IP and Router Basics

Module Objectives

OSI Model IP Addresses Routers Cisco router Configuration

The OSI Model

7 6 5 4 3

Application Presentation Session Transport Network Data Link Physical

Lower Layers Network oriented Hop-by-hop layers Upper Layers Application oriented End-to-End-Layers

2
1

OSI Model

Internet protocols are not directly based on the OSI model However, we do often use the OSI numbering system. You should at least remember these:

Layer 7: Application

Layer 4: Transport (e.g. TCP, UDP)

Layer 3: Network (IP) Layer 2: Data link Layer 1: Physical

Application layer

SMTP HTTP

FTP

Telnet

DNS

Audio

Video

TCP

UDP
IP

RTP

Transport layer Network layer

Ethernet

PPP

ATM

Optics

ADSL

Satellite

3G

Physical and Data link layer

Layer Interaction: TCP/IP Model

End to end Hop by hop
Application
TCP or UDP IP IP IP

Application
TCP or UDP IP

Link
Physical

Link

Link

Link

Link

Link
Physical

Physical

Host

Router

Router

Host

End-to-end layers

Upper layers are end-to-end Applications at the two ends behave as if they can talk directly to each other They do not concern themselves with the details of what happens in between

Hop-by-hop layers

At the lower layers, devices share access to the same physical medium Devices communicate directly with each other The network layer (IP) has some knowledge of how many small networks are interconnected to make a large internet Information moves one hop at a time, getting closer to the destination at each hop

Layer Interaction: TCP/IP Model

Application
TCP or UDP IP IP IP

Application
TCP or UDP IP

Link
Physical

Link

Link

Link

Link

Link
Physical

Physical

Host

Router

Router

Host

Layer Interaction: The Application Layer

Applications behave as if they can talk to each other, but in reality the application at each side talks to the TCP or UDP service below it.
Application Application

TCP or UDP TCP or UDP The application layer doesn't care about what happens at the lower layers, provided the transport layer IP IP IP IP carries the application's data safely from end to end.

Link
Physical

Link

Link

Link

Link

Link
Physical

Physical

Host

Router

Router

Host

Layer Interaction: The Transport Layer

The transport layer instances at the two ends act as if they are talking to each other, but in reality they are each talking to the IP layer below it. The transport layer doesn't care about what the application layer is Application Application doing above it.
TCP or UDP TCP or UDP IP IP IP The IP transport layer doesn't care what happens in the IPLink layer or below, as long asLink IP layer can move the Link Link Link Link datagrams from one side to the other. Physical Physical Physical

Host

Router

Router

Host

Layer Interaction: The Network Layer (IP)

The IP layer has to know a lot about the topology of the network (which host is connected to which router, which routers are connected to each other), but it Application Application doesn't care about what happens at the upper layers.
TCP or UDP IP TCP or UDP IP IP IP

Link Link Link The IP layer works Link forwardsLink Link hop by hop messages from one side to the other side. Physical Physical Physical

Host

Router

Router

Host

The unifying effect of the network layer

Define a protocol that works in the same way with any underlying network Call it the network layer (e.g. IP) IP routers operate at the network layer IP over anything Anything over IP

Encapsulation & Decapsulation

Lower layers add headers (and sometimes trailers) to data from higher layers
Application Data Header Transport Layer Data Header Network Layer Data Header Header Data Header Link Layer Data Header Header Header Data Trailer Trailer

Transport
Network

Network
Data Link Data Link

Layer 2 - Ethernet frame

Preamble Dest 6 bytes Source 6 bytes Type 2 bytes Data 46 to 1500 bytes CRC 4 bytes

Destination and source are 48-bit MAC addresses (e.g., 00:26:4a:18:f6:aa)

Type 0x0800 means that the data portion of the Ethernet frame contains an IPv4 datagram. Type 0x0806 for ARP. Type 0x86DD for IPv6.

Data part of layer 2 frame contains a layer 3 datagram.

IP Addressing

Purpose of an IPv4 address

Unique Identification of:
Source
So the recipient knows where the message is from Sometimes used for security or policy-based filtering of data

Destination
So the networks know where to send the data

Network Independent Format

IP over anything

Purpose of an IP Address
Identifies a machines connection to a network Physically moving a machine from one network to another requires changing the IP address Unique; assigned in a hierarchical fashion IPv4 uses unique 32-bit addresses IPv6 used similar concepts but 128-bit addresses

Basic Structure of an IPv4 Address

32 bit number (4 octet number): (e.g. 133.27.162.125) Decimal Representation: 133 27 162 125

Binary Representation: 10000101 00011011 10100010 01111101

Hexadecimal Representation:

85

1B

A2

7D

Network part and Host part

Remember IPv4 address is 32 bits Divide it into a network part and host part
network part of the address identifies which network in the internetwork (e.g. the Internet)
host part identifies host on that network

Hosts or routers connected to the same link-layer network will have IP addresses with the same network part, but different host part.
Host part contains enough bits to address all hosts on the subnet; e.g. 8 bits allows 256 addresses

Dividing an address
Hierarchical Division in IP Address:
Network Part (or Prefix) high order bits (left)
describes which physical network

Host Part low order bits (right)

describes which host on that network

Network Part Boundary can be anywhere

Host Part

choose the boundary according to number of hosts

very often NOT a multiple of 8 bits

Network Masks
Network Masks help define which bits are used to describe the Network Part and which for the Host Part Different Representations:
decimal dot notation: 255.255.224.0 binary: 11111111 11111111 11100000 00000000 hexadecimal: 0xFFFFE000

number of network bits: /19

count the 1's in the binary representation

Above examples all mean the same: 19 bits for the Network Part and 13 bits for the Host Part

Example Prefixes

137.158.128.0/17 1111 1111 1000 1001

(netmask 255.255.128.0)

1111 1111 1 000 0000 0000 0000 1001 1110 1 000 0000 0000 0000 (netmask 255.255.0.0) 1111 1111 1000 0110 0000 0000 0000 0000 0000 0000 0000 0000

198.134.0.0/16 1111 1111 1100 0110

205.37.193.128/26 (netmask 255.255.255.192) 1111 1111 1111 1111 1111 1111 11 00 0000 1100 1101 0010 0101 1100 0001 10 00 0000

Special Addresses
All 0s in host part: Represents Network
e.g. 193.0.0.0/24

e.g. 138.37.64.0/18
e.g. 196.200.223.96/28

All 1s in host part: Broadcast

e.g. 193.0.0.255 (prefix 193.0.0.0/24)
e.g. 138.37.127.255 (prefix 138.37.64.0/18) e.g. 196.200.223.111 (prefix 196.200.223.96/28)

127.0.0.0/8: Loopback address (127.0.0.1)

0.0.0.0: Various special purposes

Maximum number of hosts per network

The number of bits in the host part determines the maximum number of hosts

The all-zeros and all-ones addresses are reserved, can't be used for actual hosts
E.g. a subnet mask of 255.255.255.0 or /24 means 24 network bits, 8 host bits (24+8=32)
28 minus 2 = 254 possible hosts

Similarly a subnet mask of 255.255.255.224 or /27 means 27 network bits, 5 host bits (27+5=32)
25 minus 2 = 30 possible hosts

Ancient History: Classful Addressing

Nowadays, we always explicitly say where the boundary between network and host part is
using slash notation or netmask notation

Old systems used restrictive rules (obsolete)

Called Class A, Class B, Class C networks

Boundary between network part and host part was implied by the class

Nowadays (since 1994), no restriction

Called classless addressing, classless routing

Ancient History: Sizes of classful networks

Different classes were used to represent different sizes of network (small, medium, large) Class A networks (large):
8 bits network part, 24 bits host part

Class B networks (medium):

16 bits network part, 16 bits host part

Class C networks (small):

24 bits network part, 8 bits host part

Ancient History: What class is my address?

Just look at the address to tell what class it is.
Class A: 0.0.0.0 to 127.255.255.255
binary 0nnnnnnnhhhhhhhhhhhhhhhhhhhhhhhh

Class B: 128.0.0.0 to 191.255.255.255

binary 10nnnnnnnnnnnnnnhhhhhhhhhhhhhhhh

Class C: 192.0.0.0 to 223.255.255.255

binary 110nnnnnnnnnnnnnnnnnnnnnhhhhhhhh

Class D: (multicast) 224.0.0.0 to 239.255.255.255

binary 1110xxxxxxxxxxxxxxxxxxxxxxxxxxxx

Class E: (reserved) 240.0.0.0 to 255.255.255.255

Ancient History: Implied netmasks

A classful network had a natural or implied prefix length or netmask:
Class A: prefix length /8 (netmask 255.0.0.0)
Class B: prefix length /16 (netmask 255.255.0.0) Class C: prefix length /24 (netmask 255.255.255.0)

Modern (classless) routing systems have explicit prefix lengths or netmasks

You can't just look at an IP address to tell what the prefix length or netmask should be. Protocols and configurations need explicit netmask or prefix length.

Classless addressing
Class A, Class B, Class C terminology and restrictions are now of historical interest only
Obsolete in 1994

Internet routing and address management today is classless

CIDR = Classless Inter-Domain Routing

routing does not assume that class A, B, C implies prefix length /8, /16, /24

VLSM = Variable-Length Subnet Masks

routing does not assume that all subnets are the same size

Classless addressing example

An ISP gets a large block of addresses
e.g., a /16 prefix, or 65536 separate addresses

Allocate smaller blocks to customers

e.g., a /22 prefix (1024 addresses) to one customer, and a /28 prefix (16 addresses) to another customer (and some space left over for other customers)

An organisation that gets a /22 prefix from their ISP divides it into smaller blocks
e.g. a /26 prefix (64 addresses) for one department, and a /27 prefix (32 addresses) for another department (and some space left over for other internal networks)

Classless addressing exercise

Consider the address block 133.27.162.0/23 Allocate 5 separate /29 blocks, one /27 block, and one /25 block What are the IP addresses of each block allocated above?
in prefix length notation

netmasks in decimal
IP address ranges

What blocks are still available (not yet allocated)?

How big is the largest available block?

The need for Packet Forwarding

Many small networks can be interconnected to make a larger internetwork

A device on one network cannot send a packet directly to a device on another network
The packet has to be forwarded from one network to another, through intermediate nodes, until it reaches its destination The intermediate nodes are called routers

An IP Router
A device with more than one link-layer interface

Different IP addresses (from different subnets) on different interfaces

Receives packets on one interface, and forwards them (usually out of another interface) to get them one hop closer to their destination

Maintains forwarding tables

IP Router - action for each packet

Packet is received on one interface Checks whether the destination address is the router itself if so, pass it to higher layers Decrement TTL (time to live), and discard packet if it reaches zero

Look up the destination IP address in the forwarding table

Destination could be on a directly attached link, or through another router

Forwarding vs. Routing

Forwarding: the process of moving packets from input to output
The forwarding table
Information in the packet

Routing: process by which the forwarding table is built and maintained

One or more routing protocols Procedures (algorithms) to convert routing info to forwarding table.

(Much more later )

Forwarding is hop by hop

Each router tries to get the packet one hop closer to the destination

Each router makes an independent decision, based on its own forwarding table
Different routers have different forwarding tables and make different decisions
If all is well, decisions will be consistent

Routers talk routing protocols to each other, to help update routing and forwarding tables

Hop by Hop Forwarding

Router Functions
Determine optimum routing paths through a network
Lowest delay Highest reliability

Move packets through the network

Examines destination address in packet Makes a decision on which port to forward the packet through

Decision is based on the Routing Table

Interconnected Routers exchange routing tables in order to maintain a clear picture of the network

In a large network, the routing table updates can consume a lot of bandwidth
a protocol for route updates is required

Forwarding table structure

We don't list every IP number on the Internet the table would be huge

Instead, the forwarding table contains prefixes (network numbers)

"If the first /n bits matches this entry, send the datagram that way"

If more than one prefix matches, the longest prefix wins (more specific route)

0.0.0.0/0 is "default route" - matches anything, but only if no other prefix matches

Cisco Router Configuration

Basics

Router Components
ROM
Starts and maintains the router

Bootstrap
Stored in ROM microcode brings router up during initialisation, boots router and loads the IOS.

POST Power On Self Test

Stored in ROM microcode checks for basic functionality of router hardware and determines which interfaces are present

ROM Monitor
Stored in ROM microcode used for manufacturing, testing and troubleshooting

Mini-IOS
a.k.a RXBOOT/boot loader by Cisco small IOS ROM used to bring up an interface and load a Cisco IOS into flash memory from a TFTP server; can also perform a few other maintenance operations

Router Components
RAM
Holds packet buffers, ARP cache, routing table, software and data structure that allows the router to function; runningconfig is stored in RAM, as well as the decompressed IOS in later router models

Flash memory
Holds the IOS; is not erased when the router is reloaded; is an EEPROM [Electrically Erasable Programmable Read-Only Memory] that can be erased and reprogrammed repeatedly through an application of higher than normal electric voltage

NVRAM
Non-Volatile RAM - stores router startup-config; is not erased when router is reloaded

Router Components
Config-Register
controls how router boots;

value can be seen with show version command;

is typically 0x2102, which tells the router to load the IOS from flash memory and the startup-config file from NVRAM

0x2142, tells the router to go into Rommon mode

Purpose of the Config Register

Reasons why you would want to modify the config-register:
Force the router into ROM Monitor Mode
Select a boot source and default boot filename Enable/Disable the Break function

Control broadcast addresses

Set console terminal baud rate Load operating software from ROM Enable booting from a TFTP server

System Startup
POST
loaded from ROM and runs diagnostics on all router hardware

Bootstrap
locates and loads the IOS image; default setting is to load the IOS from flash memory

IOS
locates and loads a valid configuration from NVRAM; file is called startup-config; only exists if you copy the running-config to NVRAM

startup-config
if found, router loads it and runs embedded configuration; if not found, router enters setup mode

Overview
Router configuration controls the operation of the routers:
Interface IP address and netmask
Routing information (static, dynamic or default) Boot and startup information

Security (passwords and authentication)

Where is the Configuration?

Router always has two configurations: Running configuration
In RAM, determines how the router is currently operating Is modified using the configure command To see it: show running-config

Startup confguration
In NVRAM, determines how the router will operate after next reload Is modified using the copy command To see it: show startup-config

Where is the Configuration?

Can also be stored in more permanent places:
External hosts, using TFTP (Trivial File Transfer Protocol) In flash memory in the router

Copy command is used to move it around

copy run start
copy start tftp copy flash start

copy run tftp

copy tftp start copy start flash

Router Access Modes

User EXEC mode limited examination of router
Router>

Privileged EXEC mode detailed examination of router, debugging, testing, file manipulation (router prompt changes)
Router#
ROM Monitor useful for password recovery & new IOS upload session Setup Mode available when router has no startup-config file

External Configuration Sources

Console
Direct PC serial access

Auxiliary port
Modem access

Virtual terminals
Telnet/SSH access

TFTP Server
Copy configuration file into router RAM

Network Management Software

e.g., CiscoWorks

Changing the Configuration

Configuration statements can be entered interactively
changes are made (almost) immediately, to the running configuration

Can use direct serial connection to console port, or Telnet/SSH to vtys (virtual terminals), or Modem connection to aux port, or Edited in a text file and uploaded to the router at a later time via tftp; copy tftp start or config net

Logging into the Router

Connect router to console port or telnet to router
router> router>enable password router# router#?

Configuring the router

Terminal (entering the commands directly) router# configure terminal router(config)#

New Router Configuration Process

Load configuration parameters into RAM
Router#configure terminal

Personalize router identification

Router#(config)hostname RouterA

Assign access passwords

RouterA#(config)line console 0 RouterA#(config-line)password cisco RouterA#(config-line)login

New Router Configuration Process

Configure interfaces
RouterA#(config)interface fastethernet 0/0

RouterA#(config-if)ip address n.n.n.n m.m.m.m

RouterA#(config-if)no shutdown

Configure routing/routed protocols

Save configuration parameters to NVRAM

RouterA#copy running-config startup-config (or write memory)

Router Prompts How to tell where you are on the router

You can tell in which area of the routers configuration you are by looking at the router prompts:
Router> Router#
=> USER prompt mode => PRIVILEGED EXEC prompt mode

Router(config)
Router(config-if)

=> terminal config prompt

=> interface config prompt

Router(config-subif) => sub-interface config prompt

Router Prompts How to tell where you are on the router

You can tell in which area of the routers configuration you are by looking at the router prompts:
Router(config-route-map)#
=> route-map config => router config prompt => line config prompt => ROM Monitor mode

Router(config-router)#
Router(config-line)# rommon 1>

Configuring Your Router

Set the enable (secret) password:
router(config)# enable secret your pswd
This MD5 encrypts the password

The old method was to use the enable password command. But this is not secure (weak encryption) and is ABSOLUTELY NOT RECOMMENDED. DO NOT USE IN REAL NETWORK!

Ensure that all passwords stored on router are (weakly) encrypted rather than clear text:
router(config)# service password-encryption

Configuring Your Router

To configure interface you should go to interface configuration prompt
router(config)# interface fastethernet0/0
router(config-if)#

Save your configuration

router#copy running-config startup-config

Configuring Your Router

Global:
enable secret cop455

Interface:
interface fastethernet 0/0 ip address 10.5.2.3 255.255.255.0

Line:
line vty 0 4

Global Configuration
Global configuration statements are independent of any particular interface or routing protocol, e.g.:
hostname routerK enable secret cop455 service password-encryption

The NO Command
Used to reverse or disable commands, e.g.
ip domain-lookup no ip domain-lookup
router isis no router isis ip address 1.1.1.1 255.255.255.0 no ip address

Interface Configuration
Interfaces are named by slot/type; e.g.:
FastEthernet0/0, FastEthernet0/1, FastEthernet0/1/0, ...

Serial0/0, Serial1 ... Serial3

Vlan1, Vlan2

And can be abbreviated:

fa0/0
ser0/0 or s0/0

Interface Configuration
Administratively enable/disable the interface
router(config-if)#no shutdown

router(config-if)#shutdown

Description
router(config-if)#description ethernet link building router to admin

Global Configuration Commands

Cisco global config should always include:
ip classless ip subnet-zero no ip domain-lookup

Cisco interface config should usually include:

no shutdown no ip proxy-arp no ip redirects no ip directed-broadcast

Looking at the Configuration

Use show running-configuration to see the current configuration Use show startup-configuration to see the configuration in NVRAM, that will be loaded the next time the router is rebooted or reloaded

Interactive Configuration
Enter configuration mode, using configure terminal
Often abbreviated to conf t

Prompt gives a hint about where you are: router#configure terminal router(config)#ip classless router(config)#ip subnet-zero router(config)#int fasteth0/1 router(config-if)#ip addr n.n.n.n m.m.m.m router(config-if)#no shut router(config-if)#^Z

Storing the Configuration to a Remote System

Requires: tftpd on a unix host; destination file must exist before the file is written and must be world writable...
router#copy run tftp Remote host []? n.n.n.n Name of configuration file to write [hoste2-rtrconfg]? hoste2-rtr-confg Write file hoste2-rtr-confg on Host n.n.n.n? [confirm] Building configuration... Writing hoste2-rtr-confg !![OK] router#

Restoring the Configuration from a Remote System

Use tftp to pull file from UNIX host, copying to running-config or startup-config
router#copy tftp start Address of remote host [255.255.255.255]? n.n.n.n Name of configuration file [hoste2-rtr-confg]? Configure using hoste2-rtr-confg from n.n.n.n? [confirm] Loading hoste2-rtr-confg from n.n.n.n (via Ethernet0/0): ! [OK - 1005/128975 bytes] [OK] router# reload

Getting Online Help

This also works in configuration mode:
router(config)#ip a? accounting-list accounting-threshold accounting-transits address-pool alias as-path

router(config)#int faste0/0
router(config-if)#ip a? access-group accounting address

Getting Online Help

Can explore a command to figure out the syntax:
router(config-if)#ip addr ? A.B.C.D IP address router(config-if)#ip addr n.n.n.n ? A.B.C.D IP subnet mask router(config-if)#ip addr n.n.n.n m.m.m.m ? secondary Make this IP address a secondary address <cr> router(config-if)#ip addr n.n.n.n m.m.m.m router(config-if)#

Getting Lazy Online Help

TAB character will complete a partial word
hostel-rtr(config)#int<TAB> hostel-rtr(config)#interface et<TAB> hostel-rtr(config)#interface ethernet 0 hostel-rtr(config-if)#ip add<TAB> hostel-rtr(config-if)#ip address n.n.n.n m.m.m.m

Not really necessary; partial commands can be used:

router#conf t router(config)#int fa0/0 router(config-if)#ip addr n.n.n.n

Getting Lazy Online Help

Command history
IOS maintains short list of previously typed commands up-arrow or ^p recalls previous command down-arrow or ^n recalls next command

Line editing
left-arrow, right-arrow moves cursor inside command ^d or backspace will delete character in front of cursor Ctrl-a takes you to start of line Ctrl-e takes you to end of line

Disaster Recovery ROM Monitor

ROM Monitor is very helpful in recovering from emergency failures such as:
Password recovery Upload new IOS into router with NO IOS installed Selecting a boot source and default boot filename Set console terminal baud rate to upload new IOS quicker Load operating software from ROM Enable booting from a TFTP server

Getting to the ROM Monitor

Windows using HyperTerminal for the console session
Ctrl-Break

FreeBSD/UNIX using Tip for the console session

<Enter>, then ~# OR Ctrl-], then Break or Ctrl-C

Linux using Minicom for the console session

Ctrl-A F

MacOS using Zterm for the console session

Apple B

Disaster Recovery: How to Recover a Lost Password

Connect your PCs serial port to the routers console port

Configure your PCs serial port:

9600 baud rate

No parity
8 data bits 1 stop bit

No flow control

Disaster Recovery: How to Recover a Lost Password

Your configuration register should be 0x2102; use show version command to check Reboot the router and apply the Breaksequence within 60 seconds of powering the router, to put it into ROMMON mode
Rommon 1>confreg 0x2142 Rommon 2>reset
Router reboots, bypassing startup-config file

Disaster Recovery: How to Recover a Lost Password

Type Ctrl-C to exit Setup mode Router>enable Router#copy start run (only!!!) Router#show running Router#conf t Router(config)enable secret forgotten Router(config)int e0/0 Router(config-if)no shut Router(config)config-register 0x2102 Router(config)Ctrl-Z or end Router#copy run start Router#reload

Using TFTP to manage your router

Simple file transfer protocol Wikipedia:
http://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol

RFC 1350

router# copy start tftp router# copy tftp start router# copy flash tftp router# copy tftp flash router# copy run tftp