Compiled by Yousuf.M.Rafi(05B-043-EE) Number System Introduction A number system defines a set of values used to represent quantity. You may regard each digit as a box that can hold a number. In the binary system, there can be only two choices for this number -- either a "0" or a "1". In the octal system, there can be eight possibilities: "0", "1", "2", "3", "4", "5", "6", "7". In the decimal system, there are ten different numbers that can enter the digit box: "0", "1", "2", "3", "4", "5", "6", "7", "8", "9". In the hexadecimal system, we allow 16 numbers: "0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", and "F". As demonstrated by the following table, there is a direct correspondence between the binary system and the Hexa system, with four binary digits translate directly into one hexadecimal digit. In computer usage, hexadecimal notation is especially common because it easily replaces the binary notation, which is too long and human mistakes in transcribing the binary numbers are too easily made. Base Conversion Table BIN HEX DEC ---------------0000 0 0 0001 1 1 0010 2 2 0011 3 3 0100 4 4 0101 5 5 0110 6 6 0111 7 7 ---------------1000 8 8 1001 9 9 1010 A 10 1011 B 11 1100 C 12 1101 D 13 1110 E 14 1111 F 15
1
�Compiled by Yousuf.M.Rafi(05B-043-EE)
Convert From Any Base To Decimal Let's think more carefully what a decimal number means. For example, 1234 means that there are four boxes (digits); and there are 4 one's in the right-most box (least significant digit), 3 ten's in the next box, 2 hundred's in the next box, and finally 1 thousand's in the left-most box (most significant digit). The total is 1234: Original Number: 1 2 3 4 |||| How Many Tokens: 1 2 3 4 Digit/Token Value: 1000 100 10 1 Value: 1000 + 200 + 30 + 4 = 1234 or simply, 1*1000 + 2*100 + 3*10 + 4*1 = 1234 Thus, each digit has a value: 10^0=1 for the least significant digit, increasing to 10^1=10, 10^2=100, 10^3=1000, and so forth. Likewise, the least significant digit in a hexadecimal number has a value of 16^0=1 for the least significant digit, increasing to 16^1=16 for the next digit, 16^2=256 for the next, 16^3=4096 for the next, and so forth. Thus, 1234 means that there are four boxes (digits); and there are 4 one's in the right-most box (least significant digit), 3 sixteen's in the next box, 2 256's in the next, and 1 4096's in the left-most box (most significant digit). The total is: 1*4096 + 2*256 + 3*16 + 4*1 = 4660 Example. Convert the hexadecimal number 4B3 to decimal notation. Solution: Original Number : 4 B 3 ||| How Many Tokens : 4 11 3 Digit/Token Value: 256 16 1 Value: 1024 +176 + 3 = 1203 Another way is to think of a cash register with different slots, each holding bills of a different denomination
2
�Compiled by Yousuf.M.Rafi(05B-043-EE) Convert From Decimal to Any Base Again, let's think about what you do to obtain each digit. As an example, let's start with a decimal number 1234 and convert it to decimal notation. To extract the last digit, you move the decimal point left by one digit, which means that you divide the given number by its base 10. 1234/10 = 123 + 4/10 The remainder of 4 is the last digit. To extract the next last digit, you again move the decimal point left by one digit and see what drops out. 123/10 = 12 + 3/10 The remainder of 3 is the next last digit. You repeat this process until there is nothing left. Then you stop. In summary, you do the following: Quotient Remainder ----------------------------1234/10 = 123 4 --------+ 123/10 = 12 3 ------+ | 12/10 = 1 2 ----+ | | 1/10 = 0 1 --+ | | | (Stop when the quotient is 0) |||| 1 2 3 4 (Base 10) Now, let's try a nontrivial example. Let's express a decimal number 1341 in binary notation. Note that the desired base is 2, so we repeatedly divide the given decimal number by 2. Quotient Remainder ----------------------------1341/2 = 670 1 ----------------------+ 670/2 = 335 0 --------------------+ | 335/2 = 167 1 ------------------+ | | 167/2 = 83 1 ----------------+ | | | 83/2 = 41 1 --------------+ | | | | 41/2 = 20 1 ------------+ | | | | | 20/2 = 10 0 ----------+ | | | | | | 10/2 = 5 0 --------+ | | | | | | | 5/2 = 2 1 ------+ | | | | | | | | 2/2 = 1 0 ----+ | | | | | | | | | 1/2 = 0 1 --+ | | | | | | | | | | (Stop when the | | | | | | | | | | | quotient is 0) 1 0 1 0 0 1 1 1 1 0 1 (BIN; Base 2)
3
�Compiled by Yousuf.M.Rafi(05B-043-EE) Let's express the same decimal number 1341 in hexadecimal notation. Quotient Remainder ----------------------------1341/16 = 83 13 ------+ 83/16 = 5 3 ----+ | 5/16 = 0 5 --+ | | (Stop when the quotient is 0) ||| 5 3 D (HEX; Base 16) Example. Convert the decimal number 3315 to hexadecimal notation. Solution: Quotient Remainder ----------------------------3315/16 = 207 3 ------+ 207/16 = 12 15 ----+ | 12/16 = 0 12 --+ | | (Stop when the quotient is 0) ||| C F 3 (HEX; Base 16) Thus, 3315 (DEC) --> CF3 (HEX) Note that from the Base Conversion Table, you can easily get the binary notation from the hexadecimal number by grouping four binary digits per hexadecimal digit, or from or the octal number by grouping three binary digits per octal digit, and vice versa.
HEX 5 3 D BIN 0101 0011 1101 OCT 2 4 7 5 BIN 010 100 111 101
OSI Reference Model Introduction When computers were first linked together into networks, moving information between different types of computers was a very difficult task. In the early 1980s, the International Standards Organization (ISO) recognized the need for a standard network model. This would help vendors to create interpretable network devices. The Open Systems Interconnection (OSI) reference model, released in 1984, addressed this need.
4
�Compiled by Yousuf.M.Rafi(05B-043-EE) The OSI model describes how information makes its way from application programs through a network medium to another application program in another computer. It divides this one big problem into seven smaller problems. Each of these seven problems is reasonably self-contained and therefore more easily solved without excessive reliance on external information. Each problem is addressed by one of the seven layers of the OSI model. The seven layers of the OSI model are:• application • presentation • session • transport • network • data-link • physical The acronym used to remember these layers is: All People Seem To Need Data Processing. The lower two OSI model layers are implemented with hardware and software. The upper five are generally implemented only in software.
Advantages of Layered Approach The layered approach to network communications provides the following benefits: • reduced complexity • improved teaching and learning • modular engineering • accelerated evolution • interoperable technology • standard interfaces As the information to be sent descends through the layers of a system it looks less and less like human language and more and more like the 1s and 0s that a computer understands.
Example Let's look at an example of OSI-type communication. Assume that System A has information to send to System B. System A's application program communicates with System A's layer seven (Application Layer). Layer seven communicates with layer six which communicates with layer five and so on until System A's layer one is reached. The information traverses the physical medium and is received by System B's layer one. It then ascends through System B's layers in reverse order until it finally reaches System B's application program.
5
�Compiled by Yousuf.M.Rafi(05B-043-EE) Each of System A's layers has certain tasks it must perform. Each layer communicates directly with its adjacent layers. However, its primary concern in carrying out its tasks is to communicate with its peer layer in System B. For example, the primary concern of layer six in System A is to communicate with layer six in System B. It does this using its own layer protocol. Each layer's protocol exchanges information, called protocol data units (PDUs), between peer layers. Each layer uses a specific term for its PDU. For example, in TCP/IP the transport layer, TCP communicates to the peer TCP function using "segments". Each layer in System A must rely on services provided by its lower layers for it to communicate with its System B peer. The upper layer is said to be the service user while the lower layer is the service provider. The lower layer services are provided to the upper layer at a service access point (SAP). Layers - Functions - Devices The application layer The application layer of the OSI model is the layer that is closest to the user. Instead of providing services to other OSI layers, it provides services to application programs outside the scope of the OSI model. It's services are often part of the application process. Main functions are:• identifies and establishes the availability of the intended communication partner. • synchronizes the sending and receiving applications. • establishes agreement on procedures for error recovery and control of data integrity. • determines whether sufficient resources for the intended communications exist. Devices:• Browsers • Search engines • E-mail programs • Newsgroup and chat programs • Transaction services • Audio/video conferencing • Telnet • SNMP
6
�Compiled by Yousuf.M.Rafi(05B-043-EE) The presentation layer It ensures that information sent by the application layer of one system will be readable by the application layer of another system. It provides a common format for transmitting data across various systems, so that data can be understood, regardless of the types of machines involved. The presentation layer concerns itself not only with the format and representation of actual user data, but also with data structure used by programs. Therefore, the presentation layer negotiates data transfer syntax for the application layer. Devices:• Encryption • EBCDIC and ASCII • GIF & JPEG The Session Layer The main function of the OSI model's session layer is to control "sessions", which are logical connections between network devices. A session consists of a dialog, or data communications conversation, between two presentation entities. Dialogs can be • simplex (one-way) • half-duplex (alternate) • full-duplex (bi-directional) Simplex conversations are rare on networks. Half-duplex conversations require a good deal of session layer control, because the start and end of each transmission need to be monitored. Most networks are of course capable of full-duplex transmission, but in fact many conversations are in practice half-duplex. Devices:Some examples of session layer protocols and interfaces are: • Network File System (NFS) • Concurrent database access • X-Windows System • Remote Procedure Call (RPC) • SQL • NetBIOS Names • AppleTalk Session Protocol (ASP) • Digital Network Architecture
7
�Compiled by Yousuf.M.Rafi(05B-043-EE) The Transport Layer You can think of the transport layer of the OSI model as a boundary between the upper and lower protocols. The transport layer provides a data transport service that shields the upper layers from transport implementation issues such as the reliability of a connection. The transport layer provides mechanisms for:• multiplexing upper layer applications • the establishment, maintenance, and orderly termination of virtual circuits • information flow control • transport fault detection and recovery Devices:• TCP, UDP, SPX and Sliding Windows. Multiplexing & De-multiplexing The transport layer uses a technique called multiplexing to segment and reassemble data from several upper layer applications onto the same transport layer data stream. When data is being sent, the source machine includes extra bits with the data that encode the message type, originating application, and protocols used. The destination machine de-multiplexes the data stream, and reassembles the data so that it can be passed up to the destination peer application. The transport layer data stream provides end-to-end transport services. It constitutes a logical connection between the end points of an internetwork, that is, the originating host and the destination host.Before data transfer can begin, both the sending and receiving applications inform their respective operating systems that a connection is going to be initiated.In essence, one machine places a call that must be accepted by the other.Protocol software modules in the two operating systems communicate by sending messages across the network to verify that the transfer is authorized and that both sides are ready.After all the synchronization has occurred, a connection is said to be established and data transfer can begin.
Sequencing - Acknowledgements - Flow Control (Windowing) During a transfer using TCP, the two machines continue to communicate with their protocol software to verify that data is received correctly. Once data transfer is in progress, congestion can occur for two reasons. First, the sending device might be able to generate traffic faster than the network can transfer it. Second, if multiple devices need to send data through the same gateway, or to the same destination, the gateway or destination may experience congestion.
8
�Compiled by Yousuf.M.Rafi(05B-043-EE) When datagrams arrive too quickly for a device to process, it temporarily stores them in memory and the process being called as buffering. If the datagrams are part of a small burst, this buffering solves the problem. However, if the traffic continues to arrive at this rate, the device eventually exhausts its memory and must discard additional datagrams that arrive. Instead of losing data, the transport function can issue a "not ready" indicator to the sender. This acts like a stop sign and signals the sender to discontinue sending segment traffic to its peer. After the receiving device has processed sufficient segments to free space in its buffers, the receiver sends a ready transport indicator - which is like a go signal. When it receives this indicator, the sender can resume segment transmission. The transport layer may provide a reliable service regardless of the quality of the underlying network. One technique that is used to guarantee reliable delivery is called "positive acknowledgement with retransmission". This requires the receiver to issue an acknowledgement message to the sender when it receives data. The sending device keeps a record of each packet it sends and it waits for an acknowledgement before sending another packet. The sender also starts a timer when it sends a packet. It retransmits the packet if the timer expires before an acknowledgement is received. Acknowledging every data segment, however, has its drawbacks. If the sender has to wait for an acknowledgement of each data segment, the throughput will be very low. A technique called "windowing" is used to increase the throughput. Time is available after the sender finishes transmitting the data segment, but before the sender finishes processing any received acknowledgement. This is used for transmitting more data. The number of data elements the sender is allowed to have outstanding is known as the "window". For example, with a window size of three the sender can transmit three data segments before expecting an acknowledgement. In reality, the acknowledgements and data segments will intermix as they communicate across the network. This is known as "piggyback acknowledgement". The Network Layer Layer three of the OSI model is the network layer. • The network layer sends packets from source network to destination network. • It provides consistent end-to-end packet delivery services to its user, the transport layer. In wide area networking a substantial geographic distance and many networks can separate two end systems that wish to communicate. Between the two end systems the data may have to be passed through a series of widely distributed intermediary nodes. These intermediary nodes are normally routers. Routers are special stations on a network, capable of making complex routing decisions. • The network layer is the domain of routing.
9
�Compiled by Yousuf.M.Rafi(05B-043-EE) Routing protocols select optimal paths through the series of interconnected networks. Network layer protocols then move information along these paths. • One of the functions of the network layer is "path determination". Path determination enables the router to evaluate all available paths to a destination and determine which to use. It can also establish the preferred way to handle a packet. After the router determines which path to use it can proceed with switching the packet. It takes the packet it has accepted on one interface and forwards it to another interface or port that reflects the best path to the packet's destination. Devices:• IP, IPX, Routers, Routing Protocols (RIP, IGRP, OSPF, BGP etc), ARP, RARP, ICMP. The Data-Link Layer Layer two of the OSI reference model is the data-link layer. This layer is responsible for providing reliable transit of data across a physical link. The data-link layer is concerned with • physical addressing; Bridges, Transparent Bridges, Layer 2 Switches • network topology; CDP • line discipline (how end systems will use the network link) • error notification • ordered delivery of frames • flow control • Frame Relay, PPP, SDLC, X.25, 802.3, 802.3, 802.5/Token Ring, FDDI.
At the data-link layer, the bits that come up from the physical layer are formed into data frames, using any of a variety of data-link protocols. Frames consist of fields, containing bits. The data-link layer is subdivided into two sub layers: • the logical link control (LLC) sub layer • the media access control (MAC) sub layer The LLC sub layer provides support for • connections between applications running on a LAN • flow control to the upper layer by means of ready/not ready codes • sequence control bits.
10
�Compiled by Yousuf.M.Rafi(05B-043-EE) The LLC sub layer rests on top of other media access protocols to provide interface flexibility. Because the LLC sub layer operates independently of specific media access protocols, upper layer protocols, for example IP at the network layer, can operate autonomously without concern as to the specific type of LAN media. The LLC sub layer can depend on lower layers to provide access to the media. It provides Service Access Points (SAP's) and flow control. This layer puts 1's & 0's into a logical frame. The MAC sub layer provides orderly access to the LAN medium. For multiple stations to share the same medium and still uniquely identify each other, the MAC sub layer defines a hardware, or data-link address called the "MAC address". The MAC address is unique for each LAN interface. On most LAN interface cards the MAC address is burned into ROM. The ROM MAC address is sometimes known as the burned-in address (BIA). The MAC address is a 48-bit address expressed as 12 hexadecimal digits written in three groups of four digits. The first six hexadecimal digits (the first 24 bits) represent a vendor code known as the organizationally unique identifier (OUI). To ensure vendor uniqueness, the IEEE administers OUIs. The last six hexadecimal digits are administered by the vendor and often represent the interface serial number.
Process of Finding Hosts on the Same Network Segment- ARP Before a frame is exchanged with a device on the same LAN, the sending device needs to have a MAC address it can use as a destination address. The sending device may use an address resolution protocol (such as TCP/IP's address resolution protocol (ARP)) to discover the destination's MAC address. In other protocols the MAC address can be determined directly from the network address. For example, assume that host Y and host Z are on the same LAN. Host Y broadcasts an ARP request onto the LAN looking for host Z. Because it is a broadcast message all devices on the LAN, including host Z, process the request. However, host Z is the only device to respond and it does so with its MAC address. Host Y receives host Z's reply and stores the MAC address in local memory. This is often called an "ARP cache". The next time host Y needs to communicate with host Z it recalls host Z's stored MAC address. Process of Finding Hosts on the Different Network Segment- ARP + Router Let's look at how host Y communicates with host X on a different LAN, which it can access via router A. As before host Y broadcasts its ARP request. Router A, along with all the other devices on the LAN, processes the request. It knows that host X will not see the request because it is on another LAN, and that any packets destined for host X will have to be relayed. So instead, router A provides its own MAC address to host Y as a "proxy" reply to the ARP request. Host Y receives the router's response and saves the MAC address in its ARP
11
�Compiled by Yousuf.M.Rafi(05B-043-EE) cache memory. The next time host Y needs to communicate with host X, it recalls the stored MAC address of router A. The Physical Layer Layer one of the OSI model is the physical layer. The physical layer is concerned with the interface to the transmission medium. At the physical layer, data is transmitted onto the medium (e.g. coaxial cable or optical fiber) as a stream of bits. So, the physical layer is concerned, not with networking protocols, but with the transmission media on the network. The physical layer defines the electrical, mechanical, procedural, and functional specifications for activating, maintaining, and deactivating the physical link between end systems. This layer puts 1's & 0's onto the wire. Characteristics specified by the physical layer include • voltage levels • timing of voltage changes • physical data rates • maximum transmission distances • physical connectors Devices:• Hubs, FDDI Hardware, Fast Ethernet, Token Ring Hardware.
Example of Layered Transmission Let's look at the transport layer in TCP/IP as an example. The transport layer must use the services of the network layer in order to communicate to the peer TCP function on another system. Each lower layer in turn takes upper layer information as part of the PDUs it exchanges with its peer layer. Each lower layer adds whatever headers and trailers it requires to perform its functions. This is called "data encapsulation". The transport layer's segments become part of the network layer's "packets" exchanged between IP peers. Network layer packets are also known as "datagrams". The network layer adds to the start of the PDU, a header to the data that identifies the source and destination logical addresses. These addresses help network devices send the packets across the network along a chosen path. The Host-to-network layer takes the IP packet and adds a header to form a "frame". The header contains information required to complete the data-link functions. For example, the frame header contains a physical address which allows the network device to communicate over its interface to the next directly connected network device on the link.
12
�Compiled by Yousuf.M.Rafi(05B-043-EE) Ultimately, these frames must be converted into electrical pulses as the data is finally transmitted by the physical layer protocol across the wire or other physical medium used by the network. Switching & Bridging
The Switch A switch is a layer 2 network device that forwards frames using MAC addresses in the header of frames. It is used to improve network performance by:• segmenting the network and creating separate collision domains. • reducing competition for bandwidth. In a switch frame forwarding is handled by specialized hardware called "Application Specific Integrated Circuit" (ASIC). ASIC technology allows a silicon chip to be programmed to perform specific functions much faster than that of a chip programmed by software.
Steps of Switch Functioning Learning When switch starts, the MAC address table has no entry. When a node transmits data on its wire the MAC address of the node is learned by Switch Port connected to that node. In this way all the MAC addresses are learned by respective ports and these entries remain in the cache for a specific time. If during this specific time no new frame arrives from a node MAC address entry for that node is dropped from cache. Forwarding & Filtering When a MAC address for a port is learnt, packets addressed to that MAC address are forwarded only to the port associated with it, using one of the Switching Methods. Loop Avoidance Switches and Bridges use Spanning Tree Protocol (STP), specified by IEEE 802.1d, to prevent loops.
13
�Compiled by Yousuf.M.Rafi(05B-043-EE)
Switching Methods Store & Forward: In this method complete frame is received by the switch. CRC, source address and destination address are checked. This method has following features:• Highest latency (delay in forwarding of frame) but may vary depending upon the length of frame. • Highest error checking. • Lowest frame forwarding speed. Catalyst 500 switch uses this method. Cut Through: In this method forwarding starts as soon as destination address of the frame is received in header. Also known as WIRE SPEED. This method has following features:• Lowest latency. • Lowest error checking. • Highest frame forwarding speed. Fragment Free (Modified Cut Through): In this method forwarding starts as soon as first 64 bytes of the frame are received as fragmentation occurs usually in first 64 bytes. This method has following features:• Latency approx 60m Sec. • Sufficient error checking. • Moderate frame forwarding speed.
14
�Compiled by Yousuf.M.Rafi(05B-043-EE) The Bridge It is a layer 2 device used to connect different network types or networks of the same type. Packets having destination address on the same network segment are dropped. Bridges use "Store and Forward" method to inspect the whole packet. Advantages: Using a bridge to segment network can provide:• Reliability. • Manageability. • Scalability. Disadvantages: • A bridge cannot filter out broadcast traffic. • It introduces 20 to 30 % latency. • Only 2 networks can be linked with a bridge. Cisco® Router Basics The Router A Router is a layer 3 network device that moves data between different network segments and can look into a packet header to determine the best path for the packet to travel. Routers can connect network segments that use different protocols. They also allow all users in a network to share a single connection to the Internet or a WAN. It is used to improve network performance by:• segmenting the network and creating separate collision & broadcast domains. • reducing competition for bandwidth. • Broadcasts are not forwarded to other network segments. • Increases security by using Access Lists.
Router Components (internal)
15
�Compiled by Yousuf.M.Rafi(05B-043-EE) ROM ROM is used to store the router's bootstrap startup program, operating system software, and power-on diagnostic tests programs. In order to perform ROM upgrades you remove and replace pluggable chips on the motherboard. Flash Memory It holds operating system image(s). Flash memory is erasable, reprogrammable ROM. You can perform Cisco® IOS software upgrades without having to remove and replace chips. Flash content is retained when you switch off or restart the router. RAM RAM is used to store operational information such as routing tables, router's running configuration file. RAM also provides caching and packet buffering capabilities. Its contents are lost when you switch off or restart the router.
NVRAM NVRAM (nonvolatile RAM), is used to store the router's startup configuration file. It does not lose data when power is switched off. So the contents of the startup configuration file are maintained even when you switch off or restart the router. Network Interfaces The router's network interfaces are located on the motherboard or on separate interface modules. You configure Ethernet or Token Ring interfaces to allow connection to a LAN. The synchronous serial interfaces are configured to allow connection to WANs. You can also configure ISDN BRI interfaces to allow connection to an ISDN WAN.. Router Components (External) A router can be configured over any of its network interfaces. You can supply configuration information to a router using:TFTP servers : Trivial File Transfer Protocol; A simplified version of FTP that allows files to be transferred from one computer to another over a network.virtual terminals network management stations Router's Startup Procedure Each time you switch on the router, it goes through power-on self-test diagnostics to verify basic operation of the CPU, memory and network interfaces. The system bootstrap software in ROM (boot image) executes and searches for valid router operating system software (Cisco® IOS image). IOS is acronym for Internetwork Operating System.
16
�Compiled by Yousuf.M.Rafi(05B-043-EE)
There are three places to find the Cisco® IOS image to load: • Flash memory • A TFTP server on the network • ROM The source of the Cisco® IOS image is determined from the boot field setting of the router's configuration register. Configuration Registration: A 16-bit register used to control how the router boots up, where the IOS image, how to deal with the NVRAM configuration, setting the console baud rate and enabling or disabling the break function. The default setting for the configuration register indicates that the router should attempt to load a Cisco® IOS image from flash memory. If the router finds a valid IOS image, it searches for a valid configuration file. If your router does not find a valid system image, or if its configuration file is corrupted at startup, and the configuration register (bit 13) is set to enter ROM monitor mode, the system will bypass the NVRAM setting and enters ROM monitor mode. This also allow access to the router in the event a password is lost. The configuration file, saved in NVRAM, is loaded into main memory and executed one line at a time. These configuration commands start routing processes, supply addresses for interfaces, and set media characteristics. If no configuration file exists in NVRAM, the operating system executes a questiondriven initial configuration routine called the system configuration dialog. This special mode is also called the Setup mode. Cisco® CLI Command Modes The Cisco® IOS software provides you with access to several different command modes. Each command mode provides a different group of related commands. The Cisco® Command Line Interface (CLI) is called EXEC. EXEC has two modes:• User mode • Privileged mode For security purposes the two EXEC modes serve as two levels of access to Cisco® IOS commands. EXEC user commands allow you to • connect to remote devices • make temporary changes to terminal settings • perform basic tests • list system information
17
�Compiled by Yousuf.M.Rafi(05B-043-EE) If you want to access privileged mode you have to enter a password. The commands available in Privileged mode also include all those available in User mode. You can use Privileged EXEC commands to:• set operating parameters • perform a detailed examination of the router's status • test and debug router operation • access global and other included configuration modes
From Privileged mode you can enter global configuration mode. This gives you access to configuration commands that affect the system as a whole, and to other configuration modes. You can specify the source of the configuration commands as being from :• a terminal • memory • the network You can access many other specific configuration modes from Global Configuration mode that allow complex configurations to be performed. Setup Mode: If the router does not have a configuration file it will automatically enter Setup mode when you switch it on. Setup mode presents you with a prompted dialog, called the system configuration dialog, in which you establish an initial configuration. Rom Monitor Mode: If the router does not find a valid operating system image, or if you interrupt the boot sequence, the system may enter ROM monitor mode. From ROM monitor mode you can boot the device or perform diagnostic tests. CLI (Command Line Interface): The screen interface that allows the user to interact with the operating system by entering commands and optional arguments.
Command Modes A hierarchical level of Cisco® IOS software. Each command mode permits you to configure different configuration components. For example, you configure global parameters in global configuration mode, interface parameters in interface configuration mode, and line parameters in line configuration mode. There are five command modes. Each mode is represented by a different prompt, as shown in the table below: Exec Mode A console, modem, or Telnet command-line session to the router. There are two primary levels to the EXEC mode: user-level EXEC mode, and privileged EXEC mode. Userlevel EXEC is the initial mode entered upon logging into the router, and allows access only to basic monitoring commands. It is indicated by the > prompt: Router1>
18
�Compiled by Yousuf.M.Rafi(05B-043-EE) Privileged-level EXEC mode, sometimes called enable mode, provides access to configuration mode, which permits authorized users to configure and manage the router. To enter the privileged-level EXEC mode, enter the enable command, enter the enable password, and press Return. The prompt changes to the pound sign (#) as shown in the following example: Router1> enable Password: netserv3 Router1#
Global Configuration Mode The commands entered in Global Configuration Mode affect the whole router. Here are the steps from Privileged EXEC mode:Router1# configure terminal OR Router1# config t The result will be: Router1(config)#
Interface Mode The commands entered in this mode affect the current interface only. Here are the steps from Global Configuration mode:Router1(config)# interface serial 0 OR Router1(config)# int serial 0 The result will be: Router1(config-if)#
19
�Compiled by Yousuf.M.Rafi(05B-043-EE) Line Mode The router has three types of terminal lines: one console line, one auxiliary line, and five virtual (network) lines:Router1(config)# line con 0 OR Router1(config)# line vty 0 4 The result will be: Router1(config-line)#
Other configuration modes will be explored in their respective configuration. To obtain a list of commands that begin with a particular character string, enter the abbreviated command entry immediately followed by a question mark (?). This form of help is called word help, because it lists only the keywords or arguments that begin with the abbreviation you entered. e.g. Router# co? configure connect copy
To list a command's associated keywords or arguments, enter a question mark (?) in place of a keyword or argument on the command line. This form of help is called command syntax help, because it lists the keywords or arguments that apply based on the command, keywords, and arguments you have already entered. e.g. The following example shows how to use command syntax help to display the next argument of a partially complete access-list command. One option is to add a wildcard mask. The symbol indicates that the other option is to press Return to execute the command. Router(config)# access-list 99 deny 10.5.8.24 ? A.B.C.D Mask of bits to ignore Note: If you enter an incorrect command, the caret symbol (^) and help response indicate the error. Notice that the caret symbol character is displayed at the point in the command string where the IOS detected that you entered an incorrect command, keyword, or argument. This error location facility together with the interactive help system allows you to find and correct syntax errors easily.
20
�Compiled by Yousuf.M.Rafi(05B-043-EE) Router(config)# hostname How2Pass The factory-assigned default host name is router.
Setting the System Clock The system clock runs from the moment the system starts up and keeps track of the current date and time based on Coordinated Universal Time (UTC), also known as Greenwich Mean Time (GMT). The system clock can be set from a number of sources, and in turn can be used to distribute the current time through various mechanisms to other systems. To manually set the system clock, use one of the formats of the clock set EXEC command. clock set hh:mm:ss day month yyyy clock set hh:mm:ss month day yyyy In the following example, the system clock is manually set to 1:32 p.m. on May 12, 2001: Router# clock set 13:32:00 12 May 2001 Show System Time To display the system clock, use the show clock EXEC command. If time has not been set by the clock set command then this command will show the time lapsed since router is up.
Router# show clock Setting the Banner To specify a message-of-the-day (MOTD) banner, use the banner motd global configuration command. The no form of this command deletes the MOTD banner. When someone connects to the router, the MOTD banner appears before the login prompt. Router(config)# banner motd # message # Here (#) sign is used as delaminating character. You can use any character.
Setting the Description for an Interface To add a description to an interface configuration, use the description interface configuration command. Use the no form of this command to remove the description. The description command is meant solely as a comment to be put in the configuration to help you remember what certain interfaces are used for.
21
�Compiled by Yousuf.M.Rafi(05B-043-EE) The following example shows how to add a description for a T1 interface: Router(config)# interface serial 0 Router(config-if)# description T1 line to How2Pass - 128 Kb/s The description "T1 line to How2Pass - 128 Kb/s" appears in the output of the following EXEC commands: show startup-config, show interfaces, and show running-config Setting the Line Password To specify a password on a line, use the password line configuration command. Use the no form of this command to remove the password. The first character cannot be a number. The string can contain any alphanumeric characters, including spaces, up to 80 characters. Console Password Console password is needed when logging into router at user EXEC mode from console. Router(config)# line console 0 Router(config-line)# password How2pass2004 vty lines password Virtual terminal lines (vty) are used to allow remote access to the router (by telneting through its interfaces). The router has five virtual terminal lines by default. Router(config)# line vty 0 4 Router(config-line)# password How2Pass2004 Setting Privileged Access Password To set a local password to control access to various privilege levels, use the enable password global configuration command. Use the no form of this command to remove the password requirement. An enable password is defined as follows: Must contain from 1 to 25 uppercase and lowercase alphanumeric characters. Must not have a number as the first character. Can have leading spaces, but they are ignored. However, intermediate and trailing spaces are recognized. Router(config)# enable password How2Pass2004 Setting Secret (Encrypted) Password To set an encrypted local password to control access to various privilege levels, use the enable secret global configuration command. Use the no form of this command to remove the password requirement. Router(config)# enable secret How2pass2004 Frame Relay
22
�Compiled by Yousuf.M.Rafi(05B-043-EE)
Frame Relay Overview Connection to a frame relay network is done with a local loop from the serial interface of a router to one of a service provider’s frame relay switches. Communication across a frame relay network uses virtual circuits, which are built by a service provider from a router’s serial interface, through a collection of frame relay switches, to another router’s serial interface. Virtual circuits that are programmed into a service provider’s network to stay active all the time are called permanent virtual circuits (PVCs). IOS also supports switched virtual circuits (SVCs), which become active only when they are used; however, SVCs are not yet widely available from frame relay service providers. We use only PVCs in this chapter.
Many PVCs can be built on a single local loop. PVCs are addressed with Data Link Connection Identifiers (DLCIs) at layer 2. From our perspective, each PVC has two DLCIs—one at each end. From a router’s perspective, each PVC needs only one DLCI—the local one. When a router wants to transmit a packet to another router across a PVC, the router must know the local DLCI of the PVC on which the packet is to be transmitted. For this reason, some people say that DLCIs are locally significant.
Figure 1 shows a basic frame relay network. There are three routers—Dallas, FortWorth, and Austin. Each router has a local loop to the frame relay network. There are two PVCs—one from Dallas to FortWorth and one from Dallas to Austin. Let us take a closer look at the PVC between Dallas and FortWorth. The Dallas end of the PVC has DLCI 100 and the FortWorth end has DLCI 101. These DLCIs, since they are on different local loops, do not have to be different, but they usually are, anyway. When Dallas wants to send a packet to FortWorth, Dallas must transmit the packet out the serial interface that contains the PVC, and the frame header must contain the local DLCI, 100. The switch knows that the path of the PVC with DLCI 100 on the Dallas side is supposed to go to the switch connected to FortWorth. The switch connected to FortWorth knows the path of the PVC extends across the local loop to FortWorth and the DLCI of the PVC on the local loop is 101. The switch puts the DLCI 101 into the frame header so the FortWorth router knows, when it receives the frame, that the frame came in on the PVC with local DLCI 101.
23
�Compiled by Yousuf.M.Rafi(05B-043-EE) Dallas has two PVCs coming in on the same local loop; therefore, these PVCs must have different local DLCIs. The frame relay topology shown in Figure 1 is called a partialmeshed network because not all of the routers have PVCs to all of the other routers. We could also call this particular topology a hub-and-spoke network because there is one router (the hub) that has a connection to each of the other routers (the spokes), and traffic from a spoke router must go through the hub to reach another spoke router. A fully meshed network has PVCs running between all of the router pairs; to make the Figure 1 frame relay topology into a fully meshed network, we would have to add a PVC between FortWorth and Austin.
Routers and switches maintain contact with each other using Local Management Interface (LMI). About every 10 seconds, routers and switches send an LMI keepalive across the local loop. If a router is receiving LMI keepalives from a switch, the router makes the line protocol of its interface up so the interface state will be up/up. If a Cisco router interface is connected to a frame relay network and the state of the interface is up/up, the router has a communication path to a frame relay switch. This has nothing to do with being able to reach another router on the other end of a PVC. By default, a Cisco router uses LMI to request a status report from the switch every six keepalives (about once a minute). The status report contains a list of each of the local loop’s PVCs, their DLCIs, and their status.
There are two types of LMI that are widely used between routers and switches: Annex D and Gang of Four. Annex D is from the American National Standards Institute (ANSI). The Gang of Four LMI was jointly developed by Cisco, DIGITAL, Intel, and Stratacom. The router and the local switch must agree on the type of LMI they will use between them.
24
�