -2 R-2enable R-2{config)f interface fastEthernet O/ 0 R-2{config-if}# ip address 192.168.2.100 256.255.2560 R-2{config-if}#no shutdown R-2(config-if)Hexit R-2(configy# interface serial O/ 0 R-2config-if}# ip address 10.0.0.2 255.0.00 R-2(config-if}# no. shutdown R-2loonfig-if}# cock rate 64000 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC R-2#tshow ip interface brief Interface IP-Address OK?Method Status Protocol FetEtnemnet0/0 1921682100 YESmanual up wp FastEthernet0/ 1 unassigned -~—- YESunset administratively down down unassigned = YESunset administratively down down R-t#show ip interface brief Interface IP-Address OK?Method Status Protocol FastEthernet0/0 192.168.1100 YESmanual up up FastEtherneto’ 1 unassigned YESunset_ administratively down down unassigned + YESunset administratively down down Troubleshooting the connectivity: Router # show ip interface Brief 41) Serial isup, line protocol isup Connectivity isfine. 2) Serial isadministratively down, line protocol isdown local port isin shut down state No Shutdown has to be given on the local router interface 3) Serial isdown, line protocol isdown remote device turned off remote port isin shutdown state interface on the remote router has to be configured connectivity 4) Serial isup, line protocol is down CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Encapsulation mismatch dock rate command not given on serial interface ( only applies in lab scenario ) if using PPP , then authentication mismatch CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conten are copyright @.2010 2012 AU rights reserve sikandarbaaadshahva gmailcomNETMETRIC Lab : Basic Configuration Of Three Routers SOLUTIONS PC-PT PCPT ? 3 192.168.1.4 192.168.1.2 core PCr isziee21 192,168.22 Fs aaa 192.168.1.0124 sien 192.168,3.1 192.168.32 192,168.2.0/24 192.168.3.0/24 On ROUTER -1 Router(config}# hostname R-4 R-t(config)# interface fastEthernet O/ 0 R-((config-if}# ip address 192.168.1.100 255.255.255.0 R-(oonfig-if}# no shutdown Re(config-ify# Ret(config-if}# exit R-4(config)# interface serial O/ 0 Rut(config-if}# ip address 10.001 255.00.0 R-((config-if}# no shutdown Rl(config-if}# dock rate 64000 CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC NOTE: SOLUTIONS. ook rateisonly required in thelab scenarioas weareusing a back to back cable instead of the reel exchenge where themadens will beinstalled which will generate the docking here dook rate has to be ganerated manually using dook rate commend Reti#show ip interface brief Interface IP-Address OK?Method Status Protocol FastEthernet0/ 1 unassigned + YESunset administratively down down Seidl 1 unassigned YESunset administratively down down ON ROUTER -2 R-2>enable Enter configuration commands, one per line. End with CNTL/ Z. R.2{config)ft interface fastEthernet OY 0 R-2(config-if}# ip address 192168.2.100 255.255.255.0 R-2{config-if}#no shutdown R-2(config-if)Hexit R-2(config) interface seria O/ 0 R-2config-if)# ip address 10.0.0.2 255.0.00 R-2config-if}# no. shutdown R-2(config-if}# dock rate 64000 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC R-2(config)# interface serial O/ 1 SOLUTIONS R-2lconfig-if}# ip address 11.001 2550.00 R-2(config-if}# no shutdown R-2(config-if)# clock rate 64000 R-2#show ip interface brief Interface IP-Address OK?Method Status up up FastEthernet0/ 1 unassigned YESunset administratively down down On ROUTER- 3 Router>enable Routertconf t Router (configyi#hostname R-3 R-3(config)# R-3(config}#interface fastEtheret O/ 0 R-3(config-if}# ip address 192.168.3.100 255.255.255.0 R-3(config-if}#no shutdown R-3(config-if}#exit R-3(config)#interface serial O/ 0 R-3(config-if}#ip address 1.0.0.2 2550.00 R-3(config-if}#no shutdown CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. R-3(config-if}# cock rate 64000 R-3(config-if}# end R-3#show ip interface brief Interface IP-Address OK?Method Status FastEtheret0!0 192.168.3100 YESmanual up up FastEthernet0/ 1 unassigned YESunset administratively down down Serial/ 4 unassigned YESunset administratively down down R-2#ping 10.0.0. ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.1, timeout is 2 seconds: ‘Success FAtE IS 100 BEFCEHE(S/ 5), round-trip min/ avg/ max = 4/ 12/ 44ms R-2#ping 11.0.0.2 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 11.0.0.2, timeout is 2 seoonds: ‘Success Fates 100 percent (5/ 5), round-trip min/ avg/ max = 4/ 7/ 20 ms NOTE: Oncetheintertaces areup you should beable toping to the directly connected interfaces of the other routes CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC FRAME RELAY SOLUTIONS iFrame Relay isa connection oriented, standard NBMA layer 2 WAN protocol J Connections in Frame Relay are provided by Virtual circuits. a Virtual circuits are multiple logical connections on same physical connection Frame Relay virtual connection types. a) PVC. b) Svc A) PVC (permanent virtual connection):~ Similar to the dedicated |eased line. Permanent connection is used. 7 i i When constant data has to be sent to a particular destination. i Alwaysusethe same path. B) SVC (switched virtual connection) Virtual connection is dynamically built when data has to be send and torn down after use, Itis similar to the circuit switched network like dial on demand. Also called as semi-permanent virtual circuit. For periodicintervals of data with small quantity There are two types of Frame relay encapsulations 41. Cisco (default and Cisco proprietary) 2. IETF (when different vendor routers are used) DLCI (data link connection identifier): RTA Sai. Sea ae Dre Frame Relay i Address of Virtual connections CCNA R&S Workbook by Sikandar Gouse Moiuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC For every VC thereisone DLCI number. SOLIMIONS Locally significant and provided by Frame Relay service provider. Inverse ARP (address resolution protocol) is used to map local DLC! to aremote IP. LMI (Local management interface) LMI allows DTE (router) to send stalus enquiry messages (keep alive)to DCE (frame relay switch) to exchange status information about the virtual circuits devices for checking the connectivity. Frame relay LMI types? 1. CISCO (Default) 2ANS 3, Q933A, Note:- On Cisco router LMI is auto sense able no nead to configure Frame relay virtual connection status types- 1) Active: - Connection is up and operation between two DTE’s exist 2) Inactive: - Connection is functioning between at least between DTE and DCE. 3) Deleted: - The local DTE/ DCE connextion is not functioning. Frame relay network connections. 41)Point to Point 2)Point to Multipoint (NBMA) Congestion indicates traffic problem in the path when more packets are transmitted in one direction. Local Access Loop =T1 Access Loop = 64 kbps Congestion notifications 1) FECN (forward explicit congestion notification) 2) BECN (backward explicit congestion notification) FECN CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC Indicates congestion as frame goes from source to SOLIMIONS destination Used this value inside frame relay frame header in forward direction FCEN =0 indicates no congestion Usad by the destination (and send to source) to indicate that there is congestion Used this value inside frame rday frame header in backward direction BCEN =0 indicates no congestion ADVANTAGES VC's overcome the scalability problem of leasad line by providing the multiple logical Girouits over the same physical connection Cheaper Best quality VC'sare full duplex BASIC FR IMPLEMENTATION s004/8 i FSW o/s 2 50/0, u 070 interface SerialO/ 0 nosh ip address 10.0.0.1 255.0.0.0 encapsulation framerelay interface SerialO/ 0 nosh ip address 10.0.0.2 255.0.0.0 encapsulation framerelay CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC # sh run int s0/0 SOLUTIONS Ship int brief En Conf t frame-relay switching (tomeketheraute toad asFR SWITCH) int sao no shutdown encapsulation frame-relay framerday intf-type doe framerelay Imi-typecisco frame-rday route 100 int so/ 1200 int s0/1 no shutdown encapsulation framerelay framerelay intf-type doe frame-relay Imi-type cisco frame-rday route 200 int s0/ 0 100 Ritsh frame-relay map SerialO/ 0 (up): ip A0.010:2 Alei 100(0x64,0x1840), dynamic, broadcast, CISCO, status defined, active FRSW#sh frame-relay route Input Intf Input Dic Output Intf_ Output Dict Status Serial0 100 Seia/1 200 active Serial 1 200 Seria 0 = 100 active CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Rt#ping 10.0.0.2 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 10.0.0.2, timeout is 2 seconds: Suovess rate is 100 percent (6/ 5), round-trip min/ avg/ max = 4/ 55 104 ms Ey Rtiésh frame-relay Imi LMI Statistics for interface Serial0/ 0 (Frame Relay DTE) EMITYPE= CISCO Invalid Unnumbered info 0 Invalid Prot Disc 0 Invalid dummy Call Ref 0 Invalid Msg Type Invalid Status Message 0 Invalid Lock Shift 0 Invalid Information ID 0 Invalid Report IE Len 0 Invalid Report Request 0 Invalid Keep IE Len 0 Num Saatus Enq. Sent 103, Num Status msgs Rovd 32 Num Update Status Revd 0 Num Siatus Timeouts 70 Last Full Status Req 00:00:02 Last Full Status Revd 00:01:02 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ROUTING SOLUTIONS. Forwarding of packets from one network to another network choosing the best path from the routing table. Routing makes possible for two or more different networks to communicate with each other. Routing table consist of only the best routes for every destinations. Types of Routing 1. SaticRouting 2. Default Routing 3. Dynamic Routing Static Routing + Itis configured by Administrator manually. Mandatory need of Destination Network ID Itis Secure & fast Used for Snail organizations Administrative distance for Static Route is 0 or 1 Disadvantages of static routing: + Used for small network. + Everything to manually + Network change effect complete n/ W Configuring Static Route Router(config}# ip route Or Router(config}# ip route CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC LAB: STATIC ROUTING SOLUTIONS 10.0.0.1 @se0/0 Oe cy osha a Poo/hert 2ozkxm Fan/ofor2 192.168.1.109] 192. 168.2. 10% Fa0/! 2960073 m0) ¢" PC-PI PCP ’ Pept PCpT seteaneeita Eee 492.168.2.4 192,168.2.2 192.168.1.0/24 192.168.2.0)24 STEPS: Pre-requirement for LAB (check previous labs) 1) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What we doin thislab 4) Satic routing 5) Verify Routing table and reachability between the LAN’s ( using PING and TRACE commands ) R-t#tshow ip route Gateway of last resort is not set eae ee is directly connected, FastEthernet0/ 0 R-2itshow ip route Gateway of last resort is not set CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS: cee is directly connected, FastEthernet0/ 0 NOTE: ‘The above routing table displays only the networks which are directly connected By default router don't know about the networks which are not directly connected and that the reason there is no reachability between the two LAN's Soto provide reachability we need to implement any of the routing PC> ipconfig IP Address... Subnet Mask 255.255.2550 Default Gateway. 192.168.1.100 PC>ping 192,168.21 Pinging 192,168.21 with 32 bytes of data: Repl: Reply from 192.168.1.100: Destination host unreachable. Reply from 192.168.1. 100: Destination host unreachable. Ping statistics for 192.168.2.1: Paka Sent =4, Resived =, Los= 4 (1009%6l0s5), From the above output we can see there is no communication between 192.168.1.1 and 192,168.21 and they are on different networks. In order to communicate we need to implement any of the routing (herein this we use staticrouting ) OnR4 R-1(config)# ip route 192.168.20 255.255,255.0 10.0.0.2 R-1(config)f# end R-t#sh ip route Gateway of last resort is not set C_ 10.0.0.0/ 8is directly connected, Serial0/ 0 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. C 192.168.1.0/ 24 a connected, FastEthernet0/ 0 0 255.255.2550 10.0.0.1 R-2(config)# R-2{config)#end R-2#'show ip route Gateway of last resort is not set C 10.0.0.) Bisdirectly connected, Seriald/ 0 C 192.168.2.0/ 24s directly connected, FastEthernetd/ 0 PC>ipoonfig IP Address. Default Gateway... nn! 192.168.1.100 PC>ping 192.168.21 Pinging 192.1682.1 with 32 bytes of data: -32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=21ms TTL=126 Reply from 192.168.2.1: bytes=32 time=21ms TTL=126 Ping statistics for 192.168.2.1: Packets: Sont = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-seconds: Minimum = 20ms, Maximum = 21ms, Average = 20ms PC>ping 192.168.22 Pinging 192.168.2.2with 32 bytes of data: Request timed out. 32 time=2ims TTL=126 Reply from 192.1682 2: bytes=32 time=19ms TTL=126 Reply from 192,168.22: bytes=32 time=12ms TTL=126 CCNA R&S Workbook by Sikandar Gouse Moinuadin CCIE ( R&S, SP) # 38012 All contents are copyright @ 2010 — 2012 AU rights reserved. sikandarbaaadshalva gmilcomNETMETRIC SOLUTIONS: Ping statistics for 192,168.22: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-seconds: Minimum = 12ms, Maximum = 21ms, Average = 17ms PC>tracert 192.168.2.1 Tracing route to 192.168.2.1 over amaximum of 30 hops: 1 44ms 9ms 10ms 1921 2 13ms 13ms 12ms 10. 3 17ms 22ms 20ms Ret#ping 192.168.21 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds: ‘Success rate is 100/pereent (5/ 5), round-trip min/ avg/ max = 9/ 16/31 ms R-2#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte CMP Echos to 192.168.1.1, timeout is 2 seconds: Suess ale is TOPE (5/ 5), ;oUnd-tip min/ avy/ mex = 10/ 15/ 18115. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC LAB :STATIC ROUTING with 3,outers summons 10004 25010 26x 92.168.4 10 fort ‘pee = = 5 , 192,168.1.1 192.168.1.2 Hwee peor | PCT oo sa tea24 192.168.22 woo ses1 19216832 STEPS: Pre-requirement for LAB (check previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What we doin thislab 4) Satic routing 5) Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) R-t#tsh ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, Serial0/ 0 C 192.168.1.0/ 24s directly connected, FastEthernetO/ 0 R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, SerialQ/ 0 C 11.0.0.0/ 8is directly connected, SerialO/ 1 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC C 192.168.2.0/ 24is directly connected, FastEthernetOV 0 SOLIMIONS R-3#sh ip route Gateway of last resort is not set C 11.0.0.0/ 8is directly connected, SerialO/ 0 C 192,168.30) 24s directly connected, FastEthernetO/ 0 On Router- 1 R-((configy#ip route 192.16820 255.255.2550 10.002 Rel(config)#ip route 192.168.3.0 255.255.2550 10.002 R-(config}#ip route 11.0.0 255.00.0 100.02 On Router —2 R-2(config)#ip route 192.168.1.0 255.255.2550 10.0.0.1 R-2{config}#ip route 192,168.30 255.255.255.0 11.002 On Router -3 R-3(config}# ip route 192.168.2.0 255.255.2550 11.001 R-3(config}#ip route 192.168.1.0 255.255.2550 11.0.0.1 R-3(config)# ip route 10.0.0.0 255.000 11.0.0.1 R-t#show ip route Gateway of last resort is not set 10.0.0.0/ 8is directly connected, SerialO/ 0 C 192.168.1.0/ 24s directly connected, FastEthernet0/ 0 R.2#show ip route C 10.0.0.0/ 8is directly connected, SerialO/ 0 C 11.0.0.0/ 8is directly connected, SerialO/ 1 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. ted, FastEthernet/ 0 R.3#show ip route C_ 11.0.0.0/ 8 is directly connected, SerialO/ 0 C 192.168.3.0/ 24s directly connected, FastEthernetO/ 0 PC>ipoonfig IP Address. Subnet Mask. (255.255,255.0 Default Gateway. +=! 192.168.1.100 PC>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: juest timed out. time=19ms TTL=126 Reply from 192.168.21: bytes=32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=14ms TTL=126 Ping statistics for 192.168.2.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 14ms, Maximum = 20ms, Average = 17ms PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: \uest timed out. time=27ms TTL=125 Reply from 192.168.3.1: bytes=32 time=22ms TTL=125 Reply from 192.168.3.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.3.1: Packets; Sent = 4, Received = 3, Lost = 1 (25% loss), CCNA R&S Workbook by Sikandar Gouse Moiuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomDefaul NETMETRIC Approximate round trip timesin milli-seconds: SOLUTIONS Minimum = 22ms, Maximum = 27ms, Average = 24ms PC>tracert 192.168.3.1 Tracing route to 192.168.3.1 over a maximum of 30 hops 15ms 8ms 8ms_ 192168.1.100 212ms 9ms 8ms 10.002 3 17ms 6ms 12ms 11.002 4 24ms 27ms 25ms_ 192.168.3.1 Trace complete. R-t#ping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte CMP Echos to 192.168.3.1, timeout is 2 seconds: ‘Success rate is 100/BErCant (5/ 5), round-trip min/ avg/ max = 9/ 16/ 31 ms R-3#ping 192.168.1.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ‘Success rate is HOO)BErESNt (5) 5), round-trip min/ avg/ max = 10/ 15/ 18ms It Routing: Default routeis used when destination isunknown (internet ) Also can be used at end locations where there is only one exit path for any destination Last preferred route in the routing table Default routes help in reducing the size of your routing table. When there isno entry for the destination network in a routing table, the router will forward the packet to its default route. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Configuring Default Route Router(config)# ip route Or Router(config)# ip route CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC LAB : DEFAULT ROU SOLUTIONS 10004 25010 26x 92.168.4 10 fort ‘pee = = 5 , 192,168.1.1 192.168.1.2 Hwee peor | PCT oo sso tea24 192.168.22 woo ses1 19216832 STEPS: Pre-requirement for LAB (check previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What we doin thislab 4) Default route used on Rt and R3 , static routing on R2 5) Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) R-t#tsh ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, SerialO/ 0 C 192.168.1.0/ 24s directly connected, FastEthernet0/ 0 R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, SerialQ/ 0 C 11.0.0.0/ 8is directly connected, SerialO/ 1 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC C 192.168.2.0/ 24is directly connected, FastEthernetOV 0 SOLIMIONS R-3#sh ip route Gateway of last resort is not set C 11.0.0.0/ 8is directly connected, SerialO/ 0 C 192,168.30) 24s directly connected, FastEthernetO/ 0 On Router 4 R-1(config}#ip route0.0.0.0 0.0.00 10.002 On Router -2 R-2(config)#ip route 192.168.1.0 255.255.255.0 10.0.0.1 R-2(config)#ip route 192,168.30 255.255.255.0 11.0.0.2 On Router —3 R-Xconfig}# ip route 0.0.0.0 0.0.0.0 1.0.0.1 R-t#sh ip route Gateway o at esr SIO OSTEND C 10.0.0.0/ Bis directly connected, SerialO/ 0 C 192.168, ae connected, FastEthernet0/ 0 R-2ish ip route Gateway of last resort isnot set C 10.0.0.0/ 8is directly connected, SerialO/ 0 C 11.0.0.0/ 8is directly connected, SerialO/ 1 192.168.1.0/ 24 [1/ 0] via 10.0.0.1 192.168.2.0/ 24 is directly connected, FastEthernetO/ 0 192.168.3.0/ 24 [1/ 0] via 11.0.0.2 R-3ish ip route Gateway of lat resort is MONO RAWEK OO CCNA R&S Workbook by Sikandar Gouse Moiuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. C 11.0.0.0/ Bis directly connected, SerialO/ 0 C 192.168.3.0/ eee connected, FastEthernet0! 0 PC>ipoonfig IP Address... ‘Subnet Mask. (256.256.255.0 Default Gateway. :192.168.1.100 PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=14ms TTL=126 Ping statistics for 192.168.21: Packets: Sent = 4, Reosived = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 14ms, Maximum = 20ms, Average = 17ms. PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed ou 32 time=27ms TTL=125, Reply from 192.168.3.1: bytes=32 time=22ms TTL=125 Reply from 192.168.3.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.3.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-seconds: Minimum = 22ms, Maximum = 27ms, Average = 24ms PC>tracert 192.168.3.1 Tracing route to 192.168.3.1 over amaximum of 30 hops 1 5ms 8ms 8ms 192168.1.100 CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC 2 12ms 9ms 8ms 1000.2 SOLUTIONS 317ms 6ms 12ms 11.002 4 24ms 27ms 25ms 19216831 Trace complete. R-t#ping 192168.3.1 ‘Type escape sequenca to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds: ‘Suovess rate is 100 (percent (5/ 5), round-trip min/ avg/ max = 9 16/ 31 ms R-3#ping 192.168.1.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is TOO BEET (5/ 5), round-trip min/ avg/ max = 10/ 15/ 18ms CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC DYNAMIC ROUTING SOLUTIONS Advantages of Dynamic over static: Thereis no need to know the destination networks. Nezd to advertise the directly connected networks. Updates the topology changes dynamically. Administrative work is reduced Used for large organizations Neighbor routers exchange routing information and build the routing table automatically. ‘Types of Dynamic Routing Protocols + Distance Vector Protocol + Link State Protocol + Hybrid Protocol DISTANCEVECTOR | LINKSTATEPROTOCOL | HYBRID PROTOCOL PROTOCOL (Advance Distance vector Protocol) Works with Works with Dijkstra Works with DUAL Bellman Ford algorithm algorithm algorithm Incremental updates Incremental Periodic updates Classless routing updates Classful routing protocol Classless routing protocol Missing routes are protocol Full Routing tables exchanged Missing routes are are exchanged Updates are through exchanged Updates are multicast Updates are through broadcast Example: OSPF, ISS through multicast Example: RIP v1, Link state updates Example: EIGRP RIPV2, IGRP Also called as Advance Distance vector Protocol Classful Protocols: Classful routing protocol do not carry the subnet mask information along with updates That's why they do not support subnetworks ( support only default networks with default mask ) § Ex:RIPV1, IGRP CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Classless Protocols: soumions Classful routing protocol carry the subnet mask information along with updates That's why they support and default networks also § Ex: RIPV2, EIGRP, OSPF, ISIS Administrative Distance + Itisthe trustworthiness of the information received by therouter. + The Number is between 0 and 255, + Least valueis more preferred. + Default administrative distances are as follows: Directly Connected = 0 Static Route = 1 IGRP = 100 OSPF = 110 RIP= 120 EIGRP = 90/ 170 ISIS =115 Routing information Protocol v1 Open Standard Protocol Classful routing protocol Updates are broadcasted via 255.255.255.255 Administrative distance is 120 Matric: Hop count Max Hop counts: 15 Max routers: 16 Load Balancing of 4 equal paths Used for small organizations Exchange entire routing table for every 30 seconds Rip Timers + Update timer : 30 sec — Time between consecutive updates + Invalid timer : 180 sec — Timea router waits to hear updates — Therouteismarked unreachable if there isno update during this interval + Flush timer : 240 sec — Time before the invalid routeis removed from the routing table + Hold down timer 180sec — Siabilizes routing information and helps preventing routing loops during periods when the topology is converging on new information. — Oncea route ismarked as unreachable, it must stay in holddown long enough for all routersin the topology to learn about the unreachable network CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Convergence time is the time taken by the router to use alternate route if the best route is down. RIP Version 2 + Classless routing protocol Supports VLEM ‘Supports authentication Trigger updates Uses multicast address 224.0.0.9, Advantages of RIP Easy to configure No design constraints like OSPF protocol No complexity Less overhead Disadvantage of RIP Bandwidth utilization is very high as broadcast for every 30 second Works only on hop count (not consider the Bandwidth) Not scalable as hop count is only 15 Slow convergence Configuring RIPv 1 Router(config}# router rip Router (config-router}# network Configuring RIP v2 Router(config}# router rip Router(config-router}# network Router (config-router}# version 2 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC LAB: Dynamic Routing using RIPv2 SOLUTIONS 10004 25010 26x 92.168.4 10 fort ‘pee = = 5 , 192,168.1.1 192.168.1.2 Hwee peor | PCT oo sso tea24 192.168.22 woo ses1 19216832 STEPS: Pre-requirement for LAB (check previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What we doin thislab 4) Dynamic routing using RIPV2 5) Verify Routing table and reachability between the LAN’s (using PING and TRACE commends) R-t#tsh ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, Serial0/ 0 C 192.168.1.0/ 24s directly connected, FastEthernet0/ 0 R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, SerialO/ 0 C 11.0.0.0/ Bis directly connected, Serial0/ 1 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC C 192.168.2.0/ 24is directly connected, FastEthernetOV 0 SOLIMIONS R-3#sh ip route Gateway of last resort is not set C 11.0.0.0/ 8is directly connected, SerialO/ 0 C 192,168.30) 24s directly connected, FastEthernetO/ 0 On Router- 4 Ret(config)#router rip Rel(config-router)#version 2 Rel(config-router)#network 192.168.1.0 R-(config-router)#network 10.0.0.0 R-(config-router)#end On Router —2 R-2(config)#router rip R-2(config-router)#version 2 R-2(config-router}#network 192.168.2.0 R-2(vunifiy-1 outer network 10.0.0.0 R-2{config-router}#network 1.0.0.0 R-2(config-router)#end On Router —3 R-3(config}#router rip R-3(config-router}#version 2 R-3(config-router}#network 192.168.3.0 R-3(config-router}#network 11.0.0.0 R-3(config-router)#end R-titsh ip route Gateway of last resort isnot set c scape gamansaauass Serial0/ 0 is directly connect CCNA R&S Workbook b CCHE (R&S, SP) #35012 All contents are copyright 2010 2012 AU rights reserved. sikandarbaaadshahva gmailcomNETMETRIC R_ 192.1683.0/ 24 [120/ 2] via 10.0.0.2, 00:00:08, SerialO/ 0 souuTions R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/ 8is directly connected, SerialO/ 0 C 11.0.0.0/ 8 is directly connected, SerialO/ 1 C 192,168.20 24s directly connected, FastEthernetO/ 0 R _192.168.3.0/ 24120) 1] via 11.0.02, 00:00:16, Serial! 1 R-2# R-3i#sh ip route Gateway of last resort is not set C 11.0.0.0/ Bis directly connected, SerialQ/ 0 C 192.168.3.0/ 24s directly connected, FastEthernet0/ 0 R-t#show ip protocols Routing Protoco! is Sending updates every next duein 8 seconds Invalid after 180 seconds, hold down 180, flushed after 240 Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfacesis not set Redistributing: rip Default version control: send version 2, receive 2 Interface Send Rev Triggered RIP Key-chain FastEthernetO/ Automatic network summarization isin effect Maximum path: 4 a for Networks: Passive Interface(s): Routing Information Sources: Gateway Distance _Last Update 10.002 120 00:00:02 Distance: (default is 120) CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. R-ttshow ip route rip R_ 11.0.0.0/ 8 [120/ 4] via 10.0.0.2, 00:00:24, Serial0’ 0 R_ 192.168.2.0/ 24 [120 4] via 10.0.0.2, 00:00:24, Seriald/ 0 R_ 192.168.3.0/ 24 [120/ 2] via 10.0.0.2, 00:00:24, Serial’ 0 PC>ipoonfig IP Address... Subnet Mask. Default Gateway. PC>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Request timed ou! time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TTL=126 Reply from 192,168.21: bytes=32 time=14ms TTL=126 Ping statistics for 192.168.2.1. Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-saconds: Minimum = 14ms, Maximum = 20ms, Average = 17ms PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed out -32 time=27ms TTL=125 Reply from 192.168.3.1: bytes=32 time=22ms TTL=125 Reply from 192.168.3.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.3.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-seconds: Minimum = 22ms, Maximum = 27ms, Average = 24ms PC>tracert 192.168.3.1 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Tracing route to 192.168.3.1 over amaximum of 30 hops: 15ms 8ms 8ms 192168.1.100 2 12ms 9ms sms 10002 3 17ms 6ms 12ms 11.002 4 24ms 27ms 2ms 19216831 Trace complete. Retéping 192.168.3.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds: ‘Success rate is 100/percent (5/ 5), round-trip min/ avg/ max = 9/ 16/ 31 ms R-3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ‘Success rate is 100/BEFeant (5/ 5), round-trip min/ avg/ max = 10/ 15/ 18 ms Autonomous System Number + An autonomous system isa collection of networks under a common administrative domain ‘A unique number identifying the Routing domain of therouters. Ranges from 1- 65535 Public —1- 64512 Private — 64513 — 65535 Private AS: used within the same service providers. PublicAS: —_used in between multiple service providers Routing Protocol Classification CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomTGP NETMETRIC SOLUTIONS. EGP Interior Gateway Protocol Routing protocolsusad within the same autonomous system number All routerswill be routing within the same Autonomous boundary Ex: RIP, IGRP, EIGRP, OSPF, ISIS Exterior Gateway Protocol Routing protocol used between different autonomous systems Routersin different AS need an EGP Ex : Border Gateway Protocol — IGPs operate within an autonomous system —_ EGPs connect different autonomous systems GPs: RIP, OSPF, IGRP, EIGRP XYZ =AS 100 EGPs: BGP GPs: RIP, OSPF, TORP, EI GRP ABC AS 200 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. Enhanced Interior Gateway Routing Protocol Cisco proprietary protocol Classless routing protocol Indudes all features of IGRP Metric (32 bit) : Composite Metric (BW + Delay + load + MTU + reliability ) Administrative distance is 90 Updates are through Multicast (224.0.0.10 ) Max Hop count is 255 (100 by default) Supports IP, IPX and Apple Talk protocols Hello packets are sent every 5 seconds ( dead interval 15 sec) Convergence rate is fast First released in 1994 with 1S version 9.21. Support VLSM and CIDR It uses DUAL (diffusion update algorithm) Summarization can be done on every router Supports equal and_unequal cost load balancing EIGRP maintains three tables Neighbor table + Contains |ist of directly connected routers + # show ip dgp neighbor Topology table *+ List of all the best routes learned from each neighbor + # Show ip eigrp topology Routing table + Thebest route to the destination + #show iproute CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ==) SOLUTIONS. @ Sia] lamoster, wh is onthe nk? ifs |, ener Amnon Sel orcs Table Hello, Lam router B. qin Heres my complete routing information. [== —eGwreewwrew up aor DRaC] Thanks forthe intr a) @ Lec] Thanks forthe information! © {api Hn ey compat outs information, ‘Thanks forthe information! Routing Pia x _O Fy ul Converged me Disadvantages of EIGRP + Worksonly on Cisco Routers Configuring EIGRP Router(config}# router eigrp Router(config-router)# network NOTE: ASno shauld be samean all routers to becomendighbors and exchange the routes. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright @2010 ~ 2012 All rights reserved. ‘Sikandarbaaads icomNETMETRIC SOLUTIONS. LAB: Dynamic Routing using EIGRP amen 100.02 11001 Sess ee Faaydpxet 152.168.2109 Por fi 4 2 Pc rr pc-rr 3 192,168,1.1 192.168.1.2 7 Pcer vs.sea-L0n4 eoies21 19216822 isrien 4 19216892 scien 192.168.3.0/28 STEPS: Pre-requirement for LAB (heck previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What we doin thislab 4) Dynamic routing using EIGRP 5) Verify Routing table and reachability between the LAN’s (using PING and TRACE commands ) R-tish ip route Gateway of last resort isnot set C 10.0.0.0/ Bis directly connected, SerialO/ 0 C 192.168.1.0/ 24is directly connected, FastEthernetO/ 0 R-2#sh ip route Gateway of last resort is not set C 10.0.0.0/ 8is directly connected, SerialO/ 0 C 11.0.0.0/ 8is directly connected, SerialO/ 1 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC C 192.168.2.0/ 24is directly connected, FastEthernetOV 0 SOLIMIONS R-3#sh ip route Gateway of last resort is not set C 11.00.01 Bis directly connected, SerialO/ 0 C 192,168.3.0/ 24 is directly connected, FastEthernet0/ 0 On Router- 4 R-((config}# router eigrp 100 Rel(config-router)# network 192.168.1.0 Ret(config-router)# network 10.0.0.0 On Router —2 R-2Aconfig)#router eigrp 100 R-2(config-router)# network 192.168.20 R-2(config-router}# network 11.0.0.0 R-2(config-router)# network 10.0.0.0 On Router -3 R-3(config# router eigrp 100 R-3(config-router}# network 192.168.3.0 R-3(config-router}# network 11.0.0.0 R ae ‘outer R.2#show ip elgrp neighbors IP-EIGRP neighbors for process 100 H Address Interface Hold Uptime SRTT RTO Q Seq (sec) (ms)—Cnt Num 0 1000.1 sevO 10 00:03:44 40 10000 8 111.002 Se1 12 00:01:10 40 10000 7 CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. R-t#show ip route Gateway of last resort is not set c annanaaaneE connected, SerialO/ 0 R-t#show ip route eigrp D_ 11,0.0.0/ 8 [90/ 2681856] via 10.0.0.2, 00:06:05, SerialO/ 0 D 192.168.20/ 24 [90/ 2172416] via 10.0.0.2, 00:06:08, Serial! 0 D 192.168.3.0/ 24 [90/ 2684416] via 10.0.0.2, 00:03:09, SerialO/ 0 R-2itshow ip route eigrp D_ 192.168.1.0/ 24 [90 2172416] via 10.0.0.1, 00:07:26, Seriald! 0 D 192,168.3.0/ 24 [90/ 2172416] via 11.0.0.2, 00:04:52, Serial 1 R-3#sh ip route eigrp D 10.0.0.0/ 8 [90/ 2681856] via 11.0.0.1, 00:04:32, Serial’ 0 D 192.168.1.0/ 24 [90/ 2684416] via 11.0.0.1, 00:04:32, SerialO! 0 D 192.168.20/ 24 [90/ 2172416] via 11.0.0.1, 00:04:32, Seriald/ 0 R-1#sh ip protocols Routing Protocol is Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfacesis not set Default networks flagged in outgoing updates Default networks accepted from incoming updates EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0 EIGRP maximum Hopeount 4100 EIGRP maximum metric variance 1 Redistributing: eigrp 100 Automatic network summarization is in effect Automatic address summarization: Maximum path: 4 Routing for Networks: CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE (R&S, SP) #35012 All contents are copyright @ 2010 — 2012 AU rights reserved. sikandarbuaadshabiagmailcomNETMETRIC Routing Information Sources: Gateway Distance _ Last Update 100.02 90 18606786 Distance: internal 90 external 170 R-tifsh ip eigrp topology IP-EIGRP Topology Table for A'SH00 Codes: P - Passive, A - Active, U - Update, Q - Query, R- Reply, r- Reply status P 192.168.1.0/ 24, 1 successors, FD is 28160 via Connected, FastEthernet0/ 0 P 10.0.0.0/ 8, 1 successors, FD is 2169856 via Connected, SerialO/ 0 P 192.168.20/ 24, 1 successors, FD is 2172416 via 10.0.0.2 (2172416/ 28160), SerialO/ 0 P 11.0.0.0/ 8, 1 successors, FD 1s 2681856 via 10.0.0.2 (2681856/ 2169856), SerialO/ 0 P 192.168.3.0/ 24, 1 successors, FD is 2684416 via 10.0.0.2 (2684416/ 2172416), SerialO/ 0 PC>ipoonfig IP Address... ? ‘Subnet Mask. (256.255.255.0 Default Gateway..........s0e! 192.168.1.100 PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Request timed out -32 time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=14ms TTL=126 Ping statistics for 192.168.2.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Approximate round trip timesin milli-seconds: SOLUTIONS Minimum = 14ms, Maximum = 20ms, Average = 17ms Za PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed ou 32 time=27ms TTL=125 Reply from 192.168.3.1: bytes=32 time=22ms TTL=125 Reply from 192.168.3.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.3.1. Packets: Sent = 4, Recsived = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-seconds: inimum = 22ms, Maximum = 27ms, Average = 24ms PC>tracert 192.168.3.4 Tracing route to 192.168.3.1 over amaximum of 30 hops 1 5ms 8ms 6s 192.168.1100 2 12ms 9ms 8&ms 10.002 3 17ms 6ms 12ms 11.002 4 24ms 27ms 2ms 1921683.1 Trace complete. Ret#ping 192.168.3.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds: Success rate is T00)BEreEnt (5/ 5), round-trip min/ avg/ max = 9 16/ 31 ms R-3#ping 192.168.1.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ‘Success rate is HOOBEFERNE (5) 5), round-trip min/ avg/ max = 10/ 15) 18ms CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 80. OSPF OSPF stand for Open Shortest path first Standard protocol It'sa link state protocol It uses SPF (shortest path first) or dijkistra algorithm Unlimited hop count Metricis cost (cost=10 “8/B.W.) Administrative distance is 110 It isa dassless routing protocol It supports VLSW and CIDR It supports only equal cost load balancing Introduces the concept of Area's to ease management and control traffic Provides hierarchical network design with multiple different areas Must have one area called as area 0 All the areas must connect to area 0 ‘Scales better than Distance Vector Routing protocols. Supports Authentication Updates are sent through multicast address 224.0.0.5, Faster convergence. Sends Hello packet every 10 seconds Irigger/ Incremental updates Router’s send only changesin updates and not the entire routing tablesin periodic updates Router ID Lo The highest IP address of the active 92,168.1.118 physical interface of the router is Router so 8 1D. 172.16 0.1116 W219. 52.218 If logical interfaceis configured, the highest IP address of the logical interface is Router ID re 10.0.0.118 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. OSPF SEVEN STAGE PRO. 1) Establishing Bidirectional Communication 72.16.5212 et 172.16.5:126 eo 1am routerID 172165. and 1360 noone. 45 44005 Unicast to a «12 outer 10 172.1652, and Isee 172.18... Router Neighbors List 172.16.52724, int E0| 2) Discovering the Network Routes Eo eo | Luli star exchange because Ihave rouar 1 172.165. ‘No, | will start exchange because | have a higher router ID. C1, [oa aaa se = Here is @ summary of my LSDB, = BD i Hore i a summary of my L808. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. ihandarbaaadshalia-gmailcomNETMETRIC 3) Adding the Link-State Entries SOLUTIONS Eo 721653 ‘Thanks forthe Information! A ms fore inforrton _, | Sex {need the complete entry for network 172.18.6.026 Horo isthe entry for network 172.16.6.0/24 “Thanks forthe information! OSPF maintains three tables: Neighbor Table Also known as the adjacency database Contains list of directly connected routers (neighbors) # Show ip ospf neighbor Database Table Typically referred to as LSDB ( link state database) Containsinformation about all the possible routes to the networkswith in the area # show ip ospf database Routing Table Contains list of best paths to each destination # show ip route Link-State D ata Structure: Network Hierarchy Link-state routing can have hierarchical network This two-level hierarchy consists of the following —Transit area (backbone or area 0) — Regular areas (non-backbone areas) Issue of Maintaining of large OSPF network CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE ( R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. OSPF Multi Area OSPF Networking Hierarchy: OSPF isa hierarchical routing protocol. It enables better administration and smaller routing tables due to segmentation of entire network into smaller areas. OSPF consists of a backbone (Area 0) network that links all other smaller areas within the hierarchy. The following are the important components of an OSPF network: Areas: An area consists of routers that have been administratively grouped together Usually, an area as a collection of contiguous IP subnetted networks. Routers that are totally CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE ( R&S, SP ) #35012 All contents are copyright @2010 — 2012 All rights reserved. sikandarbaaadshaliagmailcomNETMETRIC within an area are called internal routers. All interfaces on internal SOGIHONE routers are directly connected to networks within the area. Within an area, all routers have identical topological databases. Area Border Routers: Routers that belong to more than one area are called area border routers (ABRs). ABRs maintain a separate topological database for each area to which they are connected. Backbone Area: An OSPF backbone area consists of all routersin area 0, and all area border routers (ABRs). The backbone distributes routing information between different areas. Autonomous System Boundary Routers (ASBRs): Routers that exchange routing information with routers in other Autonomous Systems are called ASBRs. They advertise externally learned routes throughout the AS. Internal Routers are routers whose interfaces all belong to the same area. These routers havea single Link State Database. Advantages of OSPF Open standard No hop count limitations Loop free Faster convergence Disadvantages Consume more CPU resources Support only equal cost balancing Support only IP protocol don't work on IPX and APPLE Tak Configuring OSPF Router(config)# router ospf Router(config-router)# network area CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. PCr rere r9z.ee.2.1 192.68.2.2 ae ssp 168.2004 STEPS: Pre-requirement for LAB (check previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What wedoin thislab 4) Dynamicrouting using OSPF single area 5) Verify Routing table and reachability between the LANs ( using PING and TRACE commands ) R-tish ip route Gateway of last resort is not set C 10.0.0.0/ Bis directly connected, SerialO/ 0 C 192.168.1.0/ 24s directly connected, FastEthernetO/ 0 R-2itsh ip route Gateway of last resort is not set C 10.0.0.0/ 8 is directly connected, SerialO/ 0 C 11.0.0.0/ 8is directly connected, SerialO/ 1 C 192.168.2.0/ 241s directly connected, FastEthernetO/ 0 R-3ish ip route CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC Gateway of last resort is not set SOLIMIONS C 11.0.0.0/ 8is directly connected, Serial0/ 0 C 192.168.3.0/ 24is directly connected, FastEthernet0/ 0 On Router-1 R-4(config)#router ospf 1 R-(config-router)i#network 192.168.1.0 0.255,255.255 area 0 R-4(config-router}#network 10.0.0.0 0.255.255.255 area 0 On Router —2 R-2(config}#router ospf 1 R-2(config-router}#network 192.168.2.0 0.0.0.255 area 0 R-2(config-router}#network 11.0.0.0 0.255.255.255 area 0 R-2(config-router}#network 10.0.00 0.256.255.255 area 0 ee On Router -3 R-3(config}#router ospf 1 R-3(config-routery#network 192.1683.0 0.0.0.255 aread R-3(config-router}#network 11.0.0.0 0.255.255.255 area 0 eee R-2#show ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface 192.168.1100 0 FULL! - 00:00:35 10.001 Serial 0 192.168.3100 © FULL/ - 00:00:37 11.0.02 Serial0/ 1 R-t#show ip route Gateway of last resort is not set CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. C 192.168.1.0/ ai connected, FastEthernet0! 0 R-t#tsh ip route ospf O 11.0.0.0[110/ 128] via 10.0.0.2, 00:04:25, SerialO/ 0 O 192.168.2.0[110/ 65] via 10.0.0.2, 00:04:25, SerialO/ 0 © 192168.3.0[110/ 129] via 10.0.0.2, 00:03:23, Serial’ 0 R.2#show ip route ospf © 192.168.1.0[110/ 65] via 10.0.0.1, 00:05:09, SerialO/ 0 © 192.168.3.0[110/ 65] via 11.0.0.2, 00:04:14, SerialO/ 1 R-3#show ip route ospf O 10.0.0.0[110/ 128] via 11.0.0.1, 00:04:49, SerialO/ 0 © 192.168.1.0[110/ 129] via 1.0.0.4, 00:04:49, Serial 0 O 192.168.2.0[110/ 65] via 11.0.0.1, 00:04:49, SerialO/ 0 R-ti#show ip protocols Routing Protocol is "O8pfi1" Outgoing update filter list for all interfaces is not set Incoming update filter list for all interfaces is not set Router ID 192.168.1.100 Number of areasin this router is 1. 1 normal 0 stub Onssa Maximum path: 4 Routing for Networks: Routing Information Sources: Gateway Distance Last Update 10.0.0.2 110 00:05:48 Distance: (default is 110) R-t#show ip ospf database OSPF Router with ID (192.168.1.100) (Process ID 1) Router Link States (Area 0) CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC LinkID ADV Router Age — Seq Checksum Link count SeUmIOns 192.168.1.100 192.168.1.100 468 0x80000003 Ox00d 1f4 3. 192.168.2100 192.168.2100 411 0x80000005 0x0054e6 5 192.168.3.100 192.168.3100 411 0x80000003 0x0010ad 3 PC>ipoonfig IP Address... s Subnet Mask. (255.255.255.0 Default Gateway........-ss00! 192.168.1.100 PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. 32 time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=14ms TTL=126 Ping statistics for 192.168.2.1: Packets, Saul = 4, Reveived - 3, Lost — 1 (25% luss), Approximate round trip times in milli-seconds: Minimum = 14ms, Maximum = 20ms, Average = 17ms PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: uest timed ou 32 time=27ms TTL=125 Reply from 192.168.3.1: bytes=32 time=22ms TTL=125 Reply from 192.168.3.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.3.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 22ms, Maximum = 27ms, Average = 24ms. PC>tracert 192.168.3.1 Tracing route to 192.168:3.1 over amaximum of 30 hops: CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC 1 5ms 8ms 8ms_ 192168.1.100 SOLUTIONS 2 12ms 9ms 8ms_ 10.0.0.2 3 17ms 6ms 12ms 11.002 4 24ms 27ms 25ms 192.1683.1 89. Trace complete. R-t#ping 192.168.3.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds: ‘Success rate is 400/percent (5/ 5), round-trip min/ avg/ max = 9/ 16/31 ms R-3#tping 192.168.1.1 ‘Type escape sequences to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: Success rate is 100/pereant (5/ 5), round-trip min/ avg/ max = 10/ 15/ 18 ms CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. LAB: Dynamic Routing using OSPF multiple Area ca ee pee tor Feo =: Ph Soar 92. 15¢ 1$2.160.1.2 mt. t92t68.3.2 PC cae 19216821 192.168.2.2 0.3.2 STEPS: Pre-requirement for LAB (check previous labs) 1) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state What we doin thislab 4) Dynamic routing using OSPF multiple area 5) Verify Routing table and reachability between the LAN’s ( using PING and TRACE commands ) R-t#sh ip route Gateway of last resort is not set C 10.0.0.0/ 8is directly connected, SerialO/ 0 C 192.168.1.0/ 241s directly connected, FastEthernetO/ 0 R-2itsh ip route Gateway of last resort isnot set C 10.0.00/ 8isdirectly connected, Serial0 0 C_ 11.0.0.0/ 8isdirectly connected, SerialO/ 1 CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomC 192.168.2.0/ 24s directly connected, FastEthernet0/ 0 R-3#sh ip route Gateway of last resort is not set C 11.00.01 Bis directly connected, SerialO/ 0 C 192,168.3.0/ 24 is directly connected, FastEthernet0/ 0 On Router- 1 R-(config)#router ospf 4 R-1(config-router}#network 192.168.1.0 0.255.255.255 area 10 R-1(config-router)#network 10.0.0.0 0.255.255.255 area 10 On Router -2 R-2(config)#router ospf 1 R-2(config-router}#network 192.1682.0 0.0.0.255 area 0 R-(config-router}#network 11.0.0.0 0.255.255.255 area 20 R-2(config-router}#network 10.0.0 0.255.255.255 area 10 NETMETRIC SOLUTIONS. Pe aaa eae enna aaa On Router -3 R-3(config)#router ospf 4 R-3(config-router)#network 192.1683.0 0.0.0.255 area 20 R-3(config-router)#network 11.0.0.0 0.255.255.255 area 20 eee R-2itshow ip ospf neighbor Neighbor ID Pri State Dead Time Address __ Interface 192.168.3.100 0 FULL/ - 00:00:39 11.002 Serial 1 192.168.1.100 0 FULL/ - 00:0039 100.01 Saiala/0 R-t#tshow ip route CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Gateway of last resort is not set C_10.0.0.0/ 8is directly connected, SerialO/ 0 C 192.168.1.0/ ae connected, FastEthernet0 0 R-ti#show ip route ospf OIA 11.0.0.0 [110/ 128] via 10.0.0.2, 00:06:24, Seriald/ 0 OIA 192.168.2.0 [110/ 65] via 10.0.0.2, 00:06:24, SerialQ/ 0 OIA 192.168.3.0[110/ 129] via 10.0.0.2, 00:05:53, SerialO/ 0 R-2#show ip route ospf © 192.168.1.0[110/ 65] via 10.0.0.1, 00:08:31, SerialO/ 0 © 192.168.3.0[110/ 65] via 11.0.0.2, 00:08:04, SerialO/ 4 R-3#show ip route ospf OIA 10.0.0.0 [110 128] via 11.0.0.1, 00:08:21, SerialO/ 0 OIA 192.168.1.0 [110/ 129] via 11.0.0.1, 00:08:21, Serial0/ 0 OIA 192.168 20 [110/ 65] via 1.0.0.1, 00:08:21, SerialO/ 0 R-t#tsh ip ospf database OSPF Router with ID (192.168.1.100) (Process ID 1) Router Link States (Aréa"10) LinkID ADV Router Age —Seq# Checksum Link count 192.168.1100 192.168.1100 902 0x80000003 0x003b8b 3 192.168.2100 192.168.2100 902 0x80000002 0x00e758 2 Summary Net Link States (AFES/10) LinkID ADV Router Age Seg Checksum 192.168.2.0 192.168.2100 905 _0x80000001 0x0057cb 11.0.00 — 192.168.2100 905 —_0x80000002 0x000634 192.168.3.0 192.168.2100 870 080000003 0x00ca’5 R-2itshow ip ospf database CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. OSPF Router with ID (192.168.2.100) (Process ID 1) Router Link States (AFéa(0) Link ID ADV Router Age Seq# — Checksum Link count 192.168.2100 192.168.2100 708 0x80000002 0x0070d6 1 ‘Summary Net Link States (Area 0) LinkID ADV Router Age — Seg# — Checksum 11.0.00 192.168.2100 698 —_0x80000001 0x00083¢ 100.00 — 192.168.2100 689 080000002 0x001331 192.168.1.0 192.168.2100 689 —_0x80000003 0x00e001 192.168.3.0 192.168.2100 663 080000004 0x00c816 Router Link States (AFE4/10) Link ID ADV Router Age Seq# — Checksum Link count 192.168.2100 192.168.2100 694 080000002 0x006e758 2 192.168.1.100 192.168.1100 694 —_0x80000003 0x003b8 3 ‘Summary Net Link States (Area 10) LinkID ADV Router Age —Seq# Checksum 192.168.20 192.168.2100 6Y/ ‘Ux8UUUUUU1 UxUUd/cD 11.0.00 192.168.2100 697 _.0x80000002 0x00063d 192.168.30 192.168.2100 662 080000003 0x00ca1S Router ink SND) LinkID ADV Route’ Age = Seq# — Checksum Link count 192.168.2100 192.168.2.100 668 0x80000002 0x000a33 2 192.168.3.100 192.168.3.100 668 — 0x80000003 0x0010ad 3 Summary Net Link Stats (A320) LinkID ADV Router Age Seq ~— Checksum 192.168.20 192.168.2100 703 _ 0x80000001 0x0057cp 10.0.0.0 192.168.2100 689 0x80000002 0x001331 192.168.1.0 192.168.2100 689 0x80000003 0x00e001 PC>ipoonfig IP Address... Subnet Mask. + 255.255.255.0 Default Gateway,.....cne! 192.168.1100 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC PC>ping 192.168.21 SOLUTIONS Pinging 192.168.2.1 with 32 bytes of data: Request timed out. 32 time=19ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=14ms TTL=126 Ping statistics for 192,168.21: Packets: Sont = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip timesin milli-seconds: Minimum = 14ms, Maximum = 20ms, Average = 17ms PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: Request timed ou time=27ms TTL=125, Reply from 192.168.3.1: bytes=32 time=22ms TTL=125 Reply from 192.168.3.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.3.1: Packets: Sent = 4, Received = 3, Lost = 1 (25% loss), Approximate round trip times in milli-seconds: Minimum = 22ms, Maximum = 27ms, Average = 24ms- PC>tracert 192.168.3.1 Tracing route to 192.168:3.1 over amaximum of 30 hops: 15ms 8ms 8ms 192168.1.100 212ms 9ms 8ms 10.002 317ms 6ms 12ms 11.002 4 24ms 27ms 2ms 19216831 ‘Trace complete. Ret#ping 192.168.3.1 ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192. 168.3.1, timeout is 2 seconds: ‘Success rate is 100/pereent (5/ 5), round-trip min/ avg/ max = 9/ 16/ 31 ms R-3#ping 192.168.1.1 CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE (R&S, SP) #35012 All contents are copyright @ 2010 — 2012 AU rights reserved. sikandarbuaadshabiagmailcomNETMETRIC SOLUTIONS. ‘Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds: ‘Success rate is 100/BEFGEAt (5/ 5), round-trip min/ avg/ max = 10/ 15/ 18ms CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conten are copyright @.2010 2012 AU rights reserve sikandarbaaadshahva gmailcomNETMETRIC ACCESS CONTROL SOLUTIONS ACL isa set of rules which will allow or deny the specific traffic moving through the router Itisa Layer 3 security which controls the flow of traffic from one router to another. It is also called as Packet Filtering Firewall ‘STANDARD ACCESS LIST EXTENDED ACCESS LIST The aovess-list number rangeis 1— 9 Can block a Network, Host and Subnet All services are blocked. Implemented closest to the destination Filtering is done based on only source IP address The access list number rangeis 100-199 Can block a Network, Host, Subnet and Service Selected services can be blocked. Implemented closest to the source. Filtering isdone based on source IP , destination IP , protocol, port no Rules of Access List + Worksin Sequential order + All deny statements have to be given First ( preferable most cases ) + There should beat least one Permit statement ( mandatary ) + An implicit deny blocks al traffic by default when there is no match (an invisible statement). Can have one acvess-list per interface per direction. (j.e.) Two access-lists per interface, one in inbound direction and onein outbound direction: Editing of access-lists is not possible (i.e) selectively adding or removing access-list statements is not possible. Wild Card Mask Tells the router which portion of the bits to match or ignore. It's the inverse of the subnet mask, hence is also called as Inverse mask A bit value of 0 indicates MUST MATCH (Check Bits) A bit value of 1 indicates GN ORE (Ignore Bits) Wild Card Mask for a Host will be always 0.0.0.0 A wild card mask can be calculated using formula Global Subnet M ask Customized Subnet M ask Wild Card Mask CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 00 031 Creation of Standard Access List Router(config)# access-list wem> Implementation of Standard Access List Router(config)# interface Router(config-if}# ip aocess-group ToVerify : Router# show access-list Router# show access-list Creation of Extended Access List Router(config)# acoesslist < destination wildcard mask> Implementation of Extended Access List CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Router(config)#interface coer Router(config-if#ip aocess-group Operators : eq (equal to) neq (not equal to) It (less than) gt (greater than) Named Access List Access-lists are identified using Names rather than Numbers. Names are Case-Sensitive No limitation of Numbers here. One Main Advantageis Editing of ACL is Possible (i.e) Removing a specific statement from the ACL is possible. (lOSversion 11.2or later allows Named ACL) CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conentsare copyright 20102012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Creation of Standard Named Access List soumions Router(config}# ip access list standard Router(config-std-nadl)# Implementation of Standard Named Access List Router (config)#interface Router(config-if#ip access-group Creation of Extended Named Access List Router(config)# ip access-list extended Router(config-ext-nacl # < destination wildcard mask> Implementation of Extended Named A\ ist Router (config)#interface Router(config-if)#ip aocess-group CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Standard Access-List SOLUTIONS eat 192.168.2074 192.368.3072 Pre-requirement for LAB (check previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state 4) Any dynamicrouting Protocol or static routing 5) Verify Routing table and reachability between the LAN's ( using PING and ‘TRACE commands ) Let’s say the Requirement in thisLAB isto Deny the host 192.168.1.1 communicating with 192.168.20 Deny the host 192.168.1.2 communicating with 192.168.20 Deny the network 192.168.3.0 communicating with 192.168.2.0 Permit all the remaining traffic NOTE: the Above ACL rules should not effect thecther communication Before creating the ACL, make sure that the routing configured is correct and all the three LAN devices are able to communicate with each other using PING command PC>ipoonfig IP AOdreSS......sssseeesenneeet 192.168.1.1 Subnet Mask. (255.255.255.0 Default Gateway. 1 192.168.1.100 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=17ms TTL=126 Reply from 192.168.2.1: bytes=32 time=20ms TTL=126 Reply from 192.168.2.1: bytes=32 time=16ms TTL=126 Reply from 192.168.2.1: bytes=32 time=17ms TTL=126 PC>ipeonfig IP Address... sc 192.168.1.2 Subnet Mask 255,255,255.0 Default Gateway : 192.168.1.100 PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=16ms TTL=126 Reply from 192.168.2.1: bytes=32 time=22ms TTL=126 Reply from 192.168.2.1: bytes=32 time=23ms TTL=126 Reply fron 192.168.2.1. byles-32 linens TTL=128 PC>ipoonfig IP Address. 192.168.3.1 Subnet Mask. (255.255.255.0 Default Gateway. +o! 192.168.3.100 PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=21ms TTL=126 Reply from 192.168.2.1: bytes=32 time=23ms TTL=126 Reply from 192.168.2.1: bytes=32 time=22ms TTL=126 Reply from 192.168.2.1: bytes=32 time=23ms TTL=126 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC On Router —2 SOLUTIONS Creating the ACL rules according to requirement: R-2(config)# access-list 15 deny 192.168.1.1 0.0.0.0 R-2{confightaccesslist 15 deny host 192168.1.2 R-2(config)#acoess-list 15 deny 192.1683.0 0.0.0.255 R-2{confightacesslist 15 permit any Implementation: R-2{configh#tinterface fastEthernet 0! 0 R-2(config-if)#ip access-group 15 out Verification: R-2itsh accesslists Standard IP access list 15 deny host 192.168.1.1 deny host 192.168.1.2 deny 192.168.3.0 0.0.0.255 permit any PC>ipoonfig IP Address. Subnet Mask..... '255,255.255.0 Default Gateway. 192.168.1.100 Pc>pinig 19216824 Pinging 192.168.2.1 with 32 bytes of data Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10,0.0.2: Destination host unreachable. PC>ping 192.168.3.1 Pinging 192.168.3.1 with 32 bytes of data: CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomReply from 192.168.3.1: bytes=32 time=21ms TTL=125, Reply from 192.168.3.1: bytes=32 time=17ms TTL=125 Reply from 192.168.3.1: bytes=32 time=24ms TTL=125, Reply from 192.168.3.1: bytes=32 time=13ms TTL=125, PC>ipoonfig IP Address. 192.168.1.2 Subnet Mask. (256,255.255.0 Default Gateway. : 192.168.1.100 PC>ping 192.168.2.1 Pinging 192.168.2.1 with 32 bytes of data: Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. Reply from 10.0.0.2: Destination host unreachable. SERVER>ipconfig IP Address. ‘Subnet Mask. 255,255 ,255.0 Default Gateway....... wx! 192.168.1.100 SERVER>ping 19216824 Pinging 192.168.2.1 with 32 bytes of data: Reply from 192.168.2.1: bytes=32 time=31ms TTL=126 Reply from 192.168.2.1: bytes=32 time=t7ms TTL=126 Reply from 192,168.2.1: bytes=32 time=23ms TTL=126 Reply from 192,168.2.1: bytes=32 time=24ms TTL=126 PC>ipoonfig IP Address. Subnet Mask... Default Gateway PC>ping 19216821 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom NETMETRIC SOLUTIONS. 103NETMETRIC SOLUTIONS. Pinging 192,168.21 with 32 bytes of data: wa Reply from 11.0.0.1: Destination host unreachable. Reply from 17.0.0.1: Destination host unreachable. Reply from 11.0.0.1: Destination host unreachable. Reply from 17.0.0.1: Destination host unreachable. Ping statistics for 192.168.2.1 Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC>ping 192.168.1.1 Pinging 192.168.1.1 with 32 bytes of data: Reply from 192,168.1.1: bytes=32 time=16ms TTL=125 Reply from 192.168.1.1: bytes=32 time=29ms TTL=125 Reply from 192,168.1.1: bytes=32 time=16ms TTL=125, Reply from 192.168.1.1: bytes=32 time=21ms TTL=125 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Lab 2: Restricting telnet access to the router to specified networks or hosts Requirement: Allow only thehosts 192.168.1.1 and 192.168.1.2 to telnet R1. any other host should be denied of they try to telnet R1 Remove the ACL which was created the previous lab R-2{configh# no access-list 15 R-2(config)# interface fastEthernet OO R-2{config-if}# no ip access-group 15 out R-2{config-if}# end Creation of ACL: R-(config)#tacoess list 20 permit host 192.168.1.1 R-1(config)itaccess list 20 permit host 192.168.1.2 Implementation R-A(configh#line vty 04 R-1(config-line}#password cisco R-1(config-line}#login R-A(configdine)# access-dass 20 in R-1(config-line}#end Verification PC>ipoonfig IP Address. 1 192.168.1.1 ‘Subnet Mask... .: 255,255.255.0 Default Gateway....... 192.168.1.100 PC>telnet 192.168.1.100 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Trying 192.168.1.100 ...Open SOuUTIONS ng User Access Verification Password PC>ipoonfig IP Address... nc 192.168.1.2 ‘Subnet Mask. 255.255.255.0 Default Gateway. 2 192.168.1.100 PC>telnet 192.168.1.100 Trying 192.168.1.100 .. Open User Access Verification Password: RP Ri SERVER> ipconfig IP Address. 192.168.1.3 Subnet Mask. (255.255,255.0 Default Gateway...... 192.168.1.100 SERVER telnet 192.168.1.100 Trying 192.168.1.100.. % Connection refused by remote host SERVER> SERVER>ipoonfig IP Address... 2 192.168.1.4 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conten are copyright @.2010 2012 AU rights reserve sikandarbaaadshahva gmailcomNETMETRIC Subnet Mask 255,255.255.0 SOLUTIONS Default Gateway. 192.168.1.100 SERVER>telnet 192.168.1.100 Trying 192.168.1.100... % Connection refused by remote host SERVER> R-2enable R-2#tanet 10.0.0.1 Trying 10.0.0.1 % Connection refused by remote host R2# Lab -3:_Implementing Extended Access-List tonise sa 19216832 Pre-requirement for LAB (check previous labs) 4) Design the topology (connectivity ) 2) Assign the IP address according to diagram 3) Make sure that interfaces used should bein UP UP state 4) Any dynamicrouting Protocol or static routing CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC 5) Verify Routing table and reachability between the LAN's SOLIMIONS ny (using PING and TRACE commands) J Let's say the Requirement in thisLAB isto Deny the userson LAN 192.168.2.0 should not access 192.168.1.3 HTTP service Deny the userson LAN 192.168.3.0 should not access 192.168.1.4 FTP service Deny the userson LAN 192.168.3.1 should not access 192.168.1.3 HTTP service Deny theuserson LAN 192.168.2.0 should not get DNSservicefrom DNSserver 192.168.1.4 Deny ther users from the host between 192.168.3.2 and 192.168.1.2 should not be able to send ICMP ( ping / trace ) messages Remaining hosts and services should be permitted NOTE: the AboveACL rules should not affect theather communication On Router -1 R-(config}#access-list 145 deny top 192.1682.0 0.0.0.255 host 192.168.1.3 eq www R-4(config}#access-list 145 deny top 192.168.3.0 0.0.0.255 host 192.168.1.4 eq ftp R-4(confighi#accese-list 145 deny top host 192.168.3.1 host 192,168.1.3 eq www R-4(config)i#access-list 145 deny udp 192.168.2.0 0.0.0.255 host 192.168.1.4eq ? <0-65535> Port number bootpe —_Bootstrap Protocol (OOTP) dient (68) bootps Bootstrap Protocol (BOOTP) server (67) isakmp Internet Security Association and Key Management Protocol (500) nonS00-isekmp Internet Security Association and Key Management Protocol (4500) simp _ SmpleNetwork Management Protocol (161) tftp Trivial File Transfer Protocol (69) R-l(config)#accesslist 145 deny udp 192.168.20 0.0.0.255 host 192.168.1.4 eq domain R-1(config)#access-list 145 deny icmp host 192.1683.1 host 192.1681.1 ? <0-256> typenum echo-reply echo-reply CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC host-unreachable — host-unreachable SOLUTIONS net-unreachable _net-unreachable port-unreachable — port-unreachable protocol-unreachable protocol-unreachable ttl-exceeded _ttl-exoeeded unreachable unreachable 109 R-1(config)#access-list 145 deny icmp host 192.1 .2 host 192.168.1.2 echo R-4(config)#access-list 145 deny icmp host 192.168.3.2 host 192.168.1.2 echo-reply R-t(config}#access-list 145 permit ip any any Implementation: R-A(confighit interface fastEthernet O/ 0 R-A(config-if}# ip access-group 145 out OR R-A(confighit interface serial 0/0 R-A(config-if}# ip access-group 145. in (256.255.255.0 Default Gateway.........ss0e! 192.168.3.100 PC>ping 192.168.1.2 Pinging 192.168.1.2with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Ping statistics for 192.168.1. Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC>ping 192.168.1.1 Pinging 192.168.1.1 with 32 bytes of data: Reply from 192.168.1.1: bytes=32 time=20ms TTL=125 4: bytes=32 time=27ms TTL=125 Reply from 192.168.1.1: bytes=32 time=13ms TTL=125 Reply from 192.168.1.1: bytes=32 time=25ms TTL=125 Ping statistics for 192.168.1.1 Packets: Sont = 4, Received = 4, Lost = 0 (0% oss), Approximate round trip timesin milli-seconds: Minimum = 13ms, Maximum = 27ms, Average = 2ims Lab —4; Implement the same lab -1 using named ACL R-2{confighHtip access list standard CCNA R-2(config-std-nad }#deny 192.168.1.1 0.0.0.0 R-2(config-std-nad }itdeny host 192.168.1.2 R-2(oonfig-std-nad }#deny 192.168.3.0 0.0.0.255 R-2(config-std-nad #permit any R-2{config-std-nad exit Implementation : R-2{config}#tinterface fastEthernet 0! 0 R-2(config-if)#ip access-group CCNA out LAB -5implement the same lab -2 using named ACL. R-(config)#ip access-list extended CCNP R-((config-ext-nad)#deny top 192.168.2.0 0.0.0.255 host 192.168.1.3 eq www R-4(config-ext-nad)# deny top 192.168.30 0.0.0.255 host 192.168.1.4 eq ftp R-1(config-ext-nad)# deny top host 192.168.3.1 host 192.168.1.3eq www CCNA R&S Workbook by Sikandar Gouse Moinuiin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. R-4(config-ext-nad)#deny udp 192.168.2.0 0.0.0.255 host 192.168.1.4 eq domain R-4(config-ext-nad)# deny iamp host 192.168.3.1 host 192.168.1.1 eq echo R-((config-ext-nad)#deny icmp host 192.168.3.1 host 192.168.1.1. eq echo-reply R-((config-ext-nad)# permit ip any any Implementation: R-l(config)# interface fastEthernet a0 Rel(config-if}# ip access-group CCNP out OR R-l(config)# interface serial O/ 0 R-1(config-if}# ip aocess-group CCNP in CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC NETWORK ADDRESS TRANSLATION SOLUTIONS + NATisthemethod of Translation df private!P address into public IP address". + Inorder to communicate with internet we must have registered public IP address. Address translation was originally developed to solve two problems: 1. to handlea shortage of IPv4 addresses 2. Hidenetwork addressing schemes. ‘Small companies typically get their public IP addresses directly from their ISPs, which havea limited number. Large companies can sometimes get their public IP addresses from a registration authority, such as the Internet Assigned Numbers Authority (IANA). Common devices that can perform address translation include firewalls, routers, and servers, Typically address translation is done at the perimeter of the network by either afirewall (more commonly) or a router. ‘There are certain addresses in each class of IP address that are reserved for Private Networks. These addresses are called private addresses. ClassA —10.0.0.0 to 10.255.255.255 Class B 172.16.0.0 to 172.31.255.255 Class C 192.168.0.0 to 192.168.255.255 Inside Local Addresses — An IP address assigned to a host insdea network. This addressis likely to bea RFC 1918 private address Inside Global Address —A legitimate IP address assigned by the NIC or service provider that represents one or more inside local IP address to the outside world. Outside Local Address - The IP address of an outside host as it known to the hosts in the inside network Outside Global Address - The |P address assigned to a host on the outside network. The owner of the host assigns this address. ‘Types of NAT:- 4. Dynamic NAT 2. SaticNAT 3.PAT StaticNAT + Thistype of NAT isdesigned to allow one-to-one mapping between local and global addresses. Keep in mind that the static version requires you to have one real Internet IP address for every host on your network. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 213.18.123.- 2000 How Sturt Syntax: (Contigy# IP nat inside source static Implementation : (Config) # interface fo! 0 (Config-if}# ip nat inside (interface facing towards LAN) (Configy# interface sO! 0 (Contig-if}# ip nat outside ( intertece facing towards ISP ) DynamicNAT + This version gives you the ability to map an unregistered IP address to a registered IP address from out of a pool of registered IP addresses. You don’t have to statically configure your router to map an inside to an outside address as you would using static NAT, but you do haveto have enough real IP addresses for everyone who's going to be sending packets to and receiving them from the Internet. 219,10. 210. 62000 How Stutt Werks: CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Syntax: SOLUTIONS. (Configy# access-list < ACL-NO> permit ae (Configy#ip nat pool netmask (Config)# ip nat inside sourcelist pool Implementation : (Config) # interface fO/ 0 (Contig-if}# ip nat inside (interface facing towards LAN) (Configy# interface s0/ 0 (Contig-if}# ip nat outside (interface facing towards ISP ) DynamicNAT Overload + Thisisthe most popular type of NAT configuration. Understand that overloading really isa form of dynamic NAT that maps multiple unregistered IP addresses to a single registered IP address—many-to-one—by using different ports. It isalso known as Port Address Translation (PAT), and by using PAT (NAT Overload), you get to have thousands of users connect to the Internet using only one real global IP address. NAT Overload is the real reason we haven't run out of valid IP address on the Internet alibi Paper Saito Syntax : 213.18.123.1007 213.18.423.100:193 (Config)# access-list < ACL-NO> permit (Config)#ip nat inside pool netmask (Config)# ip nat inside source list pool overload CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Implementation : SOLUTIONS (Config) # interface f0/ 0 (Config-if}# ip nat inside (interface facing towards LAN) (Config}# interface su 0 (Config-if}#t ip nat outside (interface fecing towerds ISP ) LAB~1 Implementing STATIC NAT configure the following translations PRIVATEIP PULICIP 50.1.1. .168.1.2 50.1.1.2 192.168.1.3 50.1.1.3 2 oifer? STEPS Configure IP address according to the diagram Configure default route on both routers Configure NAT ( static NAT according to the requirement ) Implementation Verify by generating some trafficfrom LAN to ouside servers co #show ip nat translations CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. ng IP-Address OK?Method Status Protocol FastEtherne0/ 0 192.168.1100 YESmanual up up FastEthernet0/ 1 unassigned YESunset administratively down down Serial! 0 400.111 YESmanual up up SerialO/ 1 unassigned YESunset administratively down down R-(config)# ip route 0.0.0.0 0.0.0.0 100.1.1.2 SP#sh ip int brief Interface IP-Address OK?Method Status Protocol FastEthernetO/ 0 200.1.1.100 YESmanual up up FastEthernet0/ 1 unassigned YESunset administratively down down SerialO/ 0 100.1.1.2 = YESmanual up up Serial 4 unassigned + YESmanual administratively down down SP#conf terminal Enter configuration commands, one per line. End with CNTL/ Z. ISP(configy# 1SP(config)# ip route 0.0.0.0 0.0.0.0 100.1.1.1 Configuring staticNAT R-1(config)#ip nat inside source static 192.168.1.1 50.1.1.1 Rel(oonfig)#ip nat inside source static 192.168.1.2 50.1.1.2 R-1(config)#ip nat inside source static 192.168.1.3 50.1.1.3 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Implementation SOLUTIONS R-1(config)Hinterface fastEthernet 0! 0 R-1(config-if}#ip nat inside Re1(config-if}#exit R-(config}#tinterface serial O/ 0 R-1(config-if)#ip nat outside Generate Trafficfrom PC (192.168.1.1/ 192.168.1.2 / 192.168.1.3) PC>ipconfig IP Address... ‘Subnet Mask. 9.255. Default Gateway. 192.168.1.100 PC>ping 200.1.1.1 Pinging 200.1.1.1 with 22 bytes of data: Reply from 200.1.1.1: bytes=32 time=12ms TTL=126 Reply from 200.1.1.1: bytes=32 time=12ms TTL=126 Reply from 200.1.1.1: bytes=32 time=10ms TTL=126 Reply from 200.1.1.1: bytes=32 time=20ms TTL=126 Ping statistics for 200.1.1.1: Packets: Sent = 4, Reoeived = 4, Lost = 0 (0% loss), Approximate round trip timesin milli-seconds: Minimum = 10ms, Maximum = 20ms, Average = 13ms PC>ping 200.1.1.2 Pinging 200.1.1.2with 22 bytes of data: Request timed out. .2: bytes=32 time=16ms TTL=126 2: bytes=32 time=11ms TTL=126 2: bytes=32 time=32ms TTL=126 Ping statistics for 200.1.1.2: Packets; Sent = 4, Received = 3, Lost = 1 (25% loss), CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomApproximate round trip timesin milli-seconds: Minimum = 11ms, Maximum = 32ms, Average = 19ms PC>ipconfig IP Address... snc 192.168.1.2 Subnet Mask Default Gateway. PC>ping 200.1.1.4 Pinging 200.1.1.1 with 32 bytes of data: Reply from 200.1.1.1: bytes=32 time=25ms TTL=126 Reply from 200.1.1.1: bytes=32 time=11ms TTL=126 Reply from 200.1.1.1: bytes=32 time=21ms TTL=126 Reply from 200.1.1.1: bytes=32 time=22ms TTL=126 SERVER>ipconfig IP Address. 2 192.168.1.3, Subnet Mask..... (255.255.255.0 Default Gateway ....rncone! 192.168.1.100 SERVER>ping 200.1.1.1 Pinging 200.1.1.1 with 32 bytes of data: Reply from 200.1.1.1: bytes=32 time=24ms TTL=126 Reply from 200.1.1.1: bytes=32 time=16ms TTL=126 Reply from 200.1.1.1: bytes=92 time=10ms TTL=126 Reply from 200.1.1.1: bytes=32 time=20ms TTL=126 R-#sh ip nat translations Pro Insideglobal Insidelocal Qutsidelocal Outsideglobal icmp SOMME MOAI684:21 200.1.1.221 200.1.1.2:21 jiomp 50.1.1.1:22 — 192.168.1.1:22 200.11.222 200.1.1.2:22 jomp 50.1.1.1:23 192168.1.1:23 200.1.1.2:23 200.1.1.2:23 fomp 50.1.1.1:24 = 192.168.1.1:24 § 200.1.1.2:24 = 200.1.1.2:24 icmp SOMMIZAAS2M6812:1 § 200.1.1.1:1 — 2001.1.1:1 icmp 50.1.1.22 192.168.1.2:2 200.1.1.1:2 200.1.1.1:2 CCNA R&S Workbook by Sikandar Gouse Moiuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom NETMETRIC SOLUTIONS.NETMETRIC icmp 50.11.23 192.168.1.23 SOLIMIONS iemp 50.1.1.24 192.168.1.2:4 iemp 50.1.1.3: 192.168.1.3:1 icmp SOAS? 2004112 iemp 50.1.1.3:3 192.168.1.3:3 200.1.1.1:3 iemp 50.1.1.3:4 192.168.1.3:4 200.1.1.1:4 50.1.1.1 192.168.1.1 50.1.1.2 192.168.1.2 60.1.1.3 192.168.1.3 To verify generate telnet trafficFrom PC //192.168.1.1 // 192.168.1.2 // 192.168.1.3 PC>telnet 100.1.1.2 Trying 100.1.1.2...Open User Access Verification Password: R-t#sh ip nat translations Pro Insideglobal Insidelocal Outsidelocal Outsideglobal o 50.1.1.1 192.168.1.1 - 50.1.1.2 192.168.1.2 1.4.3 192.168.1.3 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC LAB-2 SOLUTIONS Implement Dynamic NAT and make sure that the inside LAN users (192.168.1.0/24) get translated to public! P with the range of 50.1.1.1 —50.1.1.200/24 Continue with the same pre-configurationsin the LAB-1 Remove the static NAT configurations. Implementation is same as previous lab R-t#clear ip nat translation * NOTE: Makesuretheat you der thetransation tablebefore you edit or removetheany NAT configurations Re1(config)# no ip nat inside source static 192.168.1.1 0.1.1.1 R-t(configi# no ip nat insidesourcestatic 192.168.1.2 50.1.1.2 R-1(config)# no ip nat insidesource static 192.168.1.3 50.1.1.3 Configuring DYNAMIC NAT Re1(config)taccesslist 55 permit 192.168.1.0 0,0.0.255 Re1(configytip nat pool CCNA 50.1.1.1 50.1.1.200 netmask 255,255.255.0 R-1(config)fip nat inside sourcelist 55 pool CCNA Re1(configyfinterface fastEthernet O/ 0 R-1(config-if)#ip nat inside Re1(config-if}exit R-(config)interface serial 0/ 0 R-1(contig-if)#ip nat outside CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Generate some telnet traffic from inside LAN devices (192.168.1.1 //192.168.1.2//192.168.1.3 1192.168.1.41/) PC>telnet 100.1.1.2 Trying 100.1.1.2...pen User Access Verification Password. Isp> R-t#tsh ip nat translations Pro Insideglobal Insidelocal Outsidelocal Outsideglobal top 60.1.1.1:1027 192.168.1.1:1027 100.1.1.223 100.1.1.2.23 tep 50.1.1.2:1025 192.168.1.2:1025 100.1.1.223 100.1.1.223 top 50.1.1.3:1025 192.168.1.3:1025 100.1.1.223 100.1.1.223 top 50.1.1.4:1025 192.168.1.4:1025 100.1.1.223 100.1.1.2.23 LAB_3 Implement PAT (Dynamic NAT Overload) and make sure that the inside LAN users (192.168.1.0/24) get translated to single public IP (50.1.1.1/29) given by service provider Continue with the same pre-configurationsin the LAB-2 Remove the dynamicNAT configurations. Implementation is same as previous lab R-ticlear ip nat translation * NOTE: Makesurethat you dex thetranstation table beforeyau exit or removetheeny NAT omnfiguretions R-1(config)ftno ip nat inside source list 55 pool CCNA R-1(config)ftno ip nat pool CCNA 0.1.1.1 50.1.1.200 netmask 255.255.255.0 R-1(config)ftno access-list 55 CCNA R&S Workbook by Sikandar Gouse Moinuidin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomConfiguring PAT R-4(config)#access-list 55 permit 192.168.1.0 0.0.0.255 R-4(config)#ip nat pool CCNA 50.1.1.1 50.1.1.1 netmask 255.255.255.248 R-1(config)#ip nat inside source list 55 pool CCNA overload Ro(config)#interface fastEthernet O/ 0 R-4(config-if}#ip nat inside Rel(config-if}#exit R-4(config)#interface serial 0/ 0 R-4(config-if}#ip nat outside R-4(config-if}# PC>telnet 100,1.1.2 Trying 100.1.1.2..Open User Access Verification Password. Isp> R-1#sh ip nat translations Pro Insideglobal Insidelocal Qutsidelocal ~Outsideglobal top 50.1.1.1:1029 192.168.1.1:1029 100.1.1.223 100.1.1.223 top 50.1.1.1:1026 192.168.1.2:1026 100.1.1.223 100.1.1.2:23 top 50.1.1.1:1024 192.168.1.3:1026 100.1.1.223 100.1.1.2:23 top 50.1.1.1:1025 — 192.168.1.4:1026 100.1.1.223 100.1.1.223 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom NETMETRIC SOLUTIONS.NETMETRIC LAB-4 SOLUTIONS Implement PAT (Dynamic NAT Overload) and make sure that the inside LAN users (192.168.1.0/24) get translated to the public!P used on the outside interface (100.1.1.1) given by service provider. Continue with the same pre-configurationsin the LAB-3 Remove the PAT configurations. Implementation is same as previous lab R-tifclear ip nat translation * NOTE: Makesuretheat you der thetransaticn table before you edit ar removethoany NAT configurations R-1(config)ftno ip nat inside source list 55 pool CCNA overfoad R-(config)ftno ip nat pool CCNA 50.1.1.1 50.1.1.1. netmask 255.255.255.248 R-1(config)ftno access-list 55 Configuring PAT R-((config)#accesslist 55 permit 192.168.1.0 0.0.0.255 R-1(config)#ip nat inside source interface serial 0/0 overload R-4(config)#interface fastEthernet 0/ 0 R-4(config-if}#ip nat inside R-4(config-if}#exit R-(config)#interface serial OY 0 Re(config-if}#ip nat outside Ret(config-if}# Verification: CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomGenerate some telnet traffic from inside LAN devices (192.168.1.1 1192.168.1.2 1/192.168.1.3 1/192.168.1.4//) PC>telnet 100.1.1.2 Trying 100.1.1.2...Open User Access Verification Password. Isp> R-1#sh ip nat translations Pro Inside global top 100.1.1.1:1029 top 100.1.1.1:1026 top 100.1.1.1:1024 top 100.1.1.1:1025 Insidelocal Outsidelocal Qutsideglobal 192.168.1.1:1029 100.1.1.2:23 100.1.1.2:23 192.168.1.2:1026 100.1.1.223 100.1.1.2:23 192.168.1.3:1026 100.1.1.2:23 100.1.1.2:23 192.168.1.4:1026 100.1.1.2:23 100.1.1.2:23 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom NETMETRIC SOLUTIONS. ez]BASIC SWITCHING Hub NETMETRIC SOLUTIONS. Switch tis Physical layer device (Layer 1) Itis Dummy Device It workswith O'sand 1's (Bits) It alwaysdo broadcasts It workswith shared bandwidth It has 1 Broadcast Domain It has 1 Collision Domain Collisions areidentified using Access Methods called CSMA/ CD. and CSMA/ CA Itis Datalink layer device (Layer 2) Itsis An Intelligent device It works with Physical addresses (i.¢. MAC addresses) It uses broadcast and Unicast It works with fixed bandwidth It has 1 Broadcast domain Number of Collision domains depends upon the number of ports. It maintainsa MAC address table Broadcast Domain & Collision Domain Broadcast Domain Se of all devices that receive broadcast frames originating from any devicewithin the set. Coli domain In Ethernet, the network area within which frames that have collided are propagated is called a collision domain. A collision domain isa network segment with two or more devices sharing the same bandwidth. Broadcast Domains Collision Domains CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE (R&S, SP) 435012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 126 ‘Types of Switches + Unmanageable switches + These switches are just plug and play + No configurations can bedone + thereisno console port. + Manageable switches + These switches are also plug and play + thas console port and CLI access + Wecan verify and modify configurations and can implement and test some advance switching technologies Cisco's Hierarchical Design Model Cisco divided the Switches into 3 Layers 4. Access Layer Switches ‘Switches Series : 1900 & 2900 2. Distribution Layer Switches witches Series : 3550 , 3560 3. Core Layer Switches ‘witches Series : 4500 , 6500 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ‘Access Layer Switch SOLIMIONS Catalyst 1900 Distribution Layer Switch 3550 switch Core Layer Switches CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE ( R&S, SP) #35012 All contents are copyright @2010 ~ 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. Switching Modes Three types of Switching Mode: + Store & Forward — A Default switching method for distribution layer switches. — Latency : High — Error Checking : Yes Fragment Free — Itisalso referred to as Modified Cut-Through — A Default Switching method for acoass layer switches. — Latency : Medium — Error Checking : On 64 bytes of Frame Cut through — A Default switching method for the core layer switches — Latency : Low — Error Checking : No Latengy is the total time taken for a Frame to pass through the Switch. Latency depends on the switching mode and the hardware capabilities of the Switch. Console Connectivity Connect arollover cable to the Switch console port (RLS connector). Connect the other end of the rollover cable to the R45 to DB-9 adapter Attach the female DB-9 adapter to a PC Serial Port. Open emulation software on the PC. Emulation Software IN WINDOWS Start 4 Programsa Accessories a Communications é HyperTerminal 4 HyperTerminal Give the Connection Name & Sdect Any loon Select Serial (Com) Port where Switch is Connected. In Port Settings Click on Restore Defaults IN LINUX # minicom -s CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC INITIAL CONFIGURATION OF A SWITCH: SOLUTIONS Connect one end of console cable to console port of switch and other end of cable to your computer's com port. Now open Hyper terminal and power on the switch Would you like to enter into initial configuration dialog (yes! no): no switch>en switch#config terminal TO assign telnet Password switch(config) # line vty 04 switch(config-line) # login switch(config-line) # password TO assign Console Password switch(config) # line con 0 switch(config-line) # login switch(config-line) # password TO assign Enable Password switch(config) #enable secret < password> OR switch(config) #enable password < password> switch(config) #exit switch# Show mac-address-table ( toseethe entries of the MAC table) switch# Show interface status To assign IP toa Switch switch (config)# Interface Vian 4 switch(config-if}# ip address switch (config-if}# no shutdown To assign Default Gateway toa Switch switch(config)# ip default-gateway 192.168.1.100 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ADVANCE SWTCHING coer - Spanning Tree Protocol Spanning Tree Protocol (STP) uses Spanning Tree Algorithm to avoid the Switching loopsin layer-2 devices (bridges or switches). STP workswhen multiple switches are used with redundant links avoiding Broadcast Storms, Multiple Frame Copies & Database instability. First Developed By DEC STPisaopen standard (IEEE 802.1D) STP is enabled by default on all Cisco Catalyst switches STP Terminology + BPDU — All switches exchange information through what is called as Bridge Protocol Data Units (BPDUs) BPDUs contain alot of information to help the switches determine the topology and any loops that result from that topology. BPDUs are sent every 2 sec Bridge ID — Each switch has a unique identifier called a Bridge ID or Switch ID — Bridge ID = Priority + MAC address of the switch — When a switch advertises a BPDU, they place their switch id in these BPDUs. Root Bridge — The bridge with the Best (Lowest) ID. — Out of all the switches in the network, oneis elected as a root bridge that becomes the focal point in the network. Non-Root bridge — All Switches other than the Root Bridge are Non-Root Bridges Root port — Thelink directly connected to the root bridge, or — the Shortest path to the Root bridge — Every Non-root Bridge looks the best way to go Root-bridge — For every non-root bridge there is only oneroot port. 1. Root port with the least cost (Speed) connecting to the root bridge. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC 2. The bridge with the Best (Lowest) Switch ID. SCLIN: 3. Lowest Physical Port Number. + Designated port — A designated port will alwaysin Forward Mode + Non Designated port — All the Port or ports which are blocked by STP to avoid switching loop. — A Non Designated port Will Alwaysin Blocked Mode. STP port states Blocking 20 Sec or No Limits. Listening 15 Seo. Learning 15 Sec. Forwarding NoLimits. Disable = NoLimits Switch - Port States + Blocking: Won't forward frames; listens to BPDUs. Alll ports aren blocking state by default when the switch is powered up. + Listening: Listens to BPDUs to make sureno loops ocour on the network before passing data frames. + Learning: Learns MAC addresses and builds a filter table but does not forward frames. + Forwarding: Sends and receives all data on the bridged port. Typical Costs of Different Ethernet Networks ‘Speed New TEEE Cost Original IEEE Cost T0Gbps Gbps TOOMbps tOMbps anning-Tree Behavior CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. EF 7 / / #Fa0/20 oe 0/23, Fa0/23 2960: 2960-24TT Svatehe Switch3 SW-1#tsh spanning-tree VLANO0001 Spanning tree enabled protocol ieee Root ID Cot 19 Port _ 20(FastEthernet0/ 20) Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Bridge ID Pri 32769 (priority 32768 sys-id-ext 1) Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Aging Time 20 Interface RoleSsCost_Prio.Nbr Type Desg FWD 19 12821 Pap Fa0/20 Root FWD 19 — 128.20 Pap ‘SW-2#show spanning-tree VLANO001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address —000C.CF2D.0388 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec BridgeID Priority 32769 (priority 32768 sysid-ext 1) Address 000C.CF2D.0388 Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Aging Time 20 Interface RoleSsCostPrio.Nbr Type Fa0/ 20 Desg FWD 19 Fa0/ 23 Desg FWD 19 SW-3#tshow spanning-tree VLANO001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address —000C.CF2D.0388 Cot 19) Port 23(FastEthernet0/ 23) Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Bridge|D Priority 32769 (priority 32768 sysid-ext 1) Address 00E0,B0E9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Aging Time 20 Interface RoleSts Cost Prio Nbr Type FeOlBIpAWBLKTG 12821 P2p Fa0/ 23 Root FWD 19 128.23 P2p SW-2{config)#interface 0/20 SW-2{config-if)#shutdown °%LINK-5-CHANGED: Interface FastEthernet0/ 20, changed state to administratively down %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/ 20, changed state to down CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ‘SW-3#tshow spanning-tree SOLUTIONS VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address _000C.CF2D.0388 Cost 19) Port 23(FastEthernet0/ 23) Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 00E0.BO0E9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface RoleS:sCostPrio.Nbr Type Fa0/ 21 DesgERN49 128.21 Pap Fa0/23 Root FWD 19 128.23 Pap ‘SW-3#show spanning-tree VLANOO01 Spanning tree enabled protocol ieee Root!D Priority 32769 Address 000C.CF2D.0388 Cost 19 Port 23(FastEthernet0/ 23) Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Bridge|D Priority 32769 (priority 32768 sys-id-ext 1) ‘Address —00E0.B0E9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Aging Time 20 Interface Role Sts Cost Prio.Nbr Type 128.21 Pap F023 Root FWD 19 128.23 Pap SW-2(config-if}# no shutdown %LIN K-5-CHANGED: Interface FastEthernet0/ 20, changed state to up CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ‘SW-3#show spanning-tree SOLUTIONS VLAN0001 Spanning tree enabled protocol ieee Root ID Priority 32769 Address _000C.CF2D.0388 Cost 19) Port 23(FastEthernet0/ 23) Hello Time 2 sec Max Age 20 sec Forward Delay 15sec Bridge ID Priority 32769 (priority 32768 sys-id-ext 1) Address 00E0.BOE9.E389 Hello Time 2 sec Max Age 20 sec Forward Delay 15 sec Aging Time 20 Interface RoleS:sCostPrio.Nbr Type Fa0/ 21 AIRJBEKAS = 128.21 P2p Fa! 23. Root FWD 19 128.23 Pap CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC VIRTUAL LAN soumions 136 A Layer 2 Security Dividesa Single Broadcast domain into Multiple Broadcast domains. By default all ports of the switch arein VLAN 1. This VLAN 1is known as Administrative VLAN or Management VLAN VLAN can be created from 2— 1001 Can be Configured on a Manageable switch only 2 Typesof VLAN Configuration — SaticVLAN — Dynamic VLAN ‘4 Collision Domains eae By default, routers allow broadcasts only within the originating network, but switches forward broadcasts to all segments. The reason it's called a flat network is because it's one Broadcast domain, not because its design is physically flat. (Flat Network Structure) Network adds, moves, and changes are achieved by configuring a port into the appropriate VLAN. A group of users needing high security can be put into a VLAN so that no users outside of the VLAN can communicate with them. ‘Asalogical grouping of users by function, VLANs can be considered independent from their physical or geographic locations. VLANscan enhance network security. VLANsincrease the number of broadcast domains while decreasing their size. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. VLAN Static VLAN’ sare based on port numbers Need to manually assign a port on a switch toa VLAN Also called Port-Based VLANs One port can be a member of only one VLAN VLAN Creation in config Mode: Switch(configy# vlan Switch (config-VIan}# name Switch(config-Vian}# Exit Assigning portsin Vian ‘Switch(config}# interface ‘witch(config-if)# switchport mode access Switch(config-if)# switchport access Vian Static VLAN using Database command: + Creation of VLAN:: Switch # vlan database Switch(viany# vlan name Switch(vian}# exit + Assigning port in VLAN:- Switchitoonfig t ‘Switch(config)# int fastethernet Switch(config-if}# switchport mode access CCNA R&S Workbook by Sikandar Gouse Moinuadin CCIE ( R&S, SP) # 38012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC ‘Switch(config-if)# switchport access vlan coer + Verify using ‘Switch # show vlan The range command (Assigning multiple ports at same time) The range command, you can use on switches to help you configure multiple ports at the same time ‘Switch(config}# interface range fa0/1 - 5, f0/12, f0/17 Dynamic VLAN Dynamic VLAN's are based on the MAC address of a PC Switch automatically assigns the port to a VLAN Each port can bea member of multiple VLAN's For Dynamic VLAN configuration, a software called VMPS VLAN Membership Policy Server) is needed Types of links/ports + Accesslinks — Thistype of link isonly part of one VLAN, and it's referred to asthenative VLAN of the port. Any device attached to an access link is unaware of a VLAN membership—the device just assumesit's part of a broadcast domain, but it has no understanding of the physical network. Switches remove any VLAN information from the frame beforeit's sent to an access link device. + Trunk links — Trunks.can carry multiple VLANstraffic. — A trunk link isa 100- or 1000Mbps point-to-point link between two switches, between a switch and router, or between a switch and server. These carry the traffic of multiple VLANs—from1 to 1005 at atime. — Trunking allows you to makea single port part of multiple VLANsat the same time. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. ed VLAN Blue VLAN Green VLAN br rua LAs Fed VLAN Blue VLAN Green VLAN VLAN Identification Methods (Frame Tagging) Single VLAN can span over multiple switches In oder to make sure that same vian users on different switches communicate with each other thereis a method of tagging happens on trunk links Tag isadded before a frameis send and removed onoeit is received on trunk link Trame tagging happens only on the trunk links VLAN identification is what switches use to keep track of all those frames moving through the trunk links The below two trunking protocols responsible for frame tagging process — Inter-Switch Link (ISL) — IEEE 802.1Q Frame Tagging CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. SihandarbaaadshabiagmailcomNETMETRIC SOLUTIONS. Ey TSE TEEE 802.10 It'sa Cisco proprietary ‘Open standard, we can It works with Ethernet, use on different vendors Token ring, FDDI switches. It adds 30 bytes of tag It works only on All VLAN trafficis tagged Ethernet Frame isnot modified Only 4 Byte tag will be added to original frame. Unlike ISL, 802.1q does not encapsulate the frame. It modifiesthe existing Ethernet frame toindudethe VLAN ID Trunking Configuration — Switch(configy# interface Switen(contig-If}# switchport mode trunk Switch(config-if)# switchport trunk encapsulation dot‘q/ ISL Virtual LAN Trunking Protocol VTPisa CISCO proprietary protocol used to share the VLAN configurations with multiple switches and to maintain consistency throughout that network. Information will be passed only if switches connected with FastEthernet or higher ports. VIP allowsan administrator to add, delete, and rename VLANs:nformation that isthen propagated to all other switches in the VTP domain Note: Switches Should be configure with same Domain. Domain are not Case sensitive. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC VTP Modes SOLUTIONS. VTP Mode are of three types: + Server Mode ‘© A Switch configured in Server mode can Add , Modify and Delete VLAN’s © A Default VTP modefor all switches ET * Client Mode oA switch configured in Client mode cannot Add , Modify and Deleteits VLAN configurations o Doesn't store its VLAN configuration information in the NVRAM. Instead , learns it from the server every timeit boots up + Transparent Mode © A:switch configured in a Transparent Mode can Add , Modify and Delete VLAN configurations. Changes in one transparent switch will not affect any other switch Benefits of VLAN Trunking Protocol (VTP) + Consistent VLAN configuration across all switches in the network + Accurate tracking and monitoring of VLANs + Dynamicreporting of added VLANs to all switchesin the VTP domain + Plug-and-Play VLAN adding VTP Pruning + Preserves bandwidth by configuring it to reduce the amount of broadcasts, multicasts, and unicast packets. VTP pruning only sends broadcasts to trunk links that truly must have the information. Enabling pruning on a VTP server, enablesit for the entire domain. By default, VLANs2 through 1005 are pruning-eligible, but VLAN 1 can never prune because it's an administrative VLAN VTP Configuration - 2950 Series Switch (config)# VTP Domain Switch (config) VTP Password Switch (configy# VTP Mode Switch (config)# VTP pruning VTP Configuration - 1900 Series witch#VLAN Database Switch(VLAN # VTP Domain ‘witch(VLAN )# VTP Password SWwitch(VLAN )# VTP Mode Switch(VLAN j# VTP pruning CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE (R&S, SP) #35012 All contents are copyright @ 2010 — 2012 AU rights reserved. sikandarbuaadshabiagmailcomNETMETRIC SOLUTIONS. LAB -Implementing VLAN Server-PT 192.168.1.3, ‘Switch Server-PT 192,168.1.4 1) Ping between 192.168.1.1 and 192.168.1.3 2) Create VLAN 20 3) Shift port f0/ 3, f0/ 4 in to VLAN 20 4) Ping between 192.168.1.1 and 192.168.1.3 ‘Switch#sh vlan VLAN Name Status Ports active FaQ/ 1, FaQ! 2, FaQ/ 3, FaQ/ 4 Fa0/ 5, Fa(/ 6, Fa0l 7, FaQ/ 8 Fa0/ 9, FaQ 10, Fa0! 11, Fadl 12 Fa0/ 13, FaQ/ 14, Fa! 15, Fa0l 16 Fa0/ 17, Fa0/ 18, Fa! 19, Fa0/ 20 Fa0/ 21, FaQ/ 22, FaD/ 23, Fa0l 24 Gig 1, Gigt/ 2 1002 fddi-default act/ unsup 1003 token-ring-default ad! unsup 1004 fddinet-default act! unsup 1005 trnet-default act/ unsup PC>ipoonfig CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. IP Address... 192.168.1.1 Subnet Mask. (255.255.255.0 Default Gateway..... 1 192.168.1.100 PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply from 192.168.1.2: bytes=32 time=19ms TTL=128 Reply from 192.168.1.2: bytes=32 time=6ms TTL=128 Reply from 192.168.1.2: bytes=32 time=8ms TTL=128 Reply from 192.168.1.2: bytes=32 time=7ms TTL=128 Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip timesin milli-seconds: Minimum = 6ms, Maximum = 19ms, Average = 10ms PC>ping 192.168.1.3 Pinging 192.168.1.3 with 32 bytes of data: Reply from 192.168.1.3: bytes=32 time=12ms TTL=128 Reply from 192.168.1.3: bytes=32 time=9ms TTI Reply from 192.168.1.3: bytes=32 time=8ms TTL=128 Ping statistics for 192.168.1. Packets: Sont = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip timesin milli-seconds: Minimum = 7ms, Maximum = 12ms, Average = 9ms PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Reply from 192.168.1.4: bytes=32 time=10ms TTL=128 Reply from 192.168.1.4: bytes=32 time=8ms TTL=128 Reply from 192.168.1.4: bytes=32 time=8ms TTL=128 Reply from 192.168.1.4: bytes=32 time=9ms TTI Ping statistics for 192.168.1.4 Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Switch (configy#vlan 20 Switch(config-vlan}#name SALES Switch(config-vlan}i#exit ‘witch (config)#interface fastEthernet 0/ 3 Switch(config-if)#switchport mode access Switch(config-if)#switchport access vian 20 Switch(config-if#exit ‘Switch (config}#interface fastEthernet O/ 4 Switch(config-if)#switchport mode access Switch (config-if #switchport access vian 20 ‘Switch#sh vlan VLAN Name Status Ports 1 default active FaQ/ 1, FaQ/ 2, Fa 5, Fa0/ 6 Fa0/ 7, Fa0/ 8, FaQ/ 9, Fa0/ 10 Fa0/ 11, FaQ/ 12, Fa0/ 13, Fa0! 14 Fa0/ 15, Fa0/ 16, Fa0/ 17, Fad/ 18 Fal 19, Fall 20, Fad! 21, Fab! 22 Fa0/ 23, Fa0/ 24, ae 1, Gig 2 1002 fddi-default ad/ unsup 1003 token-ring-default ad unsup 1004 fddinet-default act/ unsup 1005 trnet-default act/ unsup PC>ipoonfig IP Address... 2 192.168.1.1 ‘Subnet Mask. Default Gateway. PC>ping 192.168.1.2 Pinging 192.168.1.2 with 32 bytes of data: Reply from 192.168.1.2: bytes=32 time=11ms TTL=128 Reply from 192.168.1.2: bytes=32 time=9ms TTL=128 Reply from 192.168.1.2: bytes=32 time=7ms TTL=128 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Reply from 192.168.1.2: bytes=32 time=7ms TTL=128 SCLIN: Ping statistics for 192.168.1.2: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 7ms, Maximum = 11ms, Average = 8ms PC>ping 192.168.1.3 Pinging 192.168.1.3 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.1.3: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192. 168.1. Packets: Sent = 4, Reosived = 0, Lost = 4 (100% loss), LAB-2 BASIC VLAN En Conf t Vian 10 Namesales vian 20 name marketing exit vian 30 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 146 ‘Switch#sh vian VLAN Name Status Ports active FaQ/ 1, FaQ/ 2, Fa0/ 3, FaQ/ 4 Fa0/ 5, FaQ/ 6, FaQ! 7, Fed’ 8 Fa0/ 9, FaQ/ 10, Fa0! 11, FaQ/ 12 Fa0/ 13, FaQ/ 14, Fa0/ 15, Fa0l 16 Fa0/ 17, Fa0/ 18, Fads 19, Fad/ 20 Fa0/ 21, Fa0/ 22, Fa0/ 23, a0! 24 Gig/ 1, Gigt/ 2 There are no active portsin that vians TASK : shift portsfa0/8_ to vian 10 int fave switchport mode access switchport access vlan 10 TASK : shifting multiple ports( 4—7 and 10) tovian 20 interface range fa0l 4-7, fa0/ 10 switchport mode access switchport access vian 20 ‘Switchi#sh vlan VLAN Name active Fa0/ 1, Fa0/ 2, Fa0/ 3, CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomFa0l 9, Fa0/ 11, FaQ! 12, Fa0/ 13 NETMETRIC SOLUTIONS ra Fa0/ 14, FaQ/ 15, Fa0/ 16, FaO/ 17 Fa0/ 18, Fad/ 19, FaQ/ 20, Fad/ 21 Fa0l 22, FaQ/ 23, FaD/ 24 LAB: Trunking Server-PT PCP 32.168.1.3 winio — 192.168,34 On sw-1 “Switch(config)#thostname SW-1 SN-1(configyifinterface range f0! 1 - 2 vuN20 PC-PT 192.168.2.3 wav20 fl CPT 192,168.24 SN-1(config-if-range}#switchport mode access SN-1(config-if-range}#switchport access vian 10 SN-1(config-if-range}Hexit CCNA R&S Workbook by Sikandar Gouse Moinuddin CCIE (R&S, SP) #35012 All contents are copyright @ 2010 — 2012 AU rights reserved. sikandarbuaadshabiagmailcomNETMETRIC SOLUTIONS: SW-1(config)#interface range f0! 3-4 SW-1(config-if-range}#awitchport mode access SW-1(config-if-range}#switchport access vlan 20 SW-1(config-if-range}#end ‘SW-t#sh vian VLAN Name Status Ports 1 default active Fa0l 5, Fa0/ 6, Fa0l 7, Fa0/ 8 Fa0/ 9, FaO/ 10, Fa0/ 11, Fa0/ 12 FaQ/ 13, FaQ/ 14, Fab’ 15, FaQ! 16 Fa0/ 17, Fa0/ 18, Fa0/ 19, Fa0/ 20 Fa0/ 21, Fa0/ 22, Fa0 23, FaO/ 24 Gigi 1, Gigt/ 2 1002 fddi-default act/ unsup 1003 token-ring-default adi! unsup 1004 fddinet-default act! unsup 1005 trnet-detault acl/ unsup On SW-2 Switch (config}i#hostname SW-2 SW-2(config)#interface range f0! 1 - 2 SW-2(config-if-range}#switchport mode acness SW-2(config-if-range}#switchport access vian 10 SN-2{config-if-range}#exit ‘SSW-2{confighiinterface range fO 3 - 4 SN-2(config-if-range}#switchport mode access ‘SW-2(config-if-range)#switchport access vlan 20 SN-2{config-if-range}#end CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom‘SW-2#sh vian VLAN Name NETMETRIC SOLUTIONS. Status Ports 1 default active FaQ/ 5, FaQ/ 6, Fa0/ 7, Fad/ 8 1002 fddi-default 1003 token-ring-default 1004 fddinet-default 1005 trnet-default PC>ipoonfig IP Address... ‘Subnet Mask..... Default Gateway. PC>ping 192.168.1.3 Fa0/ 9, Fa0/ 10, Fa0/ 11, Fad/ 12 Fa0/ 13, FaQ/ 14, Fa0/ 15, Fa0l 16 Fa0/ 17, Fa0/ 18, Fa0/ 19, Fad/ 20 Fai 21, FaQ/ 22, Fa! 23, Fa0! 24 Gigt/ 1, Gig1/ 2 act/ unsup ad! unsup act! unsup act/ unsup 192.168.1.100 Pinging 192.168.1.3 with 32 bytes of data Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.1 Packets: Sent = 4, Receivé PC>ping 192.168.1.2 = 0, Lost = 4 (100% loss), Pinging 192.168.1.2 with 32 bytes of data: Reply from 192.168.1.2: bytes=32 time=13ms TTL=128 Reply from 192.168. 1.2: bytes=32 time=9ms TTL=128 Reply from 192.168.1.2: bytes=32 time=8ms TTL=128 Reply from 192.168.1.2: bytes=32 time=8ms TTL=128 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC Ping statistics for 192.168.1. SOLUTIONS Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds Minimum = 8ms, Maximum = 13ms, Average = 9ms PC>ping 192.168.1.4 Pinging 192.168.1.4 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.1.4: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), SERVER>ipoontig IP Address... 2 192.168.2.1 Subnet Mask. 255.255.255.0 Default Gateway. 192.168.2.100 SERVER>ping 192.168.2.2 Pinging 192,168.22 with 32 bytes of data Reply from 192,168.22: bytes=32 time=17ms TTL=128 Reply from 192,168.22: bytes=32 time=7ms TTL=128 Reply from 192,168.22: bytes=32 time=9ms TTL=128 Reply from 192,168.22: bytes=32 time=8ms TTL=128 Ping statistics for 192.168.22: Packets: Sent = 4, Received = 4, Lost = 0 (0% loss), Approximate round trip times in milli-seconds: Minimum = 7ms, Maximum = 17ms, Average = 10ms SERVER>ping 192.168.23 Pinging 192,168.23 with 22 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. Ping statistics for 192.168.23: 151 Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), SERVER>ping 192.168.24 Pinging 192,168.24 with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 192.168.2.4: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss) NOTE: From the above verification we can see that same vlan users on different switches are not able to communicate To communicate , there should be trunking configured on link between the switches To configure trunking SW-1(config)iinterface fastEthernet 0/ 20 SW-1(config-if}#switchport mode trunk SW-1(config-if}#switchport trunk encapsulation dotiq SW-2(config)#int f0/ 20 SW-2(config-if)#tswitchport mode trunk SW-2(config-if)#switchport trunk encapsulation dotq CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SW-t#sh interfaces trunk SOLUTIONS Port Mode Encapsulation Status —_Nativevian Fa0/20. on — 8021q_—strunking 1 Port Vians allowed on trunk FaQ/ 201-1005 Port Vians allowed and activein management domain Fa0/ 20 1,10,20 Port Viansin spanning tree forwarding state and not pruned Fad/ 20 1,10,20 SW-2#tsh interfaces trunk Port Mode — Encapsulation Satus Native vlan Fo/20 on — 8021q_—strunking 1 Port Viansallowed on trunk Fa0/ 201-1005 Port Vians allowed and active in management domain Fag 20 1,10,20 Port Viansin spanning tree forwarding state and not pruned Fa0/ 20 = 1,10,20 PC>ipconfig IP Address. 2 192.168.1.1 Subnet Mask 255,255,255.0 Default Gateway... 192.168.1.100 PC>ping 192.168.1.3 Pinging 192.168.1.3 with 32 bytes of data: Reply from 192.168.1.3: bytes=32 time=17ms TTL=128 Reply from 192.168.1.3: bytes=32 time=13ms TTL=128 Reply from 192.168.1.3: bytes=32 time=12ms TTL=128 Reply from 192.168.1.3: bytes=32 time=10ms TTL=128 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC PC>ping 192.168.1.4 SOLUTIONS Pinging 192.168.1.4 with 32 bytes of data Reply from 192.168.1.4: bytes=32 time=25ms TTL=128 Reply from 192.168.1.4: bytes=32 time=14ms TTL=128 Reply from 192.168. 1.4: bytes=32 time=12ms TTL=128 Reply from 192.168.1.4: bytes=32 time=13ms TTL=128 SERVER>ipoonfig IP Address. 192.168.2.1 Subnet Mask.... 255,256,255.0 Default Gateway....nnn-«! 192.168.2.100 SERVER>ping 192.168.23 Pinging 192.168.2.3 with 32 bytes of data: Reply from 192.168.2.3: bytes=32 time=13ms TTL=128 Reply from 192.168.2.3: bytes=32 time=12ms TTL=128 Reply from 192.168.2.3: bytes=32 time=13ms TTL=128 Reply from 192.168.2.3: bytes=32 time=13ms TTL=128 SERVER>ping 192,168.24 Pinging 192.168.2.4 with 32 bytes of data Reply from 192.168.24: bytes=32 time=26ms TTL=128 Reply from 192.168.2.4: bytes=32 time=12ms TTL=128 Reply from 192.168.2.4: bytes=32 time=12ms TTL=128 Reply from 192.168.24: bytes=32 time=13ms TTL=128 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. LAB: INTER VLAN-ROUTING using ROUTER i] fe0/0.10 192.168. 3.100 fa0/o.20 192. 168.2. 100 Routera 2.2 4192. 388.L0/24 192,168,2.0/24 Steps: 1) create vian and shift the ports 2) configureon switch faQ/ 20 astrunk port 3) Create sub interfaces on router port fa0/ 0 4) Verify connectivity between vians (ping 192.168.1.1 —-192.1682.1) Task -1 create vian and shift the ports On SW-1 “Switch (config}#hostname SW-1 SW-1(config)#interface range {0 1-2 ‘SW-1(config-if-range#switchport mode access -range}#switchport access vlan 10 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. active Fa0/ 5, Fa0/ 6, Fa0/ 7, Fa0/ Fa0/ 9, Fa0! 10, Fa 11, FaQ/ 12 Fal 13, FaO/ 14, FaO/ 15, FaO/ 16 Fa0/ 17, Fad/ 18, FaQ/ 19, FaQ/ 20 Fa0/ 21, FaO/ 22, FaQ/ 23, FaQ/ 24 Gigt/ 1, Gigt/ 2 WU2 tddi-detault act/ unsup 4003 token-ring-default adi/ unsup 1004 fddinet-default act/ unsup 1005 trnet-default act/ unsup Task-2 configure on switch fa0/20 as trunk port ‘SW-1(config)#interface fastEthernet O/ 20 (interface facing Router ) SW-1(config-if}#switchport mode trunk SN-1(config-if)#switchport trunk encapsulation dot'q Task-3 creating sub interfaces on router SW-1(config)#int fa0/ 0 SW-1(config-if}# no shutdown SW-1(config-if}#t exit CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SW-1(config)#int fa0/ 0.10 SOLIMIONS SW-{(config-sub-if}# encapsulation dot1Q. 10 It should be the exact vian no (vian 10) SW-1(config-sub-if}# ip add 192.168.1.100 255,255.255.0 SW-1(config-sub-if}# exit eg SW-1(configyifint fad 0.20 SW-1(config-sub-if}# encapsulation dottQ. 20 It should be the exact vian no (vian 20) SN-A(config-sub-if}# ip add 192.168.2.100 255.255.255.0 Router#sh ip int brief Interface IP-Address OK?Method Status FastEtherne0/0 unassigned + YESunset up up Task -4 verify connectivity PC>ipoonfig IP Address... 192.168.1.1 ‘Subnet Mask. (255.255.255.0 Default Gateway. .w 192.168.1.100 PC>ping 192.168.21 Pinging 192.168.2.1 with 32 bytes of data: Request timed out. Reply from 192.168.2.1: bytes=32 time=62ms TTL=127 Reply from 192.168.2.1: bytes=32 time=125ms TTI Reply from 192.168.2.1: bytes=32 time=109ms TTI C>tracert 192.168.2.1 Tracing route to 192.168.2.1 over amaximum of 30 hops: 1 47ms 63ms 62ms_ 192.168.1.100 2 109ms 125ms 78ms 192.1682 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC LAB: Implementation of VTP SOLUTIONS 20/20 2960-247 SW a ‘all 24 2960-24TT SwWw3 1) Trunking hasto be enabled ( vtp advertisements are send only on trunk ports) 2) Configure VTP on all switches 3) Create vians on server and verify on client and transparent switch 4) Create vians on transparent switch and verify on dient and server NOTE: Domain name ( case-sensitive) / password / version must match in order for VTP to work SW ish vip status SW1#sh vtp password VTP Password: cisco123 ‘Task -1 Trunking has to be enabled ( vtp advertisements are send only on trunk ports) On SW1 (SERVER) ‘SW-1(config}i#interface fastEthernet O/ 20 SW-1(config-if}#tswitchport mode trunk SW-1(config-if)#switchport trunk encapsulation dotq SW2( TRANSPARENT) To configure trunking ‘SW-2(config)#interface range fastEthernet O/ 20- 21 SW-2config-if}ftswitchport mode trunk ‘SW-2(config-if)#switchport trunk encapsulation dotq CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SW3 (CLIENT) SOLIMIONS SSN-3(confighifinterface fastEthernet O! 21 ‘SW-3(config-if}#switchport mode trunk SN-3(config-if}#switchport trunk encapsulation dot'q ‘SW 1#sh interfaces trunk Port Mode —_ Encapsulation Status Nativevlan ‘Task -2 Configure VTP on all switches swi SSW-1(config)# vip domain CCNP. SN-1(config)# vip password cisco SSW-1(config)# vip mode server SN-A(config)i# vtp version 2 SN-A(config)# exit sw2 SSN-2(config)# vip domain CCNP SN-2{confia)i# vtp password cisco SSN-2{config)i# vip mode transparent SN-2{config)i# vip version 2 ‘SW-2(config)# exit sw3 SW-Xconfig)# vip domain CCNP SW-3(config)# vtp password cisco SW-3config)# vtp version 2 SW-Xconfig)# vip mode dient SW-3(config)# exit SW ish vip status VTP Version 22 Configuration Revision 2 Maximum VLANs supported locally : 255 Number of existing VLANs VTP Pruning Mode : Disabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled CCNA R&S Workbook by Sikandar Gouse Moiuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC MDS digest +: 0x86 0x22 0x83 OxBE 0x23 OxA8 0x06 OxCC. coer Configuration last modified by 0.0.0.0 at 3-1-93 00:07:33 Local updater ID is 0.0.0.0 (no valid interface found 159 SW-1#sh vtp password ‘SW-3#sh vtp status Configuration Revision 2 Maximum VLANs supported locally : 255 Number singh VLANs 5 VTP Pruning Mode : Disabled VTP V2 Mode : Enabled VTP Traps Generation : Disabled MDS digest 1 Ox86 0x22 0x83 OxBE 0x23 OxA8 0x06 OxCC Configuration last modified by 0.0.0.0 at 3-1-93 00:07 ‘SW-2#sh interfaces trunk Port Mode Encapsulation Status Native vian Fa20 on 8021q_— trunking 1 Fa0/ 21 on 802.1q trunking = 4 ‘SW-3sh interfaces trunk Port Mode Encapsulation Satus — Nativevian Task -3 Create vians on server and verify on dient and transparent switch swi Conf t SW-1(config)# vlan 10 SW-1(config)# vian 20 SN-A(config)i# vlan 30 SW-1(config)# vlan 40 SW-1(config-vlan)# name sales SW-1(configy#vlan 50 SW-1(config-vlan)#name marketing end Rt#sh vian VLAN Name Status Ports CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. active FaQ/ 1, FaQ/ 2, Fal 3, FaQ/ 4 Fa0/ 5, Fa0/ 6, Fa0/ 7, Fa0/ 8 Fa0/ 9, FaQ/ 10, FaO/ 11, Fa0/ 12 Fa0/ 13, FaQ/ 14, Fad’ 15, Fa0! 16 Fa0/ 17, FaO/ 18, Fa0/ 19, Fa0/ 21 FaQ/ 22, Fa0/ 23, Fal 24, Gigi! 1 Gigt/ 2 1002 fddi-default ad/ unsup 1003 token-ring-default act/ unsup 1004 fddinet-default act/ unsup 1008 trnet-default ad/ unsup ‘Sw-3i#sh vian VLAN Name Status Ports 1 default active FaQ/ 1, FaQ/ 2, Fa0/ 3, Fa0/ 4 Fa0/ 5, Fa0/ 6, FaQ/ 7, Fad’ 8 Fal 9, Fall 10, Fal’ 11, Fal) 12 Fa0/ 13, FaO/ 14, Fa0/ 15, Fa0/ 16 Fa0/ 17, Fa0/ 18, Fa0/ 19, Fa0/ 20 Fai 22, FaQ/ 23, Fa! 24, Gigtl 1 Gigt/ 2 ‘SW-2#sh vian VLAN Name Status Ports 1 default active Fa0/ 1, Fa0/ 2, Fa0/ 3, Fa0/ 4 Fa0/ 5, Fa0/ 6, Fa0! 7, FaQ! 8 Fa0/ 9, Fa0/ 10, Fa! 11, Fads 12 Fa0/ 13, Fa0/ 14, Fa0/ 15, Fa0l 16 Fa0/ 17, FaQ/ 18, Fa0/ 19, Fad! 22 Fa0/ 23, FaO/ 24, Gig1/ 1, Gigt/ 2 1002 fddi-default adt/ unsup CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC 1003 token-ring-default act! unsup SOLIMIONS 1004 fddinet-default act/ unsup 1005 trnet-default act/ unsup 161 NOTE: You don’t see any vian on the Transparent switch as the Transparent switch will not synchronize the vian information Task -4 Create vians on transparent switch and verify on dient and server Sw-2(config)i#vlan 100 Sw-2(config-vian)#vlan 200 Sw-2(config-vian)#vlan 300 Sw-2{(config-vian)#end SW2#sh vian VLAN Name Status Ports active FaQ/ 1, FaQ/ 2, Fa0/ 3, Fa0/ 4 Fa0/ 5, Fa0/ 6, Fa0! 7, Fa0/ 8 Fa0/ 9, Fa0/ 10, FaO! 11, Fad/ 12 Fa0/ 13, FaQ/ 14, Fa0/ 15, Fa0l 16 Fa0/ 17, FaO/ 18, Fa0/ 19, FaQ/ 22 Fal 23, Fat 24 1002 fddi-default act/ unsup ‘Swish vlan VLAN Name Status Ports 1 default active FaQ/ 1, FaQ/ 2, Fal 3, Fa 4 Fa0/ 5, FaQ/ 6, Fa0/ 7, Fad/ 8 Fa0/ 9, FaQ/ 10, FaO/ 11, Fa0/ 12 FaQ/ 13, Fa/ 14, Fa0’ 15, FaQ! 16 Fa0/ 17, Fa0/ 18, FaO/ 19, Fa0/ 21 Fa0/ 22, FaO/ 23, Fad! 24, Gigt/ 1 Gig 2 10 VLANOO010 active 20 VLANO0020 active 30 VLAN0030 active 40 VLANO040 active 1002 fddi-default ad! unsup 1003 token-ring-default act/ unsup CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 1004 fddinet-default act/ unsup 1005 trnet-default act/ unsup 3 ‘SW3 # sh vian VLAN Name Status Ports 1 default active Fa0/ 1, FaQ! 2, FaQ/ 3, Fad! 4 Fa0/ 5, Fa( 6, Fa0/ 7, Fa0/ 8 Fa0/ 9, FaQ/ 10, Fa0! 11, FaQ! 12 Fa0/ 13, Fa0/ 14, Fa! 15, Fa0l 16 Fa0/ 17, Fa0/ 18, Fa0/ 19, Fa0/ 21 Fa0/ 22, Fa0/ 23, Fa0/ 24, Gigi 1 Gigt/ 2 10 VLANOO10 active 20 VLAN0020 active 30 VLANO030 active 40 VLANOO40 active 1002 fddi-default act/ unsup 1003 token-ring-default adi! unsup 1004 fddinet-default act! unsup 1005 trnet-default act! unsup NOTE: You don't see any vian’s which wascreated on the Transparent switch asthe Transparent switch will not synchronizethe vian information with others CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 163 IPV6 Address Types: UNICAST 41) Global unicast like public IP (routable) , 2000: and 2001:: 2) site local ( unique local) likeprivateip (routable) ,FCOO: , FD00:: 3) link local default IPV6 address on every ipvé enabled interface (non routable) — FE80:: MULTICAST starts with FFOO: ANY CAST similar to multicast , identify multiple interfaces but sends to only one whichever it finds first. the above ( site local and Global unicast addresses can be used as anycast Assigning the IPV6 address 1) Satic 2) Autoconfiguration a, Statefull ( via DHCP) b. Stateless (device gets IP IPv6 add by induding the MAC add ) CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. 164 fa0/0 opO:1:11:11::1/64 TASK -1 Configure IPv6 address according to scenario diagram R1 hostname R1 int faO/ 0 ipv6 address fc00:11:11:11::1/ 64 no shutdown ints/ 0. ipv6 address 2001:12:12:12:1/ 64 no shutdown lock rate 64000 Rt#sh ipv6 int brief FastEtherneo/0 ——[up/ up] FE80::2D0;FFFF:FED3:1701 FastEthernet0/ 1 [administratively down/ down] so [down/ down] FE80::207:ECFF:FEC3:501 R2 hostname 222 int fad! 0 ipv6 address fc00:22:2222::1/ 64 no shutdown int s¥/ 0 ipv6 address 2001:12:12:12::2/ 64 CCNA R&S Workbook by Sikandar Gouse Moluuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC no shutdown SOLUTIONS lock rate 64000 222#sh ipv6 int brief FastEtheme0/0 ——_[up/ up] FC00:22:22:22::2 FastEthee0/ 1 [administratively down/ down] si/o [up/ up] 2001:12:12:12::2 CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All conten are copyright @.2010 2012 AU rights reserve sikandarbaaadshahva gmailcomNETMETRIC PASSWORD REVERTING on CISCO ROUTERS: SOLUTIONS Ns . console connection open hyperterminal window power on the router |. press CTRL+ SHIFT + BREAK to enter in to Rommon mode Modular routers Rommon‘> confreg 0x2142 Rommon2> reset Or on fixed routers > ofr Ox2142 >i Now the router boots without any passwords and enters in to setup mode .Skip setup mode with NO command. Router>enable Router #oopy startup-config running-config (very imp if u dont want to loose the omfigsin the NVRAM ) Router #oonfig terminal Change the passwords (overwrite with new passwords) Router (config)# config-register 0x2102 Router (config)# end Router #write Router #reload After reloading check for configurations are same and you are able to login with new passwords. CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcomNETMETRIC SOLUTIONS. BACKUP OF IOS: # copy flash tftp RESTORE or UPGRADE IOS # copy TFTP Flash BACKUP OF CONFIGS # copy startup-config TFTP RESTORE CONFIGS # copy TFTP running-config CONFIGURING IP ADDRESS and TFTP for a router which has no 10S in flash in order to load 10S from PC tftpdnid IP_address = 192.168.1.100 ip_subnet_mask = 255.255,255.0 default_gateway = 192 168.1.100 tftp_server = 192.168.1.1 tftp_file= tftpdnid reset CCNA R&S Workbook by Sikandar Gouse Motuuddin CCIE (R&S, SP) #35012 All contents are copyright 2010 2012 All rights reserved. sikandarbaaadshahva gmailcom