Network Training Level -1

Lesson 1
➢ OSI Reference Model
➢ Functionalities of each Layer
➢ Network Devices
➢ Network Topology
➢ Networking Media

1
 OSI - Open System Interconnection Model

7 Application
6 Presentation
5 Session
4 Transport
3 Network Routers

2 Data Link Hub & Switches

NIC Card
1 Physical
 Host Layers and Media Layers

}
7 Application
6 Presentation Host layers: Provide
5 Session accurate data delivery between
computers
4 Transport

}
3 Network
2 Data Link Media layers: Control
physical delivery of messages
1 Physical over the network
 Layer Functions

7 Application Provides network services to

application processes
 Layer Functions

7 Application Network services to applications

6 Presentation Data representation

• Ensures data is readable by
receiving system
• Format of data
• Data structures
• Negotiates data transfer
syntax for application layer
 Layer Functions

7 Application Network services to applications

6 Presentation Data representation

5 Session Inter-host communication

• Establishes, manages, and
terminates sessions between
applications
 Layer Functions

7 Application Network services to applications

6 Presentation Data representation

5 Session Inter-host communication

4 Transport End-to-end connection reliability

• Concerned with data transport
issues between hosts
• Data transport reliability
• Establishes, maintains, and
terminates virtual circuits
• Fault detection and recovery
• Information flow control
 Layer Functions

7 Application Network services to applications

6 Presentation Data representation

5 Session Inter-host communication

4 Transport End-to-end connection reliability

3 Network Addresses and best path
• Provides connectivity and path
selection between two end
systems
• Domain of routing
 Layer Functions
7 Application Network services to applications

6 Presentation Data representation

5 Session Inter-host communication

4 Transport End-to-end connection reliability

3 Network Addresses and best path

2 Data Link Access to media

• Provides reliable transfer of data
across media
• Physical addressing, network
topology, error notification, flow
control
 Layer Functions

7 Application Network services to applications

6 Presentation Data representation

5 Session Inter-host communication

4 Transport End-to-end connection reliability

3 Network Addresses and best path

2 Data Link Access to media

1 Physical Binary transmission
• Wires, connectors, voltages,
data rates
 Networking Devices
Equipment that connects directly to a network segment is
referred to as a device.

These devices are broken up into two classifications.

➢ End-user devices
➢ Network devices

End-user devices include computers, printers, scanners, and

other devices that provide services directly to the user.

Network devices include all the devices that connect the end-
user devices together to allow them to communicate.

11
 Network Interface Card
The function of a NIC is to connect a host device to the network medium.

NICs are considered Data Link Layer devices because each NIC carries a
unique code called a MAC address. MAC address is 48 bits in length and
expressed as twelve hexadecimal digits.

12
 Hub

Connects a group of Hosts

13
 Switch

Switches add more

intelligence to data transfer
management.

14
 Router
❑Routers are used to connect networks together
❑Route packets of data from one network to another
❑Cisco became the de facto standard of routers because of their high-
quality router products
❑Routers, by default, break up a broadcast domain

15
 Network Topologies

Network topology defines the structure of the network.

One part of the topology definition is the physical topology,

which is the actual layout of the wire or media.

The other part is the logical topology,which defines how the

media is accessed by the hosts for sending data.

16
 Bus Topology
❑A bus topology uses a single backbone cable that is
terminated at both ends.

❑All the hosts connect directly to this backbone.

 Ring Topology
❑A ring topology connects one host to the next and the last
host to the first.

❑This creates a physical ring of cable.

 Star Topology
❑A star topology connects all cables to a central point of
concentration.
 Extended Star Topology
❑An extended star topology links individual stars together by
connecting the hubs and/or switches.This topology can extend
the scope and coverage of the network.
 Mesh Topology
❑A mesh topology is implemented to provide as much
protection as possible from interruption of service.
❑Each host has its own connections to all other hosts.
❑ Although the Internet has multiple paths to any one
location, it does not adopt the full mesh topology.
 Bandwidth

Bandwidth is a actual capacity of transmission signal.

Bandwidth is critical to network performance.
Bandwidth reruirement are growing at a rapid rate.
Bandwidth is not free. We have to pay according to ISP.

22
Networking Media

23
 LAN Physical Layer
The function of media is to carry a flow of information through a
LAN.Networking media are considered Layer 1, or physical layer,
components of LANs.
eg. Unshielded Twisted Pair (UTP) Cable & Fiber cable

Each media has advantages and disadvantages.

Some of the advantage or disadvantage comparisons concern:
➢ Cable length
➢ Cost
➢ Ease of installation
➢ Susceptibility to interference

24
 Cable Specifications
10BASE-T
The T stands for twisted pair. (Approximately 100 meters)

10/100 100 Base FX 1000 1000 Base 1000 Base

Base T Base T SX LX
Media Cat 5/6 62.5/125 Cat 5/6 62.5/50 9 Micron
Micron MMF Micron MMF SMF
Max. Seg. 100 m 400 m 100 m 275 m(62.5) Upto 10
Length 550 m (50) Km.

25
Straight-through cable
Straight-through cable pinout
Crossover cable
Crossover cable

29
Rollover cable
Rollover cable pinout
 Straight-Thru or Crossover
❑Use straight-through cables for the following cabling:
❑ Switch to router
❑ Switch to PC or server
❑ Hub to PC or server

❑Use crossover cables for the following cabling:

❑ Switch to switch
❑ Switch to hub
❑ Hub to hub
❑ Router to router
❑ PC to PC
❑ Router to PC
Straight-Through vs. Crossover

33
 SMF - Single Mode Fiber Cables Details

➢ Generally, single mode fibers have a small core size (less than 10 µm) that
permits only one mode or ray of light to be transmitted.
➢ For this reason, there is little light reflection created when light passes
through the single mode fiber core. This will lower fiber attenuation and
create the ability for the signal to travel further.
➢ Single mode fibers usually used in long distance

34
 MMF Multi Mode Fiber Cables Details
Multi Mode Fiber

➢ Multimode fibers have larger cores (62.5 µm or 50 µm) that guide many
modes simultaneously, which means more data can pass through the
multimode fiber core at a given time.
➢ This will create more light reflections and higher dispersion and attenuation
rate, reducing quality of the signal over long distances.
➢ Multimode fibers are used in short distance.

35
Optical Multi-mode Fiber Cables Details

36
OM1 – OM2 – OM3 – OM4 Fiber Cables

OM1 & OM2 MMF Cables OM3 & OM4 MMF Cables

37
 Fiber Optic Patch Cables
ST - ST SC - SC

LC - LC MTRJ - MTRJ

38
Fiber Optic Patch Cables
ST - LC
ST - SC

SC - MTRJ
ST - MTRJ

39
 Fiber Optics / RJ45 Modules
GBIC SC Module GBIC RJ45 Module

SFP LC Module SFP RJ45 Module

40
 Media Converters
UTP to Fiber ST UTP to Fiber SC

UTP to Fiber SFP UTP to Fiber LC

41
USB to Serial Converters

42
 Lesson -2
➢ Understanding IP Address
➢ Different classes of IP Address
➢ Understanding Public and Private IP Address
➢ Understanding Subnetting
➢ Understanding classless inter-domain routing (CIDR)

43
 Converting Decimal to Binary
Convert 20110 to binary:
201 / 2 = 100 remainder 1
100 / 2 = 50 remainder 0
50 / 2 = 25 remainder 0
25 / 2 = 12 remainder 1
12 / 2 = 6 remainder 0
6 / 2 = 3 remainder 0
3 / 2 = 1 remainder 1
1 / 2 = 0 remainder 1
When the quotient is 0, take all the remainders in
reverse order for your answer: 20110 = 110010012
Binary to Decimal Chart
Hex to Binary to Decimal Chart
 Network and Host Division
Each complete 32-bit IP address is broken down into a network
part and a host part. A bit or bit sequence at the start of each
address determines the class of the address. There are 5 IP
address classes.

An IP address will always be divided into a network and host

portion. In a classful addressing scheme, these divisions take place
at the octet boundaries.

47
 IP Addressing
32 Bits
Dotted
Decimal Network Host

Maximum 255 255 255 255

1 8 9 16 17 24 25 32

Binary 11111111 11111111 11111111 11111111

1
128
64
32
16
8
4
2
2
128
64
32
16
8
4
1
16

8
4
128
64
32
8
4
2
1
128
64
32
16

2
1
Example
Decimal 172 16 122 204
Example
Binary 10101100 00010000 01111010 11001100

48
 IP Address Classes

8 Bits 8 Bits 8 Bits 8 Bits

•Class A: Network Host Host Host

•Class B: Network Network Host Host

•Class C: Network Network Network Host

•Class D: Multicast
•Class E: Research
49
 IP Address Classes
Bits: 1 8 9 16 17 24 25 32
0NNNNNNN Host Host Host
Class A:
Range (1-126)

Bits: 1 8 9 16 17 24 25 32
10NNNNNN Network Host Host
Class B:
Range (128-191)
1 8 9 16 17 24 25 32
Bits:
110NNNNN Network Network Host
Class C:
Range (192-223)
1 8 9 16 17 24 25 32
Bits:
1110MMMM Multicast Group Multicast Group Multicast Group
Class D:
Range (224-239)
50
 IP Address Classes
IP addresses are divided into classes to define the large,
medium, and small networks.

Class A addresses are assigned to larger networks.

Class B addresses are used for medium-sized networks
Class C for small networks.

51
Identifying Address Classes

52
 Network/Broadcast Addresses
at the Binary Level
An IP address that has binary 0s in all host bit positions is
reserved for the network address, which identifies the
network. An IP address that has binary 1s in all host bit
positions is reserved for the broadcast address, which is
used to send data to all hosts on the network. Here are some
examples:
Class Network Address Broadcast Address
A 100.0.0.0 100.255.255.255
B 150.75.0.0 150.75.255.255
C 200.100.50.0 200.100.50.255

53
 Subnet Mask
A subnet mask is used to identify which parts of the
ip address are the network parts and which parts are the
host parts.
e.g. IP 192.168.1.10 Subnet mask : 255.255.255.0
This indicates that the first 3 octet of the IP address are
used to identify the Network and last octet to identify host
address .
Default Subnet Mask

Class A 255.0.0.0
Class B 255.255.0.0
Class C 255.255.255.0

54
 Octet Values of a Subnet Mask

Subnet masks, like IP addresses, are represented in the dotted decimal

format like 255.255.255.0

55
 Private IP Addresses

Private networks that are not connected to the Internet

may use any host addresses, as long as each host
within the private network is unique.

Class Private Address Range

A 10.0.0.0 to 10.255.255.255
B 172.16.0.0 to 172.31.255.255
C 192.168.0.0 to 192.168.255.255

56
 Public IP Addresses
Unique addresses are required for each device
on a network.

No two machines that connect to a public

network can have the same IP address because
public IP addresses are global and standardized.

Public IP addresses must be obtained from an

Internet service provider (ISP) or a registry at
some expense.

57
Public IP Addresses

58
 Classless Inter-Domain Routing (CIDR)

• Basically the method that ISPs (Internet Service

Providers) use to allocate an amount of
addresses to a company, a home
• Ex : 192.168.10.32/28
• The slash notation (/) means how many bits are
turned on (1s)
CIDR Values
 Determining Available Host Addresses
Network Host
172 16 0 0
N

13

4
16
15
14
12
11
10
9
8
7
6
5
3
2
1
00010000 00000000 00000000 1
10101100 00000000 00000001 2
00000000 00000011 3

...

...

...
11111111 11111101 65534
11111111 11111110 65535
11111111 11111111 65536
– 2
2N – 2 = 216 – 2 = 65534 65534
61
 Subnetting

❑Subnetting is logically dividing the network

by extending the 1’s
❑Advantage
❑Can divide network in smaller parts
❑Restrict Broadcast traffic
❑Security
❑Simplified Administration
 Formula

❑ Number of subnets – 2x-2

Where X = number of bits borrowed

❑ Number of Hosts – 2y-2

Where y = number of 0’s

❑ Block Size = Total number of Address

Block Size = 256-Mask
Addressing Without Subnets

172.16.0.1 172.16.0.2 172.16.0.3 172.16.255.253 172.16.255.254

…...

172.16.0.0

• Network 172.16.0.0
64
Addressing with Subnets

172.16.3.0

172.16.4.0

172.16.1.0 172.16.2.0

• Network 172.16.0.0
 Subnet Addressing
172.16.2.200 172.16.3.5
172.16.3.1
E1
172.16.2.2 E0 172.16.3.100
172.16.2.1

172.16.2.160 172.16.3.150

New Routing Table

172.16 . 2 . 160 Network Interface
Network Host 172.16.0.0 E0
172.16.0.0 E1
 Subnet Addressing
172.16.2.200 172.16.3.5
172.16.3.1
E1
172.16.2.2 E0 172.16.3.100
172.16.2.1

172.16.2.160 172.16.3.150

New Routing Table

172.16 . 2 . 160 Network Interface
Network Subnet Host 172.16.2.0 E0
172.16.3.0 E1
 Subnet Mask
Network Host

IP
Address
172 16 0 0
Network Host
Default
Subnet
Mask
255 255 0 0
11111111 11111111 00000000 00000000
• Also written as “/16,” where 16 represents the number of 1s in
the mask
Network Subnet Host
8-Bit
Subnet 255 255 255 0
Mask
• Also written as “/24,” where 24 represents the number of 1s in
the mask
Decimal Equivalents of Bit Patterns
128 64 32 16 8 4 2 1

0 0 0 0 0 0 0 0 = 0
1 0 0 0 0 0 0 0 = 128
1 1 0 0 0 0 0 0 = 192
1 1 1 0 0 0 0 0 = 224
1 1 1 1 0 0 0 0 = 240
1 1 1 1 1 0 0 0 = 248
1 1 1 1 1 1 0 0 = 252
1 1 1 1 1 1 1 0 = 254
1 1 1 1 1 1 1 1 = 255
 Subnet Mask Without Subnets
Network Host

172.16.2.160 10101100 00010000 00000010 10100000

255.255.0.0 11111111 11111111 00000000 00000000

10101100 00010000 00000000 00000000

Network
172 16 0 0
Number

• Subnets not in use—the default

70
 Subnet Mask with Subnets
Network Subnet Host

172.16.2.160 10101100 00010000 00000010 10100000

255.255.255.0 11111111 11111111 11111111 00000000

10101100 00010000 00000010 00000000

255
128
192
224
240
248
252
254
Network
Number 172 16 2 0

• Network number extended by eight bits

71
 Subnet Mask with Subnets
(cont.)
Network Subnet Host

172.16.2.160 10101100 00010000 00000010 10100000

255.255.255.192 11111111 11111111 11111111 11000000

10101100 00010000 00000010 10000000

255

255
128
192
224
240
248
252
254

128
192
224
240
248
252
254
Network
Number 172 16 2 128

• Network number extended by ten bits

72
 Lesson -3

CISCO IOS

73
 Cisco IOS
Cisco technology is built around the Cisco Internetwork
Operating System (IOS), which is the software that controls
the routing and switching functions of internetworking devices.

As with a computer, a router or switch cannot function without

an operating system. Cisco calls its operating system the Cisco
Internetwork Operating System or Cisco IOS.
 Introduction to Routers
A router is a special type of computer. It has the same basic components as a standard desktop
PC. However, routers are designed to perform some very specific functions. Just as computers
need operating systems to run software applications, routers need the Internetwork Operating
System software (IOS) to run configuration files. These configuration files contain the
instructions and parameters that control the flow of traffic in and out of the routers. The many
parts of a router are shown below:
 Router Memory Components
ROM - Read Only Memory – Bootstrap/POST

FLASH Memory - IOS Images are kept here

- Erasable reprogrammable ROM
- Contents are kept on Power down or reload

RAM - Random Access memory

- Routing Tables
- Running Configuration
- Contents are lost on reboot

NVRAM - Start up configuration

- Configuration Register
- Contents are kept on reload
 ROM
Read-Only Memory

ROM has the following characteristics and functions:

❑ Maintains instructions for power-on self test

(POST) diagnostics
❑ Stores bootstrap program and basic operating
system software
❑ Mini IOS
 RAM

Random Access Memory, also called dynamic RAM (DRAM)

RAM has the following characteristics and functions:

❑ Stores routing tables

❑ Holds ARP cache
❑ Performs packet buffering (shared RAM)
❑ Provides temporary memory for the configuration file of
the router while the router is powered on
❑ Loses content when router is powered down or restarted
 NVRAM

Non-Volatile RAM

NVRAM has the following characteristics and functions:

❑Provides storage for the startup configuration file

❑Retains content when router is powered down or
restarted
❑Configuration Register – 16 bit register which decides
boot sequence
 Flash
Flash memory has the following characteristics and
functions:

❑ Holds the operating system image (IOS)

❑ Allows software to be updated without
removing and replacing chips on the processor
❑ Retains content when router is powered down
or restarted
❑ Can store multiple versions of IOS software
❑ Is a type of electronically erasable,
programmable ROM (EEPROM)
 Interfaces
Interfaces have the following characteristics and functions:

Connect router to network for frame entry and exit

Can be on the motherboard or on a separate module

Types of interfaces:

❑ Ethernet
❑ Fast Ethernet
❑ Serial
❑ ISDN BRI
❑ Loopback
❑ Console
❑ Aux
Router Internal Components
 Router Power-On/Bootup Sequence

1. Perform power-on self test (POST).

2. Load and run bootstrap code.
3. Find the Cisco IOS software.
4. Load the Cisco IOS software.
5. Find the configuration.
6. Load the configuration.
7. Run the configured Cisco IOS software.
 After the Post…
After the POST, the following events occur as the router initializes:

Step 1
The generic bootstrap loader in ROM executes. A bootstrap is a simple set of instructions that
tests hardware and initializes the IOS for operation.

Step 2
The IOS can be found in several places. The boot field of the configuration register determines
the location to be used in loading the IOS.

Step 3
The operating system image is loaded.

Step 4
The configuration file saved in NVRAM is loaded into main memory and executed one line at a
time. The configuration commands start routing processes, supply addresses for interfaces,
and define other operating characteristics of the router.

Step 5
If no valid configuration file exists in NVRAM, the operating system searches for an available
TFTP server. If no TFTP server is found, the setup dialog is initiated.
 Loading the Cisco IOS Software
From Flash Memory

• The flash memory file is decompressed into RAM.

 Loading the Configuration

• Load and execute the configuration from NVRAM.

• If no configuration is present in NVRAM, enter setup mode.
External Components of a 2600 Router
Internal Components of a 2600 Router
Computer/Terminal Console Connection
HyperTerminal Session Properties
IOS File System Overview
Switching

92
Ethernet Access with Hubs

93
Ethernet Access with Switches

94
 Shared vs. Dedicates Bandwidth
If a hub is used, bandwidth is shared. If a switch is used, then bandwidth
is dedicated. If a workstation or server is directly connected to a switch
port, then the full bandwidth of the connection to the switch is available
to the connected computer. If a hub is connected to a switch port,
bandwidth is shared between all devices connected to the hub.

95
 Full Duplex Transmitting
Full-duplex Ethernet allows the transmission of a packet and the reception of a
different packet at the same time.
This simultaneous transmission and reception requires the use of two pairs of wires
in the cable and a switched connection between each node. This connection is
considered point-to-point and is collision free.
The full-duplex Ethernet switch takes advantage of the two pairs of wires in the
cable by creating a direct connection between the transmit (TX) at one end of the
circuit and the receive (RX) at the other end.

96
Benefits of Switching

97
 How Switches Learn Addresses

Switches learn in the following ways:

• Reading the source MAC address of each

received frame or datagram

• Recording the port on which the MAC address

was received.

In this way, the switch learns which addresses belong to

the devices connected to each port.

98
Switching Frames

99
ARP (Address Resolution Protocol)
Host A
ARP Request - Broadcast to all hosts
SIEMENS
NIXDORF
„What is the hardware address for IP address 128.0.10.4?“

ARP Reply

SIEMENS
NIXDORF
SIEMENS
NIXDORF

Host B
IP Address: 128.0.10.4
HW Address: 080020021545

100
 RARP
Reverse Address Resolution Protocol (RARP) associates a known
MAC addresses with an IP addresses.

A network device, such as a diskless workstation, might know its

MAC address but not its IP address. RARP allows the device to
make a request to learn its IP address.Devices using RARP
require that a RARP server be present on the network to answer
RARP requests.

101
 Lesson – 4 & 5

Switch / Router
Configuration

102
 Router User Interface Modes
The Cisco command-line interface (CLI) uses a hierarchical structure. This
structure requires entry into different modes to accomplish particular tasks.

Each configuration mode is indicated with a distinctive prompt and allows

only commands that are appropriate for that mode.

103
 Switch Command Modes
Switches have several command modes.

The default mode is User EXEC mode, which ends in a greater-than

character (>).

The commands available in User EXEC mode are limited to those

that change terminal settings, perform basic tests, and display
system information.

The enable command is used to change from User EXEC mode to

Privileged EXEC mode, which ends in a pound-sign character (#).

The configure command allows other command modes to be

accessed.

104
 CLI Switch Modes
Switch con0 is now available
Press RETURN to get started.
User access Verification
Password :
Switch >  User Mode Prompt
Switch >enable
Password :
Switch #  Privileged Mode Prompt
Switch #config terminal
Switch(config)#  Global Config Mode Prompt

Switch(config)#^Z or exit (To exit from Global Config Mode)

Switch #exit (To exit from Privileged Mode)
Switch >

105
 Configuring a Switch’s Name
A switch should be given a unique name as one of the first
configuration tasks.

This task is accomplished in global configuration mode using

the following commands:

Switch(config)#hostname TSG
TSG(config)#

As soon as the Enter key is pressed, the prompt changes from

the default host name (switch) to the newly configured host
name (which is TSG in the example above).

106
 Message Of The Day (MOTD)
A message-of-the-day (MOTD) banner can be displayed on all
connected terminals.

Enter global configuration mode by using the command conf t

Switch #conf t
Switch(config)#banner motd # Welcome To Mumbai Switch #
Switch config)#^Z
Switch #wr (To save changes into NVRAM)

Switch #exit (To exit from Privileged mode)

Switch con0 is now available
Press RETURN to get started.
Welcome To Mumbai Switch
Router>

107
 Setting Passwords

There are four passwords used to secure your Cisco

Switch : enable password, enable secret , console
& telnet (VTY).
The first two passwords are used to set your enable
password that’s used to secure privileged mode.
This will prompt a user for a password when the
enable command is used.
The other two are used to configure a password
when user mode is accessed either through the
console port or Telnet.

108
 Configuring Enable / Secret Password

To set Enable / Secret Password enter into global mode

Switch #conf t
Switch(config)#
• To set Enable Password
Switch(config)#enable password <password>
• To remove enable password type
Switch(config)#no enable password
• To set Secret Password
Switch(config)#enable secret <password>
• To remove secret password type
Switch(config)#no enable secret

109
 Configuring a Console Password
To allow connections with a password by using the login
command to tell the router to prompt for authentication.
Console Password
Switch #config t
Switch(config)#line console 0
Switch(config-line)# password <password>
Switch(config-line)# login
To allow connections without a password by using the no
login command:
Switch(config-line)# line console 0
Switch(config-line)#no login

110
 Configuring a Telnet Password
To set Telnet Password
Switch#config t
Switch(config-line)#line vty 0 4
Switch(config-line)# password <password>
Switch(config-line)# login

Configuring Username with Password :

Switch#config t
Switch(config)#username abc password xyz

Set ‘login local’ command in console or telnet

to authenticate above username & passowrd.
Switch(config-line)#login local

111
 The show version Command
The show version command displays following information

➢ IOS version and descriptive information

➢ Bootstrap ROM version
➢ Size of DRAM & Flash Memory
➢ Switch up time
➢ System image file and location
➢ Switch platform
➢ Switch Interfaces
➢ Configuration register setting

To find out the amount of flash memory & IOS image file name type

switch# show flash

112
 Cisco Discovery Protocol (CDP)
Display summary information about CDP neighbors.
Switch#sh cdp neighbors

Display detailed information about CDP neighbors.

Switch#show cdp neighbors detail

Switch(config)#cdp run (Enables CDP globally by default on)

Switch(config)#no cdp run (Turns off CDP globally)

Enables CDP on a specific interface

Switch(config-if)#cdp enable

Turns off CDP on a specific interface

Switch(config-if)#no cdp enable

113
 Viewing, Saving, and Erasing Configurations

Switch#sh run (To show the running-config file)

Switch#sh conf (To show the startup-config file)

Switch#copy run start or Switch#wr (To save config into nvram)

Destination filename [startup-config]?[Enter]
Warning: Attempting to overwrite an NVRAM configuration
previously written by a different version of the system image.
Overwrite the previous NVRAM configuration?[confirm][Enter]
Building configuration...
Ok

Switch#erase startup-config (To delete the startup-config file)

Erasing the nvram filesystem will remove all files!
Continue? [confirm][Enter]
[OK]
Erase of nvram: complete

114
 Show Flash Command
Switch#show flash (To show flash file information)
System flash directory:
1 -rwx 5505024 c3560-ipbase-mz.122-25.SEB4.bin
2 -rwx 150 vlan.dat
3 -rwx 226 config.text
[5505400 bytes used, 11692456 available, 16777216 total]
16384K bytes of processor board System flash (Read ONLY)

config.text file contains switch configuration which is saved in flash.

Switch#delete flash:config.text (To remove configuration)

Vlan.dat file contains all VLAN & VTP informations of switch.

Switch#delete flash:vlan.dat (To remove VLAN & VTP information)

115
Lesson 6

VLANS

116
 VLANs (Virtual LANs)
➢ VLAN is defined as logical grouping of network
resources & User connected to predefined ports on a
Switch, defined by Administrator.
➢ A Single VLAN is treated as a separate subnet or
broadcast domain.VLANs are used to create smaller
broadcast domain within a switch.
➢ A physical port association is used to implement
VLAN assignment.
➢ Communication between VLANs can occur only
through the router or layer3 switch.

117
 VLAN Overview

• Layer 2
connectivity
• Logical
organizational
flexibility
• Single
broadcast
domain
• Management
• Basic security

A VLAN = A Broadcast Domain = Logical Network (Subnet)

118
 Advantages of VLAN

➢ VLANs allow logical grouping of users by function.

➢ VLANs allow access to network services based on department,
not physical location.
➢ VLANs can greatly simplify adding, moving, or changing hosts
on the network.
➢ VLANs establish broadcast domains in switched networks.
➢ VLANs enhance network security.
➢ VLANs increase the number of broadcast domains while
decreasing the size of the broadcast domains.
➢ LANs isolate broadcast traffic.

119
 VLAN Configuration Commands
Switch(config)#vlan vlan_id
Create a VLAN

Switch(config-vlan)#name vlan_name
Provide a VLAN name

Switch(config)#interface gigabitethernet 0/1

Enters interface configuration mode

Switch(config-if)#switchport mode access

Configures the interface as an access port

Switch(config-if)#switchport access vlan vlan_id

Assigns the access port to a VLAN

120
 Configuring VLANs
➢ Configuring VLANs in Global Mode
Switch#configure terminal
Switch(config)#vlan 2
Switch(config-vlan)#name rtsg
Switch(config-vlan)#exit
Switch(config)#^Z
Switch#

➢ Configuring VLANs in VLAN Database Mode

Switch#vlan database
Switch(vlan)#
Switch(vlan)#vlan 2 name rtsg
VLAN2 added :
Name: rtsg
Switch(vlan)#apply
Apply completed.
Switch(vlan)#control + c
Switch#

121
 Deleting VLANs
➢ Deleting VLANs in Global Mode
Switch#configure terminal
Switch(config)#no vlan 2
Switch(config)#^Z
Switch#

➢ Deleting VLANs in VLAN Database Mode

Switch#vlan database
Switch(vlan)#
Switch(vlan)#no vlan 2
Deleting VLAN 2...
Switch(vlan)#apply
APPLY completed.
Switch(vlan)#control + c
Switch#

122
 Assigning Switch Ports to VLANs
Switch#conf t
Switch(config)#int fa0/24 (For Specifying single port)
Switch(config-if-range)#switchport access vlan 2
Switch(config)#int range fa0/9 – 16 (For Specifying range of ports)
Switch(config-if-range)#switchport access vlan 2
Switch(config)#^Z
Switch# sh vlan (To show vlan & port information)
VLAN Name Status Ports
---- -------------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/17, Fa0/18, Fa0/19, Fa0/20,
Fa0/21, Fa0/22, Fa0/23,Gi0/1, Gi0/2
2 VLAN0002 active Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/24

123
 After Deleting VLAN configuration again
ReAssign Switch Port To Default VLAN
Switch#conf t
Switch(config)#int range fa0/9 – 16 (For Specifying range of ports)
Switch(config-if-range)#switchport access vlan 1
Switch(config)#int fa0/24 (For Specifying single port)
Switch(config-if-range)#switchport access vlan 2
Switch(config)#^Z
Switch#
Switch# sh vlan (To show vlan & port information)
VLAN Name Status Ports
---- ------------------------- --------- -------------------------------
1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4
Fa0/5, Fa0/6, Fa0/7, Fa0/8
Fa0/9, Fa0/10, Fa0/11, Fa0/12
Fa0/13, Fa0/14, Fa0/15, Fa0/16
Fa0/17, Fa0/18, Fa0/19, Fa0/20
Fa0/21, Fa0/22, Fa0/23, Fa0/24,
Gi0/1, Gi0/2

124
Procedure to Assign Mgmt. IP Address to Switch
Switch#conf t
Switch(config)#int vlan1
Switch(config-if)#ip add 172.17.0.241 255.255.0.0
Switch(config-if)#no shut
Switch(config-if)#^Z
Switch#

To Enable Port in Switch To Disable Port in Switch

Switch#conf t Switch#conf t
Switch(config)#int fa0/1 Switch(config)#int fa0/1
Switch(config-if)#no shut Switch(config-if)#shut
Switch(config-if)#^Z Switch(config-if)#^Z
Switch# Switch#

125
 Configuring the Switch
Default Gateway

Switch(config)#ip default-gateway {ip address}

Purpose : For remote management over LAN/WAN

Example:
Switch(config)#ip default-gateway 172.20.137.1

126
 Telnet vs. SSH Access
➢ Telnet
• Most common access method
• Insecure
➢ SSH
• Encrypted
• IP domain must be defined
• key must be generated

SSH Configuration :
username cisco password cisco
ip domain-name mydomain.com
crypto key generate rsa
ip ssh time out 60
ip ssh authentication retries 3
ip ssh version 2
line vty 0 4
login local
transport input ssh

127
Port Security

128
 Configuring Port Security

SwitchX(config-if)#switchport port-security [
mac-address mac-address | mac-address sticky
[mac-address] | maximum value | violation
{restrict | shutdown}]

SwitchX(config)#interface fa0/5
SwitchX(config-if)#switchport mode access
SwitchX(config-if)#switchport port-security
SwitchX(config-if)#switchport port-security maximum 1
SwitchX(config-if)#switchport port-security mac-address sticky
SwitchX(config-if)#switchport port-security violation shutdown

129
 Verifying Port Security on the switch
SwitchX#show port-security [interface interface-id] [address]
[ | {begin | exclude | include} expression]

SwitchX#show port-security interface fastethernet 0/5

Port Security : Enabled

Port Status : Secure-up
Violation Mode : Shutdown
Aging Time : 20 mins
Aging Type : Absolute
SecureStatic Address Aging : Disabled
Maximum MAC Addresses : 1
Total MAC Addresses : 1
Configured MAC Addresses : 0
Sticky MAC Addresses : 0
Last Source Address : 0000.0000.0000
Security Violation Count : 0

130
 VLAN Trunking

➢ Specifically developed for multi vlan inter switch communication.

➢ Places a unique identifier in each frame.
➢ Function at layer 2
Trunking with 802.1Q :
An IEEE standards & add a tag to original frame.
Does not tag frames that belongs to the native vlan.
Native VLANs should have same at both ends.

131
802.1Q Native VLAN

132
 Trunking Configuration Command

➢ Trunk can be configured via statically or via DTP.

➢ DTP Provides the ability to negotiate the trunking method.
Configuring a trunk
• Switchport trunk
• Switchport mode
• Switchport nonegotiate

133
 Dynamic Trunking Protocol -DTP Modes
Mode : What the Mode Does
on : Forces the link into permanent trunking, even if the
neighbor doesn't agree
off :Forces the link to permanently not trunk, even if the
neighbor doesn't agree
desirable : Causes the port to actively attempt to become a
trunk, subject to neighbor agreement (neighbor set to on,
desirable, or auto )
auto :Causes the port to passively be willing to convert to
trunking. The port will not trunk unless the neighbor is set to
on or desirable . This is the default mode. Note that auto-auto
(both ends default) links will not become trunks.

134
Switchport Mode Interaction

135
 802.1Q Trunk Configuration
Switch(config)#interface GigabitEthernet0/1
Switch(config-if)# switchport trunk encapsulation dot1q
Switch(config-if)# switchport mode trunk
Switch(config-if)#switchport trunk allowed vlan 1,5,9
Switch(config-if)#switchport trunk native vlan 1
Switch#show interfaces trunk
Port Mode Encapsulation Status Native vlan
Gig0/1 on 802.1q trunking 1
Port Vlans allowed on trunk
Gig0/1 1-1005
Port Vlans allowed and active in management domain
Gig0/1 1,1002,1003,1004,1005

136