Network
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Network as PDF for free.
More details
- Words: 4,700
- Pages: 20
Abstract Abstract This project offers a brief introduction to networking and some basic networking terms and concepts. A network is basically all of the components (hardware and software) involved in connecting computers across small and large distances. Networks are used to provide easy access to information, thus increasing productivity for users. This project covers some of the components involved with networking, as well as the basic types of topologies used to connect networking devices, including computers. The types of networks, such as local area networks (LANs) and wide area networks (WANs). This project focuses on the features of routers as they relate to Cisco routers, and routers components: hardware and software. Almost every router uses the same hardware and software components to assist during the bootup process, including the following: ROM (read-only memory), RAM (random access memory), flash, NVRAM (nonvolatile RAM), a configuration register, and physical interfaces. All of these components can affect how the router boots up, finds its operating system and loads it, and finds its configuration file and loads it. The project cover these components.
Contents
Abstract Table of Contents Chapter 1
introduction
Chapter 2
Network Types
Chapter 3
Network Topologies
Chapter 4
IP Address
Chapter 5
WAN Connection Types
Chapter 6
Router Hardware Components
Chapter 7
Router Bootup Process
Chapter 8
Bootstrap Program
Chapter 9
Basic Router Configuration
Chapter 10
Access Control List (ACL)
Chapter 11
Conclusions
References
Introduction 1.Introduction Internet communication has become a fundamental part of life. The World Wide Web contains information about such divers subjects as atmospheric conditions, crop production, stock prices, and airline traffic. Groups establish electronic mailing lists so they can share information of common interest. Professional colleagues exchange business correspondence electronically, and relative exchange personal greeting. Unfortunately, most network technologies are designed for a specific purpose. Each enterprise chooses hardware technology appropriate for specific communication needs and budget. More important, it is impossible to engineer a universal network from a single network technology because no single network suffices for all uses. Some groups need high-speed networks to connect computers in a single building. Low-cost technologies that fill the need cannot span large geographic distance. Other groups settle for a slower speed network that connects machines thousands of miles apart. For over two decades, a new technology has evolved that makes it possible to interconnect many disparate physical networks and make them function as a coordinated unit. The technology, called internetworking, accommodates multiple, diverse underlying hardware technologies by providing a way to interconnect heterogeneous networks and a set of communication conventions that makes them interoperate. The internet technology hides the details of network hardware, and permits computers to communicate independent of their physical network connections.
Network Types 2.Network Types Networks come in a wide variety of types. The most common are LANs and WANs, but there are many other types of networks, including metropolitan area networks (MANs), storage area networks (SANs), content networks (CNs), intranets and extranets, VPNs, and others. The following sections provide a brief overview of each of these network types.
2.1 Local Area Networks Local area networks (LANs) are used to connect networking devices that are in a very close geographic area, such as a floor of a building, a building itself, or a campus environment. In a LAN, you’ll find PCs, file servers, hubs, bridges, switches, routers, multilayer switches, voice gateways, firewalls, and other devices. The media types used in LANs include Ethernet, Fast Ethernet (FE), Gigabit Ethernet (GE), Token Ring, and FDDI. Today, most networks use some form of Ethernet.
2.2 Wide Area Networks Wide area networks (WANs) are used to connect LANs together. Typically, WANs are used when the LANs that must be connected are separated by a large distance. Whereas a corporation provides its own infrastructure for a LAN, WANs are leased from carrier networks, such as telephone companies. Four basic types of connections, or circuits, are used in WAN services: circuit-switched, cell-switched, packet-switched, and dedicated connections. A wide array of WAN services are available, including analog dialup, ATM, dedicated circuits, cable, DSL (digital subscriber line) Frame Relay, ISDN, Switched Multi-megabit Data Services (SMDS), and X.25. Here, analog dialup and ISDN are examples of circuit switched services, ATM and SMDS are examples of cell-switched services, and Frame Relay and X.25 are examples of packet-switched services. Circuit-switched services provide a temporary connection across a phone circuit. These are typically used for backup of primary circuits and for temporary boots of bandwidth. A dedicated circuit is a permanent connection between two sites where the bandwidth is dedicated. These circuits are common where you have a variety of services, such as voice, video, and data, that must traverse the connection and you are concerned about delay issues with the traffic and guaranteed bandwidth. Cell-switched services can provide the same features that dedicated circuits offer. Their advantage over dedicated circuits is that a single device can connect to multiple devices on the same interface. The downside of these services is that they are not available at all locations, they are difficult to set up and troubleshoot, and the equipment is expensive when compared to using dedicated circuits.
Network Topologies 3.Network Topologies When you are cabling up your computers and networking devices, various types of topologies can be used. A topology defines how the devices are connected. Figure 1 shows examples of topologies that different media types use.
A point-to-point topology has a single connection between two devices. In this topology, two devices can directly communicate without interference from other devices. These types of connections are not common when many devices need to be connected together. An example of a point-to-point topology is when you connect two routers across a dedicated WAN circuit. A star topology: a central device has many point-to-point connections to other devices. Star topologies are used in environments where many devices need to be connected. An example of a media type that uses a star topology is 10BaseT Ethernet. When connecting devices together, you connect your computers to a hub or switch (the center of the star). An extended star topology is basically multiple star topologies interconnected. A bus topology uses a single connection or wire to connect all devices. Certain media types, like 10Base5 and 10Base2 Ethernet, use a bus topology.
IP Address 4. IP Address IPv4 addresses are 32 bits in length. However, to make the addresses readable, they are broken into four bytes (called octets), with a period (decimal) between each byte. So that the address is understandable to the human eye, the four sets of binary numbers are then converted to decimal. Let’s look at a simple example: 11111111111111111111111111111111, which is 32 1’s. This is broken up into four octets, like this: 11111111.11111111.11111111.1111111. Then each of these octets are converted into decimal, resulting in 255.255.255.255. The format of this address is commonly called dotted decimal.
4.1 Classes of Addresses There are five classes: Class A, B, C, D, and E. Each of these classes has a predefined network and host boundary: o With a Class A address, the first byte is a network number (8 bits) and the last 3 bytes are for host numbers (24 bits) o With a Class B address, the first two bytes are a network number (16 bits) and the last 2 bytes are for host numbers (16 bits) o With a Class C address, the first three bytes are a network number (24 bits) and the last 1 byte is for host numbers (8 bits) o Class D addresses are used for multicasting. o Class E addresses are reserved.
Given the above distinction, it would seem that addressing for IP is easy. However, what distinguishes the different classes of addresses are what the first bit to 5 bits is set to:
Class A addresses always begin with a “0” in the highest order bit Class B addresses always begin with “10” in the highest order bits Class C addresses always begin with “110” in the highest order bits Class D addresses always begin with “1110” in the highest order bits Class E addresses always begin with “11110” in the highest order bits
WAN Connection Types 5. WAN Connection Types WAN connections fall under one of four categories: Leased lines, such as dedicated circuits or connections. Circuit-switched connections, such as analog modem and digital ISDN dialup connections. Packet-switched connections, such as Frame Relay and X.25. Cell-switched connections, such as ATM and SMDS.
5.1 Leased-Line Connections A leased-line connection is basically a dedicated circuit connection between two sites. It simulates a single cable connection between the local and remote sites. Even though leased lines can provide guaranteed bandwidth and minimal delay for connections, other available solutions, such as ATM, can provide the same features. The main disadvantage of leased lines is their cost they are the most expensive WAN solution. Figure: Leased line example.
5.2 Circuit-Switched Connections
Circuit-switched connections are dialup connections, as are used by a PC with a modem when dialing up an ISP. The main problem with circuit-switched connections is that they are expensive if you need to make connections over long distances, with a per-minute charge that varies, depending on the destination. Therefore, the more data you have to send, the more time it will take, and the more money it will cost. Figure: Circuit-Switched example
5.3 Packet-Switched Connections With leased lines and circuit-switched connections, a physical circuit is used to make the connection between the two sites. With a leased line, the same circuit path is always used. With circuit-switched connections, the circuit path is built every time a phone call is made, making it highly probable that the same circuit path will not be used for every phone call. Packet-switched connections use logical circuits to make connections between two sites. Figure: Packet-Switched example.
Router Hardware Components 6. Router Hardware Components Each router has two main components: hardware and software. Almost every router uses the same hardware and software components to assist during the bootup process, including the following: ROM (read-only memory), RAM (random access memory), flash, NVRAM (nonvolatile RAM), a configuration register, and physical interfaces. All of these components can affect how the router boots up, finds its operating system and loads it, and finds its configuration file and loads it.
Read-Only Memory (ROM) The software in ROM cannot be changed unless you actually swap out the ROM chip on your router. ROM is nonvolatile—when you turn off your device, the contents of ROM are not erased. ROM contains the necessary firmware to boot up your router and typically has the following four components: 1) POST (power-on self-test) Performs tests on the router’s hardware components. 2) Bootstrap program Brings the router up and determines how the IOS image and configuration files will be found and loaded. 3) ROM Monitor (ROMMON mode) A mini–operating system that allows you to perform lowlevel testing and troubleshooting, the password recovery procedure, for instance. To abort the router’s normal bootup procedure of loading the IOS, use the CTRL-BREAK control sequence to enter ROMMON mode. The prompt in ROMMON mode is either “>“ or “rommon>,” depending on the router model. 4) Mini-IOS A stripped-down version of the IOS that contains only IP code. This should be used in emergency situations where the IOS image in flash can’t be found and you want to boot up your router and load in another IOS image. This stripped-down IOS is referred to as RXBOOT mode. If you see “Router(rxboot)#” in your prompt, then your router has booted up with the ROM IOS image. Not every router has a Mini-IOS image; on the other hand, some routers, such as the 7200, can store a full-blown IOS image here.
(RAM) RAM is like the memory in your PC. On a router, it (in most cases) contains the running IOS image; the active configuration file; any tables (including routing, ARP, CDP neighbor, and other tables); and internal buffers for temporarily storing information, such as interface input and output buffers. The IOS is responsible for managing memory. When you turn off your router, everything in RAM is erased.
Flash Flash is a form of nonvolatile memory in that when you turn the router off, the information stored in flash is not lost. Routers store their IOS image in flash, but other information can also be stored here. Note that some lower-end Cisco routers actually run the IOS directly from flash (not RAM). Flash is slower than RAM, a fact that can create performance issues.
NVRAM NVRAM is like flash in that its contents are not erased when you turn off your router. It is slightly different, though, in that it uses a battery to maintain the information when the Cisco device is turned off. Routers use NVRAM to store their configuration files. In newer versions of the IOS, you can store more than one configuration file here.
Configuration Register The configuration register is a special register in the router that determines many of its bootup and running options, including how the router finds the IOS image and its configuration file. You can manipulate this register to affect how your router boots up.
Physical Interfaces Every router has at least one port and one physical interface. Ports are typically used for management access; the console and auxiliary ports are examples. Interfaces are used to move traffic through the router; they can include media types such as Ethernet, Fast Ethernet, Token Ring, FDDI, serial, and others. These interfaces can be used during the bootup process—you can have the bootstrap program load the IOS from a remote TFTP server (instead of flash), assuming that you have a sufficient IP configuration on your router.
Router Bootup Process 7. Router Bootup Process A router typically goes through five steps when booting up: 1. The router loads and runs POST (located in ROM), testing its hardware components, including memory and interfaces. 2. The bootstrap program is loaded and executed. 3. The bootstrap program finds and loads an IOS image: Possible locations of the IOS image include flash, a TFTP server, or the Mini-IOS in ROM. 4. Once the IOS is loaded, the IOS attempts to find and load a configuration file, which is normally stored in NVRAM. 5. After the configuration is loaded, you are presented with the CLI interface.
Bootstrap Program 8. Bootstrap Program The bootstrap program went out and found the IOS and loaded it. The bootstrap program goes through the following steps when trying to locate and load the IOS image: 1) Examine the configuration register value. This value is a set of four hexadecimal digits. The last digit affects the bootup process. If the last digit is between 0x2 and 0xF, then the router proceeds to the next step. Otherwise, the router uses the values shown in Table to determine how it should proceed next.
2) Examine the configuration file in NVRAM for boot system commands, which tell the bootstrap program where to find the IOS. These commands are shown in the following paragraph.
3) If no boot system commands are found in the configuration file in NVRAM, use the first valid IOS image found in flash. 4) If there are no valid IOS images in flash, generate a TFTP local broadcast to locate a TFTP server (this is called a netboot and is not recommended because it is very slow and not very reliable for large IOS images). 5) If no TFTP server is found, load the Mini-IOS in ROM (RXBOOT mode). 6) If there is Mini-IOS in ROM, then the Mini-IOS is loaded and you are taken into RXBOOT mode; otherwise, the router either retries finding the IOS image or loads ROMMON and goes into ROM Monitor mode.
Basic Router Configuration 9. Basic Router Configuration This section covers some of the basic commands that you can use to access and configure a Cisco router. When a router boots up, runs its hardware diagnostics, and loads the IOS software, the IOS then attempts to find a configuration file in NVRAM. If it can’t find a configuration file to load, the IOS then runs the System Configuration Dialog,, commonly referred to as Setup mode, which is a script that prompts you for configuration information. In most situations, you’ll enter Configuration mode on the router and manually enter the commands. One of the advantages of this approach is that you have full access to every command that the router supports, whereas the System Configuration Dialog supports only a small subset of commands.
Router# configure terminal Router(config)#
Assigning a Hostname To change your router’s name, use the hostname command. Here is an example of its use:
Router(config)# hostname bullmastiff bullmastiff(config)#
Configuring Passwords Here is the configuration for setting up passwords:
Router(config)# line console 0 Router(config-line)# password console_password Router(config-line)# exit Router(config)# line vty 0 4 Router(config-line)# login Router(config-line)# password telnet_password Router(config)# line aux 0 Router(config-line)# password console_password Router(config-line)# exit
Configuring Router Interfaces To access an interface and enter Interface Subconfiguration mode, use the interface command: Router(config)# interface type [ slot_#/] port_# Router(config-if)#
Enabling and Disabling Interfaces
Router(config)# interface type [ slot_#/] port_# Router(config-if)# no shutdown
Configuring LAN Interfaces Router(config)# interface ethernet [ slot_#/] port_# Router(config-if)# media-type media_type Router(config-if)# speed 10|100|auto Router(config-if)# [no] half-duplex
Configuring Serial Interfaces Router(config)# interface serial [ slot_#/] port_# Router(config-if)# clock rate rate_in_bits_per_second
Configuring the Bandwidth Parameter All interfaces have a bandwidth value assigned to them. This is used by certain routing protocols, such as IGRP, OSPF, and EIGRP, when making routing decisions. To change the bandwidth value for an interface, use the bandwidth Interface Subconfiguration mode command: Router(config)# interface serial [ slot_#/] port_# Router(config-if)# bandwidth rate_in_Kbps
Configuring IP Addressing Information You can use many commands on the router to set up your IP addressing information. One of the most common is to assign an IP address to an interface: Router(config)# interface type [ slot_#/] port_# Router(config-if)# ip address IP_address subnet_mask
Access Control List (ACL) 10. Access Control List (ACL) ACLs are basically a set of commands, grouped together by a number or name, that are used to filter traffic entering or leaving an interface. ACL commands define specifically which traffic is permitted and which is denied. ACLs are created in Global Configuration mode. Once you create your group of ACL statements, you must activate them. For filtering traffic between interfaces, the ACL is activated in Interface Subconfiguration mode. This can be a physical interface, like ethernet0 or serial0, or a logical interface, like ethernet0.1 or serial0.1. When activating an ACL on an interface, you must specify in which direction the traffic should be filtered: a) Inbound (as the traffic comes into an interface) b) Outbound (before the traffic exits an interface) With inbound ACLs, the router compares the packet to the interface ACL before the router will forward it to another interface. With outbound ACLs, the packet is received on an interface and forwarded to the exit interface; the router then compares the packet to the ACL. One restriction that ACLs have is that they cannot filter traffic that the router originates itself. For example, if you execute a ping or traceroute from the router, or if you telnet from the router to another device, ACLs applied to the router’s interfaces cannot filter these connections. However, if an external device tries to ping, traceroute, or telnet to the router or through the router to a remote destination, the router can filter these packets. ACL Types ACLs come in two varieties: Numbered and named Standard and extended Numbered and named ACLs define how the router will reference the ACL. A numbered ACL is assigned a unique number among all ACLs, whereas a named ACL is assigned a unique name among all named ACLs. These are then used by the router to filter traffic. Each of these references to ACLs supports two types of filtering: standard and extended. Standard IP ACLs can filter only on the source IP address inside a packet, whereas an extended IP ACLs can filter on the source and destination IP addresses in the packet, the IP protocol (TCP, UDP, ICMP, and so on), and protocol information (such as the TCP or UDP source and destination port numbers).With an extended ACL, you can be very precise in your filtering.
ACLs are basically statements that are grouped together by either a name or a number. Within this group of statements, when a packet is processed by an ACL on the router, the router will go through certain steps in finding a match against the ACL statements. ACLs are processed top-down by the router. Using a top-down approach, a packet is compared to the first statement in the ACL, and if the router finds a match between the packet and the statement, the router will execute one of two actions included with the statement:
Permit Deny
Configuring a access list is not a simple process. To get the configuration process right, you should be guided by the following list:
Order of statements is important: put the most restrictive statements at the top of the list and the least restrictive at the bottom. ACL statements are processed top-down until a match is found, and then no more statements in the list are processed. If no match is found in the ACL, the packet is dropped (implicit deny). Each ACL needs either a unique number or a unique name. The router cannot filter traffic that it, itself, originates. You can have only one IP ACL applied to an interface in each direction (inbound and outbound)—you can’t have two or more inbound or outbound ACLs applied to the same interface. (Actually, you can have one ACL for each protocol, like IP and IPX, applied to an interface in each direction.) Applying an empty ACL to an interface permits all traffic by default: in order for an ACL to have an implicit deny statement, you need at least one actual permit or deny statement.
To create an ACL use the following command: Router(config)# access-list ACL_# permit|deny conditions Activating an ACL you must enter the appropriate interface or interfaces and activate your ACL. Here’s the command to activate it on an interface: Router(config)# interface type [ module_#] port_# Router(config-if)# ip access-group ACL_# in|out
At the end of the ip access-group command, you must specify which ACL you are activating and in which direction:
in As traffic comes into the interface out As traffic leaves the interface
Standard IP ACL Example Router(config)# access-list 1 permit 192.168.1.1 Router(config)# access-list 1 deny 192.168.1.2 Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255 Router(config)# access-list 1 deny any Router(config)# interface serial 0 Router(config-if)# ip access-group 1 in
Extended IP ACL Example Router(config)# access-list 101 permit tcp host 199.199.199.1 host 200.200.200.1 eq dns Router(config)# access-list 101 permit udp any host 200.200.200.1 eq dns Router(config)# access-list 101 permit tcp any host 200.200.200.2 eq www Router(config)# access-list 101 permit icmp any 200.200.200.0 0.0.0.255 Router(config)# access-list 101 permit tcp any host 200.200.200.3 eq smtp Router(config)# access-list 101 permit udp host 201.201.201.2 host 201.201.201.1 eq rip Router(config)# interface ethernet 0 Router(config-if)# ip address 201.201.201.1 255.255.255.0 Router(config-if)# ip access-group 100 in
Example of a Named Access List Router(config)# ip access-list extended do_not_enter Router(config-ext-acl)# permit tcp any 172.16.0.0 0.0.255.255 established log Router(config-ext-acl)# permit udp any host 172.16.1.1 eq dns log Router(config-ext-acl)# permit tcp 172.17.0.0 0.0.255.255 host 176.16.1.2 eq telnet log Router(config-ext-acl)# permit icmp any 176.16.0.0 0.0.255.255 echo-reply log Router(config-ext-acl)# deny ip any any log Router(config)# interface ethernet 0 Router(config-if)# ip access-group do_not_enter in
Conclusions 11. Conclusions LANs are used to connect networking devices in a very close geographic area. Media types used include varieties of Ethernet, Token Ring, and FDDI. WANs are used to connect LANs across large distances. WAN services include analog dialup, ATM, dedicated circuits, cable, DSL, Frame Relay, ISDN, SMDS, and X.25.
IP addresses are 32 bits in length, and are broken into four bytes (8 bits) with a period between the bytes. This format is called dotted decimal.
IP addresses are broken into five classes: A (1-126), B (128-191), C (192-223), D (224-239) and E(240-254). IP addresses are broken into two components: network and host. With Class A addresses, the first byte is a network number, Class B, the first two bytes, and Class C, the first three bytes.
Leased lines are dedicated circuits. Circuit-switched connections use analog modems or ISDN for dialup connections. Packet-switched services, such as ATM, Frame Relay, and X.25, use VCs for transmitting data. Of these, leased lines are the most costly. Packetswitched services are used when you need to connect a router to multiple destinations, but the router only has a single serial interface.
Each Cisco router has its own unique chassis and, depending on the model, unique components. Cisco has attempted to modularize many of the components so that they can be used in related models. For instance, many of the cards for the 2600 and 3600 series routers are interchangeable. However, this is not the case for all of Cisco’s routers. Therefore, there is typically no standardization as to what the router looks like and what LEDs it contains. This is also true of management ports. Most routers Cisco sells today have an RJ-45 console port. But many of Cisco’s older routers, the 4000 and 7500 series, for example, use a DB-25 console port. The larger routers have both a console and an auxiliary port, while the smaller routers, like the 800, have only a console port.
Almost every Cisco router has a console port. This port is used to establish an out of-band connection in order to access the CLI to manage router. Once you have placed a basic configuration on router, assigning it IP addressing information, for instance, you can then come in via one of its interfaces in order to manage router in-band. Some methods of in-band management include telnet, a web browser, SNMP, and Cisco Works 2000.
Flash is used to store the operating system and NVRAM is used to store the configuration file. The configuration register is used to determine how the router will boot up.
When booting up, the router loads and runs POST from ROM. It then loads the bootstrap program from ROM, which, in turn, finds and loads the IOS. The IOS can be found in flash, TFTP, or ROM. The IOS then loads the configuration file, found in NVRAM.
The boot system commands can be used to modify the default behavior of where the bootstrap program should load the IOS. When the bootstrap program loads, it examines the configuration file stored in NVRAM for boot system commands. If found, the IOS uses these commands to find the IOS. If no boot system commands are found, the router uses the default behavior in finding and loading the IOS image.
Use the copy flash tftp command to back up the IOS image and the copy tftp flash command to restore or upgrade the IOS. The reload command reboots the router.
ACLs can be created using either numbers or names. There are two basic types: standard and extended. Standard ACLs allow you to filter only the source IP address, whereas extended IP ACLs allow you to filter on source and destination addresses, IP protocols, and protocol information.
There are two actions the router can take when a match is found on an ACL: permit or deny. ACLs are processed top-down, where the order is important. Upon the first match, no other statements are processed. There is an implicit deny at the end of the list. You cannot filter traffic the router itself originates. When adding ACL statements, note that they are always added to the bottom. Only named ACLs allow you to delete a specific entry.
References
COMER, D. E., Internetworking with TCP/IP, Volume I, fourth edition, science, 57-120.
JENNINGS, D. M., L. H. LANDWEBER, and I. H. FUCHS [February 28, 1986], Computer Networking for Scientists and Engineers, Science vol 231, 941-950.
CISCO SYSTEMS, Interconnecting Cisco Network Devices, Student Guide, Volume 2.
CHERITON, D. R. [1995], Local Networking and Internetworking in the V-System, Proceedings of the Eighth Data Communications symposium.
Web site [ www.cisco.com ].
Web site [ www.cs.purdue.edu ].
Contents
Abstract Table of Contents Chapter 1
introduction
Chapter 2
Network Types
Chapter 3
Network Topologies
Chapter 4
IP Address
Chapter 5
WAN Connection Types
Chapter 6
Router Hardware Components
Chapter 7
Router Bootup Process
Chapter 8
Bootstrap Program
Chapter 9
Basic Router Configuration
Chapter 10
Access Control List (ACL)
Chapter 11
Conclusions
References
Introduction 1.Introduction Internet communication has become a fundamental part of life. The World Wide Web contains information about such divers subjects as atmospheric conditions, crop production, stock prices, and airline traffic. Groups establish electronic mailing lists so they can share information of common interest. Professional colleagues exchange business correspondence electronically, and relative exchange personal greeting. Unfortunately, most network technologies are designed for a specific purpose. Each enterprise chooses hardware technology appropriate for specific communication needs and budget. More important, it is impossible to engineer a universal network from a single network technology because no single network suffices for all uses. Some groups need high-speed networks to connect computers in a single building. Low-cost technologies that fill the need cannot span large geographic distance. Other groups settle for a slower speed network that connects machines thousands of miles apart. For over two decades, a new technology has evolved that makes it possible to interconnect many disparate physical networks and make them function as a coordinated unit. The technology, called internetworking, accommodates multiple, diverse underlying hardware technologies by providing a way to interconnect heterogeneous networks and a set of communication conventions that makes them interoperate. The internet technology hides the details of network hardware, and permits computers to communicate independent of their physical network connections.
Network Types 2.Network Types Networks come in a wide variety of types. The most common are LANs and WANs, but there are many other types of networks, including metropolitan area networks (MANs), storage area networks (SANs), content networks (CNs), intranets and extranets, VPNs, and others. The following sections provide a brief overview of each of these network types.
2.1 Local Area Networks Local area networks (LANs) are used to connect networking devices that are in a very close geographic area, such as a floor of a building, a building itself, or a campus environment. In a LAN, you’ll find PCs, file servers, hubs, bridges, switches, routers, multilayer switches, voice gateways, firewalls, and other devices. The media types used in LANs include Ethernet, Fast Ethernet (FE), Gigabit Ethernet (GE), Token Ring, and FDDI. Today, most networks use some form of Ethernet.
2.2 Wide Area Networks Wide area networks (WANs) are used to connect LANs together. Typically, WANs are used when the LANs that must be connected are separated by a large distance. Whereas a corporation provides its own infrastructure for a LAN, WANs are leased from carrier networks, such as telephone companies. Four basic types of connections, or circuits, are used in WAN services: circuit-switched, cell-switched, packet-switched, and dedicated connections. A wide array of WAN services are available, including analog dialup, ATM, dedicated circuits, cable, DSL (digital subscriber line) Frame Relay, ISDN, Switched Multi-megabit Data Services (SMDS), and X.25. Here, analog dialup and ISDN are examples of circuit switched services, ATM and SMDS are examples of cell-switched services, and Frame Relay and X.25 are examples of packet-switched services. Circuit-switched services provide a temporary connection across a phone circuit. These are typically used for backup of primary circuits and for temporary boots of bandwidth. A dedicated circuit is a permanent connection between two sites where the bandwidth is dedicated. These circuits are common where you have a variety of services, such as voice, video, and data, that must traverse the connection and you are concerned about delay issues with the traffic and guaranteed bandwidth. Cell-switched services can provide the same features that dedicated circuits offer. Their advantage over dedicated circuits is that a single device can connect to multiple devices on the same interface. The downside of these services is that they are not available at all locations, they are difficult to set up and troubleshoot, and the equipment is expensive when compared to using dedicated circuits.
Network Topologies 3.Network Topologies When you are cabling up your computers and networking devices, various types of topologies can be used. A topology defines how the devices are connected. Figure 1 shows examples of topologies that different media types use.
A point-to-point topology has a single connection between two devices. In this topology, two devices can directly communicate without interference from other devices. These types of connections are not common when many devices need to be connected together. An example of a point-to-point topology is when you connect two routers across a dedicated WAN circuit. A star topology: a central device has many point-to-point connections to other devices. Star topologies are used in environments where many devices need to be connected. An example of a media type that uses a star topology is 10BaseT Ethernet. When connecting devices together, you connect your computers to a hub or switch (the center of the star). An extended star topology is basically multiple star topologies interconnected. A bus topology uses a single connection or wire to connect all devices. Certain media types, like 10Base5 and 10Base2 Ethernet, use a bus topology.
IP Address 4. IP Address IPv4 addresses are 32 bits in length. However, to make the addresses readable, they are broken into four bytes (called octets), with a period (decimal) between each byte. So that the address is understandable to the human eye, the four sets of binary numbers are then converted to decimal. Let’s look at a simple example: 11111111111111111111111111111111, which is 32 1’s. This is broken up into four octets, like this: 11111111.11111111.11111111.1111111. Then each of these octets are converted into decimal, resulting in 255.255.255.255. The format of this address is commonly called dotted decimal.
4.1 Classes of Addresses There are five classes: Class A, B, C, D, and E. Each of these classes has a predefined network and host boundary: o With a Class A address, the first byte is a network number (8 bits) and the last 3 bytes are for host numbers (24 bits) o With a Class B address, the first two bytes are a network number (16 bits) and the last 2 bytes are for host numbers (16 bits) o With a Class C address, the first three bytes are a network number (24 bits) and the last 1 byte is for host numbers (8 bits) o Class D addresses are used for multicasting. o Class E addresses are reserved.
Given the above distinction, it would seem that addressing for IP is easy. However, what distinguishes the different classes of addresses are what the first bit to 5 bits is set to:
Class A addresses always begin with a “0” in the highest order bit Class B addresses always begin with “10” in the highest order bits Class C addresses always begin with “110” in the highest order bits Class D addresses always begin with “1110” in the highest order bits Class E addresses always begin with “11110” in the highest order bits
WAN Connection Types 5. WAN Connection Types WAN connections fall under one of four categories: Leased lines, such as dedicated circuits or connections. Circuit-switched connections, such as analog modem and digital ISDN dialup connections. Packet-switched connections, such as Frame Relay and X.25. Cell-switched connections, such as ATM and SMDS.
5.1 Leased-Line Connections A leased-line connection is basically a dedicated circuit connection between two sites. It simulates a single cable connection between the local and remote sites. Even though leased lines can provide guaranteed bandwidth and minimal delay for connections, other available solutions, such as ATM, can provide the same features. The main disadvantage of leased lines is their cost they are the most expensive WAN solution. Figure: Leased line example.
5.2 Circuit-Switched Connections
Circuit-switched connections are dialup connections, as are used by a PC with a modem when dialing up an ISP. The main problem with circuit-switched connections is that they are expensive if you need to make connections over long distances, with a per-minute charge that varies, depending on the destination. Therefore, the more data you have to send, the more time it will take, and the more money it will cost. Figure: Circuit-Switched example
5.3 Packet-Switched Connections With leased lines and circuit-switched connections, a physical circuit is used to make the connection between the two sites. With a leased line, the same circuit path is always used. With circuit-switched connections, the circuit path is built every time a phone call is made, making it highly probable that the same circuit path will not be used for every phone call. Packet-switched connections use logical circuits to make connections between two sites. Figure: Packet-Switched example.
Router Hardware Components 6. Router Hardware Components Each router has two main components: hardware and software. Almost every router uses the same hardware and software components to assist during the bootup process, including the following: ROM (read-only memory), RAM (random access memory), flash, NVRAM (nonvolatile RAM), a configuration register, and physical interfaces. All of these components can affect how the router boots up, finds its operating system and loads it, and finds its configuration file and loads it.
Read-Only Memory (ROM) The software in ROM cannot be changed unless you actually swap out the ROM chip on your router. ROM is nonvolatile—when you turn off your device, the contents of ROM are not erased. ROM contains the necessary firmware to boot up your router and typically has the following four components: 1) POST (power-on self-test) Performs tests on the router’s hardware components. 2) Bootstrap program Brings the router up and determines how the IOS image and configuration files will be found and loaded. 3) ROM Monitor (ROMMON mode) A mini–operating system that allows you to perform lowlevel testing and troubleshooting, the password recovery procedure, for instance. To abort the router’s normal bootup procedure of loading the IOS, use the CTRL-BREAK control sequence to enter ROMMON mode. The prompt in ROMMON mode is either “>“ or “rommon>,” depending on the router model. 4) Mini-IOS A stripped-down version of the IOS that contains only IP code. This should be used in emergency situations where the IOS image in flash can’t be found and you want to boot up your router and load in another IOS image. This stripped-down IOS is referred to as RXBOOT mode. If you see “Router(rxboot)#” in your prompt, then your router has booted up with the ROM IOS image. Not every router has a Mini-IOS image; on the other hand, some routers, such as the 7200, can store a full-blown IOS image here.
(RAM) RAM is like the memory in your PC. On a router, it (in most cases) contains the running IOS image; the active configuration file; any tables (including routing, ARP, CDP neighbor, and other tables); and internal buffers for temporarily storing information, such as interface input and output buffers. The IOS is responsible for managing memory. When you turn off your router, everything in RAM is erased.
Flash Flash is a form of nonvolatile memory in that when you turn the router off, the information stored in flash is not lost. Routers store their IOS image in flash, but other information can also be stored here. Note that some lower-end Cisco routers actually run the IOS directly from flash (not RAM). Flash is slower than RAM, a fact that can create performance issues.
NVRAM NVRAM is like flash in that its contents are not erased when you turn off your router. It is slightly different, though, in that it uses a battery to maintain the information when the Cisco device is turned off. Routers use NVRAM to store their configuration files. In newer versions of the IOS, you can store more than one configuration file here.
Configuration Register The configuration register is a special register in the router that determines many of its bootup and running options, including how the router finds the IOS image and its configuration file. You can manipulate this register to affect how your router boots up.
Physical Interfaces Every router has at least one port and one physical interface. Ports are typically used for management access; the console and auxiliary ports are examples. Interfaces are used to move traffic through the router; they can include media types such as Ethernet, Fast Ethernet, Token Ring, FDDI, serial, and others. These interfaces can be used during the bootup process—you can have the bootstrap program load the IOS from a remote TFTP server (instead of flash), assuming that you have a sufficient IP configuration on your router.
Router Bootup Process 7. Router Bootup Process A router typically goes through five steps when booting up: 1. The router loads and runs POST (located in ROM), testing its hardware components, including memory and interfaces. 2. The bootstrap program is loaded and executed. 3. The bootstrap program finds and loads an IOS image: Possible locations of the IOS image include flash, a TFTP server, or the Mini-IOS in ROM. 4. Once the IOS is loaded, the IOS attempts to find and load a configuration file, which is normally stored in NVRAM. 5. After the configuration is loaded, you are presented with the CLI interface.
Bootstrap Program 8. Bootstrap Program The bootstrap program went out and found the IOS and loaded it. The bootstrap program goes through the following steps when trying to locate and load the IOS image: 1) Examine the configuration register value. This value is a set of four hexadecimal digits. The last digit affects the bootup process. If the last digit is between 0x2 and 0xF, then the router proceeds to the next step. Otherwise, the router uses the values shown in Table to determine how it should proceed next.
2) Examine the configuration file in NVRAM for boot system commands, which tell the bootstrap program where to find the IOS. These commands are shown in the following paragraph.
3) If no boot system commands are found in the configuration file in NVRAM, use the first valid IOS image found in flash. 4) If there are no valid IOS images in flash, generate a TFTP local broadcast to locate a TFTP server (this is called a netboot and is not recommended because it is very slow and not very reliable for large IOS images). 5) If no TFTP server is found, load the Mini-IOS in ROM (RXBOOT mode). 6) If there is Mini-IOS in ROM, then the Mini-IOS is loaded and you are taken into RXBOOT mode; otherwise, the router either retries finding the IOS image or loads ROMMON and goes into ROM Monitor mode.
Basic Router Configuration 9. Basic Router Configuration This section covers some of the basic commands that you can use to access and configure a Cisco router. When a router boots up, runs its hardware diagnostics, and loads the IOS software, the IOS then attempts to find a configuration file in NVRAM. If it can’t find a configuration file to load, the IOS then runs the System Configuration Dialog,, commonly referred to as Setup mode, which is a script that prompts you for configuration information. In most situations, you’ll enter Configuration mode on the router and manually enter the commands. One of the advantages of this approach is that you have full access to every command that the router supports, whereas the System Configuration Dialog supports only a small subset of commands.
Router# configure terminal Router(config)#
Assigning a Hostname To change your router’s name, use the hostname command. Here is an example of its use:
Router(config)# hostname bullmastiff bullmastiff(config)#
Configuring Passwords Here is the configuration for setting up passwords:
Router(config)# line console 0 Router(config-line)# password console_password Router(config-line)# exit Router(config)# line vty 0 4 Router(config-line)# login Router(config-line)# password telnet_password Router(config)# line aux 0 Router(config-line)# password console_password Router(config-line)# exit
Configuring Router Interfaces To access an interface and enter Interface Subconfiguration mode, use the interface command: Router(config)# interface type [ slot_#/] port_# Router(config-if)#
Enabling and Disabling Interfaces
Router(config)# interface type [ slot_#/] port_# Router(config-if)# no shutdown
Configuring LAN Interfaces Router(config)# interface ethernet [ slot_#/] port_# Router(config-if)# media-type media_type Router(config-if)# speed 10|100|auto Router(config-if)# [no] half-duplex
Configuring Serial Interfaces Router(config)# interface serial [ slot_#/] port_# Router(config-if)# clock rate rate_in_bits_per_second
Configuring the Bandwidth Parameter All interfaces have a bandwidth value assigned to them. This is used by certain routing protocols, such as IGRP, OSPF, and EIGRP, when making routing decisions. To change the bandwidth value for an interface, use the bandwidth Interface Subconfiguration mode command: Router(config)# interface serial [ slot_#/] port_# Router(config-if)# bandwidth rate_in_Kbps
Configuring IP Addressing Information You can use many commands on the router to set up your IP addressing information. One of the most common is to assign an IP address to an interface: Router(config)# interface type [ slot_#/] port_# Router(config-if)# ip address IP_address subnet_mask
Access Control List (ACL) 10. Access Control List (ACL) ACLs are basically a set of commands, grouped together by a number or name, that are used to filter traffic entering or leaving an interface. ACL commands define specifically which traffic is permitted and which is denied. ACLs are created in Global Configuration mode. Once you create your group of ACL statements, you must activate them. For filtering traffic between interfaces, the ACL is activated in Interface Subconfiguration mode. This can be a physical interface, like ethernet0 or serial0, or a logical interface, like ethernet0.1 or serial0.1. When activating an ACL on an interface, you must specify in which direction the traffic should be filtered: a) Inbound (as the traffic comes into an interface) b) Outbound (before the traffic exits an interface) With inbound ACLs, the router compares the packet to the interface ACL before the router will forward it to another interface. With outbound ACLs, the packet is received on an interface and forwarded to the exit interface; the router then compares the packet to the ACL. One restriction that ACLs have is that they cannot filter traffic that the router originates itself. For example, if you execute a ping or traceroute from the router, or if you telnet from the router to another device, ACLs applied to the router’s interfaces cannot filter these connections. However, if an external device tries to ping, traceroute, or telnet to the router or through the router to a remote destination, the router can filter these packets. ACL Types ACLs come in two varieties: Numbered and named Standard and extended Numbered and named ACLs define how the router will reference the ACL. A numbered ACL is assigned a unique number among all ACLs, whereas a named ACL is assigned a unique name among all named ACLs. These are then used by the router to filter traffic. Each of these references to ACLs supports two types of filtering: standard and extended. Standard IP ACLs can filter only on the source IP address inside a packet, whereas an extended IP ACLs can filter on the source and destination IP addresses in the packet, the IP protocol (TCP, UDP, ICMP, and so on), and protocol information (such as the TCP or UDP source and destination port numbers).With an extended ACL, you can be very precise in your filtering.
ACLs are basically statements that are grouped together by either a name or a number. Within this group of statements, when a packet is processed by an ACL on the router, the router will go through certain steps in finding a match against the ACL statements. ACLs are processed top-down by the router. Using a top-down approach, a packet is compared to the first statement in the ACL, and if the router finds a match between the packet and the statement, the router will execute one of two actions included with the statement:
Permit Deny
Configuring a access list is not a simple process. To get the configuration process right, you should be guided by the following list:
Order of statements is important: put the most restrictive statements at the top of the list and the least restrictive at the bottom. ACL statements are processed top-down until a match is found, and then no more statements in the list are processed. If no match is found in the ACL, the packet is dropped (implicit deny). Each ACL needs either a unique number or a unique name. The router cannot filter traffic that it, itself, originates. You can have only one IP ACL applied to an interface in each direction (inbound and outbound)—you can’t have two or more inbound or outbound ACLs applied to the same interface. (Actually, you can have one ACL for each protocol, like IP and IPX, applied to an interface in each direction.) Applying an empty ACL to an interface permits all traffic by default: in order for an ACL to have an implicit deny statement, you need at least one actual permit or deny statement.
To create an ACL use the following command: Router(config)# access-list ACL_# permit|deny conditions Activating an ACL you must enter the appropriate interface or interfaces and activate your ACL. Here’s the command to activate it on an interface: Router(config)# interface type [ module_#] port_# Router(config-if)# ip access-group ACL_# in|out
At the end of the ip access-group command, you must specify which ACL you are activating and in which direction:
in As traffic comes into the interface out As traffic leaves the interface
Standard IP ACL Example Router(config)# access-list 1 permit 192.168.1.1 Router(config)# access-list 1 deny 192.168.1.2 Router(config)# access-list 1 permit 192.168.1.0 0.0.0.255 Router(config)# access-list 1 deny any Router(config)# interface serial 0 Router(config-if)# ip access-group 1 in
Extended IP ACL Example Router(config)# access-list 101 permit tcp host 199.199.199.1 host 200.200.200.1 eq dns Router(config)# access-list 101 permit udp any host 200.200.200.1 eq dns Router(config)# access-list 101 permit tcp any host 200.200.200.2 eq www Router(config)# access-list 101 permit icmp any 200.200.200.0 0.0.0.255 Router(config)# access-list 101 permit tcp any host 200.200.200.3 eq smtp Router(config)# access-list 101 permit udp host 201.201.201.2 host 201.201.201.1 eq rip Router(config)# interface ethernet 0 Router(config-if)# ip address 201.201.201.1 255.255.255.0 Router(config-if)# ip access-group 100 in
Example of a Named Access List Router(config)# ip access-list extended do_not_enter Router(config-ext-acl)# permit tcp any 172.16.0.0 0.0.255.255 established log Router(config-ext-acl)# permit udp any host 172.16.1.1 eq dns log Router(config-ext-acl)# permit tcp 172.17.0.0 0.0.255.255 host 176.16.1.2 eq telnet log Router(config-ext-acl)# permit icmp any 176.16.0.0 0.0.255.255 echo-reply log Router(config-ext-acl)# deny ip any any log Router(config)# interface ethernet 0 Router(config-if)# ip access-group do_not_enter in
Conclusions 11. Conclusions LANs are used to connect networking devices in a very close geographic area. Media types used include varieties of Ethernet, Token Ring, and FDDI. WANs are used to connect LANs across large distances. WAN services include analog dialup, ATM, dedicated circuits, cable, DSL, Frame Relay, ISDN, SMDS, and X.25.
IP addresses are 32 bits in length, and are broken into four bytes (8 bits) with a period between the bytes. This format is called dotted decimal.
IP addresses are broken into five classes: A (1-126), B (128-191), C (192-223), D (224-239) and E(240-254). IP addresses are broken into two components: network and host. With Class A addresses, the first byte is a network number, Class B, the first two bytes, and Class C, the first three bytes.
Leased lines are dedicated circuits. Circuit-switched connections use analog modems or ISDN for dialup connections. Packet-switched services, such as ATM, Frame Relay, and X.25, use VCs for transmitting data. Of these, leased lines are the most costly. Packetswitched services are used when you need to connect a router to multiple destinations, but the router only has a single serial interface.
Each Cisco router has its own unique chassis and, depending on the model, unique components. Cisco has attempted to modularize many of the components so that they can be used in related models. For instance, many of the cards for the 2600 and 3600 series routers are interchangeable. However, this is not the case for all of Cisco’s routers. Therefore, there is typically no standardization as to what the router looks like and what LEDs it contains. This is also true of management ports. Most routers Cisco sells today have an RJ-45 console port. But many of Cisco’s older routers, the 4000 and 7500 series, for example, use a DB-25 console port. The larger routers have both a console and an auxiliary port, while the smaller routers, like the 800, have only a console port.
Almost every Cisco router has a console port. This port is used to establish an out of-band connection in order to access the CLI to manage router. Once you have placed a basic configuration on router, assigning it IP addressing information, for instance, you can then come in via one of its interfaces in order to manage router in-band. Some methods of in-band management include telnet, a web browser, SNMP, and Cisco Works 2000.
Flash is used to store the operating system and NVRAM is used to store the configuration file. The configuration register is used to determine how the router will boot up.
When booting up, the router loads and runs POST from ROM. It then loads the bootstrap program from ROM, which, in turn, finds and loads the IOS. The IOS can be found in flash, TFTP, or ROM. The IOS then loads the configuration file, found in NVRAM.
The boot system commands can be used to modify the default behavior of where the bootstrap program should load the IOS. When the bootstrap program loads, it examines the configuration file stored in NVRAM for boot system commands. If found, the IOS uses these commands to find the IOS. If no boot system commands are found, the router uses the default behavior in finding and loading the IOS image.
Use the copy flash tftp command to back up the IOS image and the copy tftp flash command to restore or upgrade the IOS. The reload command reboots the router.
ACLs can be created using either numbers or names. There are two basic types: standard and extended. Standard ACLs allow you to filter only the source IP address, whereas extended IP ACLs allow you to filter on source and destination addresses, IP protocols, and protocol information.
There are two actions the router can take when a match is found on an ACL: permit or deny. ACLs are processed top-down, where the order is important. Upon the first match, no other statements are processed. There is an implicit deny at the end of the list. You cannot filter traffic the router itself originates. When adding ACL statements, note that they are always added to the bottom. Only named ACLs allow you to delete a specific entry.
References
COMER, D. E., Internetworking with TCP/IP, Volume I, fourth edition, science, 57-120.
JENNINGS, D. M., L. H. LANDWEBER, and I. H. FUCHS [February 28, 1986], Computer Networking for Scientists and Engineers, Science vol 231, 941-950.
CISCO SYSTEMS, Interconnecting Cisco Network Devices, Student Guide, Volume 2.
CHERITON, D. R. [1995], Local Networking and Internetworking in the V-System, Proceedings of the Eighth Data Communications symposium.
Web site [ www.cisco.com ].
Web site [ www.cs.purdue.edu ].
Related Documents
Network
November 2019 46
Network
November 2019 47
Network
April 2020 49
Network
November 2019 52
Network
October 2019 48
Network
November 2019 71More Documents from ""
Reference
April 2020 14
Network
May 2020 24
Wireless Networking Arabic
May 2020 20
96.till Var Ara - Leiva Wegner Alejandro.pdf
July 2020 6
