IP Networking Overview_Issue 1.0

7/27/2019 IP Networking Overview_Issue 1.0

1/180

IP NETWORKING OVERVIEW


2/180

2

AGENDA

1. Network Basics and OSI Layers

2. LAN Components

3. IP Addressing

4. Switching Concepts 5. Routing Concepts

6. Network Troubleshooting and Overview on

DNS and DHCP


3/180

3

WHATISA NETWORK

A network can be defined as two or more computers connected together in

such a way that they can share resources.

It is simply a collection of computers or other hardware devices that are

connected together, either physically or logically, using special hardware and

software, to allow them to exchange information and cooperate. Networking

is the term that describes the processes involved in designing, implementing,upgrading, managing and otherwise working with networks and network

technologies.


4/180

4

WHYNETWORKISREQUIRED

Connectivity and Communication

Data Sharing

Hardware Sharing Internet Access

Internet Access Sharing

Data Security and Management

Performance Enhancement and Balancing

Entertainment

In general, the purpose of a network is to share resources.

A resource may be: A file

A folder

A printer

A disk drive

Or just about anything else that exists on a computer.


5/180

5

NETWORK CLASSIFICATIONS

Local Area Networks (LANs):

A local area network (LAN) is a computer network covering a smallgeographic area, like a home, office, or group of buildings

Wide Area Networks (WANs):

Wide Area Network (WAN) is a computer network that covers a broad area(i.e., any network whose communications links cross metropolitan, regional,or national boundaries). Or, less formally, a network that uses routers andpublic communications links

The largest and most well-known example of a WAN is the Internet.

WANs are used to connect LANs and other types of networks together, sothat users and computers in one location can communicate with users andcomputers in other locations

Metropolitan Area Network (MAN):

A metropolitan area network (MAN) is a network that interconnects users with

computer resources in a geographic area or region larger than that covered

by even a large local area network (LAN) but smaller than the area coveredby a wide area network (WAN). The term is applied to the interconnection of

networks in a city into a single larger network (which may then also offer

efficient connection to a wide area network). It is also used to mean the

interconnection of several local area networks by bridging them with

backbone lines. The latter usage is also sometimes referred to as a campus

network.


6/180

6

OSI LAYERS


7/1807

OSI LAYERS

Application Layer

This layer provides network services to application processes (such as electronic

mail, file transfer and terminal emulation) Presentation Layer

This layer provides independence from differences in data representation (e.g.,

encryption) by translating from application to network format, and vice versa. The

presentation layer works to transform data into the form that the application layer

can accept. This layer formats and encrypts data to be sent across a network,

providing freedom from compatibility problems. It is sometimes called the syntaxlayer.

Session Layer

This layer establishes, manages and terminates connections between applications.

The session layer sets up, coordinates, and terminates conversations, exchanges,

and dialogues between the applications at each end. It deals with session and

connection coordination.

Transport Layer

This layer provides transparent transfer of data between end systems, orhosts,

and is responsible for end-to-end error recovery and flow control. It ensures

complete data transfer.
http://www.webopedia.com/quick_ref/TERM/H/host.htmlhttp://www.webopedia.com/quick_ref/TERM/F/flow_control.htmlhttp://www.webopedia.com/quick_ref/TERM/F/flow_control.htmlhttp://www.webopedia.com/quick_ref/TERM/H/host.html


8/1808

OSI LAYERS

Network Layer

This layer provides switching and routing technologies, creating logical paths,

known as virtual circuits, for transmitting data from node to node. Routing andforwarding are functions of this layer, as well as addressing, internetworking, error

handling, congestion control and packet sequencing.

Data Link Layer

At this layer, data packets are encoded and decoded into bits. It furnishes

transmission protocol knowledge and management and handles errors in the

physical layer, flow control and frame synchronization. The data link layer is

divided into two sub layers: The Media Access Control (MAC) layer and the Logical

Link Control (LLC) layer. The MAC sub layer controls how a computer on the

network gains access to the data and permission to transmit it. The LLC layer

controls frame synchronization, flow control and error checking.

Physical Layer:

This layer conveys the bit stream - electrical impulse, light or radio signal --

through the network at the electrical and mechanical level. It provides the

hardware means of sending and receiving data on a carrier, including defining

cables, cards and physical aspects. Fast Ethernet, RS232, and ATM are protocols

with physical layer components


9/1809

PHYSICAL LAN COMPONENTS

LAN consists of two major components :

1. Passive (dead) Components : Cable UTP (Un-shielded Twisted Pair)

CAT 5 supports upto 100 Mbps

CAT 5e supports upto 1000 Mbps (1 Gbps)

CAT 6

Supports 1,000 Mbps (1 Gbps)CAT 7 Supports upto 10,000 Mbps (10 Gigabits per second)

Connectors Patch Panel, Information Outlet, RJ-45 etc.

Patch cord for connecting the device to the I/O box.

2. Active Components :(require power supply, generates electric signals, capable of amplification)

Hub : 10/100 Mbps.

Switch : 10/100 Mbps or 10/100/1000 Mbps (GBIC)


10/18010

PASSIVE COMPONENTS

Patch cord : A small factory made flexible cable having

RJ-45 connectors at both the ends. Used to connect PCsNetwork card to the I/O or Patch-panel and switch-port.

Patch-Panel : It has RJ-45 interface at one end and open-pins at the other end. Used to terminated the horizontal-run cable at

the switch-end / Network rack/IT room.

Uplink : Generally An UTP/OF cable which runs betweenfloors/switches to connected two floors/switches.

Horizontal Run : A long UTP (Unshielded-Twisted-Pair)cable (Cat5/Cat5e/Cat6) running between I/O and Patch-panel.

I/O : Information-Outlet has RJ-45 interface at one end andopen-pins at the other end. This is used to terminated the

horizontal-run at the users end.
http://images.google.co.in/imgres?imgurl=http://www.fastlinkcabling.com/SPP1.jpg&imgrefurl=http://www.fastlinkcabling.com/&h=1200&w=1600&sz=326&hl=en&start=19&tbnid=93BWqNgQTpI2WM:&tbnh=113&tbnw=150&prev=/images?q=network+switches&gbv=2&svnum=10&hl=enhttp://images.google.co.in/imgres?imgurl=http://www.fastlinkcabling.com/SPP1.jpg&imgrefurl=http://www.fastlinkcabling.com/&h=1200&w=1600&sz=326&hl=en&start=19&tbnid=93BWqNgQTpI2WM:&tbnh=113&tbnw=150&prev=/images?q=network+switches&gbv=2&svnum=10&hl=en


11/18011

TYPESOF COPPER CABLES

StraightThrough cable : The Straight-through cable hasidentical ends => ( used as a patch cord to connect different type of devices

e.g. PC to Switch).

Cross-Over cable : A cross-over cable has different ends. The Rxand Tx pairs are reversed between the ends. (Used to connect two Ethernet

devices without a switch or for connecting two switches i.e. similar devices).

Rollover cable : The rollover cable is used to connect a computer'sserial port to the console port of a router or managed switch (with a dongle). It

is wired with the to ends completely the reverse of each other.


12/18012

DIFFERENCEBETWEEN HUBAND SWITCH

HubShared Device

10 Mbps or 100 Mbps

All ports share the bandwidth

8 / 12 /16 / 24 Ports

Forwards frames to all the ports

(works on Broadcasting model)

Single collision domain

Supports half-duplex

Switch

Bridging Device

10 / 100 / 1000 Mbps

Each port has dedicated bandwidth

8 / 16 / 24 / 48 Ports & Modular

Forwards frames to the specific ports

(based on MAC address Table)

Multiple collision domain (i.e. Switches

break-up collision domain)

Supports half- as-well-as full-duplex


13/18013

INTRODUCTIONTO IP ADDRESSING

The initial host-to-host communications protocol introduced in the ARPANET

was called the Network Control Protocol (NCP). Over time, however, NCP

proved to be incapable of keeping up with the growing network traffic load. In1974, a new, more robust suite of communications protocols was proposed

and implemented throughout the ARPANET, based upon the Transmission

Control Protocol (TCP) for end-to-end network communication. But it seemed

like overkill for the intermediate gateways (what we would today call routers)

to needlessly have to deal with an end-to-end protocol so in 1978 a new

design split responsibilities between a pair of protocols; the new InternetProtocol (IP) for routing packets and device-to-device communication (i.e.,

host-to-gateway or gateway-to-gateway) and TCP for reliable, end-to-end

host communication. Since TCP and IP were originally envisioned

functionally as a single protocol, the protocol suite, which actually refers to a

large collection of protocols and applications, is usually referred to simply as

TCP/IP.

An Internet Protocol (IP) address is a numerical label that is assigned to

devices participating in a computer network that uses the Internet Protocol for

communication between its nodes.


14/180

14

IP ADDRESSING

An IP address is a 32-bit sequence of 1s and 0s.

To make the IP address easier to use, the address is usually written as fourdecimal numbers separated by periods.

This way of writing the address is called the dotted decimal format.


15/180

15

IPV4 ADDRESSING


16/180

16

CLASS A, B, C, D, AND E IP ADDRESSES


17/180

17

RESERVED IP ADDRESSES

Certain host addresses are reserved

and cannot be assigned to devices

on a network.

An IP address that has binary 0s in

all host bit positions is reserved for

the network address.

An IP address that has binary 1s in

all host bit positions is reserved for

the network address.


18/180

18

PUBLICAND PRIVATE IP ADDRESSES

No two machines that connect to a public network can have the same IPaddress because public IP addresses are global and standardized.

However, private networks that are not connected to the Internet may useany host addresses, as long as each host within the private network isunique.

RFC 1918 sets aside three blocks of IP addresses for private, internal use.

Connecting a network using private addresses to the Internet requirestranslation of the private addresses to public addresses using NetworkAddress Translation (NAT).


19/180

19

INTRODUCTIONTO SUBNETTING

To create a subnet address, a network administrator borrows bits from the

host field and designates them as the subnet field.


20/180

20

MAC ADDRESS LAYER 2

Why MAC Addresses ? Recall that TCP/IP and other mainstream networking architectures generally

adopt the OSI model. In this model, network functionality is subdivided intolayers. MAC addresses function at the data link layer (layer 2 in the

OSI model). They allow computers to uniquely identify themselves on a

network at this relatively low level.

What is a MAC address ?

The MAC address is a unique value associated with a network adapter. MACaddresses are also known as hardware addresses or physical addresses.

They uniquely identify an adapter on a LAN.

MAC addresses are 12-digit hexadecimal numbers (48 bits in length). By

convention, MAC addresses are usually written in one of the following two

formats. The first half of a MAC address contains the ID number of the adapter

manufacturer. These IDs are regulated by an Internet standards body (see

sidebar). The second half of a MAC address represents the serial number

assigned to the adapter by the manufacturer


21/180

21

ADDRESS RESOLUTION PROTOCOL (ARP)

Each device on a network maintains its own ARP table.

A device that requires an IP and MAC address pair broadcasts an ARPrequest.

If one of the local devices matches the IP address of the request, it sendsback an ARP reply that contains its IP-MAC pair.

If the request is for a different IP network, a router performs a proxy ARP

The router sends an ARP response with the MAC address of the interface onwhich the request was received, to the requesting host.


22/180

22

WAN

A wide area network(WAN)is a computer network covering multiple distance

areas, which may spread across the entire world. WANs often connect

multiple smaller networks, such as local area networks (LANs) or metro areanetworks (MANs). The world's most popular WAN is the Internet. Some

segments of the Internet are also WANs in themselves. A wide area network

may be privately owned or rented from service providers, but the term usually

connotes the inclusion of public (shared user) networks.

A virtual private network (VPN) is often used by organizations for their private

and secured communications. VPN uses encryption and other techniques to

make it appear that the organisation has a dedicated network while making

use of the shared infrastructure of the WAN.

WANs generally utilize different networking technologies and equipment thando LANs. Key technologies often found in WANs include SONET, Frame

Relay, X.25, ATM, and PPP


23/180

23

ROUTEDAND ROUTING PROTOCOLS

A routing protocol sends and receives routing information packets to and from

other routers.

A routed protocol can be routed by a router, which means that it can be

forwarded from one router to another.

A routed protocol contains the data elements required for a packet to be sent

outside of its host network or network segment. In other words, a routedprotocol can be routed.

Protocols used to communicate routing information between routers within an

autonomous system are Interior Gateway Protocols (IGP), which are routing

protocols, but not routed protocols.

Examples of routed protocols are IP and IPX, and examples of routing

protocols are RIP and IGRP.


24/180

24

SWITCHING


25/180

25

ETHERNET/802.3 LAN DEVELOPMENT

Distance limitations

Ethernet is fundamentally a shared technology where all users on a given LANsegment compete for the same available bandwidth.

This situation is analogous to a number of cars all trying to access a one-laneroad at the same time.

Because the road has only one lane, only one car can access it at a time.

The introduction of hubs into a network resulted in more users competing forthe same bandwidth.

Collisions are a by-product of Ethernet networks.


26/180

26

BRIDGES

A bridge is a Layer 2 device used to divide, or segment, a network.

A bridge is capable of collecting and selectively passing data frames between

two network segments.

Bridges do this by learning the MAC address of all devices on each connected

segment. Using this information, the bridge builds a bridging table andforwards or blocks traffic based on that table.

This results in smaller collision domains and greater network efficiency.

Bridges do NOT restrict broadcast traffic.


27/180

27

SWITCHES

Switches create a virtual circuit between two connected devices, establishing a

dedicated communication path between two devices.

Switches on the network provide microsegmentation.

This allows maximum utilization of the available bandwidth.

A switch is also able to facilitate multiple, simultaneous virtual circuit

connections.

Broadcast frames to all connected devices on the network.


28/180

28

ELEMENTSOF ETHERNET/802.3 NETWORKS

Broadcast data frame delivery of Ethernet/802.3

The carrier sense multiple access/collision detect (CSMA/CD) method allowsonly one station to transmit at a time.

Multimedia applications with higher bandwidth demand such as video and theInternet, coupled with the broadcast nature of Ethernet, can create networkcongestion.

Normal latency as the frames travel across the layers

Extending the distances and increasing latency of the Ethernet/802.3 LANs byusing Layer 1 repeaters.


29/180

29

HALF-DUPLEX

Originally Ethernet was a half-duplex technology.

Using half-duplex, a host could either transmit or receive at one time, but not both.

If the network is already in use, the transmission is delayed.

When a collision occurs, the host that first detects the collision will send out a jam signalto the other hosts.

Upon receiving the jam signal, each host will stop sending data, then wait for a randomperiod of time before attempting to retransmit.

The back-off algorithm generates this random delay.

As more hosts are added to the network and begin transmitting, collisions are more likely

to occur.


30/180

30

FULL-DUPLEXTRANSMITTING

Full-duplex Ethernet allows the transmission of a packet and the reception of adifferent packet at the same time.

To transmit and receive simultaneously, a dedicated switch port is required foreach node.

The full-duplex Ethernet switch takes advantage of the two pairs of wires in thecable by creating a direct connection between the transmit (TX) at one end ofthe circuit and the receive (RX) at the other end.

Ethernet usually can only use 50%-60% of the available 10 Mbps of bandwidthbecause of collisions and latency.

Full-duplex Ethernet offers 100% of the bandwidth in both directions.

This produces a potential 20 Mbps throughput, which results from 10 Mbps TX

and 10 Mbps RX.


31/180

31

LAN SEGMENTATION


32/180

32

Two common types of access methods for LANs include

Non-Deterministic: Contention methods (Ethernet, IEEE 802.3)

Only one signal can be on a network segment at one time.

Collisions are a normal occurrence on an Ethernet/802.3 LAN

Deterministic: Token Passing (Token Ring)

ACCESS METHODS


33/180

33

CSMA/CD

CSMA/CD (Carrier Sense Multiple Access with Collision

Detection) Common contention method used with Ethernet and IEEE 802.3

Let everyone have access whenever they want and we will work it out

somehow.


34/180

34

CSMA/CD (Carrier Sense Multiple Access with Collision Detection)

Listens to the networks shared media to see if any other users on on the

line by trying to sense a neutral electrical signal or carrier. If no transmission is sensed, then multiple access allows anyone onto the

media without any further permission required.

If two PCs detect a neutral signal and access the shared media at the exactsame time, a collision occurs and is detected.

The PCs sense the collision by being unable to deliver the entire frame

(coming soon) onto the network. (This is why there are minimum framelengths along with cable distance and speed limitations. This includes the 5-4-3 rule.)

When a collision occurs, a jamming signal is sent out by the first PC to detectthe collision.

Using either a priority or random backoff scheme, the PCs wait certain

amount of time before retransmitting. If collisions continue to occur, the PCs random interval is doubled, lessening

the chances of a collision.

CSMA/CD AND COLLISIONS

CSMA/CD C


35/180

35

And as we said,

When information (frame) is transmitted, every PC/NIC on the shared mediacopies part of the transmitted frame to see if the destination address matches

the address of the NIC.

If there is a match, the rest of the frame is copied

If there is NOT a match the rest of the frame is ignored.

1111 2222 3333 nnnn Abbreviated

MAC

Addresses

11113333

NopeNope

Hey, thats

me!

Notice the

location of

the DA!

CSMA/CD AND COLLISIONS


36/180

36

SENDINGANDRECEIVING ETHERNETFRAMESVIAAHUB

So, what does a hub do when it

receives information?

Remember, a hub is nothingmore than a multiport repeater.

1111 2222

3333 4444

5555

?

11113333


37/180

37


Hub or


38/180

38


The hub will flood it out all portsexcept for the incoming port.

Hub is a layer 1 device.

A hub does NOT look at layer 2addresses, so it is fast intransmitting data.

Disadvantage with hubs: A hubor series of hubs is a singlecollision domain.

A collision will occur if any two ormore devices transmit at thesame time within the collisiondomain.

More on this later.

1111 2222

3333 4444

5555

11113333

Nope

Nope

Nope

For me!


39/180

39


Another disadvantage with hubsis that is take up unnecessarybandwidth on other links.

1111 2222

3333 4444

5555

11112222

Nope Nope

Nope

For me!

Wasted

bandwidth

S E


40/180

40

SENDINGANDRECEIVING ETHERNETFRAMESVIAASWITCH


41/180

41

SENDINGANDRECEIVING ETHERNETFRAMESVIAASWITCH

Source Address Table

Port Source MAC Add. Port Source MAC Add.

Switches are also known aslearning bridges orlearningswitches.

A switch has a source address

table in cache (RAM) where itstores source MAC address after itlearns about them.

A switch receives an Ethernetframe it searches the sourceaddress table for the Destination

MAC address. If it finds a match, it filters the

frame by only sending it out thatport.

If there is not a match iffloods itout all ports.

switch

1111

2222

3333

4444

AbbreviatedMACaddresses

11113333


42/180

42

NO DESTINATION ADDRESSINTABLE, FLOOD



1 1111

How does it learn source MAC

addresses?

First, the switch will see if the SA

(1111) is in its table.

If it is, it resets the timer (more in a

moment).

If it is NOT in the table it adds it,

with the port number.

Next, in our scenario, the switch

will flood the frame out all otherports, because the DA is not in the

source address table.

switch

1111

2222

3333

4444


11113333


43/180

43

DESTINATION ADDRESSINTABLE, FILTER



1 1111 6 3333

Most communications involvesome sort of client-serverrelationship or exchange ofinformation. (You will understand

this more as you learn aboutTCP/IP.)

Now 3333 sends data back to1111.

The switch sees if it has the SAstored.

It does NOT so it adds it. (This willhelp next time 1111 sends to3333.)

Next, it checks the DA and in ourcase it can filterthe frame, bysending it only out port 1.

switch

1111

2222

3333

4444


33331111


44/180

44

DESTINATION ADDRESSINTABLE, FILTER



1 1111 6 3333

Now, because both MACaddresses are in the switchs table,any information exchangedbetween 1111 and 3333 can besent (filtered) out the appropriateport.

What happens when two devicessend to same destination?

What if this was a hub?

Where is (are) the collision

domain(s) in this example?

switch

1111

2222

3333

4444


11113333

33331111


45/180

45

NO COLLISIONSIN SWITCH, BUFFERING



1 1111 6 3333

9 4444

Unlike a hub, a collision does NOToccur, which would cause the two

PCs to have to retransmit the

frames.

Instead the switch buffers the

frames and sends them out port #6

one at a time.

The sending PCs have no idea that

their was another PC wanting to

send to the same destination.

switch

1111

2222

3333

4444


11113333

44443333


46/180

46

COLLISION DOMAINS



1 1111 6 3333

9 4444

When there is only one device on aswitch port, the collision domain is

only between the PC and the

switch. (Cisco curriculum is

inaccurate on this point.)

With a full-duplex PC and switch

port, there will be no collision,

since the devices and the medium

can send and receive at the same

time.

switch

1111

2222

3333

4444


11113333

44443333

Collision Domains

WHAT HAPPENS HERE?


47/180

47

WHATHAPPENSHERE?

33331111

3333

1111



1 1111 6 3333

1 2222 1 5555

2222 5555

Collision Domain

LAN SEGMENTATION WITH ROUTERS


48/180

48

LAN SEGMENTATIONWITHROUTERS

Routers provide segmentation of networks, adding a latency factor of 20% to30% over a switched network.

This increased latency is because a router operates at the network layer anduses the IP address to determine the best path to the destination node.

Bridges and switches provide segmentation within a single network orsubnetwork.

Routers provide connectivity between networks and subnetworks.

Routers also do not forward broadcasts while switches and bridges mustforward broadcast frames.

HO S C S SS S


49/180

49

HOWSWITCHESLEARNADDRESSES

Bridges and switches learn in the following ways:

Reading the source MAC address of each received frame or datagram

Recording the port on which the MAC address was received.

The bridge or switch learns which addresses belong to the devices connectedto each port.

The learned addresses and associated port or interface are stored in theaddressing table.

The bridge examines the destination address of all received frames.

The bridge then scans the address table searching for the destination address.

FILTER OR FLOOD (SWITCH)


50/180

50

FILTEROR FLOOD (SWITCH)

If a switch has the frames destination address in its CAM table (or SourceAddress Table) it will only send the frame out the appropriate port.

If a switch does not have the frames destination MAC address in its CAMtable, it floods (sends) it out all ports except for the incoming port (the port thatthe frame came in on) known as an Unknown Unicast, or if the destinationMAC address is a broadcast.

Note: A CAM table may contain multiple entries per port, if a hub or a switch isattached to that port.

Most Ethernet bridges can filter broadcast and multicast frames.

FILTER OR FLOOD (SWITCH)


51/180

51

FILTEROR FLOOD (SWITCH)

Switches flood frames that are:

Unknown unicasts

Layer 2 broadcasts

Multicasts (unless running multicast snooping or IGMP)

Multicast are special layer 2 and layer 3 addresses that are sent to

devices that belong to that group.

WHY SEGMENT LANS? (LAYER 2 SEGMENTS)


52/180

52

WHYSEGMENT LANS? (LAYER 2 SEGMENTS)

switch

1111

2222

3333

4444

AbbreviatedMAC

addresses

A switch employs

microsegmentation to reduce the

collision domain on a LAN.

The switch does this by creating

dedicated network segments, or

point-to-point connections.

Collision Domains

SWITCHES AND BROADCAST DOMAINS


53/180

53

SWITCHESANDBROADCASTDOMAINS

These are logical notphysical representationsof what happens tothese frames.

Switches flood frames that are:

Unknown unicasts

Layer 2 broadcasts

Multicasts (unless running multicast snooping or IGMP)

Multicast are special layer 2 and layer 3 addresses that are sent to

devices that belong to that group.



54/180

54


When a device wants to send out a Layer 2 broadcast, the destination MACaddress in the frame is set to all ones.

A MAC address of all ones is FF:FF:FF:FF:FF:FF in hexadecimal.

By setting the destination to this value, all the devices will accept and processthe broadcasted frame.



55/180

55


COMMUNICATION BETWEEN SWITCHES AND WORKSTATION


56/180

56

COMMUNICATIONBETWEENSWITCHESANDWORKSTATION

INTRODUCTION TO VLANS


57/180

57

INTRODUCTIONTO VLANS

VLANS


58/180

58

VLANS

VLANs logically segment switched networks based on an organization's

functions, project teams, or applications as opposed to a physical or

geographical basis.

BROADCAST DOMAINS


59/180

59

BROADCAST DOMAINS

EXAMPLE WITH 3 BROADCAST DOMAINS, 3 VLANS


60/180

60

EXAMPLEWITH 3 BROADCAST DOMAINS, 3 VLANS

VLAN CONFIGURATION


61/180

61

BENEFITSOF VLANS


62/180

62

Easily move workstations on the LAN

Easily add workstations to the LAN

Easily change the LAN configuration

Easily control network traffic

Improve security

COMMUNICATING BETWEEN VLANS


63/180

63

VLAN TYPES


64/180

64

INTER-SWITCH LINK


65/180

65

OBJECTIVES


66/180

66

Trunking

VTP

Inter-VLAN routing

HISTORYOF TRUNKING


67/180

67

TRUNKING CONCEPTS


68/180

68

FRAME FILTERING


69/180

69

FRAME TAGGING


70/180

70

INTER-SWITCH LINK PROTOCOL


71/180

71

VLANSAND TRUNKING


72/180

72

FRAME TAGGINGAND ENCAPSULATION METHODS


73/180

73

VTP BENEFITS


74/180

74

VTP CONCEPTS


75/180

75

The role of VTP is to maintain VLAN configuration consistency across

a common network administration domain.

VTP MODE COMPARISON


76/180

76

VTP OPERATION


77/180

77

VTP IMPLEMENTATION


78/180

78

There are two types of VTP advertisements:

Requests from clients that want information at bootup Responses from servers

There are three types of VTP messages:

Advertisement requests

Summary advertisements

Subset advertisements

VTP BASIC CONFIGURATION STEPS


79/180

79

1. Determine the version number

2. Choose the domain

3. Choose the VTP mode

4. Password protect the domain

INTER-VLAN ROUTING


80/180

80

INTER-VLAN ISSUESAND SOLUTIONS


81/180

81

Two of the most common issues that arise in a multiple-VLAN environment are

\as follows:

The need for end-user devices to reach nonlocal hosts

The need for hosts on different VLANs to communicate

ROUTERONA STICK


82/180

82

PHYSICALAND LOGICAL INTERFACES


83/180

83

DIVIDING PHYSICAL INTERFACESINTO SUBINTERFACES


84/180

84

OBJECTIVES


85/180

85

Redundant topologies

Spanning Tree Protocol

REDUNDANCY


86/180

86

Redundant networking topologies are designed to ensure that networks

continue to function in the presence of single points of failure.

REDUNDANT TOPOLOGIES


87/180

87

A goal of redundant topologies is to eliminate network outages caused by a

single point of failure.

All networks need redundancy for enhanced reliability.

SIMPLE REDUNDANT SWITCHED TOPOLOGY


88/180

88

BROADCAST STORM


89/180

89

MULTIPLE FRAME TRANSMISSIONS


90/180

90

MEDIA ACCESS CONTROL DATABASE INSTABILITY


91/180

91

In a redundant switched network, it is possible for switches to learn the

wrong information. A switch can learn that a MAC address is on a port

when it is not.

USING BRIDGING LOOPSFOR REDUNDANCY


92/180

92

SPANNING-TREE PROTOCOL


93/180

93

SPANNING TREE LINK COSTS


94/180

94

A SPANNING TREE


95/180

95

SPANNING-TREE OPERATION


96/180

96

One root bridge per network.

One root port per nonroot

bridge.

One designated port per

segment.

Nondesignated ports areunused.

BRIDGE PROTOCOL DATA UNIT


97/180

97

Bridge protocol data unit

(BPDU)

BRIDGE IDS


98/180

98

SPANNING-TREE PORT STATES


99/180

99

SPANNING-TREE RECALCULATION


100/180

100

A switched internetwork has converged when all the switch and bridge ports

are in either the forwarding or blocked state.

RAPID SPANNING-TREE PROTOCOL


101/180

101

The standard and protocol introduce the following:

Clarification of port states and roles

Definition of a set of link types that can go to forwarding state rapidly

Allowing switches, in a converged network, to generate their ownBPDUs rather than relaying root bridge BPDUs

RAPID SPANNING-TREE PORT DESIGNATIONS


102/180

102

The Rapid Spanning Tree Protocol, IEEE 802.1w, will eventually replace

the Spanning Tree Protocol, IEEE 802.1D.

TIMEFOR LAYER 3 REDUNDANCY (HIGH-AVAILABILITY)


103/180

103

WHYYOUNEED IMPLEMENTING HIGH AVAILABILITY?
http://www.google.co.in/url?sa=i&source=images&cd=&cad=rja&docid=8o6C0sYIHc-qmM&tbnid=2mJdDG8zZjaPaM:&ved=0CAgQjRwwAA&url=http://blogs.villagevoice.com/runninscared/2011/02/magic_johnson_n.php&ei=05n3Uc3zCM2rhQf7lIHoCw&psig=AFQjCNHipXGaTbvlb_KXacQ5ohFnyWXt6g&ust=1375267667277700


104/180

104

ROUTER REDUNDACY


105/180

105

FIRST HOP REDUNDANCY SCHEMES


106/180

106

Hot Standby Router Protocol (HSRP) Cisco informational RFC 2281 ( March 1998)

Virtual Router Redundancy Protocol (VRRP) IETF Standard RFC 2338 (April 1998)

Gateway Load Balancing Protocol (GLBP) Cisco designed, load sharing, patent pending

HSRP


107/180

107

A group of routers function as one virtual router by sharing ONE virtual IP

address and ONE virtual MAC address.

One (Active) router performs packet forwarding for local hosts

The rest of the routers provide hot standby in case the active routerfails

Standby routers stay idle as far as packet forwarding from the client side isconcerned

FIRST HOP REDUNDANCYWITH HSRP


108/180

108

Gateway routers

CL1 CL2 CL3

HSRP ACTIVE HSRP STANDBY HSRP LISTEN

Clients

R1 R2 R3

R1- Active, forwarding traffic; R2, R3 - hot standby, idle

IP: 10.0.0.254MAC: 0000.0c12.3456

vIP: 10.0.0.10

vMAC: 0000.0c07ac00

IP: 10.0.0.253MAC: 0000.0C78.9abc

vIP:

vMAC:

IP: 10.0.0.252MAC: 0000.0cde.f123

vIP:

vMAC:

IP: 10.0.0.1

MAC: aaaa.aaaa.aa01

GW: 10.0.0.10

ARP: 0000.0c07.ac00

IP: 10.0.0.2

MAC: aaaa.aaaa.aa02

GW: 10.0.0.10

ARP: 0000.0c07.ac00

IP: 10.0.0.3

MAC: aaaa.aaaa.aa03

GW: 10.0.0.10

ARP: 0000.0c07.ac00

VRRP


109/180

109

Very similar to HSRP

A group of routers function as one virtual router by sharing ONE virtual IPaddress and ONE virtual MAC address

One (master) router performs packet forwarding for local hosts

The rest of the routers act as back up in case the master routerfails

Backup routers stay idle as far as packet forwarding from the client side isconcerned

FIRST HOP REDUNDANCYWITH VRRP


110/180

110

Gateway routers

CL1 CL2 CL3

VRRP ACTIVE VRRP BACKUP VRRP BACKUP

Clients

R1 R2 R3

R1- Master, forwarding traffic; R2, R3 - backup

IP: 10.0.0.254MAC: 0000.0c12.3456

vIP: 10.0.0.10

vMAC: 0000.5e00.0100

IP: 10.0.0.253MAC: 0000.0C78.9abc

vIP:

vMAC:

IP: 10.0.0.252MAC: 0000.0cde.f123

vIP:

vMAC:

IP: 10.0.0.1

MAC: aaaa.aaaa.aa01

GW: 10.0.0.10

ARP: 0000.5e00.0100

IP: 10.0.0.2

MAC: aaaa.aaaa.aa02

GW: 10.0.0.10

ARP: 0000.5e00.0100

IP: 10.0.0.3

MAC: aaaa.aaaa.aa03

GW: 10.0.0.10

ARP: 0000.5e00.0100

GLBP DEFINED

A f t f ti i t l t b h i ONE i t l IP


111/180

111

A group of routers function as one virtual router by sharing ONE virtual IPaddress but using Multiple virtual MAC addresses for traffic forwarding

Provides uplink load-balancing as well as first hop fail-over

IP Leadership feature

GLBP REQUIREMENTS


112/180

112

Allow traffic from a single common subnet to go through multiple redundantgateways using a single virtual IP address

Provide upstream load-balancing by utilizing the redundant up-linkssimultaneously

Eliminate the need to create multiple vLANs or manually divide clients formultiple gateway IP address assignment

Preserve the same level of first-hop failure recovery capability as provided byHSRP

FIRST HOP REDUNDANCYWITH GLBP


113/180

113

Gateway routers

CL1 CL2 CL3

GLBP AVG/AVF,SVF GLBP AVF,SVF GLBP AVF,SVF

Clients

R1 R2 R3

R1- AVG; R1, R2, R3 all forward traffic

IP: 10.0.0.254MAC: 0000.0c12.3456

vIP: 10.0.0.10

vMAC: 0007.b400.0101

IP: 10.0.0.253MAC: 0000.0C78.9abc

vIP: 10.0.0.10

vMAC: 0007.b400.0102

IP: 10.0.0.252MAC: 0000.0cde.f123

vIP: 10.0.0.10

vMAC: 0007.b400.0103

IP: 10.0.0.1

MAC: aaaa.aaaa.aa01

GW: 10.0.0.10

ARP: 0007.B400.0101

IP: 10.0.0.2

MAC: aaaa.aaaa.aa02

GW: 10.0.0.10

ARP: 0007.B400.0102

IP: 10.0.0.3

MAC: aaaa.aaaa.aa03

GW: 10.0.0.10

ARP: 0007.B400.0103


114/180

114

Routing

ROUTING TYPES


115/180

115

Hoboken#show ip route

Codes: C - connected, S - static,

S 172.16.1.0/24 [1/0] is directly connected, Serial0

C 192.168.2.0/24 is directly connected, Ethernet0

The cost for all static routes is 0

The default administrative distance for

static routes is 1

ADMINISTRATIVE DISTANCE


116/180

116

Administrative Distance is the trustworthiness of the routing information. Lower the administrative distance the more trustworthy the information. If the router hears about a route to the same network from more than one

source it will use the administrative distance to decide which route to put inthe routing table.

STATIC ROUTING


117/180

117

172.16.0.0/16 192.168.1.0/24

.1 .1.2 .2

RTA RTB RTC

192.168.2.0/24

.1 .1

10.1.0.0/16

s0 s0 s1s1e0 e0

Configuring static routes

Routers do not need to configure static routes for their own directly connected

networks.

We need to configure static routes for networks this router needs to reach. We will need to configure static routes for the other routers as well, as routing

information about a path from one network to another does not provide routing

information about the reverse, or return path.

Convergence When all the routers in the network (AS) have accurate and

consistent information, so that proper routing and packet forwarding can take

place.

Convergence will not happen until all the routers have complete and accurate

routing information, meaning we must configure static routes on all the routers

before packets will be correctly delivered.

STATIC ROUTING

172.16.0.0/16 192.168.1.0/24192.168.2.0/24 10.1.0.0/16


118/180

118

.1 .1.2 .2

RTA RTB RTC

.1 .1

s0 s0 s1s1e0 e0

1

2

RTA(config)#ip route 192.168.1.0 255.255.255.0 172.16.0.2

RTA#show ip route

Codes: C - connected, S - static,

C 172.16.0.0/16 is directly connected, Serial0S 192.168.1.0/24 [1/0] via 172.16.0.2

C 192.168.2.0/24 is directly connected, Ethernet0

Recursive Lookup The router knows it can get to 192.168.1.0/24 network by forwarding the packets

to the router at the ip address of 172.16.0.2 How does the router know how to get to the ip address 172.16.0.2?

It does a recursive lookup first (1) by looking up the 192.168.1.0/24 network and

finding it needs to forward the packet to 172.16.0.2 the router then (2) looks up

the 172.16.0.0 network and sees it can forward it out the interface Serial 0.

DYNAMIC ROUTING ROUTING PROTOCOLS

The goal of a routing protocol is to build and maintain the routing table


119/180

119

The goal of a routing protocol is to build and maintain the routing table.

This table contains the learned networks and associated ports for those

networks.

Routers use routing protocols to manage information received from other

routers, information learned from the configuration of its own interfaces, along

with manually configured routes.

TYPESOF ROUTING PROTOCOLS


120/180

120

Distance Vector: RIP, IGRP, EIGRP Link State: OSPF, IS-IS Path Vector: BGP Note: IGRP and EIGRP are Cisco

Proprietary

RIP

Routing Information Protocol (RIP) was originally


121/180

121

Routing Information Protocol (RIP) was originallyspecified in RFC 1058.

It is a distance vectorrouting protocol.

Hop count is used as the metric for path selection.

If the hop count is greater than 15, the packet is discarded.

Routing updates are broadcast every 30 seconds, by default.

IGRP


122/180

122

IGRP is a distance vector routing protocol developed by Cisco. IGRP sends routing updates at 90 second intervals, advertising

networks for a particular autonomous system. Key design characteristics of IGRP are a follows:

o The versatility to automatically handle indefinite, complextopologies

o The flexibility needed to segment with different bandwidth anddelay characteristics

o Scalability for functioning in very large networks

IGRP

By default the IGRP routing protocol uses bandwidth and delay as metrics


123/180

123

By default, the IGRP routing protocol uses bandwidth and delay as metrics.

Additionally, IGRP can be configured to use a combination of variables todetermine a composite metric.

Those variables include: Bandwidth

Delay

Load

Reliability

IGRP has an administrative distance of100, more trustworthy than RIP at120.

This means a Cisco router will prefer an IGRP learned route over a RIP

learned route to the same network.

IGRP TIMERS


124/180

124

All timers begin at the same time. Update timer = 90 seconds Invalid timer = 270 seconds Holddown timer = 280 seconds Flush timer = 630 seconds

Today, IGRP is showing its age, it lacks support for variablelength subnet masks (VLSM).

Enhanced IGRP (EIGRP) supports VLSM.

EIGRP CONCEPTS

Every EIGRP router maintains a topology table for each configured network


125/180

125

Every EIGRP router maintains a topology table for each configured network

protocol.

All learned routes to a destination are maintained in the topology table.

Neighbor discovery and recovery Reliable Transport Protocol

DUAL finite-state machine algorithm

Protocol-dependent modules

By forming adjacencies, EIGRP routers:

Dynamically learn of new routes that join their network

Identify routers that become either unreachable or inoperable

Rediscover routers that had previously been unreachable

USING EIGRP WITH IGRP


126/180

126

EIGRP DATA STRUCTURES

The five EIGRP packet types are as follows:


127/180

127

The five EIGRP packet types are as follows: Hello (used to discover, verify, and rediscover neighbor routers)

Acknowledgment

Update

Query

Reply

EIGRP SUCCESSORSAND FEASIBLE SUCCESSORS


128/180

128

FEASIBLE SUCCESSOR ROUTE SELECTION RULES


129/180

129

CONFIGURING EIGRP


130/180

130

EIGRP AUTOMATICALLY SUMMARIZES BASEDON CLASS


131/180

131

ROUTE SELECTION

If a link goes down, DUAL looks for an alternative route path, or feasible


132/180

132

successor, in the topology table.

If a feasible successor is not found, the route is flagged as Active, orunusable at present.

Query packets are sent to neighboring routers requesting topologyinformation.

DUAL uses this information to recalculate successor and feasible successorroutes to the destination.

OSPF

Open ShortestPath First


133/180

133

Path First Link State or SPF technology Developed by the IETFs OSPF working group (RFC 1247) Designed for TCP/IP Fast Convergence Variable length netmasks Non-contiguous subnets No need for periodic updates Route authentication

OSPF is defined in RFC2328

LINK-STATE ROUTING

Neighbor discovery


134/180

134

Construct a Link State Packet (LSP)

Distribute the LSP

Link State Announcement LSA

Route calculation

If a link fails

Flood new LSPs

All routers recalculate their routing tables

OSPF AREAS

Group of contiguous nodes/networks


135/180

135

Per area topology DB

Invisible outside the area

Reduces routing traffic Backbone Area is contiguous

All others areas must connect to the backbone

Virtual Links

Area 1Area 4

Area 0

Backbone Area

Area 2 Area 3

ROUTER CLASSIFICATIONIN OSPF

Internal Router (IR)


136/180

136

Area Border Router (ABR)

Backbone Router (BR)

Autonomous System Border Router (ASBR)

Area 0

Area 2 Area 3

IR

ABR/BR

To another AS

ASBR

OSPF ROUTE TYPES


137/180

137

Intra-Area Route

All routes within an area

Inter-Area Route Routes announced from area to

another by an ABR

External Route Routes imported into OSPF from

another protocol or Static routes

Area 0Area 2 Area 3

ABR

To Another AS

ASBR

ROUTE SUMMARIZATION

Prefix or all subnets


138/180

138

Prefix or all networks

Area range command

Routes can be summarized only in

ABRs

ASBRs

1.A 1.B 1.C

FDDI

Dual Ring

R1 (ABR)

R2

Network

1

Next Hop

R1

Network

1.A1.B

1.C

Next Hop

R1R1

R1

With

Summarization

Without

Summarization

Backbone

Area 0

Area 1

OSPFS METRICIS COST (BANDWIDTH)

Cisco: Cost = Bandwidth


139/180

139

Cisco uses a default cost of108/bandwidth

Default bandwidth of the interface (bandwidth command) 108(100,000,000)as the reference bandwid th: This is used so that the

faster links (higher bandwidth) have lower costs.

Routing metrics, lower the cost the better the route.

I.e. RIP: 3 hops is better than 10 hops

Extra: The reference bandwidth can be modified to accommodate

networks with links faster than 100,000,000 bps (100 Mbps). See ospf

auto-cost reference-bandwidth command.

Cost of a route is the cumulative costs of the outgoing interfaces from this

router to the network.

OSPF PACKETTYPES

Share a common protocol header Routing protocol packets are sent with a TOS of 0


140/180

140

Routing protocol packets are sent with a TOS of 0 Five types of OSPF routing protocol packets

Hello packet type 1 DB Description packet type 2 Link-state request packet type 3 Link-state update packet type 4 Link-state Acknowledgment packet type 5

OSPF LSA TYPES

OSPF has 11 types of LSAs out of which 7 types are used in normal


141/180

141

scenarios

OSPF ADJACENCYSTATES

1. Establishing router adjacencies


142/180

142

Down State No Hello received

Init StateHello received, but not with this routers Router ID

Hi, my name is Carlos. Hi, my name is Maria.

Two-way StateHello received, and with this routers Router ID

Hi, Maria, my name is Carlos. Hi, Carlos, my name is Maria.

2. Electing DR and BDR Multi-access (broadcast) segments only

ExStart State with DR and BDR

Two-way State with all other routers

3. Discovering Routes

ExStart State

Exchange State

Loading StateFull State

4. Calculating the Routing Table

5. Maintaining the LSDB and Routing Table

OSPF STUB AREAS


143/180

143

A stub area has only one entry and exit point.

Topology changes in other areas do not affect stub areas. The ABR is

still the only way out.

STUBVS. TOTALLY STUB

Similarities


144/180

144

ABR does not advertise Type 4 or 5 LSAs into the area

There should be no OE1 or OE2 routes in the area

ABR advertises a default route to the internal routers

Neither area can have an ASBR in it

Neither area can be the backbone

Differences

Totally stub does not advertise Type 3 LSAs either

Stub routing table: O,O IA, and default route Totally stub routing table: O and default route

Stub Area

R1(config-router)#area 1 stub


Command must be entered on all routers in the area

Totally Stubby Area

R1(config-router)#area 1 stub no-summary


ABR is configured with stub no-summary

Internal routers are configured with stub

NSSA

Many service providers have OSPF areas that have only one exit point, but

th t i ASBR


145/180

145

the areas contain an ASBR

Solution: Not-So-Stubby Areas (NSSAs)

The ASBR originates a Type 7 LSA

The ABR converts from Type 7 to Type 5

Not-So-Stubby Area

R1(config-router)#area 1 nssa

R2(config-router)#area 1 nssaR2(config-router)#redistribute static

Command must be entered on all routers in the area

ASBR must be configured to inject non-OSPF routes

Totally Not-So-Stubby Area

R1(config-router)#area 1 nssa no-summary


ABR is configured with nssa no-summary

Internal routers are configured with nssa

BORDER GATEWAY PROTOCOL

General Terms


146/180

146

IGP (Interior Gateway Protocol) - RIP, IGRP, EIGRP, OSPF = Routingprotocol used to exchange routing information within an autonomous system.

EGP (Exterior Gateway Protocol) - BGP = Routing protocol used to exchange

routing information between autonomous systems.

Autonomous SystemA set of routers under the single technical

administration, using an IGP and common metrics to route packets within the

AS, and using an EGP to route packets to other ASs.

BGP is a path vector routing protocol.

BGP


147/180

147

BGP is a path vector routing protocol.

BGP uses a list of AS numbers through which a packet must pass to reach adestination.

The function of BGP is to:

Exchange routing information between autonomous systems

Guarantee the selection of a loop free path.

BGP4 is the first version of BGP that supports CIDR and route aggregation.

Common IGPs such as RIP, OSPF, and EIGRP use technical metrics. BGP does not use technical metrics.

BGP makes routing decisions based on network policies, or rules (later)

BGP does not show the details of topologies within each AS.

BGP sees only a tree of autonomous systems.

Cisco routers maintain a separate routing table to hold BGP routes.

BGP

BGP updates are carried using TCP on port 179.


148/180

148

In contrast, RIP updates use UDP port 520

OSPF, IGRP, EIGRP does not use a Layer 4 protocol

Because BGP requires TCP, IP connectivity must exist between BGP peers.

TCP connections must also be negotiated between them before updates can

be exchanged.

Therefore, BGP inherits those reliable, connection-oriented properties from

TCP.

BGP MESSAGE TYPES

Before establishing a BGP peer connection the two neighbors must perform

the standard TCP three way handshake and open a TCP connection to port


149/180

149

the standard TCP three-way handshake and open a TCP connection to port

179.

After the TCP session is established, BGP peers exchanges several

messages to open and confirm connection parameters and to send BGP

routing information.

All BGP messages are unicast to the one neighbor over the TCP connection.

There are four BGP message types:

Type 1: OPEN

Type 2: KEEPALIVE Type 3: UPDATE

Type 4: NOTIFICATION

BGP STATES

BGP FSM includes six states:


150/180

150

Idle Connect

Active

OpenSent

Open Confirm

Established

BGP STATES

IDLE StateBGP l b i i th Idl t t i hi h it f ll i i ti


151/180

151

BGP always begins in the Idle state, in which it refuses all incoming connections.

It is normally initiated by an administrator or a network event.

When Start event occurs, the BGP process: Initializes all BGP resources

Starts the ConnectRetry timer

Initializes a TCP connection to the neighbor

Listens for a TCP initialization from the neighbor

Changes its state to Connect

CONNECT State If the connection is unsuccessful, the BGP process:

Continues to listen for a connection to be initiated by the neighbor

Resets the ConnectRetry timer

Transitions to the Active state

ACTIVE State In this state, the BGP process is waiting for the TCP connection to be completed.

If the connection is successful, the BGP process:

Clears the ConnectRetry timer

Completes initialization

Sends an Open message to the neighbor

Transitions to the OpenSent state

BGP STATES

Open Sent StateI thi t t O h b t d BGP i iti t h O f


152/180

152

In this state an Open message has been sent and BGP is waiting to hear an Open message from

its neighbor.

When an Open message is received, all its fields are checked. If errors exist, a Notification message is sent and the state transitions to Idle.

If no errors exist, a Keepalive message is sent and the Keepalive timer is set, the peer is

determined to be internal or external, and state is changed to OpenConfirm.

Open Confirm State In this state, the BGP process waits for a Keepalive orNotification message.

If a Keepalive message is received, the state transitions to Established. If a Notification message is received, or a TCP disconnect is received, the state transitions to Idle.

Established State In this state, the BGP connection is fully established and the peers can exchange Update,

Keepalive messages.

If an Update orKeepalive message is received, the Hold timer is restarted.

If a Notification message is received, the state transitions to Idle.

BGP PATH ATTRIBUTES

Much of the work you will do configuring BGP focuses on path attributes.

E h t h it t f d fi d tt ib t hi h i l d th


153/180

153

Each route has its own set of defined attributes, which can include path

information, route preference, next-hop, and aggregation information.

Administrators use these values to enforce routing policy.

Based on attribute values, you can configure BGP to filter routing information,

prefer certain paths, or otherwise customize its behavior.

Path attributes come in four different types:

Well-known mandatory

Well-known discretionary

Optional transitive

Optional non-transitive

BGP PATH ATTRIBUTES

Well-known mandatory

An attribute that has to exist in the BGP UPDATE packet


154/180

154

An attribute that has to exist in the BGP UPDATE packet.

It must be recognized by all BGP implementations.

If a well-known attribute is missing, a notification error will be generated; this ensures that all BGPimplementations agree on a standard set of attributes.

Example: AS_PATH attribute.

Well-known discretionary

An attribute that is recognized by all BGP implementations

But may ormay not be sent in the BGP UPDATE message.

Example: LOCAL_PREF

Optional transitive

An attribute that may or may not be, recognized by all BGP implementations (thus, optional).

Because the attribute is transitive, BGP should accept and advertise the attribute even if it isnt

recognized.

Example: COMMUNITY

Optional non-transitive An attribute that may or may not be, recognized by all BGP implementations.

Whether or not the receiving BGP router recognizes the attribute, it is non-transitive, and should

not be passed along to other BGP peers.

Example: ORIGINATOR_ID

BGP PATH ATTRIBUTES

Attribute Code Type

1-ORIGIN Well-known mandatory


155/180

155

2-AS_PATH Well-known mandatory

3-NEXT_HOP Well-known mandatory

4-MULTI_EXIT_DISC Optional non-transitive5-LOCAL_PREF Well-known discretionary

6-ATOMIC_AGGREGATE Well-known discretionary

7-AGGREGATOR Well-known discretionary

8-COMMUNITY Optional transitive (Cisco)

9-ORIGINATOR_ID Optional non-transitive (Cisco)

10-Cluster List Optional non-transitive (Cisco)

11-Destination Preference (MCI)

12-Advertiser (Baynet)

13-rcid_path (Baynet)

255-Reserved [md]

Summary of the BGP Path Selection Process

BGP selects only one path as the best path.

When the path is selected, BGP puts the selected path in its routingtable and propagates the path to its neighbors.

BGP CONFIGURATION

To begin configuring a BGP process, issue the following familiar command:

Router(config)#router bgp AS number


156/180

156

Router(config)#router bgpAS-number

BGP configuration commands appear on the surface to mirror the syntax of

familiar IGP (for example, RIP, OSPF) commands.

Although the syntax is similar, the function of these commands is significantly

different.

Note: Cisco IOS permits only one BGP process to run at a time, thus, a

router cannot belong to more than one AS.

EBGP MULTI HOP

EBGP neighbors must be directly connected in order to establish an EBGP

session


157/180

157

session.

However, EBGP multihop is a Cisco IOS option allows RTW and RTU to be

logically connected in an EBGP session, despite the fact that RTV does notsupport BGP.

The EBGP multihop option is configured on each peer with the following

command:

Router(config-router)#neighborIP-addressebgp-multihop [hops]

RTW(config)#router bgp 200

RTW(config-router)#neighbor 1.1.1.2 remote-as 300

RTW(config-router)#neighbor 1.1.1.2 ebgp-multihop 2

RTU(config)#router bgp 300RTU(config-router)#neighbor 1.1.1.1 remote-as 200

RTU(config-router)#neighbor 1.1.1.1 ebgp-multihop 2

PATH SELECTION PROCESS

BGP uses the following criteria, in the order presented, to select a path for a

destination:


158/180

158

destination:

1. If the path specifies a next hop that is inaccessible, drop the update.

2. Prefer the path with the largest weight.

3. If the weights are the same, prefer the path with the largest local preference.

4. If no route was originated, prefer the route that has the shortest AS_path.

6. If all paths have the same AS_path length, prefer the path with the lowest

origin type (where IGP is lower than EGP, and EGP is lower thanIncomplete).

7. If the origin codes are the same, prefer the path with the lowest MED

attribute.

8. If the paths have the same MED, prefer the external path over the internal

path.

MPLS VPN

MPLS - VPN is generally Virtual Private Network in which various customers

are allowed to communicate with each other through a common cloud


159/180

159

are allowed to communicate with each other through a common cloud.

VRF will be configured for each routing instance / customer.

VRF is VPN Routing and Forwarding.

Each VRF will have a VRF name with CASE-SENSITIVE.

VRF is not operational unless you configure RD.

Each VRF will have unique Route Targets both import and import.

We have all these VRFs to be participated in BGP to propagate routing

information.

MPBGP

In MPLS network, we use MP-BGP


160/180

160

Normal BGP uses IPv4 header between peers. MP-BGP uses VPNV4.

VPNV4 prepends 64bit header infront of IPV4 IP header packet to make itdifferent from.

To make this enable we need to add the following command in BGP

configuration.

address-family vpnv4 unicast.

The purpose of the VRF is to have the separate routing instance for each

customers. In which the customer can be reached to the destination without

any issues in public network.

ICMP & TRACEROUTE

ICMP (Internet Control Messaging Protocol) is used for IP troubleshooting in Networks.

Uses ICMP message within an IP Packet, Protocol field = 1


161/180

161

Both are layer 3 protocols. (ICMP is considered as a network layer protocol.)

Does not use TCP or UDP, but may be acted upon by the receiver using TCP or UDP.Format

pingip address (orping for extended ping)

ping 172.30.1.25

ICMP & TRACEROUTE (CONTINUED)

Trace ( Cisco = traceroute, tracert,) is used to trace theprobable path apacket takes between source and destination.


162/180

162

Probable, because IP is a connectionless protocol, and different packets maytake different paths between the same source and destination networks,although this is not usually the case.

Trace will show the path the packet takes to the destination, but the returnpath may be different.

This is more likely the case in the Internet, and less likely within your ownautonomous system.

Uses ICMP message within an IP Packet Both are layer 3 protocols.

Uses UDP as a the transport layer.

Traceroute uses ping (echo requests)

Traceroute sets the TTL (Time To Live) field in the IP Header, initially to 1

10.0.0.0/8 172.16.0.0/16 192.168.10.0/24

.1 .1 .1.2 .2 .2

RTA RTB RTC RTD


163/180

163

ADD-ONs

(DNS & DHCP)

DNS CONCEPTS

Domains

Uses a hierarchical name space


164/180

164

Each domain is represented by a branch of the hierarchy

The top of the hierarchy is called the root; all domains branch from the root

Domains represent the conceptual aspect of the DNS system

Zones

Zones are the embodiment of one or more domains on a system that providename resolution: a DNS Server

Typically there is a one-to-one correspondence between Domains andZones, although a zone can have more than one domain

Zone Types: Master

Slave

Forward

Stub

Delegation

The process by which a parent domain turns over responsibility of a childdomain to a different, unique Zone

THE BASICS

DNS is simple: Ask it a question, it gives you an answer; the trick: how the

answer is obtained


165/180

165

It was designed as a rudimentary directory (data store is simplistic)

The most common questions and answers (informaion supplied by thisdirectory):

Please translate a name to an IP Address

Please translate an IP address to a name

Please give me the IP Address of a gateway so I can deliver e-mail

THE BASICS

Client-Server architecture

Client is called a resolver


166/180

166

Client is called a resolver

Client queries a pre-configured (manually or via DCHP) DNS server

The DNS server looks up the query data

In its configuration files

In its cache from prior queries

From other DNS servers

Developed at Berkeley

Hierarchical name space

Static mapping originally; dynamic capabilities added later

Defined in a number of IETF RFCs. Predominantly RFC 1034 and 1035

THE BASICS

DNS is implemented in a piece of software that is called a DNS Server. The

most common implementation of the DNS Server is called BIND (Berkeley


167/180

167

( y

Internet Name Domain) Server.

BIND is currently maintained by an organization called Internet System

Consortium (ISC). The latest version is BIND 9.3.3 and 8.4.7

BIND incorporates most RFCs; it is the reference implementation for all

DNS servers

NAME SPACE STRUCTURE

. (root)


168/180

168

org gov uscomedu

ins

ins.com Domain

( )

company

hr

finance

company.us Domain

mfg

THE SERVERS

A DNS Server typically has ultimate responsibility (authority) for a part of the

DNS Name Space hierarchy, on a domain boundary


169/180

169

Maintains information about Domains in Zones

Zones contain the information that is used by the DNS server to answer

questions asked of it

Questions are called queries

Answers are called responses

SERVERS


170/180

170

DOMAINSAND ZONES

Domains

Domains represent the conceptual aspect of the DNS system (the


171/180

171

p p p y (

theoretical representation of the domain name space)

Each domain is represented by a branch of the hierarchy Zones

Zones are the embodiment of one or more domains on a system that

provide name resolution: a DNS Server

Typically there is a one-to-one correspondence between Domains and

Zones, although a zone can have more than one domain Zone Types (more on these later):

Master

Slave

Forward

Stub

DOMAINSAND ZONES

Delegation


172/180

172

The process by which a parent domain turns over responsibility of a childdomain to a different, unique Zone

Delegation is what makes the distribution of the DNS name space to

autonomous organizations possible

DNS CONCEPTS RESOLUTION


173/180

173

CACHING

When a DNS server is queried for information, it must always find and go to

the authoritative source


174/180

174

That authoritative source might be itself (if a Master of a Slave for that Zone)

Any information that a DNS server acquires or learns from other DNSservers are retained in memory; this is called caching

Allows subsequent queries that are identical or related to learned

information reduces or eliminate queries to the authoritative source

The authoritative source will indicate to the asking DNS server how long

information can be retained before refreshing the information from theauthoritative source; this is called Time-To-Live for a DNS response, or TTL

DYNAMIC HOST CONFIGURATION PROTOCOL - DHCP

RFC 2131

Runs over UDP as well


175/180

175175

Runs over UDP as well

Provides automatic configuration of the host connected to network or booted

Provides hosts with initial configuration information upon bootup:

IP address with subnet mask,

default gateway,

IP address of the DNS server .

DHCP (CONT.)

server Aclient

server B

(selected)(not selected)


176/180

176

determine

configuration

determine

configuration

DHCP discoverDHCP discover

DHCP offerDHCP offer

select configuration

DHCP requestDHCP request

DHCP ack

Initialization completes

graceful shutdownDHCP release

discard lease

using the allocated configuration

(se ected)( ot se ected)

DHCP MESSAGES

DHCPDISCOVER The client broadcasts message in search of available DHCP servers


177/180

177177

The client broadcasts message in search of available DHCP servers.

DHCPOFFER The server response to the client DHCPDISCOVER with offer ofconfiguration parameters .

DHCPREQUEST The client broadcasts to the server, requesting offered parameters from

one server specifically.

Confirms correctness of previously allocated address after, e.g., systemreboot.

Extends the lease on a particular network address.

DHCPRELEASE The client-to-server communication, relinquishing network address and

canceling remaining lease.

DHCPACK The server-to-client communication with configuration parameters,

DHCP MESSAGES (CONT.)


178/180

178178

g p

including committed network address.

DHCPNAK Server to client indicating client's notion of network address is incorrect

(e.g., client has moved to new subnet) or client's lease as expired

DHCPDECLINE The client-to-server communication, indicating that the network address is

already in use. DHCPINFORM

The client-to-server communication, asking for only local configuration

parameters that the client already has externally configured as an

address.

REFERENCES

http://compnetworking.about.com/od/basicnetworkingconcepts/Networking_B

asics_Key_Concepts_in_Computer_Networking.htm
http://compnetworking.about.com/od/basicnetworkingconcepts/Networking_Basics_Key_Concepts_in_Computer_Networking.htmhttp://compnetworking.about.com/od/basicnetworkingconcepts/Networking_Basics_Key_Concepts_in_Computer_Networking.htmhttp://compnetworking.about.com/od/basicnetworkingconcepts/Networking_Basics_Key_Concepts_in_Computer_Networking.htmhttp://compnetworking.about.com/od/basicnetworkingconcepts/Networking_Basics_Key_Concepts_in_Computer_Networking.htmhttp://compnetworking.about.com/od/basicnetworkingconcepts/Networking_Basics_Key_Concepts_in_Computer_Networking.htm


179/180

179

http://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htm

http://www.cisco.com/cisco/web/psa/reference.html

https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=769

http://www.routeralley.com/ra/docs/stp.pdf

http://www.ircbeginner.com/ircinfo/Routing_Article.pdf
http://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cisco.com/cisco/web/psa/reference.htmlhttps://learningportal.juniper.net/juniper/user_activity_info.aspx?id=769http://www.routeralley.com/ra/docs/stp.pdfhttp://www.routeralley.com/ra/docs/stp.pdfhttp://www.routeralley.com/ra/docs/stp.pdfhttps://learningportal.juniper.net/juniper/user_activity_info.aspx?id=769https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=769https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=769https://learningportal.juniper.net/juniper/user_activity_info.aspx?id=769http://www.cisco.com/cisco/web/psa/reference.htmlhttp://www.cisco.com/cisco/web/psa/reference.htmlhttp://www.cisco.com/cisco/web/psa/reference.htmlhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htmhttp://www.cse.tkk.fi/fi/opinnot/T-110.1100/1999_Tik-110.250/Kalvot/TKK_2_99/index.htm


180/180

IP Networking Overview_Issue 1.0

Documents

Transcript of IP Networking Overview_Issue 1.0