7/21/2019 COMPLETE Project on Networking http://slidepdf.com/reader/full/complete-project-on-networking-56d9728fea6ca 1/166 www.final-yearprojects.co.cc | www.troubleshoot4free.com/fyp/ SWAMI PARMANAND COLLEGE OF ENGINEERING & TECHNOLOGY SIX MONTHS INDUSTRIAL TRAINING REPORT ON NETWORKING (MCSE & CCNA) AT JETKING SEC 34 , CHANDIGARH SUBMITTED AS A PART OF COURSE CURRICULUM BACHELOR OF TECHNOLOGY IN ELECTRONICS & COMMUNICATION ENGINEERING Under the Guidance of Mr. Baljit singh Mr. Inder Gulati Submitted To: Er. Harpreet Kaur (HOD) Submitted By: Saroj Dogra (697041917) DEPARTMENT OF ELECTRONICS & COMMUNICATION ENGINEERING SWAMI PAMANAND COLLEGE OF ENGINEERING & TECHNOLOGY, DERA BASSI, MOHALI ACKNOWLEDGEMENT
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
I feel deeply indedted to Mr. Baljit Singh, Microsoft trainer who delivered valuablelesson on MCSE, his indepth knowledge about the subject helped me understand thesubject in better way. His method of teaching the minute details helped me a lot toacquire the insight into the subject.I am also grateful to Mr. Inder Gulati, CCNA trainer for giving best knowledge aboutCCNA.the way he instilled knowledge of the subject was undoubtly praise worthy andvaluable.I am also thankful to Jetking institution as a whole that is doing yeoman's service byteaching the learner avreast with the computer , networking and hardware knowledge thatis the need of the day.I will be failing in my duty if I do not acknowledge my husband Mr. Nardev Singh Ranawho always stood by my side during my studies. I am indepted to my son's AnirudhRana and Romil Rana who never clamed my time and get bore by my long absence rathersilent.
Last but not the least, I thank all my classmates at Jetking for extending kindco-operation.
1. INTRODUCTIONThis project report pertains to six months industrial training that I had underwentat JETKING, Chandigarh as part of curriculum of degree in Bachelor of technology inElectronics and Communication engineering as required by Swami Parmanand College ofengineering and technology (affiliated to Punjab Technical University, Jalandhar) .I learnt a lot from professional managers and skilled engineers. I had a greatlearning experience as trainee in this firm. I learnt a lot about how differentnetworks arecontrolled in the industry or any department with the help of networking processes, underMCSE and CCNA.I have learnt about different type of servers like DHCP Server, DNS Server, NATServer. Also I have learnt how to control the LAN and MAN networks under MCSE(Microsoft Certified System Engineers) and how to control MAN and WAN networksunder CCNA (CISCO Certified System Engineers).Justification cannot be done to whatever I have learnt in these six months within afew pages but I have still tried my best to cover as much as possible in this re
port. In thisreport I have tried to sum up the technical knowledge I have gained in my six months oftraining.
1.1
Company ProfileJetking is an organization came into establishment in1947. Jetking is India's
number one Computer Hardware and Networking Institute.
Birth and Evolution
It took a lot of failure before mankind tasted technological success. Jetking evolved intune with the changing face of technology. During 55 years in the field of electronictechnology. Jetking successfully trained thousands of students to overcome failure forhigh paying careers.
Jetking Infotrain Ltd. India's leading Computer Hardware and Networking Institute. Withthe vision to promote and the conviction to deliver the widespread propagation of computer hardware and networking education across the nation, Mr. Bharwani was the first toset up an training institute offering innovative courses in computer hardware in 1990.Jetking's core competency lies in providing complete training and developing hardwareengineers and professionals with sound technical knowledge. It focuses on the overalldevelopment of personality of an individual with emphasis on personality development,presentation and communication skills, leadership skills etc.Jetking has established more than 125 operational centers and 250 faculties acrossthe country and has trained over 3,50,000 students who have move onto the crave
success- full career. With its alumni placed in the best of organizations in India and someabroad,Jetking,s vocational training and placement promises has helped build the careerprospects of many young boys and girls.The company has been awarded the ISO 9000:2000 certification in 2003.Thecompany has been awarded the ª Maharashtra IT Awardº for a key role in manpoweractivities in year 2006-07,it was felicitated with Franchise Award as Best Franchisor forthe year 2007-08.Also,ranked 4th in the list of 26th hot franchises as per outlook moneymagazine.Mr. Suresh Bharwani was awarded with ªPike's Peak Awardº by the Bob PikeGroup USA for effective implementing smart lab plus for making technical training fun,faster and easier for non- technical person.Across all the sectors, industries are upgrading their information technologysystem. Industries ranging from plastics, chemicals, textiles and power to the automotiveand telecom sector are now IT savy. Government and public sectors are going hi-techwith EDI and computer networks. The IT industry, software companies, data center
s, ITenabled services providers are all equipped with advance IT system and networks. Theincreasing number of call centers, BPO's etc., have given a further boost to the hardwareand networking industry.The courses in jetking comprises lecture and theory session, with a great focusonactive participation through smart lab plus ,that focuses on audio visual and learning withhands-on training and equips students with an in depth domain knowledge that istechnical; it also equips students with soft skills ,to face the multi-faceted challenges ofcorporate world.
PLACEMENT: Jetking is the first and only institute that promises the 100%jobs guarantee to its students. The companies that have recruited jetkings studentsinclude:Samsung, Sun Micro system, IBM, Canon, Siement, reliance, TATA, Compaq HPinvent, IT-T solutions, Videsh Sanchar Nigam Limited, D-Link, Novell, Dell, Wipro, LG,ICIC Infotech and several other MNCs.
Any student who has qualified his or her HSC/SSC examination is eligible to takeup a course at jetking. The one year program Jetking certified hardware and networkingprofessionals give 680 hours of in-depth knowledge to a student in Basic electronics andcomputer applications. Computer hardware and peripherals, window 2003 administratorand network administrator (soon it will be replaced with window server 2008).Apartframe technical knowledge there are personality development sessions which groom thestudent's personality, their ability to perform better.Jetking, India's leading hardware and networking training institute has trainedover 3,00,000 students from its 125 centers spread across India. With its alumni placed inthe best of organizations in India and some abroad, Jetking vocational trainingandplacement promises has helped build the career prospects of many young boys andgirls.Jetking has partnered with some of the worlds most renowed names in networkingto provide you with cutting edge courses and technologies. With academic partnerships
with Microsoft, Comp TIA,LINUX, NOVELL, and person VUE .Jetking Chandigarh is a division of Hi-Tech point. Hi-Tech point is an ISO 90012000 IT company. It was established in year 1993 and run by a company of ITprofessionals. Jetking Chandigarh branch is considered to be the best centre among allcenters. It has bagged number 1 center award consecutively for last 7 years. Here trainingon various fields is going on like Basic Electronic, Hardware, Networking, JCHNPAnalog and Digital electronics and Hardware, RHCE, RHCSS, MNA, MCSE (MicrosoftSystem Engineers), MCITP, MNA, CCNA (CISCO Certified Network Associate),CCNP(CISCO Certified Network Professional).Partnership with industry leaders like Microsoft and Red Hat Jetking ensure itsstudents authentic courseware and technology.
Computer Networking is a very vast project in the present developing era of electronicsand communication. Now a days, computers are used in a wider range. All theorganizations are using multiple computers within their departments to perform their dayto day work. Computer network allows the user to share data , share folders andfiles withother users connected in a network. Computer Networking has bound the world in a verysmall area with it wide networking processes like LAN, MAN, WAN.The courses in jetking comprises lecture and theory session, with a great focuson activeparticipation through smart lab plus ,that focuses on audio visual and learningwithhands-on training and equips students with an in depth domain knowledge that istechnical; it also equips students with soft skills ,to face the multi-faceted challenges ofcorporate world.
Introduction to networkingNetworking is a practice of linking of two or more computing devices such as
PCs, printers, faxes etc., with each other Connection between two devices is throughphysical media or logical media to share information, data and resources. Networks aremade with the hardware and software.
Cable/media
Fig 1: computer network
3.1.1 Models of NetworkingModel means the connectivity of two computers. We have many types ofnetworking models.(i)
Client ±Server ModelIn a Client server model we have one server and many clients. A Client can share
the resources of server, but a server cannot share the resources on clients.On the point of view of administrator it's very easy to control the networkbecause we combine with the server also at security point of view. It is very usefulbecause it uses user level security in which users have to remember only one password toshare the resources.(ii) Peer to Peer Model (Workgroup Model)In Peer to Peer networking model all computers are in equal status, that is wecannot manage centralization, administration secutity. In Peer to Perr networking clientuse operating system like Window 98, Window XP, Window 2000, Window Vista.(iii) Domain ModelIt is a mixture of client server and peer-to-peer model. In this clients can sharetheir resources as peer-to-peer but with the permission of the server as in client server
model therefore it is commonly used model because in this security is more as we can putrestriction on both server and clients.
Difference between Workgroup & DomainTable 1Workgroup
1. It is a peer to peer networking model.
Domain
1. It is a server based networking model.
2. There is no client and no server. All the 2. There is a centralized dedicated servercomputers are in equal status.
controls all other computers called clients.3. This model is recommended for small 3. This model is recommended for largenetworks, upto 10 computers.
networks.
4. There is no centralized administrated 4. There is centralized administrationandseparately.
each PC can be administrated and managedfrom the server.
5. In this model, low grade OS like 5. in this model high grade OS like WIN2000/XP professional, WIN 98 etc. can be 2000/2003 Server can be used.used.6. Users accounts are created in each PC 6. Users accounts are created on the serverand are called as Local Users.
side and are called Domain Users.
3.1.2 Categories of networkNetworks can be categorized as per geographical area to be covered by thenetwork. Computer network are divided into four categories includes: Local AreaNetwork (LAN), Campus Area Network (CAN), Metropolitan Area Network (MAN) andWide Area Network (WAN).3.1.2.1
Local Area Network (LAN)LAN is a computer network that is used to connect computers and work station toshare data and resources such as printers or faxes. LAN is restricted to a smallarea such as home, office or college. Devices used in LAN are : HUB and switch.Media for LAN is UTP cables. Figure 1.2 shows how all work stations, server andprinter are interconnected with the help of the network device.
Fig 2: Local Area NetworkTypes of LANIn LANs, data can be transferred using techniques like token passing. As pertechniques used for data sharing, LANS are classified into Ethernet, Token Bus,TokenRing and Fiber Distributed Data Interface (FDDI).Figure 3.3 shows LAN classification.
Advantages of LANa). Provides communication in smaller networks, easy to install and configure.b). many users can share data or network elements at the same time which resultsin fast work.Disadvantages of LANa). limited number of computers are connected in a LAN.b). LAN cannot cover large area.c). Network performance degrades as the number of users exceeds.
3.1.2.2 Campus Area Network (CAN)Campus Area Network is a computer network made up of two or more LANswithin a limited area. It can cover many buildings in an area. The main featureofCAN is that all of the computers which are connected together have somerelationship to each other e.g. different buildings in a campus can be connectedusing different CAN. It will help to interconnect academic departments, libraryand computer laboratories. CAN is larger than LAN but smaller than WAN.Figure 3.4 shows a CAN network.
Fig 4: Campus Area NetworkDevices used in CAN are : HUB, Switch, Layer-3 switch, Access Point .And the media
used for CAN is Unshielded twisted pair of cables and Fiber Optics Cable.
MAN is the interconnection of networks in a city. MAN is not owned by a singleorganization. It act as a high speed network to allow sharing resources with inacity. MAN can also be formed by connecting remote LANs through telephonelines or radio links. MAN supports data and voice transmission. The best exampleof MAN is cable T.V network in a city.
Fig 5 : Metropolitan Area Network
3.1.2.4
Wide Area Network (WAN)WAN covers a wide geographical area which include multiple computers or
LANs. It connects computer networks through public networks like, telephone system,microwave, satellite link or leased line.Most of the WANs use leased lines for internet access as they provide faster dat
a transfer.WAN helps an organization to establish network between all its departments and officeslocated in the same or different cities. It also enables communication between theorganization and rest world.Devices used in WAN is only Router
3.2 IP ADDRESSES and MAC AddressesIt is also called as logical addresses. IP is a 32 bit long and it is divided into 4octets and dot (.) is used to separate one octet from another. It is represented in theform of decimals. There are two versions of IP addresses:-
3.2.1 IP Address ClassesIP address is a 32 bit address. It is divided into various classes namely ClassA, ClassB, Class C, Class D and Class E. TCP/IP defines Class D for experimental purpose.TCP /IP address contains two addresses embedded within one IP address; Networkaddress and host address as shown in figure 3.1
Class A consists of 8-bit network ID and 24-bit host ID. Class B consists of 16bit network ID and 16-bit of host ID. And Class C consists of 24-bit of networkID and 8-bit of host ID.Address ClassesTable 3: Address ClassesAddres
Dynamic Host Configuration Protocol. The DHCP grants IP address to the computeronlease basis.Static IP AddressesStatic IP addresses are assigned to the device on the network whose existence inthe network remains for a longer duration. These static IP addresses are semi-permanentIP addresses which remain allocated to a specific device for longer time e.g. Server.
3.2.1.2 How to Configure IP Address in window 2003·
Right click on My Network Places- properties
·
right click on working LAN card- properties
·
select internet protocol (TCP/IP) -properties
·
Tick on- Use the following IP addresses - now fill the IP address e.g10.0.0.1
·
Tick on ±Use the following DNS server address
·
Fill the preferred DNS server ± 10.0.0.1
·
Ok
·
Close
Now check the connectivity of computer with itself with commandStart-run-cmd-ping 10.0.0.1
3.2.2 MAC Addressing
MAC address is a hardware address that is embedded in the NIC card. It is also knownas hardware address or physical address. Every NIC card has a unique MAC addressassigned by IEEE. MAC address is used to identify the nodes at lower levels of OSImodel. The MAC address operates at the data link layer of the OSI model.MAC address is a 12 digit hexadecimal number (48 bit address). It is made up ofnumbers from 0-9 or a letter from A-F. MAC address can be written in any one oftheformats:
The 12 digit MAC address will be shown as say 00:11:11:EA:8D:F6
3.3
NETWORKING MEDIA
To do networking we need to use some type of media. There are many types of media.(i)
Coaxial Cable
(ii)
Fiber optic cable
(iii)
Twisted Pair of Cables
(iv)
Micro- wave
(iv)
Satellite
Coaxial CableCoaxial cable consists of an insulated copper conductor surrounded by a tubeshaped copper braid outer copper tune and the inner conductor have the same axis ofcurvature hence it called coaxial cable. It is basically of two types:(i)
We used Base Band signal cable in Networking of Computers, It is so called becauseit carries single frequency. Its speed is 10 Mbps and impedance is 50 W.
Band Cables carries multiple frequencies. Connector used for Coaxial cable isBNC(British Novel Connector) connector. ARCnet uses RG-62 coaxial cable. It hasanimpedance of 93 W and has a comparatively lesser attenuation, hence yield greaterdistances. These cables are expensive and provide high propagation factor.
Fiber Optical CableFiber optic cable consists of a very fine fiber made from two types of glass, one for theinner core and the other for the outer layer. Here signal is transmitted in theform of light.Different varieties of fiber optics is used depending on the size of the network. Singlemode fiber optics is used for networks spanning longer distance. Fiber Optics has lowerpropagation factor than coaxial cable. It is a costly but more secure transmission media.Twisted Pair CableThere are two wires, which are twisted with each other to avoid EMI (ElectroMagnetic Induction).these cables are easy to terminate. However they have a slightlyhigher value of attenuation value and hence have limited distance covering capac
ity.Connector used for Twisted Pair of Cable is (Registered Jack) RJ-45 and RJ-11. Thereare two types of twisted pair of cables:·
STP (Shielded Twisted Pair):In this an extra wire which is called shielded wire is wrapped over the inner
cover which holds copper in pairs. This protection is used to protect signal fromexternal noise.·
UTP (Unshielded Twisted Pair)In this type of wire no shielded cover is there for extra protection from noise.There are different categories of UTP cables:
Categories of UTP CablesTable 4: Category and Speed of UTP cables
3.3.1.3 Rollover CableRollover cable isn't used to connect any Ethernet connections together, butRollover cable can be used to connect a host to a router console serial communic
ation(com) port.NOTE: Straight cable and Cross cables are used for data transfer but Rollovercables are not used for data transfer.There are two methods for manufacturing Rollover cables:
IN 2k3) is a server operating system producedby Microsoft. Introduced in 24th April 2003 as the successor to window 2000 server, it isconsidered by Microsoft to be the corner stone of its window server system lineofbusiness server products. An update version
indow Server 2003 R2 was releasedmanufacturing on 6th dec, 2005. its successor window 2008 was released on 4th feb, 2008.According to Microsoft, window server 2003 is more scalable and deliver betterperformance than its predecessor window 2000.Features of
indow 2003(i)
A significant improved version of Internet Information Service (IIS)
(ii)
Increased default security over previous version due to the built in firewalland having most services disabled by default.
(iii)
Manage your server-a role management administrative tools that allow anadministrator to choose what functionality the server should provide.
(iv)
Improvement to Active Directory.
(v)
Improvement to Group Policy handling and Administration.
(vi)
Provides a Backup system to restore lost files.
(vii)
Improved disk management, including the ability to Backup from shadows offiles, allowing the Backup of open files.
(viii)
Improved security and command line tools which are part of Microsoftinitiative to bring a complete command shell to the next version of window.
(ix)
Support for a hard based ª
atch Dog Timerº, which can restart the server ifthe operating system does not suspend with in a certain amount of time.
Removed Features·
The ability of creating server disk automated system recovery (ASR) is usedinstead .
indow server 2003 comes in a number of editions, each targeted towards aparticular size and type of business. In general, all variant of window server 2003
3.5.1.1 HOST NAMEHost name is a computer name and is also called is NetBIOS (network basicInput/ output system) name. NetBIOS is actually an application layer protocol that canuse the transport services of TCP/ IP when used in routed network. A NetBIOS name is16- byte addresses that identify a NetBIOS resource on the network.3.5.1.2 DOMAIN NAMEDomain name is used to identifies the internet site one can identifies the location
without having to remember the IP address of every location e.g. yahoo.com orgmail.com
3.5.1.3 FQDFQDN means fully qualified domain name which represents a hostname appended to theparent name space in hierarchy. Also in fully qualified domain name different levels ofnamespace are visualize as in fig below this hierarchy is visualized─ the root levelnamespace, top─ level domain, and so on, in use throughout the internet today. Left mostportion of the FQDN is the host portion of the name. A host name is alias we giv
fully qualified domain names. This root domain is designated with a dot (.). Fig 6.2shows the tree structure or domain namespace.
Fig 7: Tree structure or Domain Namespace3.5.1.5 DNS serverAny computer providing domain namespace is a DNS server. DNS server is used toconvert host name FQDN into IP address and IP address into host name FQDN. To storethe name-to-IP-addresses mappings so crucial to network communication, name serveruses zone files.
3.5.2 DNS ZoneZone is the part of DNS database that contain record of domain or multiple domain.If the domains represents logical division of the DNS namespace, zones represents thephysical separation of the DNS namespace. In other words information about records ofthe resources within DNS domain is stored in a zone files, and this zone files exist onhard drive of server. Zone files are divided into one of two basic types:
Each record stored in a zone file has a specific purpose. Some of the records set thebehavior of the name server, others have the job of resolving a host name or service intoan IP table.(i)
NS (Name Server):These specify the name servers that are authoritative for a given portion
of DNS namespace. These records are essential when DNS servers are performingiterative queries to perform name resolution.
(ii)
SOA (Start of Authority):This resource record indicates the name of origin for the zone contains the name
of the server that is the primary source for information about the zone. The information inan SOA record affect how often transfer of the zone are done between serversauthoritative for the zone. It is also used to store other properties such as versioninformation and timings that affect zone renewal or expiration.(iii)
CNAME (Canonical Name):
CNAME can be used to assign multiple names of a single IP address.
For example, the server hosting the site www.abc.com is probably not named www,but aCNAME record exist resolution of www to an IP address all the same. The CNAMErecord actually points not to an IP address, but to an existing A record in thezone.3.5.2.2 Steps to Install and configure DNS server·
Start ® control panel® add and remove program
·
Add remove window components
·
Select networking services and click on detail button
·
Check box of DNS server
·
Ok and finish
3.5.2.3 Creating a Forward Lookup Zone·
Statically fill the IP address
·
Start ®administrator tools
·
DNS® right click on forward lookup zone
·
New zone® next
·
Select primary zone® next
·
Enter zone name (abc.com)® next
·
Tick Allow both secure and non secure updates and secure dynamicupdated
(i) c:>tracert www.yahoo.comcommand is used to check the path , a data packet follow from one routerto another router.(ii) c:>nslookupcommand display the domain name with IP (works only when reverse lookupzone is set up).(iv)
c:>ipconfig /allThis command display FQDN, IP address, MAC address.
This command flush or clear all the information in the cache that is retrievedfrom DNS server.(v) c:>ipconfig /displaydnsDisplay the current contents or entries in the cache.(vi)
c:>ip config /registerregister any DNS name
3.6 DHCP SERVERDHCP (Dynamic Host Configuration Protocol) is a protocol that allocates IP address tocomputer on a network. DHCP centralized the management of IP address allocationandreduces human error associated with manual IP configuration. DHCP server supplies allthe necessary networking param-eters. Two things are always handed out as a part ofDHCP configuration: IP address and subnet mask. Further DHCP will frequentlyconfigure clients with optional values, such as a default gateway, DNS server address,and the address of a
indow Internet Naming Server, if one is present. Scenario
showingDHCP server IP address allocation.
3.6.1 orking of DHCP Server(i)
DHCP Scope
(ii)
DHCP Super Scope
(iii)
Exclusion IP Range
(iv)
DHCP Lease Time
(v)
IP Reservation
DHCP ScopeScope having the range of IP address for providing dynamic IP address to other
computer. A group of IP address within a scope is called as DHCP scope.DHCP Super ScopeA super scope is used to combine two or more scopes each serving different subnets, andcan make the administration of several scopes on window 2003 DHCP server moremanageable. Using super scope you can group multiple scopes as a single administrative
entity that allows the client to lease from either one.
ith this feature, a DHCP servercan:·
Support DHCP clients on a single physical network segment where multiplelogical IP networks are used.
hen more than one logical IP network is used oneach physical subnet or network, such configuration is called multinets.
·
Support DHCP clients located on the far side of DHCP and BOOTP relay agent.
·
In multinet configuration, DHCP superscope can be used to group and activateindividual scope ranges of IP addresses used on your network. In this way , aDHCP server computer can activate and provide leases from more than one scopeto clients on a single physical network.
Exclusion IP rangeIf you want to reserve some IP for any computer i.e if we want that from the ser
ies of192.168.0.2 to 192.168.0.100 if we want that a series of IP addresses must not beassigned automatically then at can be done using exclusive IP range.DHCP Leased TimeDHCP lease time is validity of IP address. By default DHCP lease time is 8 daysminimum,1 day maximum 999 days, 23 hours to53 day. ith in 8 days:After 80% of day clients demand new IP some times server refuse the client request.After 87.5% of days it will retry, and if the server did not give the new IP address thenthe client will receive APIPA address (Automatic Private IP Address).
hen a DHCP client is unable to locate a DHCP server, the client picks out a ran
dom IPaddress from the private APIPA address range of 169.254.*.*, with a subnet maskof255.255.0.0. The 169.254.*.* IP range is private because that network number isnot inuse on the internet, it is random because the client generates an arbitrary host number forthat network.The significance of APIPA is that DHCP client computers that cannot find aDHCP server can still be assigned an IP address and communicate with other computerson the same subnet mask that also cannot find DHCP server. It allows communication
indows 2000, Microsoft introduced Active Directory, a scalable,robust directory service. Active Directory is used to create server based networking.Active Directory's job is to store and make available a Directory database i.e information
about the user, its class, name, address, mails, phone numbers, location.Active Directory is a technology created by Microsoft that provides a variety ofnetwork services like Directory Services, DNS based naming and other networkinformation. Active Directory also allows administrator to assign policies, deploysoftware and apply critical updates to an organizations. Active Directory was previewedin 1999, released first with window 2000 server edition and revised to extend functionallyand improve administration in
indow 2003. Additional improvements were made in
indow server 2003 and
indow server 2008.The fundamental building block of Microsoft's Directory services continues to be adomain. A domain is logically grouping of network resources, including shares, p
rinters,groups and users accounts. The user account represents the individual to domain, andallows for different type of access and different types of tasks. Every users account isunique. It has uniqueness of the user account that allows administrator to control accessfor every member of domain.There are two types of users accounts: local account and domain account. Localaccounts are maintained in the local database of a computer and cannot be used to grantaccess to network resources. Local users are primarily used to administer a computer or
to allow several people to share a single computer that is not a member of a domain.
hereas domain users accounts are much more widely used in organizations that localuser accounts because they allow for central administration and user can log onto anycomputer in the domain. Domain users accounts are stored in Active Directory.
3.7.1 Active Directory ServicesA computer network can be divided logically into two networking models.·
orkgroup
·
Domain
Difference Between
orkgroup and DomainTable 9
orkgroup
Domain
1. It is a peer-to-peer networking 1. It is a server based networking model.model.2.there is a centralized dedicated server2. There is no client and no server. computer
called
domain
controller
(DC)which controls all other computers
All computers are in equal status.
called clients.3.This model is recommended for3. This model is recommended for large
small networks (upto 10 pcs).
networks.4. There is no centralized Administration
and
each
PC
is 4. There is centralized administration
administrated separately.
and each PC can be administrated andmanaged from the server.
5.In this model, low grade operatingsystem like 2000/xp professional, 5.In this model high grade operatingwin 98 etc can be used.
7 Users accounts are created in eachPC and are called as ªLocal Usersº.
7.Users accounts are created on severside DC and are called as ºDomainUsersº.
Active Directory uses domain to hold objects, each domain has security boundary.Users must authenticates to the domain in which their users account resides before theycan access resources, such as a shared folders. Active Directory also links relateddomains in a hierarchical structure and users can access resources in any of the domain inwhich their user account resides. The hierarchical structures of related domainis called atree, and all domains in the tree share the same Domain Name System (DNS) namespace.All the domains and the trees in a single organization are called a forest. Alldomains inthe forest share same schema.
3.7.1.1
Types of Domain
·
Domain Forest
·
Domain Tree
·
Organization unit
Domain ForestA forest is created when window 2k3 server computer is configured as a domaincontroller. A forest is a collection of multiple domain link together and relationshipbetween the domains.Domain TreeA domain tree is made up when there is a parent child relationship between the domainin the forest. The child domain includes the complete parent domain name. a tree is a set
of two or more domains sharing common namespace e.g we can create a parent domainand then child domain like mail.yahoo.com; where mail- child domain, yahoo- parentdomain.
Fig 8: Structure of domain forest and domain treeOrganization Unit (OU)Organization unit is the smallest unit in a domain network that can contain users,computer groups, shared folders, printers and group policy object in simple words. OUmeans department like sale department, accounts department like sales, accountsin acompany OU can be used to apply different security policies to computer and users indifferent department. OU also helps in dividing administration among differentadministrator of managing only computer and users of sales department.
Primary Domain Controller (PDC)This is the first domain controller, in this domain all entries are created in it likeusers account, group policy, Organization unit etc. All FSMO role are done in PDC.
Additional Domain Controller (ADC)It is a domain network, it is important to have more than one DC so that if oneDC fails, the other DC will continue serving the client. There is also load balancing ofActive Directory Service if we have more than one DC.The first DC we create is simply called PDC and if we create an extra DC thenthat DC is known as ADC. ADC has same configuration of AD as primary domaincontroller.All domain controllers in a domain networking are masters.
e can make achange in the active directory of any domain controller and that change is replicated to allother domain controllers. Replication takes place among all the domain controllers and itis controlled automatically. If we create a user in the first domain controller, it isautomatically created in the ADC because of replication.
All the domain controllers in the domain networking are peers and this model iscalled as multi- master model .
Install DNS, if not installed of Active Directory and configure it.
It should be noted that active directory cannot work without DNS.DNS isautomatically installed and configured during the Active Directory installation.
3.7.1.4 Installation of Active DirectoryFirst of all fill the static IP address, then install DNS service into it and after that
install the Active Directory·
start® run® dcpromo
·
Ok
·
elcome to active directory ® next® next
·
Select domain controller for a new domain e.g (gmail.com)
·
Next
·
Domain NETBIOS name (gmail.com)
·
Next
·
Data folder, folder new tech directory service® next (SYS VOL)
start® run® dcpromoThis command is also used to remove active directory, if after this command theactive directory is not removed then type·
start®run
·
cmd®dcpromo /forceremoval
·
Ok
How to identify Active Directory installation·
Start ® administrator toolAfter that if three options specified if come, it means that Active Directory
has been installed
─ Active Directory domain and trusts─ Active Directory sites and services─ Active Directory users and computerOpen DNS console by·
Administrator tools®DNS
·
Forward lookup zone─ msdcs.exam.edu─ start of authority (SOA)
─ name server (NS)
Now ping active directory with domain name like·
start® run® ping gmail.com
Backup of Active DirectorActive Directory backup come in use when there is some problem in active directory. Ifthere is any problem in active directory then remove it and restore the backup.·
Start® run®ntbackup®ok
·
Select advance mode and untick that is already ticked
Change backup path browse keep in your hardware and then send it to thepen drive
·
D:\adbackup
3.7.2 CHILD DOMAINA domain is created say ªxyz.comº. this domain is known as parent domain or theroot domain. Now ªchd.xyz.comº will be the child domain or the sub domain of xyz.com.
Fig 10 : parent-child relationship modelA child domain is created to ease administration in a very large domain network.
e cancreate the parent domain in the head office of the company and the child domain
in thebranch offices.Each branch office will have its own administrator to manage the users of thechild domain present in the branch office.A true relationship is automatically created between the parent domain and thechild domain. This means users in the child domain can access the file server of the
parent domain. Moreover users of either domain can use clients of either domainforlogging in the domain but a user can always logon only in the domain in which hisaccount resides, though he physically can use client pc of parent or client domain. Usersof either domain can logon its own domain from either side but only when it useits owndomain name. users of parent domain can communicate with child domain but he has touse its domain name for that.
3.7.2.1
Steps to create child domain
First of all install the active directory on pc1 i.e on the parent domain. Now make Tomuser on it. On pc2 create the child domain, then make users on it, user- RamBelow are the steps to cerate child domain.·
Fill the IP address in the child domain
·
Now ping to the parent domain with the domain name (xyz.com)
·
Run ®dcpromo® ok
·
next® select domain controller for a new domain
·
next® select child domain and existing domain name (mcse.com)
·
next
·
enter username, password and domain name
·
enter user parent domain name also enter child domain name
it should be noted that parent domain can logon into child domain but on the otherhand child domain cannot logon to the parent domain. Also parent domain can applypolicies or security on the child domain.Make the client member by entering particular user with its domain name.·
First right click on My Computer
·
Properties
·
Computer name
·
Change
·
rite domain name ®okNow logoff start and then write user name - TomDomain name - mcse.com
Again logoff and check the other userStart-user name- abcDomain name ± mail.mcse.com
3.8
INTERNET SHAREING
e can share a single internet connection to multiple computers with the help of
networking or internet sharing. There are four ways to share internet.(i)
Direct sharing
(ii)
ICS ± Internet connection sharing
(iii)
in Proxy
(iv)
NAT ± Network Address Translation
3.8.1 Direct SharingInternet sharing can be done between computers directly, just by taking internetconnection directly from ISP (Internet Server provider), then it is provided toADSL
connected to the switch with RJ-45 connector. Switch, further connects computers thosehave to be provided with internet connection. The scenario for direct sharing is as shownin figure:
Fig: 11: Direct Sharing ScenarioADSL modem has IP address 192.168.1.1. All the PCs are assigned with a DNS(Domain Name Server) and G
(gateway) -192.168.1.1. Also DHCP (Dynamic HostCommunication Protocol) is enabled which will provide IP addresses to the PCsautomatically.
3.8.2 ICS (Internet Connection Sharing)Internet Connection sharing provides an alternate way to provide Internet Sharing.ICS requires a server with two network interfaces, one for the private internalnetworkconfigured with IP 192.168.0.1 address and an adapter for public connection. ICSrequires two connections in order to work: one public and one private i.e. ICS server
requires two LAN cards, Internal (Private) and External (Public). Internal LAN card usesLocal LAN card (L2) and External LAN card (L1) is used by Internet. ICS is designed tobe as simple as possible. ICS works on following windows: XP, Vista, 2K3 Server, 2k3Server SP1.it doesn't work on the server in which AD+SP1 is present. The scenarioforICS is shown below:
Fig 12: ICS scenarioNote:-
hen we configure ICS then the local card detect 192.168.0.1 addressautomatically.
How to configure ICS·
Open network and sharing center
·
Network- Properties
·
Click on Manage network connections
·
Right click on LAN Card which is used for internet- Properties
in Proxy is a third party software which is used for sharing internet and we canalso block the web site with the help of win proxy.
IN Proxy supports all the threeclasses A, B, C also it is supported by all operating systems. The scenario for
IN proxyis shown below:
Fig 13: scenario of win proxy serverIn win proxy as shown in the scenario above we can share internet. First of alla ADSLmodem is connected to the ISP (Internet Service Provider) by a RJ-11 connector andother end of ADSL modem is connected to the PC1 through RJ-45. Assign IP address192.168.1.1 to the ADSL modem also enable the DHCP server and set the start IPaddress of 192.168.1.2 and end IP address of 192.168.1.254. Then after ADSL modemconnect PC1, assign G
192.168.1.1 and
3.8.4 NAT (Network Address Translation)If we have to connect many computers with a single IP address then we will use N
AT.NAT exchange IP packet between local network and internet. The routing and remoteaccess server of window 2K3 server provide us with a component known as NAT. Byenabling NAT on a Server 2003 system, you allow connected users on a private system to
share a single connection to access a public network such as the internet i.e. NAT enablemultiple client computer to connect the internet through a single publicly registered IPaddress. A NAT server translate private IP address to public addresses. NAT eliminatesthe need for large number of IP addresses by mapping externally assigned IP addresses.
Fig 14: NAT server
hen deploying NAT, it is needed to configure setting on both the client sideand the server side. On the server side of NAT fill the IP address statically.
3.8.4.1 Steps to enable NAT server
.
·
Open internet ® Tools® Internet options
·
connections® LAN settings
·
untick the IP and port address
·
ok® ok® give site name
On the client side of NAT, client side is configured to obtain IP addresses
automatically and then restart the client system. Assuming NAT is used for addressassignment, the client system will receive TCP/IP information from the NAT server. Theclient information includes:·
IP address from 192.168.0.0 private addressing range
DNS server address, which would be the address of the NAT interfaceon the server.
ith the client side configured, there are few things to do on NAT server:The first step to configure NAT server is to actually install the Routing and RemoteAccess Services. To do this, start the Routing and Remote Access Service Setup
network. All the clients of VPN dial to public IP address of VPN server and receiveprivate IP from virtual VPN dynamic host protocol (DHCP).in VPN one can havemultiple virtual connections to a single IP address. This way ,one network cardcan hostseveral inbound connections, rather than require a modem and telephone line foreachsimultaneous remote user.
Fig 15 : scenario of VPN serverUsing VPN server we can connect many private networks to internet services i.e theremote connection.
e can create a private network through public network, we can usefirewall for security and data encryption in VPN server.
3.9.1 VPN components(i)
VPN server
(ii)
VPN Clients
(iii)
AN Option
(iv)
Security Options
VPN ServerVPN server, serve as the end points of a VPN connection. hen configuring aVPN server, you can allow access to just that server, or pass traffic through VPN serverso that the remote user gain access the resources of the entire network.VPN ClientVPN clients establish connection to VPN server. They can also be routers thatobtain the router-to-router secure connection. VPN client software is included in all themodern window operating systems, including
indow 2003 server. Router-to routerVPN connection can be made from computers running server2003 and
running Routing and Remote Access. Additionally, any client that support PPTP orL2TP connections can be VPN clients of a window server 2003 system.
AN OptionsThese provide the physical mechanism for passing data back and forth. Theseconnections typically include such similar network technologies such as T1or framerelay. In order for VPN connections to be successful, the VPN client and VPN servermust be connected to each other using either permanent
AN connection or by dialinginto an internet server provider (ISP).Security OptionsSince a VPN uses a network that is generally open to the public, it is importantthat the data passed over the connection remain secure. To aid with securecommunication routing and remote access supports such security measure as logonanddomain security, data encryption, smart cards, IP packet filtering and caller ID.
3.9.2 Types of VPN(i)
PPTP (Point to Point Tunneling Protocol )
(ii)
L2TP (Layer 2 Tunneling Protocol) according to CCNA.
Point to Point Tunneling Protocol (PPTP)PPTP is Microsoft's legacy protocol for supporting VPN. It was developed inconjunction with other communications companies such as Robotics as an extension tothe PPP protocol. PPTP encapsulates IP or IPX packets inside of PPP datagram's. Thismeans that you can remotely run programs that are dependent upon particular netw
orkprotocols. One of the keys to remember about PPTP is that the protocol providesencryption capabilities, making it much safer to send information over nonsecurenetworks.Layer Two Tunneling Protocol (L2TP)L2TP is a standard based encapsulation protocol with roughly the samefunctionality as a Point-to-Point Tunneling Protocol (PPTP). One of the key differences
indow's server 2003 implementation of L2TPand it cousin PPTP is thatL2TPis designed to run natively over IP networks only. This implementation of L2TPdoes not support native tunneling over X.25, frame relay, or ATM networks. LikePPTP,L2TPencapsulates Point-to-Point Protocol (PPP) frames, which then encapsulate IP orIPX protocols, allowing users to remotely run programs that are dependent on specificnetwork protocols . But unlike the PPTP protocol, L2TP does not provide encryption ofthe data. For data security L2TPrelies on the services of another standards- basedprotocol, IPSec.
3.9.3
How to configure VPN
·
start®administrative tools
·
Routing and Remote access
·
Right click on computer name configure and enable Routing and Remoteaccess
·
next® select remote access (dial up or VPN)
·
next® VPN® next
·
select LAN card which is connected to internet (172.15.15.50) public IP
ROUTINGIt is a process of transferring information through an inter network i.e from one
network to another. Routing connect different networks having ID help in process ofrouting. The dial-in properties also allow for specific IP address to be assigned to a user.This is the only way in
indow Server 2003 that you can assign a specific IP to
a user.To assign a specific IP to a user, check the box next to assign A Static IP Address andenter a valid IP in the space provided. Static routing can also be specified asper user. Bydefining static routes, users can be limited to only specific parts of networks.In an internetwork a router must then about all the networks present in the foreffort websites, there are hardware routers like CISCO. Even win 2003 server computerconfigured as router. In simple words Router is a computer with two network cards.These two network cards, then, are attached to two different logical IP networks. The
routing table helps direct traffic that is passed through the router.Now when there is a router, also there is a routing table, there is a need toconfigure the router in order for that router to pass along traffic to the proper network.There are two ways the routing table can be built and modified: either manuallyorautomatically.
The other way to manage a router routing tables is to let the computer do itfor you. Just like DHCP allocate IP addresses, configuring the dynamic routingprotocol usually means less errors due to human error, and less administrativeoverhead.In dynamic routing, routing information is automatically entered in therouter using protocols like RIP AND OSPF. These routing protocols used by
indow Server 2003 use one of two kinds of algorithms to determine the bestpossible path for a packet to get to its destination, either distance vector orlinkstate. RIP is used for small networks where as OSPF is used for large networks.
Routing Information Protocol (RIP)The distance vector protocol in use on
indow 2003 is called RoutingInformation Protocol (RIP) for IP. This protocol was designed for the exchange ofthe routing information within a small to medium size IP network.
hen Router is enabled on
indow 2003 machine, the routing table includesentries only for the networks that are physically connected.
hen RIP is enabledfor an interface, the router will periodically send an announcement of its routingtable to inform other RIP routers of the networks it can reach. RIP version1 uses
broadcast packets for its announcement. RIP version2 offers an improvement andcan be configured to use either multicast or broadcast packets whencommunicating with other routers. Also, RIP version2 offers more flexibility insubnetted and classless inter domain routing (CIDR) environments.The biggest advantage of RIPis its simplicity.
ith a few clicks in the Routingand Remote Access Server and MMC console, you can deploy RIP.
ith the RIPdynamic routing protocol installed on
indow's Server 2003, you get thefollowing features:(i)
RIP version1 and version2, with the ability to configure individualnetwork cards with separate versions.
(ii)
Calculations used to avoid routing loops and speed recovery of thenetwork whenever topology changes occur.
Route filters; you can configure RIP to except information fromonly certain networks, and also choose which routes will be sharedwith RIP routers.
(iv)
Peer filters, which allow control over which router announcementsare accepted.
(v)
Simple password authentication support.
But there are significant drawbacks, which makes RIP a poor, if not unusablesolution for large networks. For example, the maximum hop count used for RIP routersis15, making network 16 hops away (or more) unreachable where RIP is concerned.Open Shortest Path First (OSPF)
here RIP is built to work to work in smaller networks, the Open Shortest PathFirst (OSPF) routing protocol is designed for large or very large networks. The
goal is thesame: information about connection to other networks is shared from one router toanother. It offers several advantages over RIP, especially significant in largenetworks:(i)
Routes calculated with OSPF are always loop free.
(ii)
OSPF can scale much more easily than RIP.
(iii)
Reconfiguration for network topology changes is faster.
The biggest reason OSPF is the choice in large networks is its efficiency; insteadof changing routing table via broadcast the way RIP does, OSPF configured routersmaintain a map of the network. The mapping is called the link state database, OSPFrouters keep the link state database up to date. Once changes have been made tolink statedatabase, an OSPF router's link state database is recalculated.
As the networks start to multiply, the size of the link state database increases, anda corresponding hit on router performance results. To combat this, OSPF sub divide thenetwork into smaller sections, called areas. Areas are connected to each other through abackbone area, with each router only responsible for the link state database for thoseareas connected to the routers. Area Border Routers (ABRs) then connect one backbone
The biggest drawback of OSPF is its complexity; OSPF requires proper planningand is more difficult to configure and administer.
3.11 EXCHANGE SERVERExchange server is a mail server, we can send and receive mail from one user toanotheruser. Exchange server is the mail server of Microsoft.
3.11.1 Elements of Exchange ServerMail ServerA server which helps to the users to send and receive mail is called mail server.Mail BoxA storage place where senders and receivers mails are stored.
3.11.2
Exchange VersionTable 10: Exchange Server with different operating systemsExchange Version
Operating System
Exchange Server 5.5
IN NT or 2000 server (without SP).
Exchange Server 2000
IN NT or 2000 server (SP3,SP4)without (SP).
Exchange Server 2003
IN 2000 Server or
IN2003 server
(SP4) without SP.
Exchange server 2007
IN2003 server or R2/
IN 2008server with SP1.
here SP stands for Service Pack. Service Pack are the services which are loadedexternally to remove some bugs that come during installation of server CD.
Implementation and troubleshooting of network will be easy.
3.12.1 Description of Different LayersApplication LayerApplication layer accepts data and forward into the protocol stack. It creates userinterface between application software and protocol stack.Presentation LayerThis layer decides presentation format of the data. It also able to performs otherfunction like compression/decompression and encryption/decryption.Session LayerThis layer initiate, maintain and terminate sessions between different applications.Due to this layer multiple application software can be executed at the same time.Transport LayerTransport layer is responsible for connection oriented and connection lesscommunication. Transport layer also performs other functions like(i)
Error checking
(ii)
Flow ControlBuffering indowingMultiplexing
(iii)
Sequencing
(iv)
Positive Acknowledgement
(v)
Response
(vi)Network LayerThis layer performs function like logical addressing and pathdetermination. Each networking device has a physical address that is MAC
address. But logical addressing is easier to communicate on large size network.Logical addressing defines network address and host address. This type ofaddressing is used to simplify implementation of large network. Some
examples of logical addressing are: - IP addresses, IPX addresses etc.Network layer has different routing protocols like RIP, EIGRP, BGP, andARP etc. to perform the path determination for different routing protocol.Network layer also perform other responsibilities like defining quality of service,fragmentation and protocol identification.Data Link LayerThe functions of Data Link layer are divided into two sub layers·
Logical Link Control
·
Media Access Control
(i)
Logical Link Control defines the encapsulation that will be used by theNIC to delivered data to destination. Some examples of Logical LinkControl are ARPA (Ethernet), 802.11 wi-fi.
(ii)
Media Access Control defines methods to access the shared media andestablish the identity with the help of MAC address. Some examples ofMedia Access Control are CSMA/CD, Token Passing.
Physical LayerPhysical Layer is responsible to communicate bits over the media thislayer deals with the standard defined for media and signals. This layer may also performmodulation and demodulation as required.
Fig 18 : Architecture of routerProcessorSpeed: - 20 MHz to 1GHzArchitecture: - RISCReduce Instruction set computer
Manufacturers: - Motorola, IBM, Power PC, Texas, Orion, Intel.Flash RAMFlash memory is just like a hard copy of the computer. Flash RAM is thepermanent read/write memory. This memory is used to store one or more copiesof router O/S. Router O/S is also called IOS (Internetwork Operating System).Thesize of Flash RAM in the router is 4MB to 256MB. This memory is ElectricallyErasable Programmable Read Only Memory (EEPROM).NVRAMNVRAM is a ªNon Volatile Random Access Memoryº. It is used to storethe startup configuration of the Router. It is on chip RAM, its size is 32kb.
RAM (Random Access Memory)It is a volatile memory. All the activities we do are stored in RAM,this means thatit holds the running configuration. RAM of the router is divided into two logicalparts.·
Primary RAM
·
Shared RAM
Primary RAMPrimary RAM is used for: (i)
Running copy of IOS.
(ii)
Running configuration
(iii)
Routing table
(iv)
Address Resolution Protocol (ARP) table (IP address to MACaddress)
(v)
Processor & other data structure
Shared RAMShared RAM is used as a buffer memory to shared the data received fromdifferent interfaces. Size of RAM in a router may vary from 2 MB to 512 MB.The types of memory that may be present in a RAM are:(i)
DRAM -> Dynamic RAM
(ii)
EDORAM -> Extended Data Out RAM
(iii)
SDRAM -> Synchronous Dynamic RAM
ROM (Random Access Memory)It has four components:·
POST (Power on Self Test)It performs hardware testing.
Interface is used to connect LAN networks or wan networks to the router.Interface will use protocol stacks to send/receive data. Ports are used for theconfiguration of routers. Ports are not used to connect different networks. Theprimarypurpose of port is the management of router.33333333
Router Interface
Table 11: Router interfaces and connectors
AUI ± Attachment Unit InterfaceEPABX ± Electronic Private Automatic BranchPSTN ± Public Services Telephone Network3.13.2.2 Router PortsTable 12: Router Ports
hen we access router command prompt the router will display different modes.According to the modes, privileges and rights are assigned to the user.
User modeRouter>In this mode, we can display basic parameter and status of the router we can testconnectivity and perform telnet to other devices. In this mode we are not able to changeand save router configuration.
Privileged modeRouter#In this mode, we can display all information, configuration, perform administration task,debugging, testing and connectivity with other devices.
e are not able to perform hereconfiguration editing of the router.
The command to enter in this mode is `enable'.
e have to enter enablepassword or enable secret password to enter in this mode. Enable secret has more priority
than enable password. If both passwords are configured then only enable secret willwork.
Global configurationRoute(config)#This mode is used for the configuration of global parameters in the router. Globalparameters applied to the entire router. All the changes are performed in this mode. Buthere we cannot see and save the changes.For e.g: - router hostname or access list of router, password, Banner, Routing,Security.The command to enter in this mode is `configure terminal'
Line configuration modeIn this mode we can set the password of the user mode, i.e to set user modepassword .This mode is used to configure lines like console, vty and auxiliary.There aremain types of line that are configured.(i)
ConsoleRouter(config)#line console 0
(ii) AuxiliaryRouter(config)#line aux 0(iii) Telnet or vtyRouter(config)#line vty 0 4
Interface configuration modeIn this mode we can set ip addresses of the interfaces. This mode is used toconfigure router interfaces. For e.g:- Ethernet, Serial, BRI etc.Router(config)#interface <type> <number>Router(config)#interface serial 1
Routing configuration modeThis mode is used to configure routing protocol like RIP, EIGRP, OSPF etc.Router(config)#router <protocol> [<option>]
There are five types of password available in a router
Console Passwordrouter#configure terminalrouter(config)#line console 0router(config-line)#password <word>router(config-line)#loginrouter(config-line)#exitTo erase password do all steps with no command.
Enable Secret PasswordEnable Password is the clear text password. It is stored as clear text inconfiguration where as enable secret password is the encrypted password.Router>enableRouter#configure terminalRouter(config)#enable secret <word>Router(config)#exit
Encryption all passwordsAll passwords other than enable secret password are clear text password. Thecommand to encrypt all password areRouter#configure terminalRouter(config)#service password-encryption
3.13.5 Managing ConfigurationThere are two types of configuration present in a router(i)
Startup Configuration
(ii)
Running Configuration
Startup configuration is stored in the NVRAM. Startup configuration is used tosave settings in a router. Startup configuration is loaded at the time of booting in to thePrimary RAM.Running Configuration is present in the Primary RAM wherever we run acommand for configuration, this command is written in the running configuration.
To abort configurationRouter#copy startup-configuration running-configuration
To display running-configurationRouter#show running-configuration
To display startup configurationRouter#show startup-configuration
Configuring Host NameRouter#configure terminalRouter(config)#hostname <name><name>#exit or end or /\zRouter#config terminalRouter(config)#hostname r1R1(config)#
Configuration InterfacesInterfaces configuration is one of the most important part of the routerconfiguration. By default, all interfaces of Cisco router are in disabled mode.
e have touse different commands as our requirement to enable and configure the interface.
To display interface statusRouter#show interfaces (to show all interfaces)Router#show interface <type> <no>This command will display following parameters about an interface(1)
To configure clockRouter#clock set hh:mm:ss day month yearRouter#clock set 7:15:10 9 June 2009
To configure clock from NTP serverRouter#config terminalRouter(config)#ntp server <IP address>Router(config)#exitC:\>ping pool.ntp.orgTo get ntp server ip from internetC:\>route print
3.14
SUBNETTINGSubnetting is a process or a technique to divide large and complex networks into
smaller parts or smaller networks and each network is called as subnet. Subnetting is
done to reduce the wastage of IP addresses ie instead of having a single huge network foran organization smaller networks are created within a given huge network. Subnettingallows the user to create multiple logical networks within a single Class A, B or C basednetworks.In subnetting, the IPv4 address is broken into two parts; network id and host id.This process borrows bits from the host id field. In this process, the network size does notshrink but the size of hosts per network shrinks in order to include sub-networks within
the network.333333
Advantages of subnetting
·
Size of the physical networks is reduced and hence easy to manage.
Subnet MaskA subnet mask specifies the part of IP address that is to be used for identifying asub network. A subnet mask when logically ANDed with IPaddress provides a 32- bitnetwork address. This binary address gives the first address in the subnet block specifiedin the large network.
Default MaskClassfull addresses consists of three classes; Class A, Class B, Class C used forsubnet.Each class has a default subnet mask C lass A consists of eight 1s in the networkaddress field and 24 0s in remaining field, Class B consists of 16 1s in network addressfield and 16 0s in remaining field, and Class C cointains 24 1s in the network address
field and remaining 8 bytes as 0s. the default address mask in binary and dotted-decimalis shown in the table
To Calculate the Subnet Mask1. Identify the class of address assigned. For this example the class of IP addressis Class B.
2. check the default address mask for the appropriate class and convert it tobinary format .for this example the default address mask is 255.255.0.0 andthe equivalent binary format is; 11111111.11111111.00000000.000000003. check the no. of 1s in the default mask. E.g this address contains 16 1s in classB, 16 bits 2 octat are for net id and the last 16 bits 2 octates are for host id.4. now if we need 9 subnets. This no. 9 is not a power of 2. the next no. that ispower of 2 and greater than 2 is 16. So, we require 4 extra 4 extra 1s in thenetwork field which has to be borrowed from the host id field.5. the total no. of 1s is 16+4=20, as 16 1s are from network id and 4 1s are ofadditional bits required for subnetwork. The no. of 0s in the n/w is 32-20=12.which defines whole address.6. hence address is given as 11111111.11111111.11110000.00000000 and indecimal format can be given as 255.255.240.0Table 14: decimal and binary values of subnet mask
VLSMIn VLSM to allocate IP addresses to subnets depending upon the no. of hosts. Thenetwork having more no of hosts is given priority and the one having least no of hostcomes at last and for each network the subnet is assigned separately. As in thescenario
Fig 19: variable subnet mask3.15 TELNETTelnet stands for terminal network, telephone network, terminal encapsulation onthe network. Purpose of Telnet is to access the remote device in order to configure it. Itprovides textual access of the remote device. It uses the services of TCP. Telnet service isused where small bandwidth is low. It provides textual access of the remote device. Portnumber of Telnet is 23.
3.15.1 To Access the Device RemotelyFor this purpose we have to assign the IP addresses to the PCs and the interfaces.For Telnet the Routers are to be configured with RIP version1 , so that the device canping each other. Also DCE cable is used to connect the Routers. The serial linkshouldhave the speed of 64K also apply vty password and enable secret password. Set up theRouters so that they can manage via Telnet.First of all select the PCs and the routers connect the ports to the router, dou
bleclick on router, switch off the router if it is on. Then select the serial portaccording to therouters, switch on the router. Select the cable to connect the Routers. Router to Routerconnections are made by the serial cable, so go on first Router select the serial port ass0/1/0 in the scenario, then go to the other Router and connect the serial cable at interfaces1/0. Accordingly connect the third Router with interfaces s1/1 and s1/2.
Now connect the PCs to the routers, to do this first select the console cable, click on thePC select RS232 option, then connect it on the Router and select console cable.Nowselect cross- over cable on the PC select Fast Ethernet option and on the Router selectf0/0 option now as the PCs and Routers are connected to each other assign IP addressesto the PCs and the Routers. According to the fig set the IP addresses of the PCs®doubleclick on the PC® choose the option of desktop® IP configuration. Now set the IPaddress, subnet mask, and the default gateway. Like wise set the IP address of all thePCs. Now set the IP address of the interfaces of router.
3.15.2 Commands to assign IP addresses to the interfaces:At Router1:Router>Router>enableRouter#configure terminalRouter(config)#interface f0/0Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router#Router#configure terminalRouter(config)#interface s0/1/0Router(config-if)#ip address 40.0.0.1 255.0.0.0Router(config-if)#no shutdownRouter(config)#interface s0/1/0Router(config-if)#clock rate 64000Router(config-if)#no shutdownNow to check the assigned IPaddresses to the interfaces the command used isRouter#show ip interface brief
To Telnet a device from RouterAt all the Routers use these commandsRouter(config)#line vty 0 4Router(config-line)#password cobraRouter(config-line)#loginRouter(config)#enable password cobraRouter(config)#enable secret cobra1
To telnet a device from routerRouter#telnet <IP>Or
To display connected sessionRouter#show sessionsThis command shows those sessions, which are created or connected by us.If we want anyone can telnet our router without password then on the line vty typecommand ªNo Loginº.
3.16 ROUTINGRouting is a process or technique to identify the path from one network toanother. Routers don't really care about hostsÐthey only care about networks and thebest path to each network.To route the packet the router must know the following things:·
Destination network
·
Neighbour device from witch it can learn about remote Networking.
·
Possible number of routers to reach the destination.
·
Best route to reach the destination.
·
How to maintain & verify the routing information.
3.16.1 TYPES OF ROUTING
·
Static routing.
·
Default routing.
·
Dynamic routing.
3.16.1.1 STATIC ROUTING
In static routing an administrator specifies all the routes to reach the destination.Static routing occurs when you manually add routes in each router's routing table.By default,Static routes have an Administrative Distance (AD) of 1
Features There is no overhead on the router CPU. There is no bandwidth usage between routers. It adds security, because the administrator can choose to allow routing access to certainnetworks only.
Advantages of static routing(1) Fast and efficient.(2) More control over selected path.(3) Less overhead for router.(4) Bandwidth of interfaces is not consumed in routing updates.
Disadvantages of static routing(1) More overheads on administrator.(2) Load balancing is not easily possible.(3) In case of topology change routing table has to be change manually.
Syntax for Static RoutingRouter (config)# ip route <destination N/w> <Subnet mask> <NextHope- address or exit interface> [<administrative distance>Permanent].
To check the routing table of routerRouter # show ip route
DEFAULT ROUTINGDefault routing is used to send packets with a remote destination network
not in the routing table to the next-hop route.Default routing is also a type of static routing which reduces the routingoverhead & default routing is also used with stub networks. Stub networks are thosehaving a single exit interface. Default routing is also used for unknown destination.
A special address is used to perform the default routing ie 0.0.0.0The scenario for default routing is same and but the commands used at the routershaving single exit interface like R1 and R3 have different commands.
At Router (R1)Router(config)#ip route 0.0.0.0 0.0.0.0 40.0.0.2Router#show ip route
At Router (R3)Router(config)#ip route 0.0.0.0 0.0.0.0 50.0.0.1Router#show ip route
DYNAMIC ROUTINGDynamic routing is when protocols are used to find networks and update
routing table on routers.A routing protocol defines the set of rules used by router when it communicatesrouting information between neighbor routers. In dynamic routing, we will enable arouting protocol on router. This protocol will send its routing information to the neighborrouter. The neighbors will analyze the information and write new routes to the routingtable.The routers will pass routing information receive from one router to otherrouter also. If there are more than one path available then routes are comparedand bestpath is selected. Some examples of dynamic protocol are: RIP, IGRP, EIGRP, OSPFThere are two type of routing protocols used in internetwors:
· Interior Gateway Protocols (IGPs)IGPs are used to exchange routing information with routers in the same
Autonomous System(AS) number. Routing which is performed within a singleautonomous system is known as interior routing. The protocol that are used to performthis type of routing are known as IGP(Interior Gateway Protocol).These protocols are:(i)
· Distance vector protocolThe Distance-vector protocols find the best path to remote network byjudging distance. Each time a packet goes through a router, that's called a hop. The routewith the least number of hops to the network is determined to be the best route.
Thevector indicates the direction to the remote network. They send the entire routing table todirectly connected neighbors.Ex: RIP, IGRP. The distance-vector routing algorithm passes complete routing table contents toneighboring routers. A router receiving an update from a neighbor router believes the informationabout remote networks without actually finding out for itself. It's possible to have network that has multiple links to the same remote network,and if that's the case, the administrative distance is checked first. If the AD is the
Distance-vector routing protocols keep track of any changes to the internet workby broadcasting periodic routing updates out all active interfaces. This broadcast includesthe complete routing table.Routing loops can occur because a every router isn't updated simultaneously.
Routing Loops Example
Router B
Router A
Router C
Network 3
Router E
Network 4
Network 5
Router D
Fig 24: Routing loopsThe interface to Network 5 fails. All routers know about Network 5 from RouterE. Router A, in its tables, has a path to Network 5 through Router B.
hen Network 5 fails, Router E tells Router C. This causes Router C to stoprouting to Network 5 through Router E. But Routers A, B, and D don't know aboutNetwork 5 yet, so they keep sending out update information. Router C will eventuallysend out its update and cause B to stop routing to Network 5, but Routers A andD arestill not updated. To them, it appears that Network 5 is still available through Router B
with a metric of 3.The problem occurs when Router A sends out its regular 30-secondªHello, I'm still hereÐthese are the links I know aboutº message, which includes theability to reach Network 5 and now Routers B and D receive the wonderful news thatNetwork 5 can be reached from Router A, so Routers B and D then send out the
information that Network 5 is available. Any packet destined for Network 5 willgo toRouter A, to Router B, and then back to Router A. This is a routing loop.·
Link state protocolAlso called shortest-path-first protocols, the routers each create three
separate tables. One keeps track of directly attached neighbors, one determinesthetopology of the entire internet work, and one is used as the routing tables. Link staterouters know more about the internet work than any distance-vector routing protocol.Link state protocols send updates containing the state of their own links to all otherrouters on the networkEx: OSPF·
Hybrid protocolHybrid protocol use aspects of both distance-vector and link state protocol.
Ex: EIGRP
3.16.3
RIP (Routing Information Protocol)Routing Information Protocol is a true distance-vector routing protocol. It
is an IGB (Inter Gateway Protocol). It sends the complete routing table out to all activeinterfaces every 30 seconds to its immediate neighbour. This is slow convergence meansthat one router sends a request to other about its route or network get networks
which arenot assigned to it after all thee three routers have same networks, this process is repeatedto send and receive request so it is called slow convergenceRIP only uses hop count to determine the best way to remote network, butit has a maximum allowable hop count of 0-15 by default, meaning that 16 is deemedunreachable.RIP version 1 uses only class full routing, which means that all devices inthe network must use the same subnet mask.RIP version 2 provides something called prefix routing, and does sendsubnet mask information with the route updates. This is called classless routing.
Hop CountIt is a way of measurement. Hop count limit is15.This routing supports only 15
routers, if there is one more router in the network then this routing will fails.·
Default administrative distance (120)
Timers of RIP(i)
Update timers.
(ii)
Hold timers.
(iii)
Invalid timers.
(iv)
Flush out timers.
Route update timerRouter update timer sets the interval 30 seconds between periodic routingupdates, in which the router sends a complete copy of its routing table out to allneighbors.
Router invalid timers
A router invalid timer determines the length of time that must elapse 180 secondsbefore a router determines that a route has become invalid. It will come to this conclusionif it hasn't heard any updates about a particular route for that period.
hen that happens,thee router will send out updates to all its neighbors letting them know that the route isinvalid.
Hold-down timerThis sets the amount of time during which routing information is suppressed.Routers will enter into the hold-down state when an update packet is received th
atindicated the route is unreachable. This continues until entire an update packet is receivedwith a better metric or until the hold-down timer expires. The default is 180 seconds.
Route flush timerRoute flush timers' sets the time between a route becoming invalid and its intervalfrom the routing table 240 seconds. Before it's removed from the table, the router
At router 2Router(config)# router ripRouter(config-router)#network 20.0.0.0Router(config-router)# network 40.0.0.0Router(config-router)# network 50.0.0.0Router#show ip route
At router 3Router(config)# router ripRouter(config-router)#network 30.0.0.0Router(config-router)# network 50.0.0.0Router#show ip route
3.16.4 IGRP ( Interior Gateway Protocol)Interior Gateway Routing Protocol (IGRP) is a Cisco-proprietary distance-vectorrouting protocol. To use IGRP, all your routers must be Cisco routers. IGRP hasamaximum hop count of 255 with a default of 100. IGRP uses bandwidth and delay of theline by default as a metric for determining the best route to an internetwork. R
eliability,load, and maximum transmission unit (MTU) can also be used, although they are notused by default.Table 18 : Difference between IGRP and RIPIGRP
RIP
Can be used in large internetworks
orks best in smaller networks
Uses an autonomous system number for Does not yse aytibiniys system numbersactivationGives a full route table update every 90 Gives full route table update every 30seconds
Uses bandwidth and delay of the line as Uses only hop count to determine the bestmetric (lowest composite metric),with a path to a remote network, with 15 hopsmaximum hop count of 255
being the maximum
IGRP TimersTo control performance, IGRP includes the following timers with default settings:·
Update timersThese specify how frequently routing-update messages should be sent. The
default is 90 seconds.·
Invalid timersThese specify how long a router should wait before declaring a route invalid ifit
doesn't receive a specific update about it. The default is three times the updateperiod.·
Hold down timersThese specify the hold down period. The default is three times the update timer
period plus 10 seconds.
· Flush timersThese indicate how much time should pass before a route should be flushed fromthe routing table. The default is seven times the routing update period. If theupdate timeris 90 seconds by default, then 7 × 90 = 630 seconds elapse before a route will beflushedfrom the route table.
At Router 1R1(config)#router igrp 10R1(config-router)#network 10.0.0.0R1(config-router)#network 40.0.0.0R1#show ip route
At Router 2R2(config)#router igrp 10R2(config-router)#network 40.0.0.0R2(config-router)#network 20.0.0.0R2(config-router)#network 50.0.0.0R2#show ip route
At Router 3R1(config)#router igrp 10R1(config-router)#network 30.0.0.0R1(config-router)#network 50.0.0.0R1#show ip route
3.16.5
EIGRP(Enhanced Interior Routing Protocol)Enhanced IGRP (EIGRP) is a classless, enhanced distance-vector protocol
that gives us a real edge over IGRP. Like IGRP, EIGRP uses the concept of anautonomous system to describe the set of contiguous routers that run the same routingprotocol and share routing information. But unlike IGRP, EIGRP includes the subn
etmask in its route updates. The advertisement of subnet information allows us touseVLSM and summarization when designing our networks.EIGRP is sometimes referred to as a hybrid routing protocol because it hascharacteristics of both distance-vector and link-state protocols. It sends traditionaldistance-vector updates containing information about networks plus the cost ofreaching them from the perspective of the adverting router. EIGRP has a maximumhop count of 255.
Powerful features that make EIGRP a real standout from IGRP
Support for IP, IPX, and AppleTalk via protocol-dependent modules Consideredclassless (same as RIPv2 and OSP
·
Support for VLSM/CIDR
·
Support for summaries and discontiguous networks
·
Efficient neighbor discovery
·
Communication via Reliable Transport Protocol (RTP)
·
Best path selection via Diffusing Update Algorithm (DUAL)Cisco calls EIGRP a distance vector routing protocol, or sometimes an
advanced distance vector or even a hybrid routing protocol. EIGRP supports differentNetwork layer protocols through the use of protocol-dependent modules (PDMs). EachEIGRP PDM will maintain a separate series of tables containing the routing informationthat applies to a specific protocol. It means that there will be IP/EIGRP tables,IPX/EIGRP tables, and AppleTalk/EIGRP tables.
Neighbor DiscoveryBefore EIGRP routers are willing to exchange routes with each other, they mustbecome neighbors. There are three conditions that must be met for neighborshipestablishment: Hello or ACK received AS numbers match Identical metrics (K values)To maintain the neighborship relationship, EIGRP routers must also continuereceiving Hellos from their neighbors. EIGRP routers that belong to differentautonomous systems (ASes) don't automatically share routing information and they don'tbecome neighbors.
The only time EIGRP advertises its entire routing table is when it discovers a newneighbor and forms an adjacency with it through the exchange of Hello packets.
henthis happens, both neighbors advertise their entire routing tables to one another. After
each has learned its neighbor's routes, only changes to the routing table are propagatedfrom then on.EIGRP maintains three tables containing information about the internetworks.(i) Neighbor TableRecords information about routers with whom neighborship relationshipshave been formed.(ii) Topology TableStores the route advertisements about every route in the internetwork receivedfrom each neighbor.
EIGRP MetricsAnother really sweet thing about EIGRP is that unlike many other protocols thatuse a single factor to compare routes and select the best possible path, EIGRP can use acombination of four:
3.16.6
·
Bandwidth
·
Delay
·
Load
·
Reliability
OSPF (Open Shortest Path First)Open Shortest Path First (OSPF) is an open standards routing protocol that's been
implemented by a wide variety of network vendors, including Cisco. This works by usingthe Dijkstra algorithm. First, a shortest path tree is constructed, and then the routing tableis populated with the resulting best paths. OSPF converges quickly, although perhaps notas quickly as EIGRP, and it supports multiple, equal-cost routes to the same destination.But unlike EIGRP, it only supports IP routing.OSPF is an IGP protocol. It is a link state routing protocol. It is supported by
many operating systems. Its default AD is 110, hop count limit is unlimited.
It is classless routing protocol, supports VLSM/CIDR. By default the highest IPaddressof interface will be elected as Router id.
OSPF provides the following features
Consists of areas and autonomous systems
Minimizes routing update traffic
Allows scalability
Supports VLSM/CIDR
Has unlimited hop count
Allows multi-vendor deployment (open standard)OSPF is supposed to be designed in a hierarchical fashion, which basically means
that you can separate the larger internetwork into smaller internetworks calledareas. Thisis the best design for OSPF.The reasons for creating OSPF in a hierarchical design include:·
To decrease routing overhead
·
To speed up convergence
·
To confine network instability to single areas of the networkEach router in the network connects to the backbone called area 0, or the
backbone area. OSPF must have an area 0, and all routers should connect to this
area ifat all possible. But routers that connect other areas to the backbone within anAS arecalled Area Border Routers (ABRs). Still, at least one interface must be in area 0.OSPF runs inside an autonomous system, but can also connect multipleautonomous systems together. The router that connects these ASes together is called anAutonomous System Boundary Router (ASBR).
A link is a network or router interface assigned to any given network.
hen aninterface is added to the OSPF process, it's considered by OSPF to be a link.·
Router IDThe Router ID (RID) is an IP address used to identify the router. Cisco chooses
the Router ID by using the highest IP address of all configured loopback interfaces. If noloopback interfaces are configured with addresses, OSPF will choose the highestIPaddress of all active physical interfaces.·
NeighborsNeighbors are two or more routers that have an interface on a common
network,such as two routers connected on a point-to-point serial link.·
AdjacencyAn adjacency is a relationship between two OSPF routers that permits the direct
exchange of route updates. OSPF is really picky about sharing routing informationÐunlike EIGRP, which directly shares routes with all of its neighbors. Instead, OSPFdirectly shares routes only with neighbors that have also established adjacencies. And notall neighbors will become adjacentÐthis depends upon both the type of network andtheconfiguration of the routers.
OSPF Topologies databaseThe topology database contains information from all of the Link State
Advertisement packets that have been received for an area. The router uses theinformation from the topology database as input into the Dijkstra algorithm that computesthe shortest path to every network. LSA packets are used to update and maintainthetopology database.A Link State Advertisement (LSA) is an OSPF data packet containing link-stateand routing information that's shared among OSPF routers. There are different types ofLSA packets. An OSPF router will exchange LSA packets only with routers to which ithas established adjacencies.A designated router (DR) is elected whenever OSPF routers are connected to the
same multi-access network. A prime example is an Ethernet LAN.
A backup designated router (BDR) is a hot standby for the DR on multi-accesslinks The BDR receives all routing updates from OSPF adjacent routers, but doesn'tflood LSA updates.OSPF areasAn OSPF area is a grouping of contiguous networks and routers. All routers in thesame area share a common Area ID.Broadcast (multi-access)Broadcast (multi-access) networks such as Ethernet allow multiple devices toconnect to (or access) the same network, as well as provide a broadcast abilityin which asingle packet is delivered to all nodes on the network. In OSPF, a DR and a BDRmust beelected for each broadcast multi-access network.Non-broadcast multi-accessNon-Broadcast Multi-Access (NBMA) networks are types such as Frame Relay,X.25, and Asynchronous Transfer Mode (ATM). These networks allow for multi-access,but have no broadcast ability like Ethernet. So, NBMA networks require special OSPFconfiguration to function properly and neighbor relationships must be defined.·
Point-to-pointPoint-to-point refers to a type of network topology consisting of a direct
connection between two routers that provides a single communication path. The point-topoint connection can be physical, as in a serial cable directly connecting two routers, or itcan be logical.·
Point-to-multipointPoint-to-multipoint refers to a type of network topology consisting of a seriesof
connections between a single interface on one router and multiple destination routers. Allof the interfaces on all of the routers sharing the point-to-multipoint connection belong tothe same network. As with point-to-point, no DRs or BDRs are needed.
ithin an area, each router calculates the best/shortest path to every network inthat same area. This calculation is based upon the information collected in thetopologydatabase and an algorithm called shortest path first (SPF)OSPF uses a metric referred to as cost. A cost is associated with every outgoinginterface included in an SPF tree. The cost of the entire path is the sum of costs of theoutgoing interfaces along the path.Cisco uses a simple equation of 108/ bandwidth.The bandwidth is the configuredbandwidth for the interface. Using this rule, a 100Mbps Fast Ethernet interfacewouldhave a default OSPF cost of 1 and a 10Mbps Ethernet interface would have a costof 10.An interface set with a bandwidth of 64,000 would have a default cost of 1563.
Benefits of OSPF(i)
Minimum routing updates.
(ii)
Priorities on all the CISCO routers the priority is 1.
(iii)
The routers having highest IP address become BRD(Border DestinationRouter)
Steps to apply OSPFSyntax:Router(config)#router ospf <ospf process id>Router(config-router)#network <network address> <wild card mask> area
At Router r1Router(config)#router ospf 1Router(config-router)#network 10.0.0.0 0.255.255.255 area 0Router(config-router)#network 10.0.0.0 0.255.255.255 area 0Router(config)#interface s0/1/0Router(config-if)#clock rate 64000Router#show ip route
At Router r1Router(config)#router ospf 2Router(config-router)#network
20.0.0.0
0.255.255.255
Router(config-router)#network 40.0.0.0 0.255.255.255 area 0Router(config-router)#network 50.0.0.0 0.255.255.255 area 0Router(config)#interface s0/1/0Router(config-if)#clock rate 64000
Router#show ip route
At Router r3Router(config)#router ospf 1Router(config-router)#network 30.0.0.0 0.255.255.255 area 0Router(config-router)#network 50.0.0.0 0.255.255.255 area 0Router#show ip route
ITCHSwitches are generally used to segment a large LAN smaller segments. Smallerswitches such as the Cisco Catalyst 2924XL have 24 ports capable of of creating24different network segment for the LAN. Larger switches such as the Cisco Catalyst 6500can have hundreds of ports. Switches can also be used to connect LANs with differentmedia, for example, a 10 Mbps Ethernet LAN and 100 Mbps Ethernet LAN can beconnected using a switch. Some switches support cut through switching, witch reduceslatency and delays in the network, while bridges support only store-and-forwardtrafficswitching. Finally switches reduce collision
on network segment . A switch is a
networking device which filters and forward packets through the network. It is a layer 2device. It is more advanced then hub but not as advanced as router.The basic function of
a switch is to manage the signal flow.
hen the switch is open, it allows the signal toflow through it and when it is closed, it stopes the signal to flow. Switch connectsseparate LAN segment. It allows multiple system to transmit simultaneously. A switch isa hardware device that filters and forward data packets between network segments.Ethernet switches are used in LAN to create Ethernet networks. Switches forwardthetraffic on the basis of MAC address. Switches maintain a switching table in which MACaddresses and port numbers are used to perform switching decision.
ORKING OF S
ITCH
hen switches receives data from one of connected devices, it forward data onlyto the port on witch the destinated system is connected.It use the media accessControl(MAC) address of the device to determine the correct port.The MAC address is a uniqenumber that is programed in to every Network Interface Card(NIC). Concider, device Awants to send data to device B.
hen device A passes the data, switch receives it. Switchthan cecks the MAC address of the destination system. It then transfer data to device B
only instead of brodcasting to all the devices. By forwarding data only to the system towitch the data is addressed, switch decreases the amount of traffic on each network link.
S
ITCHING METHODSThere are three types of switching method:·
Store-and-forward switchingThe entire frame is received and the CRC is computed and verified before
forwarding the frame. If the frame is too short (i.e. less than 64 bytes including theCRC), too long (i.e. more than 1518 bytes including the CRC), or has CRC error,itwill be discarded.It has the lowest error rate but the longest latency for switching. However, forhigh-speed network (e.g. Fast Ethernet or Gigabit Ethernet network), the latency isnot significant. It is the most commonly used switching method, and is supported by
most switches.·
Cut-through switchingIt is also known as Fast Forward switching. A frame is forwarded as soon asthe destination MAC address in the header has been received (the 1st 6 bytesfollowing the preamble). It has the highest error rate (because a frame isforwarded without verifying the CRC and confirming there is no collision) butthe shortest latency for switching
A frame is forwarded after the first 64 bytes of the frame have beenreceived. Since a collision can be detected within the first 64 bytes of a frame,fragment-free switching can detect a frame corrupted by a collision and dropit.Therefore, fragment-free switching provides better error checking than cutthrough switching.The error rate of fragment-free switching is above store-and-forwardswitching and below cut-through switching. The latency of fragment-free
switching is shorter than store-and- forward switching and longer than cutthrough switching.NOTE:Bridges only support store-and-forward switching. Most new switch models alsouse store-and-forward switching. However, it should be noted that Cisco 1900 switchesuse fragment-free switching by default.
Types of switch based on OSI model
·
(i)
Layer-2 switch
(ii)
Layer-3 switch
Layer-2 SwitchingLayer-2 switching is hardware based, which means it uses the MAC
address from the host NIC card to filter the network traffic. Layer-2 switch can beconsidered as multi- port bridge.Layer 2 switches are fast because they do not look at the network layerheader information, instead it looks at the frames hardware address before deciding toeither forward the frame or drop it.Limitations of Layer 2 Switching
ith bridge the connected networks are still one large broadcast domain.Layer 2 switch cannot break the broadcast domain, this cause performance issue whichlimits the size of your network. For this one reason the switch cannot completel
y replacerouters in the internetwork.
3.17.1.1
VLAN (Virtual LAN)
VLAN provides Virtual Segmentation of Broadcast Domain in the network. Thedevices, which are member of same Vlan, are able to communicate with each other. The
devices of different Vlan may communicate with each other with routing. So thatdifferent Vlan devices will use different n/w addresses.Vlan provides following advantages: ·
Logical Segmentation of network
·
Enhance network security
Creating port based VlanIn port based Vlan, first we have to create a Vlan on manageable switch then wehave to add ports to the Vlan. A Virtual LAN (VLAN) is a broadcast domain createdbased on the functional, security, or other requirements, instead of the physical locationsof the devices, on a switch or across switches.
ith VLANs, a switch can group differentinterfaces into different broadcast domains.
ithout VLANs, all interfaces of aswitchare in the same broadcast domain; switches connected with each other are also in the
same broadcast domain, unless there is a router in between. Different ports of a switchcan be assigned to different VLANs. A VLAN can also span multiple switches.The advantages of implementing VLAN are·
It can group devices based on the requirements other than their physicallocations.
·
It breaks broadcast domains and increases network throughput.
·
It provides better security by separating devices into different VLANs.
·
Since each VLAN is a separate broadcast domain, devices in different VLANscannot listen or respond to the broadcast traffic of each other.
·
Inter-VLAN communication can be controlled by configuring access controllists on the router or Layer 3 switch connecting the VLANs.
A link from Pc to switch is called as access link or A link that is part of only oneVLAN. Therefore, a port connecting to an access link can be a member of only oneVLAN. And the mode of port is called as access mode.
·
Trunk linkA link from switch to switch or switch to router is called as trunk link. A 100
Mbps or 1000 Mbps point-to-point link that connects
switches or routers, and carries
frames of different VLANs . Therefore, a port connecting to a trunk link can bea memberof multiple VLANs. All VLANs are configured on a trunk link by default. VLANTrunking, by making use of frame tagging, allows traffic from different VLANs totransmit through the same Ethernet link (trunk link) across switches.VLAN Trunking identifies the VLAN from which a frame is sent by tagging theframe with the source VLAN ID (12-bit long). This feature is known as frame tagging or
frame identification.
hen there are multiple switches then we have to use trunk links toconnect one switch with other. If we are not using trunk links then we have to connectone cable from each vlan to the corresponding vlan of the other switch.
ith frame tagging, a switch knows which ports it should forward a broadcastframe (forward out the ports which have the same VLAN ID as the source VLAN ID). Italso knows which bridge table it should use for forwarding an unicast frame (since aseparate bridge table is used for each VLAN).
A frame tag is added when a frame is forwarded out to a trunk link, and isremoved when the frame is forwarded out to an access link. Therefore, any deviceattached to an access link is unaware of its VLAN membership.
Commands to create VlanSwitch#vlan databaseSwitch(vlan)#vlan <no.> [name <name of vlan>]Switch(vlan)#exit
Commands to configure ports for a VlanBy default, all ports are member of single vlan that is Vlan1. we can change vlanmembership according to our requirement.Switch(config)#interface <type> <no.>Switch(config-if)#switchport access vlan <no.>Switch(config-if)#exit
Commands to configure multiple ports in a vlanSwitch(config)#interface range <type> <slot/port no. (space)±(space) port no.>Switch(config-if)#switchport access vlan <no.>Switch(config-if)#exitExample: - Suppose we want to add interface fast Ethernet 0/10 to 0/18 in vlan5
Switch(config)#interface range fastethernet 0/10 ± 18Switch(config-if)#switchport access vlan 5Switch(config-if)#exit
To display mac address tableSwitch#show mac-address-tableVlan
To Display Vlan and port membershipSwitch#show vlan brief
Command to make Trunk linkSwitch(config)#interface <type> <type number>Note :- Trunk mode should not be a member of any vlan port.
3.17.1.2 Vlan Trunking Protocol (VTP)
ith the help of VTP, we can simplify the process of creating Vlan. In multipleswitches, we can configure one switch as VTP server and all other switches willbeconfigured as VTP client.
e will create Vlans on VTP server switch. The serverwillsend periodic updates to VTP client switches. The clients will create Vlans from theupdate received from the VTP server.
VTP Operation·
VTP advertisements are sent as multicast frames.
·
VTP servers and clients are synchronized to the latest revision number.
·
VTP advertisements are sent every 5 minutes or when there is a change.
VTP Modes·
VTP server modeBy default all the switches in this mode are in server mode. VTP server is a
switch in which we can create, delete or modify Vlans.yhe switch in this modeforwords the vlans to next switch. The server will send periodic updates for VTPclients.
VTP client modeOn VTP client, we are not able to create, modify or delete Vlans. The switch
in this mode creates the vlans that are received from server mode switch.The clientwill receive and forward vtp updates. The client will create same Vlans as defined invtp update.·
VTP Transparent modeTransparent is a switch, which will receive and forward VTP update. It is able
to create, delete and modify Vlans locally. A vlan created in this mode cannot beforworded into next switch. A transparent will not send its own VTP updates andwillnot learn any information from received vtp update.
VTP configuration
At Switch 1:·
Creat vlan
·
Port assignment
·
Trunk port
·
Switch vtp
Switch(config)#vtp mode serverSwitch(config)#vtp domain ciscoSwitch(config)#vtp password sun
At switch 2:Switch(config)#vtp mode serverSwitch(config)#vtp domain ciscoSwitch(config)#vtp password sun
At switch 3:Switch(config)#vtp mode serverSwitch(config)#vtp domain ciscoSwitch(config)#vtp password sun
To see all the configurationsSwitch#show vtp passwordSwitch#show vlan briefSwitch#show vtp status·
Vtp version
·
Vtp domain
·
Vtp mode
·
Vtp pruning
·
Vtp reusion number
·
Maximum vlan supporting
·
Total no. of vlans
VTP Pruning
Pruning is the VTP feature through which a trunk link can be automaticallydisable, for a particular Vlan if neighbor switch does not contain ports in that Vlan. Vlan1is not prun eligible.·
Increases available bandwidth by reducing unnecessary flooded traffic
·
Example: Station A sends broadcast, and broadcast is flooded only toward
e have to use only one command on VTP server for VTP Pruning.Switch#configure terminalSwitch(config)#vtp pruningSwitch(config)#exit
Fig 28 : VTP Pruning
Spanning Tree Protocol
hen we connect multiple switches with each other and multiple path exist fromone switch to another switch then it may lead to the switching loop in the network.Multiple paths are used to create redundancy in the network. STP is only required whenmultiple path exist then there is possibility of loop in n/w.
Problems that occur with redundancy path(i)
Multiple copies of the frame will be received by destination.
(ii)
Frequent changes in the mac address table of switch.
(iii) A mac address may appear at multiple ports in a switch.(iv)
Spanning Tree Protocol will solve this problem by blocking the redundancyinterface. So that only one path will remain active in the switches. If the primary pathgoes down then disabled link will become enable and data will be transferred through thatpath.
Spanning Tree Protocol Basics·
Spanning Tree Protocol or STP (IEEE 802.1d) is used to solve the loopingproblem.It runs on bridges and switches in a network. It implements a SpanningTree Algorithm (STA), which calculates a loop-free topology for the network.
·
STP ensures that there is only one active path between any two network segmentsby blocking the redundant paths. A redundant path is used only when thecorresponding active path failed. It is not used for load-balancing.
·
Because STP solves the looping problem by blocking one or more links in anetwork, the frames traveling between some source / destination devices may notbe able to use the shortest physical path.
·
Bridges exchange STP information using messages called Bridge Protocol DataUnits (BPDUs) through Layer 2 multicast.
3.18
i-Fi (
IRELESS FIDELITY)The term "
i-Fi" suggests "
ireless Fidelity", compared with the long-
established audio recording term "High Fidelity" or "Hi-Fi". The term "
i-Fi", first usedcommercially in August 1999.
i-Fi is an IEEE standard 802.11.
3.18.1
ireless LAN
i-Fi is also known as wireless LAN. The name of a popular wirelessnetworking technology that uses radio waves to provide wireless high-speed Internet andnetwork connections. "
i-Fi works with no physical wired connection between senderand receiver by using radio frequency (RF) technology, a frequency within theelectromagnetic spectrum associated with radio wave propagation.
supplied to an antenna, an electromagnetic field is created that then is able to propagatethrough space.
The Typical Range of a
i-Fi LANThe range of a home
i-Fi LAN depends on the wireless access point (
AP) orwireless router being used. Factors that determine a particular
AP or wirelessrouter
srange are:·
the specific 802.11 protocol employed
·
the overall strength of the device transmitter
·
the nature of obstructions and interference in the surrounding areaA general rule of thumb in home networking says that 802.11b and 802.11g
APs and routers support a range of up to 150 feet (46 m) indoors and 300 feet (92 m)outdoors. Another rule of thumb holds that the effective range of 802.11a isapproximately one-third that of 802.11b/g.Obstructions in home such as brick walls and metal frames or siding greatly canreduce the range of a
i-Fi LAN by 25% or more. Because 802.11a employs a highersignalling frequency than 802.11b/g, 802.11a is most susceptible to obstructions.Interference from microwave ovens and other equipment also affects range. 802.11b and802.11g are both susceptible to these.
3.18.2
ireless Standards
The different wireless standards that are used for IEEE 802.11 standard are
802.11It was released in year 1997. The standard was original of 802.11. the max. datarate of this is 2Mbps and frequency of this is 2.4GHz and can cover upto 46m.
802.11aIt was modified in year 1999. this is improved version of original standard.Operates at the frequency of 5GHz, which is less crowded than 2.4GHz where telephonesand microwaves may cause interference. Although the speed is up to 54Mbps, the rangeis only up to 75 feet or distance covered is 46m. 802.11a standard is incompatible withboth 802.11b and g because it operates at a different frequency.
802.11bThis standard was released in 1999. Operates on the 2.4GHz frequency band andcan transmit data at speeds of up to 11Mbps within a range of up to 100-150 feet or a
distance of 90m.
ireless range can be affected by reflective or signal-blockingobstacles,such as mirrors, walls, devices and location, whether indoors or outdoors.
802.11gThis standard was released in 2003. The max. data rate for the standard is 54Mbps.It supports a frequency range of 2.4GHz, covers a distance of 90m.
The latest version of IEEE 802.11 standard that is still in progress ofdevelopment. The next generation of high-speed wireless networking, capable ofdelivering the range and capacity to support today s most bandwidth-hungry applicationslike streaming high definition video, voice, and music.
ireless-n is based on MIMO(Multiple Input, Multiple Output) technology, which uses multiple radios to transmitmultiple streams of data over multiple channnels.Operates in two modes of frequency 2.4GHz and 5.6GHz frequency band andcan transmit data at speeds of up to 11Mbps within a range of up to 100-150 feet .
ireless range can be affected by reflective or signal-blocking obstacles, suchas mirrors,walls, devices and location, whether indoors or outdoors.
i-Fi is supported by many applications and devices
3.18.3
·
video game consoles
·
home networks
·
PDAs
·
mobile phones
·
major operating systems
·
other types of consumer electronics
ireless Security
A common but unproductive measure to deter unauthorized users is to suppress theAP s SSID broadcast, "hiding" it. This is ineffective as a security method becau
se theSSID is broadcast in the clear in response to a client SSID query. Another unproductivemethod is to only allow computers with known MAC addresses to join the network.MAC address are easily spoofed. If the eavesdropper has the ability to change his MACaddress, then he may join the network by spoofing an authorized address.
ired Equivalent Privacy (
EP) encryption was designed to protect against casualsnooping, but is now considered completely broken. Tools such as AirSnort or aircrack
EP, it has outlived its designed lifetime,has known attack vectors and is no longer recommended.In 2004 the full IEEE 802.11i (
PA2) encryption standards were released. If used with a802.1X server or in pre-shared key mode with a strong and uncommon passphrase
PA2is still considered secure, as of 2009.
4.
CONCLUSION
General ConclusionComputer Networking is a very vast project in the present developing era ofelectronics and communication. Now a days, computers are used in a wider range.All the
organizations are using multiple computers within their departments to perform their dayto day work. Computer network allows the user to share data , share folders andfiles withother users connected in a network. Computer Networking has bound the world in a verysmall area with it wide networking processes like LAN, MAN,