application File, PRint, message, database, and applications Determines availability of the target host. Www, email, FTP, telnet, edi, quake
Presentation Data Encryption, compression, and translation services Determines the syntax of the data transfer. Pict, tiff, jpeg, midi, mpeg, quicktime, etc
session Dialog control, coordinates the comunications Nfs, sql, rpc, x windows, asp (appletalk session protocol), DNA SCP ( digital whatzit)
Transport End-to-end communication Responsible for hiding the communications from the higher layers. TCP / UDP
Network Routing ip / ICMP, BootP, ARP, RARP Routers
Data Link Framing Ethernet II, 802.5 (token ring), 802.3, 802.2 (802.3 with dsap and ssa p logical link control fields) Media access control: MAC: 48 bits, 3 bytes vendor + 3 bytes serial nu mber
WAN:
High-level datalink control HDLC (cisco default for serial links) Synchronous Data Link Control SDLC (uses polling) Link Access Procedure, Balanced LAPB x.25, slip, ppp, isdn, Frame Relay Bridges / Switches Physical Wire?nbsp; v.24, v.35, x.21, g.703, hssi, etc Repeaters / Hubs
DOD Model
Process/application ?nbsp; application, presentation, session Host-to-host ?nbsp; transport Internet ?nbsp; network Network access ?nbsp; Datalink / physical
LAN
Ethernet 802.3 CSMA/CD Ethernet_II 802.2 10base2/thinnet: 185 meters 10base5/thicknet: 500 meters 10baseT: can run above 10Mbps 200ish meters 5-4-3 rule: 5 segments, 4 repeaters, 3 segments populated 100BaseTX: 100 meters, up to 2 repeaters. Packets between 512 and 1518.
FDDI 100 Mbps token passing with dual counter-rotating rings
Token-ring 802.5 4 / 16 Mbps
ATM 53-byte cells
Flow Control
Contention: CSMA/CD : Carrier Sense Multiple Access, Collision Detect Token Passing: Token Ring, Fiddi Polling: SDLC, some HDLC, some HP ethernet stuff
SWITCHING
Store ?nbsp;and ?nbsp;forward Buffers whole frame before forwarding
Cut-Through Forward frame as soon as destination address is available
Fragment Free Does Cut-Through after 64 bytes are received to stop collision packe ts from being forwarded.
802.1d Spanning-Tree Protocol STP detect and eliminates loops in routed network
STA: Spanning Tree Algorithm Sends out BPDUs: Bridge protocol data units
VLAN:
Virtual Lans
Create 'logical' networks by location, function or department.. Or pro tocol, or whatever. Done with a switch using Frame-Tagging (can be used between switches I f you have ISL inter-switch link) Frame-Tagging uses unique user-defined id entifiers while within the switch fabric, and is very scalable.
TCP/IP
Port numbers:
TCP: protocol number 6 ftp: 21 telnet: 23 smtp: 25 UDP: protocol number 17 Dns: 53 Tftp: 69 Snmp: 161
TCP Addressing:
0-255: public assigned 256 ?nbsp;1023: assigned to companies 1023+ user defined / source addresses
IP Addressing:
Class leading bits decimal range of first byte A 0 1-127 B 10 128-191 C 100 192-223 Learn the rest of the stuff? Way out of scope of this.
NOTE: Cisco considers the mask to be the bits beyond what is 'normal' for th at class address, not the entire number of bits in the subnet mask, sometimes?
IPX
Protocl Stack:
1. Application, presentation, session - RIP, SAP, NCP, NLSP, etc?nbsp; 2. Transport - IPX, SPX 3. Network - IPX 4. Data link - ODL Open Data Link 5. Physical - whatever
IPX
Connectionless, and communicates via sockets Each host runs its own internal ipx network in addition to any lan n etwork Addressing: 10 byte address first 4 bytes are network ?nbsp;need to be unique, otherwise whatever..
Last 6 bytes are node - usually just use the MAC address
SPX
Sequence Packet eXchange Connection oriented protocol Creates virtual circuits, with specific connection Ids
RIP
Routing information protocol Distance vector protocol that establishes routes between ipx network s Judges based on ticks (1/18 second units) and hops Broadcast every 60 seconds Used to provide each server with a complete network map
SAP Service advertising protocol Servers use it to advertise, clients use it to locate services Broadcast every 60 seconds
NLSP NetWare Link Services Protocol Link-state protcol to replace RIP and SAP someday?nbsp;
NCP NetWare Core Protocol Provides access to server resources
Netware in a nutshell
1. Strict client-server model (nobody is both) 2. Servers provide files, printing, messaing, applications, and data bases 3. Every netware server (or cisco router) creates a SAP table of all services offered by all servers 4. A client issues a GNS (GetNearestServer request) broadcast to fin d out what is on the local SAP
Netware frame types & Features
1.802.3 default on NetWare 3.11 2.802.2 default on NetWare 3.12+ 3.ethernet_ii - supports tcp/ip and ipx 4.ethernet_SNAP - appletalk, tcp/ip, and ipx
Routing Protocols
RIP:
Routing Information Protocol Distance ?nbsp;vector routing protocol Updates every 30 seconds Route invalid timer 90 seconds: time before route considered invalid . Route flush timer: 240 seconds: route removed from table Can use metrics (1-15) to weight against some interfaces 15 hop limit
OSPF:
Open Shortest Path First Link-state routing Very infrequent broadcast updates Extremely granular metrics
NLSP:
Novell's Link State Protocol Link-state
IGRP:
Interior Gateway Routing Protocol (cisco proprietary) Distance-vector Metrics and hop count from 1-255 Measures delay in units of 10 milliseconds Measures bandwidth ?nbsp;on serial connection this needs to be set, defau lt is T1 Measures reliability as 1-255 (255 optimal): Measures load: 0-255 (0 = no-load) Allows multi-path routing (dual links of equal bandwidth to 1 locatio n) Implements hold-downs, split horizons, and poision reverse updates Update timer is 90 seconds, invalid timer is 270 seconds (3 times upd ate) Hold down timer is 280 (3 times update +10 seconds) flush timer is 630 seconds (7 times update) administrative distances: (reliability of information) 0 = direct connection, 1 = static, 100 = igrp, 110 =ospf, 120 = rip, 2 55 = unknown
EIGRP:
Enhanced IGRP Hybrid routing protocol Uses distance vectors, however they are triggered by changes, not tim ers. Faster convergence, multiprotocol support
Distance- vector:
Uses second-hand info Problems detecting /closing routing loops (counting to infinity) Judges 'best' based on hop counts Convergence can get pretty lengthy Split horizion: enforces that inforation is not sent back in directi on it came from Route poisoning: Helps prevent incorrect updates by setting route do wn eXPlicitly Hold-downs: prevents routes from changing too quickly, to allow time for stabilization
Link-state
No-second hand info, and understands entire network Uses LSP packets to build 'personal' copy of entire network strUCtur e to route from LSP: link-state packets or "hello packets" Chooses 'best' path based on: bandwidth, congestion, metrics, etc.
Update times can be set very lengthy as changes cause triggered udpa tes.
EXTERIOR routing protocols
EGP:
1. Exterior Gateway Protocol 2. Polls neighbors 3. Exchanges info about AS with neighbors 4. Distance vector 5. Very simple
BGP:
1. Border Gateway Protocol 2. Can detect routing loops 3. Can work between AS
Other Random Cisco protocols
CDP:
1. Cisco Discovery Protocol 2. Runs SNAP: SubNetwork Access Protocol at the datalink layer. 3. This allows routers running different protocols to still communi cate 4. 60 second updates, 180 second hold time
#show cdp interface interface information, encapsulation info, and timing information
#show cdp entry shows detailed information about other routers on network
#show cdp neighbors shows summary information that is being exchanged
#show cdp neighbor detail extended listing of info for all routers
#show cdp traffic shows packets sent / received amount neighbors
WAN:
POTS Plain Old Telephone Service. (politely is: pstn: public switched tel ephone network)
Demarc: end of responsbility for provider, start for customer
CPE: customer premise equipment
Local loop: wire from CO to demarc
CO: Central Office: provider POP : point of presence
SDLC
1. Synchronous Data-Link Control 2. Used originally for SNA 3. Point o-point or multipoint 4. Bounded or unbounded media, half or full duplex 5. Circuit or packet-switched networks 6. 2 node types. Primay or Secondary (controlled by primary)
HDLC
1. High-Level Data-Link Control protocol 2. This is the default communication method for cisco routers of sy nc links, and is proprietary 3. This came after SDLC, and was modified into LAP and LAPB. 4. HDLC transfer modes: 5. NRM: Normal Response Mode: secondaries only speak when spoken to
by pri 6. ARM: Async Response Mode: sec. Can speak on own 7. ABM: Async Balanced Mode: nodes can be both pri and sec 8. LAPB:Link Access Procedure Balanced: built into x.25
DDR
1. Dial on demand Routing 2. Be sure and setup route as static, and with specified distance o ver 200 to make sure it is 'last resort'
X.25
1. Point-to-point communication between DTE and DCE 2. DTE: Data Terminal Equipment (router or terminal, or whatever) 3. DCE: Data Circuit-Terminating Equipment (csu/dsi or modem) 4. PSE: Packet Switching Exchange: switches inside carriers network
5. Addresses defined by x.121 as a 14 digit number 6. DNIC:Data Network Identified Code is first 4 bits of address 7. Rest of address is assigned by the administrator 8. Full-duplex protocol 9. 'overbuilt' with lots of error checking 10. Created SVC or PVC connections (switched or Permanent virtual circuits)
PLP
1. Packet layer protocol 2. X.25's network layer protocol 3. Modes: call setup, data transfer, idle, call clearing, restartin g
LAPB
1. Link Access Procedure Balanced 2. Makes sure frames are error free and sequenced 3. Types of frames: 4. I information sequencing, flow control, error detect, recovery
5. S supervisory handles requests for, and suspension of transmitti on 6. U unnumbered link setup and disconnections and error reporting
Setting up X.25 on Cisco
#interface #encap x25 #x25 address <14 digit number> to set the address #x25 ips to configure Input Packet Size #x25 ops to configure Output Packet Size #x25 win to configure Window Input Size #x25 wout to configure Window Output Size
Frame Relay
1. Shared Bandwidth 2. Can setup a CIR (Committed Information Rate) 3. Assumed error-checking is handled at another, higher, layer 4. PVCs are created at layer 2.
DLCIs:
1. Data-link connection Identifiers : are used to identify virtual circuit connections. 2. DLCI address are assigned by the provider and then mapped to IP
addresses by the router
LMI:
1. Local management Interface 2. These are autodetected in current IOS versions?. However: 3. KeyWord Meaning 4. Cisco: defined by industry group, and default 5. ANSI: Annex D defined by T1.617 6. Q933a: Defined by ITU-T Annex A Q.933A
LMI can be used to determine the global significance of the DLCI num bers.
Setup of Frame Relay on Cisco
#interface #encapsulation frame-relay [ietf, or default is cisco] use default to talk to other cisco routers, use ietf encapsulation to talk to non-cisco.
#frame-relay interface-dlci to map dlci number to current interface, or subinterface Then specify an IP address for that subinterface
Optionally you can hard-code the address on the other end. #encap frame-relay [ietf] #no inverse-arp turns off auto addressing features #ip address #frame-relay map ip [cisco] [broadcast] this lets you mix encap types, and allow broadcast over interface
Monitoring Frame Relay
#show frame ? Ip ip statistics lmi lmi stats map map table pvc pvc stats ?nbsp;this one displays the DLCI # route route info traffic protocol stats
PPP
1. Point to Point Protocol 2. Userfull for dial-up or sync links (ISDN) 3. Authenticate using PAP: password authentication protocol or 4. CHAP: Challenge Handshake Authentication Protocol
ISDN
1. Integrated Services Digital Network 2. Terminal equipment types: 3. TE1: understands ISDN 4. TE2: predates ISDN and needs a TA (terminal adapter) to work
ISDN reference points:
1. R: between non-isdn device and TA 2. S: between terminal and NT2 device 3. T: point between NT1 and NT2 4. U: point between NT1 and carrier line termination device
ISDN protocol codes:
1. E: existing telephone network 2. I: concepts, terms, and services 3. Q: switching and signaling
ISDN service levels:
1. Connect to lines with SPIDs (service Profile Identfiers) (phone
numbers..) 2. BRI: Basic Rate Interface: 2B + 1D 3. B = 64kbs, D=16Kbps = 128kbs plus control 4. PRI: Primary Rate Interface: 23B + 1D 5. Total of 1.544Mbps
Configuring ISDN BRI
#isdn switch-type ? Tons of proprietary switch types #interface typicaly bri0, or something like that. #encap ppp ppp is method used to setup isdn phone calls #isdn spid1 #isdn spid2
Configuring ISDN PRI
#controller typicaly something like #controller T1 1/0 #framing efs sets Extended Super Framing, this is normal for T1/ PRI line #linecode b8zs line-conding mechanism to assist with timing by preventing strings of zeros #pri-group timeslots sets number of timeslots
Access lists:
Basics:
1. Access lists must be created, then applied to an interface 2. Access lists can filter incoming or outgoing from an interface
3. Packets are compared only until a match is made 4. Packets that do not meet any criteria on the list are discarded
Wildcard maSKINg:
Nifty, acts like a reverse subnet mask: Example: 0.0.0.255 would wildcard all hosts on class C network 0.0.0.0 would indicate no wildcarding keywords: host: 0.0.0.0 : just specified host any: 255.255.255.255: absolutely anything * when using keyword it comes before IP address, when using mask it comes after! !!!
List number scheme
List number range & meaning 1-99 - ip standard list 100-199 - ip extended access list 800-899 - ipx standard 900-999 - ipx extended access list 1000-1099 - IPX SAP access list
IP access list creation #access-list [ >]
IP extended access list #access-list > source and destination can be masked port can be 'eq' for equal, 'neq' not equal, 'log' logged, or assorte d other things port can also be keyworeded: www, smtp, finger, ftp, telnet, etc?.
Ipx access list #access-list ion network number> no wildcarding needed with ipx -1 is used to indicate 'any network address'
extended ipx access lists #access-list -1 still indicates 'any' for socket or source address
IPX SAP access lists #Access-list service type is numeric value
Applying Access list to Interface #interface #ip access-group
Monitoring:
#show access-list shows the lists and how many matches for each line #clear access-list counters clears statistics
Logging:
Keyword log can be placed at the end of extended access lists, and inf o will be logged to console by default, or could be re-directed to a error-log s erver Logs include: access list number, source and destination port/address and number of packets.
Displaying access list info
#Show ip interface displays which list is enabled for the interface, both incoming and o utgoing #show running-config shows just about everything?including details of what makes up each
access-list
CISCO Things:
Startup sequence
Bootstrap from Rom Cisco IOS from Flash From tftp From Rom Configuration File from NVRAM From tftp server From console
Editing commands
Toggle on/off: Terminal editing / terminal no editing Control + A move to beginning of line E end F forward B back P previous N most recent Show history Terminal history size set buffer size Arrow keys also work to edit and scroll through buffer
Passwords Enable secret: one-way crypto password, has priority over 'normal' en able password #config terminal #enable secret Enable password: password to switch to priv mode #config terminal #enable password Virtual terminal password: password to allow telnet into router #config terminal #line vty 0 #login #password
Banner #banner motd yadda, yadda, yadda
Hostname #config t #hostname
hostname resolution
#ip host this acts like a host file to allow static name resolution #show hosts displays configured hosts / ip addresses
#ip domain-lookup #ip name-server to configure DNS, use the 2 commands above. You can have up to 6 dns
addresses #no ip domain-lookup disable dns lookkup
Interface Naming
1. S Serial 2. E Ethernet 3. T TokenRing 4. F Fiddi
Number as card/port or for 7000 series as VIP card/port (from 0) /in terface (from 0)
Static Routing for IP
Config with: #Ip route [distance]
Display with: #Show ip route #Show ip route static
Remove ip routes with: #No ip route
Default route / route of last resort : (set network and mask to all 0s) #Ip route 0.0.0.0 0.0.0.0
IP classless:
With IP classless 'on' packets are forward on a best-guess directly co nnected network instead of having them dropped. - this is used with default routes
Testing:
#ping works with IP, ipx, appletalk, apollo, vines, and decnet #ping extended ping: works with ip, appletalk, and ipx to provide much mo re info #trace works with: ip, appletalk, clns, oldvines (cisco), vines (banyan).
- remember that TCP is not on any of these lists? nbsp;it is a higher-le vel protocol.
Subinterfaces:
How to bind multiple conflicting commands to 1 interface?nbsp;use subin terfaces.
Syntax is to place a period, then a integer after the device name.
Example: #int e0.100
Configuring Dynamic Routing for IP
RIP:
#router rip #network -optional #passive lets you run rip without advertising connection -optional #neighbor lets info go over non-broadcast media (like WAN links) -optional #debug ip rip or undebug ip rip This shows all updates to the console (sent or received advertiseme nts) -optional #no router rip Disables rip routing
IGRP
#router igrp turns on igrp and allows setting of AS number #network -optional #debug ip igrp events #undebug ip igrp events logs to console when/what events are done -optional#debug ip igrp transactions #undebug ip igrp transactions
detailed log to console of what happens in each event
Display routing info:
#show ip route This displays all routes on the router, including how the route was 'learned' R = rip, C = connected, S = static, I = igrp, o = ospf, etc
#show ip route displays routes 'learned' from specified protocol only
#show ip protocol displays protocol and detailed info on timing, sources of info, fil ters, etc.
#show ip interface shows all lots of info on all interfaces
#show ip interface shows info specific to the interface
IPX configuration
#ipx routing to enable ipx routing
#interface select an interface before providing specifc info for configuring ip x
#ipx network [encapsulation ] [secondary] ?nbsp;secondary indicates if more than one encapsulation type is used on 1
interface, recomened to use sub-interfaces
Table of info for configuring encapsulation types
interface type frame type keyword ethernet 802.3 novell-ether (default) 802.2 sap ethernet_II arpa ethernet_snap snap token ring token-ring sap (default) token-ring_snap snap fddi fddi_snap snap (default) 802.2 sap fddi_raw novell-fddi
Show IPX servers
#show ipx servers this displays the contents of the SAP, listing all servers and servi ces
show IPX route
#show IPX route shows the IPX routing table
#ipx maximum paths <2-512> enable multiple paths to 1 destination
#show ipx traffic generates traffic statistics on ipx network usage
#show ipx interface detailed info on specific interface
#debug ipx lots of debug information available
Sources for IOS software:
Flash Memory Default and normally good idea #show flash lists all versions stored in flash, but does not specify which is r unning #show version specifies which version of IOS you are running currently
Tftp server
Somewhat menu driven way to store and retrieve information to/from tftp server #copy flash tftp ets you backup your ios saved in flash #copy tftp flash -lets you download new versions or restore over b ad versions
tftp to backup / restore config info #copy tftp running-config #copy running-config tftp
Configuring fallback sources for IOS software #boot system flash to boot from flash #boot system tftp to boot from remote tftp server #boot system rom to boot from hard-coded ios version, this is a 'last resort' kinda thing to do
IOS Commands that have little to do with routing
#show version os version, uptime, how it was last started up, where ios was loade d from
