Basic Network Training Program Presentation

Dilivered By Waqas Sajjad
Basic Network Training

Program
DESIGNED FOR SUPERNET ENGINEERS
Program Objectives
 Review the Basics Of computer Networks

 Overview of General Network Technologies and Protocols
 Basic Network Configurations and Troubleshooting
 Introduction to Future Networking

Basics Of Networks
What and why of Networks
 What is a Computer Network ?

 Why Computer Network is required?
 Dimensions of Networks
 Routing & Switching
 Wireless Networks
 Network Security
 Voice & Video Networks
 Data Centers
 Software Define Networking

Understanding Networks
 Layering Approach
Breaks down communication into smaller, simpler parts

Well Known Network Models
 The Cisco three-layered hierarchical model

 Open Systems Interconnection model (OSI model)

The Cisco three-layered hierarchical model
In the three-layer network design model, network devices and links are grouped according to
three layers:
 Core
 Distribution
 Access

The Cisco three-layered hierarchical model

Open Systems Interconnection model (OSI model)

Network Protocols
IP Addressing
Basic Addressing
 Dots separate the sections

IP addresses are written in
dotted decimal format.
 Four sections are 10.1.1.1
separated by dots.
 Each section contains a
Each section
number between 0 and contains a number
255. between 0 and 255
Basic Addressing
10.1.1.1
 Each device on a network is
assigned an IP address.
00001010 00000001 00000001 00000001
 Each IP address has two
fundamental parts:
Network
Host
• The network portion, which
describes the physical wire
the device is attached to.
• The host portion, which
identifies the host on that
wire.
• How can we tell the
difference between the two
sections?
Basic Addressing
10.1.1.1
 The network mask shows us
where to split the network and 00001010 00000001 00000001 00000001
host sections.
Network
Host
 Each place there is a 1 in the
network mask, that binary digit
belongs to the network portion
of the address.
 Each place there is a 0 in the 11111111 11111111 11111111 00000000
network mask, that binary digit
belongs to the host portion of
the address. 255.255.255.0
Basic Addressing
10.1.1.1
 An alternative set of
terminology is: 00001010 00000001 00000001 00000001
• The network portion of the
address is called the prefix.
Prefix
Host
• The host portion of the address
is called the host.
• The network mask is
expressed as a prefix length, 11111111 11111111 11111111 00000000
which is a count of the number
of 1’s in the subnet mask. 8 + 8 + 8 = 24
10.1.1.1/24
Basic Addressing
10 1 1 0/24
00001010 000000011 00000001 00000000
 The network address is the
prefix host
IP address with all 0’s in
the host bits. these bits are 0, so this is the network address
 The broadcast address is
the IP address with all 1’s 10 1 1 255/24
in the host bits. 00001010 000000011 00000001 11111111
 Packets sent to either prefix host
address will be delivered to these bits are 1, so this is the broadcast address
all the hosts connected to
the wire.

Working with Addresses
 Two of the most common

questions you are going to face 192.168.100.80/26
when dealing with IP addresses ????
are:
• What’s the network?
• What’s the host?
• How dow we figure this out?

Working with Addresses (The Easy Way)
192 == 11000000
 First, if you are using a network
mask, convert it to a prefix length.
 For each octet in the network mask 255.255.255.192
that is 255, add 8 to the prefix length. 8 +8 +8 +2 == 26
 For the one octet that isn’t 255,
convert to binary and add the right
number of bits--or use a chart!

192.168.100.80/26
 Take the prefix length and divide by These three

8. octets are
 Take the resulting number, and ignore part of the
those octets out of the IP address-- network
these are all part of the network 26/8 == 3 (remainder 2)
address!
 We’re going to use the remainder to
find the fourth octet of the network The remainder tells us
address. what the network address
in the fourth octet is

Remainder == 2
8 7 6 5 4 3 2 1
 Take the remainder, and find the 1 2 4 8 16 32 64 128
corresponding “multiple” on the
chart; in this case, 64.
 The largest multiple of 64 that will fit 64 x 1 == 64
into 80 is 64, so the network is 64. 64 x 2 == 128
 Add the three octets we “set aside” Network is 64!
earlier, and the network (prefix!) is
192.168.100.64/26. 192.168.100.64/26
 80 - 64 == 16, so the host address is 80 - 64 == 16
16. 16 Hosts!

Remainder == 2
8 7 6 5 4 3 2 1
 How many hosts are in this network? The 1 2 4 8 16 32 64 128
remainder tells us there are 64 addresses,
minus the network and broadcast
addresses, so 62 hosts.
64 addresses
 To find the broadcast address, subtract 1
from the number of hosts, and add that 64 - 2 == 62 hosts
number to the network address. 64 + (64 - 1) == 127
 The key is to work in octets, rather than 192.168.100.127 is the
trying to work with the entire IP address
broadcast address
at once!

192.168.100.80/22
 What if the prefix length is less than 24? These three

 Take the prefix length and divide by octets are
8. part of the
network
 Take the resulting number, and ignore
those octets out of the IP address-- 22/8 == 2 (remainder 6)
these are all part of the network
address!
 We’re going to use the remainder to The remainder tells us
what the network address
find the third octet of the network in the third octet is
address.

Remainder == 6
8 7 6 5 4 3 2 1
 Take the remainder, and find the 1 2 4 8 16 32 64 128
corresponding “multiple” on the
chart; in this case, 4.
 The largest multiple of 64 that will fit 4 x 25 == 100
into 80 is 64, so the network is 64. 4 x 26 == 104
 Add the two octets we “set aside” Third octet is 100!
earlier, and make any octets after the Set the fourth octet to 0.
network 0’s (the fourth octet).
 The network (prefix!) is 192.168.100.0/22
192.168.100.0/22.

“0” octets == 1
1 x 256 == 256
 To find the number of hosts, take the Remainder == 6
number of octets set to 0, which is 1
in this case (the fourth octet), and
multiply by 256. 8 7 6 5 4 3 2 1
 Next, take the number relating to the

1 2 4 8 16 32 64 128
remainder from the chart, and
multiple this by the number we just 4 x 256 == 1024
found above. 1024 – 2 == 1022 hosts
 Subtract two.

 The key is to work in octets, rather than trying to work

with the entire IP address at once!

Summarization & Subnets
10.1.1.8
10.1.1.7
10.1.1.4
10.1.1.2
 A single network address (prefix!)
represents a set of hosts attached to a
wire.
 We can abstract this, and simply say
that a prefix represents a set of
reachable addresses.
 We can say that we’ve “summarized” 10.1.1.0/26
information about the hosts attached
to the physical wire by referring to
the entire group as a single network.

Summarization & Subnets
10.1.1.2/32 These
10.1.1.4/32 host
10.1.1.7/32 addresses
 In effect, we’ve shortened the network are
part of the address (prefix!), and 10.1.1.8/32
described
lengthened the host portion of the by this
address, in effect describing more hosts
(destinations) in a single address. 10.1.1.0/26 network
 If we can shorten the prefix length to 10.1.1.64/26
describe multiple hosts with a single These
network address, why can’t we shorten networks
the prefix length so a single network 10.1.1.0/25 are
address describes two networks? described
 We can! It’s called address by this
summarization, or just summarization. network

VLSM
10.1.1.0/24
 VLSM: Variable Length Subnet 10.1.2.0/25
Masking
10.1.2.128/26
 It simply means that the entire IP 10.1.2.192/27
address space is treated as one flat
address space.
All of these are valid in
 Any prefix length is allowed in the the same network!
network at any point.

Classful Addressing
Network Class Beginning Natural Range of Example Major
Digits in Prefix Addresses Networks
Binary Length
Class A 10XX 8 1.0.0.0/8 11.0.0.0/8
through 100.0.0.0/8
126.0.0.0/8 120.0.0.0/8
Class B 110X 16 128.0.0.0/16 130.1.0.0/16
through 148.45.0.0/16
191.0.0.0/16 190.100.0.0/16
Class C 1110 24 192.0.0.0/24 193.1.3.0/24
through 193.1.4.0/24
223.0.0.0/24 192.2.5.0/24

Network Address Translation
(NAT)
The IPv4 Shortage
 Problem: consumer ISPs typically only give one IP address per-household

 Additional IPs cost extra
 More IPs may not be available
 Today’s households have more networked devices than ever
 Laptops and desktops
 TV, bluray players, game consoles
 Tablets, smartphones, eReaders
 How to get all these devices online?

Private IP Networks
 Idea: create a range of private IPs that are separate from the rest of the network
 Use the private IPs for internal routing
 Use a special router to bridge the LAN and the WAN
 Properties of private IPs
 Not globally unique
 Usually taken from non-routable IP ranges (why?)
 Typical private IP ranges
 10.0.0.0 – 10.255.255.255
 172.16.0.0 – 172.31.255.255
 192.168.0.0 – 192.168.255.255
Private Networks
192.168.0.1 192.168.0.1
Private Private
Network 192.168.0.2 192.168.0.2 Network
Internet
NAT
192.168.0.0
192.168.0.0
Dilivered By Waqas Sajjad 66.31.210.69
Basic NAT Operation
Private Network Internet
Source: 192.168.0.1 Source: 66.31.210.69
Dest: 74.125.228.67 Dest: 74.125.228.67
Private Address Public Address

192.168.0.1:2345 74.125.228.67:80
192.168.0.1 66.31.210.69 74.125.228.67

Source: 74.125.228.67 Source: 74.125.228.67
Dest: 192.168.0.1 Dest: 66.31.210.69
Advantages of NATs
 Allow multiple hosts to share a single public IP

 Allow migration between ISPs
 Even if the public IP address changes, you don’t need to reconfigure the machines on the LAN
 Load balancing
 Forward traffic from a single public IP to multiple private hosts

Port Forwarding
Private Network Internet
Private Address Public Address
192.168.0.1:7000 *.*.*.*:*
192.168.0.1 66.31.210.69 74.125.228.67

Source: 74.125.228.67:8679 Source: 74.125.228.67:8679
Dest: 192.168.0.1:7000 Dest: 66.31.210.69:7000

ARP and RARP

ARP
ARP associates an IP address with its physical address. On a typical

physical network, such as a LAN, each device on a link is identified by
a physical or station address that is usually imprinted on the NIC.

ARP operation

Figure 7.6 Four cases using ARP

Note:
An ARP request is broadcast;

an ARP reply is unicast.

Proxy ARP

Domain Name System (DNS)
 The Domain Name System (DNS) is a hierarchical decentralized naming system for
computers, services, or any resource connected to the Internet or a private network
 In simple words DNS is the process by which a URL like google.com.au is translated
into its IP, 74.125.136.94l
 Basically it is hard to Memorize the IP address for every site, So DNS is helpful as it is
easy to remember in Verbal Language.

DNS hierarchy

Dynamic Host Configuration Protocol (DHCP)
 The Dynamic Host Configuration Protocol (DHCP) is a standardized network protocol

used on Internet Protocol (IP) networks for dynamically distributing network
configuration parameters, such as
 IP address
 SubNet Mask
 Default Gateway
 DNS server etc

DHCP Operation Summary

Switching Concepts
INTRODUCTION TO ETHERNET/802.3 LANS
Ethernet Technology Overview
 Ethernet multi-access broadcast
technology
 Uses CSMA/CD
 Collisions impact on network
performance
 Layer 2 devices can improve
performance
 Media includes CAT5(e), fibre,
wireless
 Speeds from 10Mbps to 10,000
Mbps
Hubs
 Layer 1 devices
 Regenerate, retime, amplify signals
 1 collision/bandwidth domain
 Broadcasts propagated out of every
port
 Only 1 device can transmit at a time
 Only 50-60% bandwidth available
Bridges
 Layer 2 device
 Splits network into 2
collision/bandwidth domains
 Broadcasts are forwarded
 Local traffic stays local
 Checks Layer 2 MAC addresses in
802.3 frame
Switches
 Layer 2 device
 Learns MAC addresses of devices attached to
each port
 Each switchport is a collision domain
 More collision domains BUT smaller collision
domains
 Broadcasts still sent out of every port
 Each switchport has dedicated bandwidth
 100% bandwidth available
Types of Transmission
Half-duplex Full duplex
 Host checks medium for • Host can transmit
signal – if clear host immediately
transmits
• 2 hosts can transmit
 Only 1 host can transmit
simultaneously
at a time
• No collisions
 Collisions – jam signal
• 100% bandwidth
generated, back-off
algorithm before available
retransmission • Requires dedicated
 50-60% bandwidth connection to a
available switchport
LAN Switch Operation - 1
 When a switch starts up it sends a broadcast out of all ports to learn host MAC addresses
 When a frame is received for an unknown destination a broadcast is sent to discover
 Addresses are added to a switching table mapping them to the port on which they were
learned
 When a frame is received for a known destination it is switched to the appropriate port

LAN Switch Operation - 2
 Switches contain RAM – known as CAM “Content Addressable Memory”

 Stores MAC address table
 Used as frame buffer
 Used to queue frames in asymmetric switching – switchports operating at different
speeds e.g. 10 and 100 Mbps

Broadcasts
 Bridges & switches cannot block layer 2 or layer 3 broadcasts

 Adding bridges or switches to a network extends the broadcast domain but creates
additional collision domains – a 24 port switch creates 24 collision domains
 Routers can inspect layer 3 packets and create broadcast domains – a router with 3 ports
creates 3 broadcast domains

Routing Concepts
INTRODUCTION TO ROUTING
What does a router do?

A day in a life of a router
find path
forward packet, forward packet, forward packet, forward packet...
find alternate path
forward packet, forward packet, forward packet, forward packet…
repeat until powered off

Routing versus Forwarding
 Routing = building maps and giving

directions
 Forwarding = moving packets

between interfaces according to the
“directions”
IP Routing – finding the path
• Path derived from information received from a routing protocol

• Several alternative paths may exist
– best path stored in forwarding table
• Decisions are updated periodically or as topology changes (event driven)
• Decisions are based on:
– topology, policies and metrics (hop count, filtering, delay, bandwidth, etc.)

IP route lookup
 Based on destination IP address

 “longest match” routing
 More specific prefix preferred over less specific prefix
 Example: packet with destination of 10.1.1.1/32 is sent to the router announcing 10.1/16 rather
than the router announcing 10/8.

IP route lookup
10/8 announced
 Based on destination IP address R3 from here
R1 R2
Packet: Destination
R4
IP address: 10.1.1.1 10/8  R3
10.1/16 announced
10.1/16  R4
from here
20/8  R5
30/8  R6
…..
R2’s IP routing table
Routing and Routing Protocols
 Introduction to Static and Connected IP Routes

 Learning Connected Routes
 Static Routes
 Dynamic Routing Overview
 Terminology Related to Routing Protocols Routing Protocol
Functions Interior and Exterior Routing Protocols
 How Routing Protocols Work: Routing Protocol Algorithms
 Routing Protocols Overview
 A Brief Review of IP Routing
 Routing Protocol Features: RIP, OSPF, EIGRP, and BGP
 RIP Configuration
 Summary
Static Routes
 A static route is simply a route that is added using a configuration command in a router.
 After it is configured, IOS adds the route, including details such as the subnet number,
mask, output interface, and next-hop router, into a new entry in that router’s IP routing
table.
 After it is added, the router can then route packets whose destination IP address
matches the static route.
 Engineers use static routes for several reasons. They could configure static routes for
all routes in any internetwork, but typically it is not worth the effort.

R1: Configuring a Static Route Using the Outgoing
Interface
When point-to-point topologies such as leased lines are used, ip route

command can simply refer to the outgoing interface
R1: Configuring a Static Route Using the Outgoing
Interface (Continued)
The show ip route command now lists the new static route.
R2: Configuring a Static Route Using
the Next-Hop IP Address

Statically Defined Default Routes
 When a router receives a packet whose destination address is not found in
the router’s IP routing table, the router discards the packet, unless a default
route has been configured
 Default route tells a router where to send packets that do not match any of
that router’s other IP routes.
 With a default route, the router forwards the packet based on the
instructions in the default route.

Testing Routs with ping and traceroute
commands
 The traceroute command works very well for testing routes.

 The ping command tells you whether the complete

 end-to-end route works, but the traceroute command tells you
 the first router that has a problem.

 Example on the next slide shows sample traceroute command output, with
the traceroute command never completing, which requires the user to stop
the command by using a break sequence.

Testing Routs with ping and traceroute commands
(Continued)
 The command output confirms that

the traceroute command’s packets
successfully got to a router whose IP
address is 172.16.33.1, and to a router
whose address is172.16.44.2, but no
further.
 Now, the engineer can telnet to the

last router in the traceroute
command’s output (172.16.44.2) and
continue troubleshooting, getting closer
to the cause
of the problem.
Dynamic Routing Protocols
 Function(s) of Dynamic Routing Protocols:

-Dynamically share information between routers.
-Automatically update routing table when topology changes.
-Determine best path to a destination.

 The purpose of a dynamic routing protocol is to:
-Discover remote networks
-Maintaining up-to-date routing information
-Choosing the best path to destination networks
-Ability to find a new best path if the current path is no longer available

 Components of a routing protocol
Algorithm
 In the case of a routing protocol algorithms are used for facilitating routing information and
best path determination
Routing protocol messages
 These are messages for discovering neighbors and exchange of routing information

 Advantages of static routing

-It can backup multiple interfaces/networks on a router
-Easy to configure
-No extra resources are needed
-More secure
 Disadvantages of static routing
-Network changes require manual reconfiguration
-Does not scale well in large topologies

Classifying Routing Protocols
 Types of routing protocols:

-Interior Gateway Protocols (IGP)
-Exterior Gateway Protocols (EGP)


Classifying Routing Protocols
 Interior Gateway Routing Protocols (IGP)

-Used for routing inside an autonomous system & used to route within the
individual networks themselves.
-Examples: RIP, EIGRP, OSPF
 Exterior Routing Protocols (EGP)
-Used for routing between autonomous systems
-Example: BGPv4

Routing Protocols Metrics
 Metrics used in IP routing protocols
-Bandwidth
-Cost
-Delay
-Hop count
-Load
-Reliability

Administrative Distance of a Route
 Identifying the Administrative Distance (AD) in a routing table

It is the first number in the brackets in the routing table

Administrative 
Distance of a Route

Administrative 
Distance of a Route
Directly connected routes
-Immediately appear in the routing table as soon as the interface is configured

Router Components
 RAM – holds packet buffers, ARP cache, routing table, software and data structure
that allows the router to function; running-config is stored in RAM, as well as the
decompressed IOS in later router models
 ROM – starts and maintains the router
 Flash memory – holds the IOS; is not erased when the router is reloaded; is an
EEPROM [Electrically Erasable Programmable Read-Only Memory] created by Intel,
that can be erased and reprogrammed repeatedly through an application of higher than
normal electric voltage
 NVRAM – Non-Volatile RAM - holds router configuration; is not erased when router
is reloaded

Router Components
 Config-Register
 controls how router boots;
 value can be seen with “show version” command;
 is typically 0x2102, which tells the router to load the IOS from flash memory and the
startup-config file from NVRAM

Overview
 Router configuration controls the operation of the router’s:

 Interface IP address and netmask
 Routing information (static, dynamic or default)
 Boot and startup information
 Security (passwords and authentication)

Where is the Configuration?
 Router always has two configurations:

 Running configuration
 In RAM, determines how the router is currently operating
 Is modified using the configure command
 To see it: show running-config
 Startup confguration
 In NVRAM, determines how the router will operate after next reload
 Is modified using the copy command
 To see it: show startup-config

Where is the Configuration?
 Can also be stored in more permanent places:

 External hosts, using TFTP (Trivial File Transfer Protocol)
 In flash memory in the router
 Copy command is used to move it around

 copy run start copy run tftp
 copy start tftp copy tftp start
 copy flash start copy start flash

Router Access Modes
 User EXEC mode – limited examination of router

 Router>
 Privileged EXEC mode – detailed examination of router, debugging,
testing, file manipulation (router prompt changes to an octothorp)
 Router#
 ROM Monitor – useful for password recovery & new IOS upload
session
 Setup Mode – available when router has no startup-config file

External Configuration Sources
 Console
 Direct PC serial access
 Auxiliary port
 Modem access
 Virtual terminals
 Telnet/SSH access
 TFTP Server
 Copy configuration file into router RAM
 Network Management Software
 e.g. CiscoWorks

Changing the Configuration
 Configuration statements can be entered interactively

 changes are made (almost) immediately, to the running configuration
 Can use direct serial connection to console port, or
 Telnet/SSH to vty’s (“virtual terminals”), or
 Modem connection to aux port, or
 Edited in a text file and uploaded to the router at a later time via
tftp; copy tftp start or config net

Logging into the Router
 Connect router to console port or telnet to router

router>
router>enable
password
router#
router#?
 Configuring the router
 Terminal (entering the commands directly)
router# configure terminal
router(config)#

Connecting your FreeBSD Machine to the
Router’s Console Port
 Connect your machine to the console port using the rollover serial cable provide
 Go to /etc/remote to see the device configured to be used with "tip”. you will see at the
end, a line begin with com1
bash$ tip com1 <enter>

router>
router>enable
router#

New Router Configuration Process
 Load configuration parameters into RAM
 Router#configure terminal
 Personalize router identification

 Router#(config)hostname RouterA
 Assign access passwords

 RouterA#(config)line console 0
 RouterA#(config-line)password cisco
 RouterA#(config-line)login
New Router Configuration Process
 Configure interfaces
 RouterA#(config)interface ethernet 0/0
 RouterA#(config-if)ip address n.n.n.n m.m.m.m
 RouterA#(config-if)no shutdown
 Configure routing/routed protocols
 Save configuration parameters to NVRAM
 RouterA#copy running-config startup-config
 (or write memory)

Router Prompts – How to tell where you
are on the router
 You can tell in which area of the router’s configuration you are by looking at
the router prompts:
 Router> – USER prompt mode
 Router# – PRIVILEGED EXEC prompt mode
 Router(config) – terminal configuration prompt
 Router(config-if) – interface configuration prompt
 Router(config-subif) – sub-interface configuration prompt

Router Prompts – How to tell where you
are on the router
 You can tell in which area of the router’s configuration you are by looking at
the router prompts:
 Router(config-route-map)# – route-map configuration prompt
 Router(config-router)# – router configuration prompt
 Router(config-line)# – line configuration prompt
 rommon 1> - ROM Monitor mode

Configuring your Router
 Set the enable (secret) password:

 router(config)# enable secret “your pswd”
 This MD5 encrypts the password
 The old method was to use the enable password command. But this is not
secure (weak encryption) and is ABSOLUTELY NOT RECOMMENDED. DO
NOT USE!
 Ensure that all passwords stored on router are (weakly) encrypted rather
than clear text:
 router(config)# service password-encryption

Configuring Your Router
 To configure interface you should go to interface configuration prompt

router(config)# interface ethernet0 (or 0/x)
router(config-if)#
 Save your configuration

 router#copy running-config startup-config
 (or write memory)

Configuring Your Router
 Global:
enable secret e2@fnog
 Interface:
interface ethernet 0/0
ip address n.n.n.n m.m.m.m
 Router:
router ospf 1
network n.n.n.n w.w.w.w area 0
 Line:
line vty 0 4

Global Configuration
 Global configuration statements are independent of any particular interface or routing

protocol, e.g.:
 hostname e2-@fnog
 enable secret tracke2
 service password-encryption
 logging facility local0
 logging n.n.n.n

Global Configuration
 IP specific global configuration statements:

ip classless
ip name-server n.n.n.n
 Static Route Creation
ip route n.n.n.n m.m.m.m g.g.g.g
n.n.n.n = network block
m.m.m.m = network mask denoting block size
g.g.g.g = next hop gateway destination packets are sent to

The NO Command
 Used to reverse or disable commands e.g
ip domain-lookup
no ip domain-lookup
router ospf 1
no router ospf 1
ip address 1.1.1.1 255.255.255.0

no ip address

Interface Configuration
 Interfaces are named by slot/type; e.g.:

 ethernet0, ethernet1,... Ethernet5/1
 Serial0/0, serial1 ... serial3
 And can be abbreviated:
 ethernet0 or eth0 or e0
 Serial0/0 or ser0/0 or s0/0

Interface Configuration
 Administratively enable/disable the interface

router(config-if)#no shutdown
router(config-if)#shutdown
 Description
router(config-if)#description ethernet link to admin building
router

Interactive Configuration
 Enter configuration mode, using “configure terminal”
 Often abbreviated to “conf t”
 Prompt gives a hint about where you are:
router#configure terminal
router(config)#ip classless
router(config)#ip subnet-zero
router(config)#int e0/1
router(config-if)#ip addr n.n.n.n m.m.m.m
router(config-if)#no shut
router(config-if)#^Z

Storing the Configuration on a Remote
System
 Requires: ‘tftpd’ on a unix host; destination file must exist before the file is
written and must be world writable...
router#copy run tftp

Remote host []? n.n.n.n
Name of configuration file to write [hoste2-rtr-confg]? hoste2-
rtr-confg
Write file hoste2-rtr-confg on Host n.n.n.n? [confirm]
Building configuration...
Writing hoste2-rtr-confg !![OK]

router#

Restoring the Configuration from a
Remote System
 Use ‘tftp’ to pull file from UNIX host, copying to running config or startup
router#copy tftp start

Address of remote host [255.255.255.255]? n.n.n.n
Name of configuration file [hoste2-rtr-confg]?
Configure using hostel-rtr-confg from n.n.n.n? [confirm]
Loading hoste2-rtr-confg from n.n.n.n (via Ethernet0/0): !
[OK - 1005/128975 bytes]
[OK]
hoste2-rtr# reload

Getting Online Help
 IOS has a built-in help facility;

 use “?” to get a list of possible configuration statements
 “?” after the prompt lists all possible commands:
 router#?
 “<partial command> ?” lists all possible subcommands, e.g.:
 router#show ?
 router#show ip ?

Getting Online Help
 This also works in configuration mode:

router(config)#ip a?
accounting-list accounting-threshold
accounting-transits address-pool
alias as-path
router(config-if)#ip a?
access-group accounting address

Getting Lazy Online Help
 TAB character will complete a partial word

hostel-rtr(config)#int<TAB>
hostel-rtr(config)#interface et<TAB>
hostel-rtr(config)#interface ethernet 0
hostel-rtr(config-if)#ip add<TAB>
hostel-rtr(config-if)#ip address n.n.n.n m.m.m.m
 Not really necessary; partial commands can be used:

router#conf t
router(config-if)#ip addr n.n.n.n

Connecting your FreeBSD machine to the
Router’s Console port
 Look at your running configuration
 Configure an IP address for e0/0 depending on your table
 use n.n.n.n for table A etc
 Look at your running configuration and your startup configuration
 Check what difference there is, if any

Using ACLs
 Standard IP Access Lists

 ranges (1 - 99) & (1300-1999)
 simpler address specifications
 generally permits or denies entire protocol suite
 Extended IP Access Lists
 ranges (100 - 199) & (2000-2699)
 more complex address specification
 generally permits or denies specific protocols
 There are also named access-lists
 Standard
 Extended

ACL Syntax
 Standard IP Access List Configuration Syntax

 access-list access-list-number {permit | deny} source
{source-mask}
 ip access-group access-list-number {in | out}
 Extended IP Access List Configuration Syntax
 access-list access-list-number {permit | deny} protocol
source {source-mask} destination {destination-mask}
 ip access-group access-list-number {in | out}
 Named IP Access List Configuration Syntax
 ip access-list {standard | extended} {name | number}

Where to place ACLs
 Place Standard IP access list close to destination

 Place Extended IP access lists close to the source of the traffic you want to manage

What are Wild Card Masks?
 Are used with access lists to specify a host, network or part of a network
 To specify an address range, choose the next largest block size e.g.
 to specify 34 hosts, you need a 64 block size


 Are used with the host/network address to tell the router a range of addresses to filter
 Examples:
 To specify a host:
 196.200.220.1 0.0.0.0
 To specify a small subnet:
 196.200.220.8 – 196.200.220.15 (would be a /29)
 Block size is 8, and wildcard is always one number less than the block size
 Cisco access list then becomes 196.200.220.8 0.0.0.7
 To specify all hosts on a /24 network:
 196.200.220.0 0.0.0.255

 Short cut method to a quick calculation of a network subnet to wildcard:

 255 – {netmask bits on subnet mask}
 Examples:
 to create wild card mask for 196.200.220.160 255.255.255.240
 196.200.220.160 0.0.0.15 {255 – 240}
 to create wild card mask for 196.200.220.0 255.255.252.0
 196.200.220.0 0.0.3.255

ACL Example
 Wildcard bits indicate how to check corresponding address bit

 0=check or match
 1=ignore
 Matching Any IP Address
 0.0.0.0 255.255.255.255
 or abbreviate the expression using the keyword any
 Matching a specific host
 196.200.220.8 0.0.0.0
 or abbreviate the wildcard using the IP address preceded by the keyword host

Permit telnet access only for my network
access-list 1 permit 196.200.220.192 0.0.0.15

access-list 1 deny any
line vty 0 4
access-class 1 in

Standard IP ACLs
Permit 196.200.220.1
only my network 196.200.220.81
Non 196.200.220.0
E0 S0
s0
196.200.220.82
e0
access-list 1 permit 196.200.220.80 0.0.0.15
interface ethernet 0
ip access-group 1 out
interface serial 0
Extended IP ACLs:
Deny FTP access through Interface
196.200.220.10
E1
196.200.220.225
Non 196.200.220.0
E0 S0 e1
196.200.220.226
access-list 101 deny tcp 196.200.220.0 0.0.0.15 196.200.220.224 0.0.0.15 eq 21

access-list 101 deny tcp 196.200.220.0 0.0.0.15 196.200.220.224 0.0.0.15 eq 20
access-list 101 permit ip 196.200.220.0 0.0.0.15 0.0.0.0 255.255.255.255
interface ethernet 1

Disaster Recovery:
How to Recover a Lost Password
 Connect your PC’s serial port to the router’s console port
 Configure your PC’s serial port:
 9600 baud rate

 No parity
 8 data bits
 1 stop bit
 No flow control

Disaster Recovery:
 Your configuration register should be 0x2102; use “show version” command to
check
 Reboot the router and apply the Break-sequence within 60 seconds of powering the
router, to put it into ROMMON mode
Rommon 1>confreg 0x2142

Rommon 2>reset
 Router reboots, bypassing startup-config file

Disaster Recovery:
Type Ctrl-C to exit Setup mode
Router>enable
Router#conf m OR copy start run (only!!!)
Router#show running OR write terminal
Router#conf t
Router(config)enable secret forgotten
Router(config)int e0/0…
Router(config-if)no shut
Router(config)config-register 0x2102
Router(config)Ctrl-Z or end
Router#copy run start OR write memory
Router#reload

Cisco Router Configuration
Basics
QUESTIONS?
Issues In Traditional Networks
 Strongly Coupled Control and Data Planes

 Interaction between Different hardware Vendors

Issues In Traditional Networks
 Hard to implement policies for bigger networks

Advance Network Technologies
 Software Defined Networks (SDN)

 Network Function Virtualization (NFV)
SDN NFV

Basic Network Training Program Presentation

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

Basic Network Training Program Presentation

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Basic Network Training Program Presentation

Uploaded by

Copyright:

Available Formats

Dilivered By Waqas Sajjad