TCP/IP internetworking facts

February 3, 2009 at 8:21 pm · Filed under Uncategorized

Fundamentals

Today’s Most Common Types of Ethernet
Common Name Speed Alternative Name Name of IEEE Standard Cable Type, Maximum Length
Ethernet 10 Mbps 10BASE-T IEEE 802.3 Copper, 100 m
Fast Ethernet 100 Mbps 100BASE-TX IEEE 802.3u Copper, 100 m
Gigabit Ethernet 1000 Mbps 1000BASE-LX, 1000BASE-SX IEEE 802.3z Fiber, 550 m (SX) 5 km (LX)
Gigabit Ethernet 1000 Mbps 1000BASE-T IEEE 802.3ab 100 m
LAN MAC Address Terminology and Features
LAN Addressing Term or Feature Description
MAC Media Access Control. 802.3 (Ethernet) defines the MAC sublayer of IEEE Ethernet.
Ethernet address, NIC address, LAN address Other names often used instead of MAC address. These terms describe the 6-byte address of the LAN interface card.
Burned-in address The 6-byte address assigned by the vendor making the card.
Unicast address A term for a MAC that represents a single LAN interface.
Broadcast address An address that means “all devices that reside on this LAN right now.” – FFFF.FFFF.FFFF
Multicast address On Ethernet, a multicast address implies some subset of all devices currently on the Ethernet LAN. – 0100.5exx.xxxx
WAN Speed Summary
Name(s) of Line Bit Rate
DS0 64 Kbps
DS1 (T1) 1.544 Mbps (24 DS0s, plus 8 kb/s overhead)
DS3 (T3) 44.736 Mbps (28 DS1s, plus management overhead)
E1 2.048 Mbps (32 DS0s)
E3 34.064 Mbps (16 E1s, plus management overhead)
J1 (Y1) 2.048 Mbps (32 DS0s; Japanese standard)
All Possible Valid Network Numbers (Classful, ie. no subnet zero)*
Class First Octet Range Valid Network Numbers* Total Number for This Class of Network Number of Hosts Per Network
A 1 to 126 1.0.0.0 to 126.0.0.0 27–2 (126) 224–2 (16,777,214)
B 128 to 191 128.1.0.0 to 191.254.0.0 214 (16,384) 216–2 (65,534)
C 192 to 223 192.0.1.0 to 223.255.254.0 221 (2,097,152) 28–2 (254)
All Possible Valid Network Numbers (Classless)
Class A Class B Class C
First Octet Range 1 to 126 128 to 191 192 to 223
Valid Network Numbers 1.0.0.0 to 126.0.0.0 128.0.0.0 to 191.255.0.0 192.0.0.0 to 223.255.255.0
Number of Networks in This Class 27 – 2 214 221
Number of Hosts Per Network 224 – 2 216 – 2 28 – 2
Size of Network Part of Address (Bytes) 1 2 3
Size of Host Part of Address (Bytes) 3 2 1
TCP/IP Transport Layer Features
Function Description
Multiplexing using ports Function that allows receiving hosts to choose the correct application for which the data is destined, based on the port number.
Error recovery (reliability) Process of numbering and acknowledging data with Sequence and Acknowledgment header fields.
Flow control using windowing Process that uses window sizes to protect buffer space and routing devices.
Connection establishment and termination Process used to initialize port numbers and Sequence and Acknowledgment fields.
Ordered data transfer and data segmentation Continuous stream of bytes from an upper-layer process that is “segmented” for transmission and delivered to upper-layer processes at the receiving device, with the bytes in the same order.
Popular Applications and Their Well-Known Port Numbers
Port Number Protocol Application
20 TCP FTP data
21 TCP FTP control
22 TCP SSH
23 TCP Telnet
25 TCP SMTP
53 UDP, TCP DNS
67, 68 UDP DHCP
69 UDP TFTP
80 TCP HTTP (WWW)
110 TCP POP3
161 UDP SNMP
443 TCP SSL
16,384–32,767 UDP RTP-based Voice (VoIP) and Video

LAN Switching

Switch Internal Processing
Switching Method Description
Store-and-forward The switch fully receives all bits in the frame (store) before forwarding the frame (forward). This allows the switch to check the FCS before forwarding the frame.
Cut-through The switch forwards the frame as soon as it can. This reduces latency but does not allow the switch to discard frames that fail the FCS check.
Fragment-free The switch forwards the frame after receiving the first 64 bytes of the frame, thereby avoiding forwarding frames that were errored due to a collision.
Benefits of Segmenting Ethernet Devices Using Hubs, Switches, and Routers
Feature Hub Switch Router
Greater cabling distances are allowed Yes Yes Yes
Creates multiple collision domains No Yes Yes
Increases bandwidth No Yes Yes
Creates multiple broadcast domains No No Yes
Common Switch Configuration Modes
Prompt Name of Mode Context-setting Command(s) to Reach This Mode
hostname(config)# Global None—first mode after configure terminal
hostname(config-line)# Line line console 0line vty 0 15
hostname(config-if)# Interface interface type number
Names and Purposes of the Two Main IOS Configuration Files
Configuration Filename Purpose Where It Is Stored
Startup-config Stores the initial configuration used any time the switch reloads IOS. NVRAM
Running-config Stores the currently used configuration commands. This file changes dynamically when someone enters commands in configuration mode. RAM

SSH configuration steps on a Cisco IOS-based switch:

Step 1.
Change the vty lines to use usernames, with either locally configured usernames or an AAA server. In this case, the login local subcommand defines the use of local usernames, replacing the login subcommand in vty configuration mode.
Step 2.
Tell the switch to accept both Telnet and SSH with the transport input telnet ssh vty subcommand. (The default is transport input telnet, omitting the ssh parameter.)
Step 3.
Add one or more username name password pass-value global configuration commands to configure username/password pairs.
Step 4.
Configure a DNS domain name with the ip domain-name name global configuration command.
Step 5.
Configure the switch to generate a matched public and private key pair, as well as a shared encryption key, using the crypto key generate rsa global configuration command.
Step 6.
Although no switch commands are required, each SSH client needs a copy of the switch’s public key before the client can connect.
Banners and Their Use
Banner Typical Use
Message of the Day (MOTD) Shown before the login prompt. For temporary messages that may change from time to time, such as “Router1 down for maintenance at midnight.”
Login Shown before the login prompt but after the MOTD banner. For permanent messages such as “Unauthorized Access Prohibited.”
Exec Shown after the login prompt. Used to supply information that should be hidden from unauthorized users.

Cisco IOS switch configuration steps for IP connectivity:

Step 1.
Enter VLAN 1 configuration mode using the interface vlan 1 global configuration command (from any config mode).
Step 2.
Assign an IP address and mask using the ip address ip-address mask interface subcommand.
Step 3.
Enable the VLAN 1 interface using the no shutdown interface subcommand.
Step 4.
Add the ip default-gateway ip-address global command to configure the default gateway.
Actions When Port Security Violation Occurs
Option on the switchport port-security violation Command Protect Restrict Shut Down*
Discards offending traffic Yes Yes Yes
Sends log and SNMP messages No Yes Yes
Disables the interface, discarding all traffic No No Yes
LAN Switch Interface Status Codes
Line Status Protocol Status Interface Status Typical Root Cause
Administratively Down Down disabled The interface is configured with the shutdown command.
Down Down notconnect No cable; bad cable; wrong cable pinouts; the speeds are mismatched on the two connected devices; the device on the other end of the cable is powered off or the other interface is shutdown.
Up Down notconnect An interface up/down state is not expected on LAN switch interfaces.
Down down (err-disabled) err-disabled Port security has disabled the interface.
Up Up connect The interface is working.
Interface Status Codes and Their Meanings
Name First or Second Status Code General Meaning
Line status First status code Refers to the Layer 1 status—for example, is the cable installed, is it the right/wrong cable, is the device on the other end powered on?
Protocol status Second status code Refers generally to the Layer 2 status. It is always down if the line status is down. If the line status is up, a protocol status of down usually is caused by mismatched data link layer configuration.
Organizations That Set or Influence WLAN Standards
Organization Standardization Role
ITU-R Worldwide standardization of communications that use radiated energy, particularly managing the assignment of frequencies
IEEE Standardization of wireless LANs (802.11)
Wi-Fi Alliance An industry consortium that encourages interoperability of products that implement WLAN standards through their Wi-Fi certified program
Federal Communications Commission (FCC) The U.S. government agency with that regulates the usage of various communications frequencies in the U.S.
WLAN Standards
Feature 802.11a 802.11b 802.11g
Year ratified 1999 1999 2003
Maximum speed using DSSS 11 Mbps 11 Mbps
Maximum speed using OFDM 54 Mbps 54 Mbps
Frequency band 5 GHz 2.4 GHz 2.4 GHz
Channels (nonoverlapped)* 23 (12) 11 (3) 11 (3)
Speeds required by standard (Mbps) 6, 12, 24 1, 2, 5.5, 11 6, 12, 24
Different WLAN Modes and Names
Mode Service Set Name Description
Ad hoc Independent Basic Service Set (IBSS) Allows two devices to communicate directly. No AP is needed.
Infrastructure (one AP) Basic Service Set (BSS) A single wireless LAN created with an AP and all devices that associate with that AP.
Infrastructure (more than one AP) Extended Service Set (ESS) Multiple APs create one wireless LAN, allowing roaming and a larger coverage area.
FCC Unlicensed Frequency Bands of Interest
Frequency Range Name Sample Devices
900 KHz Industrial, Scientific, Mechanical (ISM) Older cordless telephones
2.4 GHz ISM Newer cordless phones and 802.11, 802.11b, 802.11g WLANs
5 GHz Unlicensed National Information Infrastructure (U-NII) Newer cordless phones and 802.11a, 802.11n WLANs
Encoding Classes and IEEE Standard WLANs
Name of Encoding Class What It Is Used By
Frequency Hopping Spread Spectrum (FHSS) 802.11
Direct Sequence Spread Spectrum (DSSS) 802.11b
Orthogonal Frequency Division Multiplexing (OFDM) 802.11a, 802.11g
WLAN Speed and Frequency Reference
IEEE Standard Maximum Speed (Mbps) Other Speeds* (Mbps) Frequency Nonoverlapping Channels
802.11b 11 Mbps 1, 2, 5.5 2.4 GHz 3
802.11a 54 Mbps 6, 9, 12, 18, 24, 36, 48 5 GHz 12
802.11g 54 Mbps Same as 802.11a 2.4 GHz 3
WLAN Vulnerabilities and Solutions
Vulnerability Solution
War drivers Strong authentication
Hackers stealing information in a WLAN Strong encryption
Hackers gaining access to the rest of the network Strong authentication
Employee AP installation Intrusion Detection Systems (IDS), including Cisco SWAN
Rogue AP Strong authentication, IDS/SWAN
WLAN Security Standards
Name Year Who Defined It
Wired Equivalent Privacy (WEP) 1997 IEEE
The interim Cisco solution while awaiting 802.11i 2001 Cisco, IEEE 802.1x Extensible Authentication Protocol (EAP)
Wi-Fi Protected Access (WPA) 2003 Wi-Fi Alliance
802.11i (WPA2) 2005+ IEEE
Comparisons of WLAN Security Features
Standard Key Distribution Device Authentication User Authentication Encryption
WEP Static Yes (weak) None Yes (weak)
Cisco Dynamic Yes Yes (802.1x) Yes (TKIP)
WPA Both Yes Yes (802.1x) Yes (TKIP)
802.11i (WPA2) Both Yes Yes (802.1x) Yes (AES)

IP Routing

IPv4 Versus IPv6
Feature IPv4 IPv6
Size of address (bits or bytes per octet) 32 bits, 4 octets 128 bits, 16 octets
Example address 10.1.1.1 0000:0000:0000:0000:FFFF:FFFF: 0A01:0101
Same address, abbreviated ::FFFF:FFFF:0A01:0101
Number of possible addresses, ignoring reserved values 232, (roughly 4 billion) 2128, or roughly 3.4 x 1038
Routing Protocol Classes/Algorithms and Protocols that Use Them
Class/Algorithm IGPs
Distance vector RIP-1, RIP-2, IGRP
Link-state OSPF, Integrated IS-IS
Balanced hybrid (also called advanced distance vector) EIGRP
Comparing Classless and Classful Routing Protocols
Feature Classless Classful
Supports VLSM Yes No
Sends subnet mask in routing updates Yes No
Supports manual route summarization Yes No
Interior IP Routing Protocols Compared
Feature RIP-1 RIP-2 EIGRP OSPF IS-IS
Classless No Yes Yes Yes Yes
Supports VLSM No Yes Yes Yes Yes
Sends mask in update No Yes Yes Yes Yes
Distance vector Yes Yes No1 No No
Link-state No No No1 Yes Yes
Supports autosummarization No Yes Yes No No
Supports manual summarization No Yes Yes Yes Yes
Proprietary No No Yes No No
Routing updates sent to a multicast IP address No Yes Yes Yes N/A
Supports authentication No Yes Yes Yes Yes
Convergence Slow Slow Very fast Fast Fast
IOS Defaults for Administrative Distance
Route Source Administrative Distance
Connected routes 0
Static routes 1
EIGRP 90
IGRP 100
OSPF 110
IS-IS 115
RIP (V1 and V2) 120
Unknown or unbelievable 255
Determining Whether a Question Allows the Use of the Zero and Broadcast Subnets
Clues in the Question Subnets Reserved?
Says nothing about it (default for the exam) No
Lists the ip subnet-zero configuration command No
Uses a classless routing protocol (RIP-2, EIGRP, OSPF) No
Lists the no ip subnet-zero configuration command Yes
Uses a classful routing protocol (RIP-1) Yes

WAN

Comparing Circuits and Packet Switching
Feature Circuits Packet Switching
Service implemented as OSI layer . . . 1 2
Point-to-point (two devices) or more Point-to-point Multipoint (more than two)
Interface Status Codes and Typical Meanings When a Ping Does Not Work
Line Status Protocol Status Likely Reason/Layer
Administratively down Down Interface is shut down
Down Down Layer 1
Up Down Layer 2
Up Up Layer 3

Steps to configure HDLC:

Step 1.
Configure the interface IP address using the ip address interface subcommand.
Step 2.
The following tasks are required only when the specifically listed conditions are true:

  1. If an encapsulation protocol interface subcommand that lists a protocol besides HDLC already exists on the interface, use the encapsulation hdlc interface subcommand to enable HDLC.

  2. If the interface line status is administratively down, enable the interface using the no shutdown interface subcommand.

  3. If the serial link is a back-to-back serial link in a lab (or a simulator), configure the clocking rate using the clock rate speed interface subcommand, but only on the one router with the DCE cable (per the show controllers serial number command).
Step 3.
The following steps are always optional, and have no impact on whether the link works and passes IP traffic:

  1. Configure the link’s speed using the bandwidth speed-in-kbps interface subcommand.

  2. For documentation purposes, configure a description of the purpose of the interface using the description text interface subcommand.
Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.