A Summer Training Report networking
57
A SUMMER TRAINING REPORT ON “COMPUTER NETWORKING” SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOT THE AWARD OF THE DEGREE Of BACHELOR OF TECHNOLOGY IN INFORMATON TECHNOLOGY Submitted To: Submitted By: N.P. Shrivastava Mudit Singh (HOD IT Branch) (11EMTIT016)
-
Upload
muditsinghchoudhary -
Category
Documents
-
view
26 -
download
2
description
report about networking and hardware
Transcript of A Summer Training Report networking
A
SUMMER TRAINING REPORT
ON
“COMPUTER NETWORKING”
SUBMITTED IN PARTIAL FULFILLMENT OF THE REQUIREMENT FOT THE AWARD OF THE DEGREE
Of
BACHELOR OF TECHNOLOGY
IN
INFORMATON TECHNOLOGY
Submitted To: Submitted By:
N.P. Shrivastava Mudit Singh
(HOD IT Branch) (11EMTIT016)
JAIPUR (2011-2015)
CERTIFICATE
This is to certify that the Summer Training Report work on
“Computer Networking” submitted by MUDIT SINGH of
final year B. Tech in the year 2014 of Information Technology
department of this institute is a satisfactory account of his
Project work based on syllabus which is approved for the award
of degree of Bachelor of Technology in Specialization.
Under Guidance of: Prepared By:Mr. Mukesh Gocher Mudit SinghState Data Centre B. Tech 4th year(HCL Info System Limited Jaipur) (Information Technology)
MAIET, JAIPUR
TABLE OF CONTENT
1. Introduction to computer Networking Definition Requirement of Networking
2. Types of Networks LAN (Local Area Network) WAN (Wide Area Network)
3. Network Models OSI Model
4. Cables Twisted Cable Coaxial Cable Fiber Optic
5. Networking Devices Network Interface Card Bridges Hub Switch Router
6. IP Addressing Introduction Private IP Masking Subnetting Example
7. Router Internal Components Network Interfaces Configuring Configuring using Console Routing Protocols RIP IGRP Access List
8. Firewall
Introduction Technologies Configuring
INTRODUCTION TO NETWORKING
Definition:-
A network is a system that transmits any combination of voice, video and/or data between users. A network can be defined by its geographical dimensions and by which the user’s PC access it. A network consists of a:
The network operating system (Windows NT/2000 TM/XP) on the user’s PC (client) and server.
The cables connecting all network devices (user ‘pc, server, peripherals, etc.) All supporting network components (hubs, routers and switches, etc.).
Computer Network means an interconnected collection of autonomous computers
Requirement of Networking
Resource sharing
To make a l l p rog rams , equ ipmen t , and e spec i a l l y da t a available to anyone on the network without regard to the physical location of their source and the user.
High reliability
As all files could be replicated on two or three machines, so if one of them is unavailable (due to hardware failure), the other copies could be used.
Scalability
It is the ability to increase system performance gradually as the work load grows just by adding more processors .A computer network can provide a powerful communication medium along widely separated employees. The use of networks to enhance human-to-human communication will probably prove more important than technical goals such as improved reliability. These are the requirement with respect to companies but computer networking is required even in the normal day to day life as we have to access the internet to get information about what all, new happening in the world, to have communication with people staying far away using the mail service. These are the reasons that forced the inventors to invent the networking devices, models and protocols etc. And theBirth of Networking took place in 1844 when the first time Samuel Morse send the first telegraph message.
TYPES OF NETWORKS
LAN (LOCAL AREA NETWORK)
These are privately owned networks within a single building or campus of up to a few a kilometers in size. LAN’s are distinguished from other networks by three characteristics:
1) Their size.2) Their transmission technology.3) Their topology. LAN’s are restricted in size, which means that the worst-case
transmission time is bounded and known in advance. LAN’s often use a transmission technology consisting of a single cable to which all the machines are attached. LANs run at speeds of 10 to 100 Mbps, have low delays, and make very few errors.
LAN SETUP
IEEE has produced several standards for LANs. These standards collectively known as IEEE 802 .IEEE802.3 (Ethernet), IEEE802.4 (Token Bus), IEEE802.5 (Token Ring)
WAN (WIDE AREA NETWORK)
It is a Computer network that spans a relatively large geographical area, often a coun t ry o r con t i nen t . Typ i ca l l y a WAN cons i s t s o f two o r more Loca l Area Network. Computers connected to WAN are often connected through public networks such as telephone systems. They can also be connected through leased lines or satellites. The largest WAN in existence is Internet. WANs run at speed of maximum 2 to 10 Mbps.
WAN SETUP
For most WANs, the long distance bandwidth is relatively slow: on the order of kilobits per second (kbps) as opposed to megabits per second (Mbps) for l oca l - a r ea ne tworks (LANs) . Fo r example , an E the rne t LAN has a 10 Mbps bandwidth; a WAN using part or all of a T1 carrier has a bandwidth of 1.544Mbps .Three types of approaches are used to connect WANs:
1) Circuit switching, which provides a fixed connection (at least for the duration of a call or session), so that each packet takes the same path. Examples of this approach include ISDN, Switched 56, and Switched T1.
2) Packet switching, which establishes connections during the transmission process so that different packets from the same transmission may take different routes and may arrive out of sequence at the destination. Examples of this approach are X.25, frame relay, and ATM.
3) Leased lines, which can provide a dedicated connection for private use
NETWORK MODELS
OSI NETWORK MODEL
The Open Systems Interconnect (OSI) model has seven layers. This article describes and
explains them, beginning with the ‘lowest’ in the hierarchy (the physical) and proceeding to
the ‘highest’ (the application). The layers are stacked this way:
PHYSICAL LAYER
The physical layer, the lowest layer of the OSI model, is concerned with the transmission and
reception of the unstructured raw bit stream over a physical medium. It describes the
electrical/optical, mechanical, and functional interfaces to the physical medium, and carries the signals for all of the higher layers. It provides:
Data encoding: modifies the simple digital signal pattern (1s and 0s) used by the PC to better
accommodate the characteristics of the physical medium, and to aid in bit and frame synchronization. It determines: What signal state represents a binary 1 How the receiving station knows when a “bit-time” starts How the receiving station delimits a frame
Physical medium attachment, accommodating various possibilities in the medium: Will an external transceiver (MAU) be used to connect to the medium? How many pins do the connectors have and what is each pin used for?
Transmission technique: determines whether the encoded bits will be transmitted by
baseband (digital) or broadband (analog) signaling. Physical medium transmission: transmits bits as electrical or optical signals appropriate for
the physical medium, and determines: What physical medium options can be used How many volts/db should be used to represent a given signal state, using a given
physical medium
DATA LINK LAYER
The data link layer provides error-free transfer of data frames from one node to another over the
physical layer, allowing layers above it to assume virtually error-free transmission over the link.
To do this, the data link layer provides:
Link establishment and termination: establishes and terminates the logical link between two nodes.
Frame traffic control: tells the transmitting node to “back-off” when no frame buffers are available.
Frame sequencing: transmits/receives frames sequentially. Frame acknowledgment: provides/expects frame acknowledgments.
Detects and recovers from errors that occur in the physical layer by retransmitting non-acknowledged frames and handling duplicate frame receipt.
Frame delimiting: creates and recognizes frame boundaries. Frame error checking: checks received frames for integrity. Media access management: determines when the node “has the right” to use the physical
medium.
NETWORK LAYER
The network layer controls the operation of the subnet, deciding which physical path the data
should take based on network conditions, priority of service, and other factors. It provides:
Routing: routes frames among networks. Subnet traffic control: routers (network layer intermediate systems) can instruct a sending
station to “throttle back” its frame transmission when the router’s buffer fills up. Frame fragmentation: if it determines that a downstream router’s maximum transmission unit
(MTU) size is less than the frame size, a router can fragment a frame for transmission and re-
assembly at the destination station. Logical-physical address mapping: translates logical addresses, or names, into physical
addresses. Subnet usage accounting: has accounting functions to keep track of frames forwarded by
subnet intermediate systems, to produce billing information.
Communications Subnet
The network layer software must build headers so that the network layer software residing in the subnet intermediate systems can recognize them and use them to route data to the destination address.
This layer relieves the upper layers of the need to know anything about the data transmission and intermediate switching technologies used to connect systems. It establishes, maintains and terminates connections across the intervening communications facility (one or several intermediate systems in the communication subnet).
In the network layer and the layers below, peer protocols exist between a node and its immediate neighbor, but the neighbor may be a node through which data is routed, not the destination station. The source and destination stations may be separated by many intermediate systems.
TRANSPORT LAYER
The transport layer ensures that messages are delivered error-free, in sequence, and with no
losses or duplications. It relieves the higher layer protocols from any concern with the
transfer of data between them and their peers.
The size and complexity of a transport protocol depends on the type of service it can get
from the network layer. For a reliable network layer with virtual circuit capability, a minimal
transport layer is required. If the network layer is unreliable and/or only supports datagrams,
the transport protocol should include extensive error detection and recovery.
The transport layer provides:
Message segmentation: accepts a message from the (session) layer above it, splits the
message into smaller units (if not already small enough), and passes the smaller units down
to the network layer. The transport layer at the destination station reassembles the message. Message acknowledgment: provides reliable end-to-end message delivery with
acknowledgments. Message traffic control: tells the transmitting station to “back-off” when no message buffers
are available. Session multiplexing: multiplexes several message streams, or sessions onto one logical link
and keeps track of which messages belong to which sessions (see session layer).
Typically, the transport layer can accept relatively large messages, but there are strict
message size limits imposed by the network (or lower) layer. Consequently, the transport
layer must break up the messages into smaller units, or frames, prepending a header to each frame.
The transport layer header information must then include control information, such as
message start and message end flags, to enable the transport layer on the other end to
recognize message boundaries. In addition, if the lower layers do not maintain sequence, the
transport header must contain sequence information to enable the transport layer on the
receiving end to get the pieces back together in the right order before handing the received
message up to the layer above.
SESSION LAYER
The session layer allows session establishment between processes running on different stations. It provides:
Session establishment, maintenance and termination: allows two application processes on
different machines to establish, use and terminate a connection, called a session. Session support: performs the functions that allow these processes to communicate over the
network, performing security, name recognition, logging, and so on.
PRESENTATION LAYER
The presentation layer formats the data to be presented to the application layer. It can be
viewed as the translator for the network. This layer may translate data from a format used by
the application layer into a common format at the sending station, then translate the common
format to a format known to the application layer at the receiving station.
The presentation layer provides:
Character code translation: for example, ASCII to EBCDIC. Data conversion: bit order, CR-CR/LF, integer-floating point, and so on. Data compression: reduces the number of bits that need to be transmitted on the network. Data encryption: encrypt data for security purposes. For example, password encryption.
APPLICATION LAYER
The application layer serves as the window for users and application processes to access
network services. This layer contains a variety of commonly needed functions:
Resource sharing and device redirection Remote file access Remote printer access Inter-process communication Network management Directory services Electronic messaging (such as mail) Network virtual terminals
OSI LAYER PACKET ENCAPSULATION
OSI LAYER DATA FLOW
Some Terminologies with Networking Models
Collision Domain:-
I t i s t he g roup o f PC’s i n wh ich co l l i s i on w i l l occu r when two PC will transmit data simultaneously.
Broadcast Domain:-
I t i s t h e g r o u p o f P C ’ s t h o s e w i l l r e c e i v e s a m e broadcast message.
CSMA/CD (Carrier Sense Multiple Access/ Collision Detection):-
- In this protocol when a PC wants to transmit any packet it sense the carrier i.e. the path, if no other PC is using the carrier then only it sends. If two PCs starts sending data simultaneously collision will occur. Both PCs will wait for some random time and then initiate the same process.
MAC:-
- (Media Access Control). The IEEE 802.3 (Ethernet) and802.5 (Token Ring) are the MAC sub layers of these two LAN data-link protocols.
Burned-in address:-
- The 6 -by t e add re s s a s s i gned by t he vendor making the card. It is usually burned in to a ROM or EEPROM on the LAN ca rd and beg in s w i th a 3 -by t e o rgan i za t i ona l l y un ique identifier (OUI) assigned by the IEEE.
Locally administered address:-
- Through configuration, an address that is used instead of the burned-in address.
Unicast address:-
- Fancy t e rm fo r a MAC tha t r ep re sen t s a single LAN interface.
PASSIVE COMPONENTS
Passive components are those devices which are used to provide connectivity between different networking devices. It includes
- Cables- Patch Panel- Patch Cord- I/O box- Racks- RJ-45 Connectors
CABLES
There are different Cabling options depending on the access method:
Twisted pair - The wires are twisted around each other to minimize interference from other twisted pairs in the cable.
Twisted pair cables are available unshielded (UTP) or shielded (STP). UTP is the most common type and uses RJ-45 Connector .Typical lengths are up to 100m.Twisted pair network uses a star topology.
Coaxial- Coaxial cable uses BNC connectors. The maximum cable lengths are around 500m.Coaxial networks
use a single bus topology
Fiber Optic
- UTP and Co-axial cables are not capable for driving the data signals for long distance i.e. UTP is capable of transmitting up to a distance 100 meters only By using the Fiber cables it is possible to send the data about 10 kilometers. Fiber optic cable uses SC, ST,
LC connectors (most common in use is SC connector). In fiber cables the data is converted to light signals and the signal is made to propagate through the fiber cable. There are two types of Fiber optic cable available.
1) S ing l e mode : I n t h i s mode t yp i ca l l eng th i s up t o 12km and da t a r a t e i s 1000Mbps. The core diameter is about 9.25 nm cable is known as 1000 base LX cable.
2) Multi-mode: This mode is further categorized in two:I. SX: Typical length is up to 500m and data rate is 1000Mbps
II. FX: Typical length is up to 220m and data rate is 100Mbps.
PATCH PANE
A patch panel provides a convenient place to terminate (connect) all of the cable coming from different locations into the wiring closet. We connect the cables coming from various locations willing to connect to switch through the patch panel.
NEED OF PATCH PANEL
We can label the patch panel so we know that which wire belongs to which location. Without a patch panel, it is chaotic .If we want to disconnect a station from the switch, it's a lot easier if there's a label. Most cabling is wired "straight-through" from end to end. But sometimes we need to cross-wire some of the pairs between switch and station, like with a cable modem, or cross-wire to connect two switches. With a patch panel, all of this cross-wiring is done in the patch cable. If you have to make any changes, like moving a station or switch, you just move the patch cable with it, instead of having to reterminate the cable run.
PATCH CORDRACK
PATCH CORDWe have to mount the patch panel somehow. The best way is to buy a rack. Basically, a rack is a pair of vertical rails with holes drilled in them so that we can mount patch panels, hubs, and other network equipment.This made it easy to access the back of the patch panel and other networking components.
PATCH CORD RACK
Cabling Guidelines
The RJ-45 ports on the switch support automatic MDI/MDI-X operation, so we can use standard straight-through twisted-pair cables to connect to any other network device (PCs, servers, switches, routers, or hubs).We use only twisted-pair cables with RJ-45 connectors that conform to FCC standards .Connecting to PCs, Servers, Hubs and Switches
1) Attach one end of a twisted-pair cable segment to the device’s RJ-45connector.Making Twisted-Pair Connections
2) The port where we are connecting the RJ-45 is a network card, attach the other end of the cable segment to a modular wall outlet that is connected to the wiring closet. Otherwise, attach the other end to an available portion the switch. Make sure each twisted pair cable does not exceed 100 meters (328 ft.) in length.
Wiring Closet Connections
Today, the punch-down block is an integral part of many of the newer equipment tracks. It is actually part of the patch panel. Instructions for making connections in the wiring closet with this type of equipment follow.
Attach one end of a patch cable to an available port on the switch, and the other end to the patch panel.
If not already in place, attach one end of a cable segment to the back of the patch panel where the punch-down block is located, and the other end to a modular wall outlet.
Label the cables to simplify future troubleshooting.
NETWORKING DEVICES
Networking hardware or networking equipment typically refers to devices facilitating the use of a computer network. Typically, this includes gateways, routers, network bridges, switches, hubs, and repeaters. Also, hybrid network devices such as multilayer switches, protocol converters and bridge routers. And, proxy servers, firewalls and network address translators. Also, multiplexers, network interface controllers, wireless network interface controllers, modems, ISDN terminal adapters and line drivers. And, wireless access points, networking cables and other related hardware.
Computer networking devices are units that mediate data in a computer network. Computer networking devices are also called network equipment, Intermediate Systems (IS) or Interworking Unit (IWU) Units which are the last receiver or generate data are called hosts or data terminal equipment.
The most common kind of networking hardware today is copper-based Ethernet adapters, helped largely by its standard inclusion on most modern computer systems. Wireless networking has become increasingly popular, however, especially for portable and handheld devices.
NETWORK DEVICES
Other hardware prevalent within computer networking is datacenter equipment (such as file servers, database servers and storage areas), network services (such as DNS, DHCP, email etc.) as well as other specific network devices such as content delivery.
Other diverse devices which may be considered networking hardware include mobile phones, PDAs and even modern coffee machines. As technology grows and IP-based networks are integrated into building infrastructure and household utilities, network hardware becomes an ambiguous statement owing to the increasing number of "network capable" endpoints.
NETWORK INTERFACE CARD
A network interface controller (also known as a network interface card, network adapter, LAN adapter and by similar terms) is a computer hardware component that connects a computer to a computer network.
Early network interface controllers were commonly implemented on expansion cards that plug into a computer bus; the low cost and ubiquity of the Ethernet standard means that most newer computers have a network interface built into the motherboard.
Purpose
The network controller implements the electronic circuitry required to communicate using a specific physical layer and data link layer standard such as Ethernet, Wi-Fi, or Token Ring. This provides a base for a full network protocol stack, allowing communication among small groups of computers on the same LAN and large-scale network communications through routable protocols, such as IP.
Madge 4/16 Mbit/s Token Ring ISA-16 NIC
Although other network technologies exist (e.g. token ring), Ethernet has achieved near-ubiquity since the mid-1990s.
Every Ethernet network controller has a unique 48-bit serial number called a MAC address, which is stored in read-only memory. Every computer on an Ethernet network must have at least one controller. Normally it is safe to assume that no two network controllers will share the same address, because controller vendors purchase blocks of addresses from the Institute of Electrical and Electronics Engineers (IEEE) and assign a unique address to each controller at the time of manufacture.
The NIC allows computers to communicate over a computer network. It is both an OSI layer 1 (physical layer) and layer 2 (data link layer) device, as it provides physical access to a networking medium and provides a low-level addressing system through the use of MAC addresses. It allows users to connect to each other either by using cables or wirelessly.
Bridges
Bridges are used to divide larger networks into smaller sections. They do thisBy sitting between two physical network segments and managing the flow ofData between the two. By looking at the MAC address of the devices connectedTo each segment, bridges can elect to forward the data (if they believeThat the destination address is on another interface), or block it from crossing(If they can verify that it is on the interface from which it came).
HUB
A common connection point for devices in a network. Hubs are commonly used to connect segments of a LAN. A hub contains multiple ports. When a packet arrives at one port, it is
copied to the other ports so that all segments of the LAN can see all packets.
A passive hub serves simply as a conduit for the data, enabling it to go from one device (or segment) to another. So-called intelligent hubs include an additional feature that enables an administrator to monitor the traffic passing through the hub and to configure each port in the hub. Intelligent hubs are also called manageable hubs.
Hub in network
A third type of hub, called a switching hub, actually reads the destination address of each packet and then forwards the packet to the correct port.
SWITCH
A network switch is a small hardware device that joins multiple computers together within one local area network (LAN). Technically, network switches operate at layer two (Data Link Layer) of the OSI model.
Network switches appear nearly identical to network hubs, but a switch generally contains more intelligence (and a slightly higher price tag) than a hub. Unlike hubs, network switches are capable of inspecting data packets as they are received, determining the source and destination device of each packet, and forwarding them appropriately. By delivering messages only to the connected device intended, a network switch conserves network bandwidth and offers generally better performance than a hub.
As with hubs, Ethernet implementations of network switches are the most common. Mainstream Ethernet network switches support either 10/100 Mbps Fast Ethernet or Gigabit Ethernet (10/100/1000) standards.
Different models of network switches support differing numbers of connected devices. Most consumer-grade network switches provide either four or eight connections for Ethernet devices. Switches can be connected to each other, a so-called daisy chaining method to add progressively larger number of devices to a LAN.
Router
A hardware device designed to take incoming packets, analyzing the packets and then directing them to the appropriate locations, moving the packets to another network, converting the packets to be moved across a different network interface, dropping the packets, or performing any other number of other actions. In the picture to the right, is a Linksys BEFSR11 router and is what most home routers look like.
A router has a lot more capabilities than other network devices such as a hub or a switch that are only able to perform basic network functions. For example, a hub is often used to transfer data between computers or network devices, but does not analyze or do anything with the data it is transferring. Routers however can analyze the data being sent over a network, change how it is packaged and send it to another network or over a different network. For example, routers are commonly used in home networks to share a single Internet connection with multiple computers.
In the above example of a home network there are two different examples of a router, the router and the wireless router. As can be seen in the example the router is what allows all the computers and other network devices access the Internet. Below are some additional examples of different types of routers used in a large network.
IP ADDRESSING:
Every machine on the internet has a unique identifying number, called an IP Address. A typical; IP address looks like this: 216.27.61.45IP ADDRESS is a 32-bit number, usually written in dotted decimal form that uniquely identifies an interface of some computer. This 32-bit number is divided into 4 octets each separated by a decimal. Out so many values certain values are restricted for use as typical IP address. For example, the IP address 0.0.0.0is reserved for the default network and the address 255.255.255.255is used for broadcast. Each IP address is split into 2 sections:
1 ) N e t w o r k a d d r e s s2 ) H o s t a d d r e s s
Individual IP address in same network all have a different value in the host part of address, but they have identical value in network part, just as in town there are different street address but same ZIP code. There are five IP classes:
Class A
- This class is for very large networks, such as a major international company. IP addresses with a first octet from 1 to 126 are part of this class. The other three octets are each used to identify each host.NET NET OR HOST54 24.54.43
Loopback - The IP address 127.0.0.1 is used as the loopback address. This means that it is
used by the host computer to send a message back to itself. It is commonly used for troubleshooting and network testing.
Class B- Class B is used for medium-sized networks. A good example is a large college campus.
IP addresses with a first octet from 128 to191 are part of this c l a s s . C l a s s B add re s se s a l so i nc lude t he s econd oc t e t a s pa r t o f t he Ne t identifier. The other two octets are used to identify each host.
NET NET OR HOST145.24 53.198
Class C
- Class C addresses are commonly used for small to mid-size business. IP addresses with a first octet from192 to 223 are part of this class. Class C addresses also include the second and third octets as part of Net identifier. The last octet is used to identify each host.NET NET OR HOST196.54.34 86
Class D
- It is used for multicast. It has first bit value of 1, second bit value of 1, third bit value of 1 and fourth bit value of 0. The other 28 bits are used to identify the group of computers the multicast messages is intended for.NET NET OR HOST224 24.54.145
Class E
- It is used for experimental purpose only.
NET NET OR HOST240 23.45.105
Private IP- It is not necessary that every time we make a network we are connected to some ISP (Internet Service
Provider). So in that case we require some private IP also w h i c h c a n b e u s e d i n i n d i g e n o u s n e t w o r k s . I n e a c h c l a s s a r a n g e o f I P addresses have been defined for this purpose
- CLASS A 10.0.0.1 to 10.255.255.244- CLASS B 172.16.0.1 to 172.34.255.254- CLASS C 192.168.0.0/16
MASKING Computers use a mask to define size of network and host part of an address.
Mask is a 32-bit number written in dotted decimal form. It provides us the network address when we perform a Boolean AND of mask with the IP address. It also define number of host bits in an address. Class of address Size of network Part of address ,in bits Size of Host Part of address ,in bits Default Mask for Each Class of Network
Class of address Size of network part of address, in bits
Size of hosts part of address, in bits
Default Mask for each class of Network
A 8 24 255.0.0.0B 16 16 255.255.0.0C 24 8 255.255.255.0
SUBNETTING
Basically it is a process of subdividing networks into smaller subnets. In case we have 2-3 small networks but we cant buy IP address for each and every network. So here we use the basic concept of SUBNETTING i.e. using one public IP address we will give them IP address and make them independent networks. For this we take some bits of host address and use them for network address so we have different independent networks Address Format when Subnetting Is Used (class A,B,C resp.):
Class A8 24-x x
Network Subnet Host Class B
16 16-x x
Network Subnet Host Class C
24 8-x xNetwork Subnet Host
And due to this mask changes to subnet mask and now the network address also includes subnet address.
Example If subnet mask is 255.255.240.0And an IP address for a computer is given as 142.16.52.4142.16.0.0 is network address0.0.48.0 is the subnet address0.0.4.4 is the host address of the computer 10001110.00010000.00110100.00000100 is ANDed with11111111.11111111.11110000.00000000and output is 10001110.00010000.00110000.00000000here first two octets represents Network address and third octet represents subnet address. It can be compared with a postal address as there is only one ZIP code (Network address), different streets (Subnet address), and different house number (Host address).
ROUTER
A router is a special type of computer. It has the same basic components as a standard desktop PC. It has a CPU, memory, a system bus, and various input/output interfaces. However, routers are designed to perform some very specific functions that are not typically performed by desktop computers. For example, routers connect and allow communication between two networks and determine the best path for data to travel through the connected networks.
Just as computers need operating systems to run software applications, routers need the Internetwork Operating System software (IOS) to run configuration files. These configuration files contain the instructions and parameters that control the flow of traffic in and out of the routers. Specifically, by using routing protocols, routers make decisions regarding the best path for packets. The configuration file specifies all the information for the correct set up and use of the selected, or enabled, routing and routed protocols on the router.
This course will demonstrate how to build configuration files from the IOS commands in order to get the router to perform many essential network functions. The router configuration file may at first glance appear complex, but it will seem much less so by the end of the course.
The main internal components of the router are random access memory (RAM), nonvolatile random-access memory (NVRAM), flash memory, read-only memory (ROM), and interfaces.
RAM, also called dynamic RAM (DRAM), has the following characteristics and functions:
Stores routing tables Holds ARP cache Holds fast-switching cache Performs packet buffering (shared RAM) Maintains packet-hold queues Provides temporary memory for the configuration file of the router while the router is
powered on Loses content when router is powered down or restarted
NVRAM has the following characteristics and functions:
Provides storage for the startup configuration file Retains content when router is powered down or restarted
Flash memory has the following characteristics and functions:
Holds the operating system image (IOS) Allows software to be updated without removing and replacing chips on the processor Retains content when router is powered down or restarted Can store multiple versions of IOS software Is a type of electronically erasable, programmable ROM (EEPROM)
Read-only memory (ROM) has the following characteristics and functions:
Maintains instructions for power-on self-test (POST) diagnostics Stores bootstrap program and basic operating system software Requires replacing pluggable chips on the motherboard for software upgrades
Interfaces have the following characteristics and functions:
Connect router to network for frame entry and exit Can be on the motherboard or on a separate module
SEGMENTATION WITH ROUTER
While a router can be used to segment LANs, its major use is as a WAN device. Routers have both LAN and WAN interfaces. In fact, WAN technologies are frequently used to connect routers and these routers communicate with each other by WAN connections. Routers are the backbone devices of large intranets and of the Internet. They operate at Layer 3 of the OSI model, making decisions based on network addresses. The two main functions of a router are the selection of best path for and the switching of frames to the proper interface. Routers accomplish this by building routing tables and exchanging network information with other routers.
An administrator can maintain routing tables by configuring static routes, but generally routing tables are maintained dynamically through the use of a routing protocol that exchanges network topology (path) information with other routers.
If, for example, computer (x) needs to communicate with computer (y) on one side of the world, and with computer (z) in another distant location, a routing feature for information flow is required as well as redundant paths for reliability. Many network design decisions and technologies can be traced to this desire for computers x, y, and z to be able to communicate.
A correctly configured internetwork provides the following:
Consistent end-to-end addressing Addresses that represent network topologies Best path selection Dynamic or static routing Switching
MANAGEMENT PORT CONNECTIONSThe console port and the auxiliary (AUX) port are management ports. These asynchronous serial ports are not designed as networking ports. One of these two ports is required for the initial configuration of the router. The console port is recommended for this initial configuration. Not all routers have an auxiliary port.
When the router is first put into service, there are no networking parameters configured. Therefore the router cannot communicate with any network. To prepare for initial startup and configuration, attach an RS-232 ASCII terminal, or a computer emulating an ASCII terminal, to the system console port. Then configuration commands can be entered to set up the router.
Once this initial configuration is entered into the router through the console or auxiliary port, the router can then be connected to the network for troubleshooting or monitoring.
The router can also be configured from a remote location by dialing to a modem connected
to the console or auxiliary port on the router.
The console port is also preferred over the auxiliary port for troubleshooting. This is because it displays router startup, debugging, and error messages by default. The console port can also be
Used when the networking services have not been started or have failed. Therefore, the console port can be used for disaster and password recovery procedures.
ROUTER CONFIG. COMMAND
Requirement Cisco Command
Set a console password to cisco
Router(config)#line con 0Router(config-line)#loginRouter(config-line)#password cisco
Set a telnet password Router(config)#line vty 0 4Router(config-line)#loginRouter(config-line)#password cisco
Stop console timing out Router(config)#line con 0Router(config-line)#exec-timeout 0 0
Set the enable password to cisco
Router(config)#enable password cisco
Set the enable secret password to peter.
This password overrides the enable password and is encypted within the config file
Router(config)#enable secret peter
Enable an interface Router(config-if)#no shutdown
To disable an interface Router(config-if)#shutdown
Set the clock rate for a router with a DCE cable to 64K
Router(config-if)clock rate 64000
Set a logical bandwidth assignment of 64K to the serial interface
Router(config-if)bandwidth 64Note that the zeroes are not missing
To add an IP address to a interface
Router(config-if)#ip addr 10.1.1.1 255.255.255.0
To enable RIP on all 172.16.x.y interfaces
Router(config)#router ripRouter(config-router)#network 172.16.0.0
Disable RIP Router(config)#no router rip
To enable IRGP with a AS of 200, to all interfaces
Router(config)#router igrp 200Router(config-router)#network 172.16.0.0
Disable IGRP Router(config)#no router igrp 200
Static route the remote network is 172.16.1.0, with a
Router(config)#ip route 172.16.1.0 255.255.255.0 172.16.2.1 5
mask of 255.255.255.0, the next hop is 172.16.2.1, at a cost of 5 hops
Disable CDP for the whole router
Router(config)#no cdp run
Enable CDP for he whole router
Router(config)#cdp run
Disable CDP on an interface Router(config-if)#no cdp enable
FIREWALL
A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
There are several types of firewall techniques:
Packet filter: Looks at each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing. Application gateway: Applies security mechanisms to specific applications, such as FTP and Telnet servers. This is very effective, but can impose a performance degradation.
Circuit-level gateway: Applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.
Proxy server: Intercepts all messages entering and leaving the network. The proxy server effectively hides the true network addresses.
In practice, many firewalls use two or more of these techniques in concert. A firewall is considered a first line of defense in protecting private information. For greater security, data can be encrypted.
