|
Semester
3 Chapter 1:
OSI
Model
Identify
and describe the functions of each of
the seven layers of the OSI reference
model.
Application:
This
layer provides services to application
processes, such as E-mail, file transfer
and terminal emulation, that are outside
the OSI reference model. The application
layer identifies and establishes the
availability of intended communication
partners (and the resources required to
connect with them), synchronises
cooperating applications, and
establishes agreement on provedures for
error recovery and control of data
integrity.
Presentation:
This
layer ensures that information sent by
the application layer of one system will
be readable by the application layer of
another. The presentation layer is also
concerned with the data structures used
by programs amd therefore negotiates
data transfer syntax for the application
layer.
Session:
The
session layer establishes, manages and
terminates sessions between applications
and manages data exchange between
presentation layer entities.
Transport:
This
layer is responsible for reliable
network communication between end nodes.
The transport layer provides mechanisms
for establishment, maintenance and
termination of virtual circuits,
transport fault detection and recovery,
and information flow control.
Network:
The
network layer provides connectivity and
path selection between two end systems.
The network layer is the layer at which
routing occurs.
Data
Link:
Provides
transit of data across a physical link.
The data link layer is concerned with
physical addressing, network topology,
line discipline, error notification,
oredered delivery of frames and flow
control. The IEEE divides the layer into
two sub layers: the MAC sublayer and the
LLC sublayer.
Physical:
The
physical layer defines the electrical,
mechanical, procedural, and functional
specifications for the physical links
between systems.
Define
and explain the 5 conversion steps of
data encapsulation.
1:
Build the data: As a user sends for
example, an email message, its
alphanumeric characters are converted to
data that can travel across the
internetwork.
2:
Package the data for end to end
transport: The data is packaged for
internetwork transport. By using
segments, the transport function ensures
that the message hosts at both ends of
the email system can reliably
communicate.
3:
Add the network address to the header:
The data is put into a packet or a
datagram that contains a network header
with source and destination logical IP
addresses. These network addresses help
network devices send the packets across
the network along a dyna,ically chosen
path.
4:
Add the local (MAC) address to the data
link header: Each network device must
put the packet into a frame. The frame
includes a header with the physical
address of the next directly connected
device in the path.
5:
Convert to bits for transmission: The
frame must be converted into a pattern
of 1s and 0s (bits) for transmission on
the medium (usually a wire). A clocking
function enables the devices to
distinguish these bits as they travel
across the medium. The medium on the
physical internetwork can vary along the
path used.
Identify
at least 3 reasons why the industry uses
a layered model.
-
It breaks the network into
smaller, simpler parts that are easier
to develop
-
It facilitates standardisation of
network components to allow multiple
vendor development and support.
-
It allows different types of
network hardware and software to
communicate with each other.
-
Prevents changes in one layer
from affecting the other layers, so that
they can develop more quickly.
Addressing
Define
and describe the function of a MAC
address.
A
standardised data link layer address
that is required for every device that
connects to a LAN. Other devices in the
network use these addresses to locate
specific devices in the network and to
create and update routing tables and
data structures. MAC addresses are six
bytes long and are controlled by the
IEEE.
A
MAC address is a 48-bit address
expressed as 12 hexadecimal digits. The
first six hexadecimal digits of a MAC
address contain a manufacturer
identification, also known as an
Organisationally Unique Identifier. The
last six hexadecimal digits are
administered by each vendor and often
represent the interface serial number.
Describe
data link addresses and network
addresses, and identify the key
differences between them.
Data
link addresses are addresses that reside
at the data link layer of the OSI model.
Data link addresses are MAC addresses.
MAC addresses are flat addresses, that
is, they have no hierarchy, unlike
network addresses. Network addresses are
made up of two main parts; a network
portion and a host portion. The network
portion identifies the network that the
host resides on. Routers use network
layer addresses to make path
determination decisions for network
layer packets. Routers also use the data
link layer address to send the packet to
its intended destination host. As a
packet trvels across a network, the IP
address of the destination never changes
but the data link address changes so
that the packet can be switched to the
next hop.
Describe
and create the different classes of IP
addresses [and subnetting].
Class
A addresses use the first 8 bits of the
IP address to identify the network which
the host belongs to. A class A IP
address is in the range 0.0.0.0 to
127.255.255.255, although the 127.0.0.0
address range is reserved for special
purposes. The subnet mask of 255.0.0.0
will also identify a class A network.
Also, the first bit in a class A address
is always 0.
Class
B IP addresses have the first two bits
of their addresses set to 10. This puts
class B IP in the range 128.0.0.0 to
191.255.255.255. Class B networks always
use the first 16 bits of the IP address
to identify the network. Class B
networks always have the subnet mask
255.255.0.0.
Class
C networks are identified by having the
first three bits of their IP addresses
set to 110. The range for class C IP
addresses is 192.0.0.0 to
223.255.255.255.
Subnetting
involves borrowing contiguous bits from
the host range in an IP address. To
subnet you must borrow at least two bits
and leave two bits. You cannot have all
0s or 1s for a subnet ID. Therefore the
number of usable subnets is always 2
less than the total. To work out how
many subnets you have created you should
multiply 2 to the power of the number of
bits you have borrowed. EG. 2^2 = 4, 2^3
= 8, 2^4 = 16. For every contiguous bit
you borrow from a host range, you double
the amount of subnets possible.
Identify
the functions of the TCP/IP Transport
Layer Protocols.
The
TCP/IP Transport layer provides two
protocols, Transmission Control Protocol
and User Datagram Protocol.
TCP
is a connection oriented reliable
protocol that provides flow control by
providing sliding windows and offers
reliability by providing sequence
numbers and acknowledgements. TCP
resends anything that is not
acknowledged and supplies a virtual
circuit between end user applications.
The advantage of TCP is that it provides
guaranteed delivery of segments.
UDP
is a connectionless unreliable protocol
that is responsible for transmitting
messages but provides no software
checking for segment delivery. The
advantage of UDP is speed. Because UDP
provides no acknowledgements, less
traffic is sent across the network,
making transfer faster.
IOS
Log
into a router using both user and
priviledged modes.
Router
con0 is now available
Press
Return to get started
User
access verification
Password:
Router>
Router>enable
Password:
Router#
Use
the context-sensitive help facility
Typing
a question mark (?) at the user mode
prompt (Router>) or privileged prompt
(Router#) will display a list of context
sensitive, commonly used commands
Use
the command history and editing
features.
Ctrl-P
or Up arrow key: Recalls last (previous)
command
Ctrl-N
or Down arrow key: Recalls most recent
command
Show
History: Shows command buffer
Ctrl-A:
Moves to the beginning of the command
line
Ctrl-E:
Moves to the end of the command line
Esc-B:
Moves back one word
Ctrl-F:
Moves forward one character
Ctrl-B:
Moves back one character
Esc-F:
Moves forward one word
Examine
router elements (RAM, ROM, CDP, show)
RAM:
Stores routing tables, the ARP cache,
the fast-switching cache, packet
bufferring and packet hold queues. RAM
also provides running memory for the
routers configuration file while the
router is powered on.
ROM:
Contains power-on diagnostics, a
boot-strap program, and operating system
software. Software upgrades in ROM
require replacing pluggable chips on the
motherboard.
CDP:
The Cisco discovery protocol provides a
single proprietary command that enables
network administrators to access a
summary of what the configurations look
like on other directly connected routers
Show:
show <command> helps you obtain
vital information that you need when
monitoring and troubleshooting router
operations.
Manage
configuration files from the priviledged
exec mode.
configure
terminal: Configures the router manually
from the console terminal
configure
memory: Loads configuration information
from non-volatile random access memory.
copy
tftp running-config: Loads configuration
information from a network tftp server
show
running-config: Displays the current
configuration in RAM
copy
running-config startup-config: Stores
the current configuration in RAM into
NVRAM
copy
running-config tftp: Stores the current
configuration in RAM on a network tftp
server
show
startup-config: Displays the saved
configuration, which is the contents of
NVRAM
erase
startup-config: Erases the contents of
NVRAM
Control
router passwords, identification, and
banner.
Router
Passwords:
enable
password <password>
enable
secret <password>
Identification:
hostname
<Router Name>
Banner:
banner
motd# <Type your message here>
Identify
the main Cisco IOS commands for router
startup.
Router#
show running-config
Router#
show startup-config
Router#
copy running-config startup-config
Router#
reload
Enter
an initial configuration using the setup
command.
Router#
setup
Enter
Hostname:
Enter
Enable Secret:
Enter
Enable Password:
Enter
Virtual Terminal Password:
Configure
IP? [Yes]
Configure
Interface Serial0: Yes
Configure
Interface Serial1: Yes
Configure
Interface Ethernet 0: Yes
Configure
Interface Ethernet 1: Yes
Copy
and manipulate configuration files.
configure
terminal: Configures the router manually
from the console terminal
configure
memory: Loads configuration information
from non-volatile random access memory.
copy
tftp running-config: Loads configuration
information from a network tftp server
show
running-config: Displays the current
configuration in RAM
copy
running-config startup-config: Stores
the current configuration in RAM into
NVRAM
copy
running-config tftp: Stores the current
configuration in RAM on a network tftp
server
show
startup-config: Displays the saved
configuration, which is the contents of
NVRAM
erase
startup-config: Erases the contents of
NVRAM
List
the commands to load Cisco IOS software
from: flash memory, a TFTP server, or
ROM.
Router
(config)# boot system flash IOS_filename
Router
(config)# boot system tftp IOS_filename
tftp_address
Router
(config)# boot system rom
Prepare
to backup, upgrade, and load a backup
Cisco IOS software image.
show
flash
copy
flash tftp
copy
tftp flash
Prepare
the initial configuration of your router
and enable IP.
Router>ena
Password:
Router#configure
terminal
Router(config)#hostname
<name>
Hostname(config)interface
e0
Hostname(config-if)ip
address <address> <subnet
mask>
Hostname(config-if)no
shut
Add
the RIP routing protocol to your
configuration.
Hostname(config-if)router
rip
Hostname(config-router)network
xxx.xxx.xxx.xxx
Configure
IP Addresses.
Hostname(config)interface
e0
Hostname(config-if)ip
address <address> <subnet
mask>
Hostname(config-if)no
shut
Verify
IP Addresses.
ping
<ipaddress>
show
interface e0/1/2/3 s0/1/2/3
show
ip interface
Explain
the services of separate and integrated
multiprotocol routing.
Routers
are capable of concurrently supporting
multiple independant routing protocols
and maintaining routing tables for
several routed protocols.
List
problems that each routing type
encounters when dealing with topology
changes and describe techniques to
reduce the number of these problems.
Static
Routing:
Static
routing is where the network
administrator has to input route changes
directly into the routing table whenever
there is a change to the networks
topology. One way to solve the problem
of constantly having to manually update
routing tables is to employ a dynamic
routing protocol. Dynamic routing
protocols automatically adjust routing
tables whenever there is a change to the
topology by passing periodic or event
triggered updates to neighbouring
routers. These neighbouring routers then
update their routing tables and
recalculate the best routes to known
networks.
Dynamic
Routing:
Dynamic
Routing protocols encounter the problem
of routing loops. Routing loops occur
when routers suffer from slow
convergence due to differing line speeds
and latency. Because routers do not have
a consistent view of the network,
routing updates can activate routes that
a previous router has stated is
unreachable. This can cause a count to
infinity where the routers' metric
counts to infinity as the packets loop
around and around. The distance vector
protocol answer to the count to infinity
problem is to define a maximum. Distance
vector protocols have a maximum hop
count. When the packet has the maximum
hop count value, the router discards the
packet.
Another
answer to the problem of routing loops
is the Split Horizon. Split Horizon
stops a router that received an update
sending the same information out of the
the same interface.
Holddown
timers are also used to prevent routing
loops. Holddown is when a router will
reject routing updates with a poorer
metric than it originally received from
a neighbour router that indicates the
network is down. If the router receives
an update from that same router it will
mark the route as accessible. If the
router receives an update from another
router with a poorer metric for the same
route, it rejects the update for the
holddown period.
A
poison reverse update is designed to
prevent larger routing loops. A poison
reverse updates explicitly indicate that
a network or subnet is unreachable,
rather than implying that a netwrok is
unreachable by excluding it in updates.
Chapter 2:
LAN
Switching
Describe
the advantages of LAN segmentation.
The
primary reason to segment LANs is to
isolate traffic between segments and to
achieve more bandwidth per user by
creating smaller collision domains. Each
segment is its own collision domain.
Without LAN segmentation, LANs larger
than a small workgroup would quickly
become clogged with traffic and
collisions and would deliver severely
reduced bandwidth.
Describe
LAN segmentation using bridges.
Bridges
learn a network's segmentation by
building address tables that contain the
physical address of each networkdevice,
as well as the port to use to reach the
device. Ethernet bridges are transparent
to the other devices on the network
Describe
LAN segmentation using routers.
A
router operates at the network layer and
bases all of its forwarding decisions on
the layer 3 protocol address. It
accomplishes this by examining the
destination address on the data packet
and then looking in its routing table
for forwarding intstructions.
Describe
LAN segmentation using switches.
A
LAN switch is a high-speed multi-port
bridge that has one port for each node
or segment of the LAN. A switch segments
a LAN into microsegments, thereby
creating collision-free domains from one
formerly larger collision domain.
Switches make frame forwarding decisions
by building a table of the MAC addresses
of the hosts attached to each port.
Describe
the benefits of network segmentation
with bridges.
Ethernet
LANs that use a bridge for segmenting
the LAN provide more bandwidth per user
because there are fewer users on the
segments than when compared to the
entire LAN. The bridge only allows those
frames that have destinations outside
the segment to pass through.
Describe
the benefits of network segmentation
with routers.
Routers
create the highest level of segmentation
because of their capability to make
exact determinations of where to send
the data packet.
Describe
the benefits of network segmentation
with switches.
In
switched ethernet, each node is directly
connected to one of its ports or a
segment that is connected to one of the
switch's ports. This creates a 10/100
Mbps connection between each node and
each segment on the switch. A computer
directly connected to an ethernet switch
is its own collision domain and accesses
the full 10/100 Mbps.
Name
and describe two switching methods.
Store
And Forward:
The entire frame is received before any
forwarding takes place. The destination
and/or the source address are read and
filters are applied before the frame is
forwarded.
Cut-Through:
The switch reads the destination address
before receiving the entire frame. The
frame is then forwarded before the
entire frame arrives.
Fast-forward
switching:
This method of switching offers the
lowest level of latency by immediately
forwarding a packet after receiving the
destination address. Because
fast-forward switching does not check
for errors, there may be times when
frames are relayed with errors. Although
this occurs infrequently and the
destination network adapter discards the
faulty frame upon receipt.
Fragment-free
switching: Fragment-free
switching filters out collision
fragments, which are the majority of
packet errors, before forwarding begins.
Fragment-free switching waits until the
received packet has been determined not
to be a collision fragment before
forwarding the packet
Distinguish
between cut-through and
store-and-forward switching.
Cut-through
- The switch reads the destination
address before receiving the entire
frame. The frame is then forwarded
before the entire frame arrives. This
mode decreases the latency of the
transmission and has poor LAN Switching
error detection.
Fast-forward
switching -
This method of switching offers the
lowest level of latency by immediately
forwarding a packet after receiving the
destination address. Because
fast-forward switching does not check
for errors, there may be times when
frames are relayed with errors.
Fragment-free
switching -
Fragment-free switching filters out
collision fragments, which are the
majority of packet errors, before
forwarding begins. Fragment-free
switching waits until the received
packet has been determined not to be a
collision fragment before forwarding the
packet
Define
and describe the function of a MAC
Address.
Previously
answered above
Ethernet
Describe
network congestion problem in Ethernet
networks.
Todays
networks are experiencing an increase in
the transmission of large graphics files
, images, full-motion video, and
multimedia applications, as well as an
increase in the number of users in the
network. All these factors place an even
greater strain on bandwidth. As more
people utilize a network to share large
files, access file servers, and connect
to the internet, network congestion
occurs. This can result in slower
response times, longer file transfers,
and network users becoming less
productive due to network delays.
Describe
full- and half-duplex Ethernet
operation.
Ethernet
is a half-duplex design. Each ehternet
host checks the network to see whether
data is being transmitted before it
transmits additional data. If the
network is already in use, the
transmission is delayed. Despite
transmission deferral, two or more
ehternet hosts can transmit at the same
time, which results in a collision. When
a collision occurs, the hosts that first
detects the collision will send a jam
signal. Upon hearing the jam signal,
each host will wait a random period of
time before attempting to retransmit.
this process takes up all of the
available bandwidth, resulting in a
total loss of transmission until the
random period of time expires.
Full-duplex
ethernet allows the transmission of a
packet and the reception of a different
packet at the same time. This
simultaneous transmission and reception
requires the use of two pairs of wires
in the cable and a switched connection
between each node. This connection is
considered point to point and is
collision free. To transmit and receive
simultaneously, a dedicated port is
required for each node.
Describe
the features and benefits of Fast
Ethernet.
Fast
ethernet offers a speed increase 10
times that of the 10BaseT ethernet
specification while preserving such
qualities as frame format, MAC
mechanisms, and MTU. Such similarities
allow the use of existing 10BaseT
applications and network management
tools on Fast Ethernet networks.
Describe
the guidelines and distance limitations
of Fast Ethernet.
Fast
Ethernet can carry 100 Mbps, using
baseband signalling, with a maximum
unrepeated distance of 100 metres using
Cat-5 UTP. Uses the standard ethernet
broadcast-oriented logical bus topology.
Based on extension to the 802.3
specification.
Chapter
3:
VLANs
Describe
the operation of the Spanning Tree
Protocol and its benefits.
The
Spanning-Tree Algorithm, implemented by
the Spanning-Tree Protocol, prevents
loops by calculating a stable
spanning-tree network topology. When
creating fault-tolerant networks, a
loop-free path must exist between all
Ethernet nodes in the network. The
Spanning-Tree Algorithm is used to
calculate a loop-free path.
Spanning-tree frames, called bridge
protocol data units (BPDUs), are sent
and received by all switches in the
network at regular intervals and are
used to determine the spanning-tree
topology.
A
switch uses Spanning-Tree Protocol on
all Ethernet and Fast Ethernet based
VLANs. Spanning-Tree Protocol detects
and breaks loops by placing some
connections in a standby mode, which are
activated in the event of an active
connection failure. A separate instance
of Spanning-Tree Protocol runs within
each configured VLAN, ensuring Ethernet
topologies that conform to industry
standards throughout the network.
Describe
the operation of virtual LANs.
A
VLAN is a logical grouping of devices or
users that can be grouped by function,
department, or application, regardless
of their physical segment location. VLAN
configuration is done at the switch via
software.
Describe
the benefits of virtual LANs.
Switches
have many benefits. A LAN switch allows
many users to communicate in parallel
through the use of virtual circuits and
dedicated network segments in a
collision free environment. This
maximizes the bandwidth available on the
shared medium.
Moving
to a switched LAN environment is very
cost-effective because you can reuse
existing hardware and cabling.
The
power of the switch combined with the
software to configure LANs give network
administrators great flexibility in
managing the network.
VLANs
can effectively extend the firewall from
the router to the switch.
Broadcast
traffic within one VLAN is not
transmitted outside the VLAN.
Conversely, adjacent ports do not
receive any of the broadcast traffic
generated from other VLANs. This type of
configuration substantially reduces the
overall broadcast traffic, frees
bandwidth for real user traffic, and
lowers the overall vulnerability of the
network to broadcast storms.
Flow
Control:
Define
flow control and describe the three
basic methods used in networking.
A
technique for ensuring that a
transmitting entity does not overwhelm a
receiving entity with data When the
buffers on the receiving device are
full, a message is sent to the sending
device to suspend the transmission until
the data in the buffers has been
processed.
Windowing:
The number of data packets a the sender
is allowed to have outstanding without
having received an acknowledgment is
known as windowing
Acknowledgment:
Positive acknowledgment with
retransmission is one technique that
guarantees reliable delivery of data.
Positive acknowledgment requires a
recipient to communicate with the
source, sending back an acknowledgment
message when it receives data.
Three-Way
Handshake: TCP hosts establish a
connection-oriented session with one
another using a three-way handshake. A
three-way handshake synchronises a
connection at both ends before data is
transferred.
The exchange of introductory
sequence numbers during the connection
sequence is important because it ensures
that any data that is lost due to
transmission problems can be recovered.
Chapter
5:
OSI
Model
Describe
the three major portions of an IP
address.
The
3 major portions of an IP address are:
1.
Network:
A logically grouped segment of computers
within a common network
2.
Subnet:
Subdivisions of a major network. Made by
borrowing bits from the host range.
3.
Host:
The computer, server or other device
that is attached to a network segment
Describe
the functions of the TCP/IP
network-layer protocols and how they are
used for path determination.
Connectionless
network processes are often referred to
as being packet switched. In these
processes, as the packets pass from
source to destination they can switch to
different paths, as well as, possibly
arrive out of order. IP is a
connectionless system; it treats each
packet independently.
In
connection-oriented systems, a
connection is established between the
sender and the recipient before any data
is transferred. Connection-oriented
network processes establish a connection
with the recipient first and then begin
the data transfer. All packets travel
sequentially across the same virtual or
physical circuit.
Routing
Protocols:
Add
the IGRP routing protocol to your
configuration.
router
igrp <AS Number>
network
<directly connected networks>
Describe
the function of a router in delivering
data packets between different networks.
Router
packet delivery process: After examining
a packet's destination protocol address,
the router determines that it either
knows or does not know how to forward
the packet to the next hop. If the
router does not know how to forward the
packet and there is no default route, it
typically drops the packet. If the
router knows how to forward the packet,
it changes the destination physical
address to that of the next hop and
transmits the packet.
Describe
the function and limitations of static
route entries in a Router.
Before
routing begins, the network
administrator establishes static routing
table mappings. These mappings do not
change unless the network administrator
changes them.
Describe
the functions and advantages of dynamic
routing protocols.
They
adjust to changing network
circumstances. They do this by analyzing
incoming routing update messages.
Describe
the difference between routed and
routing protocols.
Routed
protocols: Protocol that can be routed
by a router. A router must be able to
interpret the logical internetwork as
specified by that routed protocol.
Routing
protocols: Process of finding a path to
a destination host. Routing is very
complex in large networks because of the
many potential intermediate destinations
a packet might traverse before reaching
its destination host.
Describe
the function of a routing table in the
router.
Table
stored in a router or some other
internetworking device that keeps track
of routes to particular network
destinations and, in some cases, metrics
associated with those routes.
Describe
what a routing metric is and what the
various components mean.
Routing
metrics are used to help router to help
determine the path to choose for the
packet to travel:
Hope
count:
The number of routers a packet must go
through to reach a destination
Load:
The amount of network activity on a
network resource such as a router or a
link
Reliability:
The error rate of each network link
Bandwidth:
The data capacity of a link
Delay:
The length of time required to move a
packet from source to destination
Cost:
The generic term based on bandwidth,
dollar expense, or other measurement or
metric, that is used to represent the
desirability of a path.
Describe
the difference between distance vector
and link state routing protocols.
Distance
Vector routing protocol: Based on the
number of hops in a route to find a
shortest-path spanning tree. Distance
vector routing algorithms call for each
router to send its entire routing table
in each update.
Link
State routing protocols: When each
router broadcasts or multicasts
information regarding the cost of
reaching each of its neighbors to all
nodes in the internetwork.
Describe
what convergence is in a network.
The
speed and ability of a group of
internetworking devices running a
specific routing protocol to agree on
the topology of an internetwork after a
change in that topology
Describe
what an autonomous network is and what
general type of protocol is used to
communicate between autonomous networks.
Autonomous
networks are Networks under a common
administration sharing a common routing
strategy. Areas subdivide autonomous
systems. An autonomous system must be
assigned a unique 16-bit number by the
IANA.
Interior
Gateway protocols are: Used to exchange
routing information within an autonomous
system.
Exterior
Gateway protocols are: Internet protocol
for exchanging routing information
between autonomous systems. EGP is an
obsolete protocol that has been replaced
by BGP.
Chapter
6:
General
Describe
what an access control list is.
An
access control list is a list of
instructions you apply to a router's
interface. These lists tell the router
what kinds of packets to accept and what
kinds of packets to deny.
Describe
the function of Access control lists on
routers.
The
function of Access control lists on
routers is allows or deny certain
packets to go through the router.
Describe
the reasons access control list are
used.
Four
reasons for using access control lists
are:
1.
Limit network traffic and
increase network performance
2.
Provide traffic flow control
3.
Provide a basic level of security
for network access
4.
Decide which types of traffic are
forwarded or blocked at the router
interfaces
Describe
how segmentation with routers and access
control lists are related.
With
segmentation, you use a router to create
two or more different networks. Each
network is attached to a router
interface. By using access control lists
you can control what traffic gets to
enter or exit an interface and where
that traffic can be routed.
Configure
Standard and extended access lists to
filter IP traffic.
Standard
access lists: Block all traffic from a
network, allow all traffic from a
specific network, or deny protocol
suites. Standard ACLs check the source
address of packets that could be routed.
Eg.
access list 1 deny 192.168.220.0
0.0.0.255
Extended
access lists are: most often to test
conditions because they provide a
greater range of control than standard
ACLs. You would use an extended ACL when
you want to allow Web traffic but deny
File Transfer Protocol (FTP) or telnet
from non-company networks. Extended ACLs
check for both source and destination
packet addresses.
Eg.
access list 100 deny tcp 192.168.220.0
0.0.0.255 192.168.250.0 0.0.0.255
Monitor
and verify selected access list
operations on the router.
N/A
OSI
Model
Define
the layers of the OSI model where
standard access control lists function,
and what fields in the data packet
header they are concerned with.
Standard
access control lists can filter traffic
at the network layer. ACLs filter routed
packets. The fields in the data packet
ACLs are concerned with are: Frame
Headers, Packet Header and Segment
Header
Define
the layers of the OSI model where
extended access control lists function,
and what fields in the data packet
header they are concerned with.
Extended
access control lists are used to filter
traffic at the network layer of the OSI
model. They can also be used to filter
traffic transport layer protocols. The
fields in the data packet ACLs are
concerned with are: Frame Headers,
Packet Header and Segment Header
Chapter
7:
General
Describe
connectionless data packet delivery over
a network.
Connectionless
network processes are often referred to
as being packet switched. In these
processes, as the packets pass from
source to destination they can switch to
different paths, as well as, possibly
arrive out of order. IP is a
connectionless system; it treats each
packet independently.
Novell
IPX Protocol
Describe
the format for IPX addressing and how
unique networks are identified.
IPX
addresses have the following format:
A
two-part address-the network number and
the node number. The node number
is usually the Media Access Control
(MAC) address for a network interface in
the end node. Novell IPX supports
multiple logical networks on an
individual interface; each network
requires a single encapsulation type.
The network administrator is responsible
for assigning network numbers to router
interfaces and nodes.
Describe
the function of the Service
Advertisement Protocol (SAP) within IPX.
Netware’s
SAP allows network resources, including
file and print servers, to advertise
their network addresses and the services
they provide. Each service is identified
by a number, called a SAP identifier.
SAP updates are sent every 60 seconds.
Describe
the three major types of SAP
advertisements.
The
three major types of SAP advertisements
are:
4:
Netware File Server
7:
Print Server
24:
Remote bridge Server (Router)
Describe
the concept of client /server in a
Novell network.
NetWare
clients automatically discover available
network services because Novell servers
and routers announce their services by
using SAP broadcasts.
Describe
the function and process of Get Nearest
Server (GNS) in a Novell network.
One
type of SAP advertisement is GNS, which
enables a client to quickly locate the
nearest server for login. The NetWare
client/server interaction begins when
the client powers up and runs its client
startup programs. These programs use the
clients adapter on the LAN and initiate
the connection sequence for the Netware
command shell to use. The connection
sequence is a broadcast that comes from
a client using SAP. The nearest NetWare
file server responds with another SAP.;
the protocol type is GNS. From that
point on the client can log into the
target server, make a connection, set
the packet size, and proceed to use
server resources.
Monitor
Novell IPX operation on the router.
N/A
List
the required IPX address and
encapsulation type.
N/A
Enable
the Novell IPX protocol and configure
interfaces.
N/A
Configure
IPX access lists and SAP filters to
control basic Novell traffic.
N/A
Routing
Describe
the concept of multi-protocol routing.
Multi-protocol
routing is where a router delivers
packets from several routed protocols,
such as TCP/IP & IPX over the same
data links.
Describe
what function of the router will control
the flow of SAP advertisements across
the network.
Routers
do not forward SAP broadcasts. Instead
each router builds its own SAP table and
forwards the SAP table to other routers.
By default this occurs every 60 seconds,
but the router can use access control
lists to control the SAPs accepted or
forwarded.
Semester
4
Chapter
2:
WANs
Differentiate
between the following WAN services:
Frame Relay, ISDN/LAPD, HDLC, and PPP.
Frame
relay is a statistical multiplexed
service which uses layer 2 identifiers
and permanent virtual circuits.
Information contained in frames shares
bandwidth with other WAN Frame Relay
service providers.
ISDN
/ LAPD: A set of digital services that
transmits voice and data over existing
phone lines. LAPD is an ISDN data-link
layer protocol for the D channel.
HDLC:
A bit oriented synchronous data link
layer encapsulation protocol developed
by ISO. Is very streamlined and has no
windowing or flow control.
PPP:
PPP is an encapsulation method used over
synchronous and asynchronous data lines.
PPP offers control of data link setup,
dynamic assignment of IP addresses,
network protocol multiplexing, link
configuration and link quality testing,
error detection, and negotiation options
for network layer address and data
compression negotiations.
Chapter
3:
General
Describe
the three major characteristics of a
Wide Area Network
A
WAN is a data communication network that
operates beyond a LANs geographic scope.
You
must subscribe to a WAN service
provider.
A
WAN uses data-links such as ISDN and
Frame relay to connect locations of an
organisation together, to locations of
other organisations and to external
services such as databases.
Describe
what a Regional Bell Operation Company (RBOC)
is and what is its function
A
Regional Bell Operating Company is an
organisation that provides wide area
network services through frame realy,
dedicated links and ISDN.
The RBOC is the carrier service
that nterconnects geographically
separate locations of networks.
OSI
Model
Describe
which two layers of the OSI model WANs
typically address
WANs
function at the lowest three layers of
the OSI model. The physical, data link
and network layers.
Describe
what a WAN data link protocol is and
what is its function
A
data link protocol describes how data is
carried over a single link between
systems. The data link layer defines how
data is encapsulated.
Describe
the purpose of DTE and DCE devices and
what layer of the OSI model do they
apply to
DTE
devices are usually routers and connect
a Local Area Network to a WAN service
provider. The DCE is usually the device
that connects the router to the service
provider to connect to data links. DTEs
typically operate at layer three, the
network layer, while DCE’s operate at
layer 1.
List
four common data link layer WAN
protocols
Point-to-point
protocol (PPP)
HDLC
Cisco/IETF
ISDN
WAN
Describe
what a Point of Presence (POP) and
Central Office (CO) are and what is
their function
The
point of presence is where telephone and
data services are provided into a
building.
The
Central Office is the local telephone
company office where all local loops for
a service provider connect. It is where
circuit switching of subscriber lines
occurs
Describe
how Time Division Multiplexing (TDM)
works and what WAN technology uses it
Time
Division Multiplexing is where traffic
from many sources is multiplexed onto a
single medium. TDM multiplexes traffic
into fixed time slots.
Describe
what Customer Premise equipment is.
Customer
Premises Equipment is where the
customers devices are physically
located. Includes devices owned by the
customer and equipment leased from a
service provider.
Describe
the data encapsulation process across a
WAN link
The
WAN data link layer defines how data is
encapsulated for transmission to remote
sites. WAN data link protocols describe
how frames are carried between end
systems on a single data path. All
serial line encapsulations have the
following frame format which has the
following fields:
Flag:
Indicates the beginning and end of a
frame
Address:
A 1 or 2 byte field to address the end
station in multidrop environments
Control:
Indicates whether the frame is an
information, a supervisory, or an
unnumbered type frame.
Data:
The encapsulated data
FCS:
the frame check sequence
Flag:
the trailing flag identifier
Describe
connection oriented and connectionless
services across a WAN
Connection
oriented services include services such
as ISDN and dedicated lines. Connection
oriented services establish a dedicated
physical circuit between end points. Connectionless
services are services such as frame
relay and SMDS. These services establish
a connection to a service provider when
needed and then terminate the connection
when idle.
Describe
how WAN signalling standards effect the
throughput of WAN services
Throughput
of WAN services is only limited by the
service you are connected to. WAN
signalling standards address speeds in
the range of 64 Kbps to 22488.32 Mbps.
If throughput is starting to diminish,
the service provider should be contacted
in order to provision a faster link,
either by upgrading to a higher CIR, or,
changing the connection type, ie from
ISDN to T1.
Describe
what a dedicated leased line is and how
it is used
A
dedicated leased line provides a full
time service over point-to-point serial
links. Dedicated leased lines are
usually used for backbone or core
connectivity between major sites. A
dedicated synchronous router port is
required for each line as well as a CSU/DSU
to connect to the service provider.
Dedicated lines are ideal for
high-volume environments with a steady
flow of traffic.
Describe
what packet switched connections are and
what WAN services use this technology
Packet
switching is a WAN switching method in
which network devices share a permanent
virtual circuit, which is like a
point-to-point link that transports
packets from a source to a destination.
X.25, frame relay, and SMDS are all
packet switched WAN technologies.
Describe
what a hierarchical WAN design model is
and what are the major benefits
In
a hierarchical structure, the network is
organised in layers, each of which has
one or more specific functions.
The
major benefits are: Scalability, Ease Of
Implementation, Ease Of Troubleshooting,
Predictability, Protocol Support,
Manageability.
Describe
the functions of each layer in a three
layer hierarchical WAN model
The
core layer provides fast wide-area
connections between geographically
remote sites, tying a number of campus
networks together in a corporate or
enterprise WAN. Core links are usually
point-to-point and there are no hosts in
this layer.
The
distribution layer gives network
services to multiple LANs within a WAN
environment. This layer is where the WAN
backbone network is found. This layer is
implemented on large sites and is used
to interconnect buildings.
The
access layer is usually a LAN or group
of LANs, typically ethernet or token
ring, that provides front line access to
network services. The access layer is
where almost all hosts are attached to
the network, including servers of all
kinds and user workstations.
Describe
why server placement and associated
traffic patterns are important to
understand when designing a WAN
Servers
should be placed at the highest level
router to which sites need to connect to
in order to limit the number of routers
crossed and traffic generated in a WAN.
If a server is placed at a lower layer
router, and users from other networks
need to use it, then the traffic will
have to be routed through more routers
than is necessary. Servers should be
placed at the apex router of networks
that need to connect to it.
Chapter
4:
OSI
Model
Describe
the OSI model layer(s) at which the
Point-to-Point Protocol (PPP) operates
and its function at those layers.
PPP
operates at the lower three layers of
the OSI model.
Network
Layer: PPP uses Network Control Protocol
to allow the simultaneous use of
multiple network layer protocols.
At
the Data Link Layer PPP uses HDLC to
encapsulate datagrams over serial links.
PPP also uses the Link control Protocol
for establishing, maintaining and
testing the data-link connection.
At
the physical layer, PPP can use
synchronous and asynchronous physical
media.
Describe
what major types of WAN links are
supported by PPP.
PPP
supports synchronous and asynchronous
physical media for WAN links.
Describe
what the function of the Network Control
Protocol (NCP) is within PPP.
PPP
supports or encapsulates several network
layer protocols such as IP, and IPX.
Describe
what the function of the Link Control
Protocol (LCP) is within PPP.
The
Link Control Protocol is for
establishing, configuring, and testing
the data-link connection. If the link
quality is sufficient, network layer
protocols will be brought up.
Describe
the functions of PAP and CHAP in a PPP
implementation.
PAP
and CHAP are authentication methods used
by PPP. The authentication options
require that the calling side of the
link enter authentication information to
help ensure that the user has the
network administrators permission to
make the call.
PAP
is not a strong authentication protocol.
Passwords are sent across the link in
clear text, and there is no protection
from playback or repeated
trial-and-error attacks.
CHAP
is used to periodically verify the
identity of the remote node using a
three-way-handshake. CHAP does not allow
a caller to attempt an authentication
without a challenge.
Identify
PPP operations to encapsulate WAN data
on Cisco Routers
PPP
LCP Configuration Options
|
Feature
|
Operation
|
Protocol
|
|
1.
Multi-link
|
Load
balancing with multiple links
|
Multi-link
|
|
2.
Authentication
|
Require
a password
|
PAP
|
|
|
Perform
Challenge Handshake
|
CHAP
|
|
3.
Compression
|
Compress
data at source / reproduce data
at destination
|
Stacker
/ Predictor
|
|
4.
Error Detection
|
Monitor
data dropped on link
|
Quality
|
|
|
Prevent
frame looping
|
Magic
Number
|
Chapter
5:
General
Describe
the user requirement for implementing
ISDN to a site
ISDN
allows digital signals to be transmitted
over existing telephone wiring. ISDN is
generally viewed as an alternative to
leased lines, which can be used for
telecommuting and networking small or
remote offices into LAN’s. Telephone
companies developed ISDN as part of an
effort to standardize subscriber
services.
Describe
at what layer of a hierarchical WAN
model an ISDN link should be installed
The
ISDN link will be installed in the
distribution layer of a hierarchical WAN
model, because it is the backup link
from the gateway router to the ISP.
Define
what three layers of the OSI model ISDN
standards address.
Physical:
The
ISDN Basic Rate Interface physical layer
specification is defined in ITU-T I4.30.
The Primary Rate Interface specification
is defined in ITU-T I.431
Data
Link:
The ISDN data-link layer specification
is based on LAPD and is formally
specified in ITU-T Q.920 and ITU-T Q.921
Network:
The ISDN network layer is defined in ITU-T
Q.930
ISDN
Describe
the 3 data channels used in ISDN BRI and
describe their functions
A
BRI service provides two B channels and
one D channel. The BRI B-channel service
operates at 64Kbps and carries data,
while the BRI D-channel service operates
at 16Kbps and carries signaling
information to set up and control calls.
The D-channel signaling protocol spans
the OSI reference model’s Physical,
Data Link, and Network layers. The D
channel can also be used for other
functions like an alarm system for a
building, or anything that doesn’t
need much bandwidth. D channels work
with LAPD at the Data Link layer. When
configuring ISDN BRI, you will need to
obtain a Service Profile Identifier (SPID),
and you should have one SPID for each B
channel. SPID’s can be thought of as
the telephone number of each B channel.
The ISDN device gives the SPID to the
ISDN switch, which then allows the
device to access the network for
service. Without a SPID, many ISDN
switches don’t allow an ISDN device to
place a call on the network.
Describe
what ISDN protocols that start with
"Q" address
Q
covers how switching and signaling
operates. The term signaling in this
context means the process of call setup
used. Q.921 describe the data-link
processes of link access procedure on
the D channel, which functions like the
layer 2 processes in OSI reference
model. Q.931 specifies OSI reference
model layer 3 functions.
Describe
what ISDN protocols that start with
"I" address
I
deal with concepts, terminology and
general. The I.100 serial includes
general concepts of ISDN and structure
of other I-serials recommendations. The
I.200 serial deals with service aspects
of ISDN. The I.300 serial describes
network aspects. The I.400 serial
describe how the Unique Identifying
Number (UIN) is provided.
Describe
what ISDN protocols that start with
"E" address
E
is the recommended telephone network
standard for ISDN.
Describe
the five major devices in a ISDN
implementation
The
five major devices in an ISDN include
terminals, terminal adapters (TAs),
network-termination (NT) devices,
line-termination equipment, and
exchange-termination equipment.
|
TE1:
|
Terminal
Equipment
type 1
|
This
is the ISDN telephone or
computer for instance.
|
|
TE2:
|
Terminal
Equipment
type 2
|
This
is an old analog telephone or
modem. Other communications
equipment can also use a TE2.
|
|
TA:
|
Terminal
Adapter
|
This
adapts other kinds of
equipment to work on ISDN,
like Ethernet interfaces.
|
|
NT1:
|
Network
Terminal
type 1
|
This
is the end of the line for the
local phone company, and the
beginning of your properties
phone network.
|
|
NT2:
|
Network
Terminal
type 2
|
This
is where you may have
switching for your own
network.
|
|
LT:
|
Line
Terminal
|
This
is the physical connection to
the phone company.
|
|
ET:
|
Exchange
Terminal
|
This
is the local phone company's
logical connection from your
equipment to "the phone
network".
|
The
difference between TE1 and TA is subtle
but significant. If you buy an ISDN card
for your computer you have turned your
computer into a TE1. However, if
you buy an ISDN device that lets you
plug your computer’s Ethernet into an
ISDN conversion box, then you're
computer is a TE2, and the conversion
box is a TA.
Describe
the four major reference points in an
ISDN implementation
Reference
points are a series of specifications
that define the connections between the
equipment used in the ISDN
network. ISDN has four reference
points that define logical interfaces,
these are:
|
R:
|
Defines
the reference point between
non-ISDN equipment (TE2) and a
TA.
|
|
S:
|
Defines
the reference point between the
customer router and an NT2.
Enables calls between the
different customer equipment.
|
|
T:
|
Defines
the reference point between NT1
and NT2 devices. S and T
reference points are
electrically the same and can
perform the same function.
Therefore, they are sometimes
referred to as an S/T reference
point.
|
|
U:
|
Defines
the reference point between NT1
devices and line-termination
equipment in a carrier network.
(This is only in North America
where the NT1 function isn’t
provided by the carrier
network).
|
Describe
the function of Point to Point Protocol
in an ISDN Implementation
PPP
is typically used with ISDN to provide
data encapsulation, link integrity, and
authentication.
Describe
why it is important to know the ISDN
switch type when configuring an ISDN
connection
ISDN
service providers use a variety of
switch types for their ISDN services.
Services offered by carriers vary
considerably from area to area. Just
like modems, each switch type operates
slightly differently and has a specific
set of call setup requirements. As a
result, before you can connect a router
to an ISDN service, you must be aware of
the switch types used at the Central
Office (CO). You specify this
information during router configuration
so the router can place ISDN
network-level calls and send data.
Describe
the function of SPID numbers and why it
is important when configuring and ISDN
connection
SPID’s
can be thought of as the telephone
number of each B channel. The ISDN
device gives the SPID to the ISDN
switch, which then allows the device to
access the network for service. Without
a SPID, many ISDN switches don’t allow
an ISDN device to place a call on the
network.
State
a relevant use and context for ISDN
networking
Remote
access involves connecting users located
at remote locations through dial-up
connections. The remote location can be
a telecommuter’s home or a small
remote office. The dial-up connection
can be made via an analog connection
using basic telephone service or via
ISDN.
Identify
ISDN protocols, function groups,
reference points, and channels
The
BRI local loop is terminated at the
customer premises in an NT1. The
interface of the local loop at the NT1
is called the U reference point. On the
customer premise side of the NT1 is the
S/T reference point. ISDN LAN routers
provide routing between ISDN BRI and the
LAN by using dial-on-demand routing (DDR).
DDR automatically establishes and
releases circuit-switched calls,
providing transparent connectivity to
remote sites based on networking
traffic. DDR automatically establishes
and releases circuit-switched calls,
providing transparent connectivity to
remote sites based on networking
traffic. DDR also controls establishment
and release of secondary B channels
based on load thresholds. Multi-link PPP
is used to provide bandwidth aggregation
when using multiple B channels. Some
ISDN applications may require the SOHO
user to take direct control over ISDN
calls. Reference points are a series of
specifications that define the
connections between the equipment used
in the ISDN network. ISDN has four
reference points that define logical
interfaces, these are:
|
R:
|
Defines
the reference point between
non-ISDN equipment (TE2) and a
TA.
|
|
S:
|
Defines
the reference point between the
customer router and an NT2.
Enables calls between the
different customer equipment.
|
|
T:
|
Defines
the reference point between NT1
and NT2 devices. S and T
reference points are
electrically the same and can
perform the same function.
Therefore, they are sometimes
referred to as an S/T reference
point.
|
|
U:
|
Defines
the reference point between NT1
devices and line-termination
equipment in a carrier network.
(This is only in North America
where the NT1 function isn’t
provided by the carrier
network).
|
Describe
Cisco's implementation of ISDN BRI
Two
common types of ISDN CPE are available
for BRI services: LAN routers and PC
TA's. PC TA’s connect to PC
workstations either by the PC bus or
externally through the communications
ports and can be used similarly to
analog modems.
PC
TA's can provide a single PC user with
direct control over ISDN session
initiation and release, similar to using
an analog modem. Cisco 200 Series PC
cards can provide ISDN services to a PC.
General
Describe
at what layer of a hierarchical WAN
model an Frame Relay link should be
installed
The
Frame Relay link will be installed in
the distribution layer of a hierarchical
WAN model, this is because it is the
main link between all our routers.
OSI
Model
Describe
what layers of the OSI model Frame Relay
standards address and their functions at
these layers.
Frame
Relay is a Data-link layer protocol; its
function is to provide encapsulation and
security to data being transmitted over
the network.
Frame
Relay
Describe
DLCIs and their functions in a Frame
Relay implementation.
A
DLCI is a number that identifies the
logical circuit
between the source and
destination device. The Frame Relay maps
the DLCIs between each pair of routers
to create a permanent virtual circuit.
Describe
LMIs and their function in a Frame Relay
implementation.
A
signalling standard between the
customers premises equipment device and
the Frame Relay switch that is
responsible for managing the connection
and maintaining status between the
devices.
Describe
a 'Permanent Virtual Circuit'.
A
Permanent virtual circuit (PVC) is a
virtual circuit that is permanently
established.
Describe
connection-oriented network service and
connectionless network service, and
identify the key differences between
them
Frame
Relay is a connection-orientated
service. A connection-orientated service
is always connected throughout the whole
network, whereas a connectionless
service is only connected when it needs
to be.
Describe
'Committed Information Rate' (CIR) and
its function.
The
Committed Information Rate (CIR) is the
rate at which a Frame Relay network
agrees to transfer data under normal
conditions.
Describe
'Forward Explicit Congestion
Notification' (FECN) and its function.
Forward
Explicit Congestion Notification (FECN)
is when a Frame Relay switch recognizes
congestion in the network; it then sends
an FECN packet to the destination device
indicating that congestion has occurred
and congestion avoidance measures should
be implemented.
Describe
'Backward Explicit Congestion
Notification' (BECN) and its function
Backward
Explicit Congestion Notification (BECN)
is when a Frame Relay switch recognizes
congestion in the network; it then sends
a BECN packet to the source router
instructing the router to reduce the
rate at which it is sending packets.
Describe
'Discard Eligibility' (DE) and its
function.
Discard
Eligibility (DE) is when the router
detects network congestion. The DE bit
is set on the traffic that was received
after the CIR was met. The Frame Relay
switch will drop packets with the DE bit
set first.
Recognize
key Frame Relay terms and features
Access
Rate:
The clock speed of the connection to the
frame relay cloud.
Data-Link
Connection Identifier:
A DLCI is a number that identifies the
logical circuit between the source and
destination device.
Local
Management Interface:
A signalling standard between the
cutomer premises equipment device and
the Frame Relay switch that is
responsible for managing the connection
and maintaining status between the
devices
Committed
Information Rate:
The CIR is the guaranteed rate, in bits
per second, that the service provider
commits to providing.
Committed
Burst: The
maximum number of bits that the switch
agrees to transfer during a time
interval.
Excess
Burst: The
maximum number of uncommitted bits that
the Frame Relay switch attempts to
transfer beyond the CIR.
Forward
Explicit Congestion Notification: When
a frame relayswitch recognises
congestion in the network, it sends a
FECN paket to the destination device,
indicating that congestion has occurred.
Backward
Explicit Congestion Notification:
When a Frame Relay recognises congestion
in the network, it sends a BECN packet
to the source router instructing the
router to reduce the rate at which it is
sending packets.
Discard
Eligibility Indicator: A
set bit that indicates the frame may be
discarded in preference to other frames
if congestion occurs.
List
commands to configure Frame Relay LMIs,
maps, and subinterfaces
The
command for Frame relay LMI’s is:
Router(config-if)#frame-relay
lmi-type LMI
type to be used
The
command for Frame relay maps is:
Router#show
frame-relay map
Subinterface
configuration commands:
Interface
serial number.subinterface number
[multipoint | point-to-point]
Ip
address <ip address> <subnet
mask>
Encapsulation
frame-relay [cisco | ietf]
Bandwidth
<kilobits>
No
shutdown
List
commands to monitor Frame Relay
operation in the router
The
following commands help monitor
operation of Frame Relay and associated
protocols:
Router(config-t)#int
interface
or sub-interface number
Router# show interfaces serial
Router#show
frame-relay pvc
Router#show frame-relay map
Router#show frame-relay lmi
|