CCNA Commandos Guia

8/18/2019 CCNA Commandos Guia

1/97

CCNA Command GuideRouting and Switching

Command Guide with ExamplesIntroductionThe CCNA Certification is a good foundation for other networkingcertificationsshould you may want to pursue in the future. Cisco Routers andSwitches take up

a huge chunk of the exam. The CCNA will test how much youknow of Ciscohardware and software.CCNA Command Guide: Routing and Switching CommandGuide with Examplesis designed to help you pass the CCNA Certification exam. The ook is filled withthe following:Illustrations: The ook is filled with diagrams and pictures that

will help youunderstand the concepts and functions of Cisco Routers andSwitches.Command Guides: !ach chapter includes se"eral commandguides that willhelp you impro"e your Routing and Switching #anagement skills.Outlined Concepts: This ook contains a good outline oftopics$ technicalterms and information. This should help you understand and

rememer termsthat are sure to come out in the certification exam. %hile the main goal of this ook is to help you pass the CCNAexamination$ mostof the information found in this ook has practical applicationsthat you will finduseful when performing your &o as an 'T professional.This ook is di"ided into two parts:Part One: Routing with Cisco Routers

Part Two: Switching with Cisco Switches


2/97

At this point$ you should understand that the concept of Routingand Switching is "ery similar except from the network layer they operate on. #ostof the commands

are the same ut the command protocols are different. #uch ofthis will ediscussed in detail in the latter portions of each part.(nlike other ooks that you can download from the internet$ this ook is "ery easy to use ecause of the special formatting it uses. 'mportantconcepts are inboldface$ italics or both. Since this is ook is a commandguide$ the sample

command lines that you can use to configure Cisco Routers andSwitches arehighlighted y using a special font.

Table of ContentsIntroductionTable of ContentsPart 1. Routing with CISCO RoutersChater 1. !a"er # Routers)ayer * +Network )ayer,-unctions of )ayer * RouterTypes of rotocolRouter -unctionsChater $. Router %anagementCisco Routers(sing the Cisco Routers)ocal ConnectionConfiguring a C'SC/ RouterCisco '/S Setup #ode Commandsassword Configuration 0T1 asswordSetting2(p a Router 3anners Auxiliary asswordri"ileged asswordassword !ncryptionReco"ering A )ost asswordChater #. Networ& RoutingTypes of Network RoutesRouting rotocols


3/97

Routed rotocolsRouting #ethodsChater '. (nhanced Interior Gatewa" RoutingProtocol )(IGRP*

Characteristics of !'GRComponents of !'GRRouting Tales!'GR acket TypesCon"ergence4iffusing (pdate Algorithm +4(A),Classful "s. Classless RoutingConfiguring !'GR#anaging !'GR /peration

/ther !'GR2related TermsChater +. Oen Shortest Path ,irst )OSP,*ProtocolCharacteristics of /S-Con"ergenceCost #etric/S- 5ierarchy Selecting a 4esignated Router +4R,Router '4 +R'4,

Configuring the /S-/S- rotocol Configurationertinent CommandsPart $. Switching with CISCO SwitchesChater -. !a"er $ Switches5us3ridgesSwitches5us "s. 3ridges "s. Switches

Switch -unctionsGlossary of Terms +Switching,Chater . Switch %anagement5andling #ethods for Cisco SwitchesConsole ort Auxiliary ortsChater /. Networ& Tra0c %anagementSwitching #odesChater . Sanning Tree Protocol )STP*

rolems caused y Transmission )oops:Spanning Tree rotocol


4/97

Assigning ST ort TypesRoot orts4esignated ortsChoosing 4esignated orts ased on ST ath Cost

Choosing 4esignated orts ased on 3ridge '4ST Con"ergence3ridge rotocol 4ata (nits +34(s,ST ort States!xclusi"e Cisco ST /ptionsChater 12. 3irtual !ocal Area Networ& )3!AN*3enefits of 0)ANsCreating 0)ANs6inds of 0)AN

0)AN Trunking!therChannelConfiguring !therChannelTypes of Switch ortsChater 11. 3oice o4er IP )3oIP*7uality of Ser"ice +7/S,Cisco ' honeCisco 4isco"ery rotocol +C4,!naling 7oS in the (pstream Switch

Chater 1$. Troubleshooting SwitchesGathering 'nformationTrouleshooting Switch Connecti"ity Conclusion

art 8

Routing with CISCORouters

Chater 1. !a"er # RoutersThe network layer in oth TC9' and /pen Systems'nterconnection network models is called Layer 3. Network layer protocols and de"ices arein charge of transferring data that are stored in packets from one host to

another. This method


5/97

of data transfer is called routing. These hosts can e ad&acent toeach other utthey can also e se"eral miles apart.The difference etween Layer 2 +discussed in art *$ Chapter 8,

and )ayer * isthat the former routes data packets etween de"ices that elong tothe same )AN while the latter routes data frames etween de"ices that elong todifferent )AN.This is where )ayer ; got is name$ data link layer.

!a"er # )Networ& !a"er*)ogical addresses or more popularly known as ' addresses areassigned y

Network )ayer to all the de"ices connected to the network. Theseaddresses areused to identify hosts +source and destination, and the specificnetwork wheredata packets are eing routed. Take note that ' addresses orlogical addresses areassigned to network protocols and not to physical de"ices+modem$ network card,.-or physical de"ices$ physical addresses are assigned.

The functions of network layer include:8. Acceptance of data pieces transported from transitions layer within the transferhost.;. Assemling of data pieces into data packets. 'n each datapacket$ the network layer writes ' addresses of source and destination hosts fortracking.*. 4irecting the data packets to the specific data link layer. The

data link layer+)ayer ;, will then send the data packets through the )ANconnection./nce the data packets ha"e een sent to )ayer ;$ it will thenperform the followingfunctions:8. Acceptance of data packets from the network layer.;. Assemling of the data pieces$ stored in data packets$ in a dataframe. )ayer ;


6/97

writes the physical #AC addresses of the source and destinationhosts of thede"ice in each assemled data frame.*. 4irecting the data frame to the physical de"ice displaying the

correct physical#AC address. The de"ice then decodes the data frame to readaleoptical orelectrical signal.

,unctions of !a"er # RouterThe )ayer ; switch is designed to o"ersee the creation of a singleimpact domainper port and the forwarding of data frames on exit transfer portsthat managed to

get to the frame


7/97

%hile the main function of the router is to transfer data packetsthrough thesource and destination hosts of each network$ it is also responsilefor:

8. 'nspection of the ' written in each passing data packet.;. !xtraction of the logical ' address of the destination host.*. 'nspection of the extracted ' address to decode the network where the datapacket must e sent.. Sending of the data packet to the correct destination network.+This is if therouter recogni=es the destination network.,'f the router is unale to recogni=e the destination network$ it will

&ust transfer thedata packet to its own exit gateway for outound transfer.

T"es of Protocol At the network layer$ there are two types of recogni=ed protocols:routing protocols and routed protocols"8. Routing Protocols5 These protocols are used to transferroute updatepackets from one host to another. 'nformation aout new routes

and new networks are stored within the route update packets. Thesepackets are sent y routers to each other whene"er a new route is opened or a newnetwork isestalished. Among the more prominent routing protocols are Routing'nformationrotocol +R'> Chapter 88,$ !nhanced 'nterior Gateway Routing

rotocol+!'GR> Chapter 8;,$ and /pen Shortest ath -irst +/S-,rotocol+Chapter 8*,.These routing protocols employ "arying systematic metrics todetermine which routes and networks are etter compared to others.;. Routed Protocols5 These protocols are used to transferdata packets as well


8/97

as to identify hosts from networks in the gloal en"ironment.Routed protocolsassign a uni?ue logical address for each host in the network.Good examples of routed protocols are AppleTalk$ SNA$ '@ and

'".Router ,unctionsThe four asic functions performed y a )ayer * router are:8. #aintaining routing protocols>;. !stalishing routing tales y means of routing protocols>*. 6eeping ta of routing tales> and. Routing data packets.6eep in mind that logical ' address follows a hierarchy. Theyha"e numers that

correspond to the name of the network and numers thatcorrespond to the hostde"ice.Consider the ' address of the network is 8B;.8.D.E forexample. 5osts withinthe network must ha"e an ' address that egins with 8B;.8.D.Conse?uently$hosts within the network descried y an ' address 8B;.8.;.Eshould ha"e

hosts whose ' address egins with 8B;.8.;. 'n the twoexamples$ the firstthree numers are used to identify the network while the lastnumer is used toidentify the host.Routing Protocols3efore two networks are ale to send data packets to and fromeach other$ therouters need to set up a consistent routing protocol. The different

stages of settingup a consistent routing protocol are:8. Setting up the routing protocol for each router>;. Accessing the interface of each router> and*. Customi=ing the options for routing protocols.(nless the router is programmed to negotiate routing protocols with each other$ you ha"e to execute each stage to manage routing protocols.Routing Tables


9/97

%hile routing protocols contain specific instructions on how therouter shouldexchange information in forms of data packets within networks$routing tales

manage the changes within the network$ the paths for eachnetwork and themetrics for each path. Aside from that$ routing tales also keeptrack of thefollowing:8. )ist of networks rememered and forgotten y each router;. 4ata stored within the router interface*. #etrics related to each path.

Chater $. Router %anagementThe Cisco 'nternetwork /perating System +Cisco '/S, isresponsile for managingCisco routers. #anaging Cisco routers and managing Ciscoswitches is similar. -or oth routers and switches$ only the output differs F the '/Scommands are "ery similar. 'n fact$ the graphical user interface used for managing oth Cisco routers

and switches is the same except for some differences. -orinstance$ Cisco Routerand Security 4e"ice #anager +S4#, is o"iously only a"ailalefor Cisco Routers+and not for Cisco Switches.,

Cisco RoutersThe three classifications of Cisco Routers are as follows:Cisco Router Best Suited or

!ntry2le"el Router Access )ayer and 4istriution)ayer#idrange Router Access )ayer and 4istriution)ayerTop2of2the2line Router Core )ayer and 4istriution)ayerTop2of2the2line Cisco routers are designed to perform thefollowing the routers intheir respecti"e networks:

%AN gateway connecti"ity 'nter20)AN routing


10/97


11/97

computer frame to router through a rollo"er cale. This port isused tolink the router to the console locally.The Cisco /perating System has a console facility that aids user

interaction through prompts$ status updates$ error warnings$ anddiagnostic messages. The console facility can e accessed yconnectingthe router through its console port to the computer host usingrollo"ercales. After connecting the computer to the router using a physicalconnection$the terminal emulation program must e accessed in the

computer toopen the terminal setting in the router. !xamples of terminalemulationprograms are:5yperTerminalSecureCRTTeraTermRemote Connection(sing a remote management computer host$ C'SC/


12/97

the router to the remote management computer host.

Con$guring a CISCO Router 'f you don


13/97

$. Setting u the management IP addresscon7gurationThe Cisco '/S commands ip !efaultgate$a% and ip a!!ress$ you

can now estalish the ' gateway and ' address of the router.This lets youuse 5TT or Telnet to estalish a connection to the router fromdistantlocations.To customi=e the current default gateway and management 'address onthe router$ you can implement the following commands:Router>en

Router #cong tRouter(cong) #int fe0&0RT01(cong) #ip !efault0gate$a% 1'1*+,RT01(cong) #eitRT01(congif) #ip a!!ress 1'1*+,-0........0RT01(congif) #no shut!o$nRT01(congif) #eitRT01 #!isa"le

RT01>The first two lines:Router>enRouter #cong tcan e used interchangealy with:Router>ena"leRouter #congure terminalThese two lines enale the pri&ileged glo(al con)gurationmode in the Cisco

'/S. This configuration mode allows you to implement commandsthat cantweak the settings of the gloal router or simply the settings of theentirerouter.This line:Router(cong) #int fe0&0can e used interchangealy with:Router(cong) #interface fastethernet0&0


14/97

This command allows you to choose which command interface to work on.'n the example pro"ided in the pre"ious page$ this line:RT1(congif) #ip a!!ress 1'1*+,-0

........0sets oth the ' address +1'1*+,-0, and the sunet mask +........0).To start a command interface$ you first select it eforeimplementing:RT1(congif) #no shut!o$nTo exit a command interface$ you select it again eforeimplementing:RT1(congif) #no shut!o$n

The '/S prompt shows you what configuration mode you are in while keyingin the '/S commands. 5ere are the different configuration modes:Global Con$guration%ode(cong)This mode allows you to change the settings y implementing commands codes for the whole router +gloalrouter,.

Interace Con$guration%ode(congif) After choosing the interface to work with$ this mode isacti"ated. This mode allows you to change the settings of therouter interface.Interace RangeCon$guration %ode(congifrange)

3y implementing the interface range command code$ youcan select the interface range to work with. This modeallows you to implement system codes to change the settingof all interfaces within the selected range.

Password Con$gurationRouter credentials can e changed y configuring Cisco '/Scommands y entering credential "alues to pass$or! and login "ariales.Cisco routers don


15/97

Cisco features routers that supply information to the network andthe de"ices on it ased on the kind of access enaled y a specific password. Ciscorouters allow

four kinds of access:Console Password This password grants access to theRouter console "ia the Console TerminalSer"er or the console port. "uxiliar# Password This password grants access to theRouter console "ia the auxiliary port inthe router.

&T' !inesPassword This password grants access to Telnetand Security Shell +SS5, to the 0irtualType Terminal +0T1,. The 0T1 is calledsuch ecause it does not re?uire any physical connection from the terminal tothe router. This remote connection usesthe ' address of the router to connect

the computer host directly to thenetwork.Pri(ileged Password This password grants access for selectusers who ha"e a security clearance thatallows them to configure the operation of the management computer host. Theseusers are ale to implement special '/S

command.3y default$ oth the auxiliary port and console port are enaledregardless if apassword is a configured for each of them. This poses a security "ulneraility tothe router network thus Cisco recommends that$ at the "ery least$a consolepassword must e configured. Also y default$ the 0T1 lines are disaled. !naling 0T1 re?uire

the


16/97

configuration of 0T1 password. To set the password for the Ciscorouter$ the Cisco'/S interface can e instructed to prepare the router forauthentication. 'n the '/S

interface$ implement the following commands to set the consolepassword:router001 > enrouter001 #congure trouter001 (cong)#line cons 0)router001 (congline) #pass$or! 1!m/router001 (congline) #loginrouter001 (congline) #eitrouter001 (cong) #eit

router001 #!isa"lerouter001 >These lines can e used interchangealy:router001 > enrouter001 > ena"leThe same goes for this line:router001 #cong trouter001 #congure terminalThese two lines enale the pri&ileged glo(al con)guration

mode in the Cisco '/S.This configuration mode allows you to implement commands thatcan tweak thesettings of the gloal router or simply the settings of the entirerouter. Also:line console0This '/S command chooses the consoleline. All Cisco de"ices +routers or routers,

only ha"e one kind of console line:console 0Pass$or!1!m/This '/S command sets the password to1!m/ on the access line of the console.

&T' Password The following commands can e implemented in the Cisco '/Sinterface:router001 > en


17/97

router001 #cong trouter001 (cong) #line /t% 0 1 last line num"errouter001 (congline) #line /t% 01

router001 (congline) #pass$or! ne$1!m/router001 (congline) #loginrouter001 (congline) #eitrouter001 (cong) #eitrouter001 #!isa"lerouter001 >To ha"e a good understanding of how each lock of line is used:#line /t% 0 This command poses a ?uery that determines the numer of

0T1 lines free.01 last linenum"erThis is the response of theCisco '/S saying that lines E to8; +or 8* lines, a"ailale for therouter. This means there areexactly 8* Telnet sessions thatcan e simultaneously opened

for this router.#line /t% 01. This command selects all the E28; 0T1 access lines a"ailale./lder "ersions of Cisco routersonly use four 0T1 lines utnewer implementations ha"e atleast 8$8E 0T1 lines. This is why the pre"ious commandshad to pose first an in?uiry on

how many 0T1 lines area"ailale.#pass$or!ne$1!m/This '/S command sets thepassword to 1!m/ on the 0T1 lines chosen in thepre"ious command line.Cisco de"ices ha"e se"eral 0T1 access lines ecause of two ma&or

reasons:


18/97

8. Se4eral 3T8 access lines allow multile users tomanage the router5)arge router networks grants access to more than one routermanager. 3y

using SS5 or Telnet$ router managers can access the routerthrough remoteconnection.;. A 3T8 access line allows a user to connect to adi9erent de4ice alsoconnected to the router. 'n this case$ two 0T1 lines arere?uired. /ne thatconnects the computer unit to the router and another thatconnects the router

to the other de"ice.Setting)*p a Router BannersRouter anners are rief messages that the router display to aterminal connectedto it. This is common with routers that are eing accessed ymultiple computerterminals. 't can e"en display which router a user is usingincluding theconfiguration limits and connection guidelines.

Companies and organi=ations can also configure a security warning in the annermessage to ward off potential unauthori=ed access to the router.This gi"es acompany to exercise legal action should an illegal access edetected y thesystem.The four different types of anners that Cisco routers can displayare:

8. E+EC process creation banner: This type of anner isconfigured in thescreen during the creation of !@!C processes.;. %essage o the ,a# -%OT,. banner: This annerdisplays a messagee"ery time a user estalishes a connection with the router.Regardless if theconnection is remote or local$ the router will display this message when there is

an attempt to log into the router network. The #/T4 anner isusually used to


19/97

ward off users attempting an illegal connection to the router.*. Incoming terminal connection banner: This anner isoften displayedafter the #/T4 anner. This anner is used to gi"e additional

information forusers who are connecting using 0T1 or re"erse TT1 computerterminals.. !ogin banner: This anner is displayed to gi"e informationto the usersaout the router. This may also contain additional guidelines onhow theconnection should e used.The following command can e implemented to setup an #/T4

anner on e"ery router connection:router001 > enrouter001 #cong trouter001 (cong) #"anner mot! &2nter T23T message 2n! $ith character 456This router is o$ne! "% eamplecom Shoul! thes%stem!etect an% unauthori7e! access to the router net$or89

the securit% s%stem $ill trace the user login to !ispla%securit% cre!entials from access point If %ou are notfrom eamplecom9 nor a client nor a "usiness partner9please !isconnect imme!iatel% router001 (cong)#The command #"anner mot! & opens the text editor interface.The delimitingcharacter set in this command is &$ which means that the '/S

interface willprocess the text input only until it detects a &.The delimiting character can e any character that could not efound on the textof the #/T4 anner.Resetting a Cisco Router %hene"er the router detects that there is no initial configurationacti"ated in theN0RA#$ it automatically implements !xpress Setup mode. This

happens when


20/97

the router has &ust een rought out of its ox or if the initialconfiguration has een deleted from the N0RA#.Relie"ing the Cisco router of its current configuration is usually a

last2resorttrouleshooting attempt to fix connection prolems. After therouter is reset$ thefollowing information will also lose their configured "alue:' addressTelnet password5ost nameConsole passwordSunet mask

4efault gateway To reset the settings of the router and delete any configurationstored in theN0RA#:8. ress the #ode utton and held it for a few seconds. 5old the#ode uttonuntil the )!4 indicators in the router egin linking.;. %ait for the )!4 indicators to stop linking efore you stopholding the #ode

utton. After all the )!4 has stopped linking$ the router shouldreoot y itself.*. Release the #ode uttonThe Cisco ootstrap program allows router managers to tweak the ootingprocedure of any Cisco router connected to the computer host.The oot commanddoes the following:

#anage the loaded Cisco '/S image file!nale the Ctrl H 3reak system key while the router is ootingSelect which initial configuration should e used!nale manual ooting-ormat the si=e of the N0RA#.The following command lock instructs the '/S interface to showthe a"ailaleoptions for the oot command:router001 >

router001 >enPass$or!: 1!m/


21/97

router001 #cong trouter001 (cong) #router001 (cong) #"oot s%stem

S%stem Imagemanualanual ;oot"oothlpr"oots the


22/97

configuration file.ena"le"rea8 'f this option is enaled$ the user candisrupt the ooting process y pressingCtrl H 3reak shortcut keys.

helper These options are also not included inthe co"erage of the CCNA test.helperconglemanual This option allows the user to oot therouter manually without impairing thesystem nor any configuration setting inplace.pri/atecongleThis option allows the user to determine

the pri"ate configuration file that could e loaded while the router is ooting up.ri"ate configuration files are designedto safeguard highly2securedconfiguration information likeencryption keys for SS5.s%stem This option allows the user to load aspecific image file in the '/S interfacefor checking.

The following command lock is used to configure the router toaccess a particular'/S image file that is stored within the flash memory:router001 >router001 > enPass$or!: 1!m/router001 #conf trouter001 (cong) #router001 (cong) #"oot s%stem Cash:&c10

eamplecomm710-2Drouter001 (cong) #eitrouter001 #!isa"lerouter001 >The ao"e code allows access to the image file earing an addressof :Cash:&c10eamplecomm710-2D'n order to "erify the options encoded on the said image file$ the'/S command

show oot can e used as in the example elow:router001 >


23/97

router001 > enPass$or!: 1!m/router001 #conf trouter001 sho$ "oot

;EET pathlist : Cash:&c10eamplecomm710-2D=ong le : Cash:&congurationttPri/ate=ong le : Cash:&pri/atecongurationtt


24/97

router001 (congline) #loginrouter001 (congline) #eitrouter001 (cong) #eitrouter001 #!isa"le

router001 >These two lines can e used interchangealy:router001 > enrouter001 > ena"leThe same goes for this line:router001 #cong trouter001 #conf terrouter001 #congure terminalThese two lines enale the pri&ileged glo(al con)guration

mode in the Cisco '/S.This configuration mode allows you to implement commands thatcan tweak thesettings of the gloal router or simply the settings of the entirerouter. Also:line au 0 This '/S command chooses theauxiliary line. All Cisco de"ices +routersor routers, only ha"e one kind of auxiliary line: au 0

pass$or!au1!m/This '/S command sets the password toau1!m/ on the access line of theconsole.

Pri(ileged Password There are '/S commands that should only e configured yspecific users as thesecommands are crucial to the o"erall functionality of the router.The twocommands used to setup a pri"ileged password are:ena"le pass$or!pri/1!an1This command sets the stringpri/1!an1 as the pri"ilegedpassword. 'n other words$ eforea user can access the functionsthat are restricted for pri"ilegedusers$ they must key in


25/97

pri/1!an1 in the '/Sinterface.ena"le secretcr%pt1!an1

This command setscr%pt1!an1 as the pri"ilegedpassword. Compared to thecommand line ao"e$ thispassword is encrypted. Alsounlike the ao"e command line$this command is supported only y newer '/S interfaces that arecompatile with the newer

implementations of Ciscorouters.3efore you set the pri"ileged password$ you must first enale thisoption y keyingin the following commands:ena"lepass$or!This enales password protection foradministrati"e pri"ileges. The password is

stored in an unencrypted format.ena"le secret The same as the ao"e command line exceptfrom the fact that the password is stored in anencrypted format.ri"ileged passwords are stored in a ser"er called %erminal $ccess Controller $ccess Control Sytem %$C$CS#" This ser"er is often used ylarger networkscomposed of multiple routers that allow the administrators to

configure thepri"ileged password only once for all routers in the network asopposed to settingup the passwords on each of the routers.router001 > enrouter001 # cong t)router001 (cong) #ena"le secret cr%pt1!an1router001 (cong) #eitrouter001 #!isa"le

router001 >


26/97

Password Encr#ptionasswords are sa"ed in plain text format y default in the startupconfigurationfile in N0RA# and running configuration in the RA#. 3y

implementing the sho$startup cong command and the sho$ runningcongcommand$ thepasswords will e displayed in simple text. This poses a securityrisk especially if the routers hold confidential data resources in the system. This is why it is ad"isedthat passwords must e encrypted in the system./ther passwords like theconsole password$ auxiliary password$

and 0T1 passwordare not encrypted regardless if the command ena"le secret isused toconfigure any of the three passwords. To encrypt these passwords$the ser/icepass$or!encr%ption command must e used. Consider thecommand lock elow:router001 > en

router001 #cong trouter001 (cong) #ser/ice pass$or!encr%ptionrouter001 (cong) #eitrouter001 #!isa"lerouter001 >

Reco(ering " !ost Password assword can only e reco"ered if the pass$or!reco/er%feature is enaled inthe system efore the password is lost. This can e done while therouterundergoes the oot process. To reco"er the lost password$ thefollowing stepsmust e followed:8. (sing any of the methods enumerated in one of the pre"ioussections in thischapter$ interrupt the regular oot process.;. Access the flash file system manually.*. re"ent the Cisco '/S interface from accessing the startupconfiguration file y


27/97

hiding it.. Start the router manually until the '/S has finished loading inthe RA#.D. Reacti"ate the startup configuration file.

. Transfer the configuration file to RA# from N0RA#.I. Change the password.. Store the running configuration.B. Reset the oot process to its original settings.8E. Restart the router.

Chater #. Networ& RoutingThe main role of routers is to transmit data packets from onenetwork to another. Aside from this$ the routers are responsile for the following:

Transmit packages ased on routing tales and routing protocols#aintain routing protocols/rgani=e routing information into routing tales#anage routing tales4ata transmission paths that extend through different networksare called anetwork route. !ach route &oins two end nodes$ each representinga network de"ice that is capale of eing assigned with ' address. !xamples

of which aresmart phones$ talets$ gaming consoles$ camera interface$ andcomputer hosts.'t is possile to ha"e more than one route in etween nodes. Thisis ecause therouter employs a special algorithm that computes for the estroute a"ailale efore a data packet is sent from one point +source, to another+destination,. The

algorithm takes into consideration route metrics$ which includethe cost of theresources$ and the time it takes to send the data packets. %ithin the data transmission path$ there should at least e tworouters positionedanywhere in etween the source and destination nodes. -orexample$ whensending a message "ia a chat module installed in your computer$the computer

sends packets of data containing the message you intend to sendto a computer


28/97

user elsewhere. These data packets pass through the home router.The homerouter then transmits these data packets to the 'nternet Ser"icepro"ider +'S, "ia

the outound gateway. The 'nternet Ser"ice ro"ider


29/97

whene"er dynamic routing procedures are used. Routingprotocols use andwidth ecause update packets are eing sent etween tworouters.

. Securit"5 Configuring static routes allows the user to managethetransmission paths used when sending data packets. This is usefulfor routersthat ha"e een transmitting highly2critical and highly2confidentialinformation.Regularly updating static routes pro"ide an extra layer ofinformation security and foil any attempts to hack into the network system and phish

for data. Also:-irewalls can e introduced to static routes to filter routing data within thenetwork order.Regardless of the route$ 0irtual ri"ate Networking +0N,safeguards the datasending mechanism regardless of the route where the data tra"els.'n other words$ security risks can e managed y uilding afirewall or y

using 0N.5owe"er$ while static routes ha"e many upsides$ they also ha"e afew downsides like:a. %anagement O4erhead5 #aintenance can e tricky ecause e"ery time the data transmission paths change$ the router configurationmust eupdated.

. Scalabilit"5 Static routes are impractical when managinglargernetworks. %ide2scale networks are composed of thousands ofroutes toreach other areas of the network. A good example of thesenetworks iscommercial internet connections pro"ided y the 'nternet Ser"icero"ider. 5ouses are connected to a single network managed y aser"er.

!"en so$ it is impractical +and almost impossile, to configure allthe


30/97

routes to e static. Also$ should any of the routes change$ all thestaticroutes in the network must also e changed. This is the reason why static

networks are perfect only for small2scale networks.c. Accurac"5 'f the network routes change and noconfigurations weremade on the static network$ the router will not ha"e an accurateunderstanding of the network. As a result$ data transmissions areeitherdelayed or lost completely.Static routes can e configured y using the Cisco interface yentering

the following command:ip route !estip su"net GnethopHip interfaceJ;. :efault routes %hene"er data packets are sent to a new destination network$packets follow a different kind of static routes. New destination networks are notlikely toha"e an entry in the routing tales so a new route is assigned tothem. This

route is called default routes. 't is not uncommon for a router torecei"e adata packet addressed to a new network that it has no informationof> in thiscase$ the router transmits the data packet through the defaultroute.Network managers always make sure that a default route isconfigured in therouter in case data packets addressed to newer unrecogni=ed

networks isrecei"ed y the default outound gateway. 4efault routes transmitdatapackets "ia the default gateway configured in the network.Con$guring deault routesConfiguring default routes is similar to configuring a regular routeusing thegloal configuration mode. 3y using Cisco '/S interface$ defaultroutes can

e configured manually y following the examples pro"ided elow:


31/97


32/97


33/97

numers that correspond to the address of the source anddestination node. Themost commonly2used routed protocols are:No"ell Netware 'nternetwork acket !xchange +'@,

AppleTalk 'nternet rotocol "er. +'",'nternet rotocol "er. +'",4epending on the results of the e"aluations made y the routingprotocol$ therouters choose a destination for a data packet ased on decisioncriteria" Routingtales uild an in"entory list of all the networks$ paths$ routes andmetrics

associated with all the nodes it has touched ases with efore.4ecisions made y the routing protocols are ased on the information stored in therouting tale.Routing protocols ase their decisions on two aspects:8. "dministrati(e0&irtual distance: This aspect measuresthe reliaility of the information integrated in the data packets aout thedestination node.

Routers gather information aout the network routes through thefollowing:*irect connection to the network+ Routers do not useintermediaries to gatherinformation aout the routes. (pdates in the form of data packetare sent todifferent routers for information2gathering purpose.,ndirect connection to the network &ia other routers#+ieces of information

aout other network not within range are gathered from whatinformationother routers ha"e gathered.Static Route connection to the network+ The router is notdirectly in touch witha network ut it is informed of its existence y the static route.Routers compute for the reliaility of the information ased onthe source.'t follows a hierarchy that fa"ors routers nearest it. Cisco

measuresadministrati"e distance y assigning distance "alues:


34/97

Source o Inormation "dministrati(e,istance &alues

4irect ConnectionEStatic route8'nternal !'GRBE/S-88ER' +"er. 8 and "er. ;,

8;E!xternal !'GR8IERouters prefer information with lower administrati"e distance "alues.;. Routing Protocol %etrics: This computes the costsassociated with eachroute. !xamples of weighted costs are as follows: link state$a"ailale

andwidth and traffic.The "arious routing protocol differs on how they calculate theefficiency of each of the router hence it is understandale that each of theroutingprotocols may ha"e different preferred routes compared to therest. %henrouting protocols disagree with each other$ routers select the estroute y

computing for administrati"e distances instead.5ere are some of the metrics used in route selection:a. ;andwidth5 This refers to the capacity of information thatcan e held y aroute to reach the destination. 3andwidth is measured in terms of(its per second (ps#. Routes with higher andwidth are preferred ymost routingprotocols ecause data packets tend to reach the destination point

faster with alarger andwidth. This metric is gi"en more weight y E,GR'"


35/97

.


36/97

'rocessing delay : This refers to the time spend y the router toinspect theencoded destination address.

Routing %ethodsRouters use the different standards through which routingprotocols compute forthe most "iale route. 3efore they e"en measure the efficiency ofeach route$routing protocols initiate a progressi"e trade of information etween routers to uild a reliale routing tale. This exchange of information isdone through many different methods. These are:

8. :istance 3ector Routing5 Routers$ who are usingprotocols that measuredistance etween nodes$ complete their routing tale y theinformation takenfrom their own direct connection and from neighoring routers.This is a routing procedure where routers trust the informationsent to them y neighor routers. The information sent y neighor routers isalso sent to

a different neighor router who might not ha"e direct connection with theoriginal router that sent the information. Rumor routing isanother name fordistance routing.4istance "ector routing employs the following special mechanismsto a"oidincurring routing loops:%riggered update+ This feature lets different routers share

updates with eachother once a router ecomes functional or when something haschanged withinthe network.'oison re&erse+ This feature sends a message to all neighorrouters that aspecific network is down and therefore must not e used as aroute for a datapacket.


37/97

Split hori.on+ This feature hinders the promotion of the route ack to itsoriginal promoter./old0down timer+ This feature hinders the acceptance of new

updates onspecific routes for a preset period if the route is deemeduna"ailale. Thispre"ents the re2ad"ertisement of routes that are not functional asthis may e"entually lead to routing loops.Route poisoning+ Similar to poison re&erse$ this feature setsthe numer of hops to the maximum numer of hops plus 8. This automatically

gi"esneighoring routers information that such route is no longerreachale.1aximum hop count+ This feature makes sure that the datapacket does notfollow a route that re?uires more hops than the predeterminedmaximum hopcount.Routing

Protocol%a=imum


38/97

in the neighor


39/97

Chater '. (nhanced InteriorGatewa" RoutingProtocol )(IGRP*(ni?ue to Cisco routers$ !nhanced 'nterior Gateway Routingrotocol +!'GR,has plenty of upsides compared to that of the 'nterior GatewayRouting rotocol+'GR, and its successor Routing 'nformation rotocol +R',.3oth 'GR and!'GR are known to e a distance "ector protocol. The onlydifference is that thelatter of the two has a etter set of distance "ector and response

algorithm. Thisalgorithm is responsile for determining the est data pathtowards a particulardestination. Also$ it employs an ad"anced loop mitigation systemcompared tothat of oth 'GR and R' making it perfect for link2stateprotocols. Aside from the ones mentioned ao"e$ Cisco designed !'GR tosupersede 'GR


40/97

usually found only in link2state protocols. 5ere are thecharacteristics of the!'GR:8. !'GR e"aluates the efficiency of the routes y using these

metrics:,eault %etrics: 4elay and 3andwidthOptional %etrics+ #T($ load$ Reliaility ,i2using *pdate "lgorithm: Route efficiency.;. As with the rest of link2state routing protocols$ /S- and!'GR direct theupdates aout routes only if it detects de"iations within thenetwork.*. !'GR is only exclusi"e to Cisco routers.

. !'GR performs its functions using two main directorialdistance figures:8IE – routes from other protocolsBE – routes from !'GR

Comonents of (IGRPThis router protocol comprises four components:8. Protocol)dependent %odules: These are independentmodules utili=ed y specific protocols when sending and recei"ing data packets withinthe /S'network layer.;. Reliable Transport Protocol -RTP.: This protocolguarantees adependale deli"ery system that transports the !'GR unicast ormulticastdata packets to routers neary.*. 3eighbor ,isco(er#0 Reco(er#: !'GR employs a smartsystem thatdetermines the existence of the nearest routers within the localnetwork.. ,ual $nite)state machine: 'n order to estimate anddetermine routes thatare free from loops$ !'GR uses a routing algorithm thatrecogni=es a metricthat selects routes ased on the feasiility of each routingsuccessors.

Routing Tables


41/97

!'GR collects data aout neary routers and the landscape of thenetwork andthen stores it to a se?uence of tales called routing tales. Thethree kinds of

routing tales used y the !'GR are:8. 3eighbor Table: This stores information using the localnetwork orcomputer systems directly connected to each other. Theinformation is thenorgani=ed in a tale that contains addressing and interface figures.!ach Ciscorouters uses its own !'GR> hence:!ach router is gi"en a clear map of all the neighor routers within

the samenetwork.!ach router is gi"en an in"entory of details of each peer router.;. Topolog# Table: This summari=es all network destinationsthat areroutale through !'GR and estimations using a metric thatdetects whether adestination is in an acti"e or passi"e status. !ach Cisco router alsoruns /S-

to manage a separate link2state tale> hence:!ach router has a clear map of network topology not &ust of itsown network ut the networks in surrounding network areas of neighorrouters.!ach router gets a deeper understanding of the network topology y using linkstateand neighor tale. 't gets a clear picture of how the topology within the

router


42/97

*. Routing Table: This is a collection of all destination routesmapped downusing the information otained from all the entries in the topology tale. 'f

oth the link2state and neighor tales count the numer ofa"ailale routes$the routing tale descries each route.

(IGRP Pac&et T"es8. "C4s0 1ello: +(nicast, This packet is used when initiatinginitial disco"ery or reco"ery process of neighoring router locations. AC6s arepacketscontaining unicast addressed with a specific non2=ero numers

exchanged asan acknowledgement receipts etween routers.;. *pdates: +(nicast, These packets ha"e routing proceduresaccepted y neary de"ices to help create and manage a routing tale for theo"erallnetwork topology.*. 5ueries: +#ulticast, These packets that contain coded?ueries are sent when adestination point is acti"ated.. Replies: +(nicast, These packets are sent as a response to the?ueries sentfrom the origin point.D. Re6uests: +(nicast$ #ulticast, These packets are used tootain pertinentinformation from neary network de"ices.

Con4ergence

As mentioned earlier !'GR has faster con"ergence than that of oth 'GR andR' ecause routers in the same local network merely exchange AC6 packetsinstead of the usually distance "ector protocols. %ith !'GR$routers ecomemore familiar with each other while undergoing the con"ergenceprocedure y exchanging network parameters to each of their neighor tales.

Routers are only considered as Jneary or Jneighoring routersif the


43/97

following conditions are satisfied:Routers ha"e successfully transmitted and recei"ed AC69 5ellopackets witheach other.

They ha"e the same independent system that has the sameinterface withsimilar routing designs.!ach of their AC69 5ello timer is set to the correct "alueespecially for thefollowing metrics:a. Network fre?uency at which each routers exchange AC69 5ellopackets with each other . -arthest distance efore the routers consider a router out of

co"erage network :i9using 6date Algorithm ):6A!*4(A) is a Cisco2proprietary algorithm that assesses each of theroutes managed y the !'GR. This algorithm is responsile for impro"ing theperformance of the!'GR compare to 'GR y circum"enting looping routes.4(A) calculates the successor route and the feasi(lesuccessor route for the

destination networks.4(A) allows !'GR to use routes across different networks using "aryingsunets y means of &aria(le length su(net masking +0)S#,4(A) pro"ides other feasi(le successor routes should the est route euna"ailale.

Classful 4s. Classless Routing

The two types of routing protocol supported y !'GR are classfuland classlessrouting. 'f used in their default settings$ oth the 'GR$ R'+"ersion 8, and!'GR are all classful routing protocols" 3y implementing ano auto0summary command in the Cisco '/S interface$ the router can econfigured to supportclassless routing. The differences etween the two routing

protocols are as follows:


44/97

Classul Routing Protocol Classless RoutingProtocol %hen sending route updates$this protocol does not transmit

sunet data. %hen sending route updates$this protocol transmits sunetdata.3ased on the class of 'address$ this protocol pro"idesa summary of routes within the oundaries of the network.This does not pro"ide a

summary of routes within thenetwork unless manually commanded to using the routerinterface.,iscontiguous 3etwor7s are networks that ha"e a numerof sunets thatcontain "arying classes of ' address. They are re?uired whenimplementingclassless routing protocol.

Con7guring (IGRPSimilar to how R' is configured in a Cisco router$ !'GR isconfigured y following these steps:8. Run the EIGRP on each Cisco router 'n the '/S interface$ run the following code in gloalconfiguration mode:router eigrp asHi!The asHi! is the routing domain identification otherwise knownas theautonomous system +AS, numer. The AS numer must e thesame for allrouters that will e sharing !'GR routing information. Thisnumer should e within the range of 8 to DD*D.Routing Con)guration of the E,GR' cisco"com#

;. Enable EIGRP As in the pre"ious step$ using the '/S interface run the following

code toenale the !'GR:


45/97

Net$or8 intHIPThe intK' in the command is simply the ' address that willidentify which interface will support the /S- in the network.

Run the following codes when configuring the !'GR:,or Router +1 >1R.11 > enR.11 #cong tR.11(cong)#router eigrp 1R.11(congrouter) #net$or8 1'1*+.R.11(congrouter) #net$or8 .1100R.11(congrouter) #no autosummar%R.11(congrouter) #eit

R.11(cong) #eitR.11 #!isa"leR.11 >,or Router $+15R..1 > enR..1 #cong tR..1(cong)#router eigrp 1R..1(congrouter) #net$or8 1'1*+.R..1(congrouter) #net$or8 .1100

R..1(congrouter) #no autosummar%R..1(congrouter) #eitR..1(cong) #eitR..1 #!isa"leR..1 >

%anaging (IGRP Oeration(sing the '/S 'nterface for Cisco routers$ the elements of !'GRcan e

monitored and "erified to ensure that the routers are a"ailale todetermine the est routes.To take a good look at the routing tales$ the following code can erun in the '/Sinterface:sho$ ip routeThis command will then display the following information:Sunets a"ailale

'nformation on the Network 'nternet rotocolRoutes that are recogni=ed and sa"ed in the routing tale


46/97

-or each route$ the interface displays the following data:4estination network that can e reached y the route asdetermined y the 'address

'f the router and the destination network of a route is directlylinked to eachother.The gateway


47/97

packets are lined up for sending. Some causes of high 7 Cnt "aluesare: +a, toomuch information sent to neighoring routers$ +, neighoringrouter is

outdated hence not fast enough to recei"e data$ and +c, error inthe link etween the origin and the destination routers.

Chater +. Oen Shortest Path ,irst)OSP,*ProtocolLust like !'GR$ /pen Shortest ath -irst +/S-, is a link2state

routing protocol.(nlike !'GR howe"er$ /S- is not &ust supported y Cisco utalso y otherrouter manufacturers. %hen dealing with a wide2scale networken"ironment$ the/S- uses a protocol called ,G' short for interior gateway protocol" 'G createsand manages routes only within a singular routing domain. Already mentioned in the pre"ious chapter$ a singular routing

domain is simply autonomous system $S#. The AS is simply routers andnetwork addressesgrouped together that are within the same routing networksystem. 't can einferred then that any network that has /S- integrated in all theconnectedrouters is operating under the AS. Another example of an autonomous system is the ,ntermediate

System0to0,ntermediate System ,S0,S# routing protocol. This routingprotocol is used forlarge networks like that of an internet ser"ice pro"ider. The6order Gateway 'rotocol 6G'# is another good example of an autonomoussystem. The 3G ismeant to link other autonomous system and large networksmanaged y internet

ser"ice pro"iders.


48/97

OSP/ Routing TablesSimilar to the !'GR$ /S- manages a neigh(or ta(le and arouting ta(le" Theonly difference is that !'GR has a topology ta(le whereas the

/S- has a linkstateta(le"!in7)State Table: This tale manages the connections etween the routerand neighoring router y measuring the staility of each of theseconnections. Simply$ it oser"es the ?uality of routes toneighoring routers.

Characteristics of OSP,8. As in !'GR$ route updates are only transmitted when /S-has detected any change in the routes.;. %hen the /S- does detect changes$ the router automaticallytransmits a linkstatead&ertisement LS$# in one of the routes whose properties arestored inthe routing ta(le. /nly information aout the changes in one ofthe routes iscontained in the )SA.)SA packets lea"e almost no network footprint or trace.)SA traffic is kept at a minimum ecause /S- keeps anin"entory of routes.)SA traffic is organi=ed in such a way that )SA packets reach thedestinationrouter immediately.*. Routers shares C6A9 5ello messages with each other as theyestalish the "alues in each of their neigh(or ta(les while undergoing thecon"ergenceprocess.. (nlike !'GR$ which is a Cisco2proprietary protocol$ /S- issupported y other router manufacturers.D. /S- con"erges fast compared to other protocols +except!'GR,.. /S- works efficiently ecause it di"ides the system +routingdomain, intodifferent sectors of control.


49/97

I. )imitless amount of network hops are supported y the /S-.. 0ariale2length sunet masking +0)S#, is supported y the/S-.B. /S- organi=es and reads routers in a hierarchical format.

Con4ergence4uring the con"ergence process$ the routers exchangepleasantries y sharingnetwork parameters efore storing recei"ed data to each of theirneigh(or ta(le"There is no need to discuss in great detail how routers recogni=eeach other asneighors since con&ergence in /S- is exactly the same withcon&ergence in

!'GR.

Cost %etricTo measure the "alue of the connections estalished y eachroute$ the /S-employs a cost metric.Route cost is a metric that determines the "alue of eachconnection y its andwidth. 3y di"iding the default 8EE#ps or roughly$ a million

its per second, andwidth with the measured andwidth of the connection.-or example$ if the router measured the actual andwidth as:12 Gbs+8E$EEE$EEE$EEE ps,8EE$EEE$EEE ps8E$EEE$EEE$EEE ps

E.E81 Gbs+8$EEE$EEE$EEE ps,8EE$EEE$EEE ps8$EEE$EEE$EEE psE.8122 %bs+8EE$EEE$EEE ps,

8EE$EEE$EEE ps8EE$EEE$EEE ps


50/97

812 %bs+8E$EEE$EEE ps,8EE$EEE$EEE ps

8E$EEE$EEE ps8E1 %bs+8E$EEE$EEE ps,8EE$EEE$EEE ps8$EEE$EEE ps8EEThe faster the andwidth of the connection$ the lower the routecost. /S- is

designed to compute for least cost and use it for sending packets.'n the ao"e example$ the default reference andwidth is peggedat 8EE #ps utusing the Cisco '/S interface$ you can change this reference "alue y using thiscode:autocost reference "an!$i!thThis is handy when using high2powered machines that transmitdata packets in

high2speeds. 'nstead of using 8EE #ps as reference$ you can setit to 8E Gps y implementing the following command codes:RT.1> enRT.1 #cong tRT.1(cong) #autocost reference"an!$i!th10000000000RT.1(cong) #eitRT.1 #!isa"le

RT.1>OSP,


51/97

algorithm assigns areas where there is at a single designatedrouter *R#. 'deally howe"er$ a (ackup designated router 6*R# is also assigned.'hoto+ S'4 Credit+ routerprotocol"net

Refer to the figure on the left. Since 4R28E Router is nearer "is2M2 "is other routers$it is designated as the designated router for Area 8E. The same can e said for 4R2;E router$ which is the designated router for Area ;E. 'n other words$ if the rootrouter intends to send a data packet to Router 8E28$ it will firstassess if the shorterroute +4R28E, is a"ailale. 'f it is$ then it sends the data packetthrough 4R28E enroute to 4R 8E28.

Selecting a :esignated Router ):R*The computations made y the S'4 priority algorithmdetermine the designatedrouter. The algorithm produces a "alue within the range of E ANS;;D isintegrated to the '/S interface y running:ipospf priorit% /alue

The default "alue of the /S- is 8. The router assigned with thehighest /S-priority "alue ecomes the designated router. 'n the remoteinstance that tworouters are assigned with the same /S- priority "alue$ the tie will e roken y using the router ,* R,*#"(sing the following methods$ users can choose which routershould e assigned as

a designated router y:S'4 'riority+ Set the highest priority "alue for oth theinterface and therouter.Look(ack ,nterfaces+ 'n each router$ the user can create aneffecti"e lookack interface and set the highest ' address to one of the routersintended to edesignated router.

Router I: )RI:*


52/97

This is the ' address generated to ser"e as an identifier of therouter. 't is set y employing the following methods:(sing the command router2id in the Cisco '/S interface

#anually y: Assigning a high ' address to the router


53/97

/S-$ (it masks ha"e the following significance:1 Any numer can e assigned to thematching it in the ' address.0 !xact numer should e the same as that

of the matching it in the ' address.Consider the ' address in its entirety. 't is di"ided into fournumers or into ytes with each yte containing its. The wildcards can e set asany numer within the range of E.E.E.E and ;DD.;DD.;DD.;DD. These decimalnumers ha"e thefollowing significance:.. Any numer can e assigned to the

matching it in the ' address. %hencon"erted to the inary system$ ;DD ise?ui"alent to a series of eight Es.0 !xact numer should e the same as thatof the matching it in the ' address. %hen con"erted to the inary system$;DD is e?ui"alent to a series of eight 8s.'f let


54/97

R101 (congrouter) #eitR101 (cong) #eitR101 #!isa"leR101 >

The ao"e command configuration of router 8E28 affects theinterface for otharea ;E and area 8E y: Area ;E Router 8E28 exposes to all routers withinarea ;E any routers assigned with the 'space 8I;.8E.I within the network with thesame ' address 8I;.8E.I Area 8E Router 8E28 exposes to all routers withinarea 8E any routers whose ' egins with

8I;.8E.I only. Simply$ the ' address can e8I;.8E.ID to 8I;.8E.I.

OSP, Protocol Con7gurationTo display the current settings of the ' routing protocols$ thefollowing commandcan e keyed in to the '/S interface:sho$ ip protocolsThe interface will display the following information:/S- process identification %hether or not inound update response filter is fixed %hether or not outound update response filter is fixedRouter 'dentification +R'4,Current "irtual distance etween routersSources of )SA socketsNumer of acti"e areas reached y the implemented commandReference andwidth +for determining the route costs,)ist of /S- and ' network areas listed for routing /S-.

Pertinent Commands %hen re"iewing for the CCNA certification$ you will find thefollowing commands+not already mentioned in the pre"ious section of this chapter,handy:sho$ ip ospf interfaceThis is used to inspect thecurrent ' configuration of the

/S- protocol.'f the command is


55/97

implemented in a specificinterface$ the interface willonly display informationpertaining to the said

interface.'f this is not the case$ thenthe command will display acomprehensi"e list of information pertaining toeach interface powered y /S-.ip ospf neigh"or This displays information aout/S- information of neighor

routers.sho$ ip ospf !ata"aseThis inspects the data held y the routing tales of the /S-protocol. The command notonly displays information aoutrouters within the samenetwork$ it also displays the

status of each connection fromthe root router.!e"ug ip ospf This command code is use totrouleshoot any noticealerouting malfunctions.no !e"ug ip ospf This command disales thedeugging capailities of /S-.

Part $Switching with CISCO Switches

Chater -. !a"er $ Switches'f Layer 3 is the network layer $ were routers transmit datapackets to otherrouters$ Layer 2 is the data link layer in networks that followthe TC9' or /pen

Systems 'nterconnection +/S', model.


56/97

)ayer ; is responsile for sending data to physical de"ices. !achde"ice is assigned with its own physical address recogni=ed y the network to routedata packets

from one de"ice to another. /therwise called as #edia AccessControl +#AC,addresses$ the physical addresses act as a uni?ue identifier tospecific network de"ices.The features of the data link layer are as follows:8. Communicates with the network layer to liaise the receipt ofdata packets fromthe source host

;. Assemles the recei"ed packets inside a data frame with the#AC address+local routing information,.*. Transmits the packaged data frame to the physical layer$ which will then reak down the code to specific optical and electrical signal.The physical layer +comprised mainly y the physical de"ice,transmits the codesinside the data frame through wired connection or wireless

sending. %ithin the recei"ing module$ )ayer ; initiates the following:8. /pens the data frame;. Ac?uires the data packet from the data frame*. Transmits the data packet to the network layer-or data link procedures$ the TC9' +!thernet, protocol is usedat the data link layer. According to the standards prescried y the '!!!E;.@$the !thernet

manages the TC9' operations in )ayer ;.The main role of the data link layer is to manage the transmissionof data frameslocally etween two physical de"ices ound together y the )ocal Access Network +)AN,.-or a etter understanding aout how )ayer ; switches work$consider thefollowing:

!arlier )AN implementations used a coaxial cale to connectcomputers


57/97

together.The andwidth is spread and shared within the different de"icesconnected tothe )AN.

4ue to the shared andwidth$ all data packets are shared to allde"icesconnected to the )AN instead.-or example$ there are four computer users F #att$ #ark$ Loe$and )ucas Fconnected to a network. 'f a data packet is sent to #att$ the otherusers see thepacket too. Not only does this undermine pri"acy of the content ofsaid packet$

#ark$ Loe and )ucas need to delete the data packet ecause it isnot addressed tothem. !"ery time at least one of them recei"es a data packet$ therest would ha"eto delete the packet on a regular asis. Not only is this othersome> it is alsoinefficient.


58/97

!thernet employs a special mechanism called Carrier Sense#ultiple AccessCollision 4etect +CS#A9C4,.The CS#A9C- uses an algorithm that manages the transmission

of data packets tothe rest of the connected de"ices so that none of the transmittedpackets willcollide. This$ howe"er$ consumes almost half of the andwidththat could ha"e een used for faster data transmission./u( cisco"com#

The only way to circum"ent the prolem is to make the collisiondomain as littleas possile. This is where )ayer ; ridges and switches come in.

;ridges3ridges and hus are oth an interrelated computer de"icesconnected in a )AN y means of a wired connection etween each de"ice. The onlydifference etween ridges and hus is that the former was ale to keep the collisiondomain at aminimum.

3ridges and switches oth create a single collision domain fore"ery port. Thiscauses data frames to e sent only through exit ports towards theframedestination.

SwitchesSwitches are a network de"ice that creates a single collisiondomain for each port.This de"ice transmits data frames "ia exit ports to reach the

destination port of thecomputer host where the frames are intended to reach. /thercharacteristics of switches are as follows:Switches are faster than routers. Since switches operate atthe data link layer+)ayer ;,$ they don


59/97

the source and destination of each data frame.Switches are faster than (ridges. This is ecause switches use Applicationspecific'ntegrated Circuits +AS'Cs, hardware while ridges use software

tofulfill their functions.(sing a switched network has se"eral ad"antages:Switches pro"ide a more efficient means to connect differenthosts. Thisshortens the tra"el time from source host to destinations host.Switches pre"ent data frame collision y making sure that each ofthe hosts hasits own collision domain.

Switches check the #AC address configured in a data frame efore sending itthrough the outound part connected to the inound port of thedestinationhost. This makes sure that data frame is flooded to all thecomputer de"icesconnected to the switched network.


60/97

5alf Cheetah 1es 8 per 0)AN8 per 0)AN

Switch ,unctionsThe three +*, functions that Cisco Switches must accomplish are:8. List down the 1$C addresses of each of the computerde&ices connected to theswitched network" This is accomplished y )ayer ; switchesthrough thefollowing:a. The switch examines e"ery data frame recei"ed y the switchednetwork. 't

takes note of the numer of the entry port and the #AC addressinscried inthe data frame. These pieces of information are then stored in the#AC addresstale. . The switch gradually forms a comprehensi"e #AC address talethat will eused as reference for future data frame transmissions.;. 1anage the data frames from each of the out(ound

ports source host# or source switches to the in(ound port destination host# ordestination switches")ayer ; switches decide where to send the data frames ydetermining whichinound port to send the data frame. This is of course dependenton the #ACaddress information that came with the recei"ed data frame.Switches thenaccess the #AC address tale to do the following:a. The switch examines the data frame upon entering thenetwork


61/97

'f the information from the data frame checks out with any of theentries in the#AC address tale$ the switch cascades the data frame to theinound port of

the destination host earing the same #AC address inscried inthe dataframe.'f the information does not check out$ it cascades the data frameto alloutound port of the network with the exception of the port wherethe dataframe came in.*. 1ake sure that no loops are created within the

switched network . 4ata2link frames do not cease to exist until the frames find theircorrespondingdestination host. 'n other words$ if a frame is sent ut coded withan unknown#AC address$ the frame can spring from one port to another$ non2stop withinthe network. This is not good ecause andwidth consumption isalso nonstop.

'n order to a"oid this$ a protocol called Spanning %ree 'rotocolS%'# isused in the system.

Glossar" of Terms )Switching*8. "ddress !earning: This phase is when the )ayer ; switchgathers the #ACaddress of the recei"ing port of each computer host. The switchforms a #ACaddress tale consisting of the list of all the port numers andtheircorresponding #AC address.;. /orwarding: This phase is when the )ayer ; switch decidesto transmit thedata frame to an inound port of one of the computer host withinthe switchednetwork pro"ided that the #AC address of the computer hostmatch the #ACaddress contained in the data frame.


62/97

*. /iltering: This phase is when the )ayer ; switch decides todiscard the dataframe and all of its contents without sending it to any of theoutound ports.

. /looding: This phase is when the )ayer ; switch decides totransmit thedata frame to all outound ports except from the port where thedata framecame in.D. !oop "(oidance: 3y using the Spanning Tree rotocol$redundanttransmission loops are discarded.. %"C "ddress Table Thrashing: These are different

ports earing thesame #AC Address. %hen this happens$ the switch doesn


63/97

Cisco 4e"ice #anager is only a"ailale for managing Ciscoswitches.


64/97

!ocal Connection:Cisco switches are typically uilt with multiple ports used to linknetwork de"icesor computer hosts. Two of these ports are colored differently than

the rest. Thesetwo ports are console and auxiliary ports. 3oth of these ports ser"ea differentpurpose other than ensuring a stale network connection.

Console Port(sing a rollo"er cale$ this port is used to link the switch and thecomputer hosttogether. The console port is used when estalishing a localconnection to the

switch de"ice. 5a"ing a Console facility is common to all Ciscode"ices controlled y Ciscio '/S. This facility acts as an interface that displays userprompts$diagnostic messages$ error messages and status messages.The management computer re?uires terminal emulation softwareinstalled eforethe computer and the switch can communicate with each other.Terminal

emulation is supported y the following applications:5yperTerminalSecureCRTTeraTermCisco switches need the following serial parameters setup in theCisco Switch


65/97

through the rollo"er cale like that of the console port. The onlydifference is thatthis port is used to estalish a local connection etween themodem and the

computer. The next step is to tweak the settings of the modem sothat it canrecei"e calls coming from the host computer through thetelephone cale.Establishing a Remote ConnectionThe common network en"ironment often in"ol"es more than oneswitches. #oreoften than not$ these switches are located in different areas. Anetwork set2up like

this re?uires remote connection to the switches. The remotemanagement hostallows a working connection etween a computer and the switchconsole. Thisremote connection is estalished "ia any of the following:#odem connection "ia the switch


66/97

switch to regular operation mode y accessing the '/S interface inthe flashmemory. 'f the '/S interface is not in the flash memory$ the ootloader will

attempt to load the interface from theR/#T-T Ser"er*. The Cisco Switch interface starts into the RA%.The ootstrap programstarts to power up the R@2oot image from the R/#. The R@2 oot image isnecessary to &umpstart the oot process.. ;egin the startu con7guration. After the switch

interface gatheredenough information from the RA#$ the '/S then prepares thede"ice to eginthe configuration process in the N0RA#. /nce the configurationprocessstarted in RA#$ the configuration process is now called therunningcon)guration" This configuration process adapts to the networksettings while

the Cisco switch is running.The '/S configuration interface allows the user to change thefollowing settings inthe switches:' addressTelnet password5ost nameConsole passwordSunet mask

4efault gateway Cisco Switch Con$guration All Cisco switch packages contain the following items:Switch 4e"ice AC power caleRollo"er CaleGetting Started compact disc#ounting racketsThere is no default configuration integrated in the new Cisco

switch. 't is howe"er


67/97

designed to connect to the computer host "ia local connectione"en without adefault configuration.Startup configurations are only re?uired when the switch is

connected to adifferent switch or to a network gateway to estalish remoteconnection with othernetwork.Cisco switches turns into setup mode when it does not detect anyconfigurationstored in the N0RA#. The switch runs Setup mode during any ofthese twooccasions:

The switch is powered on for the first time after taking it out fromthe ox.The initial configuration is erased from the N0RA#. The two ways to delete theconfiguration is y pressing the #ode utton for ten seconds toinitiate thereset process in the switch or y simply deleting the configurationfrom the '/Sinterface.

A new configuration setup can e created through any of thefollowing methods:Cisco '/S interface commands'nitial Configuration dialogSwitch to Auto2install setting!xpress Setup %e formExpress Setup %ode/nly found in Cisco switches$ the Express Setup utility lets usersto configure the

switch. 't will re?uire the supplication of the following settings:' addressTelnet password5ost nameConsole passwordSunet mask 4efault gateway To setup the !xpress Setup mode manually through the switch$press the #ode

utton and hold it for * to D seconds or until all the )!4indicators turned green.


68/97


69/97

s$itch001 (congif) #ip a!!ress 1'1*+,1........0s$itch001 (congif) #no shut!o$ns$itch001 (cong) #ip !efault0gate$a% 1'1*+,11

s$itch001 (cong) #eits$itch001 (congif) #eits$itch001 #!isa"les$itch001 >Password Con$gurationSwitch credentials can e changed y configuring Cisco '/Scommands y entering credential "alues to pass$or! and login "ariales. Theconcept of

password configuration is similar for oth Cisco routers andswitches. -orinstance$ Cisco switches can also set three kinds of password:Console assword Auxiliary assword 0T1 )ines asswordri"ileged asswordCheck their definitions on page 7! Router 1anagement#.!"en if there is no password configured for oth console and

auxiliary ports$ they are enaled y default. As in Cisco routers$ the lack of passwordconfigured for thetwo ports is a threat to the security of the Cisco switches and all its of information that pass through it.The following command is also used to configure the Switchpassword:s$itch001 > en

s$itch001 #congure ts$itch001 (cong)#line cons 0)s$itch001 (congline) #pass$or! %1cscos$itch001 (congline) #logins$itch001 (congline) #eits$itch001 (cong) #eits$itch001 #!isa"les$itch001 >Simply$ the ao"e command lock sets the password of the Cisco

switch to


70/97

%1csco. This section will not discuss in detail each portion of thecode lock asthey are already discussed in Router #anagement + page 7:,Setting)*p Switch Banners

Switch anners are a short text display that is pro&ected in thecomputer screen whene"er the host has &ust logged into the Switch network.Setting2up anners inCisco switches are similar with setting2up anners in Ciscorouters. The fourdifferent types of anners that Cisco can likewise display are:!@!C process creation anner#essage of the 4ay +#/T4, anner

'ncoming terminal connection anner)ogin annerThe description is the same as it is in Cisco routers. +See page 8,The following command can e implemented to setup an #/T4 anner on e"ery router connections:s$itch001 > ens$itch001 #cong ts$itch001 (cong) #"anner mot! &

2nter T23T message 2n! $ith character 4K56This s$itch is o$ne! an! manage! "% enterpriseinfo If %ou are not connecte! to sai! compan%9 please log o? the net$or8Ksitch001 (cong)# As in Cisco routers$ Cisco switches considers the text etween theJO and the JP.Resetting Cisco Switches

Again$ similar to Cisco Routers$ switches acti"ate setup mode if itsprocessor doesnot detect an initial configuration. This happens when the settingsof the switch isreset. To delete the current configuration$ perform the followingfunctions:8. ress and hold the #ode utton in the switch for a few seconds.Release only when all the )!4 stops linking.

;. 3y the time the )!4 stops linking$ the router is ready to reootits system.


71/97

'f you need to access a specific configuration +'/S image, file thatis stored in theflash memory +instead of the de"ice enPass$or!: %1cscos$itch001 #cong ters$itch001 (cong) #s$itch001 (cong) #"oot s%stem Cash:&c10enterpriseinfom711-2Ss$itch001 (cong) #eits$itch001 #!isa"le

s$itch001 >The ao"e commands let you access the image file stored in thisaddress:Cash:&c10enterpriseinfom711-2S "uxiliar# Password Cisco switchers and routers alike ha"e auxiliary ports. Toconfigure a password forauxiliary ports$ the following command lines can e implementedin the system:

s$itch001 > ens$itch001 #cong ts$itch001 (cong) #line au 1s$itch001 (congline) #pass$or! au%csco1s$itch001 (congline) #logins$itch001 (congline) #eits$itch001 (cong) #eits$itch001 #!isa"les$itch001 >

Pri(ileged Password asswords can only e set so that only specific users can accessspecific functionsdisposed of y a Cisco switch.s$itch001 > ens$itch001 # cong t)s$itch001 (cong) #ena"le secret cr%pt%cssco1s$itch001 (cong) #eits$itch001 #!isa"les$itch001 >


72/97

Reco(ering !ost Password As in Cisco routers$ Cisco


73/97

Sending data pac7ets to a di2erent networ7: The#AC address of the )AN gateway is configured as the destination #AC address ofthe data

frame. The )AN gateway routes the data packet to the %AN.Switching %odes(pon receipt of data frames$ the switch decides what must edone to the datapackets inside the frame. The three things that most Ciscoswitches do to theframe they recei"e are:Transmit the frame to the destination portTransmit the frame to all the ports +with that exception of the port

the frameused to get in,4iscards or filters the frameThe three switching modes supported y )ayer ; switches are:8. Store)and)orward: This switching mode performs thesesteps:8. 8.8. The entire data frame is stored inside the switch’stemporary memory.

;. 8.;. The switch implements the frame check se?uence +-#S, tomakesure that the contents of the frame is "alid.*. 8.*. The switch checks the #AC address of the source anddestination of the data frame.. 8.. The switch rememers the #AC address of the source of thedataframe in the same row as the incoming port. This information is

thenstored in the #AC address tale.D. 8.D. 'n determining the destination #AC address$ the switchthen checksthe #AC address tale:'f the #AC address tale contains the destination #AC address$the switchtransmits the data frame only on the outound port descried inthe #AC

address tale.


74/97

'f the #AC address tale does not contain the destination #ACaddress$ theswitch sends the data frame on all outound ports with theexception of where

the data frame went in.;. Cut)Through: This switching mode is se"eral times fasterthan the pre"iousmode. The switch does not sa"e the whole frame within its uffermemory. Thismode manages the data frame immediately upon receipt of thefirst six ytes of the data packet:;.8. The switch immediately checks the first ytes of the

destination#AC address.;.;. The switch then compares the ytes to the data entry listedin the#AC address tale to compose a list of possile matches.;.*. /nce it finds a compatile match among the entries listed inthe #ACaddress tale$ the switch automatically sends the data frame to theappropriate outound e"en efore the data frame has finished

loadingup in the inound port of the switch.This switching method does not compute for the -CS efore itproceeds totransmit the data frame. The only downside of this switchingmethod is thatthe switch does not filter the data frame to determine whether theframe is "alid or not. This might cause traffic congestion in the network.

*. /ragment)/ree: This switching mode is like a hyrid of thetwo pre"iousswitching modes. 't comines the est features of oth switchingmodes. Thismode knows that "alid frames ha"e a si=e of at least ytes.-ragment2freemode checks it si=e and deems all data frames that ha"e at least ytes as a "alid frame. 'n this mode$ the switch does the following:

*.8. (pon receipt of the frame$ this de"ice sa"es the initial ytesof the


75/97

data frame in the switch


76/97

ytes. 't also does not calculate the -CS.'n"alid fames are typically smaller than the usual ytes.-ragment2free switching modes only consider the first ytes$making it

faster and more efficient than store2and2forward.Chapter B. Spanning Tree rotocol +ST,Switches are often interconnected with each other through self2repeating linksthat help ensure the integrity of inter2switch connections. Theonly downside of these self2repeating links is that they often lead to dangeroustransmission loopsthat trashes the tale containing #AC addresses and causes

roadcast errors. 4ueto this$ switches must find a way to a"oid transmission loops. Thisis whereSpanning %ree 'rotocol S%'# comes into play.Self2repeating links that connects data2link switches togethercauses data framesto e sent repeatedly through the )ayer ; switches. Similar to dataframes in )ayer* networks$ data2link frames does not die on its own when they

are configured with a #AC address of an inexistent switch. %ithout switchingprotocols in place$frames like these &ust tend to ounce fore"er from one switch toanother. Thisleads to andwidth wastage.

Problems caused b" Transmission!oos5

Transmission loops in the data2link layer often lead to thefollowing:8. Thrashing o the %"C "ddress Table: The integrity ofthe informationreported and organi=ed in the #AC address tale is compromised whene"ertransmission loops occur. This is caused y different ports undled together with similar #AC address. This causes confusion ecause the

switch is unaleto determine which exit port to access.


77/97

;. Broadcast Errors: /therwise known as (roadcaststorms5 roadcast errorshappen when frames ounce non2stop to interconnected switch.

Sanning Tree ProtocolSpanning Tree rotocol closely monitors the network andorgani=es e"ery estalished connection$ especially self2repeating links. Aftercompiling pertinentinformation aout the switching network$ ST disales self2repeating links$estalishing optimi=ed connections in2etween switches.(nder normal situations$ optimi=ed connections are enaled.'f any of the optimi=ed connections fail$ ST picks randomly one

of the lesspreferredself2repeating links and enales it.ST performs the ao"e steps y assigning a root (ridge or aswitch that will takethe role of the decision maker for the network. The root ridgealso communicates with nonroot (ridges or other switches connected to the )AN.Root bridge: This switch discriminates which routes should eused and which routes shouldn


78/97

connecti"ity.*. "ttaining STP con(ergence: The proper assignment ofport types oftenleads to ST con"ergence. /nce the ports are all properly set2up$

the STachie"es a steady and loop2free network connecti"ity.

Assigning STP Port T"esST organi=es ports ased on the roles assigned to the portsduring the initialconfiguration of the ST. Role assignments are ased on the!thernet andwidthcost computed y the distance from the root switch to any of theimmediate

nonroot switches. As mentioned in the pre"ious chapter$ switches use self2repeatinglinks that addsto the andwidth limit of a particular path. These links pro"ideadditional options$if in case a single connection fails. These links are lumped togetherto a clustercalled connection path. !ach of these paths is associated with a andwidth cost$

computed y the ST efore it chooses which path it will use totransmit dataframes. The list of cost is as follows:Bandwidth STP Cost /actor 8E Gps ;8 Gps 8EE #ps 8B8E #ps 8EE As you may ha"e noticed$ faster andwidths are assigned with

smaller ST costfactor when ST computes for path cost. This is ecause STprefers faster andwidths. A 8E Gps path is o"iously faster than a 8 Gps$ SThence deems itefficient for data frames to tra"el at 8E Gps than 8 Gps ecauseit sa"es time y 898E of a second.Spanning Root rotocol then reassigns 8 Gps path as simply a

root port or a


79/97

secondary connection to the preferred path. Conse?uently$ it alsoreassigns 8EE#3ps and 8E #ps paths as a designated port and a (locking port respecti"ely.

Root Ports/nce the ST has computed for and assigned a root (ridge orthe main path$ theswitch will use when sending data frames within the data2linklayer$ the ST willthen select the second least cost as the root port . This portpro"ides connection etween the switch and the ST2designated root ridge. Thecharacteristicsre?uired of a root port are: A port that incurs the least ST cost en route to the root ridge A port that connects the root ridge and the nonroot switchdirectly.Switches use the ST to communicate among each other while atthe same timecalculating the cost in etween each path near the root ridge. Theother switchadds the cost measured y their neighor to come up with thetotal cost of thepath options etween the nonroot switches and the root ridge.Root 'orts cisco"com#

:esignated Ports After the ST has assigned the root port for the switch$ the otherports will eassigned to either act as a designated port or a locking port.STP ,esignated Port: This port transmits recei"ed data2linkframes in andout of the )AN.STP Bloc7ing Port: This port does not transmit any of thedata2link frames.*esignated and 6locking 'orts cisco"com#

Choosing :esignated Ports based onSTP PathCostThe Spanning Route rotocol computes for the path cost etween

root ridges and


80/97

nonroot switches. 'n the ao"e diagram$ when S%8 is tasked tosend a data frameto S%;$ it is presented with two choices: direct +faE98, andindirect path +faE9;,.

Consider that the direct path only costs 8B to connect to S%; whereas the indirectpath costs 8B to get from S%8 to S%*$ and then another 8B to getfrom S%* toS%;. The total cost for the direct path is &ust 8B in contrast to thetotal cost of theindirect path as * +or a sum of 8B and 8B,. 'n this case$ S%8 willchoose the directpath towards S%;.

Take note that taking the direct path automatically means lestcomputed ST pathcost. 'f let


81/97

root ridge and decide which port will e assigned as eitherdesignated or(locking" These parameters include port '4s$ ridge '4s and STpath costs.

-orward4elay 5elloTime#aximum Age#essage Ageort

'dentification3ridge'dentification riority 6'*< stpcomputer"com#

STP Port StatesST manages the ports of switches y letting them assume any ofthese states:Bloc7ing 3locking ports are ports that are notallowed to forward data2link frames

in the network. This port merely listens to the )AN. 3locking portscan recei"e and process 34(s utit can transmit processed 34(.orts that are set to locking statepre"ent the existence of transmission loops while STcon"erges the switch. A designated port can temporarily

assume locking state when the STdetects a network topology statenotification +TCN, 34( sent y neighoring routers. This pre"entsthe creation of self2repeating linksthat can harm the network. The STcon"erges,uration: ;Eseconds

1ax $ge %imer ,isabled These ports ha"e een manually


82/97

disaled y the switch manager.These ports ha"e no participation$direct or indirect$ in the network acti"ities. They are not part of the

staili=ing process that STperforms to con"erge the network>thus$ these ports unale to transmitor recei"e data frames.,uration: -or aslong as the switchadministrator wills itto e disaled./orwarding %hen a port dispenses forwarding

function$ it has ecome either a rootport or a designated port. 't can


83/97

frame to a different port.!earning The information gathered from thelistening state is then recorded to the#AC address tale. This phase is

called the learning phase. Theseports gather all pertinentinformation to help the switchdispense its functions effecti"ely andefficiently. A port in the learningphase is not yet ready to forwarddata to other ports.,uration: 8Dseconds

4orward *elay %imer 'hase 2#

(=clusi4e Cisco STP Otions-or some people$ DE seconds is still too long efore the ST is aleto con"erge theswitch networks. Cisco$ howe"er$ offers a solution for thisconcern. The followingconfiguration can only e applied to Cisco routers to diminishdramatically thedelay time efore ST con"ergence:8. Port/ast:This configuration option can e applied on ports whoseparticipation is nota re?uirement of the ST. These ports are not part of theinterconnection of hus$ ridges or switches. -or instance$ the singular link from theswitch tothe host de"ice is unlikely to cause a switching loop> therefore$ thislink is notre?uired to take part in the con"erging process y the ST.ort-ast options turn off the ST protocol for the said link so thatthe link ecomes acti"e e"en efore the ST con"ergence process iscomplete.To set the hypothetical interface faE98 interface using ost-astconfiguration$ the following commands can e implemented:s$itch001 > ens$itch001 > cong t


84/97

s$itch001 (cong) >int fa0&1s$itch001 (congifrange) >spanningtree portfast;. BP,*Guard This configuration option is used alongside the ort-ast option

whenrunning the switches on the access layer. %hen the access layer isenaled$the ost-ast option can cause potential harm to the network if itsuddenly enaled links that interconnect switches together. Rememer thatthe role of ost-ast configuration is to disale ST on ports that are unlikelyto create

switching loops. Should a link e turned off accidentally$ the exactopposite will e achie"ed: more loops will e created instead of a"oided.The 34( guard pre"ents this y turning the port into an error2disaledphase. The guard will then e"aluate if ost-ast option was correctto disalethe ST of a particular link. 'f 34( feels that ost-ast erred

CCNA Commandos Guia

Documents

Transcript of CCNA Commandos Guia