networking interview questions and answers
TRANSCRIPT
NETWORKING INTERVIEW QUESTIONS AND ANSWERS
1. What are 10Base2, 10Base5 and 10BaseT Ethernet LANs10Base2—An Ethernet term meaning a maximum transfer rate of 10 Megabits per second that uses basebandsignaling, with a contiguous cable segment length of 100 meters and a maximum of 2 segments.10Base5—An Ethernet term meaning a maximum transfer rate of 10 Megabits per second that uses basebandsignaling, with 5 continuous segments not exceeding 100 meters per segment.10BaseT—An Ethernet term meaning a maximum transfer rate of 10 Megabits per second that uses basebandsignaling and twisted pair cabling.
2. What is the difference between an unspecified passive open and a fully specified passive openAn unspecified passive open has the server waiting for a connection request from a client. A fully specified passive open has the server waiting for a connection from a specific client.
3. Explain the function of Transmission Control BlockA TCB is a complex data structure that contains a considerable amount of information about each connection.
4. What is a Management Information Base (MIB)A Management Information Base is part of every SNMP-managed device. Each SNMP agent has the MIB database that contains information about the device's status, its performance, connections, and configuration. The MIB is queried by SNMP.
5. What is anonymous FTP and why would you use itAnonymous FTP enables users to connect to a host without using a valid login and password. Usually, anonymous FTP uses a login called anonymous or guest, with the password usually requesting the user's ID for tracking purposes only. Anonymous FTP is used to enable a large number of users to access files on the host without having to go to the trouble of setting up logins for them all. Anonymous FTP systems usually have strict controls over the areas an anonymous user can access.
6. What is a pseudo ttyA pseudo tty or false terminal enables external machines to connect through Telnet or rlogin. Without a pseudo tty, no connection can take place.
7. Which layer of the 7 layer model provides services to the Application layer over the Session layer connection?Presentation.
8. What does the Mount protocol do ?The Mount protocol returns a file handle and the name of the file system in which a requested file resides. The message is sent to the client from the server after reception of a client's request.
9. What is External Data RepresentationExternal Data Representation is a method of encoding data within an RPC message, used to ensure that the data is not system-dependent.
10. Which OSI Reference Layer controls application to application communication?Session
11. BOOTP helps a diskless workstation boot. How does it get a message to the network looking for its IP address and the location of its operating system boot files ?BOOTP sends a UDP message with a subnetwork broadcast address and waits for a reply from a server that gives it the IP address. The same message might contain thename of the machine that has the boot files on it. If the boot image location is not specified, the workstation sends another UDP message to query the server.
12. What is a DNS resource recordA resource record is an entry in a name server's database. There are several types of resource records used, including name-to-address resolution information. Resource records are maintained as ASCII files.
13. What protocol is used by DNS name serversDNS uses UDP for communication between servers. It is a better choice than TCP because of the improved speed a connectionless protocol offers. Of course, transmission reliability suffers with UDP.
14. What is the difference between interior and exterior neighbor gatewaysInterior gateways connect LANs of one organization, whereas exterior gateways connect the organization to the outside world.
15. What is the HELLO protocol used forThe HELLO protocol uses time instead of distance to determine optimal routing. It is an alternative to the Routing Information Protocol.
16. What are the advantages and disadvantages of the three types of routing tablesThe three types of routing tables are fixed, dynamic, and fixed central. The fixed table must be manually modified everytime there is a change. A dynamic table changes its information based on network traffic, reducing the amount of manual maintenance. A fixed central table lets a managermodify only one table, which is then read by other devices. The fixed central table reduces the need to update each machine's table, as with the fixed table. Usually adynamic table causes the fewest problems for a network administrator, although the table's contents can change without the administrator being aware of the change.17. What is a characteristic of Store and Forward switches?They read the entire frame and check CRC before forwarding.
18. What is source routeIt is a sequence of IP addresses identifying the route a datagram must follow. A source route may optionally be included in an IP datagram header.
19. What is RIP (Routing Information Protocol)It is a simple protocol used to exchange information between the routers.
20. What is SLIP (Serial Line Interface Protocol)It is a very simple protocol used for transmission of IP datagrams across a serial line.
21. What is Proxy ARPIt is using a router to answer ARP requests. This will be done when the originating host believes that a destination is local, when in fact is lies beyond router.
22. What is OSPFIt is an Internet routing protocol that scales well, can route traffic along multiple paths, and uses knowledge of an Internet's topology to make accurate routing decisions.
23. What is KerberosIt is an authentication service developed at the Massachusetts Institute of Technology. Kerberos uses encryption to prevent intruders from discovering passwords and gaining unauthorized access to files.
24. What is a Multi-homed HostIt is a host that has a multiple network interfaces and that requires multiple IP addresses is called as a Multi-homed Host.
25. What is NVT (Network Virtual Terminal)It is a set of rules defining a very simple virtual terminal interaction. The NVT is used in the start of a Telnet session.
26. What is Gateway-to-Gateway protocolIt is a protocol formerly used to exchange routing information between Internet core routers.
27. What is BGP (Border Gateway Protocol)It is a protocol used to advertise the set of networks that can be reached with in an autonomous system. BGP enables this information to be shared with the autonomous system. This is newer than EGP (Exterior Gateway Protocol).
28. What is autonomous systemIt is a collection of routers under the control of a single administrative authority and that uses a common Interior Gateway Protocol.
29. What is EGP (Exterior Gateway Protocol)It is the protocol the routers in neighboring autonomous systems use to identify the set of networks that can be reached within or via each autonomous system.
30. What is IGP (Interior Gateway Protocol)It is any routing protocol used within an autonomous system.
31. What is Mail GatewayIt is a system that performs a protocol translation between different electronic mail delivery protocols.
32. What is wide-mouth frogWide-mouth frog is the simplest known key distribution center (KDC) authentication protocol.
33. What are Digrams and TrigramsThe most common two letter combinations are called as digrams. e.g. th, in, er, re and an. The most common three letter combinations are called as trigrams. e.g. the, ing,and, and ion.
34. What is silly window syndromeIt is a problem that can ruin TCP performance. This problem occurs when data are passed to the sending TCP entity in large blocks, but an interactive application on thereceiving side reads 1 byte at a time.
35. What is regionWhen hierarchical routing is used, the routers are divided into what we call regions, with each router knowing all the details about how to route packets to destinationswithin its own region, but knowing nothing about the internal structure of other regions.
36. What is multicast routingSending a message to a group is called multicasting, and its routing algorithm is called multicast routing.
37. What is traffic shapingOne of the main causes of congestion is that traffic is often busy. If hosts could be made to transmit at a uniform rate,congestion would be less common. Another open loopmethod to help manage congestion is forcing the packet to be transmitted at a more predictable rate. This is called traffic shaping.
38. What is packet filterPacket filter is a standard router equipped with some extra functionality. The extra functionality allows every incoming or outgoing packet to be inspected. Packets meetingsome criterion are forwarded normally. Those that fail the test are dropped.
39. What is virtual pathAlong any transmission path from a given source to a given destination, a group of virtual circuits can be grouped together into what is called path.
40. What is virtual channelVirtual channel is normally a connection from one source to one destination, although multicast connections are also permitted. The other name for virtual channel is virtual circuit.
41. What is logical link controlOne of two sublayers of the data link layer of OSI reference model, as defined by the IEEE 802 standard. This sublayer is responsible for maintaining the link between computers when they are sending data across the physical network connection.
42. Why should you care about the OSI Reference ModelIt provides a framework for discussing network operations and design.
43. What is the difference between routable and non- routable protocolsRoutable protocols can work with a router and can be used to build large networks. Non-Routable protocols are designed to work on small, local networks and cannot be used with a router.
44. What is MAUIn token Ring , hub is called Multistation Access Unit(MAU).
45. Explain 5-4-3 ruleIn a Ethernet network, between any two points on the network, there can be no more than five network segments or four repeaters, and of those five segments only three ofsegments can be populated.
46. What is the difference between TFTP and FTP application layer protocolsThe Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but does not provide reliability or security. It uses the fundamental packet delivery services offered by UDP. The
File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file from one host to another. It uses the services offered by TCP and so isreliable and secure. It establishes two connections (virtual circuits) between the hosts, one for data transfer and another for control information.
47. What is the range of addresses in the classes of internet addressesClass A 0.0.0.0 - 127.255.255.255Class B 128.0.0.0 - 191.255.255.255Class C 192.0.0.0 - 223.255.255.255Class D 224.0.0.0 - 239.255.255.255Class E 240.0.0.0 - 247.255.255.255
48. What is the minimum and maximum length of the header in the TCP segment and IP datagramThe header should have a minimum length of 20 bytes and can have a maximum length of 60 bytes.
49. What is difference between ARP and RARPThe address resolution protocol (ARP) is used to associate the 32 bit IP address with the 48 bit physical address, used by a host or a router to find the physical address ofanother host on its network by sending a ARP query packet that includes the IP address of the receiver. The reverse address resolution protocol (RARP) allows a host to discover its Internet address when it knows only its physical address.
50. What is ICMPICMP is Internet Control Message Protocol, a network layer protocol of the TCP/IP suite used by hosts and gateways to send notification of datagram problems back to the sender. It uses the echo test / reply to test whether a destination is reachable and responding. It also handles both control and error messages.
51. What are the data units at different layers of the TCP / IP protocol suiteThe data unit created at the application layer is called a message, at the transport layer the data unit created is called either a segment or an user datagram, at the network layer the data unit created is called the datagram, at the data link layer the datagram is encapsulated in to a frame and finally transmitted as signals along the transmission media.
52. What is Project 802It is a project started by IEEE to set standards that enable intercommunication between equipment from a variety ofmanufacturers. It is a way for specifying functions of the physical layer, the data link layer and to some extent the network layer to allow for interconnectivity of major LANprotocols.It consists of the following:802.1 is an internetworking standard for compatibility of different LANs and MANs across protocols.802.2 Logical link control (LLC) is the upper sublayer of the data link layer which is non-architecture-specific, that isremains the same for all IEEE-defined LANs.Media access control (MAC) is the lower sublayer of the data link layer that contains some distinct modules eachcarrying proprietary information specific to the LAN productbeing used. The modules are Ethernet LAN (802.3), Token ring LAN (802.4), Token bus LAN (802.5).802.6 is distributed queue dual bus (DQDB) designed to be used in MANs.
53. What is BandwidthEvery line has an upper limit and a lower limit on the frequency of signals it can carry. This limited range is called thebandwidth.
54. Difference between bit rate and baud rate.Bit rate is the number of bits transmitted during one second whereas baud rate refers to the number of signal units persecond that are required to represent those bits.baud rate = bit rate / N where N is no-of-bits represented by each signal shift.
55. What is MAC addressThe address for a device as it is identified at the Media Access Control (MAC) layer in the network architecture. MACaddress is usually stored in ROM on the network adapter card and is unique.
56. What is attenuationThe degeneration of a signal over distance on a network cable is called attenuation.
57. What is claddingA layer of a glass surrounding the center fiber of glass inside a fiber-optic cable.
58. What is RAIDA method for providing fault tolerance by using multiple hard disk drives.
59. What is NETBIOS and NETBEUINETBIOS is a programming interface that allows I/O requests to be sent to and received from a remote computer and ithides the networking hardware from applications.NETBEUI is NetBIOS extended user interface. A transport protocol designed by microsoft and IBM for the use on smallsubnets.
60. What is redirectorRedirector is software that intercepts file or prints I/O requests and translates them into network requests. This comes under presentation layer.
61. What is BeaconingThe process that allows a network to self-repair networks problems. The stations on the network notify the other stations on the ring when they are not receiving the transmissions. Beaconing is used in Token ring and FDDI networks.
62. What is terminal emulation, in which layer it comesTelnet is also called as terminal emulation. It belongs to application layer.
63. What is frame relay, in which layer it comesFrame relay is a packet switching technology. It will operate in the data link layer.
64. What do you meant by "triple X" in NetworksThe function of PAD (Packet Assembler Disassembler) is described in a document known as X.3. The standard protocol has been defined between the terminal and the PAD, called X.28; another standard
protocol exists between hte PAD and the network, called X.29. Together, these three recommendations are often called "triple X"
65. What is SAPSeries of interface points that allow other computers to communicate with the other layers of network protocol stack.
66. What is subnetA generic term for section of a large networks usually separated by a bridge or router.
67. What is BrouterHybrid devices that combine the features of both bridges and routers.
68. How Gateway is different from RoutersA gateway operates at the upper levels of the OSI model and translates information between two completely different network architectures or data formats.
69. What are the different type of networking / internetworking devicesRepeater:Also called a regenerator, it is an electronic device that operates only at physical layer. It receives the signal in thenetwork before it becomes weak, regenerates the original bit pattern and puts the refreshed copy back in to the link.
Bridges:These operate both in the physical and data link layers of LANs of same type. They divide a larger network in to smallersegments. They contain logic that allow them to keep the traffic for each segment separate and thus are repeaters that relay a frame only the side of the segment containing the intended recipent and control congestion.
Routers:They relay packets among multiple interconnected networks (i.e. LANs of different type). They operate in the physical,data link and network layers. They contain software that enable them to determine which of the several possible paths is the best for a particular transmission.
Gateways:They relay packets among networks that have different protocols (e.g. between a LAN and a WAN). They accept apacket formatted for one protocol and convert it to a packet formatted for another protocol before forwarding it. They operate in all seven layers of the OSI model.
70. What is mesh networkA network in which there are multiple network links between computers to provide multiple paths for data to travel.
71. What is passive topologyWhen the computers on the network simply listen and receive the signal, they are referred to as passive because they don’t amplify the signal in any way. Example for passive topology - linear bus.
72. What are the important topologies for networks
BUS topology:In this each computer is directly connected to primary network cable in a single line.Advantages:Inexpensive, easy to install, simple to understand, easy to extend.
STAR topology:In this all computers are connected using a central hub.Advantages:Can be inexpensive, easy to install and reconfigure and easy to trouble shoot physical problems.
RING topology:In this all computers are connected in loop.Advantages:All computers have equal access to network media, installation can be simple, and signal does not degrade as much asin other topologies because each computer regenerates it.
73. What are major types of networks and explainServer-based networkPeer-to-peer networkPeer-to-peer network, computers can act as both servers sharing resources and as clients using the resources.Server-based networks provide centralized control of network resources and rely on server computers to providesecurity and network administration
74. What is Protocol Data UnitThe data unit in the LLC level is called the protocol data unit (PDU). The PDU contains of four fields a destinationservice access point (DSAP), a source service access point (SSAP), a control field and an information field. DSAP, SSAP are addresses used by the LLC to identify the protocol stacks on the receiving and sending machines that are generating and using the data. The control field specifies whether the PDU frame is a information frame (I -frame) or a supervisory frame (S - frame) or a unnumbered frame (U - frame).
75. What is difference between baseband and broadband transmissionIn a baseband transmission, the entire bandwidth of the cable is consumed by a single signal. In broadband transmission, signals are sent on multiple frequencies, allowing multiple signals to be sent simultaneously.
76. What are the possible ways of data exchange(i) Simplex (ii) Half-duplex (iii) Full-duplex.
77. What are the types of Transmission mediaSignals are usually transmitted over some transmission media that are broadly classified in to two categories.Guided Media:These are those that provide a conduit from one device to another that include twisted-pair, coaxial cable and fiber-optic
cable. A signal traveling along any of these media is directed and is contained by the physical limits of the medium. Twisted-pair and coaxial cable use metallic that accept and transport signals in the form of electrical current. Optical fiber is a glass or plastic cable that accepts and transports signals in the form of light.Unguided Media:This is the wireless media that transport electromagnetic waves without using a physical conductor. Signals arebroadcast either through air. This is done through radiocommunication, satellite communication and cellular telephony.
78. Difference between the communication and transmission.Transmission is a physical movement of information and concern issues like bit polarity, synchronization, clock etc.Communication means the meaning full exchange of information between two communication media.
79.The Internet Control Message Protocol occurs at what layer of the seven layer model?Network
80.Which protocol resolves an IP address to a MAC address?ARP
81.MIDI and MPEG are examples of what layer of the OSI seven layer model?Presentation
82.What is the protocol number for UDP?17
83.Which protocol is used for booting diskless workstations?RARP
84.Which layer is responsible for putting 1s and 0s into a logical group?Physical
85.What does 'P' mean when running a Trace?Protocol unreachable
86.UDP works at which layer of the DOD model?Host to Host
87.What is the default encapsulation of Netware 3.12?802.2
88.Ping uses which Internet layer protocol?ICMP
89.Which switching technology can reduce the size of a broadcast domain?VLAN
90.What is the first step in data encapsulation?
User information is converted into data.
91.What is the protocol number for TCP?6
92.What do you use the Aux port for?Modem
93.Repeaters work at which layer of the OSI model?Physical
94.WAN stands for which of the following?Wide Area Network
95.What ISDN protocol specifies concepts, terminology, and services?I
96.LAN stands for which of the following?Local Are Network
97.DHCP stands for Dynamic Host Configuration Protocol
98.What does the acronym ARP stand for?Address Resolution Protocol
99.Which layer is responsible for identifying and establishing the availability of the intended communication partner?Application.
100.Which OSI layer provides mechanical, electrical, procedural for activating, maintaining physical link?Physical
What do you mean by the term ‘routing’? What a router must know to route a packet?
‘Routing’ is used to deliver a packet from one device to another device through communication network. Routing is performed by the router and each router maintains a routing table. A routing table contains the information of the best possible paths from source router to the destination router.
A router must know the following to route a packet:
a. Address of the destination
b. Neighbor routers
c. Routes to all remote networks
d. The best route to each remote network
e. Way to maintain and verify routing information
Comment on Static Routing, Default Routing and Dynamic Routing.
To route a packet over the communication network, a network administrator has to configure a router. These configurations are of three types:
Static Routing: A network administrator manually configures the routes for a router. A static route has higher priority than a dynamic route.
Default Routing: Default routing is used only for the network that has only a single connection to router. Static routes are also manually configured.
Dynamic Routing: Dynamic routing used various routing protocols to route packets. A route is automatically updated as a topology change occurs. Dynamic routing is easier than static and default routing.
How many classes of routing protocols are there. Describe each?
There are three classes of routing protocols: Distance vector, Link State and Hybrid
Distance Vector: This routing protocol discover the best path to a remote network by judging distance. This type of protocols counts the hop; hops are the number of the routers from which a packet goes. The vector points to the direction of remote network.
Example: RIP and IGRP
Link State: A router send updates containing the state of their own link to the other routers. This is also called shortest path first protocol. Three different tables are maintained by the router using this protocol. One is routing table, one of directly attached neighbors and one for the topology of entire internetwork. Link state enables a router to know about internetwork.
Example: OSPF
Hybrid: Hybrid protocols contain the features of both Distance vector and link state protocols.
Example: EIGRP
Why do Routing Loops occur and how to overcome them?
a) Routing loop is common problem of various types of networks. Distance vector routing protocol keeps track of any change to the internetwork by broadcasting periodic updates. This works okay but if a network outage happens then routing loops occurs in the network. The main reason to occur routing loops is that each router is not updated at the same time and the fake information of a router’s link broadcasted.
Three rules for distance vector routing protocol are developed to overcome routing loops:
i. Split Horizon: According to this rule, never broadcast a route out of the interface through which it received. It helps to avoid loops between adjacent routers.
ii. Route Poisoning: When a network goes down than the router associated to that network initiates route poisoning. This shows an unreachable network.
iii. Holddown timer: Holddown timer says that if a route advertised as down, do not listen to routing updates from that route for a specified period of time.
Define OSPF and what features are provided by OSPF?
OSPF is abbreviated as Open Shortest Path First. OSPF is an open standard and supported by a large variety of network vendors, including Cisco. OSPF works on the concept of Dijkstra algorithm in which a shortest path is maintained and routing table is populated on that path.
Some features of OSPF are:
i. Minimizes routing update traffic
ii. Open standard routing protocol
iii. Unlimited hop count
iv. Routing update traffic is lesser than any other routing protocol.
Define Routing Information Protocol (RIP) and what is the difference between RIPv1 and RIPv2?
RIP is a distance vector routing protocol which uses hop count to find the best way to a remote network. RIP sends its complete routing table to neighbor router in every 30 seconds. RIP uses maximum 15 hop count and is suitable only for small networks.
RIPv1 uses classful routing that means all the devices in the network must use the same subnet mask and do not send subnet mask information with routing updates. While RIPv2 uses classless routing and subnet mask information is sent with routing update.
What is IGRP? Differentiate between IGRP and RIP.
IGRP is abbreviated as Interior Gateway Routing Protocol. This is created by Cisco and all the routers must be of Cisco to run this protocol. IGRP is developed to overcome the problem with RIP. RIP can be used only for small network because it uses maximum 15 hop-counts while IGRP can be used for bigger networks because it uses 255 hop-counts.
i. IGRP uses autonomous system number and supplies this number to all routers while in RIP there is no autonomous number.
ii. IGRP updates its Routing table every 90 seconds and RIP updates its routing table in every 30 seconds.
iii. IGRP has administrative distance of 100 while RIP has 120.
iv. IGRP uses maximum 255 hop-counts while RIP uses 15 maximum hop-counts.
What is EIGRP and what conditions are needed to neighbourship establishment in context to EIGRP?
EIGRP is abbreviated as Enhanced Interior Gateway Routing Protocol. EIGRP is a proprietary Cisco protocol that runs only on Cisco routers. EIGRP is a popular routing protocol now days. EIGRP is a classless, enhanced distance routing protocol.
Before EIGRP routers wants to exchange routes, they have to establish a neighborhood relationship. To establish this neighbourship three conditions must meet:
i. Autonomous System Numbers must match
ii. Hello packet must received
iii. Metrics value must identical
OSPF is supposed to be design in a hierarchical fashion; what are the reasons for creating OSPF in a hierarchical fashion?
OSPF (Open Shortest Path First) is supposed to be design in hierarchical fashion so that a large internetwork could be break into smaller network. These smaller networks are called areas.
Following are some reasons for creating OSPF in hierarchical design:
i. To reduce the routing overhead
ii. To break a bigger internetwork into smaller internetworks caller areas
iii. To accelerate convergence
What do you mean by ‘Switching’? What are the services provided by Switching?
Generally switching refers to the layer 2 switching. Switching is a process which uses the hardware address or MAC address of a device to switch a packet from one device to another.
Services provided by switching are:
i. Switches use Application-Specific Integrated Circuits (ASICs) to make and maintain their filter table.
ii. Time required to transfer a packet is low i.e. low latency
iii. Cost is low
What is Spanning Tree Protocol (STP) and define some STP terms?
The main function of STP is to prevent the network loops occurring in switching network. STP monitors the network to find all links and shut down the redundant links. For this STP uses Spanning tree algorithm.
Some STP terms are:
Root Bridge: To select a root bridge an election is done by all switches in a switching network. All the decisions like- which port is to be blocked and which port is forwarding are made from the viewpoint of Root Bridge.
BPDU: BPDUs (Bridge Protocol Data Unit) are sending from one switch to another to elect a root bridge.
Bridge ID: Bridge ID is an identifier of a Switch.
Three switch functions are address learning, forward/filter decision, loop avoidance. Define these functions.
Address Learning: In Layer 2 switching, each interface of a switch learns the source hardware address (MAC address) and save this into its MAC database table. This table is also known as forward filter table.
Forward/filter decisions: Forward/filter decision is taken by the switch to forward a frame to a specific destination port. The frame which comes on an interface, switch sees its MAC address table and forward this frame to a specific destination port.
Loop Avoidance: Network loops can arise if multiple connections are formed between switches for redundancy purposes. TO prevent network loops STP (Spanning Tree Protocol) is used and redundancy is also maintained.
How STP works and what is the purpose for STP?
Firstly STP elects a Root Bridge and forward to all ports and this root bridge acts as a point of reference for all other devices in STP domain. When all switches agreed on root bridge, every switch must find its one and only allotted root port. Each and every link between switches must have one and only one designated port in such a way that it must provide the highest bandwidth to link.
The main purpose for STP is to prevent the network loops.
Define Spanning-Tree port states.
The port of switches running STP can has five different port state:
- Blocking: A blocking port only listens to BPDUs while cannot forward frames.
- Listening: Listening port only listen to BPDUs and preparing to forward frames.
- Learning: The switch listen to BPDUs and learns all the paths in the LAN network.
- Forwarding: In this port state, switch port can forward and receive the frames.
- Disabled: In disabled state a switch port is administratively down and that port do not participate frame forwarding.
What are Manageable and unmanageable switches? What is the advantage of manageable over unmanageable?
Manageable Switch: Managed switches allows the layer 3 functionality and can be used as a router. It has own IP address and can be easily configured. It also has ability to traffic control, port blocking and VLANs configuration.
Unmanageable Switch: Unmanageable switches are layer 2 switches and learn only hardware address (MAC address). It learns the MAC address of all the connected devices and when a frame came from some source it broadcast it to all ports and throws frame to destination (by using its MAC table).
Advantages of manageable over unmanageable are:
i. IP address can be assigned to manageable switch and can it can be access through ‘telnet’ command.
ii. More secure than unmanageable because any port can be block at any time.
iii. Managed switch has router like capabilities.
iv. Managed switch can manage the bandwidth of link.
If your routing table has a static, a RIP, and an IGRP route to the same network, by default which route will be used to route packets?
Administrative distance rates the trustworthiness of the any routing protocol. AD value is an integer from 0 to 255 and trustworthiness increases with the increasing order of the AD value.
Static route will be used to route packets. Static routes have an administrative distance of 1 by default. IGRP has an administrative distance of 100, and RIP has an administrative distance of 120, by default.
If a switch receives a frame and the source MAC address is not in the MAC address table but the destination address is, what will switch do with the frame?
Since the source MAC address is not in the MAC address table, firstly the switch will add the source MAC address and the port it is connected to into its MAC address table and then forward the frame to the outgoing port and frame reached to the right destination address.
If you want to improve switched network performance by increasing the bandwidth available to hosts and limit the size of broadcast domains. Which of the following options will achieve this goal—(i) Bridges, (ii) Switches or (iii) Switches configured with VLANs?
Switches configured with VLANs will improves the network performance. By creating and implementing VLANs in our switched network, we can break up broadcast domain and limit the size of broadcast domain. VLANs greatly enhance network security which also improves the switched network performance.
If two connected routers are configured with RIP routing. What will be the result when a router receives a routing update that contains a higher-cost path to network already in its routing table?
When a routing update is received by a router, the router first checks the administrative distance (AD) value and always choose the route with the lowest administrative distance value. However, if two routes are received and they both have same administrative distance value, then the router will choose the one route with the lowest metrics, or in RIP’s case, hop count.
RIP allows a maximum hop-count of 15, so anything that requires 16 hops is consider as unreachable. Hence if a router receives a routing update that contains a higher-cost path but have lower hops than the packet will be transferred through that path.
ROUTING
RIP
RIP Stand for Routing Information Protocol
Type :Distance Vector Routing ProtocolAD Value :120Hello Timer :NoneUpdate Timer :30 secDead Timer :180 secTransport :520 (UDP)Multicast Add :224.0.0.9
RIP (Routing Information Protocol) it is open standard for any vendor use and it is a widely used protocol for managing router information within a network such as a corporate local area network (LAN). RIP is classified by the Internet Engineering Task Force (IETF) as one of several internal gateway protocols (Interior Gateway Protocol).
It uses metric as hop count (max hop count is 15) It sends periodic update for every 30 sec. It is mostly used for small business network.
Difference between Rip V1 & Rip V2
Rip V1
It is a Class full Protocol. Classful Protocol: - Supports networks
with same Subnet Mask RIPV1 uses Broadcast Address RIPV1 Universal Broadcast
(255.255.255.255) RIPV1 does not VLSM.
Rip V2
It is a Classless Protocol. Classless Protocol: - Supports
subnetted networks; It carries the information of subnet mask
RIP V2 uses Multicast Address RIPV2 uses Multicast (224.0.0.9). RIPV2 supports VLSM
RIP – Passive Interface
The passive-interface command prevents a RIP-enabled router from sending broadcast and multicast RIP updates out of a specific interface, a set of interfaces, or all router’s interfaces.
The passive-interface command has the following syntax:
passive-interface [default] {interface type/number}
When this command is used with the default keyword, the router will disable all kinds of RIP updates except unicast RIP updates out of all the interfaces. Unicast RIP updates are configured using the neighbor command in router configuration mode. If the default keyword is not used, then the router will send broadcast or multicast RIP updates (depending on the configured RIP versions) out the interface(s) specified in the passive-interface statement. The following example configures the router R1 to disable RIPv2 updates out of the interfaces f0/0 and f0/1 according to the network diagram below.
R1(config-router)#router ripR1(config-router)#version 2R1(config-router)#network 10.0.0.0R1(config-router)#network 140.1.0.0R1(config-router)#passive-interface fastethernet 0/0R1(config-router)#passive-interface fastethernet 0/1R1(config-router)#endR1#
Split horizon
Split horizon is a technique used to avoid RIP routing loops. When split horizon is enabled on a specific interface, the router does not re-advertise RIP routes received on that interface. Now, let’s analyze the following network. We assume that RIP auto summarization is disabled on the network.
R2 and R3 will send routing information about the subnets 20.20.20.0./24 and 140.1.3.0/24, respectively to R1. R1 will receive this information over the interface Serial1/0.1 (frame relay multipoint interface). Because split horizon is enabled on R1′s serial 1/0.1 sub-interface, then R1 will not advertise the subnets 20.20.20.0./24 and 140.1.3.0/24 to R3 and R2, respectively. To avoid this, we should disable split horizon on the interface serial 1/0.1. Therefore, R1 will send the subnets 20.20.20.0./24 and 140.1.3.0/24 to R3 and R2, respectively.
The ip split-horizon command has no parameters or keywords, and it was introduced in Cisco IOS Software Release 10.0. By default, this command is enabled on all types of interfaces, except on main frame-relay interfaces and SDMS interfaces.
In the following example, we’ll configure R1 in order to enable IP connectivity between R2 and R3 by disabling split horizon on the interface serial1/0.1.
R1(config)#router ripR1(config-router)#version 2R1(config-router)#network 10.0.0.0R1(config-router)#network 140.1.0.0R1(config-router)#no auto-summaryR1(config-router)#exitR1(config)#!R1(config)#!R1(config)#interface serial 1/0.1R1(config-subif)# no ip split-horizonR1(config-subif)#^ZR1#
ROUTING
EIGRP
EIGRP Stand for Enhanced Interior Gateway Routing Protocol
Type :Advanced Distance Vector Routing Protocol AD Value :90Hello Timer :60 secUpdate Timer :NoneDead Timer :3 Hellos Transport :88 (IP)Multicast Add :224.0.0.10
EIGRP stands for Enhanced Interior Gateway Routing Protocol, it is also called balanced hybrid routing protocol or advanced distance vector routing protocol. It support for variable length subnet mask (VLSM), It maintain three type of tables i.e., neighbour table, topology table & routing table
1. Neighbour – directly connected neighbour (feasible successor) 2. Topology – all path reach to destination (feasible successor) 3. Routing – best path (successor)
DUAL: Diffusion update algorithm
1. Successor is available in routing table 2. If successor failed means it will take the feasible successor
DUAL Parameter
1. A.D = Advertised distance (Reported Distance) 2. F.D = Feasible distance
Reported Distance: The metric for a route advertised by a neighbour.Feasible distance: The distance advertised by a neighbour plus the cost to get to that neighbour.
EIGRP Packet Types:
EIGRP uses five types of packet :
Hello—EIGRP uses hello packets in the discovery of neighbours. They are multicast to 224.0.0.10. By default, EIGRP sends hello packets every 5 seconds (60 seconds on WAN links with 1544 Mbps speeds or less).
Acknowledgment—an acknowledgment packet acknowledges the reception of an update packet. It is a hello packet with no data. EIGRP sends acknowledgment packets to the unicast address of the sender of the update packet.
Update—Update packets contain routing information for destinations. EIGRP unicasts update packets to newly discovered neighbours; otherwise, it multicasts update packets to 224.0.0.10 when a link or metric changes. Update packets are acknowledged to ensure reliable transmission.
Query—EIGRP sends query packets to find feasible successors to a destination. Query packets are always multicast.
Reply—EIGRP sends reply packets to respond to query packets. Reply packets provide a feasible successor to the sender of the query. Reply packets are unicast to the sender of the query packet.
EIGRP Summary
The characteristics of EIGRP follow:
Uses IP protocol 88. Classless protocol (supports VLSMs). Administrative distance is 90 for EIGRP internal routes, 170 for EIGRP external routes,
and 5 for EIGRP summary routes. Hybrid routing protocol (distance vector that has link-state protocol characteristics). Support for authentication. Uses DUAL for loop prevention. Default composite metric uses bandwidth and delay. You can factor load and reliability into the metric. Sends partial route updates only when there are changes. By default, equal-cost load balancing. Unequal-cost load balancing with the variance
command. Potential routing protocol for the core of a network; used in large networks.
OSPF
OSPF Stand for Open Shortest Path First
Type : Link state Routing Protocol AD Value :110Hello Timer :10 secUpdate Timer :NoneDead Timer :4 Hellos Transport :89 (IP)Multicast Add :224.0.0.5-6
Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. OSPF is designated by the Internet Engineering Task Force (IETF). Specifically, it is a link-state routing protocol and falls into the group of interior gateway protocols, operating within an autonomous system (AS). Unlimited router can be used. CPU usage will be high, to reduce the CPU Usage using area.
An OSPF network can be divided into sub-domains called areas. An area is a logical collection of OSPF networks, routers, and links that have the same area identification. Kindly find the area details as below.
The backbone area, which is also referred to as Area 0. All other areas must connect to the backbone area. Hence, this area is obligatory.
An ordinary or standard area, which is an area that connects to the backbone (Area 0) and is treated as a separate entity. All routers in a standard area have the same topological database, but their routing tables will be based on the routers position in the standard area and will thus be unique to the router.
A stub area, which is an area that does not accept external summary routes. A router within a stub area can only see outside the autonomous system if a default route has been configuration for it.
A totally stubby area, which is similar to a stub area. In this area, the default route must be configured as 0.0.0.0. This type of area is useful for remote sites that have few networks and limited connectivity with the rest of the network and is a Cisco proprietary solution.
A not so stubby area (NSSA), which is a stub area that can receive external routes but will not propagate those external routes into the backbone area.
OSPF Network Type:
If you are working on OSPF then you need to know the different network types
Non broadcast - This is the default on frame relay networks.
a. Default on Multipoint interface like Frame-relay b. Hello interval 30 seconds c. Dead Interval 120 seconds d. DR/BDR election e. Updates are sent as unicast f. Neighbor command required on hub router g. Next hop is not changed and remains the IP address of the originating router
Broadcast - This is the default on Ethernet/broadcast networks. Does have DR/BDR election.
a. Default on Ethernet b. Hello interval 10 seconds c. Dead Interval 40 seconds d. DR/BDR election e. Updates are sent as multicast f. Next hop is not changed and remains the IP address of the originating router
Point-to-point – No DR/BDR election. This one is pretty self explanatory.
a. Default on HDLC, PPP and Frame-relay Point-to-Point b. Hello Interval 10 seconds c. Dead Interval 40 seconds d. No DR/BDR Election e. Multicast updates to 224.0.0.5 f. Next hop address is that of the advertising router
Point-to-multipoint
a. Cisco proprietary b. Host routes are added in the routing table c. Hello Interval 30 seconds d. Dead Interval 40 seconds e. No DR/BDR Election f. Multicast updates to 224.0.0.5 g. Next hop address is that of the advertising router h. Frame-relay partial mesh
Point-to-multipoint non broadcast
a. Cisco proprietary b. Hello Interval 30 seconds c. Dead Interval 120 seconds d. Frame-relay Partial Mesh e. No DR/BDR Election f. Unicast updates
BGP
BGP Stand for Border Gateway Protocol
Type :Path Vector AD Value :20Transport :179 (TCP)Multicast Add :N/A
The Border Gateway Protocol (BGP) is an inter autonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). Customer networks, such as universities and corporations, usually employ an Interior Gateway Protocol (IGP) such as RIP or OSPF for the exchange of routing information within their networks. Customers connect to ISPs, and ISPs use BGP to exchange customer and ISP routes. When BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP).
BGP Attributes are
1. Weight 5. AS_path
2. Local preference 6. Next hop
3. Multi-exit discriminator 7. Community
4.Origin
Weight Attribute
Weight is a Cisco-defined attribute that is local to a router. The weight attribute is not advertised to neighboring routers. If the router learns about more than one route to the same destination, the route with the highest weight will be preferred.
Local Preference Attribute
The local preference attribute is used to prefer an exit point from the local autonomous system (AS). Unlike the weight attribute, the local preference attribute is propagated
throughout the local AS. If there are multiple exit points from the AS, the local preference attribute is used to select the exit point for a specific route
Multi-Exit Discriminator Attribute
The multi-exit discriminator (MED) or metric attribute is used as a suggestion to an external AS regarding the preferred route into the AS that is advertising the metric. The term suggestion is used because the external AS that is receiving the MEDs may be using other BGP attributes for route selection. We will cover the rules regarding route selection in the next section.
Origin Attribute
The origin attribute indicates how BGP learned about a particular route. The origin attribute can have one of three possible values:
IGP - The route is interior to the originating AS. This value is set when the network router configuration command is used to inject the route into BGP.
EGP - The route is learned via the Exterior Border Gateway Protocol (EBGP).
Incomplete - The origin of the route is unknown or learned in some other way. An origin of incomplete occurs when a route is redistributed into BGP.
AS_path Attribute
When a route advertisement passes through an autonomous system, the AS number is added to an ordered list of AS numbers that the route advertisement has traversed.
Next-Hop Attribute
The EBGP next-hop attribute is the IP address that is used to reach the advertising router. For EBGP peers, the next-hop address is the IP address of the connection between the peers. For IBGP, the EBGP next-hop address is carried into the local AS.
Community Attribute
The community attribute provides a way of grouping destinations, called communities, to which routing decisions (such as acceptance, preference, and redistribution) can be applied. Route maps are used to set the community attribute. Predefined community attributes are listed here:
No-export - Do not advertise this route to EBGP peers.
No-advertise - Do not advertise this route to any peer.
Internet - Advertise this route to the Internet community; all routers in the network belong to it.
SWITCHING
VLAN
Virtual LAN (VLAN) refers to a group of logically network devices on one or more LANs that are configured so that they can communicate as if they were attached to the same cable. VLANs are defined by the standards IEEE 802.1D, 802.1p, 802.1Q and 802.10.
Advantage of VLAN
More flexibility in administration and changes to the network because all the structure can be changed by simple parameter of the switches.
Reduction in the broadcasting of traffic on the network. Increase in security because information is encapsulated in an additional level and
possibly analyzed.
Types of VLAN
A Port Based VLAN defines a virtual network according to the connection ports on the switch.
A MAC Address-Based VLAN comprises of defining a virtual network according to the MAC addresses of the stations; This type of VLAN is much more flexible than the port based VLAN because the network is independent from the location of the station;
Network Address Based VLAN links subnets according to the source IP address of the datagram. This type of solution provides great flexibility insofar as the configuration of the switches changes automatically when a station is
moved. On the other hand there may be slight degradation in performance since the information contained in the packets must be analyzed more closely.
Protocol Based VLAN makes it possible to create a virtual network by protocol type (for example TCP/IP, IPX, AppleTalk, etc.), therefore grouping together all the machines using the same protocol on the same network.
By default VLAN details in CISCO switch, to view the details give “show vlan” in CISCO switch
VTP
VTP stands for Vlan Trunk Protocol; it is a Layer2 messaging protocol is used to maintain the Vlan configuration consistency by managing addition, deletion and renaming of Vlan. When configure a new VLAN on one VTP server, the VLAN is distributed through all switches in the domain. This reduces the need to configure the same VLAN everywhere. VTP is a Cisco-proprietary protocol that is available on most of the Cisco Catalyst series products.
Three types of VTP modes:
Server Mode: - the server mode has full permission to delete, create and alter.
Client Mode: - the client mode have not permit to delete, create and rename the vlans, it only receive information from the server and update accordingly it pass the same information to its clients switch.
Transparent Mode: - it only receive information form server but not update accordingly server. It only forwards the information to its next switch.
Three types of Advertisement
1. Summary, 2. Subset and 3. Request
Summary Advertisement: Send every five minutes by a server or client to inform neighbouring switches of what it believes is the current VTP configuration revision number for its management domain. It sends immediately after a configuration change has been made.
Subset Advertisement: This is sent if any change in the VLAN configuration has been made or in response to an advertisement request.
Advertisement request: Solicits both a summary advertisement and a subset advertisement from the server in the management domain.
STP
Spanning Tree Protocol (STP) is a Layer 2 protocol that runs on bridges and switches. The specification for STP is IEEE 802.1D. The main purpose of STP is to ensure that you do not create loops when you have redundant paths in your network. Loops are deadly to a network. Spanning-Tree Protocol is a link management protocol that provides path redundancy while preventing undesirable loops in the network.
STP uses the spanning-tree algorithm (STA) to first create a topology database, then search out and destroy redundant links.
Each port on a switch using Spanning-Tree Protocol exists in one of the following five states:
1. Blocking
2. Listening
3. Learning
4. Forwarding
5. Disabled
Blocking - A port that would cause a switching loop, no user data is sent or received but it may go into forwarding mode if the other links in use were to fail and the spanning tree algorithm determines the port may transition to the forwarding state. BPDU data is still received in blocking state.
Listening - The switch processes BPDUs (Bridge Protocol Data Units) and awaits possible new information that would cause it to return to the blocking state.
Learning - While the port does not yet forward packets it does learn source addresses from packet received and adds them to the Switching database (filtering database)
Forwarding - A port receiving and sending data, normal operation. STP still monitors incoming BPDUs that would indicate it should return to the blocking state to prevent a loop.
Disabled - Not strictly part of STP, a network administrator can manually disable a port
Types of STP
Rapid Spanning Tree Protocol (RSTP):
Rapid Spanning Tree Protocol (RSTP), which provides for faster spanning tree convergence after a topology change. While STP can take 30 to 50 seconds to respond to a topology change, RSTP is typically able to respond to changes within 3*Hello times (default: 6 seconds). The so-called Hello time is an important and configurable time interval that is used by RSTP for several purposes; its default value is 2 seconds
Multiple Spanning Tree Protocol (MSTP):
MSTP allows formation of MST regions that can run multiple MST instances (MSTI). Multiple regions and other STP bridges are interconnected using one single common spanning tree (CST). MSTP was inspired by Cisco system Multiple Instances Spanning Tree Protocol (MISTP), and is an evolution of the STP and the RSTP.
Per-VLAN Spanning Tree (PVST):
PVST and PVST+, which are the default protocol used by Cisco switches. Both PVST and PVST+ protocols are Cisco proprietary protocol. PVST works only with Inter Switch Link (ISL).
Rapid Per-VLAN Spanning Tree (R-PVST):
It is Cisco's proprietary protocol that combines the functionalities of RSTP and PVST. It is based on a per VLAN instance that creates a tree for each VLAN.
ETHER CHANNELS
EtherChannel is a port trunking (aggregation in Cisco's term) technology primarily used on Cisco switches. It allows grouping several physical Ethernet links to create one logical Ethernet link for the purpose of providing fault-tolerance and high-speed links between switches, routers, and servers.
An EtherChannel can be created from between two and eight Fast Ethernet, Gigabit Ethernet, or 10 Gigabit Ethernet ports. EtherChannel is primarily used in the backbone network, but can also be used to connect UNIX and PC.
EtherChannel provides incremental trunk speeds between Fast Ethernet, Gigabit Ethernet, and 10 Gigabit Ethernet. EtherChannel combines multiple Fast Ethernet up to 800Mbps, Gigabit Ethernet up to 8Gbps , and 10 Gigabit Ethernet up to 80Gbps.
PORT SECURITY
Port security is a layer two traffic control feature on Cisco switches. If it is enabled an administrator configure individual switch ports to allow only a specified number of source MAC addresses in the port. Configuring the Port Security feature is relatively easy. In its simplest form, port security requires going to an already enabled switch port and entering the port-security Interface Mode command
Techiebird-Sw# config ter
Techiebird-Sw(config)# int fa0/13
Techiebird-Sw(config-if)# switchport port-security ?
Aging Port-security aging commandsMac-address Secure Mac addressMaximum Max secure addressesViolation Security violation mode
Techiebird-Sw (config-if)# switchport port-security
Techiebird-Sw(config-if)#^Z
By entering the most basic command to configure port security, we accepted the default settings of only allowing one MAC address, determining that MAC address from the first device that communicates on this switch port, and shutting down that switch port if another MAC address attempts to communicate via the port. But you don’t have to accept the defaults.
You can also configure port security on a range of ports.
Techiebird-Sw# config ter
Techiebird-Sw(config)# int range fastEth 0/1 – 8
Techiebird-Sw(config-if)# switchport port-security
However, you need to be very careful with this option if you enter this command on an uplink port that goes to more than one device. As soon as the second device sends a packet, the entire port will shut down.
Status of port security
Once you’ve configured port security and the Ethernet device on that port has sent traffic, the switch will record the MAC address and secure the port using that address.
Techiebird-Sw# show port-security address
Disabling Port Security
To disable port security we have configured fa0/13 for port security now if you want to disable port security follow the below steps.
Techiebird-Sw# config ter
Techiebird-Sw(config-if)# no switchport port-security
Techiebird-Sw(config-if)# end
ACL
ACL stands of Access Control List; it is packet filtering method, which filters the IP packets based on source and destination address. It is set of rules or conditions that permit or deny the IP packets.
Cisco ACLs are divided into types. 1. Standard ACL & 2. Extended ACL.
Standard ACL - Standard IP Access Lists ranging in number from 1 to 99. Standard ACL control the traffic based on the source IP address only.
Extended ACL - Extended IP Access Lists ranging in number from 100 to 199. Extended ACL control the traffic based on the source IP address, destination IP address, source port number and destination port number.
Syntax for IP standard ACL.
Access-list access-list-number {permit|deny}{host|source source-wildcard|any}
Standard ACL example:
Access-list 10 permit 192.168.3.0 0.0.0.255
This list allows traffic from all addresses in the range 192.168.3.0 to 192.168.3.255 Note that when configuring access lists on a router, you must identify each access list uniquely by assigning either a name or a number to the protocol's access list.
There is an implicit deny added to every access list. If you entered the command:
show access-list 10
The output looks like:Access-list 10 permit 192.168.2.0 0.0.0.255Access-list 10 deny any
Syntax for IP Extended ACL:
Access-list access-list-number {deny | permit} protocol source source-wildcarddestination destination-wildcard [precedence precedence]Note that the above syntax is simplified, and given for general understanding only.
Extended ACL example:
Access-list 130 - Applied to traffic leaving the office (outgoing)Access-list 130 permit tcp 192.133.3.0 0.0.0.255 any eq 23
ACL 130 permits traffic originating from any address on the 192.133.3.0 network. The 'any' statement means that the traffic is allowed to have any destination address with the limitation of going to port 23. The value of 0.0.0.0/255.255.255.255 can be specified as 'any'.
IP Sec
Short for IP Security, a set of protocols developed by the Internet engineering Task Force(IETF) to support secure exchange of packets at the IP layer. IPsec has been deployed widely to implement Virtual Private Networks (VPNs).
IPsec supports two encryption modes: Transport and Tunnel. Transport mode encrypts only the data portion (payload) of each packet, but leaves the header untouched. The more secure Tunnel mode encrypts both the header and the payload.
For IPsec to work, the sending and receiving devices must share a public key. This is accomplished through a protocol known as Internet Security Association and Key Management Protocol/Oakley (ISAKMP/Oakley), which allows the receiver to obtain a public key and authenticate the sender using digital certificate.
IPSec VPN connection in general involves two phases.
Phase I Phase II
In phase 1 of this process, IKE creates an authenticated, secure channel between the two IKE peers, called the IKE security association. The Diffie-Hellman key agreement is always performed in this phase.
In phase 2, IKE negotiates the IPSec security associations and generates the required key material for IPSec. The sender offers one or more transform sets that are used to specify an allowed combination of transforms with their respective settings. The sender also indicates the data flow to which the transform set is to be applied. The sender must offer at least one transform set. The receiver then sends back a single transform set, which indicates the mutually agreed-upon transforms and algorithms for this particular IPSec session. A new Diffie-Hellman agreement may be done in phase 2, or the keys may be derived from the phase 1 shared secret.
WAN Technology
HDLC
HDLC stands for High-Level Data Link Control. It is a bit oriented, switched and non-switched protocol. It is a data link layer protocol and falls within layer 2. HDLC is a protocol developed by the International Organization for Standardization(ISO). It has been so widely implemented because it supports both half duplex and full duplex communication lines, point to point(peer to peer) and multi-point networks, and switched or non-switched channels.
Two subsets widely in use are:
1. Synchronous Data Link Control(SDLC) and
2. Link Access Procedure-Balanced(LAP-B).
HDLC have three stations, The three stations are :
Primary station:
Has the responsibility of controlling the operation of data flow the link. Handles error recovery Frames issued by the primary station are called commands.
Secondary station:
Operates under the control of the primary station. Frames issued by a secondary station are called responses. The primary station maintains a separate logical link with each secondary station.
Combined station:
Acts as both as primary and secondary station. Does not rely on other for sending data
HDLC Frame Structure
The HDLC frame contains a beginning flag, a single byte address field, a single byte control field. The control field is then followed by a variable length information field and a Frame Check Sequence (FCS) that is two bytes (16 bits) long.
Flag Address Control Information Field Frame Check Sequence
The three modes of data transfer operations are:
Normal Response Mode (NRM)
Mainly used in terminal-mainframe networks. In this case, Secondaries (terminals) can only transmit when specifically instructed by the primary
station in response to a polling Unbalanced configuration, good for multi-point links
Asynchronous Response Mode (ARM)
Same as NRM except that the secondaries can initiate transmissions without direct polling from the primary station
Reduces overhead as no frames need to be sent to allow secondary nodes to transmit
Transmission proceeds when channel is detected idle , used mostly in point-to-point-links
Asynchronous Balanced Mode (ABM)
Mainly used in point-to-point links, for communication between combined stations
PPP
PPP stands for Point to Point Protocol . Establishing The connection between two points is called Point to Point Protocol. PPP comes into play when you establish a connection to your ISP (Internet Service Provider) via a modem. The name PPP comes from the fact that when you are connected to your ISP, the ISP and you make up two points on the network hence the protocol that is used to get things `happening' between the two of you is the Point to Point protocol or the PPP.
The PPP allows different types of protocols to function on its platform and on the same link. The PPP provides three methods of authentication; one is the Password Authentication Protocol that uses a password to authenticate or the Challenge Handshake Authentication Protocol which uses the handshake of the server with the dial up as an authentication and EAP
Difference between PAP and CHAP
PAP CHAP
1. Clear text 1. Encrypted
2. Less secure 2. High secure
3. Two way handshake method
Auth. Request Auth. Acknowledgment
3. Three way handshake method
Challenge Response Success
4. No periodic Check up 4. Periodical Check up
Extensible Authentication Protocol (EAP) is most commonly used for authentication on wireless networks
PPP Frames
There are many protocols that are included in the PPP frame that work in send and receive data on a network. The packages of data that are being sent and received on the network is called frame. The Point to Point Protocol usually follows a general and a standard format for all the frames that it sends or receives.
The Point to Point Protocol follows specified set of formats for different purposes on the network. The formats that are commonly used by the Point to Point Protocol are Link Control Protocol, and other authentication protocols like PAP and CHAP. The Point to Point Protocol also has a varied version called the PPP multilink protocol. All these protocols are used to transport the small bits of data over the link.
8 16 24 40bits Variable 16 - 32 bits
Flag Address Control Protocol Information FCS
Flag - indicates the beginning or end of a frame, consists of the binary sequence 01111110.
Address - contains the binary sequence 11111111, the standard broadcast address. (Note: PPP does not assign individual station addresses.)
Control - contains the binary sequence 00000011, which calls for transmission of user data in an unsequenced frame.
Protocol - identify the protocol encapsulated in the information field of the frame.
Information - Zero or more octet(s), contain the datagram for the protocol specified in the protocol field.
FCS - Frame Check Sequence (FCS) Field, normally 16 bits. By prior agreement, consenting PPP implementations can use a 32-bit FCS for improved error detection.
Frame Relay Frame relay is packet switching technology. Frame relay is a high performance WAN
protocol that operate at the physical and Data Link Layers of the OSI Models. Two Types of Circuits are there:
(i) PVCs - Permanent Virtual Circuits(ii) SVCs - Switched Virtual Circuits
Permanent Virtual Circuits (PVCs) are similar to Leased Line. PVCs is setup for a dedicated Point – to – Point connections.
Switched Virtual Circuits (SVCs) are similar to Telephone line switched connection. SVCs is setup on a Call – by – Call basis
Three states for PVCs Active - It means everything is UP.
Inactive - It means there is problem with the far end. Deleted - It means problem with Router and Frame Relay provider Equipment.
LMI – Local Management Interface The main function of Local Management Interface (LMI) is to allow the frame relay DTE and DCE to exchange the status information about the Virtual Circuits (VCs)
LMI Standard Types: Cisco Ansi q933a
MPLS
MPLS stands for Multiprotocol Label Switching, it enables Enterprises and Service Providers to build next-generation intelligent networks that deliver variety of advanced, value-added services over a single infrastructure. This economical solution can be integrated seamlessly over any existing infrastructure, such as Frame Relay, ATM, or Ethernet. With differing access links can be aggregated on an MPLS edge without changing their current environments. MPLS is independent of access technologies.Integration of MPLS application components, including
Layer 3 VPNs Layer 2 VPNs Traffic Engineering QoS GMPLS and IPV6
It enables the development of highly efficient, scalable, and secure networks that guarantee Service Level Agreements. MPLS delivers highly scalable, end-to-end IP services with simple configuration, management, and provisioning for providers and subscribers. A wide range of platforms support this solution, which is essential for both Service Provider and Enterprise networks.
CCNA INTERVIEW QUESTIONS AND ANSWERWS
Q:What is Networking?
Inter connection between the two or more computers is called the networking. Using three types of network are Intranet, Internet and Extranet (Eg. LAN, WAN & MAN)
Q:What is Bandwidth?
Every line has an upper limit and a lower limit on the frequency of signals it can carry. This limited range is called the bandwidth. Every line has a capacity of transmission of data, The maximum amount of data that can be transferred in a single line is called Bandwidth.
Q:What is VLAN?
VLAN Stand for Virtual Local Area Network. It is a logical grouping of network users and resources connected to administratively defined ports on a switch. Uses of VLAN are as follows:-
1. It is securied connection.
2. It increases flexibility.
3. It creates separate broadcast domain.
Q:What is CIDR?
CIDR Stands for classless inter domain routing. It helps in preventing the wasting of IP address and nowadays we are facing the shortage of the IP address.So this CIDR helps to prevent the waste of IP address.Shortly IPV6 will come into exist.
Q:What is VLSM?
VLSM stands for Variable length subnet mask, when try to separate a major subnet into minor ones, then that process is called VLSM. We can subnet in various lengths. Eg: 1.1.1.0-/24 can be separated into 1.1.1.0-/30 and 1.1.1.4-/28
Q:What is unicast?
Unicast is one type of transmission in which information is sent from one host to another host (i.e Source to Destination). In another words, Unicast transmission is between one-to-one nodes
Unicast ---> A transmission to a single interface card.
Q:What is Multicast?
Multicast is such differ from Unicast. It is another type of transmission or communication in which there may be more than host and the information sent is meant for a set of host.(i.e one source to group of destination
Multicast ---> A transmission to a group of interface cards on the network.
Q:What is Broadcast?
Broadcast is one type of transmission in which information is transfer from just one host but is received by all the host connected to the network. (i.e one source to all destination)
Broadcast ---> A transmission to all interface cards on the network.
Q:What is ACL?
ACL stands of Access Control List, It is packet filtering method, which filter the IP packets based on source and destination address. It is set of rules or condition that permit or deny the ip packets.
Cisco ACLs are divided into types.
1. Standard ACL & 2. Extended ACL.
Standard ACL - Standard IP Access Lists ranging in number from 1 to 99. Standard ACL control the traffic based on the source IP address only.
Extended ACL - Extended IP Access Lists ranging in number from 100 to 199. Extended ACL control the traffic based on the source IP address, destination IP address, source port number and destination port number.
Q:What is CEF?
Cisco Express Forwarding (CEF) is an advanced layer 3 switching technology used mainly in large core networks or the Internet to enhance the overall network performance.
CEF is mainly used to increase packet switching speed by reducing the overhead and delays introduced by other routing techniques. CEF consists of two key components: The Forwarding Information Base (FIB) and adjacencies. The FIB is similar to the routing table generated by multiple routing protocols, maintaining only the next-hop address for a particular IP-route.
The adjacency maintains layer 2 or switching information linked to a particular FIB entry, avoiding the need for an ARP request for each table lookup. There are five types of adjacencies:
1. Null adjacency.
2. Punt adjacency.
3. Glean adjacency.
4. Discard adjacency.
5. Drop adjacency. Q:What is CDP?
CDP Stand for Cisco Discovery Protocol, It's a Layer 2 protocol and used to check the availability of neighbouring Cisco devices. It can give you all the details of the neighbours. CDP provides network device inventory, connectivity information, and IP next hop information. CDP Version-2 (CDPv2) is the most recent release of the protocol and provides more intelligent device tracking features.
Sending CDP packets every 60 seconds and
Hold time is 180 seconds.
Q:What is SNMP?
The Simple Network Management Protocol (SNMP) is an application layer protocol (Layer 1) that facilitates the exchange of management information between network devices. It is part of the Transmission Control Protocol/Internet Protocol (TCP/IP) protocol suite. SNMP enables network administrators to manage network performance, find and solve network problems, and plan for network growth.
What is RIP and difference between Rip V1 & Rip V2?
RIP Stands for Routing information protocol. It is also called distance vector routing protocol. It is open standard for any vendor use. It uses metric as hop count (max hop count 15) AD 120. It sends periodic update for every 30 sec. It is used for small network.
Rip V1
1. It is a Class full Protocol.2.Classful Protocol: - Supports networks withSubnet Mask3.RIPV1 uses Broadcast Address4.RIPV1 Universal Broadcast (255.255.255.255)5. RIPV1 does not VLSM.
What is EIGRP?
EIGRP stands for Enhanced Interior Gateway Routing Protocol, it is also called balanced hybrid routing protocol or advanced distance vector routing protocol. Hello packets for every 5 sec, hold time 15 sec. It support for VLSM, the multicast address is 224.0.0.10. It maintain neighbour table, topology table & routing table
1. Neighbour – directly connected neighbour (feasible successor)
2. Topology – all path reach to destination (feasible successor)
3. Routing – best path (successor)
DUAL: Diffusion update algorithm
1. Successor is available
in routing table 2. If successor failed
means it will take the feasible successor
DUAL Parameter
1. A.D = Advertised distance (Reported Distance)
2. F.D = Feasible distance
Reported Distance: The metric for a route advertised by a neighbourFeasible distance: The distance advertised by a neighbour plus the cost to get to that neighbor
What is OSPF?
Open Shortest Path First (OSPF) is a dynamic routing protocol for use in Internet Protocol (IP) networks. OSPF is designated by the Internet Engineering Task Force (IETF). Specifically, it is a link-state routing protocol and falls into the group of interior gateway protocols, operating within an autonomous system (AS). Unlimited router can be used. CPU usage will be high, to reduce the CPU Usage using area.
What are the areas in OSPF?
• The backbone area, which is also referred to as Area 0. All other areas must connect to the backbone area. Hence, this area is obligatory.
• An ordinary or standard
area, which is an area that connects to the backbone (Area 0) and is treated as a separate entity. All routers in a standard area have the same topological database, but their routing tables will be based on the routers position in the standard area and will thus be unique to the router.
• A stub area, which is an area that does not accept external summary routes. A router within a stub area can only see outside the autonomous system if a default route has been configuration for it.
• A totally stubby area, which is similar to a stub area. In this area, the default route must be configured as 0.0.0.0. This type of area is useful for remote sites that have few networks and limited connectivity with the rest of the network and is a Cisco proprietary solution.
• A not so stubby area (NSSA), which is a stub area that can receive external routes but will not propagate those external routes into the backbone area.
What are the network types in OSPF?
1. Non broadcast - This is the default on frame relay networks has a DR/BDR election. Neighbor command
needed to establish adjacency.
2. Broadcast - This is the default on Ethernet/broadcast networks. Does have DR/BDR election.
3. Point-to-point - No DR/BDR election. This one is pretty self explanatory.
4. Point-to-multipoint - Does not have a DR/BDR election. Solves some design issues with the next hop processing for NONBROADCAST. Treats as a collection of P2P links.
5. Point-to-multipoint non broadcast - Same as P2M but does not use pseudo broadcast. Must statically define neighbors.
6. Loopback - OSPF treats these as stub hosts. (/32)
What are BGP and their attributes?
The Border Gateway Protocol (BGP) is an inter autonomous system routing protocol. An autonomous system is a network or group of networks under a common administration and with common routing policies. BGP is used to exchange routing information for the Internet and is the protocol used between Internet service providers (ISP). Customer networks, such as universities and corporations, usually employ an Interior Gateway Protocol (IGP) such as RIP or OSPF for the exchange of routing information within their networks. Customers connect to ISPs, and ISPs use BGP to exchange customer and ISP routes. When BGP is used between autonomous systems (AS), the protocol is referred to as External BGP (EBGP). If a service provider is using BGP to exchange routes within an AS, then the protocol is referred to as Interior BGP (IBGP).
BGP Attributes are
1. Weight 5. AS_path
2. Local preference 6. Next hop
3. Multi-exit discriminator 7. Community
4.Origin
What is PPPoE?
Point to Point Protocol over
Ethernet (PPPoE) is network protocols that allow data communication between two network entities or points, which supports network layer protocols including IPv4 and IPv6. PPP supports three types of user authentication protocols that provide varying levels of security.
1. PAP 2. CHAP 3. EAP
PAP1. Clear text 2. Less secure3. Two way handshake method Auth. Request Auth. Acknowledgment 4. No periodic Check upExtensible Authentication Protocol (EAP) is most commonly used for authentication on wireless networks
What are the timers for dynamic routing protocol?
RipHello NoneUpdate timers 30 secDead timers 180 secWhat is the AD Value for Dynamic routing protocols?
RipAD 120
