===============================
Ethernet technology used in LAN
===============================
Technology :
IEEE is body which opens standards based on white papers sent to them by us. This white papers will be converted into RFC and float to all RFC members for
comments. If all goes well we will get standard number.
Ethernet technology :
-> CSMA/CD is the fundamental(whitepaper) on which Ethernet technology works.
-> IEEE standardized CSMA/CD and standard no. of 802.3 was given.
-> ARPA is a logic as per standard that drives communication over ethernet.(ARPANET is different but it is BAAP of ARPA which has died.)
CSMA/CD :
-> Two or more computers or communicating devices can get connected over same medium. All computers can communicate with each other whenever they want as if they
are in a democratic world. But before a computer can communicate it has to sense the medium if the medium is available and not being used by another computer then
the computer can put data on wire.
-> Ethernet technology is multi access medium technology that means one talking and many listening (In this case if i say chutiya on a multi access medium people
will not understand who it was addressed to. but if i say chutiya amit amit will understand this was addressed to him.) So mac address is required in Ethernet
technology. MAC is only present in Ethernet technology since it is multi access technology.
-> On the contrary Serial technology is point to point technology (mein nhej rela tu sun rela , tu bhej rela mein sun rela toh kahe ki cindrela (MAC))
So there is no mac address in Serial Communication.
OOT Where is MAC ?
-> Every ethernet technology network card ke Prog mein MAC address programmed hota hain. every network card has uniq mac address. Its a 6 byte (every byte has 8 bit) 48 bit ka hexa decimal
address. (A-F,0-9) combination se banaya hua address.Whenever computer receives data it will open destination code (DMAC) check if it is meant for him, if yes he will accept the data else will discard the data.
Communication on Ethernet technology is of 3 types :
a) Unicast : To an individuals MAC
b) Multicast : To groups MAC.
c) Broadcast : To everybody's MAC.
-> A computer will accept 3 types of frames.
1) Which has come for its own individual MAC.
2) Which has come for groups MAC.
3) Lastly which has come for everybody's MAC.
It may so happen that 2 or more computers may feel like communicating at the same time. If 2 or more computers sense medium if the medium is available and
not other computer is using it they may put their data on the wire at same instance . But if two computers send data at the same time the data will colide.
CSMA/CD says no issues bcause I have collision detection and avoidance mechanism.
VIMP-> FOR COLLISION DETECTION COMPUTER WILL MAKE USE OF CRC CODE.
[|FCS|DATA|SMAC|DMAC (Frame check sequence which is CRC code) ] CRC code is attached to data to check integrity of data.
How Collision is Detected ?
-> In ethernet technology when computer sends frame on wire, they will apply crc code for uniq identification. Once data wid crc code is on wire, it becomes
electrical signal, then signals will collide, signals are form of energy it will never get destroyed but signals will get distorted. Distorted signals
will resolate back in opposite direction, once computer receives this frame/data they will check the crc code. Obviously collided frame's CRC code
will not match and computers will learn that there was collision and they will discard the collided frame. Computers will also learn that the data has
collided and if they feel so they will re-transmit or ignore it.
Why Collision Avoidance is Required ?
-> If one computer has Aishwarya Rai of 700mb(2000 tukda) and other computer has Dolly Bindra of 700mb(2000 tukda) it may so happen that both of them may
sense the medium at the same time and data will collide and this may keep on happening since both the computers will have to send 2000 tukda's.
Hence only collision detection will not help collision avoidance is equally important.
How Collision Avoidance ?
-> Simplest way to detect collision is to give time stamp to data.
-> When computers receives collided frame they will immediately get into an Integral Weight State. All computers will get into weight state and their weight
state are not synchronised. Computers themselves decide what will be their wait state. It can be anything like 5msec, 50msec. Why is it called integral
weight state, bcause computers can increase/decrease wait state depending upon number of collisions in one seconds. IF a computer receives 3 or
more collided frames in one second it will understand that there is one talkative pair on network who wants to send data again and again and
I will myself increase my wait state. When computers are waiting they cannot speak but they can listen. Whichever computer has lower wait state will get
the opportunity to talk first.
In our example CCC has the least weight state of 15msec and will acquire the medium and will be king of the medium for next(25msec) difference between
CCC and other computer's weight state. But after 25msec collision may again happen and all the computers will again go on wait state.
When 2 or 3 computers are communicating chances of collision is less. Chances of collision is more when more computers are communicating.
When again all computers are communicating and if collision happens all the computers will reset their timer and now CCC ka wait state will be 15msec.
So collision inside collision is OK.
But in an organisation where 6000 users are communicating if one computer talks at a time and all others are listening communication will become very
slow. Yes communication will become slow but with the help of hardware software's flaw can be avoided.
-------------------------
Dudh ka Dudh Pani Ka Pani
-------------------------
As soon as we deploy Ethernet Card on our computer, our computer will detect Ethernet Card which means Layer 1 of Ethernet Technology is deployed. my computer
will start loading drivers for this hardware. As soon as drivers are loaded which means Ethernet technology is now ready for communication. This driver is
based on CSMA/CD fundamental/802.3 Fudamental. This is the driver/software which will drive communication over hardware, this is layer 2 of Ethernet communication.
Once hardware and software is installed we will get in network neighbourhood that Ethernet technology is ready for communication.
But technology does not communicate on its own, somebody has to use technology for communication.
In voice communication user uses technology direct for communication. but in data communication user can not directly use technology for communication.
User has to use UPPER LAYER PROTOCOL STACK.
There are many Upper Layer Protocol stack but the three important one's are IP,IPX and AppleTalk. IP,IPX and AppleTalk are agents that works between
user and technology.
When we do ftp 20.0.0.1
FTP protocol of IP UPPER LAYER PROTOCOL STACK gets activated. When we say put Aishwarya.jpg, ftp protocol picks up Aishwarya.jpg from Hard disk, it will break data
Aish.jpg into pieces and then with the help of underlying technology will deliver data to the other end. On the other hand Upper layer protocol stack will pick data from underlying
technology and check CRC code if it is unchanged(satik) then it will acknowledge and say send 2nd tukda bhej. If while sending the next tukda frame collided
then the sending computer if doesn't receive acknowledgement within stipulated time it will re-send data. on the other hand if the receiveing computer
receives collided frame it's crc code will be destorted and receiving computer will give acknowledgement to resend the data.
Once all the pieces of data are received by ftp protocol of receiving computer it will join it and give it to user.
So Upper layer protocol is responsible for end to end communication in ethernet technology.
-----------------------
Reverse gear Marte Hain
-----------------------
-> Communication is done by Upper layer protocol stack on behalf of user with the help of underlying technology.
-> IP Upper layer protocol stack identifies computer by IP address whereas technology identifies computers by MAC address.
-> IP is given for network card and not for computers.
-> After we give IP address to the network card LAyer 3 and layer 2 ka binding ho jayega and it will be stored in ARP Table.
ARP Table will show following entry:
|-----------------
| 10.0.0.1 - AAA
|
|
And Also in Routing Table :
|-----------------------
|etho connected to 10.0.0.1
|
Like above there is one more table known as host table.
-> Computers hostname and IP gets stored in host table. All these files are stored in etc directory of any Operating System.
Now if ip upper layer protocol stack says yeh leh tukda 10.0.0.2 ko deliver karke aja. Then technology will say kaun 10.0.0.2 bcause it does not understand
IP it only understand's MAC. This problem is solved by ip upper layer protocol stack using associated tool i.e arptool. IP will ask arptool do u have mac
address of 10.0.0.2. Arptool who maintains arp table will refer arp table and while installing ethernet card for first time arp table will have entry of its own card. So arptool
will say I have one nic and its ip is 10.0.0.1. But wait since I am arptool I will help you, arptool will send arp broadcast. (What is Arp broadcast -> Send
IP request MAC). Arptool will now broadcast (send Ip) and request MAC. Now computer with 10.0.0.2 IP will say I am 10.0.0.2 it will refer its MAC table
which will contain its own MAC and will give this MAC to arptool. now arptool will write in MAC Table that 10.0.0.2 is BBB.
ARP Table will show following entry:
|-----------------
| 10.0.0.1 - AAA
| 10.0.0.2 - BBB =====> New Entry
|
Now IP will make the frame again. Give SIP,DIP and technology will apply SMAC and DMAC along with CRC code on the other hand technology will check MAC and
provide frame to IP Upper layer protocol stack who will check destination IP.
Note : Consolidated and written properly in my notebook abt (Introduce technology, importance of upper layer protocol and Full Flow. same as roughly
explained above)
========
Week 5
========
Why is Ping made ?
-> Ping is a tool or application of IP Upper Layer Protocol Stack, it is not technology. Ping is used to check network Layer/IP Layer status of a device.
But since ping sends icmp echo request it will also receive response. It's primary purpose is not to check link. When ping sends packet it also calculates
latency and drop.
i) To check link status
ii) To calculate latency
iii) To verify link quality (drop).
What is Localhost ?
-> Localhost is our software IP,predefined for developers (127.0.0.1).
Why use Localhost ?
-> If a software developer is making software and he wants one copy of everything with him, he will not know what IP users using his software are going to
use. So he will use localhost.
Ethernet Communication Rules :
i) Final communication between 2 communicating devices connected over ethernet will happen using MAC.
ii) Traffic between 2 communicating devices connected over ethernet will switch only if they are in same subnet/network.
-------
IP Flow
-------
As soon as person sitting on this computer says ping 10.0.0.4, which means it needs network layer status of 10.0.0.4. For getting network layer status of
10.0.0.4 computer will create frame. First field will be data, where it will be written I need your network layer status. To get network layer status
computer has to apply header to this data. First field in header is Source IP, source ip is my own ip, ip is layer 3 information to get layer 3 information
computer will go to layer 3 table i.e Routing table, routing table will say i have only one nic card and its ip is 10.0.0.1, so computer will pull this
information and put it in SIP column of the frame. Destination IP is the IP where it wants to go. Computer will pull this info from ping command and feed it
in DIP location of frame.
SMAC means source ip's mac computer will go to MAC table and ask what is MAC address of 10.0.0.1. MAC Table will say mac of 10.0.0.1 is AAA. DMAC is
mac address of destination ip, it will go to arptable and ask wat is mac of 10.0.0.4. MAC/ARP Table will say I don't know. If MAC/ARP Table doesn't know MAC address
to reach a IP, arptool will send arp broadcast and get it. So this frame will be parked aside. Since arp broadcast is a broadcast a new frame will be
created. First field will be data where it will be written I need your MAC address. SIP khudka IP, Destination IP from command, SMAC khudka MAC and destination
mac (FFF) eveybody's MAC.
When frame reaches DDD, from layer 1 to layer 2 software received it, opened layer 2 information and asked where u want to go. Frame said FFF , so DDD will
say you have not come for me but since you are FFF and all computers support 3 types of frame as below, I will help you.
1) Which has come for its own individual MAC.
2) Which has come for groups MAC.
3) Lastly which has come for everybody's MAC.
Computer will keep aside layer 2 information and send the rest of the frame to Layer3. Layer 3 software will open layer 3 information and ask kaha jana hain.
Frame will say 10.0.0.4. Computer will say OK you have come for me. It will keep aside layer 3 information and remaining frame will be sent to upper ka layer
and then immediately response will be created.
Response frame will be sent from layer 3 to layer 2 and then to layer 1 and then transfer in the form of electrical energy. As soon as CCC will receive frame
it will say Tu kiske liye aya hain. Frame will say AAA so it will discard the frame at layer 2 only and the frame will not be sent to layer 3.(No muft ka
chandan no gis mere nandan.) Now frame will come to AAA, layer 1 se layer 2 will pick up ask where u want to go. Frame will say AAA. Computer will say i am
AAA you have come for me only, it will keep aside layer 2 information and pass on the remaining frame to layer 3. layer 3 will ask where u want to go frame
will say 10.0.0.1 it will say I am 10.0.0.1 you have come for me. Keep aside layer 3 information and pass on the frame to upper layer and now the frame that
was park aside in that it will be written that DMAC of 10.0.0.4 is DDD.
=======
DEVICES
=======
-> There are many devices that are used in Ethernet Communication like Repeater, Switch, Hub, Bridge and Router.
Repeaters and Bridges are used in co-axial medium (thinwire, thickwire). bcause they only give bandwidth of 10mbps. No one uses them now-a-days.
-> Repeaters and Hub's are analogous(similar) device but used on different medium. Repeaters are used in thinwire, thickwire and Hub is used in twisted pair.
-> Bridge and Switch are similar device but used in different medium like bridge is used in thinwire, thickwire but Switch is used on twisted pair medium.
-> Bridge has less ports but switch is called multi-port bridge.
===
HUB
===
why Hub is a dumb device ?
-> Any networking device that does not understand networking is dumb from networking prospective.
Hub is a dump device. Hub is a electrical device. As soon as hub receives electrical signal on a port it will boost electrical signal and forward
it to all other ports and not same ports.
Jab signal wire pe jayega signal ka strength deteriorate hoga. Isliye strength boost karne ke liye hub use karte hain.
Hub is an intellegent electrical device. As soon as hub receives electrical signal on a port it will boost electrical signal, it will restore signal level
and forward it to all other ports and not on the same port.
1) HUB extends the network(coverage badha raha hain).
2) Every port of HUB shares same bandwidth, hub is a shared bandwidth device.
3) Every port of hub is member of same collision/broadcast domain. HUB is a single collision/broadcast domain device.
4) Hub is a Layer 1 Device. Layer 1 means anything that is physical or physical in nature that is used between 2 communicating devices to form communicating
channel is called Layer 1. things like connectors, wires,cables,pin-outs, voltages, signals, boosting devices are all layer 1 and hence hub is Layer 1 device.
--------
Benefits
--------
1) Extends the network coverage badhata hain.First 50 computers were connected now 100 computers can connect.
--------
Drawback
--------
Since hub has extended the network and now 100 computers are connected but bandwidth still remains the same so the possiblility of acquiring medium will
reduce and collision will increase.
HuB works exactly as per CSMA/CD rule. So whenone person talks everybody else listens, if we deploy hub in huge network then communication will become very slow.
Bcause computers share same bandwidth and one person talks at a time.
What is Domain ?
-> Domain means Area. Area is in terms of perspective.
----------------------------------------------
SWITCH
------
Switch
______________
------------------------| 1 2 3 4|-----------------------------
| | | | |______________| | | | |
| | | | | | | | | |
Comp Comp Comp Comp Comp Comp Comp Comp Comp Comp
AAA BBB CCC DDD EEE GGG HHH III JJJ KKK
-> Switch is an intelegent device. As soon as switch receives a frame on a port, it will open layer 2 information read mac address refer mac table and take
forwarding decissions. Bcause switch refers mac table and since mac address is layer 2 address, mac table is layer 2 table and hence switch is a Layer 2
device.
-> As soon as switch receives frame on a port it will open layer 2 information read Destination MAC address refer mac table and forward frame to relevant
ports only and not to all other ports. This means switch is segmenting (tod raha hain) network and not extendng network like hub.
-> Switch refers mac table, but how entries are populated in MAC Table.
1) Administrator can make static entries in MAC Table.
2) Switch can dynamically learn MAC addresses when frame traverses switch.
VIMP : Switch is single most device which will ask where have you come from.
Explanation of Point 2 :-
When a frame comes to switch, switch will ask where have you come from. If for example frame says AAA then switch will record in MAC table that MAC address
AAA against the port on which it was received.
If entries are added dynamically if switch is switched off entries will go away. If administrator has done static it will be there.
Entries in MAC Table needs to be controlled. Why ? Explained below ?
-> If we take our comp to our office and then connect it and switch dynamically learns mac and it will keep mac in mac table. Since live devices are
not rebooted the number of entries in MAC Table will increase like anything. Huge mac table is very dangerous. Why ?
1) Huge mac table will eat lots of memory which is always scarce.
2) It will use more Processing power. As soon as a frame comes it will check MAC TAble (kidhar hain,kidhar hain,kidhar hain) and cause delay in frame
forwarding also.
So MAC Table size has to be controlled. And so mac table size shud be precise and concise.
Any mac entry in mac table that is not receiving frame or forwarding frame is unncecessary. Such type of mac entries are called Stale entries. (baasi)
will be removed from mac table after stipluated time. This stipulated time will be 5 mins, 20 mins whatever depending from manufacturer to manufacturer.
Mac table size shud be precise and concise for following reasons:
i) to control use of memory
ii) More processing power will be used to lookup for MAC.
iii) Frame forwarding delay will be huge.
=================
SWITCH OPERATIONS
=================
-> Switch cannot broadcast. When switch receives broadcast on a port it will make multiple copies of the frame and forward it to all other ports.
-> Switch cannot broadcast bcause broadcast is done by the device that participates in communication. Switch facilitates communication it does not communicate
on your behalf.
-> Switch does not do communication. Switch is used for effective communication. The one who is not communicating how can he broadcast. SO it proves that
switch cannot broadcast.
-> In the response frame of IP Flow when switch receives frame it will ask where have you come from. Frame will say GGG. Switch will check MAC table and
it will see there is no entry for GGG so switch will make an entry that GGG is sitting on port no. 3 as in above diagram.
Now switch will ask where you want to go. Frame will say AAA Switch will say wait, it will check MAC table and will find that AAA is on port 1 switch timer reset kardega
and send the frame to port 1. If switch was receiving frame for BBB it wud also have been received on port 1. Switch will discard the packet. If sender and receiver
are on same port switch cannot do anything switch will discard the packet.
-> Switch switches within ports, hub between ports.
-> If sender and receiver are not on same port switch will bridge information between relevant ports only and not on other ports. Switch is ethernet technology
device works exactly as per CSMA/CD. Before bridging information between two port switch check the medium if it is available and not used by another comp,
switch will acquire medium and put its data on wire.
-> If devices which were to communicate on different port they wud be allowed to communicate as switch allows simultaneous communication of multiple devices
connected on different ports. (Hardware ki help se software ka flaw mitaya.)
Note : Same port means ek HUB se switch ko connect kiya hain.
Switch
______________
------------------------| 1 2 3 4|-----------------------------
| | | | |______________| | | | |
| | | | | | | | | |
Comp Comp Comp Comp Comp Comp Comp Comp Comp Comp
AAA BBB CCC DDD EEE GGG HHH III JJJ KKK
If AAA wants to talk to DDD exactly at the same time EEE wants to communicate with DDD then wat will happen ?
-> AAA will sense the medium, medium will be available and put the data on wire. At the same time EEE will sense the medium, medium is available it will put data on wire.
-> Now when switch receives data of EEE it will sense medium and medium will be buisy (AAA ka data travel ho raha hain) it will buffer data and after AAA
has sent data it will again sense medium and if medium is available it will put data.
===========
Scenario 2:
===========
Suppose if EEE wants to send data to DDD at the same time AAA wants to send data to DDD.
EEE has sense the medium, medium was available and EEE put data on wire. Switch has bridge data between EEE and DDD. But at the same time AAA has sense the
medium, medium was available and put data on wire. Both the frame's collided. Switch did not purposefully led to collision of the frame. Now when AAA receives
collided frame it will understand that whatever it had sent has collided and either re-transmit or ignore.
BUT as soon as collided frame reached Port no. 1 of switch, switch will check CRC code, crc code of collided frame will not match and switch
will discard the frame. But there is a problem over HERE ?
What-> EEE will not understand that whatever it had sent has collided since switch does not forward collided frames.
FADU TIP : IP communication on ethernet technology is of 2 types.
1) Connection-Oriented Communication. (TCP)
2) Connection-Less communication. (UDP)
TCP -> Whatever I am sending if u r receiving acknowledge u have received it. TCP means Guaranteed delivery. In tcp if acknowledgement is not received
within stipulated time, EEE will again send data if acknowledgement is not received thrice session will be terminated.
UDP -> Whatever I am sending if u r receiving good otherwise go to hell.
Note : Switch will not forward collision received on Port 1 to any other port. Simillarly every port of switch is in different collision domain.
Switch is a multiple collision domain device. (Every port pe aya hua collision use port tek rahega so every port of switch is in different collision domain.)
EVERY PORT OF SWITCH HAS DIFFERENT BANDWIDTH.
Switch Operations ka explanation. Refer from Notebook (Sir has dictated this.)
Q1) Kya 700mb ki aishwariya.jpg ek saath jayegi ?
-> No. 700mb will be borken into segments.
Q2) Kitna bada tukda ek saath Jayega ?
-> MTU (Maximum Transmission Unit.) Ethernet and Serial ka MTU 1500 bytes ka hota hain.
Q3) Yeh 1500 byte kya hota hain ?
-> Whatever ethernet has received from upper layer that will be MTU for ethernet. Ethernet will put header on that. Ethernet MTU is everything except ethernet
header.
Q4) Ethernet MTU is of 1518/1519 bytes.
-> Header + ethernet mtu
Q5) Ethernet MTU is 1564/1599 bytes.
-> This is known as Jumbo or Baby Jumbo frames. Some microsoft applications have khuzli which between normal ethernet frame apna header gusate hain.
Q6) Ethernet MTU ka size is 9000 bytes.
-> 1GB and above ke ports ka MTU 9000 bytes hota hain.
Start from 11th minute of voice13 week 6
-> Data is set of signals.
Q) What happens wen 2 frame of 1500 bytes collide ?
-> Whenever 2 frames collide it will break. Lets consider it broke into three pices. (i.e 40, 1900 and 1060)
-> Whenever a switch receives frame it will first check frame bytes. Next it will check crc code and then ask where have u come from and where u want to go.
(Note : Any ethernet device when receives frame/packet it will first check size of the frame or packet.)
-> If switch receives any such frame i.e less than 64 bytes then switch considers that frame as RUNT frame. (RUNT is type of collision)
Q) Why 64 bytes ?
-> If i want to send a post to anyone, without address i will not be able to send post. Switch says if there is a frame that does not even contain the header
where it has to be send then it cannot deliver the frame. Minimum size of header is 64 bytes.(So RUNT is less then 64 bytes)
-> If a frame is received by switch which is more then port MTU then it is considered to be GIANT.(So 1900 bytes ka frame gadbad hain.) So giants are
collision frame.
-> Frame no.3 which is of 1060 bytes is nor RUNT nor GIANT. So any frame that is nor GIANT, nor RUNT is considered to be Normal Frame.
But is this a normal frame ?
No.
-> So switch will check crc code and crc code of collided frame will not match and the frame will be discarded.
-> If a application is adding a header to our frame it will increase the size of our frame and it will be known as Jumbo frame. But is this frame corrupt.
No.
-> So wats the solution ?
-> If we use any application that adds jumbo frame we shud use switch that supports Jumbo frame. and write this :(MTU 1564)
Q) Why use Uplink ports of 1Gb wen all the PC's are connected to switch with 100mb.
-> Whenever frames comes to uplink ports it is buffered and then delivered simultaneously and then as per MAC go to PC's.
Uplink ports support sending data simultaneously whereas access ports (i.e. ports where PC's are connected) support only one person at a time.
-> Whenever a switch receives a frame (9000 bytes) whose size is more then port MTU that frame will be considered GIANT.
Q) There are 2 ways of making higher MTU port speak to lower MTU port.
Solution : Switch may have fragmenting capability. Whenever higher MTU frame are received if they are not GIANT or RUNT, then switch will fragment this frame
before forwarding it to lower MTU port. On the other hand fragmented frame will be joined and used.
Alternate Solution : Applications may have capabilities to learn path MTU and then use lowest mtu path for communication. In this case application will send
trace packets/frames and find out that this path ka lowest MTU is 1500 bytes and send data accordingly.
-> In layer 3 if destination ip is not reachable frame will be discarded. But in layer 2 if DMAC iks not known ARP broadcast will be sent to learn MAC address.
-> When a user says ping 10.0.0.2 it means the user wants to know network layer status of 10.0.0.2.
-> To get this status computer will create frame first field will be data wherein it will be written I need ur ntwork layer status. To deliver this data
computer will apply header to data. First field will be source IP source IP means my own IP computer will go to routing table and ask what is our ip address.
Routing table will say we have only one network card and IP of this network card is 10.0.0.1. Computer will pull this info and put it in frame.
Destination IP is IP where frame wants to go, computer will go to command and pick DIP and put it in DIP column, but before computer puts this IP here,
computer will ask can i reach 10.0.0.0 network. Bcause at layer 3 if computer cannot reach IP address frame will be discarded. At layer 2 if mac is not available
ARP broadcast will be sent to learn MAC. Routing table will say yes we have one network card which belongs to 10.0.0.0 network and through this network card
we can reach 10.0.0.0 network. If a computer can reach a network it will pick DIP and write it in DIP field.
======
Router
======
Routing Table --------- Routing Table
----------------- | RRR | -----------------------------------------
| --------- |
| E0/0->| |<-E0/1 |
| 10.0.0.10/24 | | 20.0.0.10/24 |
| | |
ARP Table | | |
-------------- | | |
| _____|__|_______
| --------------|1 3 4 6|------------
| | |___2______5____| |
| | | | ARP Table
Comp Comp Comp Comp --------------------------------------------
10.0.0.1/24 10.0.0.2/24 20.0.0.3/24 20.0.0.4/24 |
dfg 10.0.0.10 dfg 10.0.0.10 dfg 20.0.0.10 dfg 20.0.0.10 |
AAA BBB CCC DDD | |
|
Query :-> ping 20.0.0.4 |
==============
ETHERNET FRAME
==============
--------------------------------------------------------------------
| DATA | Source IP | Destination IP | Source MAC | Destination MAc |
--------------------------------------------------------------------
Q) If person sitting on 10.0.0.1 says ping 20.0.0.4 what will happen.
-> If person sitting on 10.0.0.1 says ping 20.0.0.4 it means the user wants to know network layer status of 20.0.0.4.This computer will start creating
frame. First field will be SIP. Computer will go to routing table and ask what is my ip. Routing table will say IP is 10.0.0.1. Destination IP means IP
where we want to go. It will be picked up from command line but before writing it to DIP field computer will ask can i reach 20.0.0.0 network to routing
table.
-> Routing table will say No. I have only one network card and my IP is 10.0.0.1 and i can only reach 10.0.0.0 network. In layer 3 if computer cannot reach
Destination IP frame will be discarded.
VVV IMP -> By Default computers can communicate within same subnet BUT if you want to GET AWAY from YOUR NETWORK and communicate with computers ON
OTHER NETWORK you need to take help of GATEWAY DEVICE.
What is Gateway Device ?
-> Gateway device is a router which routes between networks or a Proxy server which also routes between networks.
Why we use Default gateway ?
-> If we do not give default gateway we will be able to speak in our network only. To speak to other networks we use default gateway.
Note: We Configure IP on router bcause router participates in communication, but switch does not participate in communication and hence we do not give IP
to any port of switch. Switch ports don't need MAC or IP Address.
-> Since router routes between network, hence every port of router shud be in different network.
Q) Should gateway be in same subnet ?
-> Yes gateway IP has to be in same subnet. To communicate with computers on other network I need gateway device. If gateway is in different subnet computer
will not be able to reach gateway IP and hence gateway shud be in same subnet.
IP Flow for the above diagram :
-> If a person sitting on 10.0.0.1 says ping 20.0.0.4 it means user wants to know network layer status of 20.0.0.4.This computer will start creating
frame. First field will be data where it will be written that I want to know network layer status of 20.0.0.4. Next will be header.
First field of header will be SIP. Computer will go to routing table and ask what is my ip. Routing table will say IP is 10.0.0.1. Destination IP means IP
where we want to go. It will be picked up from command line but before writing it to DIP field computer will ask can i reach 20.0.0.0 network to routing
table.
-> Routing table will say No. I have only one network card and my IP is 10.0.0.1 and i can only reach 10.0.0.0 network.
-> Computer will say OK and ask second question do I have a gateway device. Routing table will say YES we have gateway device. So computer will say OK we
will go to 20.0.0.4 using gateway.
SIP DIP SMAC DMAC
---------------------------------------------------
| 10.0.0.1 | 20.0.0.4 | AAA | RRR (Gateways MAC) |
---------------------------------------------------
-> If source ip and destination ip are in different subnet destination MAC will be gateways MAC. So computer will first go to Routing table and ask what is
our gateways MAC. Routing table will say 10.0.0.10 then computer will go to ARP Table and ask what is MAC of 10.0.0.10. If mac table knows good otherwise it
will send arp broadcast learn mac address and then put it in DMAC field.
-> As soon as data is put on wire it will be received by switch and switch will check its smac and dmac and then send it to RRR. As soon as RRR's layer1 se
layer 2 receives data and it will ask where u want to go. Packet will say RRR, so router will say I am RRR you have come for me. Router will keep aside
layer 2 information and send the rest to layer 3 and layer 3 will open layer 3 information and ask where u want to go. Packet will say 20.0.0.4. Router will
say but i am 10.0.0.10. Since I am router i will help you, router will refer routing table to take forwarding decissions. Router will ask can we reach
20.0.0.0 network, routing table will say yes we have one network cared E0/1 which is on 20.0.0.0 network via this interface we can reach 20.0.0.0 network.
Only if a router can reach a network router will modify the frame.
-> For end to end IP traceability, source ip and destination ip will never change but at every hop in ethernet communication source mac destination mac
will change.
SIP DIP SMAC DMAC
------------------------------------
| 10.0.0.1 | 20.0.0.4 | RRR | DDD |
------------------------------------
Router will also have ARP Table. Router will ask ARP Table what is mac of 20.0.0.4. ARP Table will say I don't know. So router will send ARP broadcast learn
MAC address and put it in ARP Table. (But switch cannot send arp broadcast)
-----------------
Router Operations
-----------------
-> Router is an intellegent device.
-> As soon as router receives a packet on a port it will open layer 3 information read Destination ip refer routing table to take forwarding decissions.
-> IP address is layer 3 address routing table is layer 3 table and hence router is a layer 3 device.
-> Since router takes help of routing table, it is very much necessary that routing table populates.
-> Routing table can be populated in three ways.
i) Directly connected roots entry will come automatically in routing table. (Routers ke routing table mein directly connected routes ki entry automatically ayegi.)
ii) I as an administrator can go and make static entries in Routing table.
iii) Routing protocols can automatically learn roots and populate in routing table. (We can run dynamic routing protocols between two routers. )
iv) Router can send arp broadcast. If router receives broadcast on a port it does not forward the broadcast to other ports it blocks broadcast.
Q) Why does Router block broadcast ?
-> If router also receives broadcast then it will create broadcast loop. Who will break broadcast in that case. So router blocks broadcast.
-> Every upper layer device will do lower layer work also.
Note:
Switch is layer 2 device it will do layer 2 and layer 1 function also. (At layer 1 boost electrical signal)
Router is layer 3 device it will do layer 3, layer 2 and layer 1 function also.
Q) We have learnt that every ethernet network card has uniq mac address. BUT we can see that RRR is given to E0/0 and E0/1 also.
Algad Explanation : Yes two ports of router can have same mac address. Every port of router is in different network/house. If we call RAM in one house ram
of other house will not come since both the ports are in different network/home. So two ports of router can have same mac address.
Technical Explanation : When a frame was sent to switch for RRR it contained DATA ,SIP 10.0.0.1 and DIP 20.0.0.4 SMAC AAA and DMAC RRR. As soon as switch
received frame, switch had RRR on two ports, port no. 3 and 4 so switch would have made two copies of frame. One would have been sent to port 3 and other to
port 4. If the frame comes to port 4 wat will happen we have already seen Now lets see wat will happen with frame received on port 5.
Router will ask where you want to go So frame will say RRR. So router will keep aside layer 2 information and other info will be forwarded to layer 3.
When layer 3 of router opens layer 3 information it will ask where you want to go. Frame will say 20.0.0.0 network. So router will say go What can i do
for u in this case. (Meaning If a request comes from 20.0.0.0 network for 20.0.0.0 network router will discard the packet. Bcause router routes
between network it is switch that switches within network.)
-> So what we understood now is if 10 network's RRR is called 10 networks RRR will reply and if 20 network's RRR is called 20 networks RRR will reply.
-> So two ports of router can have same mac address or different mac address.
=================
Router Features :
=================
1) Router is an intellegent device.
i) Router routes between networks.
ii) As soon as router receives packet on a port it will open layer 3 information, read destination ip address refer routing table to take forwarding decisions.
iii) Routing table is layer 3 table, ip is layer 3 address and hence router is layer 3 device.
2) Router is multiple broadcast domain device(Broadcast on one port will not be received by other port.)
3) Router does not forward collision as it is intellegent device. (Router RUNT, GIANT check karega and all)
4) Routers will learn directly connected roots automatically and populate in routing table.
5) Router routes packets only if it has roots to reach a network.
6) Routers routes between networks whereas switch switches within subnet.
7) Hence every port of router should belong to different subnet.
8) No two ports of router can belong to same subnet.
9) Every port of router is member of seperate collision/broadcast domain.
10) Router is multiple collision/broadcast domain device.
11) Multiple ports of router can have same mac or different/multiple mac address depending upon maufacturer to manufacturer.
12) Every upper layer device will do lower layer function also.
13) Router is a layer 3 device and will do lower layer functions also.
-> For end to end ip communication every router should have route to reach all networks otherwise the packet will be discard.
==========================================
Explanation of End to End IP communication
==========================================
Query : Ping 30.0.0.1
Comp
----- -------
|AAA| | BBB |
----- -------
| IP : 10.0.0.1/24 | IP : 30.0.0.1/24
| dfg : 10.0.0.10 | dfg : 30.0.0.10
------------------------- --------------
|SWITCH 1 2 |--| |--| 2 SWITCH 1 |
------------------------- | | --------------
| E0/0 -> 10.0.0.10/24 | E0/0 -> 30.0.0.10/24
--------- SERIAL LINK -----
| RRR |---------------------------------------------------|SSS|
--------- S0/0 -> 20.0.0.1/24 S0/0 20.0.0.2/24<-----
IP ROUTE 30.0.0.0 255.255.255.0 20.0.0.2 IP ROUTE 10.0.0.0 255.255.255.0 20.0.0.1
FRAME
---------------------------------
| 10.0.0.1 | 30.0.0.1 | AAA |RRR|
---------------------------------
-----------------------------------------------------------------------------------------------------------------------------------------------------------
IP FLOW :
Description :
A person sitting on PC says ping 30.0.0.1 it means he wants to know network layer status of 30.0.0.1 at this moment what happens ?
-> Computer AAA will start creating frame, in frame first field will be data where it will be written I want to know your network layer status.
To get network layer status computer will create frame first field data next computer will attach header to this frame. First field of the header will be
Source IP, computer will ask routing table what is our IP. Routing Table will say we have only one nic card whose IP is 10.0.0.1 and this is our IP.
This IP will be picked up and put in SIP field by computer. Destination IP means the IP where frame needs to go, it will be picked up from command BUT
before picking up 30.0.0.1 IP from command computer will ask Can I reach 30.0.0.0 network. Routing table will say No I have only one network card whose IP
is 10.0.0.1 and I can only reach 10.0.0.0 network. Okay if i cannot directly reach 30.0.0.0 network do i have a gateway. Routing table will say yes we have
gateway. If computer can directly reach a network Good else computer will take help of gateway. Since the computer (AAA) has default gateway computer will
pull the default gateway and use it. SMAC means Source IP's mac, so computer will go to ARP Table and ask what is MAC for 10.0.0.1. ARP Table will say
AAA and put it in SMAC Field. If source ip and destination ip are in different subnet destination mac will be gateways mac. Computer will ask ARP Table
what is gateways mac address if there very good else ARP boradcast will be sent to learn MAC address and put RRR in DMAC field.
Frame will be put on wire first switch will receive it and from layer 1 layer 2 of switch will receive frame and ask where have u come from.
Frame will say AAA switch will check its MAC table and then refresh it and then ask where u want to go. Frame will say RRR. Switch will check RRR in MAC
Table and come to know that RRR is on Port No. 2 switch will refresh mac table and bridge information on port no. 2.
Scenario 1 -> As soon as packet reaches router, from layer 1 layer 2 will receive packet and ask where u want to go. Packet will say RRR so router will say
I am RRR you have come for me only. Router will keep aside layer 2 information remaining packet will be sent to layer 3. layer 3 of router will open the
packet and ask where u want to go. Packet will 30.0.0.1. Router will say wait "Router refers routing table to take forwarding decissions." Router will
ask routing table can we reach 30.0.0.0 network. Routing table will say No we have only 2 directly connected routes i.e 10 and 20 and we can only reach
these two networks. If at layer 3 router does not have route to reach a network router will discard the packet.
Initially router's table will only have information about directly connected routes.
For end to end ip communication every router should have routes to reach all the networks otherwise router will discard the packet.
In our example we have 3 networks. 10, 20 and 30. There are 2 ways of populating routes.
1) Statically and
2) Dynamically
-> We can make static entry on RRR that if u want to go to 30.0.0.0 network send packet to 20.0.0.2 since I can reach it bcause it is directly connected.
-> On the other hand on SSS we can make entry that if u want to reach 10.0.0.0 network send packet to 20.0.0.1.
So we will write on RRR IP ROUTE 30.0.0.0 255.255.255.0 20.0.0.2.
Scenario 2 : As soon as packet reaches router, from layer 1 layer 2 will receive packet and ask where u want to go. Packet will say RRR so router will say
I am RRR you have come for me only. Router will keep aside layer 2 information remaining packet will be sent to layer 3. layer 3 of router will open the
packet and ask where u want to go. Packet will say 30.0.0.0 network. Router will say wait router will refer routing table and ask can i reach
30.0.0.0 network. Routing table will say yes we have route through 20.0.0.2. Now router will ask where is 20.0.0.0 network. Routing table will say 20.0.0.0
network is on Serial 0. If router has route to reach a network router will modify the packet.
New packet will be as follows:
-----------------------------------------
| 10.0.0.1 | 30.0.0.1 | PAT | PAT |
-----------------------------------------
VIMP : For end to end ip communication source ip and destination IP will never change BUT at every hop in ethernet communication SMAC and DMAC will change.
BUT IN SERIAL COMMUNICATION THERE IS NO MAC AND SO MAC WILL NOT GO INSTEAD PAT WILL GO. (PAT is nothing but buffer)
As soon as SSS receives packet layer 2 information will be kept aside and remaining packet will be given to layer 3. Layer 3 will open layer 3 info
and ask where you want to go. Packet will say 30.0.0.0 network. Router will refer routing table and routing table will say If u want to go to 30.0.0.0
network go to E0. If router has path to reach a network router will modify the packet. For end to end ip communication source ip and destination ip will
never change but at every hop in ethernet communication SMAC and DMAC will change. New frame will be as follows :
-----------------------------------
| 10.0.0.1 | 30.0.0.1 | SSS | BBB |
-----------------------------------
Next the packet will be put on wire and reach destination computer.
-----------------------------------------------------------------------------------------------------------------------------------------------------------
PART - 2
=========
OSI LAYER
=========
-> OSI Layer is a framework (dhancha) of networking standard which does not tell us how technology (software) works but instead OSI Layer says that If u
have innovated some software for networking then how to open standards of that is explained by OSI layer.
-> If we want to open framework first we will talk about physical specification.
-> Next we will talk about electrical specification.
-> Next environmental specification.
-> In the similar way from physical layer to Application layer OSI layers specifications hain.
-> OSI Layer is framework of 7 layers. (Physical to Application)
-> We know that there are 2 layers in ethernet and serial technology. While learning OSI layers we will learn Layer 1 and 2 in ethernet and serial perspective
and all other layers in Upper Layer Protocol Stack.
1) What Physical Layer says ?
-> Physical Layer says if there is something that we use between 2 communicating devices to establish communication channel then it will be known as Physical
and we have to open all the standards in our technologys physical layer.
-> Anything that is physical or physical in nature that is used to establish communication channel between 2 communicating devices then standard of those
should be open in physical layer of your technology. Things like cables, wires, pin outs, voltages, boosting devices are all layer 1.
-> RS 232 is physical layer standard of serial technology it says that if u want to use my standard then use 9 pin D type connector or 25 pin D type
connector. If we are using 9 pin D type connector then pin no. 2 3 and 5 should be used for communication. 2 will be for transmit and receive 5 will be for
route and if we are using 25 pin then pin no. 2 3 and 7 will be used for communication. 2 and 3 for transmit and receive and 7 for route.
-> If you are using my standard signal will travel + - 12 volts. You can use straight wires for communication and this can go upto 200 metres.
All of the above is physical layer specification of serail technology's RS 232.
V.35 is serial technology's physical layer specification. What does it say ?
-> It talks about cables, wires, connectors, pinouts, voltages.
-> Usually in live communication we will see V.35 ports.
2) Data Link Layer
-> A lot of understanding is required between 2 communicating devices connected over physical medium before actual communication happens.
-> Understanding like Start Bit, Stop Bit, rectification, error corection, compression.
-> If I send high signal (i.e 1) for 8 seconds from 9th second data will get jam.
-> If I suppress signal data for 3 seconds in 4th second data will paak.
-> So we need to send data with crc code. Compression should also be used with same compression algorithm.
-> As per OSI layer if your technology has anything that creates understanding between 2 communicating devices before actual communication can happen then
details of those softwares/protocols should be open in Data link Layer of your technology.
-> Ethernet technology would have open CSMA/CD fundamental in its Data Link Layer. Since ethernet technology is used in LAN it is known as LAN protocol.
-> Serial technology was created by many in their own ways. So serial technology has many ways of working. In real world only PPP is used. Since serial
technology is used in WAN it is known as WAN protocol.
In ethernet technology there is only one understanding (CSMA/CD) but in serial technology there are many understading, so we need to select one.
-> On routers serial port we will have to define what understanding we will use.
-> On routers serial port we will write interface s0/0
-> encapsulation ppp - we defined that on this serial interface ppp software/protocol will work.
-> On the other router connected to this interface SHOULD ALSO COMPULSARILY HAVE PPP PROTOCOL.
-> Default protocol of Cisco Routers serial port is HDLC. It is proprietory.
Note : IP Uppler layer protocol can work on Ethernet technology or Serial technology also.
-> Technology has point to point visibility. End to end visibility is IP Upper layer's job.
-> We may have multiple technology in our network providing communication.
-> For end to end visibility ip upper layer protocol takes help of Routing Protocols.
-> Routing protocols job is to learn about all networks, to learn about all paths to reach all networks and to select best path to reach all network.
-> Routing protcols like RIP, IGRP, EIGRP, OSPF, ISIS, BGP.
VVVIMP -> Router is command to select layer 3 protocol whereas encapsulation is command to select layer 2 protcol.
Router RIP -> RIP will get activated.
-> For RIP best path is the one with less hops.
3) Network Layer
-> AS per OSI layer if your Uppler layer protocol stack has any tool/software or protocol which is responsible about learning all networks to learn about
all paths to reach all networks and to select best path to reach all network then details of those softwares should be open in network layer of your
upper layer protocol stack. IP Upper layer protocol has multiple such protocols which is responsible about learning all networks to learn about
all paths to reach all networks and to select best path to reach all network. These are known as Routing protocols.
-> There are 2 types of protocols:
i) Routed protocols : means those protocols who cannot find route themselves. (IP is routed protocol)
ii) Routing Protcols : means those protocols who learn routes and provide it to routed protocols for communication.
Application Layer :
-> Application layer says that if your Uppler layer protocol stack has any tool/software or protocol which you provide to your user then details of those
tools/softwares should be open in Application layer of your upper layer protocol stack.
Presentation Layer :
-> As per OSI layer if your upper layer protocol stack has any tool/software which is responsible to convert code before delivering and restore code before
giving to user then details of those should be open in Presentation layer of your upper layer protocol stack.
-> IP Upper layer protocol stack says I do not support code conversion and hence there is no Presentation Layer.
-> Session development recording not there.
===================
Session Maintenance
===================
How session maintenance happens and why it is required ?
-> When a person sitting on a computer writes www.yahoo.com Clicks on Email to Female, www application of application layer gets activated. www will
prepare data field and write I want email and female.
Note : In IP communication below Application layer resides transport layer.
-> Www awakened Transport layer and asked it to deliver this data to yahoo.com.
-> Transport layer's tcp software initiated a session (bcause www is tcp application guaranteed delivery)for sending this data and gave this session
to below layer (i.e Network Layer)
-> Network layer will put header before this DATA. Header will contain SIP will get from routing table and put it in SIP field, DIP means IP where frame needs
to go. But command is www.yahoo.com. IP Packet reaches IP not name.
-> This computer will send DNS request to DNS server and get IP address of yahoo.com and store in host table..
-> So now DIP will be received from host table and put in DIP field. Next the packet will be put on wire.
-> Data will go on wire and will be received by layer 1 of yahoo.com server. From layer 1 Upper layer protocol will receive packet. Layer 3 software will
open layer 3 information and ask where u want to go. Packet will say 20.0.0.2 (IP of yahoo.com in our scenario). Layer 3 will say you have come for me it
will keep aside layer 3 information and provide the remaining packet to Network Layer. Network layer will read data and write email and female wherever
applicable.
-> Next it will prepare data and now what was source will become destination and what was destination will become source.
-> Data will travel on wire and will be received by Layer 1 se layer 2 se layer 3 of users computer.
-> Layer 3 of users computer will open layer 3 information and ask where u want to go. Packet will say 10.0.0.1. Computer will say I am 10.0.0.1 you have
come for me it will keep aside layer 3 information and remaining packet will be given to upper layer(Network Layer).
-> BUT will the layer 3 understand what data (Email and Female) needs to be sent at what place of upper layer.
-> No.
Solution : Whenever transport layer initiates session it gives uniq source port to this session. Anything above 1023. 1 to 1023 is reserved for valid IP
application. Since the conmputer had the first uniq port no. 1024 available it gave this session 1024 port number. So second session which was initiated
was given uniq port number 1025. So when network layers tcp software initiated a session it gave this session a uniq port number of 1024. Transport layer
will now encapsulate the data with its own header. First field will be Source port number which will be 1024 and also destination port number which is the
port number of the application where you are sending the request. www will have port number 80. So 1024 port nmumber will be given to email and 1025 will
be given to female. At the time packet is received data meant for 1024 will be received by 1024 and that meant for 1025 will be received by 1025.
Transport Layer Encapsulation
Source Pt Dstntn Prt
-------------------------
| 1024 | 80 |
-------------------------
Q) What is Port NUmber ?
-> Port number means its a software on which application is ported (means written) like www.
-> When the packet goes to Transport layer of yahoo.com it will ask where u want to go. Packet will say port number 80. So transport layer will send data to
port number 80. A response packet will be created.
-> In this way session maintenance is done.
-> On PC's application layer will be elaborated BUT on router Network layer will be elaborated.
Query : Ftp 30.0.0.2 PUT AISh.jpg
Ftp protocol of application layer will get activated and pull ash.jpg from hdd and kick the underlying technology (transport layer) and ask to deliver the
data to 30.0.0.1. Transport layer will not deliver Aish.jpg of 700 mb in one instance, instead it will segment Aish.jpg and mark the data. Now transport
layer will open one one segment and encapsulate it with its own header. Every session will have uniq Source port number anything above 1023. So 1024 will
be attached to the data. Destination port will be applications port (i.e FTP's port in our case). Transport layer will now put CRC code for error correction
and now kick network layer and ask to deliver data to destination. Now this whole field (Data + header of transport field) will become data for netwrok
layer. Network layer will put its own header. Source IP means own IP, it will ask routing table what is my Ip. Routing table will say I have only one nic
card and its IP is 10.0.0.1. So this IP will be pull and put in SIP field. Now layer 3 will add priority field (Type of Service like Voice, Video or Data)
Now network layer will send this packet to underlying technology to deliver it to destination. Now all of the above will become header for technology and
technology will encapsulate this header with its own headers. For SMAC technology will go to LLC. LLC will put SSAP DSAP and will do frame check sequence
means CRC code. DMAC will be either learnt or received from mac table.
On the other hand from layer 1 to layer 2 and from layer 2 to layer 3 will receive the packet. Layer 3 will ask where u want to go. Packet will say
30.0.0.2. layer 3 will say I am 30.0.0.2 you have come for me it will keep aside layer 3 information and provide remaining packet to transport layer.
Now transport layer will check CRC code if it is perfect it will ask where u want to go. Packet will say port number 20 (Data packet). Now ftp software will
receive 1 of 5 and now it will prepare acknowledgement packet. Now ulta ho jayega sending 2 of 3 and wat was source will become destination and vice versa.
This will happen until 5 of is sent. After 5 of 5 is sent acknowledgement is always new number so will it send 6 of 5.
This is known as Half Open TCP session.
Solution : When 5 of 5 is sent computer will send tcp_syn which means it will ask to synchronise and ask that if all 5 are received please close this
TCP session. If the receiving computer receives 5 of 5 with perfect crc code it will send TCP_ACK informing OK I acknowledge your tcp_syn and receiving
computer will also send tcp_syn and sending computer will tcp_ack. When both the computers will exchange tcp_syn and ack then they will gracefully terminate
the session and port number will be released.
=============
IP SUBNETTING
=============
-> IP Address is a 4 byte (4 octet) 32 bit decimal address. (every byte has 8 bit).
-> Mask tells us number of bits on network side.
How to do Subnetting ?
-> FIRST ALWAYS see sweet spot. Check what is netmask.
-> CLASS of ADDRESS has nothing to do with our day to day planning, designing and implementation. Or else if their then BARE MINIMUM.
Q) Why Class of Address was made ?
-> Class of Address was made for IP Address Distribution purpose for IANA.
-> IP Address's first Octet's Number will decide it is in which class.
Q) Why Subnetting ?
-> If any organisation has multiple branch offices which are geographically seperated, if connected then they are said to be connected on MAN or WAN.
We use Serial technology and Routers to connect on MAN and WAN. Since router routes between networks hence every port of router should be in different
subnet and hence every office should be in different subnet.
-> Subnetting is nothing else but mask manipulation. (game of mask)
-> Two directly connected routers/communicating devices (may it be router,switch,pc's etc) should be in same subnet.
-> Two ports of router should be in different subnet.
-> Network Design should be hierarchical.
Q) If i buy ethernet link on WAN then I don't need to buy a Router ?
-> Yes. Ethernet on WAN is usually ethernet over Switch
BUT there is a problem ?
-> Broadcast will go to all people. Silvasa ka Broadcast New York mein sunie dega.
---------------------------------------
Classfull Address and Classless Address
---------------------------------------
-> Classfull Address is address with default mask.
-> Anything which is not default is classless address.
-> IP subnet zero and last subnet are not usable. To use it on Cisco Router command is ip subnet-zero.
-> By default cisco routers only allow classfull addresses configured on its interface. If you want to configure classless address then give foll command :
# ip classless
-> From Cisco IOS version 12.0 onwards IP Classless and IP Subnet zero has become default commands so no need to type it.
-> A Subnet that is used at any part of the network cannot be re-used otherwise it will lead to sub-optimal path.
Q) What is Sub-Optimal Path ?
->
============
FLSM network
============
-> Fixed Length Subnet Mask is the network in which subnets have fixed length mask.
->
------------------------
Drawback of FLSM Network
------------------------
i) You tend to waste IP Address.
ii)
============
VLSM Network
============
-> VLSM is a network in which subnets have variable mask.
-> Host address is configured on interface whereas network address is configured on link.
-> As per Rule for end to end ip communication every router should have routes to reach all networks. To manage routing table of 1000 route will be
difficult.
Issue : Huge routing table.
Memory and proc usage will be high.
Packets forwarding delay.
-> Flapping network issue.
Issue : Memory and proc usage will be high.
Packets forwarding delay.
Solution : Sumarisation
Rules of Summarisation
----------------------
1) Only Addresses in sequence can be summarised.
2) Only two addresses or its power can be summarised. ( 2 is to 1,2 is to 2, 2 is to 4...)
=========
ROUTING
=========
1) For end to end ip communication, just having forwarding path will not help reverse path is equally important.
2) If I can reach a host in a network does not mean I can reach all host in that network.
3) For end to end ip communication, all routers shud have routes to reach all networks. Initially routers routing table will contain routes of directly
connected networks only. (This is from Week 10 voice M028)
---- S0/0 20.0.0.1/24 ----
|R1|----------------------------|R2|
---- S0/0 20.0.0.2/24 ----
| |
| |
| |
PC PC
10.0.0.1/24 30.0.0.1/24
dfg 10.0.0.10 dfg 30.0.0.10
So we will have to give routes for the networks.
There are 2 ways of writing routes:
1) Static
2) Dynamic
Statically we can mention the following
On Router 1 > IP route 30.0.0.0 255.255.255.0 20.0.0.2
On Router 2 > IP route 10.0.0.0 255.255.255.0 20.0.0.1
Dynaically we can enter the following commands:
On Router 1
ROuter RIP -> This command is used to activate/satrt RIP process.
Net 20.0.0.0 -> This command will ask RIP to get routing updates on interface in these networks. (These networks should be directly connected)
Net 10.0.0.0 ->
On Router 2
ROuter RIP -> This command is used to activate RIP routing protocol.
Net 20.0.0.0
Net 30.0.0.0
-> 20 network ka route wapas 20 network pe kabhi nahi bhejega.
-> RIP's best path selection criteria is hop. (Criteria is wajan)
-> If criteria is wajan metric is kilogram in similar way if criteria is hop then metric is hop count.
-> Lower the metric is always better path.
-> OSPF criteria is bandwidth. Wherever bandwidth is more it is better path.
-> OSPF metric is COST.
-> Higher the bandwidth lower the cost, lower the cost better the path.
-> OSPF has given every bandwidth a cost, as soon as bandwidth increases cost decreases and vice versa.
-> If both the routing protocols entry is in Routing table router will get confused what to do ?
-> On cisco router every routing protocol is given a trustworthyness. (It is known as Administrative Distance.)
-> RIP's AD Value is 120 predefined, ospf's AD value is 110 predefined and Static routes AD value is 1 predefined and directly connected routes AD value
is 0 predefined.
-> Lower AD value is best. Highest is Worst.
If a link goes down wat to do ?
-> We cannot purchase 2 dedicated links as the cost of links is very high. Sow we can take ISDN link. ISDN link is a Dial-Up link which is provided MTNL etc
===================
EQUAL METRIC ROUTES
===================
--------- 2 ---------
| |---------------| |
--------- ---------
| |
2 | | 2
| |
--------- 6 ---------
| |---------------| R1 |
--------- ---------
\ /
\ /
\ /
3 \ / 3
---------
| |
---------
Routing Protocol Prospective
-> If routing protocol has multiple routes to reach network and if all routes are equal metrics then all will reflect in Routers Routing Table.
-> In above diagram from R1 router there are 3 routes to reach 10.0.0.0/24 and all are equal metric then all will be considered as best route by routing
protocol & will be seen in routing table.
Router Prospective
-> If router has multiple path provided by a routing protocol in routing table to reach a network, and if all path have equal metric and are best path then
router will load balance traffic over equal metric path and default load balancing is session based. Hence some will be highly loaded and sone will be
least loaded. This can be changed to Destination based or host based.
-> Cisco Router can load balance between 16 equal metric paths.
-> With ref to ISDN Routing diagram.
Q) BUT if we load balance between Serial and ISDN link then we will be using ISDN 24/7 which is very costly.
-> Static Routing protocol is the only protocol that does not see metric it looks at AD Value.
-> If we spoil AD value of any route then it will not be the best path.
-> In static routing protocol best path selection is not based on metric. It is based on AD value. To change AD value of static route we give following cmd:
# IP route 10.0.0.0 255.255.255.0 40.0.0.1 200 (This will bring following entry in routing table.)
-------------------------------------------------
| S 10.0.0.0/24 [200/0] via 40.0.0.1
Note : This is static route with AD value 200 not so best path.
Different ways of writing static routes :
IP route 10.0.0.0 255.255.255.0 40.0.0.1 -> (Best Practice)
|-IP route 10.0.0.0 255.255.255.0 S0/0 -> This will make following entry in Routing Table.
|
| ---------------------------------------------------------------------
| | S 10.0.0.0/24 directly connected to Serial 0/0
|
|
|-> This is static route with AD Value 0 not advisable.
* IP Route 10.0.0.0 255.255.255.0 20.0.0.1 Permanent -> This will make permanent route entry in routing table which will remain in routing even if next hop
is unreachable.
-> Only when best path goes out of routing table next best path will be used.
Q) When to use Static Route and When to use Dynamic Route ?
-> Static route is not the best route always it is improper if our network is complex.
-> Only if 2 or 4 networks static route is good but not for more then that.
--------- 10.0.0.0/24 ---------
| R1 |---------------------------------------| R2 |
--------- .1 ---------
^
|
STUB ROUTER|
-----------
IP route 0.0.0.0 0.0.0.0 10.0.0.1
-> In static route administrator uses his mind router does not use his mind. It shud br used when your router does not have enough processing power and
memory.
-> Stub router is a router with single exit point.
-> In stub router there is no need to write multiple routes instead write single route pointing to gateway.
========================
Dynamic Routing Protocol
========================
There are various types of Dynamic Routing Protocol.
1) RIP, IGRP, EIGRP, OSPF, ISIS and BGP.
IGP(Interior Gateway Protcol) EGP(Exterior Gateway Protcol)
| |
---------------------------------------------------- -----------------
| | | | | | |
RIP V2 RIP V1 IGRP EIGRP OSPF ISIS BGP (Broader Gateway Protocol)
DV DV DV AD.DV LS LS DV
Classless Classfull Classfull Classless Classless Classless Classfull
Note : DV stands for Distance Vector and LS stands for Link State Routing Protocols.
--------------------------------
Distance Vector Routing Protocol
--------------------------------
-> DVRP is routing protocols kaam karne ke terike ka distinguish hain.
Function of Routing Protocols
1) to learn about all network
2) to learn about all path to reach all network
3) to select best path to reach all network.
-> Distance Vector Routing Protocols are protocols in which
i) Updates are periodic. (sent every 30 or 90 seconds)
ii) Entire routing table is sent as part of update.
iii) Updates are sent as broadcast. (Layer 3 broadcast 255.255.255.255)
iv) Updates are sent to directly connected neighbours only and not to the entire group. (Since updates broadcast hota hain and router stops broadcast)
v) In DVRP routers don't have end to end visibility of entire network. Directly connected neighbours are the worlds.
vi) Because updates are periodic, hence convergence is slow. ( adapting to change) [routers will learn late that a specific (e.g 10.0.0.0) network is down]
vii) Due to slow convergence there is possibility of a batch can be created in network that carries wrong information. (called as blackhole)
===========================
Link State Routing Protocol
===========================
-> Link State Routing Protocol are protcols in which
i) Updates are trigered they are not periodic.
ii) Updates are incremental entire routing table is not sent as an update.
iii) Updates are multicasted they are not broadcasted.
iv) Updates are sent to the entire group.
v) Link state routers have end to end visibility of entire network and not just directly connected routes.
vi) Convergence is fast because updates are trigerred.
vii) Link state routers send SPF cost info and SPF Tree info as part of update which helps link state routers build Topology tree/table that provides
routers with end to end visibility of entire network. (SPF -> Shortest Path First). This also helps in fast convergence and next best path calculation.
=======================
Hybrid Routing Protocol
=======================
-> Hybrid Routing Protocol is a protocol which is created by taking best of Link State and Distance Vector routing protocol.
=========================================
Classfull and Classless Routing Protocols
=========================================
1) Classfull Routing Protocols -> are routing protocols in which mask is not sent as part of update. But it is mask that informs how many host in network.
So router will check the first octet which is 10 in our case and give it mask of /8.
10.10.10.0/24
--------- 10.10.10.0
--------| R1 |----------------------------\
--------- \ Packet
\--------- -------------
| R3 | | 10.20.20.1|
/--------- -------------
--------- /
--------| R2 |----------------------------/
---------
10.20.20.0/24 10.20.20.0
---------------------
| 10.10.10.0 -> R1
| 10.10.10.0/8 -> R1
| 10.0.0.0/8 -> R1
|
| 10.20.20.0 ->R2
| 10.20.20.0/8 ->R2
| 10.0.0.0/8 -> R2
-> Classfull routing protocols are protocols in which
1) Mask is not sent as part of updates.
2) It will automatically summarise to clasfull boundaries.
3) It may lead to sub optimal path.
Q) How will we understand that a network has routing loop ?
-> If in our company if there is a network down or network hop count keeps on increasing then it indicates that there is loop in network.
-> Distance vector routing protocols are prone to routing loops.
-> Symptom is counting to infinity.
Explanation : Routers will be exchanging wrong hop counts for routes that have gone down and this can keep increasing upto infinite.
Solution :
I]
1) Defining a maximum.(If router gets update of more then 16 hop then it will understand that network is unreachable)
2) 16 hops were defined maximum (0-15). 16th hop was defined as unreachable.
Drawback :
1) Limits network scalability to 16 hops (scalability -> extendability).
II]
1) Never send update back in direction from which the original packet was received.
Drawback : If you are not sending packet back in direction redundancy is lost.
Other Solutions are :
III]
Route Poisoning
IV]
Holdown Timer
V]
Poison Reverse
VI]
Trigerred Update
--------------------------------------
Working of Link State Routing Protocol
--------------------------------------
-> As soon as 2 link state routing protcols come up they will start exchanging multicast helos. Multicast helos are exchanged only with directly connected
routers.
-> When 2 multicast routing protcols exchange helos with one another they will become neighbous to one another and their entries will be added in
neighbour table.
-> Only directly connected routers will become neighbours.
-> Every routing protocol hosts topology table except RIP and IGRP bcause they are DVRP.
-> Toplogy table is a table that has all paths to reach all networks but routing table is a table that has best path to reach all networks.
-> Exchange of topology table will keep happening until all routers have learnt about all networks, all paths to reach all networks.
-> Once all routers have learnt about all networks, all paths to reach all networks they are said to be in Full state.
-> After all routers are in Full state 3 things will happen:
i) Exchange of toplogy table will stop. After this updates will be sent only if network goes down or network comes up and that also will be sent
(of network that has gone down) that too trigered and incremental only.
ii) Routers will run as Shortest Path First Algorithm which will pull best path and put it in routing table.
iii) Helos which were initially used to form neighbours will be now used as keepalive.
===
RIP
===
Router RIP -> Start rip process.
Network 10.0.0.0 -> Send updates on interface that have this networks. (directly connected network)
passive s3 -> this will stop sending broadcast update on serial 3 interface.
(Check notes for other commands)
show ip protocol -> This will provide details of protocol running on your router.
Note : RIP send update every 30 seconds.
Invalid timer : means usually route comes in 30 seconds if by any reason route does not come in 180 seconds Routing table will consider it invalid and if
till 240 seconds route did not come then it wud be flush from routing table.
To enable RIP V2.
# router rip
# version 2 (Enable classless routing protocol.) Send mask as a part of updates. But while configuring don't write mask.
# net 10.0.0.0
# net 172.16.0.0 (Only classfull way is allowed.)
-> RIP AD Value is 120 metric is hop count criteria is hops.
-> Updates at every 30 seconds and so on.
show ip route -> This command shows routing table.
Debug :
Explanation : Debug is a troubleshooting command that provides details of program running in background and brings it on screen for troublehooting and
debugging purpose.
=====
EIGRP
=====
-> EIGRP is a advanced Distance Vector Routing protocol.
-> It's a Cisco Proprietory Routing protocol. Works only on Cisco Router.
-> It's a classless routing protocol means sends mask as part of updates.
-> EIGRP has 3 AD Values:
i) 90 -> Internal
Routes that we learn from EIGRP process that works in our Autonomous (AS) is Internal EIGRP. (organisation)
(Routes that we learn from our own EIGRP process that is called as Internal EIGRP route.)
ii) 170 -> External
Routes that are redistributed in EIGRP process for external autonomous(organisation) or routing protocol are marked as External route by
EIGRP and given AD value 170.
iii) 5 -> Summary EIGRP
When roots are summarised in EIGRP process, EIGRP gives it better AD Value.
EIGRP's metric is called Composite Metric
-> EIGRP is a IGP Protocol. Organisation mein chalne wala protocol.
-> We should give all routing protocols of an organisation same AS value to make them neighbours otherwise they will not become neighbours.
==============
WILD CARD MASK
==============
-> Wild card mask is another way of writing mask.
20.20.20.0 (-255) 255.255.255.0 -> netmask
0.0.0.255 -> wildcard mask.
20.20.20.0 (-255) 255.255.252.0 -> netmask
0.0.3.255 -> wildcard mask
-> So 0 to 3 (4) subnets are possible.
-> Wild card mask show number of hosts in network.
Host Specific Mask
------------------
IP 10.0.0.1 mask 255.255.255.255 -> This shud be used when netmask is not known or don't know how to calculate netmask.
10.10.10.0/24 20.0.0.0/24 30.0.0.0/24 40.0.0.0/24
.1 --------- .1 .2 --------- .2 .3 --------- .3
--------| |---------------| |---------------| |-----------
--------- --------- ---------
--------------------------
|EIGRP Neighbourship Rule|
--------------------------
-> Two directly connected routers will become neighbours only if
i) They belong to same AS.
ii) Their K values match.
-> EIGRP uses best path and next best path. Best path is successor and next best path is feasible successor. Bcause of this convergence is faster.
-> EIGRP sends 5 type of control packets.
i) Helo
ii) Update
iii) Query
iv) Reply
v) Acknowledgement
using multicast address 224.0.0.10.
-> EIGRP is Hybrid category of routing protocol it has taken some good part of link state and some good part of distance vector to create itself.
-> EIGRP sends helos every 5 seconds on link greater then T1 (1.54 mb) and every 60 seconds on link less then equal to T1.
-> Neighbour is declared dead if router misses 3 helos.
-------------------------------------------------------------------------------------------------------------------------------------------------
====
OSPF
====
-> OSPF is a link state routing protocol with AD value 110.
-> OSPF metric is COST.
-> Criteria is Bandwidth.
-> Relation is inverse. Higher the bandwidth lower the cost lower the cost better the path.
-> In OSPF only directly connected routers will become neighbour.
-> Cost is calculated as follows:
Cost = 10 raise to 8
------------ = 100000000
bandwidth --------- = 10
10000000 ==
Bandwidth is 10 mb.
-> OSPF does not have Autonomous System number.
-> OSPF is an administrator defined area. Within area no summarisation.
-> OSPF is a highly scalable routing protocol. It is made for handling thousands of routers and lakhs of routes.
-> OSPF routers have end to end visibility of entire network.
-> OSPF routers have end to end visibility in the form of topology tree.
-> oSPF uses trigered update.
-> Link state routing protocols are highly scalable created to work on thousands of routers their database is very strong.
BUT the drawback is that every update that you sent routers will do lot of re-calculation in their topology table to bring the next best path up and put it
in routing table.Now whats happening is that with every flap in network every router is doing processing of their topology tree to pull next best path.
In huge networks when we use OSPF the issue will be to control frequent SPF updates and SPF calculation.
-> Simplest solution to control frequent updates is Summarisation.
-> But if we summarise there will be lack of administrator visibility.
-> In OSPF area is administrator defined area.Within area no summarisation all routers will directly receive all routes directly unsummarised.
-> Area routers will have full visibility of routes in area.
---------
| BLR | Area 0
---------
(Area Border Router) R2 |
--------- |
| BKC |---------------|
Area 1 ---------
|
R1 |
---------
------------------------| Vashi |-----------------------------------------------|
| |-------|-----------------------| |
| | | |
| | | |
| | | |
--------- --------- --------- ---------
| | | | | | | |
--------- --------- --------- ---------
10.0.0.0/24 10.0.1.0/24 10.0.2.0/24 10.0.3.0/24
-> In OSPF routers are identified by Router ID (RID).
-> OSPF, EIGRP all have toplogy table BUT RIP does not have topology table.
-> In EIGRP routers directly connected interface IP is neighbour.
-> BUT IN OSPF neighbours are identified by RID.
---------
Router ID
---------
-> Router ID in OSPF is highest IP of loopback interface.
Q) What is loopback interface ?
-> Loopback address is a software interface created for testing purpose.
-> In abscence of loopback interface it is highest IP of active interface when OSPF starts.
---------
----------------------------| R1 |-----------------------------------
| --------- |
| | | |
| | | |
--------- | | ---------
| | [ ] [ ] | |
--------- 200.0.0.1/24 100.0.0.1/24 ---------
100.0.0.1/24 LOOPBACK 200.0.0.1/24
-> But when we configure OSPF and add 100 network it will be the highest IP for that instance it will be the highest IP or RID of active interface.
-> Once RID is elected it will not change even if interface with higher IP comes up. So 200.0.0.1 will never bcome RID.
====================
Multi-Access Network (ETHERNET and FRAME RELAY)
====================
-> OSPF's Behaviour on Multi-Access network is slightly different.
-> When OSPF runs on multi-access network it will elect leader(DR) and wise leader (Backup DR). Every other routers will work as DR Others.
-> If topology change occurs (down ya up) on DR others, it will send update to DR and BDR using multicast address 224.0.0.6. This is address on which
OSPF DR and BDR listens.
-> In turn DR will send this update to DR others.
-> If DR fails to send this update in stipulated time BDR will become DR and send it using multicast address 224.0.0.5.This is address on which DR others
listens. This is how BDR becomes DR. Once BDR becomes DR it will remain DR and will not change even if original DR comes up. Original DR will now act as
DR others.
-> Every routing protocol have different multicast address.
Q) Who will become DR ?
-> DR is router with highest RID.
-> DR is router with highest OSPF priority. Default priority is 1.
-> Possible priority is 0 to 255 where priority 0 means forcefull DR others and Priority 255 means forcefull DR.
-> If all routers have same priority, then election goes on RID.
-> Router with highest RID will become DR.
-> DR, BDR's are elected using helos post neighbour formation.
-> Initially when we send helos I will say helo my priority is 1 my RID is 10.0.0.1. I am DR and I am BDR.
-> My BDR will say helo my RID is 20.0.0.1 my priority is 1. I am DR I am BDR.
-> Now first router will say helo my priority is 1 my RID is 10.0.0.1. I am BDR 20.0.0.1 is DR.
-> OSPF's helos carry information like Priority, RID, DR ID, BDR ID etc which helps in DR BDR selection.
-> For every multi-access network one DR BDR will be elected.
--------- AREA 0 ---------
| | | |
--------- ---------
| |
20.0.0.2/24 ----------------------------------------- 20.0.0.3/24
|
|20.0.0.1/24 int fa 0/0
----------------- ip ospf priority 200
| |
-----------------
10.0.0.1/24 |
|
|-------------------------------------------|
--|------ ------|--
| | | |
--------- ---------
10.0.0.2/24 10.0.0.3/24
# router ospf 5 # router ospf 6
# network 20.0.0.0 255.255.255.0 # network 10.0.0.0 0.0.0.255 area 0
# network 10.0.0.0 255.255.255.0 # router rid 10.0.0.1
# router id 200.0.0.1
Q) How to change RID in OSPF ?
# Router ospf 5
# network 20.0.0.0 255.255.255.0
# network 10.0.0.0 255.255.255.0
# router ip 200.0.0.1
When OSPF will start it will check this router ip and take this router ip and start.
-> Stub area flag shud also match and Authentication password shud also match.
===========
ACCESS-LIST
===========
-> When we talk about securing our network we talk about paramter(boundary) security.
-> Security is set on routers which are internet facing.
-> Devices used in Permiter security are called Firewalls.
-> Firewalls are of 2 types :
i) Hardware Software : Appliance based firewall. (Cisco PIX, ASA)
ii) Software Firewall : Checkpoint Firewall.
-> These firewalls filter on Layer 3 and above basis (means IP and port addresses ke basis pe filtering karte hain.)
Q) Firewall has ethernet ports Why ?
-> Firewall requires ethernet port of higher bandwidth bcause as each packet comes in our network it is checked for integrity. (10mb or 100 mb)
-> Firewall is always besides Router.
-> If wan link is ethernet then firewall can be first.
-> If Firewall is besides Router we require lot of security on router. To protect router from attack router's operating system IOS has firewall.
-> One way of writing policy on firewall is writing Access-List.
-> Access-list filters data packet coming out or going in to the router.
Note : Two types of packet work on router.
1) Control Packet : helo, query, reply, routing table sent is all control packet. Usually control packets are multicast or broadcast packets.
2) Data Packet :
-> Access-list filters data packets entering/exiting router's port.
-> Access-list filters on layer 3 and above basis.
-> It does not work for control packets. (Multicast/Broadcast).
-> Standard Access-List filters on the basis of source IP Address, Destination IP, Source Port, Destination port, protocol (tcp,udp,icmp etc).
-> Extended Access-List
-> Like Access-list there are many other lists (policy).
1) Priority/Queue list
2) Dialer list
3) Routes list
==========
|WIRELESS|
==========
-> Wireless means in the air, radio frequencies.
-> Satelite and radio works on wireless. Wireless is used in different configurations:
-> Only one thing in Wireless Coverage increases bandwidth decreases, coverage decreases bandwidth increases.
-> In Satellite we get 19.2kbps speed. If we want more speed we have to use different frequencies of 19.2kbps and get 1gbps.
Note : There are different types of wireless communication :
1) 3G
2) 4G
3) Ioband
-> We will learn Wireless LAN.
-> Wireless that works on LAN gives coverage of 150 foots (on both sides).
-> Wireless network also has Personal Area Network (PAN),MAN and WAN.
-> Wireless technology works on one or another frequency.
-> Technology used in PAN is Bluetooth.
-> When we transfer data from Laptop to Mobile using Bluetooth, it is said to be Personal Area Network.
-> In wireless LAN we will use 802.11 a,b,g. 802.11 a,b,g are last mile wireless standard.
-> The technology used will still be 802.3 CSMA/CD.
-> Most critical point of wireless technology is access point.
-> Wireless access point gives shared bandwidth.
-> A WLAN is a shared network.
-> An access point is a shared device and functions like a shared Ethernet hub.
-> Data is transmitted over radio waves.
-> Two-way radio communications (half-duplex) are used.
-> The same radio frequency is used for sending and receiving (transceiver).
-> Government has release frequency which is known as ISL band. (Free frequency)
-> Most important part of any access point is its transmitter and receiver.
-> Though 802.11b and g are compatible with each other but performance will deteriorate.
-> If my last mile link is wired I have wired LAN else if my last mile link is wireless I am in a Wireless LAN.
-> Last mile link's fundamental is 802.11 a,b,g. (Edge Device is known as Last mile link.)
-> Wireless is a shared bandwidth device. (Bandwidth is shared between Edge devices. No seperate bandwidth on seperate devices.)
802.1lb - 2.4 GHz at 11 Mbps
802.11g- 2.4 GHz at 54 Mbps (backward compatible with 802.11b)
When laptop with 802.11b connects to the access point where all laptops with 802.11g are connected performance will deteriorate.
HOW ?
-> When laptop with 802.11b speaks to another laptop with 802.11g, it will speak on 11Mbps and all other laptops who are talking to each other will
speak on 54Mbps. So performance will deteriorate.
-> Wireless works on ISM (Industry Scientific Medicine) bandwidth (900MHz,2.4GHz,5GHz).
-> Full frequency is not free. Only sum of them are free.
900MHz
In 2.4GHz -> 88MHz frequency is free to use.
5GHz
-> Most critical thing in Wireless LAN is SSID.(Service and Identifier)
===================
|WIRELESS SECURITY|
===================
1) Stop broadcasting SSID.
-> Wireless access point's SSID shud not broadcast itself. Wireless is uncontrolled medium.
2) Whatever we are sending, encrypt and send so that receiver only understands and nobody else understands it. Otherwise hacker with the help of Wireless
Analyzer can hack important information and use it to his benefit.
-> Whenever using encryption use ATS/TKIP, it will take very long time for hacker to break it.
3) Inspite of having encryption you still need to have authentication to only allow geniune guys to access our network.
4) AAA servers shud be used for authentication so that users connecting from any office of the world can connect using the same user name and password.
(Authentication,Authorization,Accounting). Put 600 users details on these servers.
-> If Signature based detection (Intrusion Protection System) is put in wireless access point, if a attacker tries to connect to my wireless every attack
will have a signature, IPS will check/match that signature and if signature matches IPS will block communication.
-> Always use WPA (Wireless Protected Area) for wireless security purpose as it has all capabilities. (IPS,IDS,etc)
Q) How to Giver WLAN access to Client ?
-> We will create 2 SSID's. One will be cisco which we will not broadcast. Other will be disco.
-> We will create 2 VirtualLAN in our access points.
-> One virtual LAN will be VLAN 100 and will have access only to gateway through which it will access internet.
-> Other virtual LAN we will create will be VLAN 200 and which will be our internal enterprise network.
===========
|SWITCHING|
===========
-> Features and Operations of Switching.
Q) Can I connect two switches with one wire ?
-> Yes we can connect two switches with single wire.
-> But we shud connect switches with two wires for redundancy purpose and to avoid switching loops.
Switching loop is one of the following Symptoms :
1) Broadcast storm (flickering LED)
2) MAC Table instability.
3) Multiple frame copies. Performance Deterioration. (If every PC connected to switch faces issue then we come to know there is issue with network.)
------------
| 1 - AAA
|
Ethernet Frame
-------------
| AAA | FFF |
-------------
SWITCH
--------- ------------------------- ---------
| AAA |-------------------------------|1 2 3 4 |-----------------------| |
--------- ------------------------- ---------
| |
| |
| SWITCH |
--------- ------------------------- ---------
| |-------------------------------|1 2 3 4 |-----------------------| |
--------- ------------------------- ---------
-> Solution to briging/switching loop is Spanning Tree Protocol.
-> TO BREAK NETWORK LOOP SPANNING TREE PROTOCOL IS USED.
-> When STP sees loop in network it will break the loop by blocking a port on switch.
-> Port is blocked not shutdown so it is still receiving frames but not accepting it.
-> Blcoking means amber (orangle) colour LED.
-> In STP, All switches in an organisation will select 1 switch as root bridge/switche. Other switches will become non root bridges/switches.
-> All switches (Root and Non-Root Bridge switches) will send hello every 2 seconds on each of their ports which is known as BPDU.
(Bridge Protocol Data Unit.)
-> Similarly root bridge will also send root bridge BPDU (hello) on each of its ports.
-> If a Non-root bridge receives hello of root bridge on more then one of its port then non root bridge will understand that there is switching loop
and it will block all ports on which it had received BPDU (hello) of root bridge except one port.
This port will be called as Root port.
-> Root port is the port from where cost is less to reach root bridge and bandwidth available is more.
-> If cost of reaching root bridge is equal then lower port will be selected. If two ports 2 and 5 port number 2 will be selected.
Q) Who will become Root Bridge ?
-> Switch with less Bridge ID will become Root Bridge.
-> Bridge ID means Bridge Priority + Bridge MAC Address.
-> Cisco switches priority is always same i.e 32768
-> If u want to make a switch root bridge reduce its priority.
-> If all switches have same Bridge Priority then selection will be based on MAC. Lower the MAC is always better.
-> By default all ports of switch are member of VLAN 1. VLAN 1 is management VLAN and name is Default.
-> To configure root bridge as primary we have to reduce its priority. we can do the following to reduce priority:
i) spaning tree vlan 1 root primary
ii) spaning tree vlan 1 root secondary to define 2nd root bridge.
-> All ports of root bridge will be in forwarding mode no port will be blocked. Bcause which non root bridge is calculating cost through which port of Root
Bridge is not known.
-> Non root bridge ports which are blocked are called as Non designated Ports.
Q) Cisco switch will never bring up a port on connection. It will take 50 seconds Why ?
-> Cisco switch will take approximately 50 secs to bring port up on connection.
-> This is bcause spanning tree protocol on switch will verify that there is no loop happening due to this connection before bringing port up.
(For loop avoidance)
Q) Why 50 seconds ?
-> Fundamental is when a port is connected it will become of amber color and for next 20 secs it will try to listen kahin yaha BPDU toh nahi aa raha.
-> If it receives BPDU it will now try to learn cost of reaching root bridge from this port and the other port on which same BPDU was received. This will
take 15 secs.
-> Now if port that we have opened is the lowest cost then it will take 15 secs to learn mac and keep ready.
BLOCKING (20 secs)
|
LISTENING (15 secs)
|
LEARNING (15 secs)
|
FORWARDING
Q) BUT if a PC has to wait for 50 seconds users may face irritation:
-> You may not want ports where edge devices (PC's) are connected to wait for 50 seconds. Such ports can be immediately brought up on connection by giving
the following command :
int fa 1/0
spanning-tree port fast
-> spanning-tree port fast command shud not be given to uplink ports.
-> A blocked port will come up in either of one situation:
i) Root port stops receiving root bridge BPDU.
ii) Blocked ports stop receiving root bridge BPDU. (Root bridge BPDU is also known as Superior BPDU.)
-> In STP protocol, movement from blocking mode to forwarding mode will take appx 50 secs. This failover/switchover is disruptive. Any exisiting TCP session
will get disconnected.
-> Convergence (movement) is slow in Spanning Tree Protocol.
-> Solution is RAPPID SPANNING TREE PROTOCOL.
===============================
|RAPPID SPANNING TREE PROTOCOL|
===============================
-------------
Enhancements:
-------------
1) There is no listening mode in RSTP.
2) Ports can move directly from discarding mode (same as blocking in STP) to forwarding mode or Discarding to Learning and Forwarding depending on point of
failure.
3) RSTP can move from Discarding to Forwarding in less then 3 to 30 seconds depending upon point of failure. For directly failure less then 3 secs.
For indirect failure appx 30 secs.
4) Non designated port of STP is called as Alternate port in RSTP.
-> In Rappid Spanning Tree Protocol it marks ports as Alternate port, Backup ports in advance so that in failure situation it can concentrate on relevant ports
only and not on all ports.
I] Alternate Port
-> This is port which is blocked to break loop.
-> RSTP marks ports as Edge ports, Non Edge ports, link types as point to point link, shared link do that it concentrates on relevant ports only and not on
all other ports.
-> In RSTP, port convergence is very fast but only having port convergence fast will not help MAC convergence shud be equally fast.
Q) How MAC conversion becomes fast ?
-> Wen a link goes down, switch will first flush all MAC's in MAC Table that were learned on that port.
-> Port wud be converged fast and next port wud be opened immediately.
-> Immediately BPDU will be prepared with TC bit high. (Topology change) and new root cost will be sent to uplink switches.
-> Any topology change will be immediately sent to all uplink ports and all switches will learn the topology change.
-> Next Bridge and Switch Difference in notes.
-> Natting is a layer 3 feature wherever there is layer 3 device natting can be done provided it is supported.
===========
Half Duplex
===========
2 3 1 2 3 6
-> In half duplex one communication channel is used by both communicating device. Because of this there is possibility of data collision.
===========
Full Duplex
===========
-> Full duplex no collision as I am sending on different channel and u r sending on different channel, since both of us are sending on different channel
bandwidth is double. (100 mbps se mein bhej raha hun and 100 mbps se tu bhej raha hain on a different channel.)
-> Cisco switches are called catalyst switches. On them CATOS is used. IOS is also possible. IOS is most commonly used.
-> On a layer 2 switch, IP Address can be given for management purpose.
-> On a layer 2 switch IP is given to VLAN 1 interface.
-> VLAN 1 is management VLAN and hence this is called as Management IP.
-> interface vlan 1 (software virtual lan)
-> ip address x.x.x.x x.x.x.x
(config-if)# switch port port-security -> first port's mac that comes to this port will be learned and then all others will be blocked.
(config-if)# switch port port-security mac-address (XX:XX:XX:XX:XX) -> manually define mac address that are allowed on this port.
Note : If we find more then one MAC address on a port it means there is another switch or HUB connected to this port.
======
|VLAN|
======
1) VLANS are created to control broadcast.
2) VLANS are port based VLAN's.
3) A port of switch can be member of only one VLAN and not multiple VLAN.
4) More the number of VLANS lesser the broadcast (2 VLANS 50 % broadcast, 4 VLANS 25 % broadcast and so on.)
5) Intra VLAN switching will happen BUT Inter VLAN Switching will stop.
6) If we still want to communicate we can do inter vlan routing, BUT routers rule is to route between networks, hence every VLAN shud be in different
subnet. If every VLAN is in different subnet traffic will not switch but will route between VLANS.
7) If our computing architecture is distributed, then make VLAN department wise since 80% of the time people in same department will be talking.
RuLES FOR VLAN CREATION
-----------------------
i) Rule in VLAN creation is 80-20.
ii) Create VLAN in a way that we get maximum switching and minimum routing.
---------------------
Fundamentals of VLANS
---------------------
-> There are 2 steps for creating VLANS.
i) To create VLAN Database.
ii) To make port, VLANS member.
-> In privilege mode type foll:
i) vlan database -> we will go to vlan database mode.
ii) vlan 100 name laal -> will create vlan 100 with name laal.
iii) vlan 200 name kala -> will create vlan 200 with name kala
iv) switch port access vlan 100 -> First this port was in vlan 1 as all ports by default are member of VLAN 1. This will now be removed from vlan 1 and
become member of vlan 100 as a port can be member of only one VLAN and not multiple VLAN.
New Comands :
privlge # config t
config # vlan 100
vlan # name red
config # vlan 200
vlan # name black
============
Trunk Port :
============
-> By default every port of switch can be member of one VLAN only. BUT this is an issue. If we have 20 ports on switch 10 will be wasted in vlan. So trunk
port was introduced.
-> Trunk port is a port which is member of multiple VLANS.
-> Trunk port carries traffic from multiple VLANS on one side and delivers to the same VLAN on the other side.
-> As soon as trunk port receives frame from VLAN, trunk port will mark the frame with VLAN information and deliver it to the other end. At the other end
it will read the marking, remove the marking and forward frame to relevant VLAN only and not to all other VLAN.
-> Trunking protocol that works on trunk port is responsible for marking frames at one end and removing marking and forwarding frame to the relevant VLAN
at the other end.
-> There are 2 types of Trunking Protocol :
i) ISL -> Cisco Proprietory Encapsulation Protocol.
ii) DOTIQ -> IEEE 802.1Q -> tagging protocol.
-> ISL trunking protocol does not modify the frame. It adds encapsulation to frame and send it.
-> DOT IQ trunking protocol modifies the frame and adds tag to the frame.
Rule of Trunk Creation
----------------------
-> Trunk can be created only on FastEthernet and above ports.
-> You can allow/disallow VLANS on trunk, but you cannot disallow VLAN 1 on trunk since VLAN 1 is MANAGEMENT VLAN (NATIVE).
-> A port of layer 2 switch can work only in 2 mode :
i) switchport mode access (PC's connecting to switch and accessing it.)
ii) switchport mode trunk
-> Layer 3 switch can additionally work on routing mode :
i) no switchport
==============================
|VLAN Trunking Protocol (VTP)|
==============================
-> VTP does two functions :
i) It controls flow of VLAN on trunk.
ii) It provides centralized VLAN (creation, deletion, modification) management capabilities.
iii) Every time when VTP server sends updates to client it will send updates with new Revision Number (Configuration Revision No. CRN).
Clients will accept updates only if it has newer CRN number.
iv) Every time when server sends updates CRN number is incremented by one and sent along with updates.
v) VTP only centralises VLAN database creation. Port membership to be assigned individually on each switch.
==============
|VTP Prunning|
==============
-> As per VTP prunning a VLAN on a switch is active only if atleast one port in that VLAN is active on switch.
-> If no port in a VLAN is active on a switch it will send prune message to block/stop receiving control packets of that VLAN.
|-> vtp domain name
|-> vtp mode (server|client|transparent)
|-> vtp pruning
|-> vtp password
|-> vtp trap -> to trap issues with vtp and report to syslog server.
=============
|FRAME RELAY|
=============
-> Tata, Bharti and Reliance have fiber ring in the country which is known as National Long Distane Link (NLD Circuit)
-> OTN (Optimal Transport Network)CWDM,DWDM
-> If we ask to Service Provider for link from Mumbai office to Ahmedabad office then SP will put local link between our Bombay office to his Bombay office
and from our Ahmedabad office to his Ahmedabad office. This link is known as Last Mile Circuit/link. This link can be copper wire link, wireless (wimax),
microwave (antena) or fiber. It is not necessary to have same wire both the side in Mumbai the wire can be copper and in Ahmedabad it can be fiber.
The only duty of this wires is to join our office and Service Providers point of presence (POP). After POP there will be fiber forwarding.
-> Now what will be techonology ?
-> Technology can be point to point, bgp, ethernet, serial.
Q) How will Service Provider create this circuit ?
-> On SP's fiber ring many frequencies work on different signal levels. When we take dedicated link from Mum to Ahmedabad, to form connectivity SP will
reserve LAMDA (frequency) as LAMDA 1. So traffic coming will be pushed on this LAMDA and on the other hand frequency will be droped on other circuit.
These devices are known as Add/Drop/Multiplexes devices.
-> If a new customer comes he will be given a new LAMDA and these frequencies will be dropped to relevant circuit only.
-> In this way SP's give circuit on Internet Long Distance Circuit to customers. (My frequency will be received by me only and urs will be received by you.)
Q) What is Frame Relay ?
-> Frame Relay provides dedicated circuit over shared infrastructure. (ur dedicated circuit but my infrastructure is shared 64kbps * 32 customers)
-> BUT on shared infrastructure security can be an issue. My traffic can go to my competitor also. So SP says when I give dedicated circuit means every
customer will get Private Virtual Circuit (PVC) over shared infrastructure.
Q) What is Private Virtual Circuit/VPN/Tunneling ?
-> PVC/VPN/Tunneling is a courier service. A letter is ENCAPSULATED and sent, and on the other side ENCPASULATION is opened and letter is read. On common
wire every thing goes in encapsulation. We can call it tunnel/bhogda or VPN.
Example : When a customer takes link between Mumbai to Delhi, for every service SP will give 2 DLCI. From Mumbai to Delhi 102 and from Delhi to Mumbai 201.
So now whatever we sent we will encapsulate it with DLCI 102.
-> For every PVC Service Provider will give two DLCI one in each direction.
-> FR is L2 protocol and works on Serial technology.
Logical Explanation :
When we want to send data from Mumbai to Ahmedabad, on layer 3 SIP and DIP will be put. On layer 2 FR will put DLCI 102 which it
received from SP. Then fr switch will put this frame on shared infrastructure and on the receiving FR Switch DLCI will be checked and sent to appropriate
customers only.
-> Frame relay is known as Packet Switched Network where your IP Packets are switched with the help of DLCI header by FR Switch.
-> FR is layer 2 protocol, fr switch switches packet on our side with the help of DLCI headers.
-> DLCI's are PVC indicators. Two DLCI's per circuit one in each direction.
-> DLCI's are locally significant.
Q) When we ask Service Provider I want 64kbps ka FR circuit is required ? SP will ask what bandwidth we require ?
-> When we say 64 kbps, SP will go to the FR Switch and configure CIR (Committed information Rate) 64. Which means at any given point of time upto 64kbps
is guranteed delivery.
-> In Frame Relay over subscription is allowed. Anything above CIR is not guaranteed and willbe delivered in best effort service.
Which means it is discard eligible and chargeable.
-> If we push more traffic we will have to pay more.
-> So customers to save money above regular subscription they will go to Serial 0/1 and write
# encapsulation frame relay
# bandwidth 64 kbps
-> As soon as you configure frame relay on routers port LMI will start getting exchange. LMI's are hellos and does two functions:
i) Work as keep alive. (mein jinda hun mein bhi jinda hun)
ii) Get status
-> There are 3 types of LMI's :
1) IP/UT
2) ANSI
3) Cisco
-> Wehen we take frame relay SP will give two things:
1) DLCI
2) LMI Type.
Both shud be configured at our end.
To change LMI Type use following command.
1) int s0/0
2) encapsulation frame-relay
3) frame-relay lmi-type ansi
-> LMI can help in dynamic mapping of remote IP and local DLCI.
-> To enable dynamic mapping use following command:
# int s0/0
# encapsulation frame-relay
# frame-relay-inarp -> This is a default command hence no need of configuring.
Frame Relay Split Horizon
-------------------------
-> As per Frame Relay split horizon if a frame relay interface receives a update on its port from a pvc it will never send it back to other PVC on same
interface.
Solution :
-> Frame full mesh circuit. (Cost is limiting factor.)
-> Frame relay sub interface.
===============
|IPV4 and IPV6|
===============
Q) What is IPV4 ?
10.0.0.1
-> IPV4 is a 4 byte (every byte is known as one octet) means 4 octet ka (8 bit in every octet) means 32 bit's decimal address.
-> Jaha mask yeh bata ta hain kitne bits network mein hain.
====
IPV6
====
-> In the same way IPV6 is a 128 bit hexa decimal address where A to F and 0 to 9 characters can only be used.
-> Jaha mask yeh nahi batata hain ki kitne bits network mein hain but mask yeh batata hain ki kitna bit configure ho sakta hain.
-> If mask doesn't tell how many bits in network who tells ?
-> In IPV6 it is fixed that first 64 bits network next 64 bits host.
-> There is NO SUBNETTING in IPV6 since network bits are fixed.
-> We do not need to configure anything in IPV6 everything is automatic.
-> Every ethernet card in the world has 48 bit hexa decimal mac address and that to uniq mac address.
-> We can use this 48 bit to create host portion of my PC.
-> EUI 64 standard allows us to create host address automatically by putting FF:FE in between our 48 bit hexa decimal mac address.
-> But for communication network and host both are required what about that ?
-> Even that is automatic.
-> FE80 is the link local IPV6 network address that computers connected over switch can use to communicate.
-> Whenever a PC starts up it does neighbour solicitation meaning hello this is DD:FF:FE:DD is their anybody on the link.
-> In ipv6 we can manually give ip address as well as we can use dhcp v6 to give ip address.
IPV6 Configuration on Router
----------------------------
-> We will have to configure globally uniq IPV6 address on every port of router.
# ipv6 unicast routing -> router will become ready for ipv6 routing.
-> On interface FastEthernet 0/0 we will configure IPV6 address as follows:
# ipv6 address (64 bit network address) -> Host apne mac ko leke khud bana le.
-> Then router apne mac address ko leke apna host address khud baneyage.
-> show ipv6 interfaces (This will show ipv6 is enabled, link local address is FE80 and mac). Where FE80 will be network prefix.
-> Then ipv6 will ask is there any router on network. Router will advertise itself means apna network prefix will be given to other ports for one lifetime.
-> There are three commands to configure IPV6 on router
1) # ipv6 unicast routing
2) # interface FastEthernet 0/0
3) # ipv6 address (globally uniq IPV6 address)
4) # show run (to see the configuration.)
5) # show ipv6 interface brief
-> Now go to PC and try to ping the IPV6 address of router. It will not work as we will have to tell PC which source port to send from.
pinf -s(source) router ipv6 address
=============================
|Duplicate Address Detection|
=============================
Q) How duplicate entry gets created ?
-> Using MAC Clonning he used our IPV6 address. Now host portion will become same instead of being uniq. Now when router will give globally uniq network
address to both the PC's then both PC's network and host address will become same.
Solution : Router detects duplicate address by itself. When a PC takes MAC address and goes to router to get globally uniq ipv6 address router will give it
to PC for some interval say 5 mins. If at the same time someone else comes to router with same mac address router will not give same address
to this PC.
Note : In IPV4 224 se 239 was fixed for multicast similarly in IPV6 multicast address will be prefixed with FF:00.
-> In IPV6 address broadcast will not happen as the whole world is uniq. Whole world is in one network. Broadcast is dangerous in such situations.
-> Broadcast is replaced with anycast. Meaning on 10 PC we can configure IPV6 address and then also configure anycast address.
-> If we give same anycast address to all the 10 PC's whatever sent from one PC's anycast address will be received by all 10 PC's with same anycast address.
Q) How to change to IPV6 ?
-> If we switch on to IPV6 and our ISP is still on IPV4 then router of ISP will not do packet forwarding.
Solution : In such case we need to use IPV6 to IPV4 tunneling. Tunneling means encapsulation bhogda nahi hota.
Scenario 2 : ISP is ready. He gives us both IPV6 and IPV4 address both on same interface.
-> In this case we need to make sure the router listening on both ipv4 and ipv6 shud be running two routing protocols.
1) IPV4 (ospf,igrp,eigrp,isis,bgp)
2) IPV6 (ospf version 3, bgp version 6, rip mg is ipv6 capable.)
-> We will have to run two instances of OSP one for IPV4 routing and other one for IPV6 routing. But bcause of two routing protocols running on router load
of router will increase.
-> There are many fields in header of a packet.
i) First field is of version which denotes whether the packet is ipv4 or ipv6.
=> TTL -> Time to live of a packet is made to break the layer 3 loop.
=============================
|Network Address Translation|
=============================
1) Overload NATTING -> Everyone will go out with one live ip. Overload NATTING is called PAT (Port Address Translation.)
2) STATIC NATTING -> Statically configured one to one nat.
3) DYNAMIC NATTING -> IP will be given from a pool that we have to pre-define.
Configure Simple NATTING ON ROUTER
----------------------------------
1) ip nat inside source static 10.1.1.1 116.72.183.85
(ip nat inside source static means translate inside port pe ane wala static source address 10.1.1.1 to LIVE IP)
-> In NATTING, ethernet port is inside and serial port is outside.
+91 9619904949
