A PRACTICAL TRAINING REPORT ON
“CCNA” Submitted in the partial fulfillment of the requirements for the award of the degree of
Bachelor of Technology in “Computer “Computer Science & Enginnering”
SUBMITTED TO:-
SUBMITTED BY:-
Mr. Deepak Goyal Associate Professor & Head CSE Department VCE, ROHTAK
Pankaj Gill 11/CSE/168 VCE, ROHTAK
VAISH COLLEGE OF ENGINEERING (Affiliated to Maharshi Dayanand University, Rohtak) ROHT ROHTAK AK – 12400 124001 1 JULY-AUG-2013
Certificate This is to certify that practical training report entitle “ CCNA” done by Mr. Pankaj Gill, Roll No. 11/CSE/168 of Vaish College of Engineering, Rohtak
towards partial fulfillment of the requirements for the award of the degree of “Bachelor of Technology” in “C.S.E” is a bonafide bonafide record record of the work work carried carried out by him him under My Supervision Supervision and Guidance.
Date: Place:
AUTHORISED AUTHORISED SIGNATORY SIGNATORY
Acknowledgement I take this opportunity to express my profound gratitude and deep regards to my guide “Mr. Amit Singh & HCL CDC” for his exemplary guidance, monitoring and constant encouragement throughout the course of this training. The blessing, help and guidance given by him, time to to time shall carry carry me a long way in the journey journey of life on which I am about to embark.
HOD DS Sir ir & All All I also take this opportunity to express a deep sense of gratitude to HO Faculty Members of Department of Computer Science & Engineering, Rohtak for their
cordial support, valuable valuable information and and guidance, which helped me in completing this task task through various stages.
I am obliged to staff members of Computer Department, for the valuable information provided by them in their respective fields. I am grateful for their cooperation during the period of my Project. Lastly, Lastly, I thank almighty, almighty, my parents, brother, sisters sisters and friends for their constant encouragement without which this assignment would not be possible.
Pankaj Gill 11/CSE/168 C.S.E
INDEX
Page No.
Certificate Acknowledgement
Project Description 1.
Basic Networking 1 .1 1 .2 1 .3 1 .4 1 .5 1 .6 1 .7 1 .8 1 .9 1.10
2.
4 6 13 16 18 20 26 31 33 36
Introduction Operations DNS Server Installation DNS Server Configuration Managing DNS Records Disabling DNS Recursion
40 43 46 50 54 58
LAN Solution 3 .1 3 .2 3 .3 3 .4
4.
What is Network? What is Topology? Categories of Network Network Architectures Protocols Transmission Media Ethernet Products Types of Servers IP Addressing Examining your Network with Commands
DNS(Domain Na Name Se Servers) 2 .1 2 .2 2 .3 2 .4 2 .5 2 .6
3.
1
LAN Solution Specification Sheet Router Routing Protocols
60 62 64 69
Firewall 4 .1 4 .2
Introduction Configuring the Firewall
73 74
5.
Intrusion De Detection System(IDS) 5 .1
6.
Requirement Solution
80 80
WLAN(Wireless LAN) 7 .1 7 .2
8.
77
WAN Solution 6 .1 6 .2
7.
Introduction
Introduction Topologies
82 83
Inte Integr grat ated ed Ser Service vice Dig Digit ita al Netw Networ ork( k(IS ISDN DN)) 8 .1 8 .2 8 .3
Introduction ISDN Interfaces ISDN Function Group & Reference Points
86 87 88
TRAINING REPORT ON CCNA
2013
Project Description certifica icati tion on from from Cisco. Cisco. CCNA (Cisco Certified Network Associate ) is a certif CCNA certification is a first-level first-level Cisco Career certification. certification. CCNA certification validates validates the ability to install, configure, operate, and troubleshoot medium-size routed and switched networks, including implementation and verification of connections to remote sites in a WAN. To achieve CCNA certification, one must earn a passing score on Cisco exam #200-120, or combined passing passing scores scores on both the the ICND1 #100-101 and and ICND2 #200-101 exams. Passing the ICND1 grants one the Cisco Certified Certified Entry Entry Networking Networking Technician (CCENT) certification. Passing scores are set by using statistical analysis and are subject to change. At the completion of the exam, candidates receive a score report along with a score breakout by exam section and the passing score for the given exam. Cisco does not publish exam passing scores because exam questions and passing scores are subject to change without notice. The 200-120 CCNA is the composite exam associated with the Cisco Certified Network Associate certification. This exam tests a candidate's knowledge and skills required to install, operate, and troubleshoot a small to medium size enterprise branch network. The topics include connecting to a WAN; implementing network security; network types; network media; routing and switching fundamentals; the TCP/IP and OSI models; IP addressing; WAN technologies; operating and configuring IOS devices; extending switched networks with VLANs; determining determining IP routes; managing managing IP traffic traffic with access lists; establishing establishing point-topoint connections; and establishing Frame Relay connections. The exams themselves include a mixture of question types. Multiple choice, drag and drop, testlets, and simulations are the most common.
The Available Exams To receive the CCNA certification, one must pass either: • •
the ICND1 Exam (100-101) and the ICND2 (200-101) the combined CCNA Exam (200-120)
1 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
The Material Covered In Each Exam The ICND1 covers "Network Types, Network Media, Switching Fundamentals, TCP/IP, IP Addressing and Routing, WAN Technologies, Operating and Configuring IOS Devices, and Managing Network Environments." The ICND2 covers "Extending Switched Networks with VLANS, Determining IP Routes, Managing IP traffic with Access Lists, Establishing Point-to-Point connections, and Establishing Frame Relay Connections." The combined CCNA covers all topics covered under the ICND1 and ICND2.
2 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
CCNA T RAINING RAINING REPORT
1. BASIC NETWORKING 1 .1 1 .2 1 .3 1 .4 1 .5 1 .6 1 .7 1 .8 1 .9 1.10
What is Network? What is Topology? Categories of Network Network Architectures Protocols Transmission Media Ethernet Products Types of Servers IP Addressing Examining your Network with Commands
4 6 13 16 18 20 26 31 33 36
3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 1
2013
What is a Network?
A network is any collection of independent computers that communicate with one another over a shared shared networ networkk medium. medium. A computer computer network network is a collection collection of two two or more more connected computers. When these computers are joined in a network, people can share files and peripherals such as modems, printers, tape backup drives, or CD-ROM drives. When networks at multiple locations are connected using services available from phone companies, people can send e-mail, share links to the global Internet, or conduct video conferences in real time with other remote users. As companies rely on applications like electronic electronic mail and databas database e management management for core business business operation operations, s, computer computer networking becomes increasingly more important.
Every network includes: •
At least two computers Server or Client workstation. workstation.
•
Networking Interface Card's (NIC)
•
A connection medium, usually a wire or cable, although wireless communication between networked computers and peripherals is also possible.
•
Network Operating system software, such as Microsoft Windows NT or 2000, Novell NetWare, Unix and Linux.
Very common types of networks include: 1. Loca Locall Area Area Net Netwo work rk (LA (LAN) N) 2. Wide Wide Are Area a Net Netwo work rk (WA (WAN) N) 3. Metr Metrop opol olit itan an Area Area Net Netwo work rk (MAN (MAN)) 4. Perso Persona nall Area Area Ne Netw twor orkk (PAN (PAN)) 1.
Local Area Network
A Local Area Network (LAN) is a network that is confined to a relatively small area. It is generally limited to a geographic area such as a writing lab, school, or building. Computers connected to a network are broadly broadly categorized as as servers or workstations. workstations. Servers are generally not used by humans directly, but rather run continuously to provide "services" to the other computers (and their human users) on the network. Services provided can include printing and and faxing, software software hosting, hosting, file storage and and sharing, sharing, messaging, data storage and retrieval, complete access control (security) for the network's resources, and many others. On a single LAN, computers and servers may be connected by cables or wirelessly. Wireless access to a wired network is made possible by wireless access points (WAPs). These WAP
PANKAJ GILL
11/CSE/168
4
e g a P
TRAINING REPORT ON CCNA
2013
devices provide a bridge between computers and networks. A typical WAP might have the theoretical capacity to connect hundreds or even thousands of wireless users to a network, although practical capacity might be far less. 2.
Wide Area Network
Wide Area Networks (WANs) connect networks in larger geographic areas, such as Florida, the United States, or the world. Dedicated transoceanic cabling or satellite uplinks may be used to connect this type of global network. Using a WAN, schools in Florida can communicate with places like Tokyo in a matter of seconds, without paying enormous phone bills. Two users a half-world apart with workstations equipped with microphones and a webcams might teleconference in real time. A WAN is complicated. It uses multiplexers, bridges, and routers to connect local and metropolitan networks to global communications networks like the Internet. To users, however, a WAN will not appear to be much different than a LAN. 3.
Metropolitan area network
A metropoli metropolitan tan area area networ networkk (MAN) (MAN) is a computer computer netwo network rk in which which two two or more more computers or communicating communicating devices or networks which are geographically geographically separated but in same metropolitan city and are connected to each other are said to be connected on MAN. The limits of Metropolitan cities are determined by local municipal corporations and we cannot define them. Hence, the bigger the Metropolitan Metropolitan city the bigger the MAN, MAN, smaller a metro city city smaller smaller the MAN. The IEEE 802-2002 802-2002 standard standard describes describes a MAN MAN as being. 4.
Personal area network
A pers person onal al are area a netw networ orkk (PAN (PAN)) is a comp comput uter er net netwo work rk used used or com communi munica cati tion on amon among g computeriz computerized ed devices, devices, includi including ng telephones telephones and personal personal digital digital assist assistants. ants. PANs can be be used for communication among the personal devices themselves (intrapersonal communica communication) tion),, or for connecting connecting to a higher higher level network network and the Internet Internet (an uplink). uplink). A wire wirele less ss
pers person onal al
are area a
netw networ orkk (WPA (WPAN) N)
is is
a
PAN PAN
car carri ried ed
o ove verr wire wirele less ss
networ networkk tec techno hnolog logies ies such such as IrDA, IrDA, Wirele Wireless ss USB, Blueto Bluetoot oth, h, Z-Wave Z-Wave,, ZigBee ZigBee,, or eve even n Body Body Area Network. The reach of a WPAN varies from a few centimeters to a few meters. A PAN may also be carried carried over wired computer computer buses such such as as USB and FireWire. FireWire. 5.
VPN (Virtual Private Network)
VPN uses a technique known as tunneling to transfer data securely on the Internet to a remote access server on your workplace network. Using a VPN helps you save money by using the public Internet instead of making long–distance phone calls to connect securely with your private network. There are two ways to create a VPN connection, by dialing an Internet service provider (ISP), or connecting directly to Internet.
PANKAJ GILL
11/CSE/168
5
e g a P
TRAINING REPORT ON CCNA
1. 2
2013
What is a Topology?
The physical topology of a network refers to the configuration of cables, computers, and other peripherals. Physical topology should not be confused with logical topology which is the method used to pass information between workstations. Logical topology was discussed in the Protocol chapter.
Main Types of Physical Topologies 1. Line Linear ar Bus Bus Topo Topolo log gy 2. Ring Ring Topo Topolo logy gy 3. Star Topology 4. Mesh Topology 5. Tree Tree (Ex (Expa pand nded ed Sta Star) r) Topo Topolo logy gy 6. Hybrid Topology
1.
Linear Bus Topology
A linear bus topology consists consists of a main main run of cable with a terminator at each end. All nodes (file server, workstations, and peripherals) are connected to the linear cable.
Advantages of a Linear Bus Topology •
Easy to connect a computer or peripheral to a linear bus.
•
Requires less cable length than a star topology.
Disadvantages of a Linear Bus Topology •
Entire network shuts down if there is a break in the the main cable.
•
Terminators are required at both ends of the backbone cable.
•
Difficult to identify the problem if the entire network shuts down.
•
Not meant to be used as a stand-alone solution in a large building.
6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA 2.
2013
Ring Topology
Alternati Alternatively vely referred referred to as a ring network network,, the ring topolog topologyy is a computer computer network network configuration where each network computer and devices are connected to each other forming forming a large circle circle (or similar similar shape) shape).. Each packet packet is sent around around the the ring until until it reaches reaches its final destination. Today, the ring topology is seldom used. Below is a visual example of a simple computer setup on a network using a ring topology.
Advantages of Ring Topology •
This type of networ networkk topology topology is very organ organized ized.. Each node node gets to to send the the data when it receives receives an an empty empty token. This This helps helps to reduces reduces chances chances of collisi collision. on. Also Also in ring topology all the traffic flows in only one direction at very high speed.
•
Even when the load on the network increases, its performance is better than that of Bus topology. topology.
•
There is no need for network server to control the connectivity between workstations.
•
Additional components do not affect the performance of network.
•
Each computer has equal access to resources.
Disadvantages of Ring Topology •
Each packet of data must pass through all the computers between source and destination. This makes it slower slower than Star topology. topology.
3.
•
If one workstation or port goes down, the entire network gets affected.
•
Network is highly dependent on the wire which connects different d ifferent components.
•
MAU’s and network cards are expensive as compared c ompared to Ethernet cards and hubs.
Star Topology
A star topology is designed with each node (file server, workstations, and peripherals) connected directly to a central network hub, switch, or concentrator. concentrator.
PANKAJ GILL
11/CSE/168
7
e g a P
TRAINING REPORT ON CCNA
2013
Data on a star network passes through the hub, switch, or concentrator before continuing to its destination. The hub, switch, or concentrator manages and controls all functions of the network. It also acts as a repeater for the data flow. This configuration is common with twisted pair cable; however, it can also be used with coaxial cable or fiber optic cable.
Advantages of a Star Topology •
Easy to install and wire.
•
No disruptions to the network when connecting or removing devices.
•
Easy to detect faults and to remove parts.
Disadvantages of a Star Topology
4.
•
Requires more cable length than a linear topology.
•
If the hub, switch, or concentrator fails, nodes attached attached are disabled.
•
More expensive than linear bus bus topologies because of the the cost of the hubs, etc.
Mesh Topology
A network setup where each computer and network device is interconnected with one another, allowing for most transmissions to be distributed, even if one of the connections goes down. This topology is not commonly u sed for most computer networks as it is difficult and expensive to have redundant connection to every computer. However, this topology is commonly used for wireless networks. Below Below is a visual example of a simple computer setup setup on a network network using a mesh topology. topology.
8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Advantages of Mesh topology •
Data can be transmitted from different devices simultaneously. This topology can withstand high traffic.
•
Even if one of the components fails there is always an alternative present. So data transfer doesn’t get affected.
•
Expansion and modification in topology can be done without disrupting disrupting other nodes.
Disadvantages of Mesh topology •
There are high chances of redundancy in many of the network connections.
•
Overall cost of this network network is way way too high high as compared compared to other network network topologies.
•
Set-up and maintenance of this topology is very difficult. Even administration administration of the network is tough.
5.
Tree or Expanded Star
A tree topology combines characteristics of linear bus and star topologies. It consists of groups groups of star-conf star-configur igured ed workstat workstations ions connect connected ed to a linear linear bus backbone backbone cable. cable. Tree topologies allow for the expansion of an existing network, and enable schools to configure a network to meet their needs.
9 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Advantages of a Tree Topology •
Point-to-point wiring for individual segments.
•
Supported by several hardware and software venders.
Disadvantages of a Tree Topology
6.
•
Overall length of each segment is limited by the type of cabling used.
•
If the backbone line breaks, the entire segment goes down.
•
More difficult to configure and wire wire than other other topologies.
Hybrid Topology
In this type of topology we integrate two or more different topologies to form a resultant topology which has good points (as well as weaknesses) of all the constituent basic topologies rather than having characteristics of one specific topology. This combination of topologies is done according to the requirements of the organization. For example, if there exists a ring topology in one office department while a bus topology in another department, department, connecting these two will result in Hybrid topology. Remember Remember connecting two similar topologies cannot be termed as Hybrid topology. Star-Ring and StarBus networks are most common examples of hybrid network.
0 1
Let's see the benefits and and drawbacks of this networking architecture architecture
PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Advantages of Hybrid Network Topology •
Reliable:
Unli Unlike ke othe otherr net netwo work rks, s, faul faultt det detec ecti tion on and and tro troub uble lesh shoo ooti ting ng is easy easy in
this type of topology. The part in which fault is detected can be isolated from the rest of network and required corrective measures measures can be taken, taken, WITHOUT affecting the functioning of rest of the network. •
Scalable:
It’s It’s easy easy to incr increa ease se the the size size of netw networ orkk by by addi adding ng new new comp compon onen ents ts,,
without disturbing existing architecture. •
Flexible:
Hybr Hybrid id Ne Netw twor orkk can can be desi design gned ed acco accorrding ding to the the req requi uire reme ment ntss of of the the
organization and by optimizing the available resources. Special care can be given to nodes where traffic is high as well as where chances of fault are high. •
Effective:
Hybr Hybrid id topo topolo logy gy is the the com combi bina nati tion on of two or more more topo topolo logi gies es,, so so we we
can design it in such a way that strengths of constituent topologies are maximized while there weaknesses are neutralized. For example we saw Ring Topology has good data reliability (achieved (achieved by use of tokens) and Star topology topology has high tolerance capability (as each node is not directly connected to other but through central device), so these two can be used effectively in hybrid star-ring star- ring topology. Disadvantages of Hybrid Topology •
Complexity of Design: One of the biggest drawbacks of hybrid topology is its design. It’s not easy to design this type of architecture and it’s a tough job for designers. Configuration and installation process needs to be very efficient.
•
Costly Costly Hub: The hubs used used to connect two two distinct distinct networks, networks, are very expensive expensive.. These hubs are different from usual hubs as they need to be intelligent enough to work with different architectures and should be function even if a part of network is down.
PANKAJ GILL
11/CSE/168
1 1
e g a P
TRAINING REPORT ON CCNA •
2013
Costly Infrastructure: Infrastructure: As hybrid architectures architectures are usually larger in scale, they they require a lot of cables; cooling systems, sophisticate sophisticate network devices, etc.
Considerations When Choosing a Topology 1. Money:
A linear bus network may be the least expensive way to install
a network; you do not have to purchase concentrators. 2. Length:
Length of cable needed. The linear bus network uses shorter
lengths of cable. 3. Future growth:
With a star topology, expanding a network is easily done by
adding another concentrator. 4. Cable type:
The most common cable in schools is unshielded unshielded twisted pair, which is
most often used with star topologies.
Summary Chart Physical Topology Linear Bus Star Tree
Common Cable
Twisted Pa P air or or Co Coaxial Fi Fiber Twisted Pair or Fiber Twisted Pa Pair or Coaxial Fi Fiber
Common Protocol Ethernet Ethernet Ethernet
Collisions Ethernet is a shared media, so there are rules for sending packets of data to avoid conflicts and protect data integrity. Nodes determine when the network is available for sending packets. It is possible that two nodes at different locations attempt to send data at the same time. When both PCs are transferring a packet to the network at the same time, a collision will result.
2 1 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 3
2013
Categories of Network
Network can be divided in to two main categories: 1. Peer Peer--toto-pe pee er. 2. Server – based.
In peer-to-peer networking there are no dedicated servers or hierarchy among the computers. All of the computers are equal and therefore known as peers. Normally each computer serves as Client/Server and there is no one assigned to be an administrator responsible for the entire network.
PANKAJ GILL
11/CSE/168
3 1
e g a P
TRAINING REPORT ON CCNA
2013
Peer-to-peer networks are good choices for needs of small organizations where the users
are allocated in the same general area, security is not an issue and the organization and the network will have limited growth within the foreseeable f oreseeable future. The term Client/server refers to the concept of sharing the work involved in processing data between the client computer and the most powerful server computer. The client/server network is the most efficient way to provide: •
Databases and management of applications applications such as as Spreadsheets, Spreadsheets, Accounting, Communications and Document management.
•
Network management.
•
Centralized file storage.
The client/server model is basically an implementation of distributed or cooperative processing. At the heart of the model is the concept of splitting application functions between a client and a server processor. The division of labor between the different processors enables the application designer to place an application function on the processor that that is most most appropriate for that function. This lets the software designer designer optimize the use of processors--providing the greatest possible return on investment for the hardware. Client/server application design also lets the application provider mask the actual location of application function. The user often does not know where a specific operation is executing. The entire function may execute in either the PC or server, or the function may be split between them. This masking of application application function locations locations enables system implementers implementers to upgrade portions of a system over time with a minimum disruption of application operations, while protecting the investment in existing hardware and software.
The OSI Model: Open System Interconnection (OSI) reference model has become an International standard and serves as a guide for networking. This model is the best known and most widely used guide to describe networking environments. Vendors design network products based on the specifications of the OSI model. It provides a description of how network hardware and software work together in a layered fashion to make communications possible. It also helps with trouble shooting by providing a frame of reference that describes how components are supposed to function.
4 1 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
There are seven to get familiar with and these are the physical layer, data link layer, network layer, transport layer, session layer, presentation layer, and the application layer. 1. Physical Layer , is just that the physical parts of the network such as wires, cables, and there media along with the length. Also this layer takes note of the electrical signals that transmit data throughout system. 2. Data Link Layer , this layer is where we actually assign meaning to the electrical signals in the network. The layer also determines the size and format of data sent to printers, and other devices. Also I don't want to forget that these are also called nodes in the network. 3. Network Layer , this layer provides the definition for the connection of two dissimilar networks. 4. Transport Layer , this layer allows data to be broken into smaller packages for data to be distributed and addressed to other nodes (workstations). 5. Session Layer , this layer helps out with the task to carry information from one node (workstation) to to another node (workstation). (workstation). A session has to be made before we can transport information to another computer. 6. Presentation Layer , this layer is responsible to code and decode data sent to the node. 7. Application Layer , this layer allows you to use an application that will communicate with say the operation system of a server. A good example would be using your web browser to interact with the operating system on a server such as Windows NT, which in turn gets the data you requested.
PANKAJ GILL
11/CSE/168
5 1
e g a P
TRAINING REPORT ON CCNA
1. 4 1.
2013
Network Architectures Ethernet
Ethernet is the most popular physical layer LAN technology in use today. Other LAN types include Token Ring, Fast Ethernet, Fiber Distributed Data Interface (FDDI), Asynchronous Transfer Mode (ATM) and LocalTalk. Ethernet is popular because it strikes a good balance between speed, cost and ease of installation. These benefits, combined with wide acceptance in the computer marketplace and the ability to support virtually all popular network protocols, make Ethernet an ideal networking technology for most computer users today. The Institute for Electrical and Electronic Engineers (IEEE) defines the Ethernet standard as IEEE Standard 802.3. This standard defines rules for configuring an Ethernet network as well as specifying specifying how elements in an Ethernet network interact with one another. By adhering to the IEEE standard, network equipment and network protocols can communicate efficiently. 2.
Fast Ethernet
For Ethernet networks that need higher transmission speeds, the Fast Ethernet standard (IEEE 802.3u) has been established. This standard raises raises the Ethernet Ethernet speed limit from 10 Megabits per second (Mbps) to 100 Mbps with only minimal changes to the existing cable structure. There are three types of Fast Ethernet: 100BASE-TX for use with level 5 UTP cable, 100BASE-FX for use with fiber-optic cable, and 100BASE-T4 which utilizes an extra two wires for use with level 3 UTP cable. The 100BASE-TX standard has become the most popular due to its close compatibility with the 10BASE-T Ethernet standard. For the network manager, the incorporation of Fast Ethernet into an existing configuration presents a host of decisions. Managers must determine the number of users in each site on the network that need the higher throughput, decide which segments of the backbone need to be reconfigured specifically for 100BASE-T and then choose the necessary hardware to connect the 100BASE-T segments with existing 10BASE-T segments. Gigabit Ethernet is a future technology that promises a migration path beyond Fast Ethernet so the next generation of networks will support even higher data transfer speeds.
6 1 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA 3.
2013
Token Ring
Token Ring is another form of network configuration which differs from Ethernet in that all messages are transferred in a unidirectional manner along the ring at all times. Data is transmitted in tokens, which are passed along the ring and viewed by each device. When a device sees a message addressed to it, that device copies the message and then marks that message as being read. As the message makes its its way along the ring, it eventually gets back to the sender who now notes that the message was received by the intended device. The sender can then remove the message and free that token for use by others. Various PC vendors have been proponents of Token Ring networks at different times and thus these types of networks have been implemented in many organizations. organizations. 4.
FDDI
FDDI (Fiber-Distributed Data Interface) is a standard for data transmission on fiber optic lines in a local area network that can extend in range up to 200 km (124 miles). The FDDI protocol is based on the token ring protocol. In addition to being large geographically, an FDDI local area network can support thousands of users.
7 1 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 5
2013
Protocols
Network protocols are standards that allow computers to communicate. A protocol defines how computers identify one another on a network, the form that the data should take in transit, and how this information is processed once it reaches its final destination. Protocols also define procedures for handling lost or damaged transmissions or "packets." TCP/IP (for UNIX, Windows NT, Windows 95 and other platforms), platforms), IPX (for Novell NetWare), DECnet (for networking Digital Equipment Corp. computers), AppleTalk (for Macintosh computers), and NetBIOS/NetBEUI (for LAN Manager and Windows NT networks) are the main types of network protocols in use today. Although each network protocol is different, they all share the same physical cabling. This common method of accessing the physical network allows multiple protocols to peacefully coexist over the network media, and allows the builder of a network to use common hardware for a variety of protocols. This concept is known as "protocol independence," Some Important Protocols and their job: Protocol Transmission Control Protocol/internet Protocol Internetwork Package Exchange/Sequenced Packet Exchange NetB Ne tBIO IOSS Exte Extend nded ed User User Inte Interf rfac ace e
NetB Ne tBEU EUII
File Transfer Protocol
FTP
Hyper Text Transfer Protocol
H T TP
Secured Hyper Text Transfer Protocol
HTTP HTTPSS
Network File Services
NFS
Simple Mail Transfer Protocol Telnet
SMTP
Post Office Protocol
POP
Inte Intern rnet et Mess Messag age e Acce Access ss Prot Protoc ocol ol
IMAP IMAP4 4
PANKAJ GILL
Acronym Its Job TCP/ TCP/IP IP The The back backbo bone ne prot protoc ocol ol of the the inte intern rnet et.. Popular also for intranets using the internet IPX/ IPX/SP SPX X This This is a stand tanda ard pr protoc otocol ol for for No Nove vell ll Network Operating System
This This is a Micr Micros osof oftt prot protoc ocol ol that that does doesn' n'tt support routing to other networks Used to se send an and receive fi files from a remote host Used for the web to send documents that is encoded in HTML. Infor nform mation ion tr transfe nsferr is is enc encrrypte ypted d an and secured to encrypted information. information. Allows ne network nodes or or wo workstations to to access files and drives as if they were their own. Used to send Email over a network Used to connect to a host and emulate a terminal that the remote server can recognize This pr protocol is is us used ffo or tr transferring or or downloading mails to your local system. So, that you can view/compose mails offline. This This is secu secure red d vers versio ion no off POP. POP.
11/CSE/168
8 1
e g a P
TRAINING REPORT ON CCNA Routing Information Protocol
RIP
Dynamic Host Configuration Configuration Protocol
DHCP
2013
It is a protocol that is used to communicate b/w multiple routers for data transmission at a long distance. This pr protocol is is us used fo for as assignmen entt of of dynamic IP address to the host systems.
Introduction Introduction to TCP/IP Networks: Networks: TCP/IP-based networks play an increasingly important role in computer networks. Perhaps one reason for their appeal is that they are based on an open specification that is not controlled by any vendor.
What Is TCP/IP? TCP stands for Transmission Transmission Control Protocol and and IP stands for Internet Protocol. The term TCP/IP is not limited just to these two protocols, however. Frequently, the term TCP/IP is used to refer to a group of protocols related to the TCP and IP protocols such as the User Datagram Protocol (UDP), File Transfer Protocol (FTP), Terminal Emulation Protocol (TELNET), and so on.
The Origins of TCP/IP In the late 1960s, DARPA (the Defense Advanced Research Project Agency), in the United States, States, noticed noticed that that there there was a rapid rapid prolif proliferati eration on of computers computers in in military military communications. Computers, because they can be easily programmed, provide flexibility in achieving network functions that is not available with other types of communications equipment. The computers then used in military communications were manufactured by different vendors and were designed to interoperate with computers from that vendor only. Vendors used proprietary protocols in their communications equipment. The military had a multi vendor network but no common protocol to support the heterogeneous equipment from different vendors
9 1 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 6
2013
Transmission Media
Transmission Media is of two types: 1. Wired 2. Wireless
1.
Wired Transmission
Cable is the medium through which information usually moves from one network device to another. There are several types of cable which are commonly used used with LANs. In some cases, a network will utilize only one type of cable, other networks will use a variety of cable types. The type of cable chosen for a network is related to the network's topology, protocol, and size. Understanding the characteristics of different types of cable and how they relate to other aspects of a network is necessary for the development of a successful network. The following are the wired mediums: mediums: •
Unshielded Twisted Pair (UTP) Cable
•
Shielded Twisted Pair (STP) Cable
•
Coaxial Cable
•
Fiber Optic Cable
Twisted pair cabling comes in two varieties: shielded and unshielded. Unshielded twisted
pair (UTP) is the most popular and is generally the best option for school networks.
0 2 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
The quality of UTP may vary from telephone-grade wire to extremely high-speed cable. The cable has four pairs of wires inside the jacket. Each pair is twisted with a different number of twists per inch to help eliminate eliminate interference from adjacent adjacent pairs and other electrical electrical devices. The tighter the twisting, the higher the supported transmission rate and the greater the cost per foot. The EIA/TIA (Electronic Industry Association/Telecommunication Industry Association) has established standards of UTP and rated six categories of wire (additional categories are emerging). Categories of Unshielded Twisted Pair Category 1 2 3 4 5
5e 6
Speed 1 Mbps 4 Mbps 16 Mbps 20 Mbps 100 Mbps (2 pair) 1000 1000 Mbps Mbps (4 pair) pair) 1,000 Mbps 10,000 Mbps
Us e Voice Only (Telephone Wire) LocalTalk & Telephone (Rarely used) 10BaseT Ethernet Token Ring (Rarely used) 100BaseT Ethernet Gigabi Gigabitt Ethern Ethernet et Gigabit Ethernet Gigabit Ethernet
Unshielded Twisted Pair Cabling Standards •
C at 1 :
Currently Currently unrecogni unrecognized zed by by TIA/EIA. TIA/EIA. Previously Previously used for POTS POTS
telephone communications, ISDN and doorbell wiring. •
C at 2 :
Currently unrecognized by TIA/EIA. Previously was frequently used on
4 Mbit/s token ring networks. •
C at 3 :
Currently defined in TIA/EIA-568-B; used for data networks utilizing
frequencies up to 16MHz. Historically popular popular for 10 Mbit/s Ethernet Ethernet networks. •
C at 4 :
Currently unrecognized by TIA/EIA. Provided performance of up to 20
MHz, and was frequently used on 16 Mbit/s token ring networks. •
C at 5 :
Currently unrecognized by TIA/EIA. Provided performance of up to
100 MHz, and was frequently used on 100 Mbit/s Ethernet networks. May be unsuitable for 1000BASE-T gigabit Ethernet. •
Cat 5e :
Currently defined in TIA/EIA-568-B. Provides performance of up to
100 MHz, and is frequently used for both 100 Mbit/s and gigabit Ethernet networks. •
C at 6 :
Currently defined in TIA/EIA-568-B. Provides performance of up to
250 MHz, more than double category 5 and 5e. •
Cat 6a :
Future specification for 10 Gbit/s applications.
•
C at 7 :
An informal name applied to ISO/IEC 11801 Class F cabling. This
standard specifies four individually-shielded pairs (STP) inside an overall shield. Designed Designed for for transmi transmissio ssion n at frequenc frequencies ies up to 600 600 MHz’s. MHz’s.
PANKAJ GILL
11/CSE/168
1 2
e g a P
TRAINING REPORT ON CCNA 1.
2013
Unshi shielded Twisted Pair air Connecto ctor
The standard connector for unshielded twisted pair cabling is an RJ-45 connector. This is a plastic connector that looks like a large telephone-style connector. A slot allows the RJ-45 to be inserted only one way. RJ stands for Registered Jack, implying that the connector follows a standard borrowed from the telephone industry. This standard designates which wire goes with each pin inside the connector.
RJ-45 connector
2.
Shield elded Twisted Pair (STP) Cable
Although UTP cable is the least expensive cable, it may be susceptible to radio and and electrical frequency interference (it should not be too close to electric motors, fluorescent lights, etc.). If you must place cable in environments with lots of potential interference, or if you must place cable in extremely sensitive environments that may be susceptible to the electrical current in the UTP, shielded twisted pair may be the solution. Shielded cables can also help to extend the maximum distance of the cables. •
Shielded twisted pair cable cable is available in three different confi configurations: gurations:
•
Each pair of wires is individually shielded with foil.
•
There is a foil or braid shield inside the jacket covering all wires (as a group).
There is a shield shield around each individual individual pair, pair, as well as around the entire entire group of wires (referred to as double shield twisted pair).
3.
Coaxial Cable
Coaxial cabling has a single copper conductor at its center. A plastic layer provides insulation between the center conductor and a braided metal shield. The metal shield helps to block any outside interference from fluorescent lights, motors, and other computers.
2 2
Coaxial cable
PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Although coaxial cabling is difficult to install, it is highly resistant to signal interference. In addition, it can support greater cable lengths between network devices than twisted pair cable. The two types of coaxial cabling are thick coaxial and thin coaxial . Thin coaxial cable is also referred to as thinnet. 10Base2 refers to the specifications for thin
coaxial cable carrying Ethernet Ethernet signals. The 2 refers to the approximate approximate maximum segment segment length being 200 meters. In actual fact the maximum segment length is 185 meters. Thin coaxial cable has been popular in school networks, especially linear bus networks. Thick coaxial cable is also referred to as thicknet. 10Base5 refers to the specifications for
thick coaxial cable carrying Ethernet signals. The 5 refers to the maximum segment length being 500 meters. Thick coaxial cable has an extra protective plastic cover that helps keep moisture away from the center conductor. This makes thick coaxial a great choice when running longer lengths in a linear bus network. One disadvantage of thick coaxial is that it does not bend easily and is difficult to install. Coaxial Cable Connectors
The most common common type type of connector connector used with with coaxial coaxial cables cables is the Bayone-Neil Bayone-NeilllConcelman (BNC) connector. Different types of adapters are available for BNC connectors, including a T-connector, barrel connector, and terminator. Connectors on the cable are the weakest points in in any network. To help avoid problems problems with your network, network, always use use the BNC connectors that crimp, rather screw, onto the cable.
BNC connector
4.
Fiber Optic Cable
Fiber optic cabling consists consists of a center glass core surrounded by several several layers of protective materials. It transmits transmits light rather than than electronic signals eliminating the problem of electrical interference. This makes it ideal for certain environments that contain a large amount of electrical interference. interference. It has also made it the standard for connecting connecting networks between buildings, due to its immunity to the effects of moisture and lighting. Fiber optic cable has the ability to transmit signals over much longer distances than coaxial and twisted pair. It also also has the capability capability to carry information information at vastly greater speeds. speeds. This capacity broadens communication possibilities to include services such as video conferencing and interactive services. The cost of fiber optic cabling is comparable to copper
PANKAJ GILL
11/CSE/168
3 2
e g a P
TRAINING REPORT ON CCNA
2013
cabling; however, however, it is more difficult to install and modify. modify. 10BaseF 10BaseF refers to the specifications for fiber optic cable carrying Ethernet signals. The center core of fiber cables is made from glass or plastic fibers (see fig 5). A plastic coating then cushions the fiber center, and kevlar fibers help to strengthen the cables and prevent breakage. The outer insulating jacket made of teflon or PVC.
Fiber optic cable
There are are two common common types of of fiber cables cables -- single single mode and and multimode. multimode. Multim Multimode ode cable has a larger diameter; diameter; however, both cables provide high high bandwidth at high high speeds. Single mode can provide more distance, but it is more expensive. Spec Specif ific icat atio ion n 10BaseT 10Base2 10Base5 100BaseT 100BaseFX 100BaseBX 100BaseSX 1000 1000B BaseT aseT 1000BaseFX 1000 1000Ba Base seBX BX 1000 1000B BaseS aseSX X
Cabl Cable e Type Type Unshielded Twisted Pair Thin Coaxial Thick Coaxial Unshielded Twisted Pair Fiber Op Optic Single mode Fiber Multimode Fiber Uns Unshiel hield ded Twi Twisted sted Pai Pair Fiber Op Optic Sing Single le mode ode Fibe Fiberr Mul Multim imod ode e Fi Fibe berr
Instal Installin ling g Cable - Some Some Guidelin Guidelines es When running cable, it is best to follow a few simple simple rules: 1. Always Always use more more cable cable than than you you need. need. Leave plenty plenty of slack. slack. 2. Test every every part of of a network network as you you install install it. Even Even if it is brand brand new, new, it may may have problems that will be difficult to isolate later. 3. Stay at least least 3 feet away from from fluorescen fluorescentt light boxes boxes and other other sources sources of electrical electrical interference. 4. If it is necessary necessary to run cable across the floor, cover the cable with with cable protectors. 5. Label Label bot both h ends ends of each each cable. cable. 6. Use cable cable ties (not (not tape) tape) to keep keep cables in in the same same location location together. together.
PANKAJ GILL
4 2 11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Ethernet Cable Connectors •
8P8C - 8 positions, positions, 8 conductor conductor modular connector. Incorrectly Incorrectly referred to as RJ45.
•
Cables available assembled, or connectors may be crimped on cable.
There are two types of Ethernet Cables: 1. Straight Straight Cable Cable :
To connect different kinds of devices. Eg, Switch to System,
2. Cross Cable
To connect similar kinds of devices. Eg, System to System
:
Ethernet RJ45 Pin Configurations
T568B RJ45 Connection •
Eight connections consist of four wire pairs.
•
Pairs are solid and stripe of same color.
•
Two pin configurations, T568A and T568B, which are interoperable. interoperable.
5 2 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1.7
2013
Ether ern net Product ctss
The standards and technology that have just been discussed help define the specific products that network managers use to build Ethernet networks. The following text discusses the key products needed to build an Ethernet LAN.
Transceivers Transceivers are used to connect nodes to the various Ethernet media. Most computers and network interface cards contain a built-in 10BASE-T or 10BASE2 transceiver, allowing them to be connected directly to Ethernet without requiring an external transceiver. Many Ethernet devices provide an AUI connector to allow the user to connect to any media type via an external transceiver. The AUI connector consists of a 15-pin D-shell type connector, female on the computer side, male on the transceiver side. Thickwire (10BASE5) cables also use transceivers to allow connections. For Fast Ethernet networks, a new interface called the MII (Media Independent Interface) was developed to offer a flexible way to support 100 Mbps connections. The MII is a popular way to connect 100BASE-FX links to copper-based Fast Ethernet devices.
Network Interface Cards Network interface cards, commonly referred to as NICs, and are used to connect a PC to a network. network. The NIC provides a physical connection between the networking cable and the computer's internal bus. Different computers have different bus architectures; PCI bus master slots are most commonly found on 486/Pentium PCs and ISA expansion slots are commonly found on 386 and older PCs. NICs come in three basic varieties: 8bit, 16-bit, and 32-bit. The larger the number of bits that can be transferred to the NIC, the faster the NIC can transfer data to the network cable. Many NIC adapters comply with Plug-n-Play specifications. On these systems, NICs are automatically configured without user intervention, while on non-Plug-n-Play systems, configuration is done manually through a setup program and/or DIP switches. Cards are available available to support almost almost all networking standards, standards, including including the latest Fast Fast Ethernet environment. Fast Ethernet NICs are often 10/100 capable, and will automatically
PANKAJ GILL
11/CSE/168
6 2
e g a P
TRAINING REPORT ON CCNA
2013
set to the appropriate speed. Full duplex networking is another option, where a dedicated connection to a switch allows a NIC to operate at twice the speed.
Hubs/Repeaters Hubs/repeaters are used to connect together two or more Ethernet segments of any media type. In larger designs, signal quality begins to deteriorate as segments exceed their maximum length. Hubs provide the the signal amplification amplification required to allow a segment segment to be extended a greater distance. A hub takes any incoming signal and repeats it out all ports. Ethernet hubs are necessary necessary in star topologies such such as 10BASE-T. A multi-port twisted pair hub allows several point-to-point segments to be joined into one network. One end of the point-to-point link is attached to the hub and the other is attached to the computer. If the hub is attached to to a backbone, then all computers computers at the end of the the twisted pair segments segments can communicate with all the hosts on the backbone. The number and type of hubs in any one-collision domain is limited by the Ethernet rules. These repeater rules are discussed in more detail later. Network Type
Max Nodes Per Segment
Max Distance Per Segment
10BASE-T 10BASE2 10BASE5 10BASE-FL
2 30 100 2
100m 185m 500m 2000m
Adding Speed While repeaters allow LANs to extend beyond normal distance limitations, they still limit the number of nodes that can be supported. supported. Bridges and switches, however, allow allow LANs to grow significantly larger by virtue of their ability to support full Ethernet segments on each port. Additionally, bridges and switches selectively filter network traffic to only those packets needed needed on each segment segment - this significan significantly tly increase increasess throughput throughput on on each segment segment and and on the overall network. By providing better performance and more flexibility for network topologies, bridges and switches will continue to gain popularity among network managers.
Bridges The function of a bridge is to connect separate networks together. Bridges connect different networks types (such as Ethernet and Fast Ethernet) or networks of the same type. Bridges map the Ethernet addresses of the nodes residing on each network segment and allow only necessary traffic to pass through the bridge. When a packet is received by the bridge, the bridge determines the destination and source segments. If the segments are the same, the packet is dropped ("filtered"); if the segments are different, then the pac ket is "forwarded"
PANKAJ GILL
11/CSE/168
7 2
e g a P
TRAINING REPORT ON CCNA
2013
to the correct segment. Additionally, bridges do not forward bad or misaligned packets. Bridges are also called "store-and-forward" devices because they look at the whole Ethernet packet before making filtering filtering or forwarding forwarding decisions. decisions. Filtering packets and regenerating regenerating forwarded packets enable bridging technology to split a network into separate collision domains. This allows for greater distances and more repeaters to be used in the total network design.
Ethernet Switches Ethernet switches are an expansion of the concept in Ethernet bridging. LAN switches can link four, six, ten or more networks together, and have two basic architectures: cut-through and store-and-forward. In the past, cut-through switches were faster because they examined the packet destination address only before forwarding it on to its destination segment. A store-and-forward switch, on the other hand, accepts and analyzes the entire packet before forwarding it to its destination. It takes more time to examine the entire packet, but it allows the switch to catch certain packet errors and keep them from propagating through the network. Both cut-through and store-and-forward switches separate a network into collision domains, allowing network design rules to be extended. Each of the segments attached attached to an Ethernet switch has has a full 10 Mbps of bandwidth shared by fewer users, which results in better performance (as opposed to hubs that only allow bandwidth sharing from a single Ethernet). Newer switches today offer high-speed links, FDDI, Fast Ethernet or ATM. These are used to link switches together or give added bandwidth to high-traffic servers. A network composed of a number of switches linked together via uplinks is termed a "collapsed backbone" network.
Routers Routers filter out network traffic by specific protocol rather than by packet address. Routers also divide networks logically instead of physically. An IP router can divide a network into various subnets so that only traffic destined for particular IP addresses can pass between segments. Network speed often decreases due to this type of intelligent forwarding. Such filtering takes more time than that exercised in a switch or bridge, which only looks at the Ethernet address. However, in more complex networks, overall efficiency is improved by using routers.
What is a Network Network Firewall? Firewall? A firewall is a system or group of systems that enforces an access control policy between two networks. The actual means by which this is accomplished varies widely, but in principle, the firewall can be thought of as a pair of mechanisms: one which exists to block traffic, and the other which exists to permit traffic. Some firewalls place a greater emphasis on blocking traffic, while others others emphasize permitting permitting traffic. Probably the most important important
PANKAJ GILL
11/CSE/168
8 2
e g a P
TRAINING REPORT ON CCNA
2013
thing to recognize about a firewall is that it implements an access control policy. If you don't have a good idea of what kind of access you want to allow or to deny, a firewall really won't help you. It's also important to recognize that the firewall's configuration, because it is a mechanism for enforcing policy, imposes its policy on everything behind it. Administrators for firewalls managing the connectivity for a large number of hosts therefore have a heavy responsibility.
Network Network Design Criteria Criteria Ethernets and Fast Ethernets have design rules that must be followed in order to function correctly. Maximum number of nodes, number of repeaters and maximum segment distances are defined by the electrical electrical and mechanical mechanical design properties properties of each type of Ethernet and Fast Ethernet media. A network using repeaters, for instance, functions with the timing constraints of Ethernet. Although electrical signals on the Ethernet media travel near the speed of light, it still takes a finite time for the signal to travel from one end of a large Ethernet to another. The Ethernet standard assumes it will take roughly 50 microseconds for a signal to reach its destination. Ethernet is subject to the "5-4-3" rule of repeater placement: The network can only have
five segments connected; it can only use four repeaters; and of the five segments, only three can have users attached to them; the other two must be inter-repeater links. If the design of the network violates these repeater and placement rules, then timing guidelines will not be met and the sending station will resend that packet. This can lead to lost packets and excessive resent packets, which can slow network performance and create trouble for applications. Fast Ethernet has modified modified repeater rules, rules, since the minimum minimum packet size takes less time to transmit than regular Ethernet. The length of the network links allows for a fewer number of repeaters. In Fast Ethernet networks, there are two classes of repeaters. Class I repeaters repeaters have a latency of 0.7 microseconds or less and are are limited to one repeater per network. Class II repeaters have a latency of 0.46 microseconds or less and are limited to two repeaters per network. The following are the distance (diameter) characteristics for these these types of Fast Ethernet repeater repeater combinations: Fast Ethernet No Repeaters One Class I Repeater One Class II Repeater Two Class II Repeaters * Full Duplex Mode 2 km
Copper 100m 200m 200m 205m
Fiber 412m* 272m 272m 228m
When conditions require greater distances or an increase in the number of nodes/repeaters, then a bridge, router or switch can be used to connect multiple networks together. These
PANKAJ GILL
11/CSE/168
9 2
e g a P
TRAINING REPORT ON CCNA
2013
devices join two or more separate networks, allowing network design criteria to be restored. Switches allow allow network designers to build large networks networks that function well. The The reduction in costs of bridges and switches reduces the impact of repeater rules on network design. Each network connected via one of these devices is referred to as a separate collision domain in the the overall network.
Comp Compari ariso son n betw betwee een n Hub, Hub, Bridg Bridge, e, Switc Switch h & Rout Router er Number
Feature of broadcast
domains Number
of
collision
domains Forward Forwardss LAN LAN Forward Forwardss LAN LAN multicasts
Hub Segment
Bridge 1
1
bridge port Yes
Ye s
interface No
N/A
Yes
Yes; ca can be be optimized for
No
Layer 2
less forwarding Layer 2
Layer 3
forwarding decision Internal Internal processing variants variants
N/A
Store- a an nd- StoreStore-an andd- forwar forward, d, cutcut- StoreStore- andand-
Frame/packet
N/A
forward No
fragmentation allowed? Multip Multiple le concur concurren rentt equalequal-
N/A
No
to
1 per switch port
interface 1 per router
1 per
N/A
paths
Router 1 per router
1
OSI OSI laye layerr used used when when makin making g
cost
Switch 1
through, through, Fragment Fragment Free No
forward Yes
No
Yes
same
destination allowed?
0 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 8 1.
2013
Types of Servers Device Servers
A device server is defined as a specialized, network-based network-based hardware hardware device designed to perform a single or specialized set of server functions. It is characterized by a minimal operating architecture that requires no per seat network operating system license, and client access that is independent of any operating system or proprietary protocol. In addition the device server is a "closed box," delivering extreme ease of installation, installation, minimal maintenance, and can be managed by the client remotely via a Web browser. Print servers, terminal servers, remote access servers and network time servers are examples of device servers which are specialized for particular functions. Each of these types of servers has unique configuration attributes in hardware or software that help them to perform best best in their particular particular arena.
2.
Print Servers
Print servers allow printers to be shared by other users on the network. Supporting either parallel and/or serial interfaces, a print server accepts print jobs from any person on the network using supported protocols and manages those jobs on each e ach appropriate printer. Print servers generally do not contain a large amount of memory; printers simply store information in a queue. When the desired printer becomes available, they allow the host to transmit the data data to the appropriate appropriate printer port on the server. server. The print server can then simply queue and print each job in the order in which print requests are received, regardless of protocol used or the size of the job.
3.
Multiport Device Servers
Devices that are attached to a network through a multiport device server can be shared between terminals and hosts at both the local site and throughout the network. A single terminal may be connected to several hosts at the same time (in multiple concurrent sessions), and can switch between them. Multiport device servers are also used to network devices that have only serial outputs. A connection between serial ports on different servers is opened, allowing data to move between the two devices. Given its natural translation ability, a multi-protocol multiport device server can perform conversions between the protocols it knows, like LAT and TCP/IP. While server bandwidth is not adequate for large file transfers, it can easily handle host-to-host inquiry/response applications, electronic mailbox checking, etc. And it is far more economical than the alternatives of acquiring expensive host software and special-purpose converters. Multiport
PANKAJ GILL
11/CSE/168
1 3
e g a P
TRAINING REPORT ON CCNA
2013
device and print servers give their users greater flexibility in configuring and managing their networks. Whether it is moving printers and other peripherals from one network to another, expanding the dimensions of interoperability or preparing for growth, multiport device servers can fulfill your needs, all without major rewiring.
4.
Access Servers
While Ethernet is limited to a geographic area, remote users such as traveling sales people need access to network-based resources. Remote LAN access, or remote access, is a popular way to provide provide this connectivity. connectivity. Access servers use telephone services services to link a user or office with an office network. Dial-up remote access solutions such as ISDN or asynchronous dial introduce more flexibility. Dial-up remote access offers both the remote office and the remote user the economy and flexibility of "pay as you go" telephone services. ISDN is a special telephone service that offers three channels, two 64 Kbps "B" channels for user data and a "D" channel for setting up the connection. With ISDN, the B channels can be combined for double bandwidth or separated for different applications or users. With asynchronous remote access, regular telephone lines are combined with modems and remote access servers to allow users and networks to dial anywhere in the world and have data access. Remote access servers provide connection points for both dial-in and dial-out applications on the network to which they are attached. These hybrid devices route and filter protocols and offer other services such as modem pooling and terminal/printer services. For the remote PC user, one can connect from any available telephone jack (RJ45), including those in a hotel rooms or on most airplanes.
5.
Network Time Servers
A network time server is a server specialized in the handling of timing information from sources such as satellites or radio broadcasts and is capable of providing this timing data to its attached network. Specialized protocols such as NTP or udp/time allow a time server to communicate to other network nodes ensuring that activities that must be coordinated according to their time of execution are synchronized correctly. GPS satellites are one source of information that can allow global installations to achieve constant timing.
2 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 9
2013
IP Addressing
An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP network. An IP address is a 32 bit binary number usually represented as 4 decimal values, each representing 8 bits, in the range 0 to 255 (known as octets) separated by decimal points. This is known as "dotted decimal" notation. Example:
140.179.220.200
It is sometimes useful to view the values in their binary form. 140 .179 .220 .200 10001100.10110011.11011100.11001000
Every IP address consists of two parts, one identifying the network and one identifying the node. The Class of the address and the subnet mask determine which part belongs to the network address and which part belongs to the node address.
Address Classes: There are 5 different address classes. You can determine which class any IP address is in by examining the first 4 bits of the IP address. Class A addresses begin with 0xxx, or 1 to 126 decimal. Class B addresses begin with 10xx, or 128 to 191 decimal, because 127 is loopback address. Class C addresses begin with 110x, or 192 to 223 decimal. Class D addresses begin with 1110, or 224 to 239 decimal. Class E addresses begin with 1111, or 240 to 254 decimal.
Addresses beginning with 01111111, or 127 decimal, are reserved for loopback and for internal testing on a local machine. [You can test this: you should always be able to ping 127.0.0.1, which points to yourself] Class D addresses are reserved for multicasting. Class E addresses are reserved for future use. They should not be used for host addresses. Now we can see how the Class determines, by default, which part of the IP address belongs
3 3
to the network (N) and which part belongs to the node (n).
PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Class Class A -- NNNNNNNN. NNNNNNNN.nnnnn nnnnnnnn. nnn.nnnn nnnnnnn.n nnn.nnnnn nnnnnn nn Class Class B -- NNNNNNNN. NNNNNNNN.NNNN NNNNNNNN. NNNN.nnnn nnnnnnnn nnnn.nnnn .nnnnnnnn nnnn Class C -- NNNNNNNN.NNNNNNNN.NNNNN NNNNNNNN.NNNNNNNN.NNNNNNNN.nnnnnnnn NNN.nnnnnnnn In the example, 140.179.220.200 is a Class B address so by default the Network part of the address (also known as the Network Address) is defined by the first two octets (140.179.x.x) and the node part is defined by the last 2 octets (x.x.220.200). In order to specify the network address for a given IP address, the node section is set to all "0"s. In our example, 140.179.0.0 specifies the network address for 140.179.220.200. When the node section is set to all "1"s, it specifies a broadcast that is sent to all hosts on the network. 140.179.255.255 specifies the example broadcast address. Note that this is true regardless of the length of the node no de section.
Private Subnets There are three IP network addresses reserved for private networks. The addresses are 10.0.0.0/8, 172.16.0.0/12, and 192.168.0.0/16. They can be used by anyone setting up internal IP networks, such such as a lab or home LAN behind a NAT or proxy server or a router. It is always safe to use these because routers on the Internet will never forward packets coming from these addresses. Subnetting an IP Network can be done for a variety of reasons, including organization, use of different physical media (such as Ethernet, FDDI, FDDI, WAN, etc.), preservation of address address space, and security. The most common reason is to control network traffic. In an Ethernet network, all nodes on a segment segment see all the the packets transmitted transmitted by all the other other nodes on that segment. Performance can be adversely affected under heavy traffic loads, due to collisions and the resulting retransmissions. A router is used to connect IP networks to minimize the amount of traffic each segment must receive.
Subnet Masking Applying a subnet mask to an IP address address allows you to identify the network network and node parts of the address. The network bits are represented by the 1s in the mask, and the node bits are represented by the 0s. Performing a bitwise logical AND operation between the IP address and the subnet mask results in the Network Address or Number. For example, using our test test IP address and the the default Class B subnet subnet mask, we get: 10001100.10110011.11110000.11001000 140.179.240.200 Class B IP Address 11111111.11111111.00000000.00000000 255.255.000.000 Default Class B Subnet Mask 10001100.10110011.00000000.00000000 140.179.000.000 Network Address
PANKAJ GILL
4 3 11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Default subnet masks •
Clas Classs A - 255. 255.0. 0.0. 0.0 0
- 1111 111111 1111 11.0 .000 0000 0000 000. 0.00 0000 0000 0000 00.0 .000 0000 0000 000 0
•
Class Class B - 255.25 255.255.0 5.0.0 .0 - 111111 11111111. 11.111 111111 11111. 11.000 000000 00000. 00.000 000000 00000 00
•
Clas lass C - 255. 255.25 255. 5.25 255. 5.0 0
- 1111 11111 1111. 111.1 1111 111111 1111.11 1.1111 1111 1111 11.0 .00 00000 000000 00
CIDR -- Classless Classless InterDomai InterDomain n Routing. Routing. CIDR was invented several years ago to keep the internet from running out of IP addresses. The "classful" system of allocating IP addresses can can be very wasteful; wasteful; anyone who could reasonably show a need for more that 254 host addresses was given a Class B address block of 65533 host addresses. Even more wasteful were companies and organizations that were allocated Class A address blocks, which contain contain over 16 Million host addresses! addresses! Only a tiny percentage of the allocated Class A and Class B address space has ever been actually assigned to a host computer on the Internet. People realized that that addresses could be be conserved if the class system was eliminated. By By accurately allocating only the amount of address space that was actually needed, the address space crisis could be avoided for many years. This was first proposed in 1992 as a scheme called Supernetting. The use of a CIDR notated address is the same as for a Classful address. address. Classful Classful addresses can easily be written in CIDR notation (Class A = /8, Class B = /16, and Class C = /24) It is currently almost almost impossible impossible for an individual individual or company to be allocated their own own IP address blocks. You will simply be told to get them from your ISP. The reason for this is the ever-growing size of the internet routing table. Just 5 years ago, there were less than 5000 network routes in the entire Internet. Today, there are over 90,000. Using CIDR, the biggest ISPs are allocated large chunks of address space (usually with a subnet mask of /19 or even smaller); the ISP's customers (often other, smaller ISPs) are then allocated networks from the big ISP's pool. That way, all the big ISP's customers (and their customers, and so on) are accessible
via
1
network
route
on
the
Internet.
It is expected that CIDR will keep the Internet happily in IP addresses for the next few years at least. After that, IPv6, with 128 bit addresses, will be needed. Under IPv6, even sloppy address allocation would comfortably allow a billion unique IP addresses for every person on earth
5 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
1. 10 1.
2013
Examin iniing your Ne Network with Commands
PING
PING is used to check for a response from another computer on the network. It can tell you a great deal of information about the status of the network and the computers you are communicating with.Ping returns different responses depending on the computer in question. The responses are similar depending on the options used. Ping uses IP to request request a response response from the the host. It does not use TCP. It takes its name from a subma submarin rine e sonar sonar sear search ch - you send send a shor shortt sound sound burs burstt and and liste listen n for for an ech echo o - a ping ping coming back. In an IP network network,, `ping' `ping' sends sends a short short data data burst burst - a single single packet packet - and listen listenss for a single single packet in reply. Since this tests the most basic function of an IP network (delivery of single packet), it's easy to see how you can learn a lot from some `pings'. To stop stop ping, ping, Press Press Ctrl+C. This terminates the program and prints out a nice summary of the number of packets transmitted, the number received, and the percentage of packets lost, plus the minimum, average, and maximum round-trip times of the packets. Sample Sample PING PING sessio session n
6 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
The Time To Live (TTL) field can be interesting. The main purpose of this is so that a packet doesn't live forever on the network and will eventually die when it is deemed "lost." But for us, it provides additional information. We can use the TTL to determine approximately how many router hops the the packet has gone through. through. In this case it's 255 minus minus N hops, where N is the TTL of the returning Echo Replies. If the TTL field varies in successive pings, it could indicate that the successive reply packets are going via different routes, which isn't a great g reat thing. The time field is an indication of the round-trip time to get a packet to the remote host. The reply is measured in milliseconds. In general, it's best if round-trip times are under 200 milliseconds. The time it takes a packet to reach its destination is called latency. If you see a large variance in the round-trip times (which is called "jitter"), you are going to see poor performance talking to the host 2.
NSLOOKUP
NSLOOKUP is an application that facilitates looking up hostnames on the network. It can reveal the IP address of a host or, using the IP address, return the host name. It is very important when troubleshooting problems on a network that you can verify the components of the networking networking process. Nslookup allows allows this by revealing details within the infrastructure. 3.
NETSTAT
NETSTAT is used to look up the various active connections within a computer. It is helpful to understand what computers or networks you are connected to. This allows you to further investigate problems. One host may be responding well but another may be less responsive. 4.
IPconfig
This is a Microsoft windows NT, 2000 command. It is very useful in determining what could be wrong with a network. network. This command when used with the /all switch, reveal enormous amounts of troubleshooting troubleshooting information within within the system. Windows 2000 IP Configuration Configuration
7 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
6.
2013
Traceroute
Traceroute on Unix and Linux (or tracert in the Microsoft world) attempts to trace the current network path path to a destination. Here Here is an example of a traceroute traceroute run to www.berkeley.edu: $ traceroute www.berkeley.edu traceroute to amber.Berkeley.EDU (128.32.25.12), 30 hops max, 40 byte packets 1 sf1-e3.wired.net (206.221.193.1) 3.135 ms 3.021 ms 3.616 ms 2 sf0-e2s2.wired.net (205.227.206.33) (205.227.206.33) 1.829 ms 3.886 ms 2.772 ms 3 paloalto-cr10.bbnplanet.net paloalto-cr10.bbnplanet.net (131.119.26.105) 5.327 ms 4.597 ms 5.729 ms 4 paloalto-br1.bbnplanet.net paloalto-br1.bbnplanet.net (131.119.0.193) 4.842 ms 4.615 ms 3.425 ms 5 sl-sj-2.sprintlink.net (4.0.1.66) 7.488 ms 38.804 ms 7.708 ms 6 144.232.8.81 (144.232.8.81) (144.232.8.81) 6.560 ms 6.631 ms 6.565 ms 7 144.232.4.97 (144.232.4.97) 7.638 ms 7.948 ms 8.129 ms 8 144.228.146.50 (144.228.146.50) 9.504 ms 12.684 ms 16.648 ms 9 f5-0.inr-666-eva.berkeley.edu f5-0.inr-666-eva.berkeley.edu (198.128.16.21) 9.762 ms 10.611 ms 10.403 ms 10 f0-0.inr-107-eva.Berkeley.EDU f0-0.inr-107-eva.Berkeley.EDU (128.32.2.1) 11.478 ms 10.868 ms 9.367 ms 11 f8-0.inr-100-eva.Berkeley.EDU (128.32.235.100) (128.32.235.100) 10.738 ms 11.693 ms 12.520 ms
8 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT CCNA T RAINING
2. DNS 2 .1 2 .2 2 .3 2 .4 2 .5 2 .6
Introduction Operations DNS Server Installation DNS Server Configuration Managing DNS Records Disabling DNS Recursion
40 43 46 50 54 58
9 3 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT O CCNA
2. 1
2013
Introd ction
The Domain Name System ( NS) is is a hier hierar arch chic ica al dis distri tribut buted nami namin ng sys sys em for computers, services, or any resource c nnected to the Internet or a private net ork. It associates various information with do ain nam names assign signe ed to eac each of the part partic icip ip ting entities. Most prom promin inen entl tly, y, it tran transl sla ates tes ea ea sily memorized domain names to the num erical erical IP addres addresses ses needed for the purpose of lo ati ating comp comput uter er ser services ices and and devic evices es wor world ide. By providing a worldwide, distributed keyw rd-based redirection service, the Domain ame System is an essential component of the f nctional nctionality ity of the Internet. Internet. An often-used analogy to ex lain the Domain Name System is that it s rves rves as as the the phone phone book for the Internet by tran slating hu human-f n-friendly co computer hostname into IP addresses. For example, the domain name www.example.com translates o the addresses 93.184.216.119 (IPv4) and 606:2800:22 606:2800:220:6d: 0:6d:26bf: 26bf:1447:1 1447:1097:a 097:aa7 a7 (IPv6). Unlike a phone book book,, the the DNS can can be be qui quicc ly updated, allowing a service's location n the network to change change witho without ut affec affectin ting g th end users, who continue to use the same host name. Users take advantage of this when they use meaningful Uniform Resource Loc tors tors (URL (URLs) s),, and and email mail addr address esses es withou withoutt havi havin n g to know how the the computer computer actuall actuallyy locate the services.
Domain name space The domain name space con sists sists of a tree of domai domain n names. names. Each node or leaf in the tree has zero or more resource ecords, which which hold hold informa information tion associat associate e with the domain name. The tree sub-divides in to zones beginning beginning at the the root zone. A DNS one may consist consist of only one domain, or may c nsist of many domains and sub-domains, depending on the administrative authority dele ated to the manager.
The hierarchi hierarchical cal Domain Name Name System System,, organi organized zed into into zones, zones, each each serve served d by a na e server
PANKAJ GILL
11/CSE/168
0 4
e g a P
TRAINING REPORT ON CCNA
2013
Administrative responsibility over any zone may be divided by creating additional zones. Authority is said to be delegated for a portion of the old space, usually in the form of subdomains, to another name server and administrative entity. The old zone ceases to be authoritative for the new zone.
Domain name syntax The definitiv definitive e descripti descriptions ons of the rules rules for formin forming g domain domain names names appear appear in RFC 1035, 1035, RFC 1123, and and RFC 2181. 2181. A domain domain name consists consists of one one or more parts, parts, technica technically lly called called labels, that are conventionally concatenated, and delimited by dots, such as example.com. •
•
•
•
•
The right-most label conveys the top-level domain; for example, example, the domain name name www.example.com belongs www.example.com belongs to the top-level top -level domain com. The hierarchy of domains domains descends from right to left; each label to the the left specifies a subdivisio subdivision, n, or subdomain subdomain of the domain domain to to the right right.. For example example:: the label label example specifies a subdomain of the com domain, and www is a sub domain of example.com. This tree tree of subdivisions subdivisions may have up to 127 levels. Each label may contain up to 63 characters. The full domain name may not exceed the length of 253 characters in its textual representation. In the internal binary representation of the DNS the maximum length requ ires 255 octets of storage, since it also stores stores the length length of the name. In practic practice, e, some domain domain registries registries may have shorter limits. DNS names may technically consist of any character representable in an octet. However, the allowed formulation of domain names in the DNS root zone, and most other sub domains, uses a preferred format and character set. The characters allowed in a label are a subset of the the ASCII character set, and includes the characters characters a through z , A through Z , digits 0 through 9 , and the hyphen. This rule is known as the LDH rule (letters, digits, hyphen). Domain names are interpreted in caseindependen independentt manner. manner. Labels may not start start or end with a hyphen. hyphen. There is an additional rule that essentially requires that top-level domain names not be allnumeric. A hostna hostname me is a doma domain in name name that that has at at least least one one IP addr address ess asso associa ciated ted.. For example, the domain names www.example.com www.example.com and example.com are also hostnames, whereas com is not.
Internationalized domain names The limited set of ASCII characters permitted in the DNS prevented the representation of names and words of many languages in their native alphabets or scripts. To make this possib possible, le, ICANN ICANN appro approved ved the Intern Internati ationa onali lizin zing g Doma Domain in Names Names in Appli Applicat cation ionss (IDNA (IDNA)) system, system, by which which user applicati applications, ons, such such as web browsers browsers,, map Unicode Unicode strings strings into into the valid DNS character character set using Punycode. In 2009 2009 ICANN approved approved the installation installation of internationalized internationalized domain name country country code top-level domains. In addition, addition, many registries of the existing top level domain names (TLD)s have adopted the IDNA system.
PANKAJ GILL
11/CSE/168
1 4
e g a P
TRAINING REPORT ON CCNA
2013
Name servers The Domain Name System System is maintained by a distributed database system, which which uses the client-server model. The nodes of this database database are the name servers. Each domain domain has at least one authoritative DNS server that publishes information about that domain and the name servers of any domains subordinate to it. The top of the hierarchy is served by the root name servers, the servers to query when looking up ( resolving) a TLD.
2 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT O CCNA
2. 2
2013
Opera ions
Address resolution mechanism Domain name resolvers det rmin rmine e the the appr approp opri riat ate e doma domain in name name serv serv rs responsible for the doma domain in name name in in questi questio o n by a sequ sequenc ence e of querie queriess star startin ting g with with t e right-most (toplevel) domain label.
A DNS recursor cons lts three name servers to resolve the address www.wikipe ia.org. ia.org.
The process entails: 1. A network host is co nfigured with an initial cache (so called hi nts) of the known addresses addresses of the the roo roo name servers. Such a hint file is updated periodically by an administrator from a eliable source. 2. A query to one of th root root server serverss to fin find d the serve serverr author authorita itati ti e for the top-level domain. 3. A query to the obtain ed TLD TLD serve serverr for for the the addre address ss of of a DNS DNS serv serv r authoritative authoritativ e for the second-level dom in. 4. Repetition of the previous step to process each domain name labe l in sequence, until the final step which re turns the IP address of the host sought. The diagram illustrates this p ocess for the host www.wikipedia.org. www.wikipedia.org. The The mec mecha hani nissm in in thi thiss sim le form would place a large rge operating b rden on the root servers, servers, with with every every search search fo an addre address ss starti starting ng by queryi querying ng one of the m. Being as critical as they are to the overall function of the system, such heavy use would create an insu insurm rmou ount ntab able le b bot ottl tlen enec eckk f r trillions of queries placed every day. In prac practi tice ce cach cachin ing g is used in DNS servers to overc ome ome thi thiss pro probl blem em,, and and as a res resul ult, t, root root na e servers actually are involved involved with with very very little little o the total traffic.
3 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
DNS resolvers The client-side of the DNS is called a DNS resolver. It is responsible for initiating and sequencing the queries that ultimately lead to a full resolution (translation) of the resource sought, e.g., translation of a domain name into an IP address. A DNS query may be either a non-recursive query or a recursive query: •
•
A non-recursive query is one in which the DNS server provides a record for a domain for which it is authoritative itself, or it provides a partial result without querying other servers. A recursive query is one for which the DNS server will fully answer the query (or give an error) by querying other name servers as needed. DNS servers are not required to support recursive queries.
The resolver, or another DNS server acting recursively on behalf of the resolver, negotiates use of recursive service using bits in the query headers. Resolving usually entails iterating through several name servers to find the needed information. However, some resolvers function more simply by communicating only with a single name server. These simple resolvers (called "stub resolvers") rely on a recursive name server to perform the work of finding information information for them.
Reverse lookup A reverse lookup is a query of the DNS for domain names when the IP address is known. Multiple domain names may be associated with an IP address. The DNS stores IP addresses in the form of domain names as specially formatted names in pointer (PTR) records within the infrastructure infrastructure top-level domain arpa. For IPv4, the domain is in-addr.arpa. For IPv6, the the reverse lookup domain is ip6.arpa. The IP address address is represented represented as a name in reversereverseordered octet representation for IPv4, and reverse-ordered nibble representation for IPv6. When performing a reverse lookup, the DNS client converts the address into these formats before querying the name for a PTR record following the delegation chain as for any DNS query. For example, assuming the IPv4 address 208.80.152.2 is assigned to Wikimedia, it is represented as a DNS name in reverse order: 2.152.80.208.in-addr.arpa. When the DNS resolver gets a pointer (PTR) request, it begins by querying the root servers, which point to the servers of American Registry for Internet Numbers Numbers (ARIN) for for the 208.in-addr.arpa 208.in-addr.arpa zone. ARIN's servers delegate 152.80.208.in-addr.arpa to Wikimedia to which the resolver sends another query for 2.152.80.208.in-addr.arpa, which results in an authoritative response.
4 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT O CCNA
2013
Client lookup
DNS resolution sequence
Users generally do not com unic unicat ate e dire direct ctly ly with with a DNS DNS reso resolv lver er.. Inst Inst ad DNS resolution takes place transparently in appli applicat cation ionss such as as web brows browsers ers,, e-m e-mail ail clients, and other Internet applications. When an appl applica icatio tion n makes makes a reques requestt that that requ requir ir es a domain name lookup, such programs send a resoluti resolution on reques requestt to the DNS resolv resolver er in the local operating system, system, which which in in turn turn handle handle the communications required.
5 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2. 3
2013
DNS SERVER INSTALLATION
To install a DNS server from the Control Panel, follow these steps:
From the Start menu, select Administrative Tools --> Server Manager .
6 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Expand and click Roles from the left window. Choose Add Roles
7 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Follow the wizard by selecting the DNS Server role (leave any previously checked items checked)
Click NEXT and then INSTALL to install install DNS in Windows Server 2008
8 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
9 4 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2. 4
2013
DNS SERVER CONFIGURATION
From the Start menu, select Administrative Tools --> DNS to open the DNS console.
0 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Highlight your computer name and choose Configure a DNS Server to launch the Configure DNS Server Wizard.
Click NEXT and then select the first option, Create a Forward lookup zone
On the next screen, leave the default option selected, This Server maintains the zone, and click NEXT
PANKAJ GILL
11/CSE/168
1 5
e g a P
TRAINING REPORT ON CCNA
2013
Now you will need to enter the domain name that that you want to create your first zone file for. We are using "example.com" in this tutorial:
Click NEXT, and NEXT again on the next two screens
2 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
On the Forwarders screen, select the option " No, it should not forward queries queries"
3 5
Click FINISH
PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2. 5
2013
MANAGING DNS RECORDS
There are many types of DNS records, this is a basic tutorial and will show you how to point your domain name to the IP address you assigned to your web site via an A record. You can also create other types of DNS records (MX, CNAME,etc) in a similar fashion. In DNS Manager , expand your server name, then expand the 'Forward Lookup Zones' , right-click on your domain name and select Properties
4 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Click on the Start of Authority (SOA) tab . The SOA resource record is always the first record in a DNS zone. Set the Primary Server to your primary nameserver:
Next, click on the Name Servers tab. Remove anything currently listed, and click Add and ent enter er your your namese nameserve rvers rs (i.e. (i.e. ns1.yourdomain.com , ns2.yourdomain.com) ns2.yourdomain.com)
5 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
When done, click OK to close the window. You are now ready to set up your zone records. Right-click on your domain name under Forward Lookup Zones, and select New Host (A or AAAA)...
6 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Leave the Name field blank, and under IP Address, enter the IP address you configured for this web site in IIS, and click Add Host .
You will most likely also want to make a record for 'www', so repeat the above step but this time instead of leaving the Name field blank, enter www in that field:
7 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2. 6
2013
DISABLE DNS RECURSION
The final step you'll want to perform is to disable DNS recursion. This will help secure your server from a variety of DNS recursion attacks. To disable recursion, right-click on your DNS server and go to ' Properties'. Click the ' Advanced' tab. Then check the box labeled " Disable recursion "
You have now set up DNS in Windows Server 2008 and have set up DNS records for your domain name.
You can create additional DNS records as needed (MX, CNAME, etc) by right-clicking on the domain under Forward Lookup Zones and selecting the appropriate type of record you wish to create.You can test that your DNS server is properly serving DNS from a Windows command prompt, by using the nslookup command in this format: nslookup example.com ns1.yourdomain.com
PANKAJ GILL
11/CSE/168
8 5
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT CCNA T RAINING
3. LAN SOLUTION 3.1 3 .2 3 .3 3 .4
LA LAN Solution Specification Sheet Router Routing Protocols
60 62 64 69
9 5 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
3. 1
2013
LAN SOLUTION
Customer Requirement There is a compan pany, which ha has 2 of offices. And the offices are 200 me meters ap apart. The conn connec ecti tivi vity ty be bettwe ween en these ese two two offic ffices es is the main ain req equi uirrem emen entt to be ful fulfill fille ed. In eac each office off ice there there are three three dif differ ferent ent depar departme tments nts each each depar departm tment ent at dif differ ferent ent flo floor. or. In buil buildi ding ng Ist At each each flo floor or there there are 20 users users and and also also at 3 rd floor floor there are 2 Servers. In buil buildi ding ng IInd IInd st At floor 1 and 2nd ther there e are are 20 user userss each each.. And And at at 3 rd floor there there are 40 users. users. •
•
•
•
•
The bandwidth requirement of each user is 100 Mbps while the bandwidth requ requir irem emen entt for for the the serve erverr is 1 Gbps Gbps.. All floors must be connected to a central switch to be placed at IInd floor in office 2nd. And conn connect ectivi ivity ty shoul should d be via optica opticall fib fiber. er. Every Everywh wher ere e cabling.
ther there e
shou should ld
be be
stru struct ctur ured ed
Every switch should be provide with one GBIC slot for future connectivity of server. Every Every where where smart smart and manag managed ed switch switch shoul should d be used.
Solution By look ooking ing at the req equi uirrem emen entt it is clea clearr that hat we requ requir ire e a swit witch that hat has has got got 20 port orts and also also 2 GBIC GBIC slots lots (one (one for for opti optica call fibe fiberr conn connec ecti tivi vity ty and and one one free free slot slot is dema demand nded ed for for futu future re use). Keeping this point into consideration we can use HCL 24 Port Managed Stackable Swit Sw itch ch as as this this swit switch ch has has got got 24 por ports ts and and 2 GBIC GBIC slot slotss and and this this swit switch ch is mana manage ged d swi switc tch h also. And And with with this this 24 port port swit switch ch we will will use use 24 24 por portt HCL HCL made made Patc Patch h Pan Panel el And for for conne onnecctiv tivity ity of patc patch h pane anel with ith swit switch ch we req equi uirre 3 ft Patch tch Cord. ord. As str struct ucture ured cabling is mu must so we require UTP cable and I/O box and to connect PC PCs with I/O box we requir require e 7ft Patch Patch Cord. Cord. Here ere we will will use use Cat5e t5e UTP UTP cabl cable e be beca caus use e ban bandwidth idth req equi uire rem men entt is 100 100 Mbps bps This his trend rend of connecting the users to the switch will be followed at each and every floor but at floor 3rd of building IInd there are 40 user so here instead of 1 switch we require 2 switches.
PANKAJ GILL
11/CSE/168
0 6
e g a P
TRAINING REPORT ON CCNA
2013
At 3rd floor of building 1 st 2 servers ers are also presen esentt whose bandwidth requirem eme ent is 1Gbps. So now we have two options either to connect with UTP cable or Fiber optic cable. But here we will use fiber optic as we are already us using it so thee is no no need to waste money on UTP Cat 6 Cable. So here we will si simply use the fiber optic pa patch co cord to connec connectt the server server to switc switch. h. Now only one thing is left i.e. connect ection of switches to a cen central switch placed at 2 nd floor of IInd IInd buil buildi ding ng.. As the connection requirement is via optical fiber so we at central location we require a switch itch hav having ing all all its its port orts as GBI GBIC slots lots and no of por ports shoul hould d not not be more tha than 8 as the here re are are only only 7 24 port port swit switch ches es in use use (on (one e opti optica call cabl cable e line line from from each each swit switch ch)) Now he Now here re as the the dis distanc tance e be betw twee een n the two two offi office cess is only only 200 200 mete eters so he herre we will will use use multimode optical fiber and that too FX type and as the cable is to be laid in open so outdoor armored armored cable cable will be use. The connec connectiv tivity ity diagr diagram, am, the the bill bill of of mater material ial and and the specif specifica icatio tion n sheet sheet for the soluti solution on is give given n in the the foll follow owin ing g page pages. s.
1 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
3.2
2013
Spe Sp eci cifficat atiion She heet et
HCL-24TMS-2S-W HCL HCL 24 Port Mana Manage ged d Stac Stacka kabl ble e Swit Switch ch IEEE802.3 2.3 (Ether (Ethernet net)) , IEEE80 IEEE802.3 2.3a a (Fast (Fast Ethern Ethernet) et),, IEEE80 IEEE802.2 2.2ab ab (Giga (Gigabit bit STANDARDS- IEEE80 Ethernet) Ethernet),, IEEE802.3z IEEE802.3z (1000Bas (1000Base e SX/LX) port auto auto negoti negotiat ation ion 10 base base T/100 T/100 base base TX PORTS- 24 port 2optional 2optional modular modular expansion expansion ports (1000 base-T, base-T, 1000 baseLX baseLX/SX/F /SX/FX) X) MAC MAC Addresse ddressess- 4K BANDWIDTH- 12Gbps SWITCHING SWITCHING RATE- 6.6Mbps SNMP(S SNMP(Simp imple le Network Network Manage Managemen mentt Protoco Protocol) l) - Yes, Yes, and suppo supports rts RFC115 RFC1157 7 WEB MANAGEABLE MANAGEABLE-- Yes
PC-C305-E CAT CAT 5 e CABL CABLE E Enha Enhanc nced ed CAT CAT 5 350 350 MHz MHz UTP UTP Bulk Bulk Cabl Cable e 4 Pairs Solid Sol id Grey Grey Length Len gth:: 305 Meters Meters
PC-JP24-E PATCH PATCH PANEL PANEL Unsh Unshie ield lded ed 24 Port Port RJ-4 RJ-45 5 jack jack for for perfo perform rman ance ce @ rate rated d 100 100 Mbps Mbps Full Fullyy Co Comp mpli lied ed to e CAT CAT 5 T568 T568A/ A/B B sta standar ndards ds 1.6mm metallic Patch Panel 19'' Rack Mount frame 1U Fully powder coated Black
PC-MC3-GE 3 ft. ft. patc patch h cord cord 3 ft. Enha Enhanc nce e CAT.5 T.5 350 MHz Grey Grey Patc Patch h Co Cord rd UTP twist twisted ed pair pair with with Black Black Snagle Snagless ss Flange Flange Boot Boot
PC-MC7-GE 7 ft. ft. patc patch h cord cord 7 ft. Enha Enhanc nce e CAT.5 T.5 350 MHz Grey Grey Patc Patch h Co Cord rd UTP twist twisted ed pair pair with with Black Black Snagle Snagless ss Flange Flange Boot Boot .
PF-CM6-A-OM2 Outd Outdoo oorr armo armour ured ed Fibe Fiberr optic optic cabl cable e - Multi Multimo mode de Corrugated steel tape armoured cable construction Construction: Corrugated Multimode Multimode – 62.5/125µ 62.5/125µm m cable No of Core ores – 6 fibre core cables. Length- 1 meter
PANKAJ GILL
2 6 11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
PF-PMSC-SC-3D-50 SC-SC SC-SC Duplex Duplex Patch Patch cord cord Multim Multimode ode 50/125µm Multi Multi mode Patc Patch h Cord Cordss cabl cable e – 50/125µm Patch Patch Cord Cordss conn connec ecto tors rs – SC/ST SC/ST Connec Connector torss MM patch patch cor cords ds OFC OFC Patc Patch h cord cord is dupl duplex ex type type of 3mtr 3mtrss leng length th
PF-COSC-M SC Conn Connec ecto torr Multi Multi mode mode Pull -- Push ush type type Easy Easy conne connecti ction on & disco disconne nnectio ction n – Pull
PF-CPSC-M SC Coup Couple lerr – mm (Incl (Includ uded ed in the the Fiber iber Patc Patch h Pane Panel) l) Low Low Inse Insert rtio ion n loss loss Type – SC - SC type
PF-LIU-12U 12 Core Core LIU LIU ( Line ine Inser nserti tion on Unit Unit ) Wall Wall mount mount 12 way way Fib Fibre re Jack Jack Panel Panel Base Base Unit Unit + 12 MM SC couple couplers rs with with pan panel el
PF-LIU-6U 6 Core Core LIU LIU (Lin (Line e Inse Insert rtio ion n Unit Unit)) Wall Wall moun mountt 6 way way Fibr Fibre e Jack ack Pane Panell Base Base Unit Unit + 6 MM SC coup couple lers rs with with pan panel el..
3 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
3. 3
2013
ROUTER
ROUTER ROUTER INTERNAL COMPONENT COMPONENTS S Like Like a com compute puter, r, a rout router er has has a CPU tha that var varies ies in perf perfor orma manc nce e and and capa capabi bili liti ties es depe depend ndin ing g upon upon rout router er plat platfo form rm.. It has has typi typica call llyy 4 type typess of mem emor oryy in it.: it.: used to stor store e the the rout router er’s ’s boot bootst stra rap p star startu tup p prog progra ram, m, oper operat atin ing g syst system em soft softwa ware re,, ROM- It is used and power-on -on diagnostic tests programs. We can also upgrade our ROM FLASH MEMORY- It holds operating systems image(s). Flash memory is erasable, rep eprrogra ogram mmabl mable e ROM ROM. Our Our IOS softwar tware e is pres presen entt in this his me mem mory ory and we can can upg upgrad rade it also also.. Flas Flash h cont conten entt is reta retain ined ed even even when when we swit switch ch off off or rest restar artt the the rout router er..
used to stor store e oper operat atio iona nall info inform rmat atio ion n such such as rout routin ing g tabl tables es,, rout router er’s ’s runn runnin ing g RAM- It is used config configura urati tion on file. file. RAM also also provi provides des cachin caching g and and packet packet buffer buffering ing capabi capabilit lities ies.. Its conten contentt is los lost whe hen n we switc witch h off or rest estart art the rou routter. er. Whe When we con confi fig gure ure the rout outer at tha that tim time actu actual ally ly we are are writ writin ing g in RAM. RAM. used to store tore the the rout router er’s ’s start tartup up conf config igur urat atio ion n file file.. It does does not not los lose data data when when NVRAM - It is used powe powerr is swit switch ched ed off. off. So the the cont conten ents ts of star startu tup p ccon onfi figu gura rati tion on file filess are are mai maint ntai aine ned d even even when when we swi switc tch h off off or res resta tart rt the the rout router er..
ROUTER’S ROUTER’S NETWORK NETWORK INTERFACES INTERFACES
are confi configu gure red d to allo allow w conn connect ectio ion n to a LAN. LAN. Synchronous Ether Etherne nett or Toke Token n Ring Ring inte interfa rface ce are serial serial interf interface acess are conf ISDN BR BRII inte interf rfa aces ces are configu igured red to allow allow conn connect ection ionss to WANs. WANs. ISDN
conf config igur ured ed to allo allow w conn connec ecti tion on to an ISDN ISDN WAN. WAN. All ci cisco routers have a console port that that provid provides es an EIA/TIA EIA/TIA-232 -232 asynch asynchro ronou nouss seri serial al conn connec ecti tion on.. Co Cons nsol ole e port port can can be conn connec ecte ted d to comp comput uter erss seri serial al conn connec ecti tion on to gain gain terminal terminal access access to router. router. Most Most rout outers ers als also hav have an auxili hat is ver very sim imil ila ar to cons onsole ole port ort but, is typi typica call llyy auxiliary ary port port that used for modem modem connection for remote remote router management.
4 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
CONFIG CONFIGURI URING NG THE RO ROUTE UTER R
There There are three three method methodss for confi configu gurin ring g the the router: router: 1) Through console port:- The console port is used for configuring a router locally with the help of a PC or a Laptop. The console port of of the router is co connect ected to the seri erial i.e i.e COM COM port port of the the rout router er.. The The deta detail iled ed conf config igur urat atio ion n is give given n in the the sect sectio ion. n. 2) Through the AUX po port:- The aux ( a au uxiliary ) port is ac accessed from a mo modem located fara faraw way from from a rou router ter throu hrough gh the the PSTN PSTN ( Publ Publiic Swit witched ched Tele Teleph pho one Netwo etwork rk ) and and the configurat configuration ion is done.
3) Through Telnet:- Line vty ( virtual terminal ) 0 to 4 are used for the config configuri uring ng the rout router er by tel telne net. t.
Conf Config igur urin ing g Route Routerr thro throug ugh h Cons Consol ole e port port console e sessio session n and We use use Hyper yperTe Terrmina inal Prog Progra ram m to ope pen n a consol and log log int into the the rout router er loca locall lly. y. This console con connection allows to connect to and to communicate with router without having to connect to the network to which it belongs. Now, the PC becomes the console that allows to en entter commands and communicate directl ctly with the router. To set up a cons consol ole e sessi session on,, we use use the the work workst stat atio ion’ n’ss Windo Windows ws Hype HyperT rTer ermi mina nall (ter (termi mina nall em emul ulat atio ion) n) prog progra ram m. Now firs firstt of all all we con config figure ure the COM port ort sett ettings ings,, the hen n log log into nto the router uter to intera interact ct with with the IOS comman command d line line inter interfac face e (CLI) (CLI).. These These are are the com port port setti settings ngs::
5 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
9600 8 N 1 On/off After fter pres presssing en ente terr or OK to acc ccep eptt thes these e set settin tings, we cam came acros crosss a blan blankk windo indow w. Thi This is a sess sessio ion n wind window ow.. The Following steps are adopted to access a router through the console port with a Windows Windows based based PC. PC. Access Hyper terminal:- Start Menu Communication Hyperterminal
Programs
Accessories
Connec Connectt to the device device of the PC
6 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
COM 1 Setti Setting ng
Hyper terminal terminal Screen Screen
7 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
After fter conn connec ecti ting ng the the rout route er that that will will boot boot and and afte afterr boot bootin ing g the the foll follow owin ing g proc proce edure duress will will be adopted. Router> Router> enable enable
Now autom automati atical cally ly promp promptt asking asking for pass passwor word d wil willl appear appear on on the scree screen n like like this: this: Password: Now No w writ write e passw passwor ord d over over here. here. This This is done done to secu secure re acces accesss to rout router er.. Afte Afterr this this Router# willl appe wil appear ar on the screen screen this this show showss that that we are are in privi privileg leged ed mode mode and and now we try to enter enter in configurat configuration ion mode. mode. Router# Router# configure configure terminal terminal This This is done done to e ente nterr confi configur gurati ation on mode. mode. Now start startss the config configura uratio tion n of router router Now No w we will will assi assign gn IP add addre ress ss to each each and and very very inte interf rfac ace e conne connect cted ed to rout router er.. Subn Subnet et mask mask should should be be given given with with a prope properr care. care. Fol Follow lowing ing steps steps are are to be fol follow lowed: ed: ethernet interface interface: For configur configuring ing ethernet
config terminal terminal Router# config interface etherne ethernett 0 Router (config)# interface address 223.8.1 223.8.151.1 51.1 255.255.25 255.255.255.0 5.0 Router (config-if)# ip address Router (config-if)# no shutdown Router (config-if)# exit serial interface interface: For configur configuring ing serial Router (config)# interface serial 0 Router (config-if)# ip address address 204.204 204.204.7.1 .7.1 255.255.25 255.255.255.0 5.0 Router (config-if)# no shutdown Router (config-if)# exit Router (config)# interface serial 1 Router (config-if)# ip address address 199.6.13.2 199.6.13.2 255.255.25 255.255.255.0 5.0 Router Router (config-if) (config-if)# # no shutdown Router(config-if)# exit
8 6 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
3.4
2013
ROUTING PROTOCOLS
ROUTIN ROUTING G INFORMA INFORMATI TION ON PROTO PROTOCOL COL (RIP) (RIP) RIP RIP is a dyna dynami mic, c, dist distan ance ce vect vector or rout routin ing g prot protoc ocol ol.. RIP RIP uses uses UDP UDP port port 520 520 for for rout route e upda update tes. s. RIP calculates the best route based on hop count. This makes RIP very fast to converge RIP RIP sen ends ds full ull tabl table e upda update tess at reg regula ular inte interv rval alss spe peci cifi fied ed by the the route-u te-up pdate date tim imer er (30 secon econds ds is the defa efault) ult).. This his me mea ans that hat a RIP RIP rou router ter summa ummarrizes izes all rout routes es it know nows alon long classf classful ul bounda boundarie riess and and send sendss the summa summary ry inf inform ormati ation on to all all other other RIP routin routing g devi devices ces.. RIP updat updates es can can contai contain n up to 25 messa messages ges..
RIP RIP TIME TIMERS RS TIMER update timeout
DEFAULT 30 se sec. 180 sec.
for Flush
240 sec.
CONTROLS Interval be between ro route up update advertisements Interval a route should stay 'live' in the routing table. This counter is reset every time the router hears an update this route. How long to wait from the time the route was received to delet del ete e a rout route e (60 (60 seco second ndss afte afterr time timeou out) t)..
The The rout routin ingg-up upda date te time timerr cont contro rols ls the the time time betw betwee een n rout routin ing g upda update tes. s. Defa Defaul ultt is usua usuall llyy 30 secon econds ds,, plus plus a smal smalll rand andom de dellay to prev preve ent all RIP RIP rout outers ers fro from send sendiing upd updates simultaneously. The The rout routee-ti time meou outt time timerr cont contro rols ls when when a rout route e is no long longer er avai availa labl ble. e. The The defa defaul ultt is usua usuall llyy 180 180 seco second nds. s. If a rout router er has has not not seen seen the the rout route e in an upda update te duri during ng this this spec specif ifie ied d inte interv rval al,, it is drop droppe ped d from from the the rout router er's 's anno announ unce ceme ment nts. s. The The rout route e is main mainta tain ined ed long long enou enough gh for for the the rout router er to adve advert rtis ise e the the route oute as down down (hop hop coun countt of 16). 16). The The rout routee-fl flus ush h time timerr cont contro rols ls how how long long befo before re a rout route e is com complet pletel elyy flus flushe hed d from from the the routin routing g table table.. The def defau ault lt setti setting ng is usuall usuallyy 120 second seconds. s.
BASIC BASIC RIP CONFIG CONFIGURA URATIO TION N According to the recollection of InetDaemon, configuring a Cisco router for a basic RIP config configura urati tion on would would look look someth something ing like like this: this: router> enable Password: router# conf t router(config)#interface router(config)#interface ethernet 0 router(config-if)# ip address 192.168.42.1 router(configif)# interface ethernet 1 router(config-if)# ip address 192.168.43.1 router(config-if)# exit router(config)# router rip router(config-router)# network 192.168.42.0 router(config-router)# network 192.168.43.0 router(config-router)# router(config-router)# exit router(config-router)# router(config-router)# ^z router# The example above assumes that the interfaces that will be running RIP have IP addresses on them that fall
PANKAJ GILL
11/CSE/168
9 6
e g a P
TRAINING REPORT ON CCNA
2013
within the 192.168.42.0, and 192.168.43.0 class C ranges.
IGRP •
•
• •
IGRP IGRP is a dist distan ance ce-v -vec ecto torr rout routin ing g prot protoc ocol ol tha that cons consid ider erss a comp compos osit ite e me metr tric ic whic which, h, by defa defaul ult, t, uses uses band bandwi widt dth h and and dela delayy as par paramet ameter erss inst instea ead d of hop hop coun count. t. IGRP IGRP is not limited to the 15-hop limit of RIP. IGRP has a maximum hop limit of 100, by defa defaul ult, t, and and can be conf config igur ured ed to supp suppor ortt a netw networ orkk diamet diameter er of 255. 255. With IGRP, routers usually select paths with a larger minimum-link bandwidth over over path pathss with with a smal smalle lerr hop hop coun count. t. Link Linkss do not not have have a hop hop coun count. t. They They are are exac exactl tlyy one one hop. hop. IGRP IGRP is avail availabl able e only only on Cisco Cisco router routerss IGRP will load-balance traffic if there are several paths with equal cost to the destination
IGRP IGRP send sendss its its rout routin ing g tabl table e to its its neig neighb hbor orss ever everyy 90 seco second nds. s. IGRP IGRP's 's defa defaul ultt upda update te peri period od of 90 seconds is a benefit compared to RIP, which can consume excessive bandwidth when when send sendin ing g upda update tess ever everyy 30 seco second nds. s. IGRP IGRP uses uses an inva invali lid d time timerr to mark mark a rout route e as invalid after 270 seconds (three times the update timer). As with RIP, IGRP uses a flush time timerr to remo remove ve a rout route e from from the the rout routin ing g tabl table; e; the the defa defaul ultt flus flush h time timerr is set set to 630 630 seco second ndss (seven (seven times times the update update period period and more more than than 10 minute minutes). s). If a network goes down or the metric for the network increases, the route is placed in holddown. The router accepts no new changes for the route until the holddown timer expi expirres. es. This This setup tup prev preven ents ts routi outing ng loo loops in the ne netw two ork. rk. The The de defa faul ultt hold holddo dow wn time timerr is 280 second secondss (three (three times times the upda update te timer timer plus plus 10 second seconds) s).. IGRP Timer
Default Time
Update
90 seconds
Invalid
270 seconds
Holddown
280 seconds
Flush
630 seconds
IP ACCE ACCESS SS LIST LIST IP access lists cause a router to discard some packets ets based on criteria defined by the netw networ orkk engi engine neer er.. The The goal oal of thes these e filt filter erss is to prev preven entt unwa unwant nted ed tra traffic ffic in the the netw networ ork— k— whe heth the er to prev preven entt hacker ckerss from from pen ene etra trating ting the netw etwork ork, or just just to prev preven entt em empl ploy oyee eess from using systems that that they they shou should ld not be using using..
0 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Key Key feat featur ures es of acce access ss list lists: s: • Pack Packet etss can can be filt filter ered ed as they they ente enterr an an inte interf rfac ace, e, befo before re the the rou routi ting ng deci decisi sion on.. • Packet cketss can can be filt filter ered ed bef befor ore e the heyy exit exit an inte interf rfa ace, ce, afte afterr the ro routi uting de deci cission. ion. • Deny is the term used in Cisco IOS software to imply that the packet will be filtered. • Permit is the term used in Cisco IOS software to imply that the packe cket will not be filtered. • The filtering logic is configured in the ac access list. • At the en end d of every access list is an implied “deny all traffic” statement. Therefore, if a pack packet et does does not not matc match h any any of your your acces accesss list list stat statem emen ents ts,, it is bloc blocke ked. d. Access lists have two major steps in their logic: matching and action. Matching logic exam examin ines es each each pack packet et and dete determ rmin ines es whet whethe herr it matc matche hess the the access-list stat statem emen ent. t. As soon as an access-list statem statement ent is matche matched, d, there there are two action actionss to choose choose from: from: deny deny and perm pe rmit it.. Deny Deny mea means ns to disc disca ard the p pa acket cket,, and perm permit it implie pliess that hat the pack packet et shoul hould d contin continue ue on its its way. way.
1 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT CCNA T RAINING
4. FIREWALL 4 .1 4 .2
Introduction Configuring the Firewall
73 74
2 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
4. 1
2013
INTRODUCTION
As the limits of of networking is increasing unfolded so the danger of information lea leaking king in and and leaki eaking ng out incr increa easses. es. So a mech echanis nism is req equi uirred to keep keep good ood bits bits in and bad bad bits bits out out.. And And for for this this we use use FIRE FIREWA WALL LL.. A fire firewa wall ll is a devi device ce of some some kind kind that that sepa separa rate tess and and prot protec ects ts our our netw networ orkk - in most most case casess, from from the the Interne ernett. It restr estriicts cts tra traffic fic to only nly wha what is acc ccep epta tabl ble, e, and moni monittors ors tha that what what is happ happen enin ing. g. Ever Everyy fire firewa wall ll has has at leas leastt two two netw networ orkk int interfa erface ces, s, one one for for the the netw networ orkk it is intended to protect, and one for the network it is exposed to. A firewall sits at the junction point or gateway between the two networks, usually a private private network and a public public networ networkk such such as the the Intern Internet. et. It may be a Hard Hardwa ware re dev device ice or a Soft Softwa ware re prog progra ram m running on a secure host computer. Hardw Hardware are device means a physical devise connected at the gateway which checks che cks eve every ry inc incomi oming ng or outgo outgoing ing packet packet.. Software program me mean anss that that soft softwa ware re is load loaded ed in comp compu uter ter that hat det deter erm mines ines as what hat to allow llow and wha what to re rejec ject. A fir firew ewal alll exam examin ines es all all traf traffi ficc rout routed ed betw betwee een n the the two two netw networ orks ks to see see if it me meet etss cert certai ain n crit criter eria ia.. A fire firewa wall ll filt filter erss both both inbou inbound nd and outboun outbound d traffi traffic. c.
Technologies There There are are three three dif differ ferent ent types types of firewa firewall ll tec techno hnolog logies ies:: 1) Pack Packet et Filt Filter erin ing g 2) Proxy 3) Stat Statef eful ul Insp Inspec ecti tion on
Packet Packet Filter Filtering ing A pack packet et filt ilterin ering g fire firewa wall ll sim impl plyy insp inspec ects ts incom coming ing tra traffic fic at the tra transpo nsport rt layer ayer of the the OSI OSI mode model. l. The The pack packet et filt filter erin ing g fire firewa wall ll anal analyz yzes es TCP TCP or UDP UDP pack packet etss and and comp compar are e them them to a se set of esta establ blis ish hed rul rules cal called led as Acc cces esss Cont ontrol rol Lis Listt (ACL) ACL).. Pa Packet cket filt filter erin ing g ins inspect ects pack packet et nly nly for for foll follow owin ing g ele eleme ment ntss Source Source IP address address Source Source Port Destinat Destination ion IP address address Destinat Destination ion Port Protocol Protocol
Proxy When When a fire firewa wall ll is inst instal alle led d then then no PC make makess dire direct ct conn connec ecti tion on to the the outs outsid ide e worl world. d. In that case they use proxy i.e each PC first of a alll sends re request to proxy which then forwa forwards rds the requ request est to the the inter internet net or outs outside ide world world for conn connect ection ion or or data data trans transfer fer..
Stateful Stateful Inspection Inspection It is a combination of Packet cket filtering and proxy services. Thi This is the most secure tech techno nolo logy gy and and prov provid ides es the the most most func functi tion onal alit ityy beca becaus use e conn connec ecti tion onss are are not not only only appl applie ied d to ACL, ACL, but but are are logg logged ed into into a sta static tic tabl table. e. Afte Afterr a conn connec ecti tion on is esta establ blis ishe hed, d, all all sess sessio ion n data data is comp compar ared ed to the the stat static ic tabl table. e. If the the sess sessio ion n data data does does not not matc match h the the stat state e tabl table e info inform rmat atio ion n for that that connec connectio tion, n, then then connec connectio tion n is droppe dropped. d.
PANKAJ GILL
11/CSE/168
3 7
e g a P
TRAINING REPORT ON CCNA
4. 2
2013
CONFIGURING THE FIREWALL
Four basic commands commands are used to do a basic configuri configuring ng of the firewall. firewall. 1. Inte Interrface face Command and 2. Nameif eif Command 3. Ip-A Ip-Add ddre ress ss Nat Nat Co Comm mman and d 4. Glo Global Command
Interface Interface Command Command The The interface command identifies the interface hardware card, sets the speed of the interf interface ace and and enable enabless the interf interface ace all all in one one comman command. d. SYNTAX: interface hardware_id hardware_speed [shutdown] [shutdown] hardware_id Hardware_speed
indica indicates tes interf interface ace’s ’s physi physical cal loc locati ation on on the firewal firewall. l. indicates indicates connection connection speed. speed.
There There are vario various us option optionss provid provided ed to us by the firewa firewall ll regard regarding ing spee speed. d. 1000sxfull — Sets full-duplex Gigabit Ethernet. Sets half-duplex Gigabit Ethernet 1000basesx — 1000auto — Automatically detects ands negotiates ful full/half duplex — Sets 10Mbps full-duplex Ethernet 10full 100full — Sets 100Mbps full-duplex Ethernet. — This This par paramet ameter er admin dminis isttrati rative vely ly shuts huts dow down the the inter nterfa face ce.. Shutdown
Nameif command It is used used to name name an inte interf rfac ace e and and assi assign gn sec secur urit ityy leve levell from from 1 to 99. 99. The The outs outsid ide e and and inside interfaces ar are named by default and have default security vva alues of 0 and 100, respe espect ctiv ivel ely. y. By de defa faul ult, t, the inter terface facess have ave the heir ir hard hardwa ware re ID. Ethe Etherrne nett 0 is the the outs utside ide inte interf rfac ace, e, and and Ethe Ethern rnet et 1 is the the insi inside de inte interf rfac ace e SYNTAX: nameif hardware_id if_name security_level hardware_id if_name security_level Exam xamples:
Indica Indicates tes the interf interface ace’s ’s physi physical cal loc locati ation on on the Firew Firewall all.. The The name name by whic which h we refe referr to this this inte interf rfac ace. e. A numeri numerical cal value value from from 1 to 99 indica indicatin ting g the secur security ity lev level. el. nameif ethernet0 outs outsiide security0 nameif nameif etherne ethernet1 t1 inside inside security100 security100 nameif ethernet2 dmz security20
We can can see the config configura urati tion on by usin using g show show nameif nameif command.
ip addr addres esss Comm Comman and d All the interfaces must be configured with an IP address. The ip address comm comman and d is used used to conf config igur ure e IP addr addres esse sess on the the int interfa erface ces. s. The The ip address command command binds a logical logical addr addres esss (IP (IP addr addres ess) s) to the the hard hardwa ware re ID. ID.
PANKAJ GILL
11/CSE/168
4 7
e g a P
TRAINING REPORT ON CCNA
2013
SYNTAX: ip address if_name ip_address [netmask ] if_name ip_address netmask
Example:
The interf interface ace name name that that was config configure ured d using using the nameif command. The interf interface ace’s ’s IP addres address. s. The appropriate network mask. If the mask value is not entered, the firewall assigns assigns a classful classful network network mask. ip address inside 10.10.10.14 255.255.255.0
We can see see the config configurat uration ion by using using show show ip command.
nat nat Comma Command nd The nat (Network Address Translation) command translates a set of IP addr addres esse sess to anot anothe herr set set of IP addr addres esse ses. s. SYNTAX: nat ( if_name) nat_id local_ip [netmask] (if_name) nat_id local_ip netmask
The internal internal network network interface interface name. name. The ID numb number er to matc match h with with the glob global al addres addresss pool. pool. The The IP addr addres esss that that is tran transl slat ated ed.. This This is usual usually ly the the insi inside de netw networ orkk IP addr addres ess. s. Network ma mask for the local IP address.
There There are are two types types of NATin NATing: g: For ex. There is a google server and we don’t want to make its IP 1) Static: addr addres esss publ public ic so we chan change ge its its IP addr addres esss usin using g nat comma command nd in firewa firewall ll and now user user wil willl logon to this new IP . This results in more security as every time it has to pass through firewall. 2) Dynamic: If there are lots of PC’s in a network and all want to access the internet , it is not easy that every PC is being provided with independent public IP so at firewa firewall ll lev level el we change change every every PC’s PC’s pvt Ip with with public public IP. Exam xamples les:
nat nat (in (inside side)) 1 10.1 10.10. 0.10 10.0 .0 255. 255.25 255. 5.2 255. 55.0 nat (inside) 1 172.16.1.0 255.255.255.0
global global Comman Command d The global command is used to define the address or range of addre dresses that the addresses defined by the nat command are translated into. It is important that the nat_id be ide den ntic tical to the the nat_id used in the nat comma command. nd. The nat_id pair pairss the the IP addr addres esss defi define ned d by the the global and nat comma commands nds so that that networ networkk trans transla latio tion n can take take place. place. SYNTAX: global ( if_name) nat_id global_ip | global_ip-global_ip [netmask] The external external network network where where you use these these global addre addresses. sses. nat_id Identifies Identifies the global global addre address ss and matche matchess it with with the nat comman command d it is pairin pairing g with. with. A singl ingle e IP addr addres ess. s. When When a sing single le IP addr addres esss is spec specif ifie ied, d, the the fire firewa wall ll global_ip automatic automatically ally performs Port Address Address Translatio Translation n (PAT). (PAT). global_ip-global_ip Defines a range of globa obal IP addresses to be used by the the firewall to NAT. The netwo network rk mask mask for the global global IP addres address(e s(es). s). netmask (if_name)
5 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT CCNA T RAINING
5. INTRUSION DETECTION SYSTEM(IDS) 5 .1
Introduction
77
6 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
5. 1
2013
INTRODUCTION
An IDS is a secu ecurity counter measure. It monitors network traffic and monitors for suspi uspici ciou ouss acti ctivity ity and and alert lertss the syst system em or ne nettwork ork admi dminis nistra trator tor. In some case casess the the IDS may also also resp respo ond to anoma omalous lous or malic alicio ious us tra traffic fic by taki taking ng acti actio on such as bloc blockking ing the the user user or source source IP addres addresss from from access accessing ing the netwo network rk A firewall si s imply blocks op o penings into your network/system, but cannot distinguish between good/bad activity. Therefore, if you need to allow an opening to a system system (like (like a web-se web-serve rver), r), then then a firewa firewall ll cannot cannot protec protectt again against st intrus intrusion ion attem attempts pts agains againstt this this open openin ing. g. In cont contra rast st,, int intrusi rusion on dete detect ctio ion n syst system emss can can moni monito torr for for hos hostile tile acti activi vity ty on these openings.
HIDS Host Host Intr Intrus usio ion n Dete Detect ctio ion n Syst System emss run run on indi indivi vidu dual al host hostss or devi device cess on the the netw networ ork. k. A HIDS monitors the inbound and outbound packets ets from the device onl only and will alert the user user or administr administrator ator of suspicio suspicious us activity activity if detected detected
NIDS Netwo Network rk Intr Intrus usio ion n Dete Detect ctio ion n Syst System emss are are plac placed ed at a stra strate tegi gicc poin pointt or or poin points ts with within in the network to monitor traffic to and from all devices on the network. Ideally you woul would d scan scan all inbo inboun und d and and outb outbou ound nd tra traffic ffic,, howe howeve verr doin doing g so might ight cre creat ate e a bott bottle lene neck ck that that would would impai impairr the overal overalll speed speed of the netwo network. rk. When When an unau unauth thor oriz ized ed user user logs logs in succ succes essf sful ully ly,, or atte attemp mpts ts to log log in, in, they they are are best best trac tracke ked d with with host host-b -bas ased ed IDS. IDS. Howe Howeve ver, r, dete detect ctin ing g the the unau unauth thor oriz ized ed user user befo before re thei theirr log log on attem attempt pt is best best accomp accomplis lished hed with with networ network-b k-bas ased ed IDS. IDS. There There are are four four basic basic tec techni hnique quess used used to detect detect intrud intruders ers:: 1) Anomaly detection 2) Misuse detecti ction (signature dete etection) 3) Target monitoring Anomaly Anomaly Detection Detection Des Designe igned d to unc uncover over abnor bnorma mall pat patterns erns of be beha havvior ior the IDS est establis blishe hess a base baseli line ne of n nor orma mall usag usage e patt patter erns ns,, and and anyt anythi hing ng that that wide widely ly devi deviat ates es from from it get getss flag flagge ged d as a possib possible le intrus intrusion ion.. An exam exampl ple e of this this woul would d be if a user user logs logs on and and off off of a mach machin ine e 20 time timess a day day instead of the normal 1 or 2. Also, if a computer is used at 2:00 AM when normally no one one outs outsid ide e of busi busine ness ss hour hourss shou should ld have have acce access ss,, this this shou should ld rais raise e som some e sus suspici picion ons. s. At anot anothe herr leve level, l, anom anomal alyy dete detect ctio ion n can can inve invest stig igat ate e user user patt patter erns ns,, such such as prof profil ilin ing g the the prog progra ram ms exec execu uted ted dail daily. y. If a user user in the graphic phicss de depa parrtm tme ent sudden ddenlly star tarts acc cces esssing ing acco accoun unti ting ng prog progra rams ms or comp compil ilin ing g code code,, the the syst system em can can prop proper erly ly aler alertt its its admi admini nist stra rato tors rs..
PANKAJ GILL
11/CSE/168
7 7
e g a P
TRAINING REPORT ON CCNA
2013
Misuse Misuse Detec Detectio tion n or Signatu Signature re Detect Detection ion This This metho method d uses uses speci specifi fica call llyy known known patt patter erns ns of unau unauth thor oriz ized ed beha behavi vior or to pred predic ictt and detect detect subse subseque quent nt simila similarr attempts attempts.. These These specif specific ic patter patterns ns are called called signat signature ures. s. For host host-b -bas ased ed intr intrus usio ion n dete detect ctio ion, n, one one exam exampl ple e of a sign signat atur ure e is "thr "three ee fail failed ed logi logins ns." ." Target Target Monitoring Monitoring Thes These e syst ystem emss do not not activ ctivel elyy searc earch h for for anom nomalies ies or mi missuse, use, but but ins instead ead look look for the modification of sp speci ecified files. This is mo more of a correcti ctive control, designed to unc uncover over an unau nauthor thoriz ize ed acti action on after ter it occu occurrs in orde orderr to rever eversse it. One way to che heck ck for for the the cove covert rt edit editin ing g of file filess is by comp comput utin ing g a cryp crypto togr grap aphi hicc hash hash befo before reha hand nd and and comp compar arin ing g this to new hashes of the file at regular intervals. This type of system is the easiest to impl implem emen ent, t, beca becaus use e it does does not not requ requir ire e cons consta tant nt moni monito tori ring ng by the the admi admini nist stra rato tor. r. Inte Integr grit ityy chec checks ksum um hash hashes es can can be be comp comput uted ed at what whatev ever er int interva ervals ls you you wis wish, and and on eith either er all all file filess or just the mission/system mission/system critical files
Passi Passive ve IDS IDS A passive IDS simply detects and alerts. When suspic picious or malicious traffic is dete de tect cted ed an aler lert is gen ener era ated ted and sent to the admin dminis isttrat rator or user user and it is up to them to take take act actio ion n to blo block ck the the acti activi vity ty or res respo pond nd in some some way. way.
Reacti Reactive ve IDS A reactive IDS will not on only detect su suspicious or malicious traffic and alert the admi admini nist stra rato tor, r, but but will will take take prepre-de defi fine ned d proa proact ctiv ive e acti action onss to resp respon ond d to the the thre threat at.. Typi Typica call llyy this means blocking any further network traffic from the source IP addres dresss or user. IDS IDS is requ requir ired ed to be prop proper erly ly conf config igur ured ed to reco recogn gniz ize e what what is norm normal al traf traffi ficc on your your netw networ orkk vs. vs. what what mig might ht be mali malici ciou ouss traf traffi ficc and and you, you, or the the admi admini nist stra rato tors rs res respo pons nsib ible le for for responding to IDS alerts, need to understand what the alerts me mean and h ho ow to effectively respond.
8 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT CCNA T RAINING
6. WAN SOLUTION 6.1 6 .2
Re R equirement Solution
80 80
9 7 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
6. 1
2013
Requirement
There There is one one CBC CBC (Cent (Centra rall Bill Billin ing g Cent Center er)) whic which h is requ requir ired ed to be conn connec ecte ted d with with 28 BGC BGC (Bil (Billl Gene Genera rati tion on Cent Center er). ). As with with each each BGC BGC loca locati tion on furt furthe herr loca locati tion onss are are conn connec ecte ted d so it is requ require ired d to use use a route routerr at each each locat location ion.. CBC Router must have these specifications: • •
• •
4 number numberss of10/1 of10/100 00 fast fast Ethern Ethernet et interf interface aces. s. 20 number of of V.35 interf erface to rece eceive the data from coming BG BGC Vi Via opt optiical fiber/Lease fiber/Lease line 2 numbe numbers rs of ISDN ISDN BRI BRI port ports. s. Four numbers numbers of synchron synchronous ous serial serial interfaces interfaces for 64 kbps lease line connectivit connectivity. y.
BGC Router must have these specifications: • • •
•
•
2 port 10/100 10/100 Mbps Mbps Ether Ethernet net Inter Interfac face. e. Suffic Suf ficien ientt port port Seria Seriall WAN WAN Inter Interfac faces. es. Al the the BGC loc locati ations ons are are to be connec connected ted to the cen centra trall loc locati ation on having having a point point to point connectivi connectivity. ty. The BGC loc locati ation on are are having having a leased leased line line conn connect ectivi ivity ty of 128Kbp 128Kbpss which which can can be up gradab gradable le to 2 Mbps. Mbps. The lease leased d Line conn connect ectivi ivity ty is to be provi provided ded BY BY a ISP. ISP.
6.2
Solution
As per per the the requ requir irem emen entt the the prop propos osed ed solu soluti tion on is to have have poin pointt to poin pointt con connec necti tivi vity ty betw between een the the cent centra rall loca locati tion on and and the the 28 BGC BGC loca locati tion ons. s. Ther There e is a Cisc Cisco o 1841 1841 Rout Router er at each each of the BGC BGC loca locati tion on.. They They are are ccon onne neccted ted to a 2 Mbps bps Lea Leassed Line Line Modem odem Pair Pair., ., HCLGatewa Gatewayy –2M-2W –2M-2W,, throu through gh the serial serial port. port. The modem modem at the custom customer er end is connec connected ted to a modem odem at the ISP ISP sid side. Lik Like this this way the the cen centra tral loca locati tio on havi having ng a Cisco 3845 3845 Rou Router ter is conn connec ecte ted d to 28 nos nos of 2Mbp 2Mbpss Leas Leased ed Lin Line e mode modem m pair pair.. The The conn connec ecti tivi vity ty diag diagra ram m and and the the bill bill o off mate materi rial al requ requir ired ed for for the the solu soluti tion on is give given n in the the foll follow owin ing g page pages. s.
0 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT T RAINING
7. WLAN(WIRELESS LAN) 7 .1 7 .2
Introduction Topologies
82 83
1 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
7. 1
2013
Introduction
In a trad tradit itio iona nall LAN LAN each each ccom ompu pute terr phys physic ical ally ly conn connect ectss to the the netw networ orkk via via wire wiress and and a ne netw twor orkk por port. A Wir Wire eless less Loca Locall Area rea Ne Netw twor orkk ((W WLAN) LAN) is a ne netw twor orkk that hat prov proviide dess the the same services but without the need for physical connections between the computers and and the the netw networ ork. k. Wire Wirele less ss LANs LANs offe offerr many many adva advant ntag ages es over over trad tradit itio iona nall wire wired d netw networ orks ks,, such such as mobili mobility, ty, fle flexib xibili ility, ty, scala scalabil bility ity and and speed speed,, simpli simplicit cityy and reduce reduced d cost cost of instal installa latio tion. n. A WLAN WLAN typica typically lly uses uses radio radio waves waves,, which which allow allow networ networkk PC cards cards plugge plugged d into into a PC/lap PC/laptop top to conn connec ectt to a trad tradiition tional al Ethe Ethern rnet et LAN. LAN. IEEE IEEE deve develo lope ped d the the 802. 802.11 11 stan standa dard rdss to prov provid ide e wireless wireless networkin networking g technolog technologyy like the wired Ethernet Ethernet.
Standards IEEE IEEE deve develo lope ped d the the 802. 802.11 11 stand tandar ards ds to prov provid ide e wire wirele less ss netw networ orki king ng techn echnol olog ogy. y. With time-to-time development in the field of technology three standards has been finalized finalized.. 802.11(a) 802.11(a),, 802.11(b) 802.11(b),, 802.11(g) 802.11(g) 802.11(b) Max. Max. bit bit rate rate/R /Raw aw net net 11Mb/s 5.5Mb/s 2.4 GHZ Frequency Band 57 m Range Range @ Max. Max. rate rate Unit Unit Cost Cost Covera Coverage ge Cost Cost No. No. of chan channe nels ls
100% 100% 3
802.11(a) 54 Mb/s Mb/s 22-26 Mb/s 5 GHZ 1 2m
802.11(g) 54 Mb/s Mb/s 17-22 17-22 Mb/s Mb/s 2.4 GHZ 19m
120% 2000% 8
110% 500% 4
IEEE EEE 802 802.11a standard is the most widely ely adopted one because it op operates at licensed 5 GHZ GHZ band band whil while e oth other er are are unli unlice cens nsed ed and and also also it prov provid ides es max. ax. nof nof cha chann nnel elss and and max. max. bit bit rate than any other standards. standards.
2 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
7.2
2013
TOPOLOGIES
Ther There e are are two two topo topolo logi gies es on whic which h WLAN WLAN work works: s: 1) Infr Infras astr truc uctu ture re Ne Netw twor orkk 2) Ad hoc Network
Infrastruc Infrastructure ture Network Network It is useful for providing wireless coverage of building or campus areas. This is a topology used when there are many access points in a single location. By deploying mult multip iple le Acce Access ss Poin Points ts (APs) APs) with with over overla lapp ppin ing g cove covera rage ge area areas, s, orga organi niza zati tion onss can can achi achiev eve e broa broad d ne nettwor work cov coverag erage. e. . A lapt laptop op or other ther mobi obile de devvice ice may may move from from AP to AP whi while maintaining access to the resources of the LAN. Each client is equipped with wireless netw ne twor orkk int interfa erface ce car card (NIC NIC) tha that consi onsist stss of the radio dio tra transce nsceiv iver er and and the log logic to inte interract act with with the the clie client nt mach machin ine e and and soft softwa ware re.. Whil While e the the AP is esse essent ntia iall llyy a radi radio o tran transc scei eive verr on one one side side and and the the wir wired back backbo bone ne on the the othe other. r.
3 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Adhoc Adhoc Netwo Network rk This topology is used when we have to interconnect mobile devices that are in the same area area (e.g (e.g., ., in the the same ame room room). ). In this this arch archit itec ectu ture re,, clie client nt stati tation onss are are grou groupe ped d into into a singl ingle e geographic area and can be Internet-worked without access to the wired LAN (infr infra astruc tructu ture re ne netw twor ork) k).. The The ad hoc con configur igura atio tion is sim imiilar lar to a pe peer er-t -too-pe peer er offi officce network in which no node is required to fun function as a server. In ad hoc there ere is no need of any any AP as all all devi device cess are are wire wirele less ssly ly conn connec ecte ted d to each each othe other. r.
4 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
RAINING REPORT CCNA T RAINING
8. INTEGRATED SERVICE DIGITAL NETWORK(ISDN) 8 .1 8 .2 8 .3
Introduction ISDN Interfaces ISDN Function Group & Reference Points
86 87 88
5 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
8. 1
2013
INTRODUCTION
ISDN’s ISDN’s primar primaryy goal goal is the the integr integrati ation on of voice voice and nonvoi nonvoice ce servi services ces.IS .ISDN DN is actual actually ly a set of communication protocols proposed by telephone companies that allows them to carry a group of digital services that simultaneously convey data, text, voice, music, gr graphics, and video to end users, an and it was designed to achieve this ov over the teleph tel ephone one system systemss alread alreadyy in place. place. There There are are two types types of of chann channels els:: 1) B channel 2) D ch channel
B chan channel nel Bearer Bearer channe channels ls (B channe channels) ls) are used used to trans transpor portt data. data. B channe channels ls are called called beare bearerr chan channe nels ls beca becaus use e they they bear bear the the bu burd rden en of tra transpo nsport rtin ing g the the data data.. B cha chann nnel elss ope opera rate te at at spee speeds ds of up to 64 kbps kbps..
D channel D cha channel nnelss are are used used for for sign signal alin ing. g. They They are are used used to esta establ blis ish h the the sess sessio ion n befo before re the the data is actually actually transfer transfer..
6 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
8. 2
2013
ISDN INTERFACES
Types Types of ISDN ISDN interf interface aces: s: 1) Basi Basicc Rate Rate Inte Interf rfac ace e (BR (BRI) I) 2) Prim Primar aryy Rate Rate Inte Interf rfac ace e (PRI (PRI). ). Both BRI and PRI provide multiple digital bearer channels over which temporary conn connec ecti tion onss can can be made made and and data data can can be sent sent..
BRI: ISDN ISDN Basic Basic Rate Rate Interf Interface ace (BRI, also known as 2B+1D) service provides two B channels and one D channel. The BRI B-channel service operates at 64K 64Kbps bps and carr carriies data data,, whil hile the BRI D-ch D-cha annel nnel servi ervice ce oper opera ates tes at 16K 16Kbps bps an and us usually lly carries carries control control and signaling signaling informat information. ion.
PRI: Acco Accord rdin ing g to Amer Americ ican an stan standa dard rdss , the the ISDN ISDN Primary Rate Interface (PRI (PRI,, also also know known n as 23B+ 23B+D1 D1)) ser servic vice e deli delive vers rs 23 64Kb 64Kbps ps B chan channel nelss and and one one 64Kb 64Kbps ps D chan channe nell for for a tota totall bit bit rate rate of up to 1.54 1.544M 4Mbp bps. s. And according to European standards, ISDN provides 30 64Kbps B channels an and one 64Kbps 64Kbps D channe channell for a total total bit rate rate of up to 2.048M 2.048Mbps bps..
7 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
8. 3
• •
2013
ISDN FUNCTION GROUPS & REFERENCE POINTS Functi Function on group group: Reference Reference point: point: details
A set of functions implemented by a devi evice and software The inte interf rfac ace e betw between een two two func functi tion on group groups, s, incl includ udin ing g cabl cablin ing g
Router ter A is ord ordered ered with ith an ISDN ISDN BRI U refer efere ence nce poin point, t, referr ferrin ing g to the I.43 I.430 0 refe referren encce poin pointt de defi fini ning ng the the inter nterfface ace be betw twee een n the cus custom tomer prem premis ises es and the the ISP. Router B is bought with an ISDN BRI S/T interface, implying that it must be cabled to a func functi tio on gro group NT1 de devi vice ce.. An NT1 NT1 func functtion grou group p de devvice ice must ust be conn connec ecte ted d to the ISP line line thr through ugh a U refer efere ence nce poin pointt; the S/T S/T int interfa erface ce de defi fin nes the con conne necction tion to Rou Router ter B. Router Router B is called called a TE1 (Termi (Terminal nal Equipm Equipment ent 1) functi function on group group device device.. Non-ISDN eq equi uipm pmen entt is call called ed a TE2 TE2 (Ter Termina inal Equi quipmen pmentt 2) de devi vice ce and and is atta attach che ed usin using g the R refere reference nce point point to a termin terminal al adapte adapterr (TA) (TA) functi function on group group device device.. Alte Altern rnat ativ ivel ely, y, a TE1 TE1 can can conn connec ectt usin using g an S refe refere renc nce e poin pointt to an NT2 NT2 func functi tion on gro group up,,
8 8 PANKAJ GILL
11/CSE/168
e g a P
TRAINING REPORT ON CCNA
2013
Functi Function on Groups Groups: ISDN-cap apabl able e four-w four-wire ire cable cable.. Unders Understa tands nds signa signalin ling g 1) TE1 (Terminal Equipment 1) ISDN-c and 2B+ 2B+D. D. Uses Uses an S refer referenc ence e point point.. ISDN 2) TE2 (Terminal Equipment 2): Equipment that does not understand protocols and specifications (n (no ISDN awareness). Uses an R reference point, typi typica call llyy an RS-2 RS-232 32 or V.35 V.35 cabl cable, e, to conn connec ectt to a TA 3) TA (Terminal adapter): Equipment that uses R and S reference points. Can be tho thought ught of as the TE1 TE1 fun functio ction n gro group on be beha half lf of a TE2. TE2. 4) NT1 NT1 (Ne (Netwo twork Termin rmina atio tion): n): Conne onneccts wit with a U refe referren ence ce poi point (twotwo-w wire) ire) to the ISP. ISP. Co Conn nnec ects ts with with T or S refe refere renc nce e poin points ts to othe otherr cust custom omer er prem premis ises es equi equipm pmen ent. t.
Refere Reference nce Points Points:: betwee een n TE2 TE2 and and TA. TA. R betw S betw betwee een n TE1 TE1 or or TA and and NT2. NT2. between n NT2 and NT1. NT1. T betwee between n NT1 and and ISP. ISP. U betwee .
9 8 PANKAJ GILL
11/CSE/168
e g a P