COMPLETE Project on Networking

7/21/2019 COMPLETE Project on Networking

http://slidepdf.com/reader/full/complete-project-on-networking-56d9728fea6ca 1/166

www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/

SWAMI PARMANAND COLLEGE OFENGINEERING & TECHNOLOGYSIX MONTHS INDUSTRIAL TRAINING REPORTON

NETWORKING (MCSE & CCNA)AT

JETKINGSEC 34 , CHANDIGARHSUBMITTED AS A PART OF COURSE CURRICULUM

BACHELOR OF TECHNOLOGYIN

ELECTRONICS & COMMUNICATION ENGINEERINGUnder the Guidance ofMr. Baljit singhMr. Inder GulatiSubmitted To:Er. Harpreet Kaur (HOD)

Submitted By:Saroj Dogra

(697041917)

DEPARTMENT OF ELECTRONICS &COMMUNICATION ENGINEERINGSWAMI PAMANAND COLLEGE OF ENGINEERING &TECHNOLOGY, DERA BASSI, MOHALI

ACKNOWLEDGEMENT




I feel deeply indedted to Mr. Baljit Singh, Microsoft trainer who delivered valuablelesson on MCSE, his indepth knowledge about the subject helped me understand thesubject in better way. His method of teaching the minute details helped me a lot toacquire the insight into the subject.I am also grateful to Mr. Inder Gulati, CCNA trainer for giving best knowledge aboutCCNA.the way he instilled knowledge of the subject was undoubtly praise worthy andvaluable.I am also thankful to Jetking institution as a whole that is doing yeoman's service byteaching the learner avreast with the computer , networking and hardware knowledge thatis the need of the day.I will be failing in my duty if I do not acknowledge my husband Mr. Nardev Singh Ranawho always stood by my side during my studies. I am indepted to my son's AnirudhRana and Romil Rana who never clamed my time and get bore by my long absence rathersilent.

Last but not the least, I thank all my classmates at Jetking for extending kindco-operation.

SAROJ DOGRA

List of Figures




Figure No.

Name of Figure

Page No.

1

Computer network

6

2

Local Area Nework

9

3

LAN Classification

9

4

Campus Area Network

10

5

Metropolitan Area Network

11

6

To find location of a computer using FQDN

24

7

Tree structure

25

8

Structure of domain forest and domain tree

36

9

Multi-Master Mode



37

10

Parent child relationship model

40

11

Direct Sharing Scenario

43

12

ICS scenario

44

13

Scenario of win proxy server

45

14

NAT Server

46

15

VPN server

48

16

LAN routing

52

17

Static routing

53




18

Architecture of router

60

19

Variable Subnet Mask

75

20

Scenario of Telnet

76

21

Scenario of Static Routing

81

22

Routing table

86

23

Routing table of covered networks

86

24

Routing loops

87

25

OSPF Scenario

99

26

VLAN Operation105

27

VTP Configuration

110



28

VTP Pruning

111

29

IEEE 802.11 Standard

114

List of tables




Table No.

Name of table

Page No.

1

Difference between Workgroup & Domain

7

2

Comparison between IPv4 and IPv6

12

3

Address Classes

13

4

Category and Speed of UTP cables

17

5

Colour Coding for straight Cable

18

6

Colour Coding for Crossover cable

19

7

Colour Coding for Rollover Cable

20

8

Operating Systems

21

9

Difference between Workgroup and Domain



34

10

Exchange Server with different operating systems

56

11

Router interfaces and connectors

62

12

Router Ports

63

13

Default address mask in binary & dotted decimals

71

14

Decimal and Binary values of subnet mask

72

15

Subnet mask, valid hosts, broadcast address

74

16

Routing table

86

17

Difference between RIPV1 & RIPV2

90

18

Difference between IGRP and RIP

91

CONTENTS




Sr. No.

Topic

1

INTRODUCTIONCompany ProfileLITERATURE RIEVIEWNETWORKING

1.1233.1

6

3.1.1 Models of Networking

6

3.1.2 Categories of network

812

3.2.2 MAC Addressing

15

NETWORKING MEDIAEthernet Cabling

3.4 OPERATING SYSTEM

3.4.1 Types of Operating SystemsDNS SERVER3.5.1

PARTS OF DNS SYSTEM

3.5.2 DNS Zone3.6 DHCP SERVER

3.7

3.8

12

3.2.1 IPAddressClasses

3.3.1

3.5

11



56

Introduction to networking

3.2 IP ADDRESSES and MAC Addresses

3.3

Page No.

1517202022232628

3.6.1 Working of DHCP Server

29

3.6.2 InstallationStepsofDHCPServer

31

ACTIVE DIRECTORY

33

3.7.1ActiveDirectoryServices

34

3.7.2

40

CHILD DOMAIN

INTERNET SHAREING

42




3.8.1 Direct Sharing

42

3.8.2 ICS (Internet Connection Sharing)

43

3.8.3 Win Proxy Server

45

3.8.4 NAT (Network Address Translation)

45

3.9 VIRTUAL PRIVATE NETWORK (VPN)3.9.1

VPN components

48

3.9.2

Types of VPN

49

3.10 ROUTING3.10.1

51Types of Routing

3.11 EXCHANGE SERVER

5156

3.11.1 Elements of Exchange Server

56

3.11.2

Exchange Version

56

3.11.3

Requirements for Exchange Server

57

3.12 Open System Interconnection (OSI) Model3.12.1 Description of Different Layers



3.13 ROUTERS

3.14

47

575860

3.13.1 Router Architecture and its Key Component

60

3.13.2 Router Interfaces & Ports3.13.3 Modes of Router

6263

3.13.4 Configuring Password

65

3.13.5 Managing Configuration

66

SUBNETTING3.14.1

Advantages of subnetting

3.14.2 Types of Subnetting3.15 TELNET

70

707375




3.15.1 To Access the Device Remotely

75

3.15.2 Commands to assign IP addresses to the interfaces 763.16 ROUTING

79

3.16.1 TYPES OF ROUTING

79

3.16.2 Routing Protocol Basics

84

3.1.3 R IP (Routing Information Protocol)

88

3.1.4

91

IGRP ( Interior Gateway Protocol)

3.1.5 EIGRP(Enhanced Interior Routing Protocol)

93

3.1.6 OSPF (Open Shortest Path First)

95

3.17 LAN SWITCHING

100

3.17.1 SWITCH

3.18

100

3.17.1.1

VLAN (Virtual LAN)

103

3.17.1.2

Vlan Trunking Protocol (VTP)

108

Wi-Fi (WIRELESS FIDELITY)



113

3.18.1 Wireless LAN

113

3.18.2 Wireless Standards

114

3.18.3

115

Wireless Security

4

CONCLUSION

117

5

REFRENCES

118




1. INTRODUCTIONThis project report pertains to six months industrial training that I had underwentat JETKING, Chandigarh as part of curriculum of degree in Bachelor of technology inElectronics and Communication engineering as required by Swami Parmanand College ofengineering and technology (affiliated to Punjab Technical University, Jalandhar) .I learnt a lot from professional managers and skilled engineers. I had a greatlearning experience as trainee in this firm. I learnt a lot about how differentnetworks arecontrolled in the industry or any department with the help of networking processes, underMCSE and CCNA.I have learnt about different type of servers like DHCP Server, DNS Server, NATServer. Also I have learnt how to control the LAN and MAN networks under MCSE(Microsoft Certified System Engineers) and how to control MAN and WAN networksunder CCNA (CISCO Certified System Engineers).Justification cannot be done to whatever I have learnt in these six months within afew pages but I have still tried my best to cover as much as possible in this re

port. In thisreport I have tried to sum up the technical knowledge I have gained in my six months oftraining.

1.1

Company ProfileJetking is an organization came into establishment in1947. Jetking is India's

number one Computer Hardware and Networking Institute.

Birth and Evolution

It took a lot of failure before mankind tasted technological success. Jetking evolved intune with the changing face of technology. During 55 years in the field of electronictechnology. Jetking successfully trained thousands of students to overcome failure forhigh paying careers.




1947

Birth

1962

Pioneered ªDo-It-Yourself Kitsº in India

1972

Introduced Asia- 72, Fairchild and Wildcat transistors

1986

Became a Public Limited Company and also introducedentertainment electronics product-T.V sets, Two-in-ones andamplifiers.

1990

Launched Jetking School of Electronics Technology

1993

Network of Jetking training centers spread all over India

1994

Opening of Jetking, Chandigarh

1995

Tie-up with Heath kit Educational System (U.S.A.)

1996

Introduced advanced courses on Pentium, Notebooks, Modems,Email/Internet, LAN 4.X

1997

Novell Education Academic Partner

1998

Representative for International Correspondence School (ICS),USA in India

1999

Added cyber technology to the curriculum

2003

ISO 9001-2000 company and Authorized Microsoft online testingcentre (VUE) for MS, CISCO, MCSA, MCSE, CCNA, A+ etc.

Mr. Suresh G. Bharwani is the CHAIRMAN and MANAGING Director of



Jetking Infotrain Ltd. India's leading Computer Hardware and Networking Institute. Withthe vision to promote and the conviction to deliver the widespread propagation of computer hardware and networking education across the nation, Mr. Bharwani was the first toset up an training institute offering innovative courses in computer hardware in 1990.Jetking's core competency lies in providing complete training and developing hardwareengineers and professionals with sound technical knowledge. It focuses on the overalldevelopment of personality of an individual with emphasis on personality development,presentation and communication skills, leadership skills etc.Jetking has established more than 125 operational centers and 250 faculties acrossthe country and has trained over 3,50,000 students who have move onto the crave




success- full career. With its alumni placed in the best of organizations in India and someabroad,Jetking,s vocational training and placement promises has helped build the careerprospects of many young boys and girls.The company has been awarded the ISO 9000:2000 certification in 2003.Thecompany has been awarded the ª Maharashtra IT Awardº for a key role in manpoweractivities in year 2006-07,it was felicitated with Franchise Award as Best Franchisor forthe year 2007-08.Also,ranked 4th in the list of 26th hot franchises as per outlook moneymagazine.Mr. Suresh Bharwani was awarded with ªPike's Peak Awardº by the Bob PikeGroup USA for effective implementing smart lab plus for making technical training fun,faster and easier for non- technical person.Across all the sectors, industries are upgrading their information technologysystem. Industries ranging from plastics, chemicals, textiles and power to the automotiveand telecom sector are now IT savy. Government and public sectors are going hi-techwith EDI and computer networks. The IT industry, software companies, data center

s, ITenabled services providers are all equipped with advance IT system and networks. Theincreasing number of call centers, BPO's etc., have given a further boost to the hardwareand networking industry.The courses in jetking comprises lecture and theory session, with a great focusonactive participation through smart lab plus ,that focuses on audio visual and learning withhands-on training and equips students with an in depth domain knowledge that istechnical; it also equips students with soft skills ,to face the multi-faceted challenges ofcorporate world.

PLACEMENT: Jetking is the first and only institute that promises the 100%jobs guarantee to its students. The companies that have recruited jetkings studentsinclude:Samsung, Sun Micro system, IBM, Canon, Siement, reliance, TATA, Compaq HPinvent, IT-T solutions, Videsh Sanchar Nigam Limited, D-Link, Novell, Dell, Wipro, LG,ICIC Infotech and several other MNCs.




Any student who has qualified his or her HSC/SSC examination is eligible to takeup a course at jetking. The one year program Jetking certified hardware and networkingprofessionals give 680 hours of in-depth knowledge to a student in Basic electronics andcomputer applications. Computer hardware and peripherals, window 2003 administratorand network administrator (soon it will be replaced with window server 2008).Apartframe technical knowledge there are personality development sessions which groom thestudent's personality, their ability to perform better.Jetking, India's leading hardware and networking training institute has trainedover 3,00,000 students from its 125 centers spread across India. With its alumni placed inthe best of organizations in India and some abroad, Jetking vocational trainingandplacement promises has helped build the career prospects of many young boys andgirls.Jetking has partnered with some of the worlds most renowed names in networkingto provide you with cutting edge courses and technologies. With academic partnerships

with Microsoft, Comp TIA,LINUX, NOVELL, and person VUE .Jetking Chandigarh is a division of Hi-Tech point. Hi-Tech point is an ISO 90012000 IT company. It was established in year 1993 and run by a company of ITprofessionals. Jetking Chandigarh branch is considered to be the best centre among allcenters. It has bagged number 1 center award consecutively for last 7 years. Here trainingon various fields is going on like Basic Electronic, Hardware, Networking, JCHNPAnalog and Digital electronics and Hardware, RHCE, RHCSS, MNA, MCSE (MicrosoftSystem Engineers), MCITP, MNA, CCNA (CISCO Certified Network Associate),CCNP(CISCO Certified Network Professional).Partnership with industry leaders like Microsoft and Red Hat Jetking ensure itsstudents authentic courseware and technology.




2.

LITERATURE RIEVIEW

Computer Networking is a very vast project in the present developing era of electronicsand communication. Now a days, computers are used in a wider range. All theorganizations are using multiple computers within their departments to perform their dayto day work. Computer network allows the user to share data , share folders andfiles withother users connected in a network. Computer Networking has bound the world in a verysmall area with it wide networking processes like LAN, MAN, WAN.The courses in jetking comprises lecture and theory session, with a great focuson activeparticipation through smart lab plus ,that focuses on audio visual and learningwithhands-on training and equips students with an in depth domain knowledge that istechnical; it also equips students with soft skills ,to face the multi-faceted challenges ofcorporate world.




3. NETWORKING3.1

Introduction to networkingNetworking is a practice of linking of two or more computing devices such as

PCs, printers, faxes etc., with each other Connection between two devices is throughphysical media or logical media to share information, data and resources. Networks aremade with the hardware and software.

Cable/media

Fig 1: computer network

3.1.1 Models of NetworkingModel means the connectivity of two computers. We have many types ofnetworking models.(i)

Client ± Server Model

(ii)

Peer to Peer Model (Workgroup Model)

(iii)

Domain Model




(i)

Client ±Server ModelIn a Client server model we have one server and many clients. A Client can share

the resources of server, but a server cannot share the resources on clients.On the point of view of administrator it's very easy to control the networkbecause we combine with the server also at security point of view. It is very usefulbecause it uses user level security in which users have to remember only one password toshare the resources.(ii) Peer to Peer Model (Workgroup Model)In Peer to Peer networking model all computers are in equal status, that is wecannot manage centralization, administration secutity. In Peer to Perr networking clientuse operating system like Window 98, Window XP, Window 2000, Window Vista.(iii) Domain ModelIt is a mixture of client server and peer-to-peer model. In this clients can sharetheir resources as peer-to-peer but with the permission of the server as in client server

model therefore it is commonly used model because in this security is more as we can putrestriction on both server and clients.

Difference between Workgroup & DomainTable 1Workgroup

1. It is a peer to peer networking model.

Domain

1. It is a server based networking model.

2. There is no client and no server. All the 2. There is a centralized dedicated servercomputers are in equal status.

computer called domain controller which




controls all other computers called clients.3. This model is recommended for small 3. This model is recommended for largenetworks, upto 10 computers.

networks.

4. There is no centralized administrated 4. There is centralized administrationandseparately.

each PC can be administrated and managedfrom the server.

5. In this model, low grade OS like 5. in this model high grade OS like WIN2000/XP professional, WIN 98 etc. can be 2000/2003 Server can be used.used.6. Users accounts are created in each PC 6. Users accounts are created on the serverand are called as Local Users.

side and are called Domain Users.

3.1.2 Categories of networkNetworks can be categorized as per geographical area to be covered by thenetwork. Computer network are divided into four categories includes: Local AreaNetwork (LAN), Campus Area Network (CAN), Metropolitan Area Network (MAN) andWide Area Network (WAN).3.1.2.1

Local Area Network (LAN)LAN is a computer network that is used to connect computers and work station toshare data and resources such as printers or faxes. LAN is restricted to a smallarea such as home, office or college. Devices used in LAN are : HUB and switch.Media for LAN is UTP cables. Figure 1.2 shows how all work stations, server andprinter are interconnected with the help of the network device.




Fig 2: Local Area NetworkTypes of LANIn LANs, data can be transferred using techniques like token passing. As pertechniques used for data sharing, LANS are classified into Ethernet, Token Bus,TokenRing and Fiber Distributed Data Interface (FDDI).Figure 3.3 shows LAN classification.

Fig 3: LAN classification




Advantages of LANa). Provides communication in smaller networks, easy to install and configure.b). many users can share data or network elements at the same time which resultsin fast work.Disadvantages of LANa). limited number of computers are connected in a LAN.b). LAN cannot cover large area.c). Network performance degrades as the number of users exceeds.

3.1.2.2 Campus Area Network (CAN)Campus Area Network is a computer network made up of two or more LANswithin a limited area. It can cover many buildings in an area. The main featureofCAN is that all of the computers which are connected together have somerelationship to each other e.g. different buildings in a campus can be connectedusing different CAN. It will help to interconnect academic departments, libraryand computer laboratories. CAN is larger than LAN but smaller than WAN.Figure 3.4 shows a CAN network.

Fig 4: Campus Area NetworkDevices used in CAN are : HUB, Switch, Layer-3 switch, Access Point .And the media

used for CAN is Unshielded twisted pair of cables and Fiber Optics Cable.




3.1.2.3

Metropolitan Area Network (MAN)

MAN is the interconnection of networks in a city. MAN is not owned by a singleorganization. It act as a high speed network to allow sharing resources with inacity. MAN can also be formed by connecting remote LANs through telephonelines or radio links. MAN supports data and voice transmission. The best exampleof MAN is cable T.V network in a city.

Fig 5 : Metropolitan Area Network

3.1.2.4

Wide Area Network (WAN)WAN covers a wide geographical area which include multiple computers or

LANs. It connects computer networks through public networks like, telephone system,microwave, satellite link or leased line.Most of the WANs use leased lines for internet access as they provide faster dat

a transfer.WAN helps an organization to establish network between all its departments and officeslocated in the same or different cities. It also enables communication between theorganization and rest world.Devices used in WAN is only Router




3.2 IP ADDRESSES and MAC AddressesIt is also called as logical addresses. IP is a 32 bit long and it is divided into 4octets and dot (.) is used to separate one octet from another. It is represented in theform of decimals. There are two versions of IP addresses:-

IPv4

-

IPv6Table 2

Comparison between IPv4 and IPv6

IPv4

IPv6

-

It is 32 bit long.

-

It is 128 bit long.

-

It is divided into 4 octets.

-

It is divided into 16 octets.

-

Ipv4 performs broadcasting,

-

IPv6

-

doesn't

it

support

multicasting and unicasting.

broadcasting,

performs



IPv4 is divided into 5 classes:

multicasting and unicasting.

A to E.

-

Ipv6 doesn't support classes.

IPv4 is in decimal form.

-

IPv6 is in hexadecimal form.

3.2.1 IP Address ClassesIP address is a 32 bit address. It is divided into various classes namely ClassA, ClassB, Class C, Class D and Class E. TCP/IP defines Class D for experimental purpose.TCP /IP address contains two addresses embedded within one IP address; Networkaddress and host address as shown in figure 3.1

NETWORK

HOST ADDRESS

ADDRESS0 bits

31 bits




Class A consists of 8-bit network ID and 24-bit host ID. Class B consists of 16bit network ID and 16-bit of host ID. And Class C consists of 24-bit of networkID and 8-bit of host ID.Address ClassesTable 3: Address ClassesAddres

Starting

Range of First Mask Value

s

Bits

Octet

Class

(first-byte)

Class A 0

1to 127

255.0.0.0

Valid Hosts

256*256*256-2=16,777,214

Class B

10

128 to 191

255.255.0.0

Class C

110

192 to 223

255.255.255.0 256-2

Class D 1110

224 to 239

Reserved for multicasting

Class E

240 to 255



Reserved

1111

development`

256*256-2=65,534

for

research

and






Dynamic Host Configuration Protocol. The DHCP grants IP address to the computeronlease basis.Static IP AddressesStatic IP addresses are assigned to the device on the network whose existence inthe network remains for a longer duration. These static IP addresses are semi-permanentIP addresses which remain allocated to a specific device for longer time e.g. Server.

3.2.1.2 How to Configure IP Address in window 2003·

Right click on My Network Places- properties

·

right click on working LAN card- properties

·

select internet protocol (TCP/IP) -properties

·

Tick on- Use the following IP addresses - now fill the IP address e.g10.0.0.1

·

Tick on ±Use the following DNS server address

·

Fill the preferred DNS server ± 10.0.0.1

·

Ok

·

Close

Now check the connectivity of computer with itself with commandStart-run-cmd-ping 10.0.0.1

3.2.2 MAC Addressing

MAC address is a hardware address that is embedded in the NIC card. It is also knownas hardware address or physical address. Every NIC card has a unique MAC addressassigned by IEEE. MAC address is used to identify the nodes at lower levels of OSImodel. The MAC address operates at the data link layer of the OSI model.MAC address is a 12 digit hexadecimal number (48 bit address). It is made up ofnumbers from 0-9 or a letter from A-F. MAC address can be written in any one oftheformats:



►

MM:MM:MM:SS:SS:SS




►

MM:MM:MM:SS:SS:SS

T o identify the MAC address in window:·

Click Start ®Run

·

Enter cmd in the Open text book

·

Type ipconfig /all

·

Press Enter

The 12 digit MAC address will be shown as say 00:11:11:EA:8D:F6

3.3

NETWORKING MEDIA

To do networking we need to use some type of media. There are many types of media.(i)

Coaxial Cable

(ii)

Fiber optic cable

(iii)

Twisted Pair of Cables

(iv)

Micro- wave

(iv)

Satellite

Coaxial CableCoaxial cable consists of an insulated copper conductor surrounded by a tubeshaped copper braid outer copper tune and the inner conductor have the same axis ofcurvature hence it called coaxial cable. It is basically of two types:(i)

Base Band Cable (RG ± 59)



(ii)

Broad Band Cable (RG ± 58)

We used Base Band signal cable in Networking of Computers, It is so called becauseit carries single frequency. Its speed is 10 Mbps and impedance is 50 W.

here asBroad




Band Cables carries multiple frequencies. Connector used for Coaxial cable isBNC(British Novel Connector) connector. ARCnet uses RG-62 coaxial cable. It hasanimpedance of 93 W and has a comparatively lesser attenuation, hence yield greaterdistances. These cables are expensive and provide high propagation factor.

Fiber Optical CableFiber optic cable consists of a very fine fiber made from two types of glass, one for theinner core and the other for the outer layer. Here signal is transmitted in theform of light.Different varieties of fiber optics is used depending on the size of the network. Singlemode fiber optics is used for networks spanning longer distance. Fiber Optics has lowerpropagation factor than coaxial cable. It is a costly but more secure transmission media.Twisted Pair CableThere are two wires, which are twisted with each other to avoid EMI (ElectroMagnetic Induction).these cables are easy to terminate. However they have a slightlyhigher value of attenuation value and hence have limited distance covering capac

ity.Connector used for Twisted Pair of Cable is (Registered Jack) RJ-45 and RJ-11. Thereare two types of twisted pair of cables:·

STP (Shielded Twisted Pair):In this an extra wire which is called shielded wire is wrapped over the inner

cover which holds copper in pairs. This protection is used to protect signal fromexternal noise.·

UTP (Unshielded Twisted Pair)In this type of wire no shielded cover is there for extra protection from noise.There are different categories of UTP cables:

Categories of UTP CablesTable 4: Category and Speed of UTP cables





1Gbps1Gbps




568A

568B

(one end)

(other end)

(one end)

Green/white

Green/white

Orange/white

Orange/white

Green

Green

Orange

Orange

Orange/white

Orange/white

Green/white

Green/white

Blue

Blue

Blue

Blue

Blue/white

Blue/white

Blue/white

Blue/white

Orange

Orange

Green

Green



Brown/white

Brown/white

Brown/white

Brown/white

Brown

Brown

Brown

Brown

3.3.1.2 Crossover CableIt is used when we have to connect:·

PC to PC

·

Hub to Hub

·

Switch to switch

·

Router to Router

·

PC to Router

·

Hub to Switch

Colour Coding for Crossover cableTable 6 Colour Coding for Crossover cable

(one end)

(other end)

(other end)




Orange/white

Green/white

Orange

Green

Green/white

Orange/white

Blue

Blue

Blue/white

Blue/white

Green

Green

Brown/white

Brown/white

Brown

Brown

3.3.1.3 Rollover CableRollover cable isn't used to connect any Ethernet connections together, butRollover cable can be used to connect a host to a router console serial communic

ation(com) port.NOTE: Straight cable and Cross cables are used for data transfer but Rollovercables are not used for data transfer.There are two methods for manufacturing Rollover cables:

Table 7 Colour Coding for Rollover Cable

568A(one end)

568B(other end)

(one end)

(other end)





Green/white

Brown

Orange/white

3.4 OPERATING SYSTEM3.4.1 Types of Operating Systems(i) DOS (Desktop Operating System)

(ii) NOS (Network Operating System)

Table 8: Operating SystemsDOS

NOS

1. It is a desktop operating system.

1. It is a network operating system.

2. It is used in small networks.

2. It is used for large networks.

3. In this OS, there is less security.

3. In this OS, there is more security.

4. In this OS, all computers are clients.

4. In this OS, there are servers and

5. In this OS, MS-DOS, GUI package clients.

in3.1,

in 95,

in 98,

in ME comes.

5. In this OS

in NT,

in 2000,

in2003, LINUX, UNIX, Novell andMAC comes.

3.4.1.1 Introduction to

indow 2003 Server




indow server 2003 (also referred to as

IN 2k3) is a server operating system producedby Microsoft. Introduced in 24th April 2003 as the successor to window 2000 server, it isconsidered by Microsoft to be the corner stone of its window server system lineofbusiness server products. An update version

indow Server 2003 R2 was releasedmanufacturing on 6th dec, 2005. its successor window 2008 was released on 4th feb, 2008.According to Microsoft, window server 2003 is more scalable and deliver betterperformance than its predecessor window 2000.Features of

indow 2003(i)

A significant improved version of Internet Information Service (IIS)

(ii)

Increased default security over previous version due to the built in firewalland having most services disabled by default.

(iii)

Manage your server-a role management administrative tools that allow anadministrator to choose what functionality the server should provide.

(iv)

Improvement to Active Directory.

(v)

Improvement to Group Policy handling and Administration.

(vi)

Provides a Backup system to restore lost files.

(vii)

Improved disk management, including the ability to Backup from shadows offiles, allowing the Backup of open files.

(viii)

Improved security and command line tools which are part of Microsoftinitiative to bring a complete command shell to the next version of window.

(ix)

Support for a hard based ª

atch Dog Timerº, which can restart the server ifthe operating system does not suspend with in a certain amount of time.

Removed Features·

The ability of creating server disk automated system recovery (ASR) is usedinstead .



Edition of

indow 2003

indow server 2003 comes in a number of editions, each targeted towards aparticular size and type of business. In general, all variant of window server 2003






(iii)

FQDN

(iv)

Namespace

(v)

DNS server

3.5.1.1 HOST NAMEHost name is a computer name and is also called is NetBIOS (network basicInput/ output system) name. NetBIOS is actually an application layer protocol that canuse the transport services of TCP/ IP when used in routed network. A NetBIOS name is16- byte addresses that identify a NetBIOS resource on the network.3.5.1.2 DOMAIN NAMEDomain name is used to identifies the internet site one can identifies the location

without having to remember the IP address of every location e.g. yahoo.com orgmail.com

3.5.1.3 FQDFQDN means fully qualified domain name which represents a hostname appended to theparent name space in hierarchy. Also in fully qualified domain name different levels ofnamespace are visualize as in fig below this hierarchy is visualized─ the root levelnamespace, top─ level domain, and so on, in use throughout the internet today. Left mostportion of the FQDN is the host portion of the name. A host name is alias we giv

e to anIP address.






fully qualified domain names. This root domain is designated with a dot (.). Fig 6.2shows the tree structure or domain namespace.

Fig 7: Tree structure or Domain Namespace3.5.1.5 DNS serverAny computer providing domain namespace is a DNS server. DNS server is used toconvert host name FQDN into IP address and IP address into host name FQDN. To storethe name-to-IP-addresses mappings so crucial to network communication, name serveruses zone files.




3.5.2 DNS ZoneZone is the part of DNS database that contain record of domain or multiple domain.If the domains represents logical division of the DNS namespace, zones represents thephysical separation of the DNS namespace. In other words information about records ofthe resources within DNS domain is stored in a zone files, and this zone files exist onhard drive of server. Zone files are divided into one of two basic types:

3.5.2.1

·

Forward lookup zone: Provides host-name-to-IP-address resolution

·

Reverse lookup zone: Provides IP-address-to-host-name resolution

Resource record stored in a zone file

Each record stored in a zone file has a specific purpose. Some of the records set thebehavior of the name server, others have the job of resolving a host name or service intoan IP table.(i)

NS (Name Server):These specify the name servers that are authoritative for a given portion

of DNS namespace. These records are essential when DNS servers are performingiterative queries to perform name resolution.

(ii)

SOA (Start of Authority):This resource record indicates the name of origin for the zone contains the name

of the server that is the primary source for information about the zone. The information inan SOA record affect how often transfer of the zone are done between serversauthoritative for the zone. It is also used to store other properties such as versioninformation and timings that affect zone renewal or expiration.(iii)

CNAME (Canonical Name):

CNAME can be used to assign multiple names of a single IP address.




For example, the server hosting the site www.abc.com is probably not named www,but aCNAME record exist resolution of www to an IP address all the same. The CNAMErecord actually points not to an IP address, but to an existing A record in thezone.3.5.2.2 Steps to Install and configure DNS server·

Start ® control panel® add and remove program

·

Add remove window components

·

Select networking services and click on detail button

·

Check box of DNS server

·

Ok and finish

3.5.2.3 Creating a Forward Lookup Zone·

Statically fill the IP address

·

Start ®administrator tools

·

DNS® right click on forward lookup zone

·

New zone® next

·

Select primary zone® next

·

Enter zone name (abc.com)® next

·

Tick Allow both secure and non secure updates and secure dynamicupdated

·



next® next

·

now click on created zone (abc.com)

·

new host® enter host name for global level (i.e by entering www) fill IPaddress of the web server , click on add button

·

enter another host name, a blank host with same IP i.e do not fill its host name

steps to change SOA and NS records·

Right click on SOA records ® properties

·

Fill primary server e.g (www.abc.com)® responsible person




·

host master.abc.com® apply® ok

·

right click on NS records

·

click on add button® enter FQDN® www.abc.com

·

resolve® ok® apply® ok

Now go to start menu ®

ping abc.com

On Client Side ® To access DNS server fill IP address of server then use ping command

e.g

ping www.abc.com

3.5.2.3

Creating a Reverse Lookup Zone

·

Right click on reverse lookup zone

·

New zone® next® select primary zone® next

·

fill ®Network ID® next® next

·

Select allow both non secure and non secure dynamic updates

·

Finish

·

Right click on created reverse zone® new pointer

·

enter host IP number e.g (50.0.0.50)



·

enter FQDN (www.chd.com)

3.5.2.4 Some DNS Commands

(i) c:>tracert www.yahoo.comcommand is used to check the path , a data packet follow from one routerto another router.(ii) c:>nslookupcommand display the domain name with IP (works only when reverse lookupzone is set up).(iv)

c:>ipconfig /allThis command display FQDN, IP address, MAC address.

(iv) c:>ipconfig /flushdns




This command flush or clear all the information in the cache that is retrievedfrom DNS server.(v) c:>ipconfig /displaydnsDisplay the current contents or entries in the cache.(vi)

c:>ip config /registerregister any DNS name

3.6 DHCP SERVERDHCP (Dynamic Host Configuration Protocol) is a protocol that allocates IP address tocomputer on a network. DHCP centralized the management of IP address allocationandreduces human error associated with manual IP configuration. DHCP server supplies allthe necessary networking param-eters. Two things are always handed out as a part ofDHCP configuration: IP address and subnet mask. Further DHCP will frequentlyconfigure clients with optional values, such as a default gateway, DNS server address,and the address of a

indow Internet Naming Server, if one is present. Scenario

showingDHCP server IP address allocation.

3.6.1 orking of DHCP Server(i)

DHCP Scope

(ii)

DHCP Super Scope

(iii)

Exclusion IP Range

(iv)

DHCP Lease Time

(v)

IP Reservation

DHCP ScopeScope having the range of IP address for providing dynamic IP address to other

computer. A group of IP address within a scope is called as DHCP scope.DHCP Super ScopeA super scope is used to combine two or more scopes each serving different subnets, andcan make the administration of several scopes on window 2003 DHCP server moremanageable. Using super scope you can group multiple scopes as a single administrative




entity that allows the client to lease from either one.

ith this feature, a DHCP servercan:·

Support DHCP clients on a single physical network segment where multiplelogical IP networks are used.

hen more than one logical IP network is used oneach physical subnet or network, such configuration is called multinets.

·

Support DHCP clients located on the far side of DHCP and BOOTP relay agent.

·

In multinet configuration, DHCP superscope can be used to group and activateindividual scope ranges of IP addresses used on your network. In this way , aDHCP server computer can activate and provide leases from more than one scopeto clients on a single physical network.

Exclusion IP rangeIf you want to reserve some IP for any computer i.e if we want that from the ser

ies of192.168.0.2 to 192.168.0.100 if we want that a series of IP addresses must not beassigned automatically then at can be done using exclusive IP range.DHCP Leased TimeDHCP lease time is validity of IP address. By default DHCP lease time is 8 daysminimum,1 day maximum 999 days, 23 hours to53 day. ith in 8 days:After 80% of day clients demand new IP some times server refuse the client request.After 87.5% of days it will retry, and if the server did not give the new IP address thenthe client will receive APIPA address (Automatic Private IP Address).

hen a DHCP client is unable to locate a DHCP server, the client picks out a ran

dom IPaddress from the private APIPA address range of 169.254.*.*, with a subnet maskof255.255.0.0. The 169.254.*.* IP range is private because that network number isnot inuse on the internet, it is random because the client generates an arbitrary host number forthat network.The significance of APIPA is that DHCP client computers that cannot find aDHCP server can still be assigned an IP address and communicate with other computerson the same subnet mask that also cannot find DHCP server. It allows communication









·

Select DHCP relay agent

·

New interface

·

Select LAN card which is to be connected to the cross cable i.e L1

·

Ok




·

Right click on relay agent ® properties

·

Enter IP address of DHCP server

·

add® apply® ok

3.7

ACTIVE DIRECTORY

ith the release of

indows 2000, Microsoft introduced Active Directory, a scalable,robust directory service. Active Directory is used to create server based networking.Active Directory's job is to store and make available a Directory database i.e information

about the user, its class, name, address, mails, phone numbers, location.Active Directory is a technology created by Microsoft that provides a variety ofnetwork services like Directory Services, DNS based naming and other networkinformation. Active Directory also allows administrator to assign policies, deploysoftware and apply critical updates to an organizations. Active Directory was previewedin 1999, released first with window 2000 server edition and revised to extend functionallyand improve administration in

indow 2003. Additional improvements were made in

indow server 2003 and

indow server 2008.The fundamental building block of Microsoft's Directory services continues to be adomain. A domain is logically grouping of network resources, including shares, p

rinters,groups and users accounts. The user account represents the individual to domain, andallows for different type of access and different types of tasks. Every users account isunique. It has uniqueness of the user account that allows administrator to control accessfor every member of domain.There are two types of users accounts: local account and domain account. Localaccounts are maintained in the local database of a computer and cannot be used to grantaccess to network resources. Local users are primarily used to administer a computer or

to allow several people to share a single computer that is not a member of a domain.

hereas domain users accounts are much more widely used in organizations that localuser accounts because they allow for central administration and user can log onto anycomputer in the domain. Domain users accounts are stored in Active Directory.




3.7.1 Active Directory ServicesA computer network can be divided logically into two networking models.·

orkgroup

·

Domain

Difference Between

orkgroup and DomainTable 9

orkgroup

Domain

1. It is a peer-to-peer networking 1. It is a server based networking model.model.2.there is a centralized dedicated server2. There is no client and no server. computer

called

domain

controller

(DC)which controls all other computers

All computers are in equal status.

called clients.3.This model is recommended for3. This model is recommended for large

small networks (upto 10 pcs).

networks.4. There is no centralized Administration

and

each

PC

is 4. There is centralized administration

administrated separately.

and each PC can be administrated andmanaged from the server.

5.In this model, low grade operatingsystem like 2000/xp professional, 5.In this model high grade operatingwin 98 etc can be used.

system ,like win2000/2003 server are






7 Users accounts are created in eachPC and are called as ªLocal Usersº.

7.Users accounts are created on severside DC and are called as ºDomainUsersº.

Active Directory uses domain to hold objects, each domain has security boundary.Users must authenticates to the domain in which their users account resides before theycan access resources, such as a shared folders. Active Directory also links relateddomains in a hierarchical structure and users can access resources in any of the domain inwhich their user account resides. The hierarchical structures of related domainis called atree, and all domains in the tree share the same Domain Name System (DNS) namespace.All the domains and the trees in a single organization are called a forest. Alldomains inthe forest share same schema.

3.7.1.1

Types of Domain

·

Domain Forest

·

Domain Tree

·

Organization unit

Domain ForestA forest is created when window 2k3 server computer is configured as a domaincontroller. A forest is a collection of multiple domain link together and relationshipbetween the domains.Domain TreeA domain tree is made up when there is a parent child relationship between the domainin the forest. The child domain includes the complete parent domain name. a tree is a set

of two or more domains sharing common namespace e.g we can create a parent domainand then child domain like mail.yahoo.com; where mail- child domain, yahoo- parentdomain.




Fig 8: Structure of domain forest and domain treeOrganization Unit (OU)Organization unit is the smallest unit in a domain network that can contain users,computer groups, shared folders, printers and group policy object in simple words. OUmeans department like sale department, accounts department like sales, accountsin acompany OU can be used to apply different security policies to computer and users indifferent department. OU also helps in dividing administration among differentadministrator of managing only computer and users of sales department.

3.7.1.2

Types of Domain Controller(i)

PDC : Primary domain controller

(ii)

ADC : Additional domain controller

(iii)

BDC : Backup domain controller




Primary Domain Controller (PDC)This is the first domain controller, in this domain all entries are created in it likeusers account, group policy, Organization unit etc. All FSMO role are done in PDC.

Additional Domain Controller (ADC)It is a domain network, it is important to have more than one DC so that if oneDC fails, the other DC will continue serving the client. There is also load balancing ofActive Directory Service if we have more than one DC.The first DC we create is simply called PDC and if we create an extra DC thenthat DC is known as ADC. ADC has same configuration of AD as primary domaincontroller.All domain controllers in a domain networking are masters.

e can make achange in the active directory of any domain controller and that change is replicated to allother domain controllers. Replication takes place among all the domain controllers and itis controlled automatically. If we create a user in the first domain controller, it isautomatically created in the ADC because of replication.

All the domain controllers in the domain networking are peers and this model iscalled as multi- master model .

Fig 9: Multi-Master Model

3.7.1.3 Requirements of Active Directory(i)

indow 2000/2003 server computer.

(ii)

Atleast one NTFS partition.




(iii)

Static IP address

(iv)

Atleast 1GB free hard disk space

(v)

LAN card enabled and connected to the network

(vi)

Install DNS, if not installed of Active Directory and configure it.

It should be noted that active directory cannot work without DNS.DNS isautomatically installed and configured during the Active Directory installation.

3.7.1.4 Installation of Active DirectoryFirst of all fill the static IP address, then install DNS service into it and after that

install the Active Directory·

start® run® dcpromo

·

Ok

·

elcome to active directory ® next® next

·

Select domain controller for a new domain e.g (gmail.com)

·

Next

·

Domain NETBIOS name (gmail.com)

·

Next

·

Data folder, folder new tech directory service® next (SYS VOL)

·

Next



·

Click on install and configure the DNS server on this computer to use thisDNS server as its preferred DNS server.

·

Tick on permission compatible only with window server

·

Next

·

Enter the restore mode and the password

·

next® next® finish

·

now restart computer

Command used for the removal of Active Directory




start® run® dcpromoThis command is also used to remove active directory, if after this command theactive directory is not removed then type·

start®run

·

cmd®dcpromo /forceremoval

·

Ok

How to identify Active Directory installation·

Start ® administrator toolAfter that if three options specified if come, it means that Active Directory

has been installed

─ Active Directory domain and trusts─ Active Directory sites and services─ Active Directory users and computerOpen DNS console by·

Administrator tools®DNS

·

Forward lookup zone─ msdcs.exam.edu─ start of authority (SOA)

─ name server (NS)

Now ping active directory with domain name like·

start® run® ping gmail.com

Backup of Active DirectorActive Directory backup come in use when there is some problem in active directory. Ifthere is any problem in active directory then remove it and restore the backup.·

Start® run®ntbackup®ok

·

Select advance mode and untick that is already ticked

·

Select backup






·

Selsct system state

·

Change backup path browse keep in your hardware and then send it to thepen drive

·

D:\adbackup

3.7.2 CHILD DOMAINA domain is created say ªxyz.comº. this domain is known as parent domain or theroot domain. Now ªchd.xyz.comº will be the child domain or the sub domain of xyz.com.

Fig 10 : parent-child relationship modelA child domain is created to ease administration in a very large domain network.

e cancreate the parent domain in the head office of the company and the child domain

in thebranch offices.Each branch office will have its own administrator to manage the users of thechild domain present in the branch office.A true relationship is automatically created between the parent domain and thechild domain. This means users in the child domain can access the file server of the




parent domain. Moreover users of either domain can use clients of either domainforlogging in the domain but a user can always logon only in the domain in which hisaccount resides, though he physically can use client pc of parent or client domain. Usersof either domain can logon its own domain from either side but only when it useits owndomain name. users of parent domain can communicate with child domain but he has touse its domain name for that.

3.7.2.1

Steps to create child domain

First of all install the active directory on pc1 i.e on the parent domain. Now make Tomuser on it. On pc2 create the child domain, then make users on it, user- RamBelow are the steps to cerate child domain.·

Fill the IP address in the child domain

·

Now ping to the parent domain with the domain name (xyz.com)

·

Run ®dcpromo® ok

·

next® select domain controller for a new domain

·

next® select child domain and existing domain name (mcse.com)

·

next

·

enter username, password and domain name

·

enter user parent domain name also enter child domain name

·

enter complete DNS name i.e xyz.mcse.com

·



next® next® next® next




it should be noted that parent domain can logon into child domain but on the otherhand child domain cannot logon to the parent domain. Also parent domain can applypolicies or security on the child domain.Make the client member by entering particular user with its domain name.·

First right click on My Computer

·

Properties

·

Computer name

·

Change

·

rite domain name ®okNow logoff start and then write user name - TomDomain name - mcse.com

Again logoff and check the other userStart-user name- abcDomain name ± mail.mcse.com

3.8

INTERNET SHAREING

e can share a single internet connection to multiple computers with the help of

networking or internet sharing. There are four ways to share internet.(i)

Direct sharing

(ii)

ICS ± Internet connection sharing

(iii)

in Proxy

(iv)

NAT ± Network Address Translation

3.8.1 Direct SharingInternet sharing can be done between computers directly, just by taking internetconnection directly from ISP (Internet Server provider), then it is provided toADSL



model, ADSL modem is connected to the ISP through RJ-11 connector. Then it is




connected to the switch with RJ-45 connector. Switch, further connects computers thosehave to be provided with internet connection. The scenario for direct sharing is as shownin figure:

Fig: 11: Direct Sharing ScenarioADSL modem has IP address 192.168.1.1. All the PCs are assigned with a DNS(Domain Name Server) and G

(gateway) -192.168.1.1. Also DHCP (Dynamic HostCommunication Protocol) is enabled which will provide IP addresses to the PCsautomatically.

3.8.2 ICS (Internet Connection Sharing)Internet Connection sharing provides an alternate way to provide Internet Sharing.ICS requires a server with two network interfaces, one for the private internalnetworkconfigured with IP 192.168.0.1 address and an adapter for public connection. ICSrequires two connections in order to work: one public and one private i.e. ICS server




requires two LAN cards, Internal (Private) and External (Public). Internal LAN card usesLocal LAN card (L2) and External LAN card (L1) is used by Internet. ICS is designed tobe as simple as possible. ICS works on following windows: XP, Vista, 2K3 Server, 2k3Server SP1.it doesn't work on the server in which AD+SP1 is present. The scenarioforICS is shown below:

Fig 12: ICS scenarioNote:-

hen we configure ICS then the local card detect 192.168.0.1 addressautomatically.

How to configure ICS·

Open network and sharing center

·

Network- Properties

·

Click on Manage network connections

·

Right click on LAN Card which is used for internet- Properties

·

Click on sharing

·

Enable ICS

·

Ok

·

yes




3.8.3

in Proxy Server

in Proxy is a third party software which is used for sharing internet and we canalso block the web site with the help of win proxy.

IN Proxy supports all the threeclasses A, B, C also it is supported by all operating systems. The scenario for

IN proxyis shown below:

Fig 13: scenario of win proxy serverIn win proxy as shown in the scenario above we can share internet. First of alla ADSLmodem is connected to the ISP (Internet Service Provider) by a RJ-11 connector andother end of ADSL modem is connected to the PC1 through RJ-45. Assign IP address192.168.1.1 to the ADSL modem also enable the DHCP server and set the start IPaddress of 192.168.1.2 and end IP address of 192.168.1.254. Then after ADSL modemconnect PC1, assign G

192.168.1.1 and

3.8.4 NAT (Network Address Translation)If we have to connect many computers with a single IP address then we will use N

AT.NAT exchange IP packet between local network and internet. The routing and remoteaccess server of window 2K3 server provide us with a component known as NAT. Byenabling NAT on a Server 2003 system, you allow connected users on a private system to




share a single connection to access a public network such as the internet i.e. NAT enablemultiple client computer to connect the internet through a single publicly registered IPaddress. A NAT server translate private IP address to public addresses. NAT eliminatesthe need for large number of IP addresses by mapping externally assigned IP addresses.

Fig 14: NAT server

hen deploying NAT, it is needed to configure setting on both the client sideand the server side. On the server side of NAT fill the IP address statically.

3.8.4.1 Steps to enable NAT server

.

·

Open internet ® Tools® Internet options

·

connections® LAN settings

·

untick the IP and port address

·

ok® ok® give site name

On the client side of NAT, client side is configured to obtain IP addresses

automatically and then restart the client system. Assuming NAT is used for addressassignment, the client system will receive TCP/IP information from the NAT server. Theclient information includes:·

IP address from 192.168.0.0 private addressing range




·

Subnet mask (255.255.255.0)

·

DNS server address, which would be the address of the NAT interfaceon the server.

ith the client side configured, there are few things to do on NAT server:The first step to configure NAT server is to actually install the Routing and RemoteAccess Services. To do this, start the Routing and Remote Access Service Setup

izard.·

Start® administrator tools® Routing & Remote Access

·

Right click on My Computer® right click on computer name

·

Select option Configure and enable routing & remote access

·

elcome to routing ® next® next

·

Select NAT® next

·

Select LAN card which is to be connected to internet

·

next® next

From any of the four methods of internet sharing only method is used at atime to remove the other method·

go to start® setting

·

add & remove

·

change/ remove, tick on remove.

3.9 VIRTUAL PRIVATE NET

ORK (VPN)A virtual private network is used to convert public network address to private



network. All the clients of VPN dial to public IP address of VPN server and receiveprivate IP from virtual VPN dynamic host protocol (DHCP).in VPN one can havemultiple virtual connections to a single IP address. This way ,one network cardcan hostseveral inbound connections, rather than require a modem and telephone line foreachsimultaneous remote user.




Fig 15 : scenario of VPN serverUsing VPN server we can connect many private networks to internet services i.e theremote connection.

e can create a private network through public network, we can usefirewall for security and data encryption in VPN server.

3.9.1 VPN components(i)

VPN server

(ii)

VPN Clients

(iii)

AN Option

(iv)

Security Options

VPN ServerVPN server, serve as the end points of a VPN connection. hen configuring aVPN server, you can allow access to just that server, or pass traffic through VPN serverso that the remote user gain access the resources of the entire network.VPN ClientVPN clients establish connection to VPN server. They can also be routers thatobtain the router-to-router secure connection. VPN client software is included in all themodern window operating systems, including

indow 2003 server. Router-to routerVPN connection can be made from computers running server2003 and

indows 2000




running Routing and Remote Access. Additionally, any client that support PPTP orL2TP connections can be VPN clients of a window server 2003 system.

AN OptionsThese provide the physical mechanism for passing data back and forth. Theseconnections typically include such similar network technologies such as T1or framerelay. In order for VPN connections to be successful, the VPN client and VPN servermust be connected to each other using either permanent

AN connection or by dialinginto an internet server provider (ISP).Security OptionsSince a VPN uses a network that is generally open to the public, it is importantthat the data passed over the connection remain secure. To aid with securecommunication routing and remote access supports such security measure as logonanddomain security, data encryption, smart cards, IP packet filtering and caller ID.

3.9.2 Types of VPN(i)

PPTP (Point to Point Tunneling Protocol )

(ii)

L2TP (Layer 2 Tunneling Protocol) according to CCNA.

Point to Point Tunneling Protocol (PPTP)PPTP is Microsoft's legacy protocol for supporting VPN. It was developed inconjunction with other communications companies such as Robotics as an extension tothe PPP protocol. PPTP encapsulates IP or IPX packets inside of PPP datagram's. Thismeans that you can remotely run programs that are dependent upon particular netw

orkprotocols. One of the keys to remember about PPTP is that the protocol providesencryption capabilities, making it much safer to send information over nonsecurenetworks.Layer Two Tunneling Protocol (L2TP)L2TP is a standard based encapsulation protocol with roughly the samefunctionality as a Point-to-Point Tunneling Protocol (PPTP). One of the key differences




between

indow's server 2003 implementation of L2TPand it cousin PPTP is thatL2TPis designed to run natively over IP networks only. This implementation of L2TPdoes not support native tunneling over X.25, frame relay, or ATM networks. LikePPTP,L2TPencapsulates Point-to-Point Protocol (PPP) frames, which then encapsulate IP orIPX protocols, allowing users to remotely run programs that are dependent on specificnetwork protocols . But unlike the PPTP protocol, L2TP does not provide encryption ofthe data. For data security L2TPrelies on the services of another standards- basedprotocol, IPSec.

3.9.3

How to configure VPN

·

start®administrative tools

·

Routing and Remote access

·

Right click on computer name configure and enable Routing and Remoteaccess

·

next® select remote access (dial up or VPN)

·

next® VPN® next

·

select LAN card which is connected to internet (172.15.15.50) public IP

·

disable enable security ® next

·

from a specific range of address® next®new

·

enter the required range

·



ok®next® no radius

·

next® finish

3.9.4

Create users in VPN server

·

open user properties® dial in ® allow access

·

apply® ok

3.9.5

orking on Client Side

·

Right click on My Network Places® properties

·

Double click on New Network

izard® next




·

Connect to network at my work place® next

·

Virtual private network connection® next

·

Enter company name (abc)® next

·

Enter public IP address of VPN server® next

·

Any one use ®next

·

finish

3.10

ROUTINGIt is a process of transferring information through an inter network i.e from one

network to another. Routing connect different networks having ID help in process ofrouting. The dial-in properties also allow for specific IP address to be assigned to a user.This is the only way in

indow Server 2003 that you can assign a specific IP to

a user.To assign a specific IP to a user, check the box next to assign A Static IP Address andenter a valid IP in the space provided. Static routing can also be specified asper user. Bydefining static routes, users can be limited to only specific parts of networks.In an internetwork a router must then about all the networks present in the foreffort websites, there are hardware routers like CISCO. Even win 2003 server computerconfigured as router. In simple words Router is a computer with two network cards.These two network cards, then, are attached to two different logical IP networks. The

routing table helps direct traffic that is passed through the router.Now when there is a router, also there is a routing table, there is a need toconfigure the router in order for that router to pass along traffic to the proper network.There are two ways the routing table can be built and modified: either manuallyorautomatically.

3.10.1 Types of Routing(i)



Static Routing

(ii)

Dynamic Routing




3.10.1.1 Static RoutingIn this routing information required for routing is manually entered into the routerby administrator.

How to configure LAN routing·

Enter the static IP in the router

·

Administrator tools

·

Routing and Remote access

·

Right click on computer name (pcc1)

·

Configure and enable routing and remote access

·

next® custom configuration

·

select LAN routing®next® finish

·

yes and logon to see IP table route

Enable LAN routingInterface

ANIP 172.15.0.0SNM 255.255.0.0G

20.0.0.2

enable LAN routingInterface

AN 10.0.0.0IP 10.0.0.0SNM 255.0.0.0

G

20.0.0.1Fig 16 : scenario for LAN routing

How to configure static routing




At Router R1:·

enable LAN routing

·

right click on static route

·

interface

AN

·

destination 172.15.0.0

·

mask 255.255.0.0

·

G

20.0.0.2

At Router R2:·

Enable LAN routing

·

Right click on static route

·

Interface

AN

·

Destination 10.0.0.0

·

Mask 255.0.0.0

·

G

20.0.0.1

Fig 17 : static routing

3.10.1.2 Dynamic Routing




The other way to manage a router routing tables is to let the computer do itfor you. Just like DHCP allocate IP addresses, configuring the dynamic routingprotocol usually means less errors due to human error, and less administrativeoverhead.In dynamic routing, routing information is automatically entered in therouter using protocols like RIP AND OSPF. These routing protocols used by

indow Server 2003 use one of two kinds of algorithms to determine the bestpossible path for a packet to get to its destination, either distance vector orlinkstate. RIP is used for small networks where as OSPF is used for large networks.

Routing Information Protocol (RIP)The distance vector protocol in use on

indow 2003 is called RoutingInformation Protocol (RIP) for IP. This protocol was designed for the exchange ofthe routing information within a small to medium size IP network.

hen Router is enabled on

indow 2003 machine, the routing table includesentries only for the networks that are physically connected.

hen RIP is enabledfor an interface, the router will periodically send an announcement of its routingtable to inform other RIP routers of the networks it can reach. RIP version1 uses

broadcast packets for its announcement. RIP version2 offers an improvement andcan be configured to use either multicast or broadcast packets whencommunicating with other routers. Also, RIP version2 offers more flexibility insubnetted and classless inter domain routing (CIDR) environments.The biggest advantage of RIPis its simplicity.

ith a few clicks in the Routingand Remote Access Server and MMC console, you can deploy RIP.

ith the RIPdynamic routing protocol installed on

indow's Server 2003, you get thefollowing features:(i)

RIP version1 and version2, with the ability to configure individualnetwork cards with separate versions.

(ii)

Calculations used to avoid routing loops and speed recovery of thenetwork whenever topology changes occur.




(iii)

Route filters; you can configure RIP to except information fromonly certain networks, and also choose which routes will be sharedwith RIP routers.

(iv)

Peer filters, which allow control over which router announcementsare accepted.

(v)

Simple password authentication support.

But there are significant drawbacks, which makes RIP a poor, if not unusablesolution for large networks. For example, the maximum hop count used for RIP routersis15, making network 16 hops away (or more) unreachable where RIP is concerned.Open Shortest Path First (OSPF)

here RIP is built to work to work in smaller networks, the Open Shortest PathFirst (OSPF) routing protocol is designed for large or very large networks. The

goal is thesame: information about connection to other networks is shared from one router toanother. It offers several advantages over RIP, especially significant in largenetworks:(i)

Routes calculated with OSPF are always loop free.

(ii)

OSPF can scale much more easily than RIP.

(iii)

Reconfiguration for network topology changes is faster.

The biggest reason OSPF is the choice in large networks is its efficiency; insteadof changing routing table via broadcast the way RIP does, OSPF configured routersmaintain a map of the network. The mapping is called the link state database, OSPFrouters keep the link state database up to date. Once changes have been made tolink statedatabase, an OSPF router's link state database is recalculated.

As the networks start to multiply, the size of the link state database increases, anda corresponding hit on router performance results. To combat this, OSPF sub divide thenetwork into smaller sections, called areas. Areas are connected to each other through abackbone area, with each router only responsible for the link state database for thoseareas connected to the routers. Area Border Routers (ABRs) then connect one backbone



area to another.




The biggest drawback of OSPF is its complexity; OSPF requires proper planningand is more difficult to configure and administer.

3.11 EXCHANGE SERVERExchange server is a mail server, we can send and receive mail from one user toanotheruser. Exchange server is the mail server of Microsoft.

3.11.1 Elements of Exchange ServerMail ServerA server which helps to the users to send and receive mail is called mail server.Mail BoxA storage place where senders and receivers mails are stored.

3.11.2

Exchange VersionTable 10: Exchange Server with different operating systemsExchange Version

Operating System

Exchange Server 5.5

IN NT or 2000 server (without SP).

Exchange Server 2000

IN NT or 2000 server (SP3,SP4)without (SP).

Exchange Server 2003

IN 2000 Server or

IN2003 server

(SP4) without SP.

Exchange server 2007

IN2003 server or R2/

IN 2008server with SP1.

here SP stands for Service Pack. Service Pack are the services which are loadedexternally to remove some bugs that come during installation of server CD.




3.11.3 Requirements for Exchange ServerProtocols Required·

POP3 (Post Office Protocol)This protocol is used for receiving e- mails.

·

IMAE4 (Internet Messaging Access Protocol)This protocol is advance version of POP, this is also used to receive mail.

·

LMTP (Local Mail Transfer Protocol)/SMTP (Simple Mail Transfer Protocol)This protocol is used to send mails.

·

NNTP (Network News Transfer protocol)This protocol is used for transferring messages on internet.

Hardware Requirements·

Processor: min. 133MHz Rec. 733MHz

·

RAM:

min. 256MB

Rec. 512MB

Other Requirements·

OS: 2k or 2k3 Server

·

NTFS partition

·

Static IP address

·

Active Directory

·

DNS installation with AD zone

·






(iii)

Implementation and troubleshooting of network will be easy.

3.12.1 Description of Different LayersApplication LayerApplication layer accepts data and forward into the protocol stack. It creates userinterface between application software and protocol stack.Presentation LayerThis layer decides presentation format of the data. It also able to performs otherfunction like compression/decompression and encryption/decryption.Session LayerThis layer initiate, maintain and terminate sessions between different applications.Due to this layer multiple application software can be executed at the same time.Transport LayerTransport layer is responsible for connection oriented and connection lesscommunication. Transport layer also performs other functions like(i)

Error checking

(ii)

Flow ControlBuffering indowingMultiplexing

(iii)

Sequencing

(iv)

Positive Acknowledgement

(v)

Response

(vi)Network LayerThis layer performs function like logical addressing and pathdetermination. Each networking device has a physical address that is MAC

address. But logical addressing is easier to communicate on large size network.Logical addressing defines network address and host address. This type ofaddressing is used to simplify implementation of large network. Some




examples of logical addressing are: - IP addresses, IPX addresses etc.Network layer has different routing protocols like RIP, EIGRP, BGP, andARP etc. to perform the path determination for different routing protocol.Network layer also perform other responsibilities like defining quality of service,fragmentation and protocol identification.Data Link LayerThe functions of Data Link layer are divided into two sub layers·

Logical Link Control

·

Media Access Control

(i)

Logical Link Control defines the encapsulation that will be used by theNIC to delivered data to destination. Some examples of Logical LinkControl are ARPA (Ethernet), 802.11 wi-fi.

(ii)

Media Access Control defines methods to access the shared media andestablish the identity with the help of MAC address. Some examples ofMedia Access Control are CSMA/CD, Token Passing.

Physical LayerPhysical Layer is responsible to communicate bits over the media thislayer deals with the standard defined for media and signals. This layer may also performmodulation and demodulation as required.

3.13 ROUTERS




13.13.1 Router Architecture and its Key Component

LAN

ProcessorI/OControllerMemoryController

RAM

BIOSROM

ANPorts

FlashRAMO/S

IncompleteIOS

IOS

NVRAMStartup Configuration

Fig 18 : Architecture of routerProcessorSpeed: - 20 MHz to 1GHzArchitecture: - RISCReduce Instruction set computer

Manufacturers: - Motorola, IBM, Power PC, Texas, Orion, Intel.Flash RAMFlash memory is just like a hard copy of the computer. Flash RAM is thepermanent read/write memory. This memory is used to store one or more copiesof router O/S. Router O/S is also called IOS (Internetwork Operating System).Thesize of Flash RAM in the router is 4MB to 256MB. This memory is ElectricallyErasable Programmable Read Only Memory (EEPROM).NVRAMNVRAM is a ªNon Volatile Random Access Memoryº. It is used to storethe startup configuration of the Router. It is on chip RAM, its size is 32kb.




RAM (Random Access Memory)It is a volatile memory. All the activities we do are stored in RAM,this means thatit holds the running configuration. RAM of the router is divided into two logicalparts.·

Primary RAM

·

Shared RAM

Primary RAMPrimary RAM is used for: (i)

Running copy of IOS.

(ii)

Running configuration

(iii)

Routing table

(iv)

Address Resolution Protocol (ARP) table (IP address to MACaddress)

(v)

Processor & other data structure

Shared RAMShared RAM is used as a buffer memory to shared the data received fromdifferent interfaces. Size of RAM in a router may vary from 2 MB to 512 MB.The types of memory that may be present in a RAM are:(i)

DRAM -> Dynamic RAM

(ii)

EDORAM -> Extended Data Out RAM

(iii)

SDRAM -> Synchronous Dynamic RAM

ROM (Random Access Memory)It has four components:·

POST (Power on Self Test)It performs hardware testing.



·

BOOT StrapBoot strap specifies from where and which inter operating system is to be

loaded.




·

Mini IOSCisco 2500, 1600

·

ROM MO

333333

Router Interfaces & Ports

Interface is used to connect LAN networks or wan networks to the router.Interface will use protocol stacks to send/receive data. Ports are used for theconfiguration of routers. Ports are not used to connect different networks. Theprimarypurpose of port is the management of router.33333333

Router Interface

Table 11: Router interfaces and connectors

AUI ± Attachment Unit InterfaceEPABX ± Electronic Private Automatic BranchPSTN ± Public Services Telephone Network3.13.2.2 Router PortsTable 12: Router Ports




333333

Modes of Router

hen we access router command prompt the router will display different modes.According to the modes, privileges and rights are assigned to the user.

User modeRouter>In this mode, we can display basic parameter and status of the router we can testconnectivity and perform telnet to other devices. In this mode we are not able to changeand save router configuration.

Privileged modeRouter#In this mode, we can display all information, configuration, perform administration task,debugging, testing and connectivity with other devices.

e are not able to perform hereconfiguration editing of the router.

The command to enter in this mode is `enable'.

e have to enter enablepassword or enable secret password to enter in this mode. Enable secret has more priority




than enable password. If both passwords are configured then only enable secret willwork.

Global configurationRoute(config)#This mode is used for the configuration of global parameters in the router. Globalparameters applied to the entire router. All the changes are performed in this mode. Buthere we cannot see and save the changes.For e.g: - router hostname or access list of router, password, Banner, Routing,Security.The command to enter in this mode is `configure terminal'

Line configuration modeIn this mode we can set the password of the user mode, i.e to set user modepassword .This mode is used to configure lines like console, vty and auxiliary.There aremain types of line that are configured.(i)

ConsoleRouter(config)#line console 0

(ii) AuxiliaryRouter(config)#line aux 0(iii) Telnet or vtyRouter(config)#line vty 0 4

Interface configuration modeIn this mode we can set ip addresses of the interfaces. This mode is used toconfigure router interfaces. For e.g:- Ethernet, Serial, BRI etc.Router(config)#interface <type> <number>Router(config)#interface serial 1

Routing configuration modeThis mode is used to configure routing protocol like RIP, EIGRP, OSPF etc.Router(config)#router <protocol> [<option>]




Router(config)#router ripRouter(config)#router eigrp 10

333333

Configuring Password

There are five types of password available in a router

Console Passwordrouter#configure terminalrouter(config)#line console 0router(config-line)#password <word>router(config-line)#loginrouter(config-line)#exitTo erase password do all steps with no command.

Vty Passwordrouter>enablerouter#configure terminalrouter(config)#line vty 0 4router(config-line)#password <word>

router(config-line)#loginrouter(config-line)#exit

Auxiliary Passwordrouter#configure terminalrouter(config)#line Aux 0router(config-line)#password <word>router(config-line)#loginrouter(config-line)#exit

Enable Passwordrouter>enablerouter#configure terminal




router(config)#enable password <word>router(config)#exit

Enable Secret PasswordEnable Password is the clear text password. It is stored as clear text inconfiguration where as enable secret password is the encrypted password.Router>enableRouter#configure terminalRouter(config)#enable secret <word>Router(config)#exit

Encryption all passwordsAll passwords other than enable secret password are clear text password. Thecommand to encrypt all password areRouter#configure terminalRouter(config)#service password-encryption

3.13.5 Managing ConfigurationThere are two types of configuration present in a router(i)

Startup Configuration

(ii)

Running Configuration

Startup configuration is stored in the NVRAM. Startup configuration is used tosave settings in a router. Startup configuration is loaded at the time of booting in to thePrimary RAM.Running Configuration is present in the Primary RAM wherever we run acommand for configuration, this command is written in the running configuration.

To save configuration

Router#copy running-configuration startup-configurationOrRouter#write




To abort configurationRouter#copy startup-configuration running-configuration

To display running-configurationRouter#show running-configuration

To display startup configurationRouter#show startup-configuration

Configuring Host NameRouter#configure terminalRouter(config)#hostname <name><name>#exit or end or /\zRouter#config terminalRouter(config)#hostname r1R1(config)#

Configuration InterfacesInterfaces configuration is one of the most important part of the routerconfiguration. By default, all interfaces of Cisco router are in disabled mode.

e have touse different commands as our requirement to enable and configure the interface.

Router#configure terminalRouter(config)#interface <type> <no>Router(config-if)#ip address <ip> <mask>Router(config-if)#no shutdownRouter(config-if)#exit

To display interface statusRouter#show interfaces (to show all interfaces)Router#show interface <type> <no>This command will display following parameters about an interface(1)

Status




(2)

Mac address

(3)

IP address

(4)

Subnet mask

(5)

Hardware type / manufacturer

(6)

Bandwidth

(7)

Reliability

(8)

Delay

(9)

Load ( Tx load Rx load)

(10)

Encapsulation

(11)

ARP type (if applicable)

(12)

Keep alive

Configuring optional parameter on

AN interfaceRouter#configure terminalRouter(config)#interfac <type> <no>Router(config-if)#encapsulation <protocol>

Router(config-if)#clock rate <value>Router(config-if)#end

Command displaying history of Router· To display commands present in historyRouter#show history

· To display history sizeRouter#show terminal



· To change history sizeRouter#config terminalRouter(config)#line console 0Router(config-if)#history size <value(0-256)>Router(config-if)#exit




Configuring BannersBanners are just a message that can appear at different prompts according to the type.Different banners are: ·

Message of the day (motd)This banner appear at every access method

·

LoginAppear before login prompt

·

ExecAppear after we enter to the execution mode

·

IncomingAppear for incoming connections

Syntax:Router#config terminalRouter(config)#banner

<type>

<delimation

char>Text

Massage

<delimation char>

Router(config)#

ExampleRouter#config terminalRouter(config)#banner motd $ This router is distribution 3600 routerconnected to Reliance $Router(config)#

To set time in router

e can configure router clock with the help of two methods:(i)

Configure clock locally

(ii)

Configure clock on NTP server (Network Time Protocol)

Router does not have battery to save the clock setting. So that clock will reset to thedefault on reboot.




To display clockRouter#show clock

To configure clockRouter#clock set hh:mm:ss day month yearRouter#clock set 7:15:10 9 June 2009

To configure clock from NTP serverRouter#config terminalRouter(config)#ntp server <IP address>Router(config)#exitC:\>ping pool.ntp.orgTo get ntp server ip from internetC:\>route print

3.14

SUBNETTINGSubnetting is a process or a technique to divide large and complex networks into

smaller parts or smaller networks and each network is called as subnet. Subnetting is

done to reduce the wastage of IP addresses ie instead of having a single huge network foran organization smaller networks are created within a given huge network. Subnettingallows the user to create multiple logical networks within a single Class A, B or C basednetworks.In subnetting, the IPv4 address is broken into two parts; network id and host id.This process borrows bits from the host id field. In this process, the network size does notshrink but the size of hosts per network shrinks in order to include sub-networks within

the network.333333

Advantages of subnetting

·

Size of the physical networks is reduced and hence easy to manage.

·

Reduce network traffic.

·

Easy to troubleshoot.




·

Reduce the wastage of IP address.

Subnet MaskA subnet mask specifies the part of IP address that is to be used for identifying asub network. A subnet mask when logically ANDed with IPaddress provides a 32- bitnetwork address. This binary address gives the first address in the subnet block specifiedin the large network.

Default MaskClassfull addresses consists of three classes; Class A, Class B, Class C used forsubnet.Each class has a default subnet mask C lass A consists of eight 1s in the networkaddress field and 24 0s in remaining field, Class B consists of 16 1s in network addressfield and 16 0s in remaining field, and Class C cointains 24 1s in the network address

field and remaining 8 bytes as 0s. the default address mask in binary and dotted-decimalis shown in the table

To Calculate the Subnet Mask1. Identify the class of address assigned. For this example the class of IP addressis Class B.




2. check the default address mask for the appropriate class and convert it tobinary format .for this example the default address mask is 255.255.0.0 andthe equivalent binary format is; 11111111.11111111.00000000.000000003. check the no. of 1s in the default mask. E.g this address contains 16 1s in classB, 16 bits 2 octat are for net id and the last 16 bits 2 octates are for host id.4. now if we need 9 subnets. This no. 9 is not a power of 2. the next no. that ispower of 2 and greater than 2 is 16. So, we require 4 extra 4 extra 1s in thenetwork field which has to be borrowed from the host id field.5. the total no. of 1s is 16+4=20, as 16 1s are from network id and 4 1s are ofadditional bits required for subnetwork. The no. of 0s in the n/w is 32-20=12.which defines whole address.6. hence address is given as 11111111.11111111.11110000.00000000 and indecimal format can be given as 255.255.240.0Table 14: decimal and binary values of subnet mask

DecimalBinary

00000000

0128192224240248252254255

100000001100000011100000

1111000011111000111111001111111011111111




333333

Types of Subnetting

·

Fixed Length Subnet Mask (FLSM)

·

Variable Length Subnet Mask (VLSM)

Steps of Subnetting for FLSMFor IP address 192.168.10.0 (Class C)Step 1:·

Identify the total no. of subnets 2^n = no.of subnets

·

here n are the no.s and borrowed bytes from host ID portion. Let we are given

that we have to make 4 subnets. Therefore 2^n =4 i.e n=2

Step 2:·

To idettify the total no. of the valid hosts for each subnet.

·

2^m-2= no.of valid hosts.

here m are the remaining no. of bits in host ID 2^62=62

Step 3:

·

Calculate the subnet mask and range

·

Subnet

mask

for

n/w

192.168.10.0/26

11111111.11111111.11111111.1100000000 ie 255.255.255.192·

range=> 256-192=64

step 4:·



Identify the total no of subnets, no. of valid hosts and the broadcast address.

is




Table 15: showing subnet mask, valid hosts, broadcast addressSubnetwork

Valid Host

192.168.10.0

192.168.10.1

Broadcast Addressto

192.168.10.63192.168.10.64

192.168.10.65

192.168.10.63to

192.168.10.126192.168.10.12

192.168.10.129

8

192.168.10.190192.168.10.193

192.168.10.19

192.168.10.254

192.168.10.127

to192.168.10.191to192.168.10.255

2

VLSMIn VLSM to allocate IP addresses to subnets depending upon the no. of hosts. Thenetwork having more no of hosts is given priority and the one having least no of hostcomes at last and for each network the subnet is assigned separately. As in thescenario

given:




Fig 19: variable subnet mask3.15 TELNETTelnet stands for terminal network, telephone network, terminal encapsulation onthe network. Purpose of Telnet is to access the remote device in order to configure it. Itprovides textual access of the remote device. It uses the services of TCP. Telnet service isused where small bandwidth is low. It provides textual access of the remote device. Portnumber of Telnet is 23.

3.15.1 To Access the Device RemotelyFor this purpose we have to assign the IP addresses to the PCs and the interfaces.For Telnet the Routers are to be configured with RIP version1 , so that the device canping each other. Also DCE cable is used to connect the Routers. The serial linkshouldhave the speed of 64K also apply vty password and enable secret password. Set up theRouters so that they can manage via Telnet.First of all select the PCs and the routers connect the ports to the router, dou

bleclick on router, switch off the router if it is on. Then select the serial portaccording to therouters, switch on the router. Select the cable to connect the Routers. Router to Routerconnections are made by the serial cable, so go on first Router select the serial port ass0/1/0 in the scenario, then go to the other Router and connect the serial cable at interfaces1/0. Accordingly connect the third Router with interfaces s1/1 and s1/2.




Now connect the PCs to the routers, to do this first select the console cable, click on thePC select RS232 option, then connect it on the Router and select console cable.Nowselect crossover cable on the PC select Fast Ethernet option and on the Router selectf0/0 option now as the PCs and Routers are connected to each other assign IP addressesto the PCs and the Routers. According to the fig set the IP addresses of the PCs®doubleclick on the PC® choose the option of desktop® IP configuration. Now set the IPaddress, subnet mask, and the default gateway. Like wise set the IP address of all thePCs. Now set the IP address of the interfaces of router.

3.15.2 Commands to assign IP addresses to the interfaces:At Router1:Router>Router>enableRouter#configure terminalRouter(config)#interface f0/0Router(config-if)#ip address 10.0.0.1 255.0.0.0

Router(config-if)#no shutdown

Fig 20: scenario of Telnet




Router#Router#configure terminalRouter(config)#interface s0/1/0Router(config-if)#ip address 40.0.0.1 255.0.0.0Router(config-if)#no shutdownRouter(config)#interface s0/1/0Router(config-if)#clock rate 64000Router(config-if)#no shutdownNow to check the assigned IPaddresses to the interfaces the command used isRouter#show ip interface brief

At router 2:Router#configure terminalRouter(config)#interface f0/0Router(config-if)#ip address 20.0.0.1 255.0.0.0Router(config-if)#no shutdownRouter#Router#configure terminalRouter(config)#interface s1/0Router(config-if)#ip address 40.0.0.2 255.0.0.0Router(config-if)#no shutdownRouter#configure terminal

Router(config)#interface s1/1Router(config-if)#ip address 50.0.0.1 255.0.0.0Router(config-if)#no shutdownRouter(config)#interface s1/1Router(config-if)#clock rate 64000Router(config-if)#no shutdown




At router 3:Router#configure terminalRouter(config)#interface f0/0Router(config-if)#ip address 30.0.0.1 255.0.0.0Router(config-if)#no shutdownRouter#Router#configure terminalRouter(config)#interface s1/0Router(config-if)#ip address 50.0.0.2 255.0.0.0Router(config-if)#no shutdown

To Telnet a device from RouterAt all the Routers use these commandsRouter(config)#line vty 0 4Router(config-line)#password cobraRouter(config-line)#loginRouter(config)#enable password cobraRouter(config)#enable secret cobra1

To telnet a device from routerRouter#telnet <IP>Or

Router>telnet <IP>

To exit from telnet sessionRouter#exit

To exit from a hanged telnet sessionCtrl+shft+6Or




Router#disconnect

To display connected sessionRouter#show sessionsThis command shows those sessions, which are created or connected by us.If we want anyone can telnet our router without password then on the line vty typecommand ªNo Loginº.

3.16 ROUTINGRouting is a process or technique to identify the path from one network toanother. Routers don't really care about hostsÐthey only care about networks and thebest path to each network.To route the packet the router must know the following things:·

Destination network

·

Neighbour device from witch it can learn about remote Networking.

·

Possible number of routers to reach the destination.

·

Best route to reach the destination.

·

How to maintain & verify the routing information.

3.16.1 TYPES OF ROUTING

·

Static routing.

·

Default routing.

·

Dynamic routing.

3.16.1.1 STATIC ROUTING

In static routing an administrator specifies all the routes to reach the destination.Static routing occurs when you manually add routes in each router's routing table.By default,Static routes have an Administrative Distance (AD) of 1




Features There is no overhead on the router CPU. There is no bandwidth usage between routers. It adds security, because the administrator can choose to allow routing access to certainnetworks only.

Advantages of static routing(1) Fast and efficient.(2) More control over selected path.(3) Less overhead for router.(4) Bandwidth of interfaces is not consumed in routing updates.

Disadvantages of static routing(1) More overheads on administrator.(2) Load balancing is not easily possible.(3) In case of topology change routing table has to be change manually.

Syntax for Static RoutingRouter (config)# ip route <destination N/w> <Subnet mask> <NextHope- address or exit interface> [<administrative distance>Permanent].

To check the routing table of routerRouter # show ip route




Fig 21: scenario of static routing

Static routing of router (R1)Router(config)#ip route 20.0.0.0 255.0.0.0 40.0.0.2Router(config)#ip route 30.0.0.0 255.0.0.0 40.0.0.2Router(config)#ip route 50.0.0.0 255.0.0.0 40.0.0.2Router(config)#interface so/1/0Router(config)# clock rate 64000Router # show ip route

Static routing of router (R2)Router(config)#ip route 10.0.0.0 255.0.0.0 40.0.0.1Router(config)#ip route 30.0.0.0 255.0.0.0 50.0.0.2Router#show ip routeRouter(config)#interface s1/0Router(config)# clock rate 64000Router(config)#interface s1/1




Router(config)#clock rate 64000Router#show ip route

Static routing of router (R3)Router(config)#ip route 10.0.0.0 255.0.0.0 50.0.0.1Router(config)#ip route 20.0.0.0 255.0.0.0 50.0.0.1Router(config)#ip route 40.0.0.0 255.0.0.0 50.0.0.1Router(config)#interface s1/0Router(config)# clock rate 64000Router#show ip route

3.16.1.2

DEFAULT ROUTINGDefault routing is used to send packets with a remote destination network

not in the routing table to the next-hop route.Default routing is also a type of static routing which reduces the routingoverhead & default routing is also used with stub networks. Stub networks are thosehaving a single exit interface. Default routing is also used for unknown destination.

A special address is used to perform the default routing ie 0.0.0.0The scenario for default routing is same and but the commands used at the routershaving single exit interface like R1 and R3 have different commands.

At Router (R1)Router(config)#ip route 0.0.0.0 0.0.0.0 40.0.0.2Router#show ip route

At Router (R3)Router(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.1Router#show ip route




3.16.1.3

DYNAMIC ROUTINGDynamic routing is when protocols are used to find networks and update

routing table on routers.A routing protocol defines the set of rules used by router when it communicatesrouting information between neighbor routers. In dynamic routing, we will enable arouting protocol on router. This protocol will send its routing information to the neighborrouter. The neighbors will analyze the information and write new routes to the routingtable.The routers will pass routing information receive from one router to otherrouter also. If there are more than one path available then routes are comparedand bestpath is selected. Some examples of dynamic protocol are: RIP, IGRP, EIGRP, OSPFThere are two type of routing protocols used in internetwors:

· Interior Gateway Protocols (IGPs)IGPs are used to exchange routing information with routers in the same

Autonomous System(AS) number. Routing which is performed within a singleautonomous system is known as interior routing. The protocol that are used to performthis type of routing are known as IGP(Interior Gateway Protocol).These protocols are:(i)

RIPv1 (Routing Information Protocol Version 1)

(ii)

RIPv2 (Routing Information Protocol Version 2)

(iii)

EIGRP (Enhanced Interior Gateway Routing Protocol)

(iv)

OSPF (Open Shortest Path First)

(v)

IS-IS (Intermediate System to Intermediate System)

· Exterior Gateway Protocols (EGPs)EGPs are used to communicate between different Autonomous System.

Protocol that used to do this type of routing are called exterior gateway protocols.






Route Source

Default AD

Connected interface

0

Static Route

1

EIGRP

90

IGRP

100

OSPF

110

RIP

120

External EIGRP

170

Unknown 255

This route will never be used

3.16.2.1

Classes of Routing Protocols

There are three classes of Routing Protocol(i)

Distance vector protocol

(ii)

Link state protocol

(iii)

Hybrid protocol.

· Distance vector protocolThe Distance-vector protocols find the best path to remote network byjudging distance. Each time a packet goes through a router, that's called a hop. The routewith the least number of hops to the network is determined to be the best route.



Thevector indicates the direction to the remote network. They send the entire routing table todirectly connected neighbors.Ex: RIP, IGRP. The distance-vector routing algorithm passes complete routing table contents toneighboring routers. A router receiving an update from a neighbor router believes the informationabout remote networks without actually finding out for itself. It's possible to have network that has multiple links to the same remote network,and if that's the case, the administrative distance is checked first. If the AD is the




same, the protocol will have to use other metrics to determine the best path touseto that remote network.

Fig 16: Routing table

Converged Network

Fig 23 : Routing table of covered networks·

Routing Loops




Distance-vector routing protocols keep track of any changes to the internet workby broadcasting periodic routing updates out all active interfaces. This broadcast includesthe complete routing table.Routing loops can occur because a every router isn't updated simultaneously.

Routing Loops Example

Router B

Router A

Router C

Network 3

Router E

Network 4

Network 5

Router D

Fig 24: Routing loopsThe interface to Network 5 fails. All routers know about Network 5 from RouterE. Router A, in its tables, has a path to Network 5 through Router B.

hen Network 5 fails, Router E tells Router C. This causes Router C to stoprouting to Network 5 through Router E. But Routers A, B, and D don't know aboutNetwork 5 yet, so they keep sending out update information. Router C will eventuallysend out its update and cause B to stop routing to Network 5, but Routers A andD arestill not updated. To them, it appears that Network 5 is still available through Router B

with a metric of 3.The problem occurs when Router A sends out its regular 30-secondªHello, I'm still hereÐthese are the links I know aboutº message, which includes theability to reach Network 5 and now Routers B and D receive the wonderful news thatNetwork 5 can be reached from Router A, so Routers B and D then send out the




information that Network 5 is available. Any packet destined for Network 5 willgo toRouter A, to Router B, and then back to Router A. This is a routing loop.·

Link state protocolAlso called shortest-path-first protocols, the routers each create three

separate tables. One keeps track of directly attached neighbors, one determinesthetopology of the entire internet work, and one is used as the routing tables. Link staterouters know more about the internet work than any distance-vector routing protocol.Link state protocols send updates containing the state of their own links to all otherrouters on the networkEx: OSPF·

Hybrid protocolHybrid protocol use aspects of both distance-vector and link state protocol.

Ex: EIGRP

3.16.3

RIP (Routing Information Protocol)Routing Information Protocol is a true distance-vector routing protocol. It

is an IGB (Inter Gateway Protocol). It sends the complete routing table out to all activeinterfaces every 30 seconds to its immediate neighbour. This is slow convergence meansthat one router sends a request to other about its route or network get networks

which arenot assigned to it after all thee three routers have same networks, this process is repeatedto send and receive request so it is called slow convergenceRIP only uses hop count to determine the best way to remote network, butit has a maximum allowable hop count of 0-15 by default, meaning that 16 is deemedunreachable.RIP version 1 uses only class full routing, which means that all devices inthe network must use the same subnet mask.RIP version 2 provides something called prefix routing, and does sendsubnet mask information with the route updates. This is called classless routing.




·

Hop CountIt is a way of measurement. Hop count limit is15.This routing supports only 15

routers, if there is one more router in the network then this routing will fails.·

Default administrative distance (120)

Timers of RIP(i)

Update timers.

(ii)

Hold timers.

(iii)

Invalid timers.

(iv)

Flush out timers.

Route update timerRouter update timer sets the interval 30 seconds between periodic routingupdates, in which the router sends a complete copy of its routing table out to allneighbors.

Router invalid timers

A router invalid timer determines the length of time that must elapse 180 secondsbefore a router determines that a route has become invalid. It will come to this conclusionif it hasn't heard any updates about a particular route for that period.

hen that happens,thee router will send out updates to all its neighbors letting them know that the route isinvalid.

Hold-down timerThis sets the amount of time during which routing information is suppressed.Routers will enter into the hold-down state when an update packet is received th

atindicated the route is unreachable. This continues until entire an update packet is receivedwith a better metric or until the hold-down timer expires. The default is 180 seconds.

Route flush timerRoute flush timers' sets the time between a route becoming invalid and its intervalfrom the routing table 240 seconds. Before it's removed from the table, the router



notifiesits neighbors of that route's impending demise. The value of the route invalid timer mustbe less than that of the route flush timers.




Difference between RIPV1 & RIPV2

Steps to do routing (version 1)At router 1Router(config)# router ripRouter(config-router)#network 10.0.0.0Router(config-router)#network 40.0.0.0




Router#show ip route

At router 2Router(config)# router ripRouter(config-router)#network 20.0.0.0Router(config-router)# network 40.0.0.0Router(config-router)# network 50.0.0.0Router#show ip route

At router 3Router(config)# router ripRouter(config-router)#network 30.0.0.0Router(config-router)# network 50.0.0.0Router#show ip route

3.16.4 IGRP ( Interior Gateway Protocol)Interior Gateway Routing Protocol (IGRP) is a Cisco-proprietary distance-vectorrouting protocol. To use IGRP, all your routers must be Cisco routers. IGRP hasamaximum hop count of 255 with a default of 100. IGRP uses bandwidth and delay of theline by default as a metric for determining the best route to an internetwork. R

eliability,load, and maximum transmission unit (MTU) can also be used, although they are notused by default.Table 18 : Difference between IGRP and RIPIGRP

RIP

Can be used in large internetworks

orks best in smaller networks

Uses an autonomous system number for Does not yse aytibiniys system numbersactivationGives a full route table update every 90 Gives full route table update every 30seconds

seconds




Has an administrative distance of 100

Has an administrative distance of 120

Uses bandwidth and delay of the line as Uses only hop count to determine the bestmetric (lowest composite metric),with a path to a remote network, with 15 hopsmaximum hop count of 255

being the maximum

IGRP TimersTo control performance, IGRP includes the following timers with default settings:·

Update timersThese specify how frequently routing-update messages should be sent. The

default is 90 seconds.·

Invalid timersThese specify how long a router should wait before declaring a route invalid ifit

doesn't receive a specific update about it. The default is three times the updateperiod.·

Hold down timersThese specify the hold down period. The default is three times the update timer

period plus 10 seconds.

· Flush timersThese indicate how much time should pass before a route should be flushed fromthe routing table. The default is seven times the routing update period. If theupdate timeris 90 seconds by default, then 7 × 90 = 630 seconds elapse before a route will beflushedfrom the route table.

At Router 1R1(config)#router igrp 10R1(config-router)#network 10.0.0.0R1(config-router)#network 40.0.0.0R1#show ip route




At Router 2R2(config)#router igrp 10R2(config-router)#network 40.0.0.0R2(config-router)#network 20.0.0.0R2(config-router)#network 50.0.0.0R2#show ip route

At Router 3R1(config)#router igrp 10R1(config-router)#network 30.0.0.0R1(config-router)#network 50.0.0.0R1#show ip route

3.16.5

EIGRP(Enhanced Interior Routing Protocol)Enhanced IGRP (EIGRP) is a classless, enhanced distance-vector protocol

that gives us a real edge over IGRP. Like IGRP, EIGRP uses the concept of anautonomous system to describe the set of contiguous routers that run the same routingprotocol and share routing information. But unlike IGRP, EIGRP includes the subn

etmask in its route updates. The advertisement of subnet information allows us touseVLSM and summarization when designing our networks.EIGRP is sometimes referred to as a hybrid routing protocol because it hascharacteristics of both distance-vector and link-state protocols. It sends traditionaldistance-vector updates containing information about networks plus the cost ofreaching them from the perspective of the adverting router. EIGRP has a maximumhop count of 255.

Powerful features that make EIGRP a real standout from IGRP




·

Support for IP, IPX, and AppleTalk via protocol-dependent modules Consideredclassless (same as RIPv2 and OSP

·

Support for VLSM/CIDR

·

Support for summaries and discontiguous networks

·

Efficient neighbor discovery

·

Communication via Reliable Transport Protocol (RTP)

·

Best path selection via Diffusing Update Algorithm (DUAL)Cisco calls EIGRP a distance vector routing protocol, or sometimes an

advanced distance vector or even a hybrid routing protocol. EIGRP supports differentNetwork layer protocols through the use of protocol-dependent modules (PDMs). EachEIGRP PDM will maintain a separate series of tables containing the routing informationthat applies to a specific protocol. It means that there will be IP/EIGRP tables,IPX/EIGRP tables, and AppleTalk/EIGRP tables.

Neighbor DiscoveryBefore EIGRP routers are willing to exchange routes with each other, they mustbecome neighbors. There are three conditions that must be met for neighborshipestablishment: Hello or ACK received AS numbers match Identical metrics (K values)To maintain the neighborship relationship, EIGRP routers must also continuereceiving Hellos from their neighbors. EIGRP routers that belong to differentautonomous systems (ASes) don't automatically share routing information and they don'tbecome neighbors.

The only time EIGRP advertises its entire routing table is when it discovers a newneighbor and forms an adjacency with it through the exchange of Hello packets.

henthis happens, both neighbors advertise their entire routing tables to one another. After




each has learned its neighbor's routes, only changes to the routing table are propagatedfrom then on.EIGRP maintains three tables containing information about the internetworks.(i) Neighbor TableRecords information about routers with whom neighborship relationshipshave been formed.(ii) Topology TableStores the route advertisements about every route in the internetwork receivedfrom each neighbor.

EIGRP MetricsAnother really sweet thing about EIGRP is that unlike many other protocols thatuse a single factor to compare routes and select the best possible path, EIGRP can use acombination of four:

3.16.6

·

Bandwidth

·

Delay

·

Load

·

Reliability

OSPF (Open Shortest Path First)Open Shortest Path First (OSPF) is an open standards routing protocol that's been

implemented by a wide variety of network vendors, including Cisco. This works by usingthe Dijkstra algorithm. First, a shortest path tree is constructed, and then the routing tableis populated with the resulting best paths. OSPF converges quickly, although perhaps notas quickly as EIGRP, and it supports multiple, equal-cost routes to the same destination.But unlike EIGRP, it only supports IP routing.OSPF is an IGP protocol. It is a link state routing protocol. It is supported by

many operating systems. Its default AD is 110, hop count limit is unlimited.




It is classless routing protocol, supports VLSM/CIDR. By default the highest IPaddressof interface will be elected as Router id.

OSPF provides the following features

Consists of areas and autonomous systems

Minimizes routing update traffic

Allows scalability

Supports VLSM/CIDR

Has unlimited hop count

Allows multi-vendor deployment (open standard)OSPF is supposed to be designed in a hierarchical fashion, which basically means

that you can separate the larger internetwork into smaller internetworks calledareas. Thisis the best design for OSPF.The reasons for creating OSPF in a hierarchical design include:·

To decrease routing overhead

·

To speed up convergence

·

To confine network instability to single areas of the networkEach router in the network connects to the backbone called area 0, or the

backbone area. OSPF must have an area 0, and all routers should connect to this

area ifat all possible. But routers that connect other areas to the backbone within anAS arecalled Area Border Routers (ABRs). Still, at least one interface must be in area 0.OSPF runs inside an autonomous system, but can also connect multipleautonomous systems together. The router that connects these ASes together is called anAutonomous System Boundary Router (ASBR).



OSPF Terminology·

Link




A link is a network or router interface assigned to any given network.

hen aninterface is added to the OSPF process, it's considered by OSPF to be a link.·

Router IDThe Router ID (RID) is an IP address used to identify the router. Cisco chooses

the Router ID by using the highest IP address of all configured loopback interfaces. If noloopback interfaces are configured with addresses, OSPF will choose the highestIPaddress of all active physical interfaces.·

NeighborsNeighbors are two or more routers that have an interface on a common

network,such as two routers connected on a point-to-point serial link.·

AdjacencyAn adjacency is a relationship between two OSPF routers that permits the direct

exchange of route updates. OSPF is really picky about sharing routing informationÐunlike EIGRP, which directly shares routes with all of its neighbors. Instead, OSPFdirectly shares routes only with neighbors that have also established adjacencies. And notall neighbors will become adjacentÐthis depends upon both the type of network andtheconfiguration of the routers.

OSPF Topologies databaseThe topology database contains information from all of the Link State

Advertisement packets that have been received for an area. The router uses theinformation from the topology database as input into the Dijkstra algorithm that computesthe shortest path to every network. LSA packets are used to update and maintainthetopology database.A Link State Advertisement (LSA) is an OSPF data packet containing link-stateand routing information that's shared among OSPF routers. There are different types ofLSA packets. An OSPF router will exchange LSA packets only with routers to which ithas established adjacencies.A designated router (DR) is elected whenever OSPF routers are connected to the

same multi-access network. A prime example is an Ethernet LAN.




A backup designated router (BDR) is a hot standby for the DR on multi-accesslinks The BDR receives all routing updates from OSPF adjacent routers, but doesn'tflood LSA updates.OSPF areasAn OSPF area is a grouping of contiguous networks and routers. All routers in thesame area share a common Area ID.Broadcast (multi-access)Broadcast (multi-access) networks such as Ethernet allow multiple devices toconnect to (or access) the same network, as well as provide a broadcast abilityin which asingle packet is delivered to all nodes on the network. In OSPF, a DR and a BDRmust beelected for each broadcast multi-access network.Non-broadcast multi-accessNon-Broadcast Multi-Access (NBMA) networks are types such as Frame Relay,X.25, and Asynchronous Transfer Mode (ATM). These networks allow for multi-access,but have no broadcast ability like Ethernet. So, NBMA networks require special OSPFconfiguration to function properly and neighbor relationships must be defined.·

Point-to-pointPoint-to-point refers to a type of network topology consisting of a direct

connection between two routers that provides a single communication path. The point-topoint connection can be physical, as in a serial cable directly connecting two routers, or itcan be logical.·

Point-to-multipointPoint-to-multipoint refers to a type of network topology consisting of a seriesof

connections between a single interface on one router and multiple destination routers. Allof the interfaces on all of the routers sharing the point-to-multipoint connection belong tothe same network. As with point-to-point, no DRs or BDRs are needed.




SPF Tree Calculation

ithin an area, each router calculates the best/shortest path to every network inthat same area. This calculation is based upon the information collected in thetopologydatabase and an algorithm called shortest path first (SPF)OSPF uses a metric referred to as cost. A cost is associated with every outgoinginterface included in an SPF tree. The cost of the entire path is the sum of costs of theoutgoing interfaces along the path.Cisco uses a simple equation of 108/ bandwidth.The bandwidth is the configuredbandwidth for the interface. Using this rule, a 100Mbps Fast Ethernet interfacewouldhave a default OSPF cost of 1 and a 10Mbps Ethernet interface would have a costof 10.An interface set with a bandwidth of 64,000 would have a default cost of 1563.

Benefits of OSPF(i)

Minimum routing updates.

(ii)

Priorities on all the CISCO routers the priority is 1.

(iii)

The routers having highest IP address become BRD(Border DestinationRouter)

Steps to apply OSPFSyntax:Router(config)#router ospf <ospf process id>Router(config-router)#network <network address> <wild card mask> area

<area number>




Fig 25: OSPF Scenario

At Router r1Router(config)#router ospf 1Router(config-router)#network 10.0.0.0 0.255.255.255 area 0Router(config-router)#network 10.0.0.0 0.255.255.255 area 0Router(config)#interface s0/1/0Router(config-if)#clock rate 64000Router#show ip route

At Router r1Router(config)#router ospf 2Router(config-router)#network

20.0.0.0

0.255.255.255

Router(config-router)#network 40.0.0.0 0.255.255.255 area 0Router(config-router)#network 50.0.0.0 0.255.255.255 area 0Router(config)#interface s0/1/0Router(config-if)#clock rate 64000

Router#show ip route

At Router r3Router(config)#router ospf 1Router(config-router)#network 30.0.0.0 0.255.255.255 area 0Router(config-router)#network 50.0.0.0 0.255.255.255 area 0Router#show ip route

area

0




3.17 LAN S

ITCHING3.17.1 S

ITCHSwitches are generally used to segment a large LAN smaller segments. Smallerswitches such as the Cisco Catalyst 2924XL have 24 ports capable of of creating24different network segment for the LAN. Larger switches such as the Cisco Catalyst 6500can have hundreds of ports. Switches can also be used to connect LANs with differentmedia, for example, a 10 Mbps Ethernet LAN and 100 Mbps Ethernet LAN can beconnected using a switch. Some switches support cut through switching, witch reduceslatency and delays in the network, while bridges support only store-and-forwardtrafficswitching. Finally switches reduce collision

on network segment . A switch is a

networking device which filters and forward packets through the network. It is a layer 2device. It is more advanced then hub but not as advanced as router.The basic function of

a switch is to manage the signal flow.

hen the switch is open, it allows the signal toflow through it and when it is closed, it stopes the signal to flow. Switch connectsseparate LAN segment. It allows multiple system to transmit simultaneously. A switch isa hardware device that filters and forward data packets between network segments.Ethernet switches are used in LAN to create Ethernet networks. Switches forwardthetraffic on the basis of MAC address. Switches maintain a switching table in which MACaddresses and port numbers are used to perform switching decision.

ORKING OF S

ITCH

hen switches receives data from one of connected devices, it forward data onlyto the port on witch the destinated system is connected.It use the media accessControl(MAC) address of the device to determine the correct port.The MAC address is a uniqenumber that is programed in to every Network Interface Card(NIC). Concider, device Awants to send data to device B.

hen device A passes the data, switch receives it. Switchthan cecks the MAC address of the destination system. It then transfer data to device B




only instead of brodcasting to all the devices. By forwarding data only to the system towitch the data is addressed, switch decreases the amount of traffic on each network link.

S

ITCHING METHODSThere are three types of switching method:·

Store-and-forward switchingThe entire frame is received and the CRC is computed and verified before

forwarding the frame. If the frame is too short (i.e. less than 64 bytes including theCRC), too long (i.e. more than 1518 bytes including the CRC), or has CRC error,itwill be discarded.It has the lowest error rate but the longest latency for switching. However, forhigh-speed network (e.g. Fast Ethernet or Gigabit Ethernet network), the latency isnot significant. It is the most commonly used switching method, and is supported by

most switches.·

Cut-through switchingIt is also known as Fast Forward switching. A frame is forwarded as soon asthe destination MAC address in the header has been received (the 1st 6 bytesfollowing the preamble). It has the highest error rate (because a frame isforwarded without verifying the CRC and confirming there is no collision) butthe shortest latency for switching

·

Fragment-free switching ( Modified Cut-through switching )

A frame is forwarded after the first 64 bytes of the frame have beenreceived. Since a collision can be detected within the first 64 bytes of a frame,fragment-free switching can detect a frame corrupted by a collision and dropit.Therefore, fragment-free switching provides better error checking than cutthrough switching.The error rate of fragment-free switching is above store-and-forwardswitching and below cut-through switching. The latency of fragment-free




switching is shorter than store-and- forward switching and longer than cutthrough switching.NOTE:Bridges only support store-and-forward switching. Most new switch models alsouse store-and-forward switching. However, it should be noted that Cisco 1900 switchesuse fragment-free switching by default.

Types of switch based on OSI model

·

(i)

Layer-2 switch

(ii)

Layer-3 switch

Layer-2 SwitchingLayer-2 switching is hardware based, which means it uses the MAC

address from the host NIC card to filter the network traffic. Layer-2 switch can beconsidered as multi- port bridge.Layer 2 switches are fast because they do not look at the network layerheader information, instead it looks at the frames hardware address before deciding toeither forward the frame or drop it.Limitations of Layer 2 Switching

ith bridge the connected networks are still one large broadcast domain.Layer 2 switch cannot break the broadcast domain, this cause performance issue whichlimits the size of your network. For this one reason the switch cannot completel

y replacerouters in the internetwork.

3.17.1.1

VLAN (Virtual LAN)

VLAN provides Virtual Segmentation of Broadcast Domain in the network. Thedevices, which are member of same Vlan, are able to communicate with each other. The




devices of different Vlan may communicate with each other with routing. So thatdifferent Vlan devices will use different n/w addresses.Vlan provides following advantages: ·

Logical Segmentation of network

·

Enhance network security

Creating port based VlanIn port based Vlan, first we have to create a Vlan on manageable switch then wehave to add ports to the Vlan. A Virtual LAN (VLAN) is a broadcast domain createdbased on the functional, security, or other requirements, instead of the physical locationsof the devices, on a switch or across switches.

ith VLANs, a switch can group differentinterfaces into different broadcast domains.

ithout VLANs, all interfaces of aswitchare in the same broadcast domain; switches connected with each other are also in the

same broadcast domain, unless there is a router in between. Different ports of a switchcan be assigned to different VLANs. A VLAN can also span multiple switches.The advantages of implementing VLAN are·

It can group devices based on the requirements other than their physicallocations.

·

It breaks broadcast domains and increases network throughput.

·

It provides better security by separating devices into different VLANs.

·

Since each VLAN is a separate broadcast domain, devices in different VLANscannot listen or respond to the broadcast traffic of each other.

·

Inter-VLAN communication can be controlled by configuring access controllists on the router or Layer 3 switch connecting the VLANs.

Types of VLAN·

Static VLAN






Fig 26: VLAN Operation·

Each logical VLAN is like a separate physical bridge.

·

VLANs can span across multiple switches.

·

Trunks carry traffic for multiple VLANs.

·

Trunks use special encapsulation to distinguish between different VLANs.

VLAN links

There are two different types of links in a switched network:·

Access link




A link from Pc to switch is called as access link or A link that is part of only oneVLAN. Therefore, a port connecting to an access link can be a member of only oneVLAN. And the mode of port is called as access mode.

·

Trunk linkA link from switch to switch or switch to router is called as trunk link. A 100

Mbps or 1000 Mbps point-to-point link that connects

switches or routers, and carries

frames of different VLANs . Therefore, a port connecting to a trunk link can bea memberof multiple VLANs. All VLANs are configured on a trunk link by default. VLANTrunking, by making use of frame tagging, allows traffic from different VLANs totransmit through the same Ethernet link (trunk link) across switches.VLAN Trunking identifies the VLAN from which a frame is sent by tagging theframe with the source VLAN ID (12-bit long). This feature is known as frame tagging or

frame identification.

hen there are multiple switches then we have to use trunk links toconnect one switch with other. If we are not using trunk links then we have to connectone cable from each vlan to the corresponding vlan of the other switch.

ith frame tagging, a switch knows which ports it should forward a broadcastframe (forward out the ports which have the same VLAN ID as the source VLAN ID). Italso knows which bridge table it should use for forwarding an unicast frame (since aseparate bridge table is used for each VLAN).




A frame tag is added when a frame is forwarded out to a trunk link, and isremoved when the frame is forwarded out to an access link. Therefore, any deviceattached to an access link is unaware of its VLAN membership.

Commands to create VlanSwitch#vlan databaseSwitch(vlan)#vlan <no.> [name <name of vlan>]Switch(vlan)#exit

Commands to configure ports for a VlanBy default, all ports are member of single vlan that is Vlan1. we can change vlanmembership according to our requirement.Switch(config)#interface <type> <no.>Switch(config-if)#switchport access vlan <no.>Switch(config-if)#exit

Commands to configure multiple ports in a vlanSwitch(config)#interface range <type> <slot/port no. (space)±(space) port no.>Switch(config-if)#switchport access vlan <no.>Switch(config-if)#exitExample: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in vlan5

Switch(config)#interface range fastethernet 0/10 ± 18Switch(config-if)#switchport access vlan 5Switch(config-if)#exit

To display mac address tableSwitch#show mac-address-tableVlan

Mac address

type

ports




20

00-08-a16-ab-6a-7b dynamic

fa0/7

To Display Vlan and port membershipSwitch#show vlan brief

Command to make Trunk linkSwitch(config)#interface <type> <type number>Note :- Trunk mode should not be a member of any vlan port.

3.17.1.2 Vlan Trunking Protocol (VTP)

ith the help of VTP, we can simplify the process of creating Vlan. In multipleswitches, we can configure one switch as VTP server and all other switches willbeconfigured as VTP client.

e will create Vlans on VTP server switch. The serverwillsend periodic updates to VTP client switches. The clients will create Vlans from theupdate received from the VTP server.

VTP Operation·

VTP advertisements are sent as multicast frames.

·

VTP servers and clients are synchronized to the latest revision number.

·

VTP advertisements are sent every 5 minutes or when there is a change.

VTP Modes·

VTP server modeBy default all the switches in this mode are in server mode. VTP server is a

switch in which we can create, delete or modify Vlans.yhe switch in this modeforwords the vlans to next switch. The server will send periodic updates for VTPclients.




·

VTP client modeOn VTP client, we are not able to create, modify or delete Vlans. The switch

in this mode creates the vlans that are received from server mode switch.The clientwill receive and forward vtp updates. The client will create same Vlans as defined invtp update.·

VTP Transparent modeTransparent is a switch, which will receive and forward VTP update. It is able

to create, delete and modify Vlans locally. A vlan created in this mode cannot beforworded into next switch. A transparent will not send its own VTP updates andwillnot learn any information from received vtp update.

VTP configuration

At Switch 1:·

Creat vlan

·

Port assignment

·

Trunk port

·

Switch vtp

Switch(config)#vtp mode serverSwitch(config)#vtp domain ciscoSwitch(config)#vtp password sun

At switch 2:Switch(config)#vtp mode serverSwitch(config)#vtp domain ciscoSwitch(config)#vtp password sun

At switch 3:Switch(config)#vtp mode serverSwitch(config)#vtp domain ciscoSwitch(config)#vtp password sun




Fig 27 : VTP Configuration

To see all the configurationsSwitch#show vtp passwordSwitch#show vlan briefSwitch#show vtp status·

Vtp version

·

Vtp domain

·

Vtp mode

·

Vtp pruning

·

Vtp reusion number

·

Maximum vlan supporting

·

Total no. of vlans

VTP Pruning

Pruning is the VTP feature through which a trunk link can be automaticallydisable, for a particular Vlan if neighbor switch does not contain ports in that Vlan. Vlan1is not prun eligible.·

Increases available bandwidth by reducing unnecessary flooded traffic

·

Example: Station A sends broadcast, and broadcast is flooded only toward

any switch with ports assigned to the red VLAN




Command to configure VTP Pruning

e have to use only one command on VTP server for VTP Pruning.Switch#configure terminalSwitch(config)#vtp pruningSwitch(config)#exit

Fig 28 : VTP Pruning

Spanning Tree Protocol

hen we connect multiple switches with each other and multiple path exist fromone switch to another switch then it may lead to the switching loop in the network.Multiple paths are used to create redundancy in the network. STP is only required whenmultiple path exist then there is possibility of loop in n/w.

Problems that occur with redundancy path(i)

Multiple copies of the frame will be received by destination.

(ii)

Frequent changes in the mac address table of switch.

(iii) A mac address may appear at multiple ports in a switch.(iv)

Packets may enter in the endless loop.




Spanning Tree Protocol will solve this problem by blocking the redundancyinterface. So that only one path will remain active in the switches. If the primary pathgoes down then disabled link will become enable and data will be transferred through thatpath.

Spanning Tree Protocol Basics·

Spanning Tree Protocol or STP (IEEE 802.1d) is used to solve the loopingproblem.It runs on bridges and switches in a network. It implements a SpanningTree Algorithm (STA), which calculates a loop-free topology for the network.

·

STP ensures that there is only one active path between any two network segmentsby blocking the redundant paths. A redundant path is used only when thecorresponding active path failed. It is not used for load-balancing.

·

Because STP solves the looping problem by blocking one or more links in anetwork, the frames traveling between some source / destination devices may notbe able to use the shortest physical path.

·

Bridges exchange STP information using messages called Bridge Protocol DataUnits (BPDUs) through Layer 2 multicast.

3.18

i-Fi (

IRELESS FIDELITY)The term "

i-Fi" suggests "

ireless Fidelity", compared with the long-

established audio recording term "High Fidelity" or "Hi-Fi". The term "

i-Fi", first usedcommercially in August 1999.

i-Fi is an IEEE standard 802.11.

3.18.1

ireless LAN

i-Fi is also known as wireless LAN. The name of a popular wirelessnetworking technology that uses radio waves to provide wireless high-speed Internet andnetwork connections. "

i-Fi works with no physical wired connection between senderand receiver by using radio frequency (RF) technology, a frequency within theelectromagnetic spectrum associated with radio wave propagation.

hen an RF curr

ent is




supplied to an antenna, an electromagnetic field is created that then is able to propagatethrough space.

The Typical Range of a

i-Fi LANThe range of a home

i-Fi LAN depends on the wireless access point (

AP) orwireless router being used. Factors that determine a particular

AP or wirelessrouter

srange are:·

the specific 802.11 protocol employed

·

the overall strength of the device transmitter

·

the nature of obstructions and interference in the surrounding areaA general rule of thumb in home networking says that 802.11b and 802.11g

APs and routers support a range of up to 150 feet (46 m) indoors and 300 feet (92 m)outdoors. Another rule of thumb holds that the effective range of 802.11a isapproximately one-third that of 802.11b/g.Obstructions in home such as brick walls and metal frames or siding greatly canreduce the range of a

i-Fi LAN by 25% or more. Because 802.11a employs a highersignalling frequency than 802.11b/g, 802.11a is most susceptible to obstructions.Interference from microwave ovens and other equipment also affects range. 802.11b and802.11g are both susceptible to these.

3.18.2

ireless Standards

The different wireless standards that are used for IEEE 802.11 standard are




Fig 29:

IEEE 802.11 Standards

802.11It was released in year 1997. The standard was original of 802.11. the max. datarate of this is 2Mbps and frequency of this is 2.4GHz and can cover upto 46m.

802.11aIt was modified in year 1999. this is improved version of original standard.Operates at the frequency of 5GHz, which is less crowded than 2.4GHz where telephonesand microwaves may cause interference. Although the speed is up to 54Mbps, the rangeis only up to 75 feet or distance covered is 46m. 802.11a standard is incompatible withboth 802.11b and g because it operates at a different frequency.

802.11bThis standard was released in 1999. Operates on the 2.4GHz frequency band andcan transmit data at speeds of up to 11Mbps within a range of up to 100-150 feet or a

distance of 90m.

ireless range can be affected by reflective or signal-blockingobstacles,such as mirrors, walls, devices and location, whether indoors or outdoors.

802.11gThis standard was released in 2003. The max. data rate for the standard is 54Mbps.It supports a frequency range of 2.4GHz, covers a distance of 90m.

802.11n




The latest version of IEEE 802.11 standard that is still in progress ofdevelopment. The next generation of high-speed wireless networking, capable ofdelivering the range and capacity to support today s most bandwidth-hungry applicationslike streaming high definition video, voice, and music.

ireless-n is based on MIMO(Multiple Input, Multiple Output) technology, which uses multiple radios to transmitmultiple streams of data over multiple channnels.Operates in two modes of frequency 2.4GHz and 5.6GHz frequency band andcan transmit data at speeds of up to 11Mbps within a range of up to 100-150 feet .

ireless range can be affected by reflective or signal-blocking obstacles, suchas mirrors,walls, devices and location, whether indoors or outdoors.

i-Fi is supported by many applications and devices

3.18.3

·

video game consoles

·

home networks

·

PDAs

·

mobile phones

·

major operating systems

·

other types of consumer electronics

ireless Security

A common but unproductive measure to deter unauthorized users is to suppress theAP s SSID broadcast, "hiding" it. This is ineffective as a security method becau

se theSSID is broadcast in the clear in response to a client SSID query. Another unproductivemethod is to only allow computers with known MAC addresses to join the network.MAC address are easily spoofed. If the eavesdropper has the ability to change his MACaddress, then he may join the network by spoofing an authorized address.

ired Equivalent Privacy (

EP) encryption was designed to protect against casualsnooping, but is now considered completely broken. Tools such as AirSnort or aircrack



can quickly recover

EP encryption keys.




To counteract this in 2002, the

i-Fi Alliance blessed

i-Fi Protected Access (

PA)for wireless security. Though more secure than

EP, it has outlived its designed lifetime,has known attack vectors and is no longer recommended.In 2004 the full IEEE 802.11i (

PA2) encryption standards were released. If used with a802.1X server or in pre-shared key mode with a strong and uncommon passphrase

PA2is still considered secure, as of 2009.

4.

CONCLUSION

General ConclusionComputer Networking is a very vast project in the present developing era ofelectronics and communication. Now a days, computers are used in a wider range.All the




organizations are using multiple computers within their departments to perform their dayto day work. Computer network allows the user to share data , share folders andfiles withother users connected in a network. Computer Networking has bound the world in a verysmall area with it wide networking processes like LAN, MAN,

AN.

Applications·

Communication Field

·

Industries

·

Medical Field

·

Rearch Field

·

Organisations

·

School

·

Colleges

REFRENCES·

www.goole.com

·

www.jetkinginfotrain.com

·

www.microsoft.com

·

www.nythimes.com

·

www.digitech-engineers.com






·

Network Essentials module

·

4-in-1 MCSE study material

·

Introduction to

indow Server2003

·

CISCO Cretified Network Associate

·

Faruk Husain



COMPLETE Project on Networking

Documents