icnd -1 interconnecting cisco networking devices assembled by david roberts knowing what you don’t...

ICND -1ICND -1 Interconnecting Cisco Interconnecting Cisco Networking Devices Networking Devices

Assembled By David RobertsAssembled By David Roberts

Knowing what you Knowing what you DON’T know is more DON’T know is more important than what important than what you DO know. It takes you DO know. It takes

both to have expertise.both to have expertise.

Course ContentCourse Content

This course focuses on providing the skills This course focuses on providing the skills and knowledge necessary to install, and knowledge necessary to install, operate, and troubleshoot a small branch operate, and troubleshoot a small branch office Enterprise network, including office Enterprise network, including configuring a switch, a router, and configuring a switch, a router, and connecting to a WAN and implementing connecting to a WAN and implementing network security. A Student should be able network security. A Student should be able to complete configuration and to complete configuration and implementation of a small branch office implementation of a small branch office network under supervision. network under supervision.

Course ObjectivesCourse Objectives Describe how networks function, identifying major components, Describe how networks function, identifying major components,

function of network components and the Open System function of network components and the Open System Interconnection (OSI) reference model. Interconnection (OSI) reference model.

Using the host-to-host packet delivery process, describe issues Using the host-to-host packet delivery process, describe issues related to increasing traffic on an Ethernet LAN and identify related to increasing traffic on an Ethernet LAN and identify switched LAN technology solutions to Ethernet networking issues. switched LAN technology solutions to Ethernet networking issues.

Describes the reasons for extending the reach of a LAN and the Describes the reasons for extending the reach of a LAN and the methods that can be used with a focus on RF wireless access. methods that can be used with a focus on RF wireless access.

Describes the reasons for connecting networks with routers and Describes the reasons for connecting networks with routers and how routed networks transmit data through networks using TCP / how routed networks transmit data through networks using TCP / IP. IP.

Describe the function of Wide Area Networks (WANs), the major Describe the function of Wide Area Networks (WANs), the major devices of WANs, and configure PPP encapsulation, static and devices of WANs, and configure PPP encapsulation, static and dynamic routing, PAT and RIP routing. dynamic routing, PAT and RIP routing.

Use the command-line interface to discover neighbors on the Use the command-line interface to discover neighbors on the network and managing the router¿s startup and configuration . network and managing the router¿s startup and configuration .

Course OutlineCourse Outline

Module 1 - Building a Simple Network Module 1 - Building a Simple Network Module 2 - Ethernet Local Area Networks Module 2 - Ethernet Local Area Networks Module 3 - Wireless Local Area Networks Module 3 - Wireless Local Area Networks Module 4 - Exploring the Functions of Module 4 - Exploring the Functions of

Routing Routing Module 5 - Wide Area Networks Module 5 - Wide Area Networks Module 6 - Network Environment Module 6 - Network Environment

Management Management

Module 1 - Building a Module 1 - Building a Simple Network Simple Network

Connect 3 PC’s together in a Class C, Class B & Connect 3 PC’s together in a Class C, Class B & Class A using IP addresses provided below. Test Class A using IP addresses provided below. Test connectivity with ping.connectivity with ping.

Class C: PC1: 10.0.0.15 /24 (255.255.255.0)

PC2: 10.0.0.16 /24 (255.255.255.0)

PC3: 10.0.0.17 /24 (255.255.255.0)

Class B: PC1: 10.0.1.15 /16 (255.255.0.0)

PC2: 10.0.2.15 /16 (255.255.0.0)

PC3: 10.0.100.1 /16 (255.255.0.0)

Class A: PC1: 100.200.100.100 /8 (255.0.0.0)

PC2: 100.200.200.200 /8 (255.0.0.0)

PC3: 100.1.2.3 /8 (255.0.0.)

Module 1 - Building a Module 1 - Building a Simple Network – Part 2Simple Network – Part 2

With the Class A IP’s still in place, With the Class A IP’s still in place, change the subnet to a class B. Use change the subnet to a class B. Use a subnet of /16. (255.255.0.0)a subnet of /16. (255.255.0.0)

What happens to the connectivity What happens to the connectivity between the machines? Why?between the machines? Why?

What change to the IP address of What change to the IP address of PC3 can be made in order to restore PC3 can be made in order to restore connectivity between all three PC’s? connectivity between all three PC’s?

Module 1 - Building a Module 1 - Building a Simple Network – Part 3Simple Network – Part 3

Reset all PC’s to the Class C addressing scheme:Reset all PC’s to the Class C addressing scheme: Class C:

PC1: 10.0.0.15 /24 (255.255.255.0) PC2: 10.0.0.16 /24 (255.255.255.0) PC3: 10.0.0.17 /24 (255.255.255.0) On PC1 bring up a command line and type in “ping –t 10.0.0.16”On PC1 bring up a command line and type in “ping –t 10.0.0.16” On PC2 type in “ping –t 10.0.0.17”On PC2 type in “ping –t 10.0.0.17” On PC3 type in “ping –t 10.0.0.15”On PC3 type in “ping –t 10.0.0.15” Load up a packet sniffer of your choice on one of the PC’s and Load up a packet sniffer of your choice on one of the PC’s and

monitor the NIC.monitor the NIC. Write down the MAC address for each PC that you see in the Write down the MAC address for each PC that you see in the

sniffer.sniffer. What port are the pings coming in & out from?What port are the pings coming in & out from? What protocol are the ping packets being sent over?What protocol are the ping packets being sent over? What is the actual alpha-numeric hex string that the ping packet What is the actual alpha-numeric hex string that the ping packet

uses as its data? This can be found in the hex information window. uses as its data? This can be found in the hex information window. You may have to stop the scanner to isolate one packet.You may have to stop the scanner to isolate one packet.

Why cant the sniffer see all three PC’s?Why cant the sniffer see all three PC’s?

Module 2 - Ethernet Local Area Module 2 - Ethernet Local Area NetworksNetworks

Frames are the format of data packets on the wire. Note that a frame viewed on the actual physical hardware would show start bits, sometimes called the preamble, and the trailing Frame Check Sequence. These are required by all physical hardware and is seen in all four following frame types. They are not displayed by packet sniffing software because these bits are removed by the Ethernet adapter before being passed on to the network protocol stack software.

http://en.wikipedia.org/wiki/Frame_Check_Sequence

http://en.wikipedia.org/wiki/Packet_sniffing

http://en.wikipedia.org/wiki/Ethernet_adapter

http://en.wikipedia.org/wiki/Protocol_stack

Module 2 - Ethernet Local Area Module 2 - Ethernet Local Area Networks – Part 2Networks – Part 2

Main procedure of transmission over ethernet:Main procedure of transmission over ethernet:1.1. Frame ready for transmission Frame ready for transmission 2.2. Is medium idle? If not, wait until it becomes ready and wait the Is medium idle? If not, wait until it becomes ready and wait the

interframeinterframe gap gap period (9.6 period (9.6 µsµs in 10 Mbit/s Ethernet). in 10 Mbit/s Ethernet). 3.3. Start transmitting Start transmitting 4.4. Does a collision occur? If so, go to collision detected procedure. Does a collision occur? If so, go to collision detected procedure. 5.5. Reset retransmission counters and end frame transmission Reset retransmission counters and end frame transmission 6.6. Collision detected procedure - Continue transmission until Collision detected procedure - Continue transmission until

minimum packet time is reached (jam signal) to ensure that all minimum packet time is reached (jam signal) to ensure that all receivers detect the collision receivers detect the collision

7.7. Increment retransmission counter Increment retransmission counter 8.8. Is maximum number of transmission attempts reached? If so, Is maximum number of transmission attempts reached? If so,

abort transmission. abort transmission. 9.9. Calculate and wait random backoff period based on number of Calculate and wait random backoff period based on number of

collisions collisions 10.10. Re-enter main procedure at stage 1 Re-enter main procedure at stage 1

http://en.wikipedia.org/wiki/Interframe_gap

http://en.wikipedia.org/wiki/Interframe_gap

http://en.wikipedia.org/wiki/1_E-6_s


Dual speed hubsIn the early days of Fast Ethernet, Ethernet switches were relatively expensive devices. However, hubs suffered from the problem that if there were any 10BASE-T devices connected then the whole system would have to run at 10 Mbit. Therefore a compromise between a hub and a switch appeared known as a dual speed hub. These devices consisted of an internal two-port switch, dividing the 10BASE-T (10 Mbit) and 100BASE-T (100 Mbit) segments. The device would typically consist of more than two physical ports. When a network device becomes active on any of the physical ports, the device attaches it to either the 10BASE-T segment or the 100BASE-T segment, as appropriate. This prevented the need for an all-or-nothing migration from 10BASE-T to 100BASE-T networks. These devices are often known as dual-speed hubs, since the traffic between devices connected at the same speed is not switched.

http://en.wikipedia.org/wiki/Fast_Ethernet

http://en.wikipedia.org/wiki/10BASE-T

http://en.wikipedia.org/wiki/Ethernet_hub#Dual_speed_hubs


http://en.wikipedia.org/wiki/Mbit


http://en.wikipedia.org/wiki/Mbit


More advanced networksMore advanced networks Simple switched Ethernet networks, while an improvement over hub based Ethernet, suffer from a Simple switched Ethernet networks, while an improvement over hub based Ethernet, suffer from a

number of issues:number of issues: They suffer from single points of failure. If any link fails some devices will be unable to communicate They suffer from single points of failure. If any link fails some devices will be unable to communicate

with other devices and if the link that fails is in a central location lots of users can be cut off from with other devices and if the link that fails is in a central location lots of users can be cut off from the resources they require. the resources they require.

It is possible to trick switches or hosts into sending data to your machine even if it's not intended for It is possible to trick switches or hosts into sending data to your machine even if it's not intended for it, as indicated above. it, as indicated above.

Large amounts of broadcast traffic whether malicious, accidental or simply a side effect of network Large amounts of broadcast traffic whether malicious, accidental or simply a side effect of network size can flood slower links and/or systems. size can flood slower links and/or systems.

It is possible for any host to flood the network with broadcast traffic forming a denial of service attack against any It is possible for any host to flood the network with broadcast traffic forming a denial of service attack against any hosts that run at the same or lower speed as the attacking device. hosts that run at the same or lower speed as the attacking device.

As the network grows normal broadcast traffic takes up an ever greater amount of bandwidth. As the network grows normal broadcast traffic takes up an ever greater amount of bandwidth. If switches are not If switches are not multicastmulticast aware multicast traffic will end up treated like broadcast traffic due to being directed aware multicast traffic will end up treated like broadcast traffic due to being directed

at a MAC with no associated port. at a MAC with no associated port. If switches discover more MAC addresses than they can store (either through network size or through an attack) If switches discover more MAC addresses than they can store (either through network size or through an attack)

some addresses must inevitably be dropped and traffic to those addresses will be treated the same way as traffic some addresses must inevitably be dropped and traffic to those addresses will be treated the same way as traffic to unknown addresses, that is essentially the same as broadcast traffic (this issue is known as failopen). to unknown addresses, that is essentially the same as broadcast traffic (this issue is known as failopen).

They suffer from bandwidth choke points where a lot of traffic is forced down a single link. They suffer from bandwidth choke points where a lot of traffic is forced down a single link. Some switches offer a variety of tools to combat these issues including:Some switches offer a variety of tools to combat these issues including: Spanning-tree protocolSpanning-tree protocol to maintain the active links of the network as a tree while allowing physical to maintain the active links of the network as a tree while allowing physical

loops for redundancy. loops for redundancy. Various port protection features, as it is far more likely an attacker will be on an end system port Various port protection features, as it is far more likely an attacker will be on an end system port

than on a switch-switch link. than on a switch-switch link. VLANsVLANs to keep different classes of users separate while using the same physical infrastructure. to keep different classes of users separate while using the same physical infrastructure. fast routing at higher levelsfast routing at higher levels to route between those VLANs. to route between those VLANs. Link aggregationLink aggregation to add bandwidth to overloaded links and to provide some measure of redundancy, to add bandwidth to overloaded links and to provide some measure of redundancy,

although the links won't protect against switch failure because they connect the same pair of although the links won't protect against switch failure because they connect the same pair of switches. switches.

http://en.wikipedia.org/wiki/Multicast

http://en.wikipedia.org/wiki/Spanning-tree_protocol

http://en.wikipedia.org/wiki/VLAN

http://en.wikipedia.org/wiki/Multilayer_switch

http://en.wikipedia.org/wiki/Link_aggregation


Duplex:Duplex: Terms originally referring to specific circuit Terms originally referring to specific circuit

designs for serial communication, but now designs for serial communication, but now referring more to specific rules for data flow. A referring more to specific rules for data flow. A simplex circuit allows only one-way simplex circuit allows only one-way communication from a transmitter to a receiver. A communication from a transmitter to a receiver. A half-duplex circuit allows two-way half-duplex circuit allows two-way communication, but only in one direction at a communication, but only in one direction at a time; that is, the two parties to the connection time; that is, the two parties to the connection must take turns transmitting and receiving data. must take turns transmitting and receiving data. A full-duplex circuit allows both parties to send A full-duplex circuit allows both parties to send and receive data simultaneously. and receive data simultaneously.


Your typical RJ-45 connector. You will find this connector most commonly on Cat-5 & Cat-6 twisted pair. The RJ-45 has 8 brass leads, 4 pairs twisted together to produce minimal distortion & signal loss on the line.

Module 2 - Module 2 - Ethernet Ethernet

Local Area Local Area Networks – Networks –

Part 7Part 7Console Cables are used to directly connect to management interfaces (serial port) on network equipment.

Crossover cables are used when connecting two PC’s or switches directly together. Most network equipment manufactured within the last two years has auto X-over negotiation built into the device.


Example of unshielded twisted pair (top) & shielded twisted pair (bottom).Your basic RJ-45 tip crimp tool.

Module 2 - Ethernet Local Area Module 2 - Ethernet Local Area Networks – Part 8-LABNetworks – Part 8-LAB

At this point take a sample of Cat-5 & At this point take a sample of Cat-5 & tip it for crossover functionality.tip it for crossover functionality.

Test the cable, why do the testers Test the cable, why do the testers show an error? Is the cable good or show an error? Is the cable good or bad?bad?

Use the crossover to bypass the Use the crossover to bypass the switch between two of the PC’s.switch between two of the PC’s.

Module 3 - Wireless Local Module 3 - Wireless Local Area Networks Area Networks

Wireless Encryption Types: WEP Wireless Encryption Types: WEP Short for Short for WWired ired EEquivalent quivalent PPrivacyrivacy, a security protocol for wireless local area , a security protocol for wireless local area

networks (networks (WLANsWLANs) defined in the ) defined in the 802.11b802.11b standard. WEP is designed to provide standard. WEP is designed to provide the same level of the same level of securitysecurity as that of a wired as that of a wired LANLAN. LANs are inherently more . LANs are inherently more secure than secure than WLANsWLANs because LANs are somewhat protected by the physicalities because LANs are somewhat protected by the physicalities of their structure, having some or all part of the network inside a building that of their structure, having some or all part of the network inside a building that can be protected from unauthorized access. WLANs, which are over radio can be protected from unauthorized access. WLANs, which are over radio waves, do not have the same physical structure and therefore are more waves, do not have the same physical structure and therefore are more vulnerable to tampering. WEP aims to provide security by vulnerable to tampering. WEP aims to provide security by encryptingencrypting data over data over radio waves so that it is protected as it is transmitted from one end point to radio waves so that it is protected as it is transmitted from one end point to another. However, it has been found that WEP is not as secure as once another. However, it has been found that WEP is not as secure as once believed. WEP is used at the two lowest layers of the believed. WEP is used at the two lowest layers of the OSI modelOSI model - the data link - the data link and physical layers; it therefore does not offer end-to-end security. and physical layers; it therefore does not offer end-to-end security.

WEP is total crap & should NEVER be used on ANY wireless network unless it WEP is total crap & should NEVER be used on ANY wireless network unless it is the ONLY encryption available.is the ONLY encryption available.

Module 3 - Wireless Local Module 3 - Wireless Local Area Networks – Part 2Area Networks – Part 2

Wireless Encryption Types: WPA1Wireless Encryption Types: WPA1 Short for Short for WWi-Fi i-Fi PProtected rotected AAccessccess, a , a Wi-FiWi-Fi standardstandard that was designed to improve that was designed to improve

upon the upon the security featuressecurity features of of WEPWEP. The technology is designed to work with . The technology is designed to work with existing Wi-Fi products that have been enabled with WEP (i.e., as a existing Wi-Fi products that have been enabled with WEP (i.e., as a softwaresoftware upgrade to existing upgrade to existing hardwarehardware), but the technology includes two improvements over ), but the technology includes two improvements over WEP: WEP:

Improved data Improved data encryptionencryption through the temporal key integrity protocol (TKIP). TKIP through the temporal key integrity protocol (TKIP). TKIP scrambles the keys using a scrambles the keys using a hashinghashing algorithmalgorithm and, by adding an integrity-checking and, by adding an integrity-checking feature, ensures that the keys haven’t been tampered with. feature, ensures that the keys haven’t been tampered with.

User User authenticationauthentication, which is generally missing in WEP, through the , which is generally missing in WEP, through the extensible authentication protocolextensible authentication protocol (EAP). WEP regulates access to a wireless (EAP). WEP regulates access to a wireless network based on a computer’s hardware-specific network based on a computer’s hardware-specific MAC addressMAC address, which isrelatively , which isrelatively simple to be sniffed out and stolen. EAP is built on a more secure public-key simple to be sniffed out and stolen. EAP is built on a more secure public-key encryption system to ensure that only authorized network users can access the encryption system to ensure that only authorized network users can access the network. network.

It should be noted that WPA is an interim standard that will be replaced with the It should be noted that WPA is an interim standard that will be replaced with the IEEEIEEE’s 802.11i standard upon its completion. (this was completed in 2004)’s 802.11i standard upon its completion. (this was completed in 2004)

While WPA1 is very strong it can be broken with enough computing power, time & While WPA1 is very strong it can be broken with enough computing power, time & a stupid administrator who doesn’t know how to pick & choose appropriate a stupid administrator who doesn’t know how to pick & choose appropriate passwords.passwords.

Using a password that includes at least one capitol, one number, one special char Using a password that includes at least one capitol, one number, one special char (~ . $ ^ #) and that is a minimum of 25 characters ensures a secure wireless (~ . $ ^ #) and that is a minimum of 25 characters ensures a secure wireless network if one must use WPA1 for user compatibility. network if one must use WPA1 for user compatibility.


Wireless Encryption Types: WPA2Wireless Encryption Types: WPA2 WPA2 implements the mandatory elements of 802.11i. In particular, in WPA2 implements the mandatory elements of 802.11i. In particular, in

addition to TKIP and the Michael algorithm, it introduces a new addition to TKIP and the Michael algorithm, it introduces a new AESAES--based algorithm, based algorithm, CCMPCCMP, that is considered fully secure. Note that from , that is considered fully secure. Note that from March 13March 13, , 20062006, WPA2 certification is mandatory for all new devices , WPA2 certification is mandatory for all new devices wishing to be Wi-Fi certified.wishing to be Wi-Fi certified.

Vendor support:Vendor support: Official support for WPA2 in Microsoft Official support for WPA2 in Microsoft Windows XPWindows XP was rolled out on was rolled out on

1 May1 May 20052005. Driver upgrades for network cards may be required. . Driver upgrades for network cards may be required. Apple ComputerApple Computer supports WPA2 on all supports WPA2 on all AirPort ExtremeAirPort Extreme-enabled -enabled

MacintoshesMacintoshes, the AirPort Extreme Base Station, and the , the AirPort Extreme Base Station, and the AirPort ExpressAirPort Express. . Firmware upgrades needed are included in AirPort 4.2, released Firmware upgrades needed are included in AirPort 4.2, released July 14July 14, , 20052005. .

wpa_supplicantwpa_supplicant for Linux, BSD, and Windows supports WPA2 if used with for Linux, BSD, and Windows supports WPA2 if used with a supported wireless card/driver. a supported wireless card/driver.

WPA2 is the only wireless encryption that has not been broken. It is the WPA2 is the only wireless encryption that has not been broken. It is the strongest form of wireless security to date.strongest form of wireless security to date.


Wireless Standards: IEEE 802.11 (B)Wireless Standards: IEEE 802.11 (B) Data Rate: Up to 11Mbps in the 2.4GHz band Data Rate: Up to 11Mbps in the 2.4GHz band Products that adhere to this standard are Products that adhere to this standard are

considered "Wi-Fi Certified." Not interoperable considered "Wi-Fi Certified." Not interoperable with 802.11a. Requires fewer with 802.11a. Requires fewer access pointsaccess points than 802.11a for coverage of large areas. than 802.11a for coverage of large areas. Offers high-speed access to data at up to 300 Offers high-speed access to data at up to 300 feet from base station. 14 channels available in feet from base station. 14 channels available in the 2.4GHz band (only 11 of which can be used the 2.4GHz band (only 11 of which can be used in the U.S. due to in the U.S. due to FCCFCC regulations) regulations) with only with only three non-overlapping channelsthree non-overlapping channels. .


Wireless Standards: IEEE Wireless Standards: IEEE 802.11 (A)802.11 (A)

Data Rate: Up to 54Mbps in the Data Rate: Up to 54Mbps in the 5GHz band5GHz band

Products that adhere to this Products that adhere to this standard are considered "Wi-Fi standard are considered "Wi-Fi Certified." Eight available Certified." Eight available channels. Less potential for channels. Less potential for RFRF interference than 802.11b and interference than 802.11b and 802.11g. Better than 802.11b at 802.11g. Better than 802.11b at supporting multimedia voice, supporting multimedia voice, video and large-image video and large-image applications in densely applications in densely populated user environments. populated user environments. Relatively shorter range than Relatively shorter range than 802.11b. Not interoperable with 802.11b. Not interoperable with 802.11b. 802.11b.


Wireless Standards: IEEE 802.11 (G)Wireless Standards: IEEE 802.11 (G) Data Rate: Up to 54Mbps in the 2.4GHz band Data Rate: Up to 54Mbps in the 2.4GHz band Products that adhere to this standard are Products that adhere to this standard are

considered "Wi-Fi Certified." May replace considered "Wi-Fi Certified." May replace 802.11b. Improved security enhancements 802.11b. Improved security enhancements over 802.11. Compatible with 802.11b. 14 over 802.11. Compatible with 802.11b. 14 channels available in the 2.4GHz band (only 11 channels available in the 2.4GHz band (only 11 of which can be used in the U.S. due to of which can be used in the U.S. due to FCCFCC regulations) regulations) with only three non-overlapping with only three non-overlapping channelschannels. .


Wireless Standards: 802.16 (WiMAX)Wireless Standards: 802.16 (WiMAX) Data Rate: Variable. Specifies WiMAX in the 10 Data Rate: Variable. Specifies WiMAX in the 10

to 66 GHz range to 66 GHz range Commonly referred to as WiMAX or less Commonly referred to as WiMAX or less

commonly as WirelessMAN or the Air Interface commonly as WirelessMAN or the Air Interface Standard, IEEE 802.16 is a specification for Standard, IEEE 802.16 is a specification for fixed broadband wireless metropolitan access fixed broadband wireless metropolitan access networks (MANs) networks (MANs)

802.16a added suppor tfor the 2 to 11 GHz 802.16a added suppor tfor the 2 to 11 GHz range.range.


Wireless Standards: BluetoothWireless Standards: Bluetooth Data Rate: Up to 2Mbps in the 2.45GHz band Data Rate: Up to 2Mbps in the 2.45GHz band No native support for No native support for IPIP, so it does not support , so it does not support TCP/IPTCP/IP

and wireless LAN applications well. Not originally and wireless LAN applications well. Not originally created to support wireless LANs. Best suited for created to support wireless LANs. Best suited for connecting connecting PDAsPDAs, cell phones and PCs in short , cell phones and PCs in short intervals. intervals.

While Bluetooth was designed for ranged of about 15 While Bluetooth was designed for ranged of about 15 feet special “Bluetooth Sniper Rifles” can listen in on feet special “Bluetooth Sniper Rifles” can listen in on Bluetooth traffic from over a mile away if the user has a Bluetooth traffic from over a mile away if the user has a LoS (line of sight) to the source.LoS (line of sight) to the source.

Bluetooth has been broken (encryption cracked), Bluetooth has been broken (encryption cracked), assume everything you do over it is being watched by assume everything you do over it is being watched by those looking to steal your ident & bank accounts.those looking to steal your ident & bank accounts.

Module 3 - Wireless Module 3 - Wireless Local Area Networks – Local Area Networks – Part 9Part 9

Wireless dangers.Wireless dangers. AdHoc: At Starbucks it’s Christmas every day for AdHoc: At Starbucks it’s Christmas every day for

identity thieves. It’s so easy you wouldn’t believe.identity thieves. It’s so easy you wouldn’t believe. What you see to the right is all it takes to What you see to the right is all it takes to

compromise the person next to you in the airport, compromise the person next to you in the airport, coffee shop, library, hotel, conference, etc.. coffee shop, library, hotel, conference, etc..

What would happen if you had two wireless NIC’s What would happen if you had two wireless NIC’s (network interface card) in your laptop with internet (network interface card) in your laptop with internet sharing enabled between the two? What if you made sharing enabled between the two? What if you made one AdHoc and named it “Free Public Wifi”? (AdHoc one AdHoc and named it “Free Public Wifi”? (AdHoc wireless devices function as an AP (Access Point) & wireless devices function as an AP (Access Point) & broadcast their SSID). And for the final step what do broadcast their SSID). And for the final step what do you think you could capture while monitoring that you think you could capture while monitoring that wireless NIC with a packet sniffer?wireless NIC with a packet sniffer?

Microsoft was kind enough to have AdHoc AP’s on Microsoft was kind enough to have AdHoc AP’s on auto-connect anytime the SSID is seen after the first auto-connect anytime the SSID is seen after the first attempt. This particular “Free Public Wifi” is the most attempt. This particular “Free Public Wifi” is the most widely used SSID by thieves around the world. This widely used SSID by thieves around the world. This SSID can be found everywhere from Africa to Europe SSID can be found everywhere from Africa to Europe to probably right outside your window.to probably right outside your window.

Use free wifi at your own risk. You may think your Use free wifi at your own risk. You may think your smarter than your stupid neighbor who is just leaving smarter than your stupid neighbor who is just leaving his ‘Linksys’ wireless unsecured, but he may be his ‘Linksys’ wireless unsecured, but he may be much, much smarter than you… capturing every much, much smarter than you… capturing every username & password of every credit card, bank username & password of every credit card, bank account & personal sites you log into. account & personal sites you log into.

Module 3 - Wireless Local Area Module 3 - Wireless Local Area Networks – Part 9-LABNetworks – Part 9-LAB

Wireless Lab:Wireless Lab: Reset wireless router to default.Reset wireless router to default. Set administrative password.Set administrative password. Set SSID & de-activate SSID broadcast.Set SSID & de-activate SSID broadcast. Set encryption to WPA1 & choose a 25 Set encryption to WPA1 & choose a 25

character key.character key. Set up a client & connect to the wireless router. Set up a client & connect to the wireless router. Sniff the traffic.Sniff the traffic.

Module 4 – Exploring the Functions Module 4 – Exploring the Functions of Routingof Routing

Before we get into the details of routing protocols & path Before we get into the details of routing protocols & path determination algorithms lets first examine the diagram determination algorithms lets first examine the diagram to the right to get a good understanding of what routing to the right to get a good understanding of what routing is used for.is used for.

Take note of the different networks & their placement.Take note of the different networks & their placement. 10.1.128.0, 10.1.130.0 & 10.1.129.0 are the networks 10.1.128.0, 10.1.130.0 & 10.1.129.0 are the networks

that make up the backbone.that make up the backbone. 10.1.2.0, 10.1.3.0 & 10.1.1.0 are the networks that make 10.1.2.0, 10.1.3.0 & 10.1.1.0 are the networks that make

up the distribution layers.up the distribution layers. While this diagram does not specify what the subnet is, While this diagram does not specify what the subnet is,

we can assume that they are all Class C subnets of /24, we can assume that they are all Class C subnets of /24, (255.255.255.0)(255.255.255.0)

If Daffy sends a packet addressed for Elmer it will hit If Daffy sends a packet addressed for Elmer it will hit Albuquerque first. If Albuquerque does not know that the Albuquerque first. If Albuquerque does not know that the network 10.1.3.0 exists it will drop the packet. If the network 10.1.3.0 exists it will drop the packet. If the router has been configured to forward packets destined router has been configured to forward packets destined for anything in the range 10.1.3.0 to Seville it will do so.for anything in the range 10.1.3.0 to Seville it will do so.

Routers at the most basic functionality are merely traffic Routers at the most basic functionality are merely traffic directors that point down one road or the other directors that point down one road or the other depending on where the traffic wants to go. They do this depending on where the traffic wants to go. They do this by keeping a massive roadmap that is either programmed by keeping a massive roadmap that is either programmed by an administrator manually or discovered by an administrator manually or discovered automatically by a routing protocol.automatically by a routing protocol.

In this diagram you see that a packet coming from Daffy In this diagram you see that a packet coming from Daffy destined for Elmer can go out either s0 or s1. Different destined for Elmer can go out either s0 or s1. Different routing protocols have different algorithms that routing protocols have different algorithms that determine which route to take. This is called Path Cost determine which route to take. This is called Path Cost Analysis. Analysis.

Module 4 – Exploring the Functions Module 4 – Exploring the Functions of Routing – Part 2of Routing – Part 2

Routing fundamentals:Routing fundamentals: There are 3 basic rules that you can keep in mind There are 3 basic rules that you can keep in mind

while you learn that will help keep new concepts while you learn that will help keep new concepts clear.clear.

1.1. A router never needs to “route” a packet destined for a A router never needs to “route” a packet destined for a network range it is directly connected to. network range it is directly connected to.

2.2. No two interfaces on a router can be assigned an IP No two interfaces on a router can be assigned an IP address in the same network.address in the same network.

3.3. A router may have MANY different IP addresses A router may have MANY different IP addresses assigned to a single interface. It is not at all uncommon assigned to a single interface. It is not at all uncommon for a packet to go into an interface on one network and for a packet to go into an interface on one network and go right back out again the same interface on a different go right back out again the same interface on a different network.network.


Routing Protocol Fundamentals: Routing Protocol Fundamentals: Distance Vector RoutingDistance Vector Routing A A distance-vector routing protocoldistance-vector routing protocol is one of the two major classes of is one of the two major classes of

routing protocolsrouting protocols used in used in packet-switched networkspacket-switched networks for for computer communicationscomputer communications, the other major class being the , the other major class being the link-state protocollink-state protocol. A distance-vector routing protocol uses the . A distance-vector routing protocol uses the Bellman-Ford algorithmBellman-Ford algorithm to calculate paths. to calculate paths.

Examples of distance-vector routing protocols include Examples of distance-vector routing protocols include RIPv1 or 2RIPv1 or 2 and and IGRPIGRP. . EGPEGP and and BGPBGP are not pure distance-vector routing protocols but are not pure distance-vector routing protocols but their concepts are the same. In many cases, EGP and BGP are considered their concepts are the same. In many cases, EGP and BGP are considered DVDV (distance-vector) routing protocols. (distance-vector) routing protocols.

A distance-vector routing protocol requires that a router informs its A distance-vector routing protocol requires that a router informs its neighbors of topology changes periodically and, in some cases, when a neighbors of topology changes periodically and, in some cases, when a change is detected in the topology of a network. Compared to change is detected in the topology of a network. Compared to link-state protocolslink-state protocols, which requires a router to inform all the nodes in a , which requires a router to inform all the nodes in a network of topology changes, distance-vector routing protocols have less network of topology changes, distance-vector routing protocols have less computational complexitycomputational complexity and and message overheadmessage overhead..


Routing Protocol Fundamentals: Routing Protocol Fundamentals: Link-state routingLink-state routing A A link-state routing protocollink-state routing protocol is one of the two main classes of is one of the two main classes of

routing protocolsrouting protocols used in used in packet-switched networkspacket-switched networks for for computer communicationscomputer communications. Examples of link-state routing protocols include . Examples of link-state routing protocols include OSPFOSPF and and IS-ISIS-IS..

The link-state protocol is performed by every The link-state protocol is performed by every switching nodeswitching node in the network in the network (i.e. nodes which are prepared to forward packets; in the (i.e. nodes which are prepared to forward packets; in the InternetInternet, these are , these are called called routersrouters). The basic concept of link-state routing is that every node ). The basic concept of link-state routing is that every node receives a receives a mapmap of the connectivity of the network, in the form of a of the connectivity of the network, in the form of a graphgraph showing which nodes are connected to which other nodes.showing which nodes are connected to which other nodes.

Each node then independently calculates the best Each node then independently calculates the best next hopnext hop from it for every from it for every possible destination in the network. (It does this using only its local copy of the possible destination in the network. (It does this using only its local copy of the map, and without communicating in any other way with any other node.) The map, and without communicating in any other way with any other node.) The collection of best next hops forms the collection of best next hops forms the routing tablerouting table for the node. for the node.

This contrasts with This contrasts with distance-vector routing protocolsdistance-vector routing protocols, which work by having , which work by having each node share its each node share its routing tablerouting table with its neighbors. In a link-state protocol, with its neighbors. In a link-state protocol, the only information passed between the nodes is information used to construct the only information passed between the nodes is information used to construct the connectivity maps.the connectivity maps.


Routing Protocols: RIPv1 & RIPv2Routing Protocols: RIPv1 & RIPv2 The The Routing Information ProtocolRouting Information Protocol (RIP) is one of the most commonly (RIP) is one of the most commonly

used used interior gateway protocolinterior gateway protocol (IGP) (IGP) routing protocolsrouting protocols on internal networks on internal networks (and to a lesser extent, networks connected to the (and to a lesser extent, networks connected to the InternetInternet), which helps ), which helps routersrouters dynamically adapt to changes of network connections by dynamically adapt to changes of network connections by communicating information about which networks each router can reach communicating information about which networks each router can reach and how far away those networks are.and how far away those networks are.

Although RIP is still actively used, it is generally considered to have been Although RIP is still actively used, it is generally considered to have been made obsolete by routing protocols such as made obsolete by routing protocols such as OSPFOSPF and and IS-ISIS-IS. Nonetheless, . Nonetheless, a somewhat more capable protocol in the same basic family (a somewhat more capable protocol in the same basic family (distance-vector routing protocolsdistance-vector routing protocols), was ), was CiscoCisco's proprietary ('s proprietary (IGRPIGRP) ) Interior Interior Gateway Routing ProtocolGateway Routing Protocol. Cisco does not support IGRP in current . Cisco does not support IGRP in current releases of its software. It was "replaced" by releases of its software. It was "replaced" by EIGRPEIGRP, the Enhanced Interior , the Enhanced Interior Gateway Routing Protocol, which is a completely new design. While EIGRP Gateway Routing Protocol, which is a completely new design. While EIGRP is still technically distance vector, it relates to IGRP only in having a similar is still technically distance vector, it relates to IGRP only in having a similar name.name.

RIPRIP is sometimes said to stand for is sometimes said to stand for Rest in PiecesRest in Pieces in reference to the in reference to the reputation that RIP has for breaking unexpectedly, rendering a network reputation that RIP has for breaking unexpectedly, rendering a network unable to function.unable to function.


Routing Protocols: RIP ContinuedRouting Protocols: RIP Continued RIP is a RIP is a distance-vector routing protocoldistance-vector routing protocol, which employs the , which employs the hop counthop count as a routing metric. The as a routing metric. The

maximum number of hops allowed with RIP is 15, and the hold down time is 180 seconds. maximum number of hops allowed with RIP is 15, and the hold down time is 180 seconds. Originally each RIP router transmits full updates every 30 seconds by default. Originally, routing Originally each RIP router transmits full updates every 30 seconds by default. Originally, routing tables were small enough that the traffic was not significant.tables were small enough that the traffic was not significant.

As networks grew in size, however, it became evident there could be a massive burst every 30 As networks grew in size, however, it became evident there could be a massive burst every 30 seconds, even if the routers had been initialized at random times. It was thought, as a result of seconds, even if the routers had been initialized at random times. It was thought, as a result of random initialization, the routing updates would spread out in time, but this was not true in random initialization, the routing updates would spread out in time, but this was not true in practice. Sally Floyd and Van Jacobson published research in 1994 practice. Sally Floyd and Van Jacobson published research in 1994 [1][1] that showed having all that showed having all routers use a fixed 30 second timer was a very bad idea. Without slight randomization of the routers use a fixed 30 second timer was a very bad idea. Without slight randomization of the update timer, this research showed that the timers weakly synchronized over time and sent their update timer, this research showed that the timers weakly synchronized over time and sent their updates out at the same time. Modern RIP implementations introduce deliberate time variation updates out at the same time. Modern RIP implementations introduce deliberate time variation into the update timer of each router.into the update timer of each router.

It runs at the It runs at the network layernetwork layer of the of the Internet protocol suiteInternet protocol suite. RIP prevents routing loops from . RIP prevents routing loops from continuing indefinitely by implementing a limit on the number of hops allowed in a path from the continuing indefinitely by implementing a limit on the number of hops allowed in a path from the source to a destination. This hop limit, however, limits the size of networks that RIP can support.source to a destination. This hop limit, however, limits the size of networks that RIP can support.

RIP implements the RIP implements the split horizonsplit horizon and and holddownholddown mechanisms to prevent incorrect routing mechanisms to prevent incorrect routing information from being propagated. These are some of the stability features of RIP.information from being propagated. These are some of the stability features of RIP.

In many current networking environments RIP would not be the first choice for In many current networking environments RIP would not be the first choice for routingrouting as its as its convergence times and scalability are poor compared to convergence times and scalability are poor compared to EIGRPEIGRP, , OSPFOSPF, or , or IS-ISIS-IS (the latter two (the latter two being being link-state routing protocolslink-state routing protocols), and the hop limit severely limits the size of network it can be ), and the hop limit severely limits the size of network it can be used in. On the other hand, it used in. On the other hand, it isis easier to configure because, using minimal settings for any easier to configure because, using minimal settings for any routing protocols, RIP does not require any parameter on a router whereas all the other protocols routing protocols, RIP does not require any parameter on a router whereas all the other protocols require at least one or more parametersrequire at least one or more parameters


Routing Protocols: RIP Continued.1Routing Protocols: RIP Continued.1 RIPv1: defined in RIPv1: defined in RFC 1058RFC 1058, uses , uses classfulclassful routing. The routing routing. The routing

updates do not carry updates do not carry subnetsubnet information, lacking support for information, lacking support for variable length subnet masksvariable length subnet masks (VLSM). This limitation makes it (VLSM). This limitation makes it impossible to have different-sized impossible to have different-sized subnetssubnets inside of the same inside of the same network classnetwork class. In other words, all subnets in a network class must . In other words, all subnets in a network class must be the same size. There is also no support for router authentication, be the same size. There is also no support for router authentication, making RIPv1 slightly vulnerable to various attacks.making RIPv1 slightly vulnerable to various attacks.

RIPv2: Due to the above deficiencies of RIPv1, RIPv2 was RIPv2: Due to the above deficiencies of RIPv1, RIPv2 was developed in 1994 and included the ability to carry subnet developed in 1994 and included the ability to carry subnet information, thus supporting information, thus supporting Classless Inter-Domain RoutingClassless Inter-Domain Routing (CIDR). However to maintain backwards compatibility the 15 hop (CIDR). However to maintain backwards compatibility the 15 hop count limit remained. Rudimentary plain text authentication was count limit remained. Rudimentary plain text authentication was added to secure routing updates; later, added to secure routing updates; later, MD5MD5 authentication was authentication was defined in defined in RFC 2082RFC 2082. Also, in an effort to avoid waking up hosts that . Also, in an effort to avoid waking up hosts that do not participate in the routing protocol, RIPv2 multicasts routing do not participate in the routing protocol, RIPv2 multicasts routing updates to 224.0.0.9, as opposed to RIPv1 which uses broadcast.updates to 224.0.0.9, as opposed to RIPv1 which uses broadcast.

Module 4 – Exploring the Functions Module 4 – Exploring the Functions of Routing – Part 7-LABof Routing – Part 7-LAB

At this time please complete Sequential Labs # 1-At this time please complete Sequential Labs # 1-6 & Stand Alone Labs # 12. This Requires Boson 6 & Stand Alone Labs # 12. This Requires Boson Cisco CCNA Network Simulator. Chapter reading Cisco CCNA Network Simulator. Chapter reading is included with the software.is included with the software.

Read the ChaptersRead the ChaptersRead the ChaptersRead the ChaptersRead the ChaptersRead the Chapters


Routing Concepts: Split horizonRouting Concepts: Split horizon In In computer networkscomputer networks, , distance-vector routing protocolsdistance-vector routing protocols employ the split horizon employ the split horizon

rule which prohibits a router from advertising a route back out the interface from rule which prohibits a router from advertising a route back out the interface from which it was learned. Split horizon is one of the methods used to prevent which it was learned. Split horizon is one of the methods used to prevent routing loopsrouting loops due to the slow convergence times of due to the slow convergence times of distance-vector routing protocolsdistance-vector routing protocols..

In this example In this example AA uses the path via uses the path via BB to reach to reach CC..

A will not advertise its route for C back to B. On the surface, this seems redundant since B will never use A's route because it costs more than B's route to C. However, if B's route to C goes down, B could end up using A's route, which goes through B; A would send the packet right back to B, creating a loop. With split horizon, this particular loop scenario cannot happen.An additional variation of split horizon does advertise the route back to the router that is used to reach the destination, but marks the advertisement as unreachable. This is called split horizon with poison reverse.


Routing Protocols: IGRPRouting Protocols: IGRP Interior Gateway Routing ProtocolInterior Gateway Routing Protocol ( (IGRPIGRP) is a kind of ) is a kind of IGPIGP which is a which is a

distance-vector routing protocoldistance-vector routing protocol invented by invented by CiscoCisco, used by , used by routersrouters to exchange to exchange routingrouting data data within an within an autonomous systemautonomous system..

IGRP was created in part to overcome the limitations of RIP (maximum hop count of only 15, IGRP was created in part to overcome the limitations of RIP (maximum hop count of only 15, and a single routing metric) when used within large networks. IGRP supports multiple metrics and a single routing metric) when used within large networks. IGRP supports multiple metrics for each route, including bandwidth, delay, load, MTU, and reliability; to compare two routes for each route, including bandwidth, delay, load, MTU, and reliability; to compare two routes these metrics are combined together into a single metric, using a formula which can be these metrics are combined together into a single metric, using a formula which can be adjusted through the use of pre-set constants. The maximum hop count of IGRP-routed adjusted through the use of pre-set constants. The maximum hop count of IGRP-routed packets is 255 (default 100).packets is 255 (default 100).

IGRP is considered a classful routing protocol. As the protocol has no field for a subnet mask IGRP is considered a classful routing protocol. As the protocol has no field for a subnet mask the router assumes that all interface addresses have the same subnet mask as the router itself. the router assumes that all interface addresses have the same subnet mask as the router itself. This contrasts with classless routing protocols that can use variable length subnet masks. This contrasts with classless routing protocols that can use variable length subnet masks. Classful protocols have become less popular as they are wasteful of IP address space.Classful protocols have become less popular as they are wasteful of IP address space.

In order to address the issues of address space and other factors, Cisco created EIGRP In order to address the issues of address space and other factors, Cisco created EIGRP (Enhanced Interior Gateway Routing Protocol). EIGRP adds support for VLSM (variable (Enhanced Interior Gateway Routing Protocol). EIGRP adds support for VLSM (variable length subnet mask) and adds the Diffusing Update Algorithm (DUAL) in order to improve length subnet mask) and adds the Diffusing Update Algorithm (DUAL) in order to improve routing and provide a loopless environment. EIGRP has completely replaced IGRP, making routing and provide a loopless environment. EIGRP has completely replaced IGRP, making IGRP an obsolete routing protocol. In Cisco IOS versions 12.3 and greater, IGRP is IGRP an obsolete routing protocol. In Cisco IOS versions 12.3 and greater, IGRP is completely unsupported. IGRP is still taught in Cisco's CCNA curriculum, but it should be completely unsupported. IGRP is still taught in Cisco's CCNA curriculum, but it should be noted that knowledge of IGRP is not tested. noted that knowledge of IGRP is not tested.


Routing Concepts: Route SummarizationRouting Concepts: Route Summarization Route summarization, also know as route aggregation, summarizes a group of routes into Route summarization, also know as route aggregation, summarizes a group of routes into

a single route advertisement. Route summarization can be used as a powerful tool in a a single route advertisement. Route summarization can be used as a powerful tool in a networking environment. The demand for increased network capabilities has resulted networking environment. The demand for increased network capabilities has resulted from corporate expansions and mergers. The number of subnets and network addresses from corporate expansions and mergers. The number of subnets and network addresses contained in routing table is rapidly increasing based on these expansions. This growth contained in routing table is rapidly increasing based on these expansions. This growth has had a negative impact on CPU resources, bandwidth, and memory used to maintain has had a negative impact on CPU resources, bandwidth, and memory used to maintain the routing tables. Therefore, route summarization was introduced as a way to reduce the the routing tables. Therefore, route summarization was introduced as a way to reduce the size of network routing tables. size of network routing tables.

If configured properly, route summarization can reduce the latency associated with router If configured properly, route summarization can reduce the latency associated with router hop, since the average speed for routing table lookup will be increased due to the reduced hop, since the average speed for routing table lookup will be increased due to the reduced number of entries. The overhead for routing protocols can also be reduced since fewer number of entries. The overhead for routing protocols can also be reduced since fewer routing entries are being advertised.routing entries are being advertised.

Another advantage of using route summarization in large, complex networks is that it can Another advantage of using route summarization in large, complex networks is that it can isolate topology changes from other routers. This can aid in improving the stability of the isolate topology changes from other routers. This can aid in improving the stability of the network by limiting the propagation of routing traffic after a network link goes down. For network by limiting the propagation of routing traffic after a network link goes down. For example, if a router only advertises a summary route to the next router hop, then it will example, if a router only advertises a summary route to the next router hop, then it will not advertise any changes to specific subnets within the summarized range. This can not advertise any changes to specific subnets within the summarized range. This can significantly reduce any unnecessary routing updates following a topology change. Hence, significantly reduce any unnecessary routing updates following a topology change. Hence, increasing the speed of convergence and allowing for a more stable environment.increasing the speed of convergence and allowing for a more stable environment.


Routing Concepts: Route Summarization ContinuedRouting Concepts: Route Summarization Continued As an example of how summarization can be used as a powerful tool in As an example of how summarization can be used as a powerful tool in

a networking environment imagine a company that operates 150 a networking environment imagine a company that operates 150 accounting services in each of the 50 states and each accounting office accounting services in each of the 50 states and each accounting office has a router and frame relay link connected to its corporate office. has a router and frame relay link connected to its corporate office. Without route summarization, the routing table on any given router Without route summarization, the routing table on any given router would have to maintain 150 routers times 50 states = 7,500 different would have to maintain 150 routers times 50 states = 7,500 different networks. However, if route summarization is implemented, then each networks. However, if route summarization is implemented, then each state would have a centralized site to connect it with all other offices. state would have a centralized site to connect it with all other offices. Since each router is summarized before being advertised to other Since each router is summarized before being advertised to other states, then every router will only see its own subnets and 49 states, then every router will only see its own subnets and 49 summarized entries representing other states. This would create less summarized entries representing other states. This would create less stress on the router’s CPU, memory, and bandwidth.stress on the router’s CPU, memory, and bandwidth.


Routing Concepts: Route Summarization Routing Concepts: Route Summarization Continued.1Continued.1

In order to determine the summary route on a router, you must first decide the number of In order to determine the summary route on a router, you must first decide the number of highest-order bits that match in all addresses. See the following example which shows the highest-order bits that match in all addresses. See the following example which shows the process of calculating a summary route.process of calculating a summary route.

In the table below, Router A has the following networks in its routing table:In the table below, Router A has the following networks in its routing table: 192.168.98.0192.168.98.0

192.168.99.0192.168.99.0192.168.100.0192.168.100.0192.168.101.0192.168.101.0192.168.102.0192.168.102.0192.168.105.0192.168.105.0

First of all, you must convert the addresses to binary format and align them in a list as First of all, you must convert the addresses to binary format and align them in a list as shown in the table to the right.shown in the table to the right.

Second, locate the bits where the common pattern of digits ends (those in red). Lastly, count the number of common bits. The summary route number is represented by the first IP address in the block, followed by a slash, followed by the number of common bits.Summarized route is 192.168.96.0/20

As you can see, the first 20 bits of the IP address are the same. Hence, the best summary route can be advertised as 192.168.96.0/20. For summarization to work properly, multiple IP addresses must share the same highest-order bits and should only be implemented within classless routing protocols such as EIGRP, OSPF, RIP v.2, IS-IS for IP, and BGP.In some cases, this feature may not be feasible. For example, in RIP v.1 is a classful routing protocol that automatically summarizes based on class when advertising across a major network boundary. Automatic route summarization can potentially cause problems if summarization occurs at more than one point in the network since the summarized routes may be in conflict. When this occurs, a router receives identical summary routes from different directions. This can lead to serious connectivity issues.

Module 5 – Wide Area Networks Module 5 – Wide Area Networks The great Google has collected these definitions of a WAN:The great Google has collected these definitions of a WAN: A network of computers spread out across a great distance. WANs are A network of computers spread out across a great distance. WANs are

often networks of networks, linking local area networks into a single often networks of networks, linking local area networks into a single network.network.faculty.tamu-commerce.edu/espinoza/s/carpenter-p/cl1.htmlfaculty.tamu-commerce.edu/espinoza/s/carpenter-p/cl1.html

(WANs) are networks that generally span distances greater than one city (WANs) are networks that generally span distances greater than one city and include regional networks such as telephone companies or and include regional networks such as telephone companies or international networks such as global communications services providers.international networks such as global communications services providers.www.wiley.co.uk/college/turban/glossary.htmlwww.wiley.co.uk/college/turban/glossary.html

A wide area network or WAN is a computer network covering a wide A wide area network or WAN is a computer network covering a wide geographical area, involving vast array of computers. This is different from geographical area, involving vast array of computers. This is different from personal area networks (PANs), metropolitan area networks (MANs) or personal area networks (PANs), metropolitan area networks (MANs) or local area networks (LANs) that are usually limited to a room, building or local area networks (LANs) that are usually limited to a room, building or campus. The best example of a WAN is the Internet. campus. The best example of a WAN is the Internet. en.wikipedia.org/wiki/Wide_area_networks en.wikipedia.org/wiki/Wide_area_networks

Module 5 – Wide Area Networks – Part 2Module 5 – Wide Area Networks – Part 2

Module 5 – Wide Area Networks – Part 3Module 5 – Wide Area Networks – Part 3

Module 5 – Wide Area Networks – Module 5 – Wide Area Networks – Part 4Part 4

PPP EncapsulationPPP Encapsulation PPP (Point-to-Point Protocol) is a protocol for communication between two PPP (Point-to-Point Protocol) is a protocol for communication between two

computers using a serial interface, typically a personal computer connected computers using a serial interface, typically a personal computer connected by phone line to a server. For example, your Internet server provider may by phone line to a server. For example, your Internet server provider may provide you with a PPP connection so that the provider’s server can respond provide you with a PPP connection so that the provider’s server can respond to your requets, pass them on to the Internet, and forward your requested to your requets, pass them on to the Internet, and forward your requested Internet responses back to you. PPP uses the Internet Protocol (IP) (and is Internet responses back to you. PPP uses the Internet Protocol (IP) (and is designed to handle other). It is sometimes considered a member of the designed to handle other). It is sometimes considered a member of the TCP/IP suite of protocols. Relative to the Open Systems Interconnection TCP/IP suite of protocols. Relative to the Open Systems Interconnection (OSI) reference model, PPP provides layer 2 (data-link layer) service. (OSI) reference model, PPP provides layer 2 (data-link layer) service. Essentially, it packages your computer’s TCP/IP packets and forwards them Essentially, it packages your computer’s TCP/IP packets and forwards them to the server where they can actually be put on the Internet.to the server where they can actually be put on the Internet.

PPP is a full-duplex protocol that can be used on various physical media, PPP is a full-duplex protocol that can be used on various physical media, including twisted pair or fiber optic lines or satellite transmission. It uses a including twisted pair or fiber optic lines or satellite transmission. It uses a variation of High Speed Data Link Control (HDLC) for packet encapsulation.variation of High Speed Data Link Control (HDLC) for packet encapsulation.

PPP is usually preferred over the earlier de facto standard Serial Line Internet PPP is usually preferred over the earlier de facto standard Serial Line Internet Protocol (SLIP) because it can handle synchronous as well as asynchronous Protocol (SLIP) because it can handle synchronous as well as asynchronous communication. PPP can share a line with other users and it has error communication. PPP can share a line with other users and it has error detection that SLIP lacks. Where a choice is possible, PPP is prefered.detection that SLIP lacks. Where a choice is possible, PPP is prefered.

Module 5 – Wide Area Networks – Module 5 – Wide Area Networks – Part 4-LABPart 4-LAB

At this point do Stand Alone Labs # 16 , Scenario At this point do Stand Alone Labs # 16 , Scenario Labs # 10 & Sequential Lab # 15.Labs # 10 & Sequential Lab # 15.

These labs cover PPP encapsulation & NAT/PAT These labs cover PPP encapsulation & NAT/PAT routing.routing.

READ CHAPTER 8 READ CHAPTER 8 & 9& 9

icnd -1 interconnecting cisco networking devices assembled by david roberts knowing what you don’t...

Documents

class b class

class c

simple network module

wide area networks module

networks function

network security

function of network

course outline module