Cisco Certified Network Associate Certification Exam Objectives - Test 640-407.

1) Identify and describe the functions of each of the seven layers of the OSI (Open Systems Interconnection) reference model.

The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between communicating networking systems. Physical layer specifications define characteristics such as voltage levels, timing of voltage changes, physical data rates, maximum transmission distances, and physical connectors. Physical-layer implementations can be categorised as either LAN or WAN specifications.

The data link layer provides reliable transit of data across a physical network link. Different data link layer specifications define different network and protocol characteristics, including physical addressing, network topology, error notification, sequencing of frames, and flow control. Physical addressing (as opposed to networking addressing) defines how devices are addressed at the data link layer. Network topology consists of the data-link layer specifications that often define how devices are to be physically connected, such as in a bus or a ring topology. Error notification alerts upper-layer protocols that a transmission error has occurred, and the sequencing of data frames reorders frames that are transmitted out of sequence. Finally, flow control moderates the transmission of data so that the receiving device is not overwhelmed with more traffic than it can handle at one time.

The institute of Electrical and Electronics Engineers (IEEE) has subdivided the data-link layer into two sublayers: Logical Link Control (LLC) and Media Access Control (MAC). The Logical Link Control sublayer of the data-link layer manages communications between devices over a single link of a network. LLC is defined in the IEEE 802.2 specification and supports both connectionless and connection orientated services used by high-layer protocols. IEEE 802.2 defines a number of fields in data-link layer frames that enable multiple higher-layer protocols to share a single physical data link. The Media Access Control (MAC) sublayer of the data link layer manages protocol access to the physical network medium. The IEEE MAC specification defines MAC addresses, which enable multiple devices to uniquely identify one another at the data link layer.

The network layer provides routing and related functions that enable multiple data links to be combined into an internetwork. This is accomplished by the logical addressing (as opposed to the physical addressing) of devices. The network layer supports both connection-orientated and connectionless service from higher-layer protocols. Network-layer protocols typically are routing protocols, but other types of protocols are implemented at the network layer as well.

Some common routing protocols include Border Gateway Protocol (BGP), an Internet interdomain routing protocol; Open Shortest Path First (OSPF), a link-state, interior gateway protocol developed for use in TCP/IP networks; and Routing Information Protocol (RIP), a distance vector, internet routing protocol that uses hop count as its metric. Routing protocols affect the network layer and how it operates BUT routing protocols are actually much higher up the OSI model (typically they are considered applications).

The transport layer implements reliable internetwork data transport services that are transparent to upper layers. Transport-layer functions typically include flow control, multiplexing, virtual circuit management, and error checking and recovery.

Flow control manages data management between devices so that the transmitting device does not send more data than the receiving device can process. Multiplexing enables data from several applications to be transmitted onto a single physical link. Virtual circuits are established, maintained, and terminated by the transport layer. Error checking involves creating various mechanisms for detecting transmission errors, while error recovery involves taking an action, such as requesting that data be retransmitted, to resolve any errors that occur.

Some transport-layer implementations include Transport Control Protocol, Name Binding Protocol, and OSI transport protocols. Transport Control Protocol (TCP) is the protocol in the TCP/IP suite that provides reliable transmission of data. Name Binding Protocol (NBP) is the protocol that associates Appletalk names with addresses. OSI transport protocols are a series of transport protocols in the OSI protocol suite.

The session layer establishes, manages, and terminates communication sessions between presentation layer entities. Communication sessions consist of service requests and service responses that occur between applications located in different network devices. These requests and responses are co-ordinated by protocols implemented at the session layer. Some examples of session-layer implementations include Zone Information Protocol (ZIP), the Appletalk protocol that co-ordinates the name binding process; and Session Control Protocol (SCP), the DECnet Phase IV session-layer protocol.

The presentation layer provides a variety of coding and conversion functions that are applied to application layer data. These functions ensure that information sent from the application of one system will be readable by the application of another system. Some examples of presentation-layer coding and conversion schemes include common data representation formats, conversion of character representation formats, common data compression schemes, and common data encryption schemes.

Common data representation formats, or the use of standard image, sound, and video formats, enable the interchange of application data between different types of computer systems. Conversion schemes are used to exchange information with systems by using different text and data representations, such as EBCDIC and ASCII. Standard data compression schemes enable data that is compressed at the source device to be properly decompressed at the destination. Standard data encryption schemes enable data encrypted at the source device to be properly deciphered at the destination.

Presentation-layer implementations are not typically associated with a particular protocol stack. Some well-known standards for video include QuickTime and Motion (MPEG). QuickTime is an Apple Computer specification for video and audio, and MPEG is a standard for video compression and coding.

Among the well-known graphic image formats are Graphics Interchange Format (GIF), Joint Photographic Experts Group (JPEG), and Tagged Image File Format (TIFF). GIF is a standard for compressing and coding graphic images. JPEG is another compression and coding standard for graphic images, and TIFF is a standard coding format for graphic images.

The application layer is the OSI layer closest to the end user, which means that both the OSI applications layer and the user interact directly with the software application.

This layer interacts with software applications that implement a communicating component. Such application programs fall outside the scope of the OSI model. Application-layer functions typically include identifying communication partners, determining resource availability, and synchronising communication.

When identifying communication partners, the application layer determines the identity and availability communication partners for an application with data to transmit. When determining resource availability, the application layer must decide whether sufficient network resources for the requested communication exist. In synchronising communication, all communication between applications requires co-operation that is managed by the application layer.

Two key types of application-layer implementations are TCP/IP applications and OSI applications. TCP/IP applications are protocols, such as Telnet, File Transfer Protocol (FTP), and Simple Mail Transfer Protocol (SMTP), that exist in the Internet Protocol suite. OSI applications are protocols, such as File Transfer Access Management (FTAM), Virtual Terminal Protocol (VTP), and Common Management Information Protocol (CMIP), that exist in the OSI suite. Ro

2) Describe connection-oriented network service and connectionless network service, and identify the key differences between them.

In general, networking protocols and the data traffic that they support can be characterised as being either connection-oriented or connectionless. In brief, connection-oriented data handling involves using a specific path that is established for the duration of a connection. Connectionless data handling involves passing data through a permanently established connection.

Connection-oriented service involves three phases: connection establishment, data transfer, and connection termination.

During the connection-establishment phase, single path between the source and the destination systems is determined. Network resources typically are reserved at the time to ensure a consistent grade of service, such as a guaranteed throughput rate.

In the data transfer phase, data is transmitted sequentially over the path that has been established. Data always arrives at the destination system in the order in which it was sent.

During the connection-termination phase, an established connection that is no longer needed is terminated. Further communication between the source and destination systems requires that a new connection be established.

Connection-oriented network service carries two significant disadvantages over connectionless, static-path selection and the static reservation of network resources. Static-path selection can create difficulty because all traffic must travel along the same static path. A failure anywhere along the path causes the connection to fail. Static reservation of network resources causes difficulty because it requires a guaranteed rate of throughput and, thus, a commitment of resources that other network users cannot share. Unless the connection uses full, uninterrupted throughput, bandwidth is not used efficiently.

Connection-oriented services, however are useful for transmitting data from applications that don’t tolerate delays and packet resequencing. Voice and video applications are typically based on connection-oriented services.

As another disadvantage, connectionless network service does not predetermine the path from the source to the destination system, nor are packet sequencing, data throughput, and other network resources guaranteed. Each packet must be completely addressed because different paths through the network may be selected for different packets, based on a variety of influences. Each packet is transmitted independently by the source system and is handled independently by intermediate network devices.

Connectionless service, however, offers two important advantages over connection-oriented service: dynamic-path selection and dynamic-bandwidth allocation. Dynamic-path selection enables traffic to be routed around network failures because paths are selected on a packet-by-packet basis. With dynamic-bandwidth allocation, bandwidth is used more efficiently because network resources are not allocated a bandwidth that they will not use.

Connectionless services are useful for transmitting data from applications that can tolerate some delay and resequencing. Data-based applications typically are based on connectionless service.

3) Describe data link addresses and network addresses, and identify the key differences between them.

A data-link layer address uniquely identifies each physical network connection of a network device. Data-link addresses sometimes are referred as physical or hardware addresses. Data-link addresses usually exist within a flat address space and have a pre-established and typically fixed relationship to a specific device.

End systems generally have only one physical network connection, and thus have only one data-link address. Routers and other internetworking devices typically have multiple physical network connections and therefore also have multiple data-link addresses.

A network-layer address identifies an entity at the network layer of the OSI layers. Network addresses usually exist within a hierarchical address space and sometimes are called virtual or logical addresses.

The relationship between a network address and a device is logical and unfixed; it typically is based either on a physical network characteristics (the device is on a particular network segment) or on groupings that have no physical basis (the device is part of an Appletalk zone). End systems require one network-layer address for each network-layer protocol they support. (This assumes that the device has only one physical network connection.) Routers and other internetworking devices require one network-layer address per physical network connection for each network layer protocol supported. A router, for example, with three interfaces each running AppleTalk, TCP/IP, and OSI must have three network-layer addresses for each interface. The router therefore has nine network-layer interfaces.

4) Define and describe the function of a MAC address.

Media Access Control (MAC) addresses consist of a subset of data-link layer addresses. MAC addresses identify network entities in LANs that implement the IEEE MAC addresses of the data-link layer. As with most data-link addresses, MAC addresses are unique for each LAN interface.

MAC addresses are 48 bits in length and are expressed as 12 hexadecimal digits. The first 6 hexadecimal digits, which are administered by the IEEE, identify the manufacturer or vendor and thus compromise the Organisational Unique Identifier (OUI). The last 6 hexadecimal digits comprise the interface serial number, or another value administered by the specific vendor. MAC addresses sometimes are called burned-in-addresses (BIAs) because they are burned into read-only memory (ROM) and are copied into random-access memory (RAM) when the interface card initialises.

Different protocol suites use different methods for determining the MAC address of a device. The following three methods are used most often: Address Resolution Protocol (ARP) maps network addresses to MAC addresses. Hello protocol enables network devices to learn the MAC addresses of other network devices. MAC addresses are either embedded in the network-layer address or are generated by an algorithm

Address resolution is the process of mapping network addresses to the Media Access Control (MAC) addresses. This process is accomplished by using the Address Resolution Protocol (ARP), which is implemented by many protocol suites. When a network address is successfully associated with a MAC address, the network device stores the information in the ARP cache. The ARP cache enables devices to send traffic to a destination without creating ARP traffic because the MAC address of the destination is already known.

The process of address resolution differs slightly, depending on the network environment. Address resolution on a single LAN begins when End system A broadcasts an ARP request onto the LAN in an attempt to learn the MAC address of End system B. The broadcast is received and processed by all devices on the LAN, although only End system B replies to the ARP request by sending an ARP reply containing its MAC address to End System A. End System A receives the reply and saves the MAC address of End System B in its ARP cache. (The ARP cache is where network addresses are associated with MAC addresses.) Whenever End System A must communicate with End System B, it checks the ARP cache, finds the MAC address of System B, and sends the frame directly without first having to use an ARP request.

Address resolution works differently, however, when source and destination devices are attached to different LANs that are interconnected by a router. End System Y broadcasts an ARP request onto the LAN in an attempt to learn the MAC address to End System Z. The broadcast is received and processed by all devices on the LAN, including Router X, which acts as a proxy for End System Z by checking its routing table to determine that End System Z is located on a different LAN. Router X then replies to the ARP request from End system Y, sending an ARP reply containing its own MAC address as if it belonged to End System Z. End System Y receives the ARP reply and saves the MAC address of Router X in its ARP cache in the entry for End System Z. When End System Y must communicate with End System Z, it checks the ARP cache, finds the MAC address of Router X, and sends the frame directly without using ARP requests. Router X receives the traffic from End System Y and forwards it to End System Z on the other LAN.

The Hello protocol is a network-layer protocol that enables network devices to identify one another and indicate that they are still functional. When a new end system powers up, for example, it broadcasts Hello messages onto the network, Devices on the network then return Hello replies, and Hello messages are also sent at specific intervals to indicate that they are still functional. Network devices can learn the MAC addresses of other devices by examining Hello-protocol packets.

Three protocols use predictable MAC addresses. In these protocol suites, MAC addresses are predictable because the network layer either embeds the MAC address in the network-layer address or uses an algorithm to determine the MAC address. The three protocols are Xerox Network Systems (XNS), Novell Internetwork Packet Exchange (IPX), and DECnet Phase IV.

5) Define flow control and describe the three basic methods used in networking.

Flow control is function that prevents network congestion by ensuring that transmitting devices do not overwhelm receiving devices with data. Countless possible causes of network congestion exist. A high-speed computer, for example, may generate traffic faster than the network can transfer it, or faster than the destination device can receive and process it. The three commonly used methods for handling network congestion are buffering, transmitting source-quench messages, and windowing.

Buffering is used by network devices to temporarily store bursts of excess data in memory until they can be processed. Occasional data bursts are easily handled by buffering. Excess data bursts can exhaust memory, however, forcing the device to discard any additional datagrams that arrive.

Source-quench messages are used by receiving devices to help prevent their buffers from overflowing. The receiving devices sends source-quench messages to request that the source reduce its current rate of data transmission. First, the receiving device begins discarding received data due to overflowing buffers. Second, the receiving device begins sending source-quench messages to the transmitting device at the rate of one message for each packet dropped. The source device receives the source-quench messages and lowers the data rate until it stops receiving the messages. Finally, the source device then gradually increases the data rate as long as no further source-quench requests are received.

Windowing is a flow-control scheme in which the source device requires an acknowledgement from the destination after a certain number of packets have been transmitted. With a window size of three, the source requires an acknowledgement after sending three packets, as follows. First, the source device sends three packets to the destination device. Then, after receiving the three packets, the destination device sends an acknowledgement to the source. The source receives the acknowledgement and sends three more packets. If the destination does not receive one or more of the packets for some reason, such as overflowing buffers, it does not receive enough packets to send an acknowledgement. The source then retransmits the packets at a reduced transmission rate.

Pacing is used by protocols to insure that data is transmitted at a rate which the remote device can manage.

6) Differentiate between the following WAN services: Frame Relay, ISDN/LAPD, HDLC, & PPP.

Switched WAN services:

X.25 Overview

X.25 is an International Telecommunication Union Telecommunication Standardisation Sector (ITU-T) protocol standard for WAN communications. The X.25 standard defines how connections between user devices and network devices are established and maintained.

X.25 is designed to operate effectively regardless of the type of systems connected to the network. It is typically used in the packet switched networks (PSNs) of common carriers (the telephone companies). Subscribers are charged based on their use of the network.

The development of the X.25 standard was initiated by the common carriers in the 1970s. At that time, there was a need for WAN protocols capable of providing connectivity across public data networks (PDNs). X.25 is now administered as an international standard by the ITU-T.

X.25 Network Components

X.25 network devices fall into three general categories:

Data terminal equipment (DTE) -- DTE devices are end systems that communicate across the X.25 network. They are usually terminals, personal computers, or network hosts, and are located on the premises of individual subscribers.

Data circuit-terminating equipment (DCE) -- DCE devices are special communications devices such as modems and packet switches. They provide the interface between DTE devices and a packet switching exchange (PSE), and are generally located in the carrier's facilities.

Packet switching exchange (PSE) -- PSEs are switches that compose the bulk of the carrier's network. They transfer data from one DTE device to another through the X.25 packet switched network (PSN).


The following figure shows the relationship between the three types of X.25 network devices:


Packet Assembler/Disassembler (PAD)

The packet assembler/disassembler (PAD) is a device commonly found in X.25 networks. PADs are used when a DTE device (such as a character-mode terminal) is too simple to implement the full X.25 functionality.

The PAD is located between a DTE device and a DCE device. It performs three primary functions:

Buffering -- The PAD buffers data sent to or from the DTE device.

Packet assembly -- The PAD assembles outgoing data into packets and forwards them to the DCE device. (This includes adding an X.25 header.)

Packet disassembly -- The PAD disassembles incoming packets before forwarding the data to the DTE. (This includes removing the X.25 header.)

The following figure shows the basic operation of the PAD when receiving packets from the X.25 WAN:


X.25 Protocol Suite

The X.25 protocol suite maps to the lowest three layers of the OSI reference model. The following protocols are typically used in X.25 implementations:

• Packet Layer Protocol (PLP)

• Link Access Procedure, Balanced (LAPB)

• X.21bis and other physical layer serial interfaces (such as

EIA/TIA-232, EIA/TIA-449, EIA-530, G.703, and so forth)

The following figure maps the key X.25 protocols to the layers of the OSI reference model:


Frame Relay Overview

Frame Relay is a high-performance wide-area network (WAN) protocol that operates at the physical and data link layers of the Open System Interconnection (OSI) reference model.

Frame Relay was originally designed for use across Integrated Services Digital Network (ISDN) interfaces. Today, it is used over a variety of other network interfaces as well.

Frame Relay Features

Frames Relay provides a data communications interface between user devices and network devices. This interface forms the basis for communication between user devices across a WAN.

Typical communication speeds for Frame Relay are between 56 Kbps and 2 Mbps (although lower and higher speeds are supported).

Frame Relay is considerably more efficient than X.25, the protocol for which it is often considered a replacement. Because it supports technological advances such as fibre-optic cabling and digital transmission, Frame Relay can eliminate time-consuming processes (such

as error correction and flow control) that are necessary when using older, less reliable WAN media and protocols.

Frame Relay Standardisation

Internationally, Frame Relay was standardised by the International Telecommunications Union - Telecommunications Sector (ITU-T). In the United States, Frame Relay is an American National Standards Institute (ANSI) standard.

The Local Management Interface (LMI) specification, developed in 1990, further extends the functionality of Frame Relay.

Frame Relay Devices

Devices attached to a Frame Relay WAN fall into two general categories:

Data terminal equipment (DTE) -- DTE are customer-owned end node and internetworking devices. Examples of DTE devices are terminals, personal computers, routers, and bridges.

Data circuit-terminating equipment (DCE) -- DCE are carrier-owned internetworking devices. In most cases, these are packet switches (although routers or other devices can be configured as DCE as well).

DTE and DCE devices are logical entities. That is, DTE devices initiate a communications exchange, and DCE devices respond.

The following figure shows the relationship between the two categories of devices:

Frame Relay Virtual Circuits

Frame Relay provides connection-oriented data link layer communication. This service is implemented using virtual circuits.

A Frame Relay virtual circuit is a logical connection created between two data terminal equipment (DTE) devices across a Frame Relay packet-switched network (PSN).

Virtual circuits provide a bi-directional communications path from one DTE device to another. They are uniquely identified by a data link connection identifier (DLCI).

A virtual circuit can pass through any number of intermediate data circuit-terminating equipment (DCE) devices (switches) located within the Frame Relay PSN. A number of virtual circuits can be multiplexed into a single physical circuit for transmission across the network.

Frame Relay virtual circuits fall into two categories:

• Switched virtual circuit (SVC)

• Permanent virtual circuit (PVC)

Frame Relay Switched Virtual Circuits (SVCs)

A switched virtual circuit (SVC) is one of the two types of virtual circuits used in Frame Relay implementations. SVCs are temporary connections that are used when there is only sporadic data transfer between DTE devices across the Frame Relay network.

A communication session across an SVC consists of four operational states:

Call setup -- In this state, the virtual circuit between two Frame Relay DTE devices are established.

Data transfer -- In this state, data is being transmitted between the DTE devices over the virtual circuit.

Idle -- In this state, the connection between DTE devices is still active, but no data is being transferred.

Call termination -- In this state, the virtual circuit between DTE devices is terminated.

After the virtual circuit is terminated, the DTE devices must establish a new SVC if there is additional data to be exchanged.

Frame Relay Permanent Virtual Circuits (PVCs)

A permanent virtual circuit (PVC) is one of two types of virtual circuits used in Frame Relay implementations. PVCs are permanently established connections that are used when there is frequent and consistent data transfer between DTE devices across the Frame Relay network.

Communication across a PVC does not require the call setup and termination states that are used with SVCs. PVCs are always in one of the following two operational states:

Data transfer -- In this state, data is being transmitted between the DTE devices over the virtual circuit.

Idle -- In this state, the connection between DTE devices is active, but no data is being transferred.

DTE devices can begin transferring data whenever they are ready because the circuit is permanently established.

Frame Relay Data Link Connection Identifier (DLCI)

Frame Relay virtual circuits are identified by data link connection identifiers (DLCIs). DLCI values are typically assigned by the Frame Relay service provider (for example, the Telephone Company).

Frame Relay DLCIs have local significance. That is, the values themselves are not unique in the Frame Relay WAN. Two DTE devices connected by a virtual circuit might use a different DLCI value to refer to the same connection.

The following figure shows how a single virtual circuit might be assigned a different DLCI value on each end of the connection:

Integrated Services Digital Network (ISDN) Overview

Integrated Services Digital Network (ISDN) refers to a set of communication protocols proposed by telephone companies to permit telephone networks to carry data, voice, and other source material.

In general, ISDN provides a set of digital services that concurrently deliver voice, data, text, graphics, music, video, and information to end users. ISDN was developed to permit access over existing telephone systems.

ISDN services are offered by many carriers under tariff. ISDN is generally viewed as an alternative to Frame Relay and T1 wide-area telephone services (WATS).

In practical terms, ISDN has evolved into one of the leading technologies for facilitating telecommuting arrangements and internetworking small, remote offices into corporate campuses.

The following figure illustrates a conceptual ISDN environment:

ISDN Standards

ISDN is addressed by a suite of ITU-T standards, spanning the physical, data link, and network layers of the seven-layer OSI networking model:

Physical layer -- The ISDN Basic Rate Interface (BRI) physical layer specification is defined in International Telecommunication Union Telecommunication Standardisation Sector (ITU-T) I.430. The ISDN Primary Rate Interface (PRI) physical layer specification is defined in ITU-T I.431.

Data link layer -- The ISDN data link layer specification is based on Link Access Procedure on the D channel (LAPD) and is formally specified in ITU-T Q.920 and ITU-T Q.921.

Network layer -- The ISDN network layer is defined in ITU-T I.450 (also known as ITU-T Q.930) and ITU-T I.451 (also known as ITU-T Q.931). Together these two standards specify user-to-user, circuit-switched, and packet-switched connections.

ISDN Applications

ISDN applications require bandwidth. Typical ISDN applications and implementations include high-speed image applications (such as Group IV facsimile), high-speed file transfer, video conferencing, and multiple links into homes of telecommuters.

ISDN Network Components

ISDN network components fall into three principal categories:

• ISDN terminal equipment

• ISDN termination devices

• ISDN reference points


ISDN Terminal Equipment

ISDN specifies two basic terminal equipment types:

Terminal Equipment Type 1 (TE1) -- A TE1 is a specialised ISDN terminal, including computer equipment or telephones. It is used to connect to ISDN through a four-wire, twisted-pair digital link.

Terminal Equipment Type 2 (TE2) -- A TE2 is a non-ISDN terminal such as data terminal equipment (DTE) that predates the ISDN standards. A TE2 connects to ISDN through a terminal adapter (TA). An ISDN TA can be either a standalone device or a board inside the TE2.

ISDN Network Termination Devices

ISDN specifies a type of intermediate equipment called a network termination (NT) device. NTs connect the four-wire subscriber wiring to two-wire local loops. There are three supported NT types:

NT Type 1 (NT1) device -- An NT1 device is treated as customer premises equipment (CPE) in North America, but is provided by carriers elsewhere.

NT Type 2 (NT2) device -- An NT2 device is typically found in digital private branch exchanges (PBXs). An NT2 performs Layer 2 and 3 protocol functions and concentration services.

NT Type 1/2 (NT1/2) device -- An NT1/2 device provides combined functions of separate NT1 and NT2 devices. An NT1/2 is compatible with NT1 and NT2 devices, and is used to replace separate NT1 and NT2 devices.

ISDN Reference Points

ISDN reference points define logical interfaces. Four reference points are defined in ISDN:

R reference point -- The R reference point defines the reference point between non-ISDN equipment and a TA.

S reference point -- The S reference point defines the reference point between user terminals and an NT2.

T reference point -- The T reference point defines the reference point between NT1 and NT2 devices.

U reference point -- The U reference point defines the reference point between NT1 devices and line-termination equipment in a carrier network. (This is only in North America, where the NT1 function is not provided by the carrier network.)

The following figure illustrates the various devices and reference points found in ISDN implementations, as well as their relationship to the ISDN networks they support:

Dedicated WAN services:

High-Level Data Link Control (HDLC) Overview

The High-Level Data Link Control (HDLC) protocol is a popular ISO-standard, bit-oriented, link layer protocol. HDLC was derived from SDLC and specifies an encapsulation method of data on synchronous serial data links.

In general, HDLC is very similar to SDLC. However, there are several differences. HDLC supports a 32-bit checksum, does not support the loop or hub go-ahead configurations supported by SDLC, and supports three transfer modes. SDLC supports only one transfer mode.

The transfer modes supported by HDLC follow:

Normal response mode -- The normal response mode (NRM) is the transfer mode implemented with SDLC. Under NRM, secondaries cannot communicate with a primary until the primary gives permission.

Asynchronous response mode -- The asynchronous response mode (ARM) allows secondaries to initiate communication with a primary without explicit permission.

Asynchronous balanced mode -- The asynchronous balanced mode (ABM) transfer mode introduced the concept of the combined node. A combined node can act as a primary or secondary station. All ABM communication is between multiple combined nodes. Any combined stations can initiate data transmission without permission.


NRM (Normal Response Mode) . Multipoint networks that typically use


LAP (Link Access Procedure). Early X.25 implementations.

LAPB (Link Access Procedure, Balanced. Current X.25 implementations.

LAPD (Link Access Procedure for the ISDN. ISDN D channel and Frame Relay.

D channel).

LAPM (Link Access Procedure for Modems). Error-correcting modems (specified as part

of V.42.

Point-to-Point Protocol (PPP) Overview

The Point-to-Point Protocol (PPP) is generally viewed as the successor to the Serial Line IP (SLIP) protocol. PPP provides router-to-router and host-to-network connections over both synchronous and asynchronous circuits.

PPP emerged in the late 1980s in response to a lack of encapsulation protocols for the Internet that was blocking growth of serial-line access. PPP was basically created to solve remote Internet connectivity problems. PPP supports a number of network layer protocols, including

Novell IPX and DECnet.

The following figure illustrates a generalised view of a PPP environment:

PPP Standards

PPP is defined using a number of International Organisation for Standardisation (ISO) standards:

• PPP uses the principles, terminology, and frame structure of the ISO HDLC procedures (ISO 3309-1979), as modified by ISO 3309:1984/PDAD1

"Addendum 1: Start/stop transmission."

• ISO 3309-1979 specifies the HDLC frame structure for synchronous environments.

• ISO 3309:1984/PDAD1 specifies proposed modifications to ISO 3309-1979 to permit asynchronous use.

• ISO 4335-1979 and ISO 4335-1979/Addendum 1-1979 specify control procedures.

PPP Hardware

PPP physical connections permit operation across any DTE/DCE interface, but require a duplex circuit that can operate in either asynchronous or synchronous bit-serial mode. PPP physical connection requirements do not impose any restrictions regarding transmission rate.

Examples of supported physical interfaces include EIA/TIA-232-C, EIA/TIA-422, EIA/TIA-423, and V.35.

The following figure illustrates 50-pin and 25-pin connectors associated with a PPP interface:

PPP Operation

PPP datagram transmission employs three key components to provide effective data transmission:

Encapsulation -- PPP supports the High-Level Data Link Control (HDLC) protocol to provide encapsulation.

Link Control Protocol (LCP) -- An extensible LCP is used to establish, configure, and test the data link connection.

Network Control Protocols (NCPs) -- A family of NCPs are used to establish and configure different network layer protocols.

Synchronous Data Link Control (SDLC) Overview

The Synchronous Data Link Control (SDLC) protocol is a bit-synchronous data-link layer protocol developed by IBM Corp.

SDLC was developed by IBM during the mid-1970s for use in Systems Network Architecture (SNA) environments. Subsequent to the implementation of SDLC by IBM, SDLC formed the basis for numerous similar protocols, including HDLC and LAPB.

In general, bit-synchronous protocols have been successful because they are more efficient, more flexible, and in some cases faster than other technologies. SDLC is the primary SNA link layer protocol for wide-area network (WAN) links.

The following figure illustrates the relative position of SDLC links within the context of an SNA WAN environment:

Related Standards

SDLC was modified by the International Organisation for Standardisation (ISO) to create the High-Level Data Link Control (HDLC) protocol.

HDLC was subsequently modified by the International Telecommunication Union Telecommunication Standardisation Sector (ITU-T) to create Link Access Procedure (LAP) and then Link Access Procedure, Balanced (LAPB).

HDLC was eventually modified by the Institute of Electrical and Electronic Engineers (IEEE) to create the IEEE 802.2 specification.

SDLC Environments

SDLC supports a range of link types and topologies, including the following:

• Point-to-point and multipoint links

• Bounded and unbounded media

• Half-duplex and full-duplex transmission facilities

• Circuit- and packet-switched networks



Link Access Procedure, Balanced (LAPB) Overview

The Link Access Procedure, Balanced (LAPB) protocol emerged as the ITU-T X.25 version of a bit-oriented data link protocol. LAPB is integrated into the X.25 protocol stack and shares the same frame format, frame types, and field functions as SDLC and HDLC.

Link Access Procedure, Balanced (LAPB) is a data link layer protocol that manages communication and packet framing between DTE and DCE devices. LAPB is a bit-oriented protocol that ensures that frames are correctly ordered and error-free.

LAPB Frame Types

There are three types of LAPB frames:

Information frame (I-frame) -- These frames carry upper-layer information and some control information. Their functions include sequencing, flow control, and error detection and recovery. I-frames carry send and receive sequence numbers.

Supervisory frame (S-frame) -- These frames carry control information. Their functions include requesting and suspending transmissions, reporting on status, and acknowledging the receipt of I-frames. S-frames carry only receive sequence numbers.

Unnumbered frame (U-frame) -- These frames carry control information. Their functions include link setup and disconnection, and error reporting. U-frames carry no sequence numbers.

LAPB Operation

LAPB is restricted to the ABM transfer mode. With LAPB, circuits can be established by either the data terminal equipment (DTE) or the data circuit-terminating equipment (DCE). Stations initiating calls are determined to be primaries. Responding stations are secondaries.

7) Log into a router in both user and privileged modes.

You configure Cisco routers from the user interface that runs on the router console or terminal. You can also configure Cisco routers using remote access. Cisco Internetwork Operating System (Cisco IOS) software provides a command interpreter called EXEC. EXEC interprets the commands you type and carries out the corresponding operations. You must log in to the router before you can enter an EXEC command.

For security purposes, the EXEC has two levels of access to commands: user mode and privileged mode.


Router con0 is now available

Press RETURN to get started.

User Access Verification


Router> User-mode prompt

Router> enable


Privileged-mode prompt

Router# disable


Router> exit

8) Use the context-sensitive help facility.

Router# clok

Translating "CLOK"

% Unknown command or computer name, or unable to find computer address

Router# cl?

clear clock

Router# clock

% Incomplete command.

Router# clock ?

set Set the time and date

Router# clock set ?

% Incomplete command.

Router# clock set ?

Current Time (hh:mm:ss)



Symbolic translation

Keyword compression Command prompting

Last command recall <Crtl><P> Syntax checking

(^) Indicate error in syntax.

(?) To reveal additional arguments to commands.

9) Use the command history and editing features.

<Crtl><P> or Up arrow - Last (previous) command line

<Crtl><N> or Down arrow - More recent command recall

Router> show history - Show command buffer

Router> terminal history size number-of-lines - Set command buffer size

Router> terminal no editing - Disable advanced editing features

Router> terminal editing - Reenable advanced editing

<Tab> - Entry completion

<Crtl><Z> - Backs you out of configuration mode

Automatic scrolling of long lines.

<Crtl><A> - Move to the beginning of the command line.

<Crtl><E> - Move to the end of the command line.

<Esc><B> - Move back one word.

<Crtl><F> - Move forward one character

<Crtl><B> - Move back one character.

<Esc><F> - Move forward one word.

10) Examine router elements (RAM, ROM, CDP, show).

Internal Configuration Components

Internal configuration components are as follows:

RAM/DRAM – Stores routing tables, ARP cache, fast-switching cache, packet buffering (shared RAM), and packet hold queues. RAM also provides temporary and/or running memory for the router’s configuration file while the router is powered on. RAM content is lost when you power down or restart.

NVRAM – Non-volatile RAM stores the router’s backup configuration file. NVRAM content is retained when you power down or restart.

Flash – Erasable, reprogrammable ROM. Flash memory holds the operating system image and microcode. Having Flash memory allows you to update software without removing and replacing chips on the processor. Flash content is retained when you power down or restart. Multiple copies of IOS can be stored in flash memory.

ROM – Contains power on diagnostics, a bootstrap program, and operating system software. To perform software upgrades, remove and replace pluggable chips on the CPU.

Interfaces – Network connections through which packets enter and exit the router. Interfaces

are on the motherboard or on separate interface modules.

Router Modes

Whether accessed from the console or by a Telnet session through an auxiliary port, the router can be replaced in several modes. Each mode provides different functions:






Router Status Commands

Random Access Memory (RAM)

Internetwork Operating System - Router# show version

Programs - Router# show processes CPU/show protocols

Active Configuration File - Router# sho running-config/write term

Tables and Buffers - Router# sho mem/sho stacks/sho buffers

Non Volatile Random Access Memory (NVRAM)

Backup Configuration File - Router# show startup-config/sho config.


Operating Systems - Router# show flash.

Interfaces - Router# sho interfaces.

Console privileged EXEC mode - Router# enable.

Auxiliary virtual terminal port - Telnet

show version - Displays the configuration of the system hardware, the software version , the names and sources of configuration files, and the boot images.

show processes - Display information about the active processes.

show protocols - Displays the configured protocols. This command shows the status of any configured Layer 3 (network) protocol.

show mem - Shows statistics about the router’s memory, including memory free pool statistics.

show stacks - Monitors the stack use of processes and interrupt routines and displays the reason for the last system reboot.

show buffers - Provides statistics for the buffer pools on the network server.

show flash - Shows information about the Flash memory device.

show running-config (write term on Cisco IOS Release 10.3 or earlier) - Displays the active configuration file.

show startup-config (show config on Cisco IOS Release 10.3 or earlier) - Displays the backup configuration file.

show interfaces - Displays statistics for all interfaces configured on the router.

Cisco Discovery Protocol

Cisco Discovery Protocol (CDP) provides a single proprietary command that enables network administrators to access a summary of the multiple protocols and address configured on other directly connected routers.

CDP runs over a data link layer connecting lower physical media and upper-network-layer protocols. Because CDP operates at this level, two or more CDP devices that support different network-layer protocols can learn about each other.

Physical media supporting the Subnetwork Access Protocol (SNAP) connect CDP devices. These can include all LANs, Frame Relay and SMDS WANs, and ATM networks.

When a Cisco device running Cisco IOS Release 10.3 and later boots up, CDP starts up by default. CDP can then automatically discover neighbouring Cisco devices running CDP, regardless of which protocol suite or suites are running.

Discovered devices extend those having TCP/IP. CDP will discover directly connected Cisco devices regardless of which protocol suite they run.

Once CDP discovers a device, it can display any of the various upper layer-layer protocol address entries used on the discovered device’s port – IPX, AppleTalk Datagram Delivery Protocol (DDP), DECnet CLNS, and others.

Show CDP Neighbour Entries

Each router running CDP exchanges information about any protocol entries it knows with its neighbours. The administrator can display the results of this CDP information exchange on a console connected to a router configured to run CDP on its interfaces.

The network manager uses a show command to display information about the networks directly connected to the router. Frames formed by CDP provide information about each CDP neighbour device. Value include the following:

CDP Configuration Example

routerA (config-if)# cdp enable

routerA# show cdp interface

Serial0 is up, line protocol is up, encapsulation is Frame Relay

Serial CDP packets every 60 seconds

Holdtime is 180 seconds

Ethernet0 is up, line protocol is up, encapsulation is ARPA

Sending CDP packets every 60 seconds

Holdtime is 180 seconds


CDP begins automatically upon a device’s system startup. The CDP function normally starts by default when a Cisco product boots up with Cisco IOS Release 10.3 or later.

Although CDP runs by default, you must explicitly enable it on the device’s interface using the command cdp enable. For example, the graphic shows the cdp enable command that you use on the E0 and S0 interfaces on the router named router A.

This command begins CDP’s dynamic discovery function on the device’s interfaces. Advertisement and discovery using CDP involves data-link frame exchanges. Only directly connected neighbours exchange CDP frames.

A router caches any information it receives from its CDP neighbours. If a subsequent CDP frame indicates that any of the information about a neighbour has changed, the router discards the older information in favour of the newer information.

Use the command show cdp interface to display the values of the CDP timers, the interface status, and the encapsulation used by the CDP for its advertisement and discovery frame transmission.

Default values for timers set the frequency between CDP updates and for ageing CDP entries. These timers are set automatically at 60 seconds and 180 seconds, respectively. If the device receives a more recent update or if this holdtime value expires, the device must discard the CDP entry.

Showing CDP Entries for a Device

routerA# sho cdp entry routerB

Device ID: routerB

Entry address(es):

IP address:

CLNS address: 490001.1111.1111.1111.00

Appletalk address: 10.1

Platform: AGS, Capabilities: Router Trans-Bridge

Interface: Ethernet0, Port ID (outgoing port): Ethernet0

Holdtime : 155 sec


IOS ™ GS Software (GS3), 11.2(13337) [asastry 161]

Copyright © 1986-1996 by cisco Systems, Inc.

Compiled Tue 14-May-96 1:04



Use the command show cdp entry {device name} to display a single cached CDP entry.

Notice that the output from this command includes all the Layer 3 addresses present in the neighbour router B – an administrator can see the IP, CLNS, and DECnet network addresses of the targeted CDP neighbour with the single command entry on router A.

The holdtime value indicates how long ago the CDP frame with this information. The command includes abbreviated version information about router B.

CDP was designed and implemented as a very simple, low-overhead protocol. A CDP frame can be as small as 80 octets, mostly made up of the ASCII strings that represent information like that shown.



Showing CDP Neighbours

routerA#show cdp neighbors

Capability Codes: R – Router, T – Trans Bridge,

B – Source Route Bridge,

S – Switch, H – Host, I – IGMP

Device ID Local Intrfce Holdtme Capability Platform Port ID Eth 0 151 R T AGS Eth 0 Ser 0 165 R T AGS Ser 0

routerA#show cdp neighbors detail

Device ID:

Entry address(es):

IP address:

CLNS address: 490001.1111.1111.1111.00

Appletalk address: 10.1

Platform: AGS, Capabilities: Router Trans-Bridge

Interface: Ethernet0, Port ID (outgoing port): Ethernet0

Holdtime : 143 sec


Use the command show cdp neighbors to display the CDP updates received on the local router. Notice that for each local port, the display shows the following:

To display this information as well as information like that from show cdp entry, the administrator uses the optional show cdp neighbors detail.

11) Manage configuration files from the privileged exec mode.

Working with 11.x Config Files

Router configuration information can be generated by several means.

The privileged EXEC configure command can be used to configure from either a virtual (remote) terminal or the console terminal, allowing you to enter changes to an existing configuration at any time. The privileged EXEC configure command can also be used to load a configuration from a network TFTP server, allowing you to maintain and store configuration information at a central site.

Configuration command summary:

Using a TFTP server

A current copy of the configuration can be stored on a TFTP server. Use the copy running-config tftp command to store the current configuration in RAM on a network TFTP server.

You can configure the router by retrieving the configuration file stored on one of your network servers. To do so, complete the following tasks:

Step 1 Enter configuration mode by entering the copy tftp running-config command.

Step 2 At the system prompt, select a host or network configuration file. The network configuration file contains commands that apply to all routers and the terminal servers on the network. The host configuration file contains commands that apply to one router in particular.

Step 3 At the system prompt, enter the optional IP address of the remote host from which you are retrieving the configuration file. In this example, the router is configured from the TFTP server at IP address At the system prompt, enter the name of the configuration file or accept the default name. The filename convention is UNIX-based. The default filename is hostname-config for the host file and network-config for the network configuration file. In the DOS environment, the server filenames are limited to eight characters plus a three-character extension (for example, router.cfg). Confirm the configuration filename and the server address that the system supplies.


Using NVRAM with Release 11.x

Router# configure memory



Router# erase startup-config

NVRAM to the Bit Bucket


Router# copy running-config startup


Router# show startup-config
NVRAM to the Terminal

Using 5057 out of 32768 bytes


enable-password san-fran


interface Ethernet 0

ip address


-- More --

These commands manage the contents of NVRAM:

12) Control router passwords, identification, and banner.

Password Configuration

Router(config)# line console 0

Router(config)# login

Router(config-line)# password cisco

Router(config)# line vty 0 4

Router(config-line)# login

Router(config-line)# password cisco

Router(config)# enable-password san-fran

Router(config)# service password-encryption

(set passwords here)

Router(config)# no service password-encryption

You can secure your system by using passwords to restrict access. Passwords can be established both on individual lines and in the privileged EXEC mode.

The line console 0 command establishes password on the console terminal.

The line vty 0 4 command establishes password protection on incoming Telnet sessions.

The enable-password command restricts access to the privileged EXEC mode.

The enable-secret password from the System Configuration Dialog to setup global parameters uses a Cisco-proprietary encryption process to alter the password character string.

Password can be further protected from display through the use of the service password-encryption command. The encryption algorithm does not match the Data Encryption Standard (DES).




Configuring Router Identification

Router(config)# hostname Tokyo


Tokyo(config)# banner motd #

Welcome to router Tokyo

Accounting Department

Third Floor


Tokyo(config)# interface e 0

Tokyo(config-if)# description Engineering LAN, Bldg. 18

The configuration of network devices determines the network’s behaviour. To manage device configurations, you need to list and compare configuration files on running devices, store configuration files on network servers for shared access, and perform software installations and upgrades.

One of the first basic tasks is to name your router. The name of the router is considered to be the host name and is the name displayed by the system prompt. If no name is configured, the system default router name is Router. You can name the router in global configuration mode. In the example shown, the router name is set to Tokyo.

You can configure a message-of-the-day banner to be displayed on all connected terminals. This banner is displayed at login and is useful for conveying messages that affect all network users, such as impending system shutdowns. To configure this message, use the banner motd command in global configuration mode.

13) Describe the router’s startup sequence and load sources & Identify the main Cisco IOS commands for router start-up.

An Overview of System Startup

The startup routines for Cisco IOS software have the goal of starting router operations. The router must deliver reliable performance connecting the user networks it was configured to serve. To do this, the startup routines must:

The router will make sure that it comes up with tested hardware. When a Cisco router powers up, it performs a power-on self-test. During this self-test, the router executes diagnostics from ROM on all modules. These diagnostics verify the basic operation of the CPU, memory, and interface circuitry.

After verifying the hardware functions, the router proceeds with software initialisation. Some startup routines act as fallback operations that are able to perform the router startup should other routines be unable to do so. This flexibility allows Cisco IOS software to start up in a variety of initial situations.

Startup Sequence





















After the power-up self test on the router, the following events occur when the router initialises:

  1. The generic bootstrap loader executes from ROM on the CPU card. A bootstrap is a simple, pre-set operation to load instructions that in turn cause other instructions to be loaded into memory, or cause entry into other configuration modes. The term comes from the data processing concept of the system "pulling itself up by its own bootstraps."
  2. The operating system source is determined from the boot field of the configuration register. If the boot field indicates a Flash or network load, boot system commands in the configuration file indicate exact location of the image.
  3. The operating system image is loaded into low-addressed memory. Once loaded and operational, the operating system determines the hardware and software components and lists the results on the console terminal.
  4. The saved configuration file in NVRAM is loaded into main memory and executed one line at a time. These configuration commands start routing processes, supply addresses for interfaces, set media characteristics, and so on.
  5. If no valid configuration file exists in NVRAM, the operating system executes a question-driven initial configuration routine referred to as the system configuration dialogue. This special mode is also called the setup dialogue.

Setup is not intended as the mode for entering complex protocol features in the router. Use setup to bring up minimal configuration. Instead of setup, network administrators use various config-mode commands for most router configuration tasks.

Commands Relating to Startup

Router# show start-up config (show config)*

Router# show running-config (write term)*

Router# erase startup-config (write erase)*

Router# reload

Router# setup

*Use these commands for routers running Release 10.3 or earlier


14) Check an initial configuration using the setup command

Setup: The System Configuration Dialog



--- System Configuration Dialog ---

At any point you may enter a question mark ‘?’ for help.

Use ctrl-c to abort configuration dialog at any prompt.

Default settings are in square brackets ‘[]’.

Continue with configuration dialog? [yes]:

First, would you like to see the current interface summary? [yes]:

Interface IP-Address OK? Method Status Protocol

TokenRing0 unassigned NO not set down down

Ethernet0 unassigned NO not set down down

Serial0 unassigned NO not set down down

Fddi0 unassigned NO not set down down


One routine for initial configuration is the setup mode. The primary purpose of the setup mode is to rapidly bring up a minimal-feature configuration for any router that cannot find its configuration from some other source.

For many of the prompts in the system configuration dialog of the setup command facility, default answers appear in square brackets ([ ]) following the question. Pressing the Return key allows you to use defaults. If the system was previously configured, the defaults that appear are the currently configured values. If you are configuring the system for the first time, the factory defaults are provided. If there is no factory default, as in the case of passwords, nothing is displayed after the question mark (?).

At this point, you can choose not to continue with system configuration dialog and can exit by entering No at the prompt. To begin the initial configuration process, enter Yes. You can press Control-C to terminate the process and start over at any time. When you are using the command form of setup (Router# setup), Control-C returns you to the privileged EXEC prompt (Router#).

If a "—More—" prompt appears, press the space bar to continue.


Setup Global Parameters

Configuring global parameters:

Enter host name [Router]:

The enable secret password is a one-way cryptographic secret used

Instead of the enable password when it exists.

Enter enable secret [<Use current secret>]:

Enter enable password [san-fran]:

% Please choose a password that is different from the enable secret

Enter enable password [san-fran]:

Enter virtual terminal password [san-fran]:

Configure SNMP Network Management? [no]:

Configure IP? [yes]:

Configure IGRP routing? [yes]:

Your IGRP autonomous system number [1]: 200

Configure DECnet? [no]:

Configure XNS? [no]:

Configure Novell? [no]: yes

Configure Apollo? [no]:

Configure AppleTalk? [no]: yes

Multizone networks? [no]: yes

Configure Vines? [no]:

Configure bridging [no]:


You are prompted for global parameters at the console. You use the configuration values you have determined for your router to enter the global parameters at the prompts.

The first global parameter allows you to set the router host name. This host name will precede the Cisco IOS prompts for all configuration modes. At initial configuration, the router name default is shown between the square brackets as [Router].

Use the next global parameters shown to set various passwords used on the router.

You must enter an enable secret password. When you enter a string of password characters for the prompt to "Enter enable secret," the characters are processed by Cisco-proprietary encryption. This can enhance the security of the password string. Whenever anyone lists the contents of the router configuration file, this enable password appears as a meaningless of characters. Setup recommends, but does not require that the enable password be different form the enable secret.


You are prompted for global parameters at the console. You use the configuration values you have determined for your route to enter the global parameters at the prompts.

Setup Interface Parameters

Configuring interface parameters:

Configuring interface TokenRing0:

Is this interface in use? [yes]:

Tokenring ring speed (4 or 16)? [16]:

Configure IP on this interface? [no]: yes

IP address for this interface:

Number of bits in subnet field [0]:

Class B network is, 0 subnet bits; mask is

Configure Novell on this interface? [no]: yes

Novell network number [1]:

Configuring interface Serial0:

Is this interface in use? [yes]:

Configure IP on this interface? [yes]:

Configure IP unnumbered on this interface? [no]:

IP address for this interface:, 0 subnet bits; mask is

Configure Novell on this interface? [yes]: no

Configuring interface Serial1:

Is this interface in use? [yes]: no



You are prompted for parameters for each installed interface. You use the configuration values you have determined for your interface to enter the interface parameters at the prompts.

Setup Script Review and Use

The following configuration command script was created:

hostname router

enable secret 5 $1$g722$18&7$5d

enable password san-fran

enable password san-fran

line vty 0 4

password san-fran

snmp-server community


ip routing

no decnet routing

no xns routing

novell routing

no apollo routing

appletalk routing

no clns routing

no vines

no bridge

no mop enabled




interface TokenRing0

ip address

novell network 1

no mop enabled


interface Serial0

ip address

interface Serial1



router igrp 200




Use this configuration? [yes/no]:yes


Use the enabled mode ‘configure’ command to

modify this configuration.


When you complete the configuration process for all installed interfaces on your router, the setup command facility presents the configuration command script that was created.

The setup command facility asks you whether you want to use this configuration. If you answer Yes, the configuration is executed and saved to NVRAM. If you answer No, the configuration is not saved and the process begins again. There is no default for this prompt; you must answer either Yes or No.

Once you have answered Yes to this last question, your system is ready to use. If you want to modify the configuration you have just established, you must configure manually.

The script tells you to use configuration mode to modify the command after setup has been used. The script file generated by setup generated by setup is additive; you can turn on features with setup, but you cannot turn them off. Also setup does not support many of the advanced features of the router or those features that require a more complex configuration.















15) Copy and manipulate configuration files.




















16) List the commands to load Cisco IOS software from: flash memory, tftp server, or ROM.

Locating the Cisco IOS Software


Configuration Registers

Registers in NVRAM for modifying fundamental Cisco IOS software

Identifies where to boot Cisco IOS image (for example, use config-mode commands)



Router# configure terminal

Router(config)# boot system flash IOS_filename

Router(config)# boot system tftp IOS_filename tftp_address

Router(config)# boot system rom


Router(config)# copy running-config startup-config



Boot system commands not found in NVRAM


Get default Cisco IOS software from Flash


Flash memory empty


Get default Cisco IOS software from TFTP server





Configuration Register Values

Router# configure terminal

Router(config)# config-register 0x10F


Configuration-Register Value Meaning

0x0 Use ROM monitor mode

(Manually boot using the b command

0x1 Automatically boot from ROM

(default if router has no flash)

0x2 to 0xF Examine NVRAM for boot system

commands (0x2 default if router has flash)


The order in which the router looks for system bootstrap information depends on the boot field setting in the configuration register. You can damage the default configuration register setting the enabled config-mode command config-register. Use a hexadecimal number as the argument to this command. In this example, the configuration register is set so that the router will examine the startup file in NVRAM for boot system options. The configuration register is a 16-bit register in NVRAM. The lowest four bits of the configuration register (bits 3, 2, 1, and 0) form the boot field.

To change the boot field and leave all other bits set to their default values, follow these guidelines:

To check the boot field setting, for example, to verify the config-register command, you must use the show version command.






Bootstrap Options in Software


Router# configure terminal

Router(config)# boot system flash genew-image


Router# copy running-config startup-config



Router# configure terminal

Router(config)# boot system tftp test.exe


Router# copy running-config startup-config


Router# configure terminal

Router(config)# boot system rom


Router# copy running-config startup-config

These examples show how you can enter multiple boot system commands to specify the fallback sequence for booting Cisco IOS software. The three examples show boot system entries that specify that a Cisco IOS image will load first from Flash memory, next from a network server, and finally from ROM.

Using this approach you can copy a system image without changing electrically erasable programmable read-only memory (EEPROM). Information stored in Flash memory is not vulnerable to network failures that can occur when loading system images from TFTP servers.

To provide for a backup in case flash memory becomes corrupted, you can specify that a system image should then be loaded from a TFTP server.

If both Flash memory is corrupted and the network server fails to load the image, booting from ROM is the final bootstrap option in software. However, the system image in ROM will likely be a subset of Cisco IOS software, lacking the protocols, features and configurations of full Cisco IOS software. It may also be an older version of Cisco IOS software if you have updated software since you purchased the router.

The command copy running-config startup-config saves the command in NVRAM. The router will execute the boot system commands as needed in the order in which they were originally entered into configuration mode.


17) Prepare to backup, upgrade, and load a backup Cisco IOS software image.


Creating a Software Image Backup






Router# show flash

4096k bytes of flash memory on embedded flash (in xx).

file offset length names

0 0x40 1204637 xk09140z

[903848/2097152 bytes free]

Router# copy flash tftp

IP address of remote host []?

filename to write on tftp host? C4500-1

Writing C4500-I !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

successful tftp write.



Upgrading the Image from the Net








Router# copy tftp flash

IP address or name of remote host []?

Name of tftp filename to copy into flash memory? c4500-ajm-m

Copy C4500-AJ-M from into flash memory? [confirm] <Return>

xxxxxxxx bytes available for writing without erasure.

Erase flash before writing? [confirm] <Return>

Clearing and initializing flash memory (please wait)####...##

Loading from !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!(text omitted) [OK – 324572/524212 bytes]

Verifying checksum...


vvvvvv(test omitted)

Flash verification successful. Length = 1804637, checksum = 0xA5D3






Loading a Software Image Backup








Router# copy tftp flash

IP address or name of remote host []?

Name of tftp filename to copy into flash []? c4500-I

File C4500-I already exists; it will be invalidated!

Copy C4500-I from into flash memory? [confirm] <Returns>

xxxxxxxx bytes available for writing without erasure.

erase flash before writing? [confirm] <Return>

Clearing and initializing flash memory (please wait)####...##

Loading from !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!(text omitted) [OK – 324572/524212 bytes]

Verifying checksum...

vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv(text omitted)

Flash verification successful. Length = 1204637, checksum = 0x95D9



18) List key internetworking functions of the OSI Network Layer and how they are performed in a router.


19) Describe the two parts of network addressing, then identify the parts in specific protocol address examples.

Two general parts of a Layer 3 address are a Network part and a Node or Host part.

Network address - Path part used by the router

Host/Node address - Specific port or device on the network.

TCP/IP networks represent addresses as 32-bit entities, divided into a network portion and a host portion. The Internet Request For Comments (RFC) 1020 divides the network portion into classes. All classes of specific, Internet-legal network addresses come from a central authority: the Network Information Centre (NIC). The most common of these classes follow:


IP networks typically are subdivided into subnetworks. When an IP address has been subnetted, the network part of the address is described by two elements: the network number, still assigned by the NIC, and the subnetwork number, assigned by the local network administrator.

E.g. (assume subnet mask is - Network = 131.108, Node/Host = 3.1

Novell Internet Packet Exchange (IPX) address - Identifies the IPX network in the first part of the address using an address range of 32 bits to reflect a hexadecimal number. This network number refers to the medium, for example, the Ethernet or Token Ring LAN. For the node address, IPX uses a 48-bit hexadecimal number, usually derived automatically from the MAC address of a LAN interface to the IPX network.

E.g. abadcafe.0000.0c56.de33 - Network = abadcafe, Node/Host = 0000.0c56.de33.

AppleTalk address - Identifies the network in the first part of the address. The 16-bit network numbers are assigned to physical links either individually or in ranges called cable ranges. This approach makes it possible for many network addresses to use the same LAN media. The 8-bit AppleTalk node portion is called the host address. An Apple end station usually acquires this host address dynamically when it boots up onto the network.

E.g. 1000.128 (assume a cable range 1000-1000) - Network = 1000, Node/Host = 128

X.25 address - Within the X.25 protocol suite, the X.121 protocol covers the international numbering plan for public data networks (PDNs). The network portion of the address specifies three or four decimal digits as the Data Network Identification Code (DNIC). This DNIC includes a Data Country Code (DCC). An example is 310 for the United States, followed by the network number 6 for Tymnet - one of the major PDNs. The node address portion is called the network terminal number (NTN). X.25 users usually obtain these NTNs from an authority within the X.25 data network service provider.

E.g. 31060004085551 (X.121) - DNIC = 3106, NTN = 0004085551.

20) List problems that each routing type encounters when dealing with topology changes and describe techniques to reduce the number of these problems.

Distance Vector Concept

Distance vector-based routing algorithms (also known as Bellman-Ford algorithms) pass periodic copies of a routing table from router to router. Regular updates between routers communicate topology changes.

Each router receives a routing table from its direct neighbour. Router B receives information from router A. Router B then adds a distance vector number (such as a number of hops) increasing the distance vector, then passes the routing table to its other neighbour, router C. This step-by-step process occurs in all directions between direct-neighbour routers.



In this way, the algorithm accumulates network distances so it can maintain a database of internetwork topology information. Distance vector algorithms do not allow a router to know the exact topology of an internetwork.

Distance Vector Topology Changes

When the topology in a distance vector protocol internetwork changes, routing table updates must occur. As with the network discovery process, topology change updates proceed step-by-step from router to router.

Distance vector algorithms call for each router to send its entire routing table to each of its adjacent neighbours. Distance vector routing tables include about the total path cost (defined by its metric) and the logical address of the first router on the path to each network it knows about.

When a router receives an update from a neighbouring router, it compares the update to its own routing table. If it learns about a better route (smaller metric) to a network from its neighbour, the router updates its own routing table. In updating its own table, the router adds the cost of reaching the neighbour router path cost reported by the neighbour to establish the new routing table.


Routing Loops - Routing Loops can occur if the internetwork’s slow convergence on a new configuration causes inconsistent routing entries.

Counting to infinity - This condition continuously loops packets around the network, despite the fundamental fact that the destination network is down. While the routers are counting to infinity, the invalid information allows a routing loop to exist.


Defining a Maximum - Specify a maximum distance vector metric as infinity.

Split Horizon - If you learn a protocol’s route on an interface, do not send information about that route back out that interface.

Route Poisoning - Router keeps an entry for the network down state, allowing time for other routers to recompute for the topology change.

Hold-Down Timers - Routers ignore network update information for some period.

Link-State Concept

The second basic algorithm used for routing is the link-state algorithm.

Link-state-based routing algorithms – also known as shortest path first (SPF) algorithms, maintain a complex database of topology information. Whereas the distance vector algorithm has non-specific information about distant networks and no knowledge of distant routers, a link-state routing algorithm maintains full knowledge of distant routers and how they interconnect.




Link-state routing uses link-state packets (LSPs), a topological database, the SPF algorithm, the resulting SPF tree, and finally, a routing table of paths and ports to each network.

Engineers have implemented this link-state concept in Open Shortest Path First (OSPF) routing. RFC 1583 contains a description of OSPF link-state concepts and operations.

Link-State Network Discovery

Network discovery for link-state routing uses the following processes:

After the routers dynamically discover the details of their internetwork, they can use the routing table switch packet traffic.

Link-State Concerns

There are two link-state concerns:

Routers keep track of their neighbours and the networks they reach through other routing nodes. For link-state routing, memory must hold information from various databases, the topology tree, and the routing table.

Computing the shortest path first Dijkstra’s algorithm requires a processing task proportional to the number of links in the internetwork times the number of routers in the network.

After this initial flooding, link-state routing protocols generally require only internetwork bandwidth to send infrequent or event-triggered LSPs that reflected topology changes.





Link-State Updates –













The most complex and critical aspect of link-state routing is making sure that all routers get all the LSPs necessary. Routers with different sets of LSPs will calculate routes based on different topological data. Then routes become unreachable as a result of the disagreement among routers about the link. Here is an example of inconsistent path information:

If LSP distribution to all routers is not done correctly, link-state routing can result in invalid routes.

Scaling up with link-state protocols on very large internetworks can intensify the problem of a faulty LSP distribution.

If one part of the internetwork comes up first with other parts coming up later, the order for sending and receiving LSPs will vary. This variation can alter and impair convergence. Routers might learn about different versions of the topology before they construct their SPF trees and routing tables.


On a large internetwork, parts that update more quickly can cause problems for parts that update more slowly. Routers sending out LSPs cannot assume they will be correctly transported by following existing routing table entries because these entries might not reflect the current topology.

With faulty updates, LSPs can multiply as they propagate through the internetwork, unproductively consuming more and more bandwidth.

Eventually a partition can split the internetwork into a fast updating part and a slow updating part. Then network administrators must troubleshoot the link-state complexities to restore acceptable connectivity.


Link-States Mechanism

"Dampen" update frequency

Target link-state updates to multicast

Use link-state area hierarchy for topology

Exchange route summaries at area borders

Use time stamps

Update numbering and counters

Manage partitioning using an area hierarchy


Link-state routing has several techniques for preventing or correcting potential problems arising from resource requirements and LSP distribution.

Comparing Distance Vector Routing to Link-State Routing
















You can compare distance-vector routing to link-state routing in several key areas:

21) Explain the services of separate and integrated multiprotocol routing.

In a separate multiprotocol routing environment, the several configured protocols operate like ships in the night (each protocol is not aware of other protocols running on the same router).

E.g. (RIP) and (OSPF). More information read question 20

With an integrated multiprotocol routing environment, the several configured protocols share the results of the integrated routing algorithm. It does the following:

An example of an integrated routing protocol is Enhanced IGRP, which is Cisco proprietary routing protocol that integrates support for IP, AppleTalk, and Novell IPX. Enhanced IGRP uses a distance vector algorithm based on Cisco’s IGRP.


22) Describe the different classes of IP addresses [and subnetting].

Introduction to TCP/IP Addresses

In a TCP/IP environment, end stations communicate seamlessly with servers or other end stations. This occurs because mode using the TCP/IP protocol suite has a unique 32-bit logical address.

Often traffic is forwarded through the internetwork based on the name of an organisation, rather than an individual person or host. If names are used instead of addresses, the names must be translated to the numeric address before the traffic can be delivered. Location of the organisation will dictate the path that the data follows through the internetwork.

Each company listed on the internetwork is seen as a single network that must be reached before an individual host within that company can be contacted. Each company network address has an address; the hosts that populate that network share bits, but each host is identified by the uniqueness of the remaining bits.

IP Addressing










The IP address is 32 bits in length and has two parts:

The address format is known as dotted decimal notation.

The allocation of addresses is managed by a central authority.


IP Addresses Classes

Class A: N.H.H.H

Class B: N.N.H.H

Class C: N.N.N.H

Class D: for multicast

Class E: for research

N = Network number assigned by NIC

H = Host number assigned by network administrator

When IP was first developed, there were no classes of addresses. Now, for ease of administration, the IP addresses are broken up into classes.

There are only 126 Class A address spaces, but each one can contain approximately 16 million hosts. There are 65,534 Class B address spaces with 65,534 hosts each. There are ore than 16 million Class C address spaces possible, but they only have 254 hosts each.

This scheme allows the administrative authority to assign addresses based on the size of the network. The authority designed this system on the assumption that there would be many more small networks than large networks in the networks in the world.

Note Class D and E addresses are also defined. Class D addresses start at and are used for multicast purposes. Class E addresses start at and are used for experimental purposes.

IP address Bit Patterns

The most significant bit pattern determines the class of the address, as well as how many bits make up the network portion of the address.



Recognising Classes in IP Addresses (First Octet Rule)







The first octet rule states that the class of an address can be determined by the numerical value of the first octet.

Once the first octet is applied, the router identifies how many bits it must match to interpret the network portion of the address (based on the standard address class). If there is no further identification of additional bits to use as part of the network address, the router can make a routing decision using this address.

Note is reserved for loopback address.

Host address

Each device or interface must have a non-zero host number.

A host address of all ones is reserved for an IP into that network.

A value of zero means "this network" or "the wire itself" (for example, It was also used for IP broadcasts in some early TCP/IP implementations, it usually it is rarely found now.

The routing table contains entries for network or wire addresses; it usually does not contain any information about hosts.

An IP address and subnet address on an interface achieves three purposes:

Subnet Addressing

From the addressing standpoint, subnets are an extension of the network number. Network administrators decide the size of subnets based on organisation and growth needs.

Network devices use subnet masks to identify which part of the address is considered network and which remaining part to leave for host addressing.






Subnet Mask
















An IP address is 32 bits in size, written as four octets. The subnet mask is 32 bits in size, written as four octets. The layout of the subnet mask field is as follows:

Subnet masks indicate which of the bits in the host field are used to specify different parts (subnets) of a particular network.


Decimal Equivalent of Bits Patterns











Subnet bits come from the high-order bits of the host field. To determine a subnet mask for an address, add up the decimal values of each position that has a 1 in it. For example,

224 = 128 + 64 + 32.

Because the subnet mask is not defined by the octet boundary, but by bits, we need to convert dotted decimal addresses to binary and back into dotted decimal so they can work with these addresses.

Subnet Mask without Subnets 10101100 00010000 00000010 10100000 11111111 11111111 00000000 00000000

10101100 00010000 00000000 00000000

172 16 0 0

The router extracts the IP destination address from the packet and retrieves the internal subnet mask.

The router performs a logical AND operation to obtain the network number. During the logical AND operation, the host portion of the destination address is removed.

Routing decisions are then based on network number only.

In this example, with no subnetting, the network number "extracted" is

Subnet Mask with Subnets 10101100 00010000 00000010 10100000 11111111 11111111 11111111 00000000

10101100 00010000 00000010 00000000

172 16 2 0

With eight-bit subnetting, the extracted network (subnet) number is

This sample shows more bits turned on, extending the network portion and creating a secondary field extending from the end of the standard mask and using eight of the host bits. This secondary field is the subnet field and is used to represent wires (or subnetworks) inside the networks.








Subnet Planning

Class B Subnet Planning Example

IP Host Address:

Subnet Mask:

Network Subnet Host 10101100 00010000 00000010 01111001 11111111 11111111 11111111 00000000

Subnet: 10101100 00010000 00000010 00000000

172 16 2 0

This network has eight that provide up to 254 subnets and 254 host addresses.

No. Bits Subnet Mask No. Subnets No. Hosts

2 2 16,382

3 6 8190

4 14 4094

5 30 2046

6 62 1022

7 126 510

8 254 254

9 510 126

10 1022 62

11 2046 30

12 4094 14

13 8190 6

14 16,382 2

Class C Subnet Planning Example

IP Host Address:

Subnet Mask:

Network Subnet Host 11000000 10101000 00000101 01111 001 11111111 11111111 11111111 11111 000

Subnet: 11001001 11011110 00000101 01111 000


No. Bits Subnet Mask No. Subnets No. Hosts

2 2 62

3 6 30

4 14 14

5 30 6

6 62 2


23) Configure IP addresses.

IP Address Configuration

Router (config-if) # ip address ip-address subnet-mask

Router# term ip netmask-format

Router(config)# term ip netmask-format

Use the ip address command to establish the logical network address of this interface.

ip address Command Description

ip-address A 32-bit dotted decimal number.

subnet-mask A 32-bit dotted decimal number indicating which bit positions must match; ones indicate positions that much match, and zeros indicate positions that do not match.

Use the term ip netmask-format command to specify the format of network masks for the current session. Format options are:

IP Host Names

Router (config) # ip host name [ tcp-port-number ] address [ address ]…

ip host tokyo

ip host kyoto




24) Verify IP addresses.

Verifying Address configuration

Three command allow you to verify address configuration in your internetwork:

Simple Ping

The ping command sends ICMP echo packets and is supported in both user and privileged EXEC mode. These are the commands that may be returned by the ping test:

Character Definition

! Successful receipt of an echo reply

. Times out waiting for datagram reply

U Destination unreachable error

C Congestion-experienced packet

I Ping interrupted (for example, Ctrl-Shift-6 X)

? Packet type unknown

& Packet Time to Live exceeded

Extended Ping

The extended ping command is supported only privileged EXEC mode.

You can use the extended command mode of the ping command to specify the supported Internet header options. To enter the extended mode, enter Y at the extended commands prompt.

IP Trace

Host names are shown if the addresses are translated dynamically or via static host table entries.

Note: trace is supported by IP, CLNS, VINES, and AppleTalk.

When the trace reaches the target destination, an asterisk (*) is reported at the display. This normally is caused by the receipt of a port-unreachable packet and the time out in response to the probe packet.

Others include:

!H - The probe was received by the router, but not forwarded, usually due to an access list.

P - The protocol was unreachable.

N - The network was unreachable.

* - Time out.


25) Prepare the initial configuration of your router and enable IP.

Initial Router Configuration

Instructions: Perform the initial configuration of your router. Use the System Configuration Dialog to create an initial configuration for the to create an initial configuration for the router. This includes configuring the host name, password, and IP addresses of the interfaces. When done, save this configuration in non-volatile memory.


Step 1. Initiate the System Configuration Dialog:

  1. Enter the erase startup-config command to clear the configuration from nonvolatile RAM. (For Cisco IOS Release 10.3 and earlier, use the command write erase.)
  2. Enter the reload command to initiate a reboot of the router.

The router should automatically enter setup mode. If the router# prompt appears, enter the setup command.

Step 2. Use the System Configuration Dialog to configure the following:

  1. Host name to correct name.
  2. Enable password to san-fran.
  3. Virtual terminal password to cisco.
  4. Do not configure SNMP network management.
  5. Turn on IP routing.
  6. Turn off IGRP routing.
  7. Turn off RIP routing.
  8. Turn off all other protocols and bridging.

Step 3. Configure all the interfaces on your router as shown in the Initial Configuration Data Sheet and address table.

Remember to include any required platform-specific and serial-line specific parameters. Do not configure IP unnumbered on serial interfaces.

Step 4. Check the configuration script generated by the System Configuration Dialog; if it looks correct, save the configuration by entering yes at the prompt.

Step 5. Enter enable mode.

Step 6. Use the configure terminal command to set the console password to cisco.

Step 7. Enter the config-interface environment and enable CDP on each of your router interfaces by entering the command cdp enable.

Step 8. Quit the session and log in again. The router should ask for a password.

Step 9. After testing the passwords, save the configuration in NVRAM

26) Add the RIP routing protocol to your configuration.

RIP Overview

The RIP protocol was originally specified in RFC 1058

Key characteristics of RIP include the following:

RIP Configuration

Router (config-if) # router rip

Router (config-router) # network network-number

The router rip command selects RIP as the routing protocol.

The network command assigns a NIC-based address to which the router is directly connected. The routing process will associate interfaces with the proper addresses and will begin packet processing on the specified networks.

27) Add the IGRP routing protocol to your configuration.

IGRP Overview

IGRP is a distance vector routing protocol developed by Cisco. IGRP sends routing updates at 90-second intervals that advert for a particular autonomous system.

The following are some key characteristics of IGRP:

IGRP Configuration

Router (config) # router igrp autonomous-system

Router (config-router) # network network-number

The router igrp command selects IGRP as a routing protocol.

router igrp Command Description

autonomous-system Identifies the IGRP router processes that will share routing information.

The network command specifies any directly connected networks to be included.

network Command Description

network-number Specifies a directly connected network: a NIC network number, not subnet or individual address.

28) List the required IPX address and encapsulation type.

How to Determine the IPX Address

You must use a valid IPX network address when you configure the Cisco router. Because the Novell NetWare networks are likely to be already established with IPX addresses, determine the IPX address from these already established networks. The IPX network address refers to the "wire"; all routers on the same wire must share the same IPX network address.

The first and recommended way to find out what address to use is to ask the NetWare Administrator. Make sure that the NetWare administrator specifies the IPX network address for the same network where you want to enable IPX on your Cisco router. The Cisco router must use the same network as the NetWare file server (or other source of the address) specified by the NetWare administrator.

If you cannot obtain an IPX address to use from the NetWare administrator, you can get the neighbour’s IPX address directly from a neighbour router. Pick the most appropriate of the several methods available to do this:

On the Cisco router, you must use the same IPX network address as the address that already exists on the network.

Multiple Novell Encapsulations

Novell IPX name Framing Structure









The Novell IPX protocol on Cisco routers supports all the framing used on Novell NetWare implementations. These framing types include service access service access point (SAP), Ethernet, 802.3 with 802.2 logical link (LLC) protocol, and Subnetwork Access Protocol (SNAP).

There are four different Ethernet framing types with variations in the fields they use. Each encapsulation type is appropriate in specific situations:

Note Multiple encapsulation can be specified on an interface, but only if multiple network numbers have also been assigned. Although several encapsulation types can share the same interface, clients and servers with different encapsulation types cannot communicate directly with each other.

Cisco Encapsulation Names

Novell IPX Name Cisco IOS Name

Ethernet_II arpa

Ethernet_802.2 sap

Ethernet_SNAP snap

Ethernet_802.3 novell-ether

Token-Ring token

Token-Ring_SNAP snap


When you configure an IPX network you may need to specify a nondefault

encapsulation type. To help you specify the appropriate encapsulation type, use the table above. The table matches the Novell framing terms to equivalent Cisco IOS names for the same framing types.

When you configure Cisco IOS software for Novell IPX, use the Cisco name for the appropriate encapsulation.

If you do not specify an encapsulation type when you configure the router for IPX, the router will use a default encapsulation type on its interfaces.

The default encapsulation types on Cisco router interfaces and their keywords are:

29) Enable the Novell IPX protocol and configure interfaces.

Novell IPX Configuration Tasks

Configuration of Novell IPX as a routing protocol involves both global and interface parameters.

Global tasks:

Interface tasks:

Novell IPX Global Configuration

Router (config)# ipx routing [node]

Router (config)# ipx maximum-paths paths

The ipx routing command enables Novell IPX routing, If no node address is specified, the Cisco router uses the MAC address of the interface.

If a Cisco router has only serial interfaces, an address must be specified.

The ipx maximum-paths command enables load sharing.


ipx maximum-paths

Command Description

Paths Maximum number of parallel paths to the destination; the default is 1 and the maximum is 512.

Novell IPX Interface Configuration

Router (config-if)# ipx network number [encapsulation encapsulation-type]


The ipx network command enables Novell IPX processing on this interface.

ipx network Command Description

number Each interface must have a unique Novell IPX network number that is specified in hexadecimal and up to eight hexadecimal numbers in length.

encapsulation-type (Optional) Specifies the encapsulation type for the interface. Can be one of the following types: novell-ether, sap, arpa, snap.

secondary (Optional) Applies another network number and encapsulation to interface,

Assigning the second network number is necessary if an additional encapsulation type is linked to individual network.

Novell IPX Configuration Example

ipx routing

ipx maximum-paths 2

interface ethernet 0

ipx network 9e encapsulation novell-ether

ipx network 6c encapsulation sap secondary

interface ethernet 1

ipx network 4a encapsulation sap

interface serial 0

ipx network 1









In the example:

Command Description

ipx routing Selects IPX as a routing protocol and starts the routing process.

ipx maximum-paths 2 Allows load sharing over parallel metric paths to the destination. The number of parallel paths used is limited to two.

Command Description

ipx network 9e encapsulation novell-ether

9e Network number assigned to interface E0.

encapsulation novell-ether Specifies that Novell’s unique frame format is used on this network segment. Cisco’s keyword is novell-ether; Novell’s terminology is Ethernet_802.3

Command Description

ipx network 6c encapsulation sap secondary

6c Assigns a secondary network number to interface E0.

encapsulation sap secondary Specifies the encapsulation type for this secondary network on E0. Cisco’s keyword is sap; Novell’s terminology is Ethernet_802.2. This type of frame is Ethernet 802.3 with 802.2 LLC included.

30) Monitor Novell IPX operation on the router.

Verify IPX Operation

Once IPX routing is configured, you can monitor and troubleshoot it using the following commands:

Monitoring Command Displays

show ipx interface IPX status and parameters.

show ipx route Routing table contents.

show ipx servers IPX server list.

show ipx traffic Number and type of packets.

Troubleshooting Command Displays

debug ipx routing activity Information about RIP update packets.

debug ipx sap Information about SAP update packets.







Monitoring IPX Status

Router# show ipx interface ethernet 0

Ethernet0 is up, line protocol is up

IPX address is 3010.aa00.0400.0284, NOVELL-ETHER [up] line-up, RIPPQ: 0 SAPPQ: 0

Delay of this Novell network, in ticks is 1

IPXWAN processing not applied on this interface.

IPX SAP update interval is 1 minute(s)

IPX type 20 propagation packet forwarding is disabled

Outgoing access list is not set

IPX Helper access list is not set

SAP Input filter list is not set

SAP Output filter list is not set

SAP GNS Output filter list is not set

Input filter list is not set

Output filter list is not set

Router filter list is not set

Netbios Input host access list is not set

Netbios Input bytes access list is not set

Netbios Output host access list is not set

Netbios Output bytes access list is not set

Update time is 60 seconds

IPX accounting is disabled

IPX fast switching is configured (enabled)

IPX SSE switching is disabled

RIP packets received 1, RIP packets sent 10006

SAP packets received 1, SAP packets sent 6


The show ipx interface command shows the status of IPX interface and IPX parameters configured on each interface.

The first highlighted line shows the IPX address, the type of encapsulation, and the status of the interface.

The middle set of highlighting shows that the SAP filters are not set.

The last highlighted line shows that fast switching is enabled.

You can manually set the tick metric. Use the command ipx delay number where number is the ticks to associate with an interface. This command manually overrides the following defaults on the Cisco router:

  • For LAN interfaces, one tick
  • For WAN interfaces, six ticks.

Monitoring IPX Routing Tables

Router# show ipx route

Codes: C – Connected primary network, c – Connected secondary network

R – RIP, E – EIGRP, S – static, W – IPXWAN connected

5 Total IPX routes

Up to 2 parallel paths allowed Novell routing algorithm variant in use

R Net 3020 [6/1] via 3021.0000.0c03.13d3, 23 sec, 1 uses, Serial1

Via 3020.000.0c03.13d3, 23 sec, 0 uses, Serial0

C Net 3020 (X.25), is directly connected, 15 uses, Serial0

C Net 3021 (HDLC) is directly, connected, 15 uses, Serial1

C Net 3010 (NOVELL-ETHER), is directly connected, 15 uses, Ethernet0

C Net 3000 (NOVELL-ETHER), is directly connected, 15 uses, Ethernet1

The show ipx route command displays the contents of the IPX routing table.

The first highlighted line provides routing information for a remote network:

  • The information was learned from a RIP update
  • The network is number 3030.
  • It is located six ticks or one hop away. This information is used to determine best routes. If there is a tie between ticks, hops are used to break the tie.
  • The next hop in the path is router 3021.000.0c03.13d3.
  • The information was updated 23 seconds ago.
  • The updates will be sent through the interface named Serial1.

The second line of highlighting provides information about a direct connection:

  • The network number is 3010.
  • The encapsulation type is NOVELL-ETHER.

Monitoring IPX Servers List

Router> show ipx servers

Codes: P – Periodic, I – Incremental, H – Holddown, S – static

1 Total IPX Servers

Table ordering is based on routing and server info

Type Name Net Address Port Route Hops Itf

P4 MAXINE AD33000.0000.1b04.0288:0451 332800/1 2 Et3


The show ipx servers command lists the IPX servers discovered through SAP advertisements.

This example provides the following information:

  • The service learned about the server from a SAP update.
  • The server name, network location, device address, and source socket number.
  • The ticks and hops for the route (taken from the routing table).
  • The number of hops (taken from the SAP protocol).
  • The interface through which to reach the server.




















Monitoring IPX Traffic

Router# show ipx traffic

System Traffic for 2018.0000.0000.0001 System-Name: dtp-18

Rcvd: 23916 Total, 13785 format error, 0 checksum errors, 0 bad hop count,

0 packets pitched, 23916 local destination, 0 multicast

Bcast: 17111 received, 9486 sent

Sent: 167076 generated, 0 forwarded

0 encapsulation failed, 0 no route

SAP: 6 SAP requests, 6 SAP replies, 2309 servers

0 SAP Nearest Name requests, 0 replies

0 SAP General Name requests, 0 replies

1521 SAP flash updates sent, 0 SAP format errors

RIP: 6 RIP requests, 6 RIP replies, 2979 routes

8033 RIP advertisements received, 4300 sent

154 RIP flash updates sent, 0 RIP format errors

Echo: Rcvd 0 requests, 0 replies

Sent 0 requests, 0 replies

0 unknown: 0 no socket, 0 filtered, 0 no helper

0 SAPs throttled, freed NDB len 0


0 packets received, 0 replies spoofed

Queue lengths:

IPX input: 0, SAP 0, RIP 0, GNS 0

SAP throttling length: 0/(no limit), 0 nets pending lost route reply

Delayed process creation: 0

The show ipx traffic command displays information about the number and type of IPX packets received and transmitted by the router.

Notice in this example that a high percentage of the total number of packets received and sent were RIP advertisements. This is because this sample was taken from a lab network with essentially no user traffic on it. This screen shows how much overhead traffic IPX generates.


Troubleshooting IPX Routing

Router# debug ipx routing activity

IPX routing debugging is on


IPXRIP: positing full update to 3010.ffff.ffff.ffff via Ethernet0 (broadcast)

IPXRIP: positing full update to 3000.ffff.ffff.ffff via Ethernet1 (broadcast)

IPXRIP: positing full update to 3020.ffff.ffff.ffff via Serial0 (broadcast)

IPXRIP: positing full update to 3021.ffff.ffff.ffff via Serial1 (broadcast)

IPXRIP: sending update to 3020.ffff.ffff.ffff via Serial0

IPXRIP: src=3020.0000.0c03.14d8, dst=3020.ffff.ffff.ffff, packet sent

network 3021, hops 1, delay 6

network 3010, hops 1, delay 6

network 3000, hops 1, delay 6

IPXRIP: sending update to 3021.ffff.ffff.ffff via Serial1

IPXRIP: scr=3021.0000.0c03.14d8, dst=3021.ffff.ffff.ffff, packet sent

network 3020, hops 1, delay 6

network 3010, hops 1, delay 6

network 3000, hops 1, delay 6

IPXRIP: sending update to 3010.ffff.ffff.ffff via Ethernet0

IPXRIP: src=3010.aa00.0400.284, dst=3010.ffff.ffff.ffff, packet sent

network 3030, hops 2, delay 7

network 3020, hops 1, delay 1

network 3021, hops 1, delay 1

network 3000, hops 1, delay 1

IPXRIP: sending update to 3000.ffff.ffff.ffff via Ethernet1

The debug ipx routing activity command displays information about IPX routing update packets that are transmitted or received.

A router sends an update every 60 seconds. Each update can contain up to 50 entries. If there are more than 50 entries in the routing table, the update will include more than one packet.

In this example, the router is sending updates but not receiving them. Updates received from other routers would also appear in this listing.









Troubleshooting IPX SAP

Router# debug ipx sap

IPX SAP debugging is on


Novell SAP: at 0023F778

I SAP Response type 0x2 len 160 src:160.0000.0c00.070d dest:160.ffff.ffff.ffff(452)

Type 0x4, "HELLO2", 199.0002.0004.0006 (451), 2 hops

Type 0x4, "HELLO1", 199.0002.0004.0008 (451), 2 hops

NovellSAP: sending update to 160

NovellSAP: at 00169080

O sap Update type 0x2 len 96 ssoc:0x452 dest:160.ffff.ffff.ffff (452)

Novell: type 0x4 "Magnolia", 42.0000.0000.0001 (451), 2 hops

The debug ipx sap command displays information about IPX SAP packets that are transmitted or received.

Like RIP updates, these SAP updates are sent every 60 seconds and may contain multiple packets. Each SAP packet appears as multiple lines in the output, including a packet summary message and a service detail message.

SAP responses may be one of these types:

0x1 – General query

0x2 – General response

0x3 – Get Nearest Server request

0x4 – Get Nearest Server response

In each line, the address and disance of the responding or target router is listed.









31) Describe Cisco’s implementation of Frame Relay & Recognise key Frame Relay terms and features.

Introduction to Frame Relay

Frame Relay operates like a streamlined, speeded-up descendant of X.25. In many industrialised countries, Frame Relay has been replacing the more complex, slower packet-switching services.

Regional Bell Operating Companies (RBOCs), alternate WAN carriers, and Post, Telephone, and Telegraph (PTT) providers have widely deployed a digital communication infrastructure that operates inside the WAN cloud.

At the same time, end-user devices at the edge of the WAN cloud increasingly demand wide area connections that provide higher transmission speeds, lower network delays, and efficient bandwidth to accommodate bursty data.

Frame Relay is based on virtual (VCs). Because of its relatively high-speed throughput and minimal overhead, Frame Relay is well suited for connecting LANs across a WAN. Because the router encapsulates upper-layer data in Frame Relay, it provides a DTE connection to the communications cloud DCE, which is a Frame Relay switch.

Frame Relay operates over permanent virtual circuits (PVCs). This means that connections are static, provisioned by a configuration statement. Multiple PVCs can interconnect DTEs across the Frame Relay network to a destination.

A data-link connection identifier (DLCI) identifies each PVC. The DLCI provides the major addressing mechanism of the router’s Frame Relay support to the Frame Relay WAN service.

Local Management Interface (LMI) refers to the overhead processing that sets up and maintains the connection between the router and the switch. It contains information about the PVC setup, status inquiries, and keepalive exchanges, as well as DLCI usage.

Frame Relay Stack

The core aspects of Frame Relay function at the lower layers of the OSI reference model.

Using modern physical-layer facilities such as fibre media and digital transmission links, Frame Relay offers higher-speed WAN transmission for end stations, typically on LANs.

Working at the data link layer, Frame Relay encapsulates information from the upper layers of the OSI stack.

Frame Relay operations share some features with older WAN packet switching such as X.25 For example, a Frame Relay interface between the user and the network equipment will transmit and receive frames using first-in, first-out (FIFO) queuing on a statistically multiplexed circuit. Several logical connections, described as virtual circuits, can share the same physical link.

However, unlike X.25, Frame Relay offers a relatively high-speed, streamlined service:

  • Transmission speed for Frame Relay span a wide range of data rates. Typically, a Frame Relay link transmits data at 56 kbps or 64 kbps, with T1/E1 (up to 2 Mbps) becoming common; Digital Signal 3 (DS-3) speed (45 Mbps) is available from some providers.
  • Frame Relay streamlined service functions as a "best-effort" unreliable link, assuming that improved digital of fibre facilities allow forgoing time consuming error-correction algorithms, acknowledgement schemes, and flow control corrections.


32) List commands to configure Frame Relay LMIs, maps, and subinterfaces.

Cisco LMI Support










Cisco offers broad support to these major Frame Relay protocol variations:

  • The American National Standards Institute’s (ANSI’s) accredited T1S1 committee in the United States describes Frame Relay signalling with T1.617 Annex D.
  • The International Telecommunication Union Telecommunication Standardisation Sector (ITU-T), formerly CCITT, uses the transmission standards sector to set Frame Relay signalling with Q.933 Annex A. This group began Frame Relay development in the mid-1980s as part of its ISDN research. Refer to LMI as q933a in the router.
  • Cisco refers to a consortium of the companies, nicknamed the "gang of four". These companies were Cisco, Digital Equipment Corporation, Northern Telecom, and StrataCom. Beginning in 1990, these companies worked together on Frame Relay technology to accelerate product introduction and interoperability.

Extensions promoted by this gang of four include virtual circuit status messages (commonly adopted) and three other optional LMI extensions (multicasting, global addressing, and simple flow control).

An administrator setting up a connection to a Frame Relay network must choose the appropriate LMI from these three alternatives to ensure proper Frame Relay operation.


Frame Relay Configuration

Router (config-if) # encapsulation frame-relay [ietf]

  • Sets Frame Relay encapsulation

Router (config-if) # frame-relay lmi-type { ansi | cisco | q933a }

  • Selects LMI type



Use the encapsulation frame-relay command to specify the data-link encapsulation type to be used on the serial interface communicating with the Frame Relay network.

Two different data-link encapsulation are supported:

The default is the Cisco encapsulation developed by the gang of four. This default operates only with other Cisco routers.

The Internet Engineering Task Force (IETF) encapsulation is specified in RFC 1294/1490. This encapsulation allows interoperation with other vendors’ routers.

The encapsulation can be specified globally, as illustrated here, or on a circuit-by-circuit basis, as shown on the next graphic below.

The standard Frame Relay encapsulation, as defined by the IETF, is derived from Point-to-Point Protocol (PPP). The default encapsulation on the Cisco router is proprietary.

Use the frame-relay lmi-type command to select the LMI type.

The router must be configured with the appropriate signalling to match the Frame Relay carrier implementation. All standard LMI signalling formats are supported:

  • ANSI – Annex D defined by ANSI standard T1.617
  • ITU-T (or q933a) – Annex A defined by Q.933
  • Cisco- LMI defined by the gang of four (default)


Frame Relay Address Mapping

Router (config) # frame-relay map protocol protocol-address DLCI [ broadcast ]

[ ietf | cisco ]

  • Defines how to reach a destination

Use the frame-relay map command to statically map destination network protocol addresses to a designated DLCI.

frame-relay map Command Description

protocol Supported protocol: appletalk, clns, decnet, ip, xns, ipx, vines.

protocol-address Address for the protocol.

DLCI DLCI number of the virtual circuit.

broadcast (Optional) Broadcast should be forwarded when multicast is not enabled.

ietf (Optional) Enables the IETF LMI.

cisco (Optional) Enables the Cisco LMI (default)




Nonbroadcast Multi-access (NBMA)

















  • All routers appear as peers on a single subnet
  • Assumes configuration with full meshed virtual circuit

One model for implementing Frame Relay in an internetwork is called nonbroadcast multiaccess (NBMA). The NBMA model makes all routers connected by virtual circuits peers on the same IP network or subnetwork. Because Frame Relay does not support broadcasting, the routers must copy all broadcasts and transmit on each virtual circuit.

For routing protocols that allow split horizon to be turned off, full connectivity can be achieved in a partial mesh configuration. For protocol such as AppleTalk RTMP, which do not allow split horizon to be turned off, connectivity is restricted between routers that are directly connected by virtual circuits.

Frame Relay Maps Example

Cisco A

interface serial 0

ip address


! enable frame relay, use the ANSI LMI

encapsulation frame-relay

frame-relay lmi-type ansi

! Note: for alternate ietf encap, also use lmi-type ansi


!set up a static frame relay map - full mesh


frame-relay map ip 48 broadcast

frame-relay map ip 110 broadcast








In the example:

encapsulation frame-relay – Sets encapsulation type to Cisco (default).

frame-relay lmi-type ansi – Selects LMI to ANSI


frame-relay map Command Description

ip Higher-level protocol. Address being mapped.

48 DLCI used to reach the destination.

broadcast Allows broadcasts, such as routing updates, to be forwarded.

IP traffic destined for will use DLCI 48 to negotiate the Frame Relay cloud. Interface serial 0 will send broadcast traffic as well as IP traffic.

Cisco A is configured with a frame-relay map statement for every peer router. In this example, we show a fully meshed configuration with three routers.

Because of the overhead associated with copying broadcasts to a large number of peer routers, it is important to limit the number of routers in an NBMA group.

Split Horizon and Frame Relay

In an NBMA environment, routers trying to forward updates face another condition that can cause trouble. This condition comes from the operation of split horizon on a serial interface attached to WAN services.

With split horizon, if a router learns a route from an interface, it does not propagate information about that route back out that same interface. For Frame Relay, this condition applies for all routing protocols except those in the IP suite (for example, RIP IGRP, Enhanced IGRP). Split horizon also applies to all service advertisements (for example, IPX SAP or GNS traffic, and AppleTalk ZIP updates).

Full Mesh for Frame Relay
















  • Full connectivity using a full point-to-point mesh uses many PVCs and configuration statements.

Because the split-horizon mechanism will not allow routers to send updates into and then out of the same interface, you could provision for connectivity by operating Frame Relay with a full mesh. This sets up a Frame Relay data link from every router to every other destination. Then at each router you configure a DLCI to each destination of that router.

However, this approach to connect routers over the Frame Relay WAN involves key disadvantages:

  • The administrator must order many Frame Relay PVCs from the service provider. The service provider will need to install provisioned PVC, and the enterprise will receive a bill for all charges. Then the enterprise faces ongoing, incremental bills for each PVC.
  • The configuration at each router must contain mapping statements for each DLCI it uses. To represent its entire Frame Relay destinations, the configuration of all routers using this full-mesh approach will require many map statements. This configuration might be difficult to set up and support.


An Altenative: Subinterfaces
















  • Routers need to bypass split horizon on S0
  • Define logical subinterfaces on the serial line

An NBMA WAN environment needs to act like a LAN regarding its multiaccess operations. However, split horizon does not allow multiaccess updates into, and then out from, the same single serial line. Although routers need to get around split horizon for updates that use the WAN, the alternative of provisioning a full mesh may be impractical.

Another alternative establishes a number of virtual interfaces on a single physical serial interface. These virtual interfaces are logical constructs called subinterfaces.

You define these logical subinterfaces on the serial line. Each subinterface uses a DLCI that represents the destination for a Frame Relay PVC on your network. After you configure the Frame Relay interface DLCI on the subinterface, your router must associate one or more protocol addresses from the destination to the DLCI.

Keep in mind that you have still defined only the single S0 physical interface on router A. However, on that single S0, you have now defined an S0.1 subinterface for the Frame Relay DLCI to router B, an S0.2 subinterface for router C, and an S0.3 subinterface for router D.



Partial Mesh for Frame Relay

















  • Map DLCIs with A’s subinterfaces to connect all routers with fewer DLCIs and s simpler configuration.

When you define logical subinterfaces on a single physical interface, Frame Relay operates using a partial-mesh design.

To do so, you associate the DLCI for a destination to a subinterface. Use one DLCI and one subinterface for each destination router.

With subinterfaces configured, routers can connect with each other and send updates. Routers bypass the split horizon in effect for the single physical interface on router A’s S0.

As result you can connect all routers without needing a separate Frame Relay PVC between each router. The overall configuration to accomplish these connections is much simpler – you no longer need a map statement for each protocol address on each destination of each router.

Router(config)# interface type .subinterface-number point-to-point

  • Defines the logical subinterface for Frame Relay and enters the interface configuration mode

Router(config-if)# frame-relay interface-dlci dlci broadcast

  • Assigns a DLCI to the Frame Relay subinterface on the router

Before you can configure and use Frame Relay subinterfaces, you must first have a physical interface set up with encapsulation for Frame Relay. The commands and description for Frame Relay subinterfaces follows. The command defines the subinterface.




Command Description

type Any interface suitable for Frame Relay. Usually a serial interface.

.subinterface-number number refers to the number of the physical interface; following the dot, subinterface is a unique integer on that interface.

point-to-point This required keyword specifies that the subinterface refers to a single Frame Relay destination; the alternative argument is multipoint.

The frame-relay interface-dlci command assigns a Frame Relay DLCI to the subinterface.

Command Description

dlci The DLCI you designate to indicate the destination on the subinterface you defined with the first command.

broadcast Allows the subinterface to forward broadcasts, such as routing updates.

Follow these commands by defining a destination’s network address that Frame Relay will represent using the DLCI.

Frame Relay with Subinterfaces

















  • Each Frame Relay subinterfaces uses its own subnet

When you configure subinterfaces and Frame Relay DLCIs, the network architecture that results uses a different subnet for the link on each subinterface, as the graphic shows.

  • On router A, the subinterface S0.1 uses DLCI 110 on IP subnet (assuming 8 bits of subnet mask).
  • For subinterface S0.2, DLCI 48 connects to

This design differs from point-to-point mapping for NBMA. In that configuration, all routers acted as peers on a single subnetwork. The configuration used fully meshed PVCs.

However, when you use Frame Relay with subinterfaces, only the two routers on a PVC act as subnet peers. The Frame Relay configuration contains multiple subnetworks.

The DLCI on the subinterface represents one or more destination protocol addresses.

  • On router A, DLCI 110 refers to the destination IPX network 4a1d.
  • DLCI 48 refers to the destination IPX network 4c1d.

The following graphic shows the configuration commands used to implement this configuration.

A full mesh is no longer necessary full update connectivity. No Frame Relay facility directly connects the two routers on the right. Using this approach saves the organisation the initial and ongoing expenses otherwise necessary with a full-mesh network.

Subinterface Configuration Example

Cisco A

interface serial 0

Encapsulation frame-relay


! the first of the two subinterfaces

interface s 0 .1 point-to-point

! assign the DLCI to the subinterfaces

frame-relay interface-dlci 110 broadcast

! indicate the destination protocol address for DLCI 110

ipx network 4a1d


! the second subinterface on the S0 interface

interface s 0.2 point-to-point

frame-relay interface-dlci 48 broadcast

ipx network 4c1d

To configure Frame Relay subinterfaces, you start with the same commands you saw earlier. This example assumes that the Frame Relay LMI uses the default encapsulation cisco. In the example:

The interface s 0.n point-to-point command assigns a subinterface on the designated interface (S0).

n Subinterface number from 1 through 42944967293.

point-to-point Establishes the type of the subinterface.

The frame-relay interface-dlci nn broadcast command sets the DLCI to use on the subinterface.

nn Locally unique number from the DLCIs provided by the Frame Relay network service.

Broadcast Indicates that broadcast traffic can use the DLCI to the destination.

The ipx network nnnn command sets the network number. The subinterface DLCI refers to this destination.


Inverse ARP for Network Discovery























  • This auto-discovery of remote destination addresses simplifies Frame Relay configurations

Configurations using either NBMA groups or subinterface DLCI can be simplified through use of the Inverse ARP protocol. With Inverse ARP, the router needs to know only its own network protocol address on the NBMA network or subnet.

The router learns about the virtual circuits through LMI signalling from the Frame Relay switch. The router then learns the network address of each peer router by sending and receiving Inverse ARP messages on each added DLCI.












Using Inverse ARP for DLCIs













  • Frame Relay Inverse ARP is on by default once you specify DLCIs
  • Inverse ARP resolves protocol addresses of remote routers for local DLCIs

As soon as you specify DLCIs for Frame Relay, Inverse ARP automatically starts.

With Inverse ARP, the process resolves to a network address when given a DLCI. The router announces a network address and DLCI. The Frame Relay Inverse ARP allows the Frame Relay network to propagate the information.

Because Inverse ARP for Frame Relay is on by default, if you need to disable Inverse ARP on a local DLCI, use the no frame-relay inverse-arp command.

This configuration replaces the need for frame-relay map commands. However, any entries resulting from frame-relay map commands continue to establish static routes.

The configuration also replaces the need for entering specific network protocol address statements for subinterface configurations. However, any specific addresses you enter take precedence over any addresses for that protocol resolved by Inverse ARP.

The lines of text that describe the various arrows on the graphic are not commands the administrator must enter. Instead, they show the status of information that Inverse ARP uses for Frame Relay networks.

















33) List commands to monitor Frame Relay operation in the router.

Showing a Frame Relay Interface

Router# show int s 0

Serial 0 is up, line protocol is up

Hardware is MCI Serial

Internet address is, subnet mask is

MTU 1500 bytes, BW 56 Kbit, DLY 20000 usec, rely 252/255, load 1/255

Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec)

LMI DLCI 1023, LMI sent 1, LMI stat recvd 0, LMI upd recvd 0

Last input 0:04:42, output 0:00:07, output hang never

Last clearing of "show interface" counters never

Output queue 0/40, 0 drops; input queue 0/75, 0 drops

Five minute input rate 0 bits/sec, 0 packets/sec

Five minute output rate 0 bits/sec, 0 packets/sec

6019 packets input, 305319 bytes, 0 no buffer

Received 2973 broadcasts, 0 runts, 0 giants

7 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 7 abort

8595 packets output, 3499314 bytes, 0 underruns

0 output errors, 0 collisions, 10 interface resets, 0 restarts

17 carrier transitions

Using the show interface serial command displays a snapshot of current Frame Relay settings. In particular, note the encapsulation set to Frame Relay, and the bandwidth set to 56 kbps. Also note that LMI transactions will use DLCI 1023.


Monitoring Frame Relay

Router#terminal monitor

Router#no logging console

Router#debug frame-relay lmi

Serial 0 (out): StEnq, clock 20212760, myseq 206, mineseen 205, yourseen 136, DTE up

Serial 0 (in): Status, clock 20212766, myseq 206

RT IE 1, length 1, type 1

Serial 0 (out): StEnq, clock 20212770, myseq 207, mineseen 206, yourseen 138, DTE up

Serial 0 (in): Status, clock 20212776, myseq 207

RT IE, length 1, type 0

KA IE 3, length 2, yourseq 146, myseq 298

PVC IE 0x7, length 0x6, dlci 48, status 0, bw 56000

PVC IE 0x7, length 0x6, dlci 58, status 0, bw 56000

PVC IE 0x7, length 0x6, dlci 110, status 4, bw 56000


Your Frame Relay configuration enables the router to interface the Frame Relay service provider network. The router exchanges LMI packets with provider’s Frame Relay switch. Use the debug frame-relay lmi command to see an indication of the exchanged information between your router and your Frame Relay service provider.

The sample display from this debug command includes the following information:

Command Description

Serial 0 (out) Indicates an LMI packet sent out from the router on that interface.

DTE up Frame Relay line protocol is up for the user-side interface.

Serial 0 (in) Indicates an LMI sent by the provider switch into the router.

Type 1(or type 0) Status update is abbreviated (type 1), or full (type 0).

PVC IE…..dlci 48, status 0 Full status update PVC information element on DLCI 48 shows that DLCI has been added to the network and is inactive.

Bw 56000 PVC for the DLCI uses a 56-kbps Frame Relay facility.

34) Identify PPP operations to encapsulate WAN data on Cisco routers.

PPP LCP Configuration Options

Feature How it Operates Protocol

Authentication. Require a password. PAP.

Perform Challenge Handshake. CHAP.

Compression. Compress data at source; Stacker or

reproduce data at destination. Predictor.

Error Monitor data dropped on link. Quality.

Detection. Avoid frame looping. Magic Number.

Multilink. Load balancing across Multilink

multiple links. Protocol (MP).

RFC 1548 describes PPP operation and LCP configuration options. Cisco routers that use PPP encapsulation include the LCP options shown in the table.

  • Authentication options require that the calling side of the link enter information to help ensure the caller has the network administrator’s permission to make the call. Peer routers exchange authentication messages. Two alternatives:
  • Password Authentication Protocol (PAP)
  • Challenge Handshake Authentication Protocol (CHAP)
  • Compression options increase the effective throughput on PPP connections by reducing the amount of data in the frame that must travel across the link. The protocol decompresses the frame at its destination.

Two compression protocols available in Cisco routers are Stacker and Predictor.

  • Error-detection mechanisms with PPP enable a process to identify fault conditions. The Quality and Magic Number options help ensure a reliable, loop-tree data link.
  • Cisco IOS Release 11.1 and later support multilink PPP. This alternative provides load balancing over the router interfaces that PPP uses.

Packet fragmentation and sequencing, as specified in RFC 1717, splits the load for PPP and sends fragments over parallel circuits. In some cases, this "bundle" of multilink PPP pipes functions as a single logical link, improving throughput and reducing latency between peer routers.

Configuring PPP

Router (config-if) # encapsulation ppp

  • Defines encapsulation type as PPP

Router (config-if) # ppp authentication pap

  • Sets password checking for incoming calls

Router (config-if) # ppp authentication chap

  • Forces incoming calls to answer password challenges

Router (config) # username name password secret-pwd

  • Sets host name and password for call verification

The commands shown in graphic relate to PPP configuration most commonly used ISDN on Cisco routers.

Note: The administrator may use either PAP or CHAP, but not both, on a PPP link. PAP uses the exchange of clear-text passwords between the calling and called sides of the link. Alternatively, CHAP is a more sophisticated process that authenticates the caller without disclosing the password on the link. CHAP is less vulnerable to line taps and is generally preferred because it provides better security.

35) Configure standard access lists to figure IP traffic.

IP Standard Access Configuration

Router (config)#

access-list access-list-number {permit | deny} source [source-mask]

  • Sets parameters for this list entry
  • IP standard access lists use 1 to 99

Router (config)# ip access-group access-list-number { in | out }

  • Activates the list on the interface

The access-list command creates an entry in a standard traffic filter list.

access-list Command Description

access-list-number Identifies the list to which the entry belongs; a number from 1 to 99.

permit | deny Indicates whether this entry allows or blocks traffic from the specified address.

source Identifies source IP address

source-mask Identifies which bits in the address field are matched. It has a 1 in positions indicating "don’t care" bits, and a 0 in any position that is to be strict followed.

The ip access-group command links an existing access list to an outbound interface. Only one access list per port per protocol per direction is allowed.

ip access-group

Command Description

access-list-number Indicates the number of the access list to be linked to this interface.

in | out Selects whether the access list is applied to the incoming or outgoing interface. If in or out is not specified, out is the default

Note To remove an access list, first enter the no access-group command with all of its set parameters, then enter the no access-list command with all of its set parameters.



Standard Access List Example 1

access-list 1 permit

(implicit deny all – not visible in the list)

(access-list 1 deny

interface ethernet 0

ip access-group 1 out

interface ethernet 1

ip access-group 1 out

  • Permit my network only

In the example:

access-list Command Description

  1. Access list number; indicates this is a simple list.

permit Traffic that matches selected will be forwarded. IP address that will be used with the wildcard mask to identify the source network. Wildcard mask; 0s indicate positions that must match, 1s indicate "don’t care" positions.

ip access-group 1 out Links the access list to an outgoing interface.


This access list allows only traffic from source network to be forwarded. Non- network traffic is blocked.

Standard Access List Example 2

access-list 1 deny host

access-list 1 permit

(implicit deny all)

(access-list 1 deny

interface ethernet 0

ip access-group 1

  • Deny a specific host

In the example:

access-list Command Description

  1. Access list number; indicates this is a simple list.

deny Traffic that matches selected parameters will not be forwarded.

        1. IP address of the source host. Wildcard mask; 0s indicate positions that must match, 1s indicate "don’t care" positions. All 0s in the mask indicates that all 32 bits will be checked in the source address.

access-list Command Description

  1. Access list number; indicates this is a simple list.

Permit Traffic that matches selected parameters will be forwarded

      1. IP address of the source host; all 0s indicate a placeholder.
        1. Wildcard mask; 0s indicate positions that must match, 1s indicate "don’t care" positions. All 1s in the mask indicates that all 32 bits will not be checked in the source address.

The access list is designed to block traffic from a specific address,, and to allow all other traffic to be forwarded on interface Ethernet 0.

Standard Access List Example 3

access-list 1 deny

access-list 1 permit any

(implicit deny all)

(access-list 1 deny

interface ethernet 0

ip access-group


  • Deny a specific subnet

In the example:

access-list Command Description

  1. Access list number; indicates this is a simple list.

deny Traffic that matches selected parameters will not be forwarded.

      1. IP address of the source subnet.
        1. Wildcard mask; 0s indicate positions that must match, 1s indicate "don’t care" positions. The mask with 0s in the first three octets indicates those positions must match; the 255 in the last octet indicates a "don’t care" condition.

access-list Command Description

  1. Access list number; indicates this is a simple list.

Permit Traffic that matches selected parameters will be forwarded.

any Abbreviation for the IP address of the source; all 0s indicate a placeholder and the wildcard mask All 1s in the mask indicates that all 32 bits will not be checked in the source address.

This access list is designed to block traffic from a specific subnet,, and to allow all other traffic to be forwarded.

36) Monitor and verify selected access list operations on the router.

Monitoring Access Lists

The show ip interface command displays IP interface information and indicates whether any access lists are set.

Router# sho ip interface

Ethernet 0 is up, line protocol is up

Internet address is, subnet mask is

Broadcast address is

Address determined by non-volatile memory

MTU is 1500 bytes

Helper address is

Secondary address, subnet mask

Outgoing access list 10 is set

Inbound access list is not set

Proxy ARP is enabled

Security level is default

Split horizon is enabled

ICMP redirects are always sent

ICMP unreachables are always sent

ICMP mask replies are never sent

IP fast switching is enabled

TCP/IP header compression is disabled

Probe proxy name replies are disabled


Monitoring Access List Statements

Router> show access-lists

Standard IP access list 19


deny, wildcard bits

Standard IP access list 49

permit, wildcard bits

permit, wildcard bits

permit, wildcard bits

permit, wildcard bits

Extended IP access list 101

permit tcp eq 23

Type code access list 201

permit 0x6001 0x0000

Type code access list 202

permit 0x6004 0x0000

deny 0x0000 0xFFFF


The show access-lists command displays the contents of all access lists. This Cisco IOS command provides more details about the access list statements. By entering the access list name or number as an option for this command, you can see a specific list.

37) State a relevant use and context for ISDN networking.

Using ISDN Services

  • Uses higher-quality end-to-end digital facilities
  • Sets up call faster then basic telephone service
  • Carries varied feeds (for example, packets, voice, video)
  • Meets demand for telecommuting bandwidth.
  • Improves Internet response (especially for WWW)

Integrated Services Digital Network (ISDN) is a complex call processing system that allows telephone networks to carry voice, data, and other source material in the same all-digital communication stream.

The product features much faster call setup using out-of-band signalling than modem connections. For example, a duration of less than 1 second can be sufficient to make some ISDN calls.

Once a call is up, ISDN can carry a variety of user-traffic feeds. The ISDN model shows ISDN providing access to all-digital facilities for video, telex, packet-switched data, and enriched telephone net services.

ISDN users access bearer (B) channel services at 64kbps – much faster than common modem alternatives of 14.4 kbps. With multiple B channels, ISDN offers users more bandwidth on WANs than they receive with a leased line at 56 kbps in North America or 64 kbps in much of the rest of the world.

ISDN is fast becoming the transport of choice for applications using remote connectivity, access to the Internet, and the World Wide Web (WWW). Before the tremendous growth in these applications, many in the United States believed ISDN was a solution looking for a problem.

38) Identify ISDN protocols, function groups, reference points, and channels.

ISDN Protocols

Work on standards for ISDN began in the late 1960s. A comprehensive set of ISDN recommendations was published in 1984 and is continuously updated by CCITT – now the International Telecommunication Union Telecommunication Standardisation Sector (ITU-T).

ITU-T groups and organises the ISDN protocols according to general topic areas.

  • Protocols that begin with "E" recommend telephone network standards for ISDN. For example, the E.164 protocol describes international addressing for ISDN.
  • Protocols that begin with "I" deal with concepts, terminology, and general methods. The I.100 series includes general ISDN concepts and the structure of other I-series recommendations; I.200 deals with service aspects of ISDN; I.300 describes network aspects; I.400 describes how the User-Network Interface (UNI) is provided.
  • Protocols beginning with "Q" cover how switching and signalling should operate. The term "signalling" in this context means the process of call set used. Q921 describes the ISDN data-link processes of LAPD, which functions like layer 2 processes in the OSI/ISO reference model. Q.931 specifies ISO/OSI reference model Layer 3 functions.

Q.931 recommends a network layer between the terminal endpoint and the local ISDN switch. This protocol does not impose an end-to-end recommendation. The various ISDN providers and switch types can and do use various implementations of Q.931. Other switches were developed before the standards groups finalised these standards.

ISDN Functions/Reference Points

To access ISDN, you must provide functions and reference points that comply with ISDN service provider standards. By using these functions and reference points, you can improve communication with vendors and service providers while you engineer, install and support your support your ISDN facilities.

  • Functions - Device types or hardware functions that represent transition points between the reference-points interfaces.

The following table defines the basic ISDN device or hardware acronym and its function.

TA (Terminal Adapter) - Converts from RS232, V.35, and other signals into BRI signals

TE1 (Terminal End-point 1) - Designates a router as a device having a native ISDN interface.

TE2 (Terminal End-point 2) - Designates a router as a device requiring a TA for its BRI signals.

NT1 (Network Termination 1) - Converts BRI signals into a form used by the local loop.

LT (Local Termination) - Portion of the exchange that communicates with other ISDN.

ET (Exchange Termination) - Portion of the exchange that communicates with other ISDN components.

Reference points – CCITT has defined the ISDN local loop characterised by different interfaces. The standards call these key reference points R, S, T, U, and V.

The connection between TE1 or TE2 and NT2 is reference point S

The connection between TE2 and TA is reference point R

The connection between NT2 and NT1 is reference point T

The connection between NT1and LT is reference point U

The connection between LT and ET is reference point V

Customer Premises to ISDN

ISDN specifies two main interface types: BRI and PRI.

  • BRI – Two 64-kbps bearer channels (2B) plus one 16-kbps data channel (+D) service, BRI operates with Cisco 1000, 2500, 3000, and 4000 series. BRI connects to an NT1 for 4-wire connection.
  • PRI – In North America and Japan, 23 bearer (B) channels and one 64-kbps D channel (a T1/DS1 facility).

In Europe and much of the rest of the world, PRI offers 30 B channels and a D channel (an E1 facility). PRI uses a data service unit/channel service unit (DSU/CSU) for T1/E1 connection.

The boundary between customer premise equipment (CPE) and equipment controlled exclusively by the ISDN service provider affects hardware acquisition and operation duties required for ISDN service.

Regional differences determine who provides key ISDN functions and where the equipment is located:

  • In North America and Japan, the PRI interfaces to a DSU/CSU are provisioned by the end user.
  • In Europe and much of the rest of the world, the DSU/CSU is part of the ISDN service provider’s equipment.

ISDN Channels for BRI are 2B+D

BRI is sometimes written as 2B+D. This interface provides two bearer channels at 64 kbps and an additional 16 kbps signalling channel.

The B channels can be used for digitised speech transmission or for relatively high-speed data transport. Narrowband ISDN is circuit switched oriented. The B channel is the elemental circuit-switching unit.

The D channel carries signalling information (call setup) to control calls on B channels at the user-network interface. In addition to carrying signalling information, the D channel is used to carry subscriber low-rate packet data, such as alarm systems. Cisco routers do not currently use this facility. Traffic over the D channel employs the LAPD data-link-level protocol. LAPD is based on HDLC.

The call setup follows the ITU-T Q.931 recommendation for call control standards.


39) Describe Cisco’s implementation of ISDN BRI.

Cisco ISDN Features

  • Multiprotocol support
  • Available on several router series
  • SNMP support with ISDN MIB Group
  • Multiple bearer channels
  • Bandwidth on demand
  • Optional incoming call screening
  • PPP with compression options
  • Services only when needed by using DDR (Dial-on-Demand Routing)

ISDN provides WAN transport for all major routing protocols. ISDN also works with other WAN services such as X.25 and Frame Relay.


Cisco offers a broad range of ISDN products, including several router models that contain native ISDN interfaces. Administrators can use an SNMP-based network management application to control the ISDN interfaces. Routers use an ISDN Management Information Base (MIB) and can act as managed objects.

The multiple, independent B channels on router ISDN configurations transmit data at the standard 64-bps (DS0) rate, or you can configure for 56-kbps facilities.

The bandwidth-on-demand option allows a pre-established load threshold setting to add available B-channel resources to an ISDN call. This DDR dialler load condition could, for example, add a DS0 on demand.

Another option on Cisco routers is to pre-establish table entries on a destination router to provide incoming ISDN call screening. The destination (or called router) acts on entries that specify which calls from a source (or calling) router the destination will accept.

PPP encapsulation offers improved capabilities for standards-based access to the Internet. Among these improvements are access control and compression methods.

DDR improves the cost-effective use of ISDN by setting conditions that make the ISDN call, then dropping the call once the link is no longer needed.

40) Describe the advantages of LAN segmentation.

You can divide a network into smaller segments to reduce the number of users per segment, thereby increasing the bandwidth available to each user in the segment. Each segment is a collision domain, supporting traffic between nodes without interference from nodes attached to the other segments. As long as user traffic remains on a workgroup segment, each user has more bandwidth available than if all nodes were attached to the original backbone.








41) Describe LAN segmentation using bridges.

Bridges segment LANs by using MAC addresses. MAC Address learning is a service that characterises a learning bridge, in which the source MAC address of each received packet is stored is so that future packets destined for that address can be forwarded only to the bridge interface on which that address is located. Packets destined for unrecognised addresses are forwarded out every bridge interface. This scheme helps minimise traffic on the attached LANs. MAC address learning is defined in the IEEE 802.1 standard.

42) Describe LAN segmentation using routers.

LAN segmentation using routers is simply a router between Lans. Broadcast messages are not forwarded across routed segments. LAN segmentation is done at layer 3 (Network layer) unlike bridging which is done at layer 2 (Data Link Layer).

43) Describe LAN segmentation using switches.

Switch segments are basically are highly intelligent bridged segments, with a few other interesting features such as VLANs (Virtual Local Area Networks), and lots of protocols for tunnelling data between switches. Switches provide the same functionality as bridges except they do it at a wire speed (without introducing latency).

44) Name and describe two switching methods.

Store-and-forward Switching Method

Store-and-forward switching is one of the two main types of LAN switching.

With the store-and-forward switching method, the LAN switch copies the entire flame into its onboard buffers and computes the cyclic redundancy check (CRC).

The frame is discarded if it contains a CRC error, or if it is a runt (less than 64 bytes including the CRC), or a giant (more than 1518 bytes including the CRC).

If the frame does not contain any errors, the LAN switch looks up the destination address in its forwarding or switching, table and determines the outgoing interface. It then forwards the frame toward its destination.

Cut-Through Switching Method

Cut-through switching method, the LAN switch copies only the destination address (the first 6 bytes following the preamble) into its onboard buffers.

It then looks up the destination address in its switching table, determines the outgoing interface and forwards the frame toward its destination.

A cut-through switch provides reduced latency because it begins to forward the frame as soon as it reads the destination address and determines the outgoing interface.

Some switches can be configured to perform cut-through switching on a per-port basis until a user-defined error threshold is reached, when they will automatically change to store-forward mode. When the error rate falls below the threshold, the port automatically changes back to store-and-forward mode.


45) Describe full and half-duplex Ethernet operation.

Half-duplex Ethernet Design

The Ethernet physical connector provides several circuits. Each circuit is used for a specific purpose. The most important of the circuits are receive (RX), transmit (TX), and collision-detection. When standard half-duplex Ethernet is implemented, the TX circuit is active at the transmitting station. When another station is transmitting, the station’s RX circuit is active. Logically, these circuits feed into a single cable creating a situation similar to the narrow one-way bridge analogy










  • Standard Ethernet circuits feed into a single cable

Full-duplex Ethernet Design

Full-duplex Ethernet Switch (FDES) technology provides a transmit circuit connection wired directly to the receiver circuit at the other end of the connection. Since just two stations are connected in this arrangement, a collision-free environment exists here. Unlike half-duplex Ethernet, the conditions for multiple transmissions on the same physical medium do not occur.

Standard Ethernet configuration efficiency is typically rated at 50-60 percent of the 10-Mbps bandwidth. Full-duplex Ethernet offers 100 percent efficiency in both directions. (10-Mbps transmit, and 10-Mbps receive.) This produces a theoretical 20-Mbps of throughput.










  • Full-duplex Ethernet circuitry permits simultaneous two-way traffic.

Full-duplex Requirements

In order to implement full-duplex Ethernet, you require the following:

  • Two full 10-Mbps or 100-Mps data paths.
  • Full-duplex Ethernet controllers or an Ethernet controller for each path.
  • Loopback and collision detection disabled.
  • Software drivers supporting two simultaneous data paths.
  • Adherence to Ethernet distance constraints:
  • 10BaseT/100BaseTX (100 metres)
  • 10BaseFL (2 kilometres)
  • 100BaseFX (2 kilometres)

46) Identify reasons why the industry uses a layered model.

Most communications environments separate the communication functions and application processing. This separation of networking functions is called layering. For the OSI model, seven numbered layers indicate distinct functions. Within the Transmission Control Protocol/Internet Protocol (TCP/IP), for example, distinct functions fit into five named layers. Regardless of the number of layers, the reasons for this division of network functions include the following:

  • Divide the interrelated aspects of network operation into less complex elements.
  • Define standard interface for plug-and-play compatibility and multivendor integration.
  • Enable engineers to specialise to design and development efforts on modular functions.
  • Promote symmetry in the different internetwork modular functions so they interoperate
  • Prevent changes in one area from impacting other areas, so each area can evolve more quickly.
  • Divide the complexity of internetworking into discrete, more easily learned operation subsets.

47) Identify the functions of each layer of the ISO/OSI reference model.

Each layer of the ISO model serves a specific function. Those functions are defined by the OSI and can be used by any network products vendor. The functions are:

Application – The application layer provides network services to user applications. For example, a word processing application is serviced by file transfer services at this layer.

Presentation – This layer provides data representation and code formatting. It ensures that the data that arrives from the network can be used by the application, and it ensures that information sent by the application can be transmitted on the network.

Session – This layer establishes, maintain, and manages sessions between applications.

Transport – This layer segments and reassembles data into a data stream.

Network – This layer determines the best way to move data from one place to another. It manages device addressing and tracks the location of devices on the network. The router operates at this layer


Data Link – This layer provides physical transmission across the medium. It handles error notification, network topology, and flow control.

Physical – This layer provides the electrical, mechanical, procedural, and functional means for activating and maintaining the physical link between systems.

48) Define and explain the 5 conversion steps of data encapsulation.

Data Encapsulation

Each layer depends on the service function of the ISO/OSI layer below it. To provide this service, the lower layer uses encapsulation to put the PDU from the upper layer into its data field; then it can add whatever headers and trailers the layer will use to perform its function.

For example, the network layer provides a service to the transport layer, and the transport layer presents "data" to the internetwork subsystem.

The network layer has the task to of moving that data through the internetwork. It accomplishes this task by encapsulating the data within a header. This header contains information required to complete the transfer, such as source and destination logical address.

The data link layer in turn provides a service to the network layer. It encapsulates the network layer information in a frame. The frame header contains information required to complete the data link functions. For example, the frame header contains physical addresses.

The physical layer also provides a service to the data link layer. This service includes encoding the data link frame into a pattern of ones and zeros for transmission on the medium (usually a wire).

As internetworks perform services for users, the flow and packaging of the information changes. In this example of internetworking, five conversion steps occur:

  1. As a user sends an e-mail message, its alphanumeric characters are converted to use the internetwork. This is the data.
  2. One change packages the message "data" for the internetwork transport subsystem. By using segments, the transport function ensures the message hosts at both ends of the e-mail system can reliably communicate.
  3. The next change prepares the data so they can use the internetwork by putting the data into a packet or datagram that contains a network header with source and destination logical addresses. These addresses help network devices send the packets across the network along a chosen path.
  4. Each network device must put the packet into a frame so it can communicate over its interface to the network. The frame allows a connection to the next directly connected network device on the link. Each device in the chosen network path requires framing to connect to the next device.
  5. The frame must be converted into a pattern of 1s and 0s for transmission on the medium (usually a wire). Some clocking function enables the devices to distinguish these bits as they traverse the medium.



The medium on the physical internetwork can vary along the path used. For example, the e-mail message can originate on a LAN, cross a campus backbone, go out a low-speed WAN link, and use a higher-speed WAN link until it reaches its destination on another remote LAN.




49) Identify the functions of the TCP/IP transport-layer protocols.

The transport layer performs two functions:

  • Flow control provided by sliding windows
  • Reliability provided by sequence numbers and acknowledgements

Two protocols provided by the transport layer: TCP and UDP.

  • TCP is a connection-oriented, reliable protocol. It is responsible for breaking messages into segments, reassembling them at the destination station, resending anything that is not received, and reassembling messages from the segments. TCP supplies a virtual circuit between end-user applications.
  • UDP is connectionless and "unreliable." Although UDP is responsible for transmitting messages, no software checking for segment delivery is provided at this layer; hence the description "unreliable."

TCP Segment Format

Field definitions in the TCP segment:

  • Source Port – Number of the calling port (16 bits)
  • Destination Port – Number of the called port (16 bits)
  • Sequence Number – Number used to ensure correct sequencing of the arriving data (32 bits)
  • Acknowledgement Number – Next expected TCP octet (32 bits)
  • HLEN – Number of 32-bit words in the header (4 bits)
  • Reserved – Set to zero (6 bits)
  • Code Bits – Control functions (such as setup and termination of a session) (6 bits)
  • Window – Number of Octets that the sender is willing to accept (16 bits)
  • Checksum – Calculated checksum of the header and data fields (16 bits)
  • Urgent Pointer – Indicates the end of the urgent data (16 bits)
  • Option – One currently defined: maximum TCP segment size (0 or 32 bits)
  • Data – Upper-layer protocol data

Port Numbers

Both TCP and UDP use port (or socket) numbers to pass information to the upper layers. Port numbers are used to keep track different conversations crossing the network at the same time.

Application software developers agree to you use well-known port numbers that are defined in RFC 1700. For example, any conversation bound for the FTP application uses the standard port number 21. Conversations that do not involve an application with a well-known port number are assigned port numbers randomly chosen from within a specific range instead. These port numbers are used as source and destination addresses in the TCP segment.


Some ports are reserved in both TCP and UDP, but applications might not be written to support them. Port numbers have the following assigned ranges:

  • Numbers below 255 are for public applications.
  • Numbers from 255 to 1023 are assigned to companies for saleable applications.
  • Numbers above 1023 are unregulated.

TCP Port Numbers

End systems use port numbers to select the proper application. Originating source port numbers are dynamically assigned by the source host, usually some number greater than 1023.

TCP Three-Way Handshake/Open Connection

Both ends of the connection are synchronised with a three-way handshake/open connection sequence.

Exchanging beginning sequence numbers during the connection sequence ensures that lost data be recovered if problems occur later.

TCP Simple Acknowledgement

The window size determines how much data the receiving station can accept at one time. With a window size of one, each segment must be acknowledged before segment is transmitted. This results in inefficient use bandwidth by the hosts.

TCP Sliding Window

A larger window size allows more data to be transmitted pending acknowledgement.

Window size refers to the number of messages that can be transmitted while awaiting an acknowledgement. After a host transmits the window-size number of bytes, it must receive an acknowledgement before any more messages can be sent.

TCP uses expectational acknowledgements, meaning that the acknowledgement number refers to the octet expected next. The "sliding" part of "sliding window" refers to the fact that the window size is negotiated dynamically during the TCP session.

A sliding window results in more efficient use of bandwidth y the hosts.

TCP Sequence and Acknowledgement Numbers

TCP provides sequencing of segments with a forward reference acknowledgement. Each datagram is numbered before transmission. At the receiving station, TCP reassembles the segments into a complete message. If a sequence number is missing in the series, that segment is retransmitted. Segments that are not acknowledged within a given time period result in retransmission.





UDP Segment Format

  • Source Port – (16 bits)
  • Destination Port – (16 bits)
  • Length – (16 bits)
  • Checksum – (16 bits)
  • Data….

UDP uses no windowing or acknowledgements. Application-layer protocols for reliability. UDP is designed for applications that do not need to put sequences of segments together.

Protocols that use UDP include TFTP, SNMP, Network File System (NFS), and Domain Name System (DNS).

50) Identify the functions of the TCP/IP network-layer protocols.

Network Layer Overview

Several protocols operate at the TCP/IP Internet layer, which corresponds to the OSI network layer:

  • IP provides connectionless, best-effort delivery routing of datagrams. It is not concerned with the content of the datagrams. Instead, it looks for a way to move the datagrams to their destination.
  • ICMP provides control and messaging capabilities.
  • ARP determines the data link layer address for known IP addresses.
  • RARP determines network addresses when data link layer addresses are known.

IP Datagram

Field definitions within this IP datagram are as follows:

  • VERS – Version number (4 bits)
  • HLEN – Header length in 32-bit words (4 bits)
  • Type of Service – How the datagram should be handled (8 bits)
  • Total Length – Total length (header + data) (16 bits)
  • Identification (16 bits), Flags (3 bits), Frag Offset (13 bits) – Provide fragmentation of datagrams to allow differing MTUs in the internet
  • TTL – Time-To-Live (8 bits)
  • Protocol – Upper-layer (Layer 4) protocol sending the datagram (8 bits)
  • Header Checksum – Integrity check on the header (16 bits)
  • Source and Destination IP addresses – 32-bit IP addresses
  • IP options – Network testing, debugging, security, and others
  • Data ….

Protocol Field

The protocol field determines the layer 4 protocol being carried within an IP datagram. Although most IP traffic uses TCP, there are other protocols that can use IP. Each IP must identify the destination Layer 4 protocol for the datagram. Transport-layer protocols are numbered, similar to port numbers. IP includes the protocol number in the protocol field.

Internet Control Message Protocol (ICMP) – read answer to Question 51 below.

Address Resolution Protocol (ARP)

ARP is used to resolve or map a known IP address to a MAC sublayer address to allow communication on a multi-access medium such as Ethernet. To determine a destination address for a datagram, the ARP cache table is checked. If the address is not in the table, ARP sends a broadcast looking for the destination station. Every station on the network receives the broadcast.

The term local ARP is used to describe resolving an address when both the requesting host and the destination host share the same media or wire.

Prior to issuing the ARP, the subnet mask was consulted. The mask determined that the nodes are on the same subnet.

Reverse ARP (RARP)

RARP relies on the presence of a RARP server with a table entry or other means to respond to these requests.

On the local segment, RARP can be used to initiate a remote operating system load system.

51) Identify the functions performed by ICMP.

The Internet Control Message Protocol (ICMP) is implemented by all TCP/IP hosts. ICMP messages are carried in IP datagrams and are used to send error and control messages.

ICMP uses the following types of defined messages. Other exist that are not on this list:

  • Destination Unreachable
  • Time Exceeded
  • Parameter Problem
  • Source Quench
  • Redirect
  • Echo (Ping)
  • Echo Reply
  • Timestamp
  • Timestamp Reply
  • Information Request
  • Information Reply
  • Address Request
  • Address Reply

ICMP Testing

If a router receives a packet that is unable to deliver to its ultimate destination, the router sends an ICMP host unreachable message to the source. The message might be undeliverable because there is no known route to the destination.

An echo reply is a successful reply to a ping command; however, results could include other ICMP messages, such as unreachables and time-outs



52) Configure extended access lists to filter IP traffic.

Extended IP Access Lists

Allow more precise filtering conditions

  • Check source and destination IP address
  • Specify an optional IP protocol port number
  • Use access list number range 100 to 199

The standard access list (numbered 1 to 99) may not provide the traffic-filtering control you need. Standard access lists filter based on a source address and mask. Standard access lists permit or deny the entire TCP/IP protocol suite. You may need a more precise way to configure your firewall policy.

For more precise traffic-filtering control, use extended IP access lists. Extended IP access list statements check for source address and for destination address. In addition, at the end of the extended access list statement, you gain additional precision from a field that specifies the optional TCP or UDP protocol port number. These can be the well-known port numbers for TCP/IP. A few of the most common port numbers are as follows:

Well-Known Port Number (Decimal) IP Protocol

    1. File Transfer Protocol (FTP) data.
    2. FTP Program

23 Telnet

25 Simple Mail Transfer Protocol (SMTP)

69 Trivial File Transfer Protocol (TFTP)

    1. Domain Name System (DNS)

By using this option, you can specify the logical operation the extended access list will perform on specific protocols. Extended access lists use a number from the range 100 to 199.

Extended Access List Configuration

Router (config) #

access-list access-list-number {permit | deny} protocol source source-mask destination destination-mask [operator operand] [established]

  • Sets parameters for this list entry
  • IP uses a list number in range 100 to 199

Router (config-if)

ip access-group access-list-number { in | out }

  • Activates the extended list on an interface

The access-list command creates an entry to express a condition statement in a complex in a complex filter.

access-list Command Description

access-list-number Identifies the list using a number in the range 100 to 199.

permit | deny Indicates whether this entry allows or blocks the specified address.

protocol IP, TCP, UDP, ICMP, GRE, IGRP.

source and destination Identifies source and destination IP addresses.

source-mask and destination-mask Wildcard mask; 0s indicate positions that must match, 1s indicate "don’t care" positions.

operator and operand lt, gt, eq, neq (less than, greater than, equal, not equal), and a port number.

established Allows TCP traffic to pass if packet uses an established connection (for example, has ACK bits sets).

The ip access-group command links an existing extended access list to an outbound interface. Only one access list per port per protocol is allowed.

ip access-group Description

access-list-number Indicates the number of the access list to be linked to this interface.


in | out Selects whether the access list is applied to the incoming or outgoing interface. If in or out is not specified, out is the default.

























Extended Access List Example 1




















access-list 101 deny tcp eq 21

access-list 101 deny tcp eq 20

access-list 101 permit ip

(implicit deny all)

(access-list 101 deny ip

interface ethernet 0

ip access-group 101

  • Deny FTP for E0

In the example:

access-list Command Description

101 Access list number; indicates extended IP access list.

deny Traffic that matches selected parameters will be blocked.

tcp Transport-layer protocol and Source IP address and mask; the first three octets must match but do not care about the last octet. and Destination IP address and mask; the first three octets must match, but do not care about the last octet.

eq 21 Specifies well-known port number for FTP.

eq 20 Specifies well-known port number for FTP data.

ip access-group 101 Command Links access list 101 to outgoing port interface E0.

The permit statement allows traffic from subnet to be forwarded to all other networks or subnetworks via interface E0.


Extended Access List Example 2


access-list 101 permit tcp any eq 25

(implicit deny all)

(access-list 101 deny ip

interface ethernet 0

ip access-group 101

  • Allow only SMTP for E0

In this example:

access-list Command Description

101 Access list number; indicates extended IP access list.

permit Traffic that matches selected parameters will be forwarded.

tcp Transport-layer protocol. and Source IP address and mask; the first three octets must match but do not care about the last octet. and Destination IP address and mask; do not care about any octet value.

eq 25 Specifies well-known port number for SMTP.

ip access-group 101 Command Links access list 101 to outgoing port interface E0.

This example allows only mail from to be sent out interface E0. All other traffic from any other source is denied.

Where to Place IP Access Lists

  • Place standard access lists close to the destination
  • Place extended access lists close to the source


53) Configure IPX access lists and SAP filters to control basic Novell traffic.

Key Concepts for IPX Access Lists

  • IPX addressing uses a network.node and a socket number.
  • Standard lists (800 to 899) can filter source and destination address.
  • Extended lists (900 to 999) allow more precise filtering conditions.
  • Access lists (1000 to 1099) are SAP filters for service types and servers on one or more networks.
  • Other access list number ranges offer additional Novell software filters (examples: GNS, RIP, NLSP).

Novell addressing is based on network.node.socket. The network number is assigned by the assigned by the administrator; the node portion is derived from the MAC address of the individual interface. Serial lines adopt the MAC address of another interface in the creation of their logical addresses. The socket numbers refers to a process or application (somewhat like the TCP segment).

Every NetWare file server has an internal IPX network number and performs IPX routing. External IPX networks attach to router interfaces. The IPX network number assigned on a Cisco router’s interface must be unique and consistent with the network numbers known to the file server.

IPX standard access lists use numbers in the range 800-899. These access lists check for either source address or both source and destination address. To identify parts of the address to check or ignore, IPX standard access lists use a wildcard mask that operates like the mask used with IP addresses. To control the traffic from the Service Advertisement Protocol (SAP), use SAP filters that use numbers in the range 1000 to 1099. Several other packet and route filters can help manage IPX overhead traffic. For example, access lists can control Get Nearest Server (GNS) from clients to servers, Routing Information Protocol (RIP), and NetWare Link Services Protocol (NLSP).












IPX Standard Access Lists Configuration

Router (config)# access-list access-list-number {deny | permit} source-network

[ .source-node] [ source-node-mask ] [ destination-network ]

[ .destination-node ] [ destination-node-mask ]

  • Sets parameters for this list entry
  • Standard access list uses list-number in range 800 to 899

Router (config)# ipx access-group access-list-number

  • Activates the IPX standard access list on an interface

Use the access-list command to filter traffic in an IPX network. Using filters on the outgoing router interface allows or restricts different protocols and applications on individual networks.

access-list Command Description

access-list-number Access list number for an IPX filter list from 800 to 899.

protocol Number of the protocol type, can be: 0=any protocol (refer to socket number below), 1=RIP, 4=SAP, 5=SPX, 17=NCP, 20=IPX NetBIOS.

source-network Source network number, expressed in eight-digit hexadecimal.

source-node Node number on the source network. Represented as a 48-bit value shown in a dotted triplet of 4-digit hexadecimal numbers.

destination-network Network number to which the packet is being sent.

destination-node Node on the destination network to which the packet is being sent.

Use the ipx access-group command to link an IPX traffic filter to an interface.

ipx access-group Command Description

access-list-number Access list number for an IPX filter from 800 to 899.

Standard IPX Access List Example

ipx routing

access-list 800 permit 2b 4d

(implicit deny all)

int e 0

ipx network 4d

ipx access-group 800

int e 1

ipx network 2b

int e 2

ipx network 3c

In the example:

access-list 800 permit 2b 4d

Command Description

800 Specifies a Novell IPX standard access list.

permit Traffic matching the selected parameters will be forwarded.

2b Source network number.

4d Destination network number.

(implicit deny all) Not a valid configuration command, just a reminder that access lists filter traffic not specified to be forwarded.

ipx access-group 800 Command Links access list 800 to out going interface E0.


Traffic from 2b destined for network 4d will be forwarded out Ethernet 0.

The access list is applied to an outgoing interface and filters outbound packet.

Notice that the other interfaces E1 and E2 are not subject to the access list; they lack the access group statement to link them to the access list 800.




How to Use SAP Filters

SAP Filter Goals

deny type 7 (print server) SAP from 2a

deny type 98 (access server) SAP from 5b

deny type 24 (router) SAP to 7c

deny type 4 (file server) SAP from 4a

deny type 26a (NMS)

deny type 7a (NetWare from VMS) from *8

permit the remaining SAPs


  • Plan for SAP filters and enter global command
  • Note: Must set up SAP filters on all routers

A table of the most common SAP numbers follows:

SAP Number Server Type

4 NetWare file server

7 Print server

  1. Remote bridge server (router)

Place SAP filters close to the source. Proper placement of SAP filters conserves critical bandwidth, especially on serial links.


When a SAP advertisement arrives at the router interface, the contents are placed in the SAP table portion of main memory. The contents of the table are propagated during the next SAP update.

  • IPX input SAP filter

When a SAP input filter is in place, the services entered into the SAP table is reduced. The propagated SAP updates represent the entire table, but contain only a subset of all services.

  • IPX output SAP filter

When a SAP output filter is in place, the services propagated from the table are reduced.

The propagated SAP updates represent a portion of the table contents and are a subset of all the known services.

SAP Filter Configuration

Router (config) #

access-list access-list-number {deny | permit} network [.node] [network-mask node-mask] [service-type [server-name]]

  • Creates an entry in a SAP filter list

Router (config-if) # ipx input-sap-filter access-list-number

  • Activates the input SAP filter on the interface

Router (config-if) # ipx output-sap-filter access-list-number


  • Activates the output SAP filter on the interface

Use the access-list command to control propagation of the SAP messages.

access-list Command Description

access-list-number Number from 1000 to 1099, indicates a SAP filter list.

network [.node] Novell source internal network

network-mask node-mask Mask to be applied to the network and node. Place ones in the positions to be masked.

service-type SAP service type to filter. Each SAP service type is identified by a hexadecimal number. Some common examples are:

4 File server.

7 Print server.

24 Remote bridge server (router).

server-name Name of the server providing the specified service type.

The ipx input-sap-filter and ipx output-sap-filter commands place a SAP filter on an interface. The use of input or output determines whether SAPs are filtered before entry into the SAP table, or whether the SAP table contents are filtered during the next update.

SAP table content can be filtered on input by using the ipx router-sap-filter command, which identifies from which router SAP advertisements can be received.



SAP Filter Example 1

access-list 1000 deny 9e.1234.5678.1212 4

access-list 1000 permit –1

interface ethernet 0

ipx network 9e

interface ethernet 1

ipx network 4a

interface serial 0

ipx network 1

ipx output-sap-filter 1000


In this example:

access-list 1000 deny 9e.

1234.5678.1212 4 Command Description

1000 An access list number in the Novell SAP filter range.

deny SAP services matching selected parameters will be blocked.

9e.1234.5678.1212 Source network address of SAP advertisement.

4 Type of SAP service; advertises file service.

access-list 1000 permit –1

Command Description

1000 Access list number.

permit SAP services matching parameters will be forwarded.

-1 Source network number; -1 means all networks.

ipx output-sap-filter 1000 Places list 1000 on interface serial 0 as an output

Command SAP filter.

File server advertisements from server 9e.1234.5678.1212 will not be forwarded on interface serial 0 (S0). All other SAP services from any source will be forwarded on interface S0.

SAP Filter Example 2

access-list 1001 deny 9e 7

access-list 1001 deny 4a 7

access-list 1001 permit –1

interface ethernet 0

ipx network 9e

ipx access-group 1001

interface ethernet 1

ipx network 4a

ipx access-group 1001

interface serial 0

ipx network 1

ipx input-sap-filter 1001


In this example:

access-list 1001 deny 9e (or) 4a

7 Command Description

1001 An access list number in the Novell SAP filter range.

deny SAP services matching selected parameters will be blocked.

9e Source network number of SAP advertisements.

4a Source network number of SAP advertisements.

7 Type of SAP service; advertises print service.

access-list 1001 permit –1

Command Description

1001 Access list number.

permit SAP services matching parameters will be forwarded.

-1 Source network number; -1 means all networks.

ipx access-group 1001 Links access list 1001 to outgoing port interfaces E0

Command and E1.

ipx input-sap-filter 1001 Places list 1001 on interface serial 0 as an input SAP

Command filter.

Print server advertisements from servers C and D will not be entered into the SAP table. All other SAP services from any source will be added into the SAP table.



















54) Monitor and verify selected access list operations on the router.

Monitoring IPX Access Lists


London#sho ipx int e1/1

Ethernet1/1 is up, line protocol is up

IPX address is 10.0000.0c0d.724f, NOVELL-ETHER [up]

Delay of this IPX network, in ticks is 1 throughput 0 link delay 0

IPXWAN processing not enabled on this interface.

IPX SAP updates interval is 1 minute(s)

IPX type 20 propagation packet forwarding is disabled

Incoming access list is not set London#sh access-lists

Outgoing access list is not set IPX access list 800

IPX helper access list is not set deny 8000

SAP GNS processing enabled, delay 0 ms, output filter list is

SAP Input filter is not set

SAP Output filter is not set

SAP Router filter list is not set

Input filter list is 800

Output filter list is 801

Router filter list is not set

Netbios Input host access list is not set

Netbios Input bytes access list is not set

Netbios Output host access list is not set

Netbios Output bytes access list is not set

Updates each 60 seconds, aging multiples RIP: 3 SAP: 3

SAP interpacket delay is 55 ms, maximum size is 480 bytes

RIP interpacket delay is 55 ms, maximum size is 432 bytes

IPX accounting is disabled

IPX fast switching is configured (enabled)

RIP packets received 28460, RIP packets sent 24999

SAP packets received 4, SAP packets sent 2


The show ipx interface command displays information about the configuration of the interface. It shows that the input filter is 800 and the output filter list is 801. The show access-lists command displays the contents of lists 800 and 801.

55) Describe network congestion problem in Ethernet networks.

Recent years have seen the rise of client/server architecture. Technology advancements are producing faster, more intelligent desktop computers and workstations. Audio and video now accompany data on the network. The combination of powerful computer resources and a new generation of network-intensive applications has created the need for bandwidth in excess of traditional Ethernet’s shared 10 Mbps.

Increase in the transmission of graphics files, images, full-motion video, and multimedia applications make the task of managing today’s networks increasingly challenging. Also, the changes in the use of networks, particularly the Internet, increase network utilisation. As the number of users in a network increases, more users must share Ethernet’s fixed 10 Mbps bandwidth.

The increased utilisation causes an increase in network congestion even as more users try to access the same network resources. Response times become slow or variable, file transfers take longer, and network users become less productive. Congestion generates the demand for more LAN bandwidth.

When analysing network performance, you must keep in mind that certain network problems such as a slow server processor, insufficient I/O disk-space, or insufficient RAM memory cannot be solved by increasing the bandwidth of the network.

56) Describe the benefits of network segmentation with bridges.

The use of a bridge to segment an Ethernet LAN effectively provides more bandwidth per user because it results in fewer users per segment. A form of self-filtering is performed since packets with the destination and source address on the same segment are not forwarded. Bridges perform segmentation by building address tables that associate segment end stations with the segments port connection. Bridges (unlike routers), the protocol independent and transparent to the end stations in the network. Network installation of a bridge is a simple task because it "learns" its connected network topology.

A packet transmitted on the attached segment is received by the bridge containing everything form the destination address to the frame check sequence (FCS). Bridges use the source address to build a table of device addresses attached to a port.

The destination address is used to make a forwarding decision. If the destination address is on the same segment as the source station, the packet is not forwarded. If the destination address is associated with another port on the bridge, the packet is forwarded on that port. If the destination address is unknown, the packet is forwarded on all ports except the receiving port.

Bridges introduce a latency penalty due to processing overhead (20-30 percent in loss of throughput for acknowledgement-oriented protocols, and 10-20 percent for sliding windows protocols). This delay can increase significantly if the segment for which the packet is destined has a current activity.

Bridges forward multicast and broadcast packets to other attached segments. This characteristic may actually diminish the bandwidth gains realised as a result of segmentation. Multicast and broadcast addresses are never used as a source address, hence they never appear in the address tables associated with the bridge ports. "Broadcast storms" can result as these packets propagate throughout the network.

Filters to restrict propagation of multicast packets can effectively isolate them to the originating segment, but filter processing by the bridge can reduce throughput. This phenomenon can also affect LAN switches.


57) Describe the benefits of network segmentation with routers.

Routers operate at a higher level in the network architecture than do bridges. A router operates at the network layer and is used to extend a network across multiple data links, finding routes between the source and destination stations on an internetwork. Routers typically perform functions associated with bridging, such as making forwarding decisions based on table look-up. Unlike a bridge, the router is known to the stations using its services, and a well-defined protocol must be used among the stations and the router.







Routers offer the following advantages in a network:

  • Manageability – There are explicit protocols operating among routers, giving the network administrator greater control over path selection; and network routing behaviour is more visible.
  • Functionality – Because routers are visible to the end station, you can implement mechanisms to provide flow control, error and congestion control, fragmentation and reassembly services, and explicit packet lifetime control.
  • Multiple active paths – With the implementation of a router, you can use a network topology using more than one path between stations. Operating at the network layer, routers can examine protocol, destination service access point (DSAP), source service access point (SSAP), and path metric information before making forwarding or filtering decisions.

To provide the above advantages, routers must be more complex and more software intensive than bridges. Routers provide a lower level of performance in terms of the numbers of packets that can be processed per unit. Compared with a bridge, routers must examine the syntax and interpret the semantics of more fields in a packet. The penalty for this added functionality is a 30-40 percent loss of throughput for acknowledgement-oriented protocols, and 20-30 for sliding window protocols.

58) Describe the benefits of network segmentation with switches.

A switched Ethernet connection operates like a network with only two nodes. In a switched Ethernet, the utilisation can reach closer to the 100 percent rate.

LAN switching is relatively new technology for LAN segmentation. A LAN switch is specifically designed to address LAN performance problems such as bandwidth shortages and network bottlenecks. A switch segments a LAN collision domain into smaller collision domains thus reducing or eliminating station contention for media access. A LAN switch is high-speed multi-port bridge with built in intelligence.

Switched Ethernet is based on standard Ethernet that provides dedicated Ethernet connection (10 Mbps per node) to each node directly connected to one of its switched ports. If an Ethernet switched port is connected to a hub, all the devices connected to that hub will share the 10 Mbps of bandwidth.

LAN switches use the data-link layer information to create a direct a point-to-point path across the switch or across several switches between the source and destination. Use of the MAC layer information for transmitting packets enables a LAN switch to be protocol enables a LAN switch to be protocol-independent.

The term switching has been applied to several network concepts as follows:

  • Port configuration switching – Allows a port to be assigned to a physical network segment under software control.
  • Frame (packet) switching – Primarily used to increase available bandwidth on the network. Frame switching allows multiple transmissions to occur in parallel.
  • Cell switching (ATM) – Similar to frame switching. In ATM, small cells of fixed length are switched on the network.




Switching is defined as the ability to forward packets on-the-fly through a cross-point matrix, a high-speed bus, or shared memory arrangement. As a packet enters the switch, either the source and destination addresses or just the destination address is examined. This examination determines the switching action to be taken for the packet. Since the address fields are only fields examined, there is minimal delay, and the packet is switched to the destination address segment (port) before it is received in its entirety.

LAN switching significantly improves network performance without impacting the addressing structure within the network.

59) Describe the features and benefits of Fast Ethernet.

In 1995, the IEEE approved the 802.3u Fast Ethernet standard. The IEEE 802.3 standard defines the specifications for the data link layer and the physical layer. Fast Ethernet technology is based on the Ethernet’s CSMA/CD protocol but is ten times faster than Ethernet. Compared to a 10-Mbps Ethernet system, the 100-Mbps Ethernet system takes one tenth of the amount of time it takes to transmit a bit on the Ethernet channel. This results in a tenfold increase in the speed of the packets over the Ethernet media.

In an Ethernet network, a station must transmit its packet before another packet is transmitted by another station. The slot-time, the time it takes to transmit 512 bits travelling at a speed of 10 Mbps, is the window within which a station must transmit and listen for a collision. The slot-time 5.12 microseconds ensures the transmitting station will receive a collision notification before the end of the slot-time.

The 100BaseT networks use the same slot-time as the Ethernet standard. To accommodate this, the network distance (span) between 100BaseT end nodes must be reduced. Also, the standard allows the use of two Class II repeaters in a 100BaseT segment.

However, the frame format, the amount of data transmitted in a frame, and the media access control mechanism in the Fast Ethernet standard remain the same as in standard Ethernet. Additionally, the Fast Ethernet specifications include mechanisms auto-negotiation of the media speed. This allows the use of dual-speed Ethernet interfaces that can be run at either 10 Mbps or 100 Mbps automatically.

100Base T Specifications

Fast Ethernet is well suited for bursty communication such as client/server applications, centralised server farms or power workgroups, and backbone implementations.

Media-independent Interface (MII)

The Media-independent interface (MII) specifies the MAC-layer connectivity to 100BaseT. This is similar in concept to the attachment unit interface (AUI). The MII defines a generic 100BaseT interface that can connect a transceiver to enable you to connect to any of the following three 100BaseT (Fast Ethernet) specifications:

  • 100BaseTX
  • 100BaseFX
  • 100BaseT4







The 100BaseTX specification uses a two-pair Category 5 unshielded twisted pair (UTP), two-pair 100 ohm shielded twisted pair (STP), or Type 1 STP cable. 100BaseTX uses a Category 5 certified RJ-45 connector and the same pinout used in 10BaseT (transmit on 1 and 2, receive on 3 and 6). 100BaseTX supports full-duplex connection for switches, network interface cards (NICs), and routers.


The 100BaseFX specification uses a two-strand, 50/125 or 62.55/125-micron multimode fibre optic cable of which one strand is used to transmit and the other and the other to receive. 100BaseFX uses an SC connector, straight-tip (ST) connector, or media independent connector (MIC). Similar to 100BaseTX, 100BaseFX supports full-duplex connection for switches, NICs, and routers.


The IEEE decided to use the term 100BaseX to refer to either the 100BaseTX (twisted pair) or the 100BaseFX (fibre optics) medium. The 100BaseX standard was approved to mate 100 Mbps Ethernet (CSMA/CD) media access control layer (MAC) with the ANSI X39.5 Physical Medium Dependent (PMD) specification. Because of this shared FDDI PMD sublayer, both 100BaseTX and 100BaseFX share the same signalling system.


The 100BaseT4 specification uses four-pair Category 3, 4, or 5 UTP cable. 100BaseT4 uses a standard RJ-45 connector with the same pinout as the 10BaseT specification, plus two bi-directional pairs (transmit on 1 and 2, receive on 3 and 6; bi-directional on 4 and 5; bi-directional on 7 and 8).

All three-cable categories are based upon the IEEE 802.3u specification. However, 100BaseT4 allows the use of voice-grade four-pair twisted wires to support Fast Ethernet networks.

Advantages of Using 100BaseT Fast Ethernet

Consider the following benefits of Fast ethernet when evaluating suitable network technologies that you could use to improve the performance of a network and reduce network congestion.

  • High-performance (10 times that of a 10BaseT network).
  • Fast Ethernet allows the use of exciting cabling and network equipment, thus reducing the overall cost of implementation and allowing easy integration into existing 10BaseT networks.
  • Similar cabling rules as that for 10BaseT networks.
  • Same connectors and pinouts as that of 10BaseT networks.
  • Because Ethernet and Fast Ethernet use the same MAC and share common circuitry, dual-speed adapters and switch can be used for easy migration from 10 Mbps to 100 Mbps networks when and where necessary.
  • Fast Ethernet is based on the proven CSMA/CD technology which is well specified and exhaustively tested and verified.


100BaseT Repeaters

Similar to the standard Ethernet technology, Fast Ethernet technology can be used by Ethernet repeaters (shared segment) and switches (dedicated segments). In addition, the 100BaseT specification defines two kinds of repeaters, Class I and Class II, based on a repeater’s propagation delay.


The repeater delay value for a Class I repeater is 140 bit times whereas the allowable delay value for a Class II repeater is only 92 bit times.

The Class I repeater is known as a translational repeater. The Class II repeater is known as a transparent repeater. A Class I repeater can support both kinds of physical signalling (100BaseX and 100BaseT4).

The Class II repeater has a shorter propagation delay and offer more flexibility in the design of a collision domain. However, the Class II repeaters support only one physical signalling system, such as the 100BaseX or 100BaseT4. The repeater bit times available are not sufficient to support both signalling schemes.

60) Describe the guidelines and distance limitations of Fast Ethernet.

100BaseT Configuration Guidelines

There are certain rules that must be followed when working with 100BaseT networks. The rules specify the maximum transmission path length between two 100BaseT data terminal equipment (DTE) devices. A DTE is an end station, bridge, switch, router, or similar equipment at the end of a link. A Fast Ethernet repeater cannot be a DTE device.

Table 1 shows the 100BaseT media specifications for a DTE-to-DTE connection.

Table 1 - 100BaseT Cable and Connector Types

Port Type Medium (Cable) Type Connector Type Distance

100BaseT 100BaseTX (Category 5 UTP) RJ-45 100 metres

100BaseT 100BaseFX (50/125 or 62.5/125 SC/ST/MIC 412 metre (half-duplex)

multimode fibre) 2 kilometres (full-duplex)

The second rule specifies the maximum transmission path between two devices with a repeater in between. Table 2 shows the maximum distance between end nodes if there is a repeater in the path between them.

Table 2 – Maximum Distances between End Nodes

Number and Class of UTP and Fibre

Standard or Repeater Type Repeaters UTP Medium Media1

IEEE 802.3u 100BaseT 1 Class I repeater 200 metres 261 metres

1 Class II repeater 200 metres 308 metres

2 Class II repeaters 205 metres 216 metres




61) Distinguish between cut-through, store-and-forward and fragmentfree LAN switching.

Switching Modes

The latency for packet forwarding through the switch depends on the choice of switching modes. The faster modes trade off error checking for low forwarding latency. Switch throughput is not affected by the choice of switching modes; it is always at wire speed.

There are three operational modes to handle packet (frame) switching:

Store-and-forward – In the store-and-forward mode, the complete packet is received by the switch before forwarding takes place. The destination and source addresses are read, relevant filters are applied, and the packet is forwarded. Latency increases in proportion to packet size when this switching technique is used.

Cut-through (real-time switching) – In the cut-through mode, the switch does not wait for the packet to be completely received. It waits only for the header to be received in order to check the destination address. Depending on the network transport protocol being used (connectionless or connection-oriented), there is a significant decrease in latency from input port to output port. The delay in cut-through switching remains constant regardless of packet size because this switching mode starts to forward the packet as soon as the switch reads the source and destination addresses (some switches read only the destination address).

FragmentFree – A modified form of cut-through switching. In the FragmentFree switching mode, the switch waits for the collision window (64 bytes) to pass before forwarding. If a packet has an error, it almost always occurs within the first 64 bytes. FragmentFree mode provides better error checking than the Cut-through mode with practically no increase in latency.

62) Describe the operation of the Spanning Tree Protocol and its benefits.

Ethernet bridges and switches implement the IEEE 802.1d Spanning Tree Protocol (STP) specification to prevent loops in a network.

A network often provides more than for a packet to go from source node to a destination node. Existence of redundant paths in a network gives rise to a routing problem. A switch can see a packet originating from a host on two different ports – implying a topology loop in the network. Indeterminate forwarding behaviour can than result. To prevent this, the Spanning Tree Protocol is executed between the switches to detect to detect and logically remove redundant paths from the network.

A spanning tree protocol essentially establishes a root node and constructs a network topology such that there is exactly one path for reaching any node. Network devices exchange messages with each other to detect loops and then remove the loops by shutting down selected interfaces. The protocol also ensures that in case of a failure of an intermediate node, the redundant paths are utilised to construct a new tree that circumvents the failed node and maintains connectivity with nodes that lie downstream from it.







63) Describe the benefits of virtual LANs.

Through a switch us designed to segment a LAN into individual collision domains, the collision domains still belong to the same broadcast domain. The broadcast traffic from a collision domain is forwarded to all collision domains in the allowing devices within the broadcast domain to communicate with one another.

Virtual local area network (VLAN) is a logical grouping of network devices (users) connected to the port(s) on a LAN switch. A VLAN creates a single broadcast domain and is treated like a subnet. Unlike a traditional segment or workgroup, you can create a VLAN to group users by their work functions, departments, the applications used, or protocols shared irrespective of the users’ work location. A workgroup is a group of endusers who share certain computing resources.

VLAN implementation is most often done in the switch software. As the implementation of the VLAN technology is not yet standardised, switch vendors presently use their own proprietary standards for supporting VLANs.



Is the Link Operational?







  • Cable
  • Connectors
  • Interface








  • Keepalive Messages
  • Control Information
  • User Information


The interface has two pieces: physical (hardware) and logical (software).

  • The hardware must make the actual connection between the devices.
  • The software is the messages that are passed between adjacent devices. This information is data being passed between two connected, or linked devices.

When you test the physical and data link, you ask two questions:

  • Is there a Carrier Detect signal?
  • Are the keepalive messages being received?

Interpreting show interface serial


Router# show int s 1

Serial1 is up, line protocol is up

Hardware is cxBus Serial

Description: 56Kb Line San Jose – MP

:: :: :: :: :: :: :: :: :: ::

Carrier Detect Keepalives


Operational …………………. Serial is up, line protocol is up

Connection Problem ……… Serial is up, line protocol is down

Interface Problem …………. Serial is down, line protocol is down

Disabled …………………….. Serial is administratively down, line protocol is down


One of the most important elements of the show interface serial command output is display of the line and data-link protocol status. The graphic indicates the key summary line to check and the status meanings.

The line status in this example is triggered by a Carrier Detect signal, and refers to the physical-layer facility.

However, the line protocol, triggered by keepalives frames, refer to the data-link framing.


ISDN Configuration Tasks

  • Global configuration
  • Select switch type
  • Specify traffic to trigger DDR call
  • Interface configuration
  • Select interface specifications
  • Configure ISDN addressing


Selecting the ISDN Switch Type

Router (config) # isdn switch-type switch-type


  • Specifies the type of ISDN switch with which the router communicates
  • Other line configuration requirements vary for specific providers

Use the isdn switch-type global command to specify the CO switch to which the router connects. For BRI ISDN service, the switch type can be one of the following:



Switch Type Description

basic-5ess AT&T basic rate switches (USA)

basic-dms100 NT DMS-100 (North America)

basic-ni1 National ISDN-1 (North America)

basic-1tr6 German 1TR6 ISDN switches

basic-nwnet3 Norwegian Net3 switches

basic-nznet3 New Zealand Net3 switches

basic-ts013 Australian TS013 switches

basic-net3 Switch type for NET3 in United Kingdom and Europe

nnt NTT ISDN switch (Japan)

nn3 French VN3 ISDN switches

none No specific switch specified


Specifying Traffic to Trigger Call

Router (config) # dialer-list dialer-group protocol protocol-name [ permit | deny ]

Router (config) # dialer-group group-number

Router (config) # dialer map protocol next-hop-address [ name hostname ] [speed 56|64 ] [ broadcast ] [dialer string dial-string ]


These commands are used to configure dial-on-demand calls that will initiate a connection.

Selecting Interface Specifications

Router (config) # interface bri interface-number

  • Selects the interface for ISDN BRI operation

Router (config) # encapsulation [ ppp | hdlc ]

  • Selects framing for ISDN BRI

The interface bri interface-number command designates the interface used for ISDN on a router acting as a TE1

If the router does not have a native BRI (is a TE2 device), it must use an external ISDN terminal adapter. On the TE2 router, use the command interface serial interface-number.

Use the encapsulation ppp command if you want PPP encapsulation for your ISDN interface. This is the case if you want any of the rich LCP options that PPP offers (for example, CHAP authentication). You must use PPP PAP or CHAP if you will receive calls from more than one dial-up source.

To revert from PPP encapsulation to the default, use the encapsulation hdlc command.

Configuring for a Simple ISDN Call




















DDR is configured to connect Cisco A to Cisco B. The network between the serial interfaces of the two routers uses 8 bits of subnetting. Static route statements define the IP route to the Cisco B LAN interfaces over

IP packets will initiate a call, but not IGRP routing updates. Interesting traffic to DDR must be defined in an access list.

The number dialled is for the remote ISDN device. This number is provided by the Regional Bell Operating Company (RBOC) offering the ISDN service. Cisco B (the next-hop router to the destination networks) has subnets 126 and 29 directly connected.

BRI Simple Configuration Example

! set up switch type, static route and dialer for ISDN on Cisco A

isdn switch-type basic-5ess

ip route

dialer-list 1 protocol ip permit


! configure BRI interface for PPP; set address and mask

interface bri 0

encapsulation ppp

ip address


! refer to protocols in dialer-list to identify interesting packets dialer-group 1


! select call start, stop, and other ISDN provider details

dialer wait-for-carrier-time 15

dialer idle-timeout 300

isdn spid1 0145678912

! call setup details for router

dialer map ip name cisco-b 445



In the example:

Command Description

isdn switch-type Selects the AT&T switch as the CO ISDN switch on this interface.

dialer-list 1 protocol ip permit Associates permitted IP traffic with the dialer group 1. The router will not start an ISDN call for any other packet traffic with dialer group 1.

interface bri 0 Selects the interface with TA and other ISDN functions on the router.

encapsulation ppp Use PPP encapsulation on the selected interface.

dialer-group 1 Associates the serial 0 interface with dialling access group 1.

dialer wait-for-carrier-time Specifies a 15 –second maximum time for the provider to respond once the call initiates.

dialer idle-timeout 300 Number of seconds of idle time before the router drops the ISDN call. Note that a long duration is configured to delay termination.

dialer map command Description

ip Name of protocol.

        1. Destination address.

name An identification for the remote side router. Refers to called router.

445 ISDN connection number used to reach this DDR destination.




















Kempson#sho flash

System flash directory:

File Length Name/status

1 2527380 c4500-in-11.1.bin

[2527444 bytes used, 1666860 available, 4194304 total]

4096K bytes of processor board System flash (Read/Write)


Kempson#sho version

Cisco Internetwork Operating System Software

IOS (tm) 4500 Software (C4500-IN-M), Version 11.1(9), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1997 by cisco Systems, Inc.

Compiled Mon 27-Jan-97 16:30 by dschwart

Image text-base: 0x600088A0, data-base: 0x604B0000

ROM: System Bootstrap, Version 5.1(1) [daveu 1], RELEASE SOFTWARE (fc1)

ROM: 4500-XBOOT Bootstrap Software, Version 10.1(1), RELEASE SOFTWARE (fc1)

Kempson uptime is 2 days, 3 hours, 27 minutes

System restarted by reload

System image file is "c4500-in-11.1.bin", booted via flash

cisco 4500 (R4K) processor (revision 0x00) with 32768K/4096K bytes of memory.

Processor board ID 01303061

R4600 processor, Implementation 32, Revision 1.0

G.703/E1 software, Version 1.0.

Bridging software.

X.25 software, Version 2.0, NET2, BFE and GOSIP compliant.

2 Ethernet/IEEE 802.3 interfaces.

2 FastEthernet/IEEE 802.3 interfaces.

128K bytes of non-volatile configuration memory.

4096K bytes of processor board System flash (Read/Write)

4096K bytes of processor board Boot flash (Read/Write)

Configuration register is 0x2102


Kempson#sho protocols

Global values:

Internet Protocol routing is enabled

Novell routing is enabled

Ethernet0 is up, line protocol is up

Internet address is

Novell address is 1075D4A.0000.0c0c.3344

Ethernet1 is up, line protocol is up

Internet address is

Novell address is 1075D4C.0000.0c0c.3347

FastEthernet0 is up, line protocol is up

Internet address is

Novell address is 1075D4B.0000.0c0c.3345

FastEthernet1 is up, line protocol is up

Internet address is

Novell address is 1075D41.0000.0c0c.3346


Kempson#sho ip route

Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP

i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, * - candidate default

U - per-user static route

Gateway of last resort is to network

R [120/1] via, 00:00:05, FastEthernet1

C is directly connected, FastEthernet0

C is directly connected, FastEthernet1

D EX [170/858368] via, 14:52:16, FastEthernet0

D EX [170/860928] via, 14:52:17, FastEthernet0

C is directly connected, Ethernet0

C is directly connected, Ethernet1

D EX [170/858368] via, 14:52:16, FastEthernet0

D EX [170/858368] via, 14:52:16, FastEthernet0

D [90/30720] via, 14:52:16, FastEthernet0

D [90/30720] via, 2d02h, FastEthernet0

D EX [170/860928] via, 14:52:16, FastEthernet0

D*EX [170/30720] via, 14:52:16, FastEthernet0

D EX [170/30720] via, 14:52:16, FastEthernet0


Kempson#sho ip protocol

Routing Protocol is "eigrp 10"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Default networks flagged in outgoing updates

Default networks accepted from incoming updates

EIGRP metric weight K1=1, K2=0, K3=1, K4=0, K5=0

EIGRP maximum hopcount 100

EIGRP maximum metric variance 1

Redistributing: eigrp 10, rip

Automatic network summarization is in effect

Automatic address summarization: for Ethernet0, Ethernet1 for FastEthernet0, Ethernet1 for Ethernet0, FastEthernet0

Routing for Networks:

Routing Information Sources:

Gateway Distance Last Update 90 14:53:17 90 14:53:17 90 14:53:17

Distance: internal 90 external 170

Routing Protocol is "rip"

Sending updates every 30 seconds, next due in 9 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Redistributing: eigrp 10, rip

Default version control: send version 1, receive any version

Interface Send Recv Key-chain

FastEthernet1 1 1 2

Routing for Networks:

Routing Information Sources:

Gateway Distance Last Update 120 00:00:10


Kempson#sho cdp neigh

Capability Codes: R - Router, T - Trans Bridge, B - Source Route Bridge

S - Switch, H - Host, I - IGMP, r - Repeater

Device ID Local Intrfce Holdtme Capability Platform Port ID

Camomile Eth 0 152 R 4500 Eth 1

Staple Eth 1 169 R 3640 Eth 1/0

Stone Fas 0 154 R 7206 Fas 4/0


Kempson#sho cdp neigh det


Device ID: Camomile

Entry address(es):

IP address:

Novell address: 1075D4A.0000.0c0c.33f1

Platform: cisco 4500, Capabilities: Router

Interface: Ethernet0, Port ID (outgoing port): Ethernet1

Holdtime : 124 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 4500 Software (C4500-IN-M), Version 11.1(9), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1997 by cisco Systems, Inc.

Compiled Mon 27-Jan-97 16:30 by dschwart


Device ID: Staple

Entry address(es):

IP address:

Novell address: 1075D4C.00e0.1e94.73b0

Platform: cisco 3640, Capabilities: Router

Interface: Ethernet1, Port ID (outgoing port): Ethernet1/0

Holdtime : 140 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 3600 Software (C3640-D-M), Version 11.2(10a)P, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1997 by cisco Systems, Inc.

Compiled Wed 03-Dec-97 04:11 by ccai


Device ID: Stone

Entry address(es):

IP address:

Novell address: 1075D4B.0010.2fea.6420

Platform: cisco 7206, Capabilities: Router

Interface: FastEthernet0, Port ID (outgoing port): FastEthernet4/0

Holdtime : 167 sec

Version :

Cisco Internetwork Operating System Software

IOS (tm) 7200 Software (C7200-DS-M), Version 11.2(10a), RELEASE SOFTWARE (fc1)

Copyright (c) 1986-1997 by cisco Systems, Inc.

Compiled Tue 02-Dec-97 18:23 by ckralik