0% found this document useful (0 votes)
5 views

Chapter 3 - Network Layer Ver 7

Uploaded by

Azizah Md Aziz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
5 views

Chapter 3 - Network Layer Ver 7

Uploaded by

Azizah Md Aziz
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 74

Chapter 3 : Network Layer

Introduction to Networks v7.0


(ITN)
3.1 Construct IP addressing
and subnetting

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
IPv4 Address Structure
Network and Host Portions
• An IPv4 address is a 32-bit hierarchical address that is made up of a network portion
and a host portion.

• When determining the network portion versus the host portion, you must look at the
32-bit stream.
• A subnet mask is used to determine the network and host portions.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
IPv4 Address Structure
The Subnet Mask
• To identify the network and host portions of an IPv4 address, the subnet mask is
compared to the IPv4 address bit for bit, from left to right.
• The actual process used to
identify the network and
host portions is called
ANDing.

• IPv4 address - unique IPv4


address of the host.
• Subnet mask- to identify
the network/host portion of
the IPv4 address.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
IPv4 Address Structure
The Prefix Length
• A prefix length is a less cumbersome method used to identify a subnet mask address.

Prefix
Subnet Mask 32-bit Address
• The prefix length is the number Length

of bits set to 1 in the subnet 255.0.0.0 11111111.00000000.00000000.00000000 /8


mask. 255.255.0.0 11111111.11111111.00000000.00000000 /16

255.255.255.0 11111111.11111111.11111111.00000000 /24


• It is written in “slash notation”
therefore, count the number of 255.255.255.128 11111111.11111111.11111111.10000000 /25

bits in the subnet mask and 255.255.255.192 11111111.11111111.11111111.11000000 /26


prepend it with a slash.
255.255.255.224 11111111.11111111.11111111.11100000 /27

255.255.255.240 11111111.11111111.11111111.11110000 /28

255.255.255.248 11111111.11111111.11111111.11111000 /29

255.255.255.252 11111111.11111111.11111111.11111100 /30


© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
IPv4 Address Structure
Determining the Network: Logical AND
• A logical AND Boolean operation is used in determining the network address.
• Logical AND is the comparison of two bits where only a 1 AND 1 produces a 1 and any other
combination results in a 0.
• 1 AND 1 = 1, 0 AND 1 = 0, 1 AND 0 = 0, 0 AND 0 = 0
• 1 = True and 0 = False

• To identify the network address, the


host IPv4 address is logically
ANDed, bit by bit, with the subnet
mask to identify the network
address.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
IPv4 Address Structure
Network, Host, and Broadcast Addresses
• Within each network are three types of IP addresses:
• Network address
• Host addresses
• Broadcast address

Host
Network Portion Host Bits
Portion
Subnet mask 255 255 255 0
255.255.255.0 or /24 11111111 11111111 11111111 00000000
Network address 192 168 10 0
All 0s
192.168.10.0 or /24 11000000 10100000 00001010 00000000
First address 192 168 10 1
All 0s and a 1
192.168.10.1 or /24 11000000 10100000 00001010 00000001
Last address 192 168 10 254
All 1s and a 0
192.168.10.254 or /24 11000000 10100000 00001010 11111110
Broadcast address 192 168 10 255
All 1s
192.168.10.255 or /24 11000000 10100000 00001010 11111111

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Types of IPv4 Addresses
Public and Private IPv4 Addresses
• As defined in in RFC 1918, public IPv4 addresses are globally routed between
internet service provider (ISP) routers.

• Private addresses are common blocks of Network Address


RFC 1918 Private Address Range
addresses used by most organizations to and Prefix

assign IPv4 addresses to internal hosts. 10.0.0.0/8 10.0.0.0 - 10.255.255.255

172.16.0.0/12 172.16.0.0 - 172.31.255.255


• Private IPv4 addresses are not unique
192.168.0.0/16 192.168.0.0 - 192.168.255.255
and can be used internally within any
network.

• However, private addresses are not globally routable.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
Types of IPv4 Addresses
Special Use IPv4 Addresses
Loopback addresses
• 127.0.0.0 /8 (127.0.0.1 to 127.255.255.254)
• Commonly identified as only 127.0.0.1
• Used on a host to test if TCP/IP is operational.

Link-Local addresses
• 169.254.0.0 /16 (169.254.0.1 to 169.254.255.254)
• Commonly known as the Automatic Private IP Addressing (APIPA) addresses or self-
assigned addresses.
• Used by Windows DHCP clients to self-configure when no DHCP servers are
available.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
Types of IPv4 Addresses
Legacy Classful Addressing
RFC 790 (1981) allocated IPv4 addresses
in classes
• Class A (0.0.0.0/8 to 127.0.0.0/8)
• Class B (128.0.0.0 /16 – 191.255.0.0 /16)
• Class C (192.0.0.0 /24 – 223.255.255.0 /24)
• Class D (224.0.0.0 to 239.0.0.0)
• Class E (240.0.0.0 – 255.0.0.0)

• Classful addressing wasted many IPv4


addresses.

Classful address allocation was replaced with


classless addressing which ignores the rules of
classes (A, B, C).
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
Types of IPv4 Addresses
Assignment of IP Addresses
• The Internet Assigned Numbers Authority (IANA) manages and allocates blocks of
IPv4 and IPv6 addresses to five Regional Internet Registries (RIRs).

• RIRs are responsible for


allocating IP addresses to ISPs
who provide IPv4 address
blocks to smaller ISPs and
organizations.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Network Segmentation
Broadcast Domains and Segmentation
• Many protocols use broadcasts or multicasts (e.g., ARP use broadcasts to locate
other devices, hosts send DHCP discover broadcasts to locate a DHCP server.)
• Switches propagate broadcasts out all interfaces except the interface on which it was
received.

• The only device that stops


broadcasts is a router.
• Routers do not propagate
broadcasts.
• Each router interface connects
to a broadcast domain and
broadcasts are only
propagated within that specific
broadcast domain.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Network Segmentation
Problems with Large Broadcast Domains
• A problem with a large broadcast domain is that
these hosts can generate excessive broadcasts
and negatively affect the network.

• The solution is to reduce the size of the


network to create smaller broadcast domains in
a process called subnetting.

• Dividing the network address 172.16.0.0 /16


into two subnets of 200 users each:
172.16.0.0 /24 and 172.16.1.0 /24.
• Broadcasts are only propagated within the
smaller broadcast domains.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
Network Segmentation
Reasons for Segmenting Networks
• Subnetting reduces overall network traffic and improves network performance.
• It can be used to implement security policies between subnets.
• Subnetting reduces the number of devices affected by abnormal broadcast traffic.

• Subnets are used for a variety of reasons including by:

Location Group or Function Device Type

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
Subnet an IPv4 Network
Subnet on an Octet Boundary
• Networks are most easily subnetted at the octet boundary of /8, /16, and /24.

• Notice that using longer prefix lengths decreases the number of hosts per subnet.

Prefix Length Subnet Mask Subnet Mask in Binary (n = network, h = host) # of hosts

nnnnnnnn.hhhhhhhh.hhhhhhhh.hhhhhhhh
/8 255.0.0.0 11111111.00000000.00000000.00000000
16,777,214

nnnnnnnn.nnnnnnnn.hhhhhhhh.hhhhhhhh
/16 255.255.0.0 11111111.11111111.00000000.00000000
65,534

nnnnnnnn.nnnnnnnn.nnnnnnnn.hhhhhhhh
/24 255.255.255.0 11111111.11111111.11111111.00000000
254

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
Subnet an IPv4 Network
Subnet on an Octet Boundary (Cont.)
• In the first table 10.0.0.0/8 is subnetted using /16 and in the second table, a /24 mask.
Subnet Address Host Range Subnet Address
(256 Possible (65,534 possible hosts per Broadcast Host Range
(65,536 Possible Broadcast
Subnets) subnet) (254 possible hosts per subnet)
Subnets)
10.0.0.0/16 10.0.0.1 - 10.0.255.254 10.0.255.255 10.0.0.0/24 10.0.0.1 - 10.0.0.254 10.0.0.255

10.1.0.0/16 10.1.0.1 - 10.1.255.254 10.1.255.255 10.0.1.0/24 10.0.1.1 - 10.0.1.254 10.0.1.255


10.0.2.0/24 10.0.2.1 - 10.0.2.254 10.0.2.255
10.2.0.0/16 10.2.0.1 - 10.2.255.254 10.2.255.255
… … …
10.3.0.0/16 10.3.0.1 - 10.3.255.254 10.3.255.255
10.0.255.0/24 10.0.255.1 - 10.0.255.254 10.0.255.255
10.4.0.0/16 10.4.0.1 - 10.4.255.254 10.4.255.255 10.1.0.0/24 10.1.0.1 - 10.1.0.254 10.1.0.255
10.5.0.0/16 10.5.0.1 - 10.5.255.254 10.5.255.255 10.1.1.0/24 10.1.1.1 - 10.1.1.254 10.1.1.255

10.6.0.0/16 10.6.0.1 - 10.6.255.254 10.6.255.255 10.1.2.0/24 10.1.2.1 - 10.1.2.254 10.1.2.255


… … …
10.7.0.0/16 10.7.0.1 - 10.7.255.254 10.7.255.255
10.100.0.0/24 10.100.0.1 - 10.100.0.254 10.100.0.255
... ... ...
... ... ...
10.255.0.0/16 10.255.0.1 - 10.255.255.254 10.255.255.255 10.255.255.0/24 10.255.255.1 - 10.2255.255.254 10.255.255.255
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
Subnet an IPv4 Network
Subnet within an Octet Boundary
• Refer to the table to see six ways to subnet a /24 network.

Subnet Mask in Binary # of


Prefix Length Subnet Mask # of hosts
(n = network, h = host) subnets
nnnnnnnn.nnnnnnnn.nnnnnnnn.nhhhhhhh
/25 255.255.255.128 11111111.11111111.11111111.10000000 2 126

nnnnnnnn.nnnnnnnn.nnnnnnnn.nnhhhhhh
/26 255.255.255.192 11111111.11111111.11111111.11000000 4 62

nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnhhhhh
/27 255.255.255.224 11111111.11111111.11111111.11100000 8 30

nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnhhhh
/28 255.255.255.240 11111111.11111111.11111111.11110000 16 14

nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnhhh
/29 255.255.255.248 11111111.11111111.11111111.11111000 32 6

nnnnnnnn.nnnnnnnn.nnnnnnnn.nnnnnnhh
/30 255.255.255.252 11111111.11111111.11111111.11111100 64 2

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
VLSM
IPv4 Address Conservation
Given the topology, 7 subnets are required (i.e, four LANs and three WAN links) and the
largest number of host is in Building D with 28 hosts.

• A /27 mask would provide 8 subnets of 30 host IP addresses and therefore support
this topology.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
VLSM
IPv4 Address Conservation (Cont.)
However, the point-to-point WAN links only require two addresses
and therefore waste 28 addresses each for a total of 84 unused
addresses.

• Applying a traditional subnetting scheme to this scenario is not very efficient and is
wasteful.

• VLSM was developed to avoid wasting addresses by enabling us to subnet a subnet.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
VLSM
VLSM
• The left side displays the traditional subnetting scheme
(i.e., the same subnet mask) while the right side
illustrates how VLSM can be used to subnet a subnet
and divided the last subnet into eight /30 subnets.

• When using VLSM, always begin by satisfying the host


requirements of the largest subnet and continue
subnetting until the host requirements of the smallest
subnet are satisfied.

• The resulting topology with VLSM applied.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
VLSM
VLSM Topology Address Assignment
• Using VLSM subnets, the LAN and inter-router networks can be addressed without
unnecessary waste as shown in the logical topology diagram.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
3.2 Build Basic LAN
Configuration

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Configure Initial Router Settings
Basic Router Configuration Steps
• Configure the device name. Router(config)# hostname hostname

• Secure privileged EXEC Router(config)# enable secret password


mode.
Router(config)# line console 0
Router(config-line)# password password
• Secure user EXEC mode. Router(config-line)# login
• Secure remote Telnet / SSH Router(config)# line vty 0 4
access. Router(config-line)# password password
Router(config-line)# login
• Encrypt all plaintext Router(config-line)# transport input {ssh | telnet}
passwords.
Router(config)# service password encryption
• Provide legal notification and
Router(config)# banner motd # message #
save the configuration. Router(config)# end
Router# copy running-config startup-config

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
Configure Initial Router Settings
Basic Router Configuration Example
• Commands for basic router R1(config)# hostname R1
R1(config)# enable secret class
configuration on R1.
R1(config)# line console 0
R1(config-line)# password cisco
• Configuration is saved to R1(config-line)# login
NVRAM. R1(config-line)# line vty 0 4
R1(config-line)# password cisco
R1(config-line)# login
R1(config-line)# transport input ssh telnet
R1(config-line)# exit
R1(config)# service password encryption
R1(config)# banner motd #
Enter TEXT message. End with a new line and the #
***********************************************
WARNING: Unauthorized access is prohibited!
**********************************************
R1(config)# exit
R1# copy running-config startup-config

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
Configure Initial Router Settings
Packet Tracer – Configure Initial Router Settings
In this Packet Tracer, you will do the following:
• Verify the default router configuration.
• Configure and verify the initial router configuration.
• Save the running configuration file.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Configure Interfaces
Configure Router Interfaces
Configuring a router interface includes issuing the following commands:

Router(config)# interface type-and-number


Router(config-if)# description description-text
Router(config-if)# ip address ipv4-address subnet-mask
Router(config-if)# ipv6 address ipv6-address/prefix-length
Router(config-if)# no shutdown

• It is a good practice to use the description command to add


information about the network connected to the interface.
• The no shutdown command activates the interface.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
Configure Interfaces
Configure Router Interfaces Example
The commands to configure interface G0/0/0 on R1 are shown here:

R1(config)# interface gigabitEthernet 0/0/0


R1(config-if)# description Link to LAN
R1(config-if)# ip address 192.168.10.1 255.255.255.0
R1(config-if)# ipv6 address 2001:db8:acad:10::1/64
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)#
*Aug 1 01:43:53.435: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/0, changed state to down
*Aug 1 01:43:56.447: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/0, changed state to up
*Aug 1 01:43:57.447: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/0,
changed state to up

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
Configure Interfaces
Configure Router Interfaces Example (Cont.)
The commands to configure interface G0/0/1 on R1 are shown here:

R1(config)# interface gigabitEthernet 0/0/1


R1(config-if)# description Link to R2
R1(config-if)# ip address 209.165.200.225 255.255.255.252
R1(config-if)# ipv6 address 2001:db8:feed:224::1/64
R1(config-if)# no shutdown
R1(config-if)# exit
R1(config)#
*Aug 1 01:46:29.170: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/1, changed state to down
*Aug 1 01:46:32.171: %LINK-3-UPDOWN: Interface GigabitEthernet0/0/1, changed state to up
*Aug 1 01:46:33.171: %LINEPROTO-5-UPDOWN: Line protocol on Interface GigabitEthernet0/0/1,
changed state to up

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
Configure Interfaces
Verify Interface Configuration
To verify interface configuration use the show ip interface brief
and show ipv6 interface brief commands shown here:

R1# show ip interface brief


Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0/0 192.168.10.1 YES manual up up
GigabitEthernet0/0/1 209.165.200.225 YES manual up up
Vlan1 unassigned YES unset administratively down down

R1# show ipv6 interface brief


GigabitEthernet0/0/0 [up/up]
FE80::201:C9FF:FE89:4501
2001:DB8:ACAD:10::1
GigabitEthernet0/0/1 [up/up]
FE80::201:C9FF:FE89:4502
2001:DB8:FEED:224::1
Vlan1 [administratively down/down]
unassigned
R1#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
Configure Interfaces
Configure Verification Commands

The table summarizes show commands used to verify interface configuration.

Commands Description

show ip interface brief Displays all interfaces, their IP addresses, and their
show ipv6 interface brief current status.
show ip route Displays the contents of the IP routing tables stored in
show ipv6 route RAM.
show interfaces Displays statistics for all interfaces on the device. Only
displays the IPv4 addressing information.
show ip interfaces Displays the IPv4 statistics for all interfaces on a router.

show ipv6 interfaces Displays the IPv6 statistics for all interfaces on a router.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
Configure Interfaces
Configure Verification Commands (Cont.)
View status of all interfaces with the show ip interface brief and show ipv6 interface
brief commands, shown here:

R1# show ip interface brief


Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0/0 192.168.10.1 YES manual up up
GigabitEthernet0/0/1 209.165.200.225 YES manual up up
Vlan1 unassigned YES unset administratively down down
R1#

R1# show ipv6 interface brief


GigabitEthernet0/0/0 [up/up]
FE80::201:C9FF:FE89:4501
2001:DB8:ACAD:10::1
GigabitEthernet0/0/1 [up/up]
FE80::201:C9FF:FE89:4502
2001:DB8:FEED:224::1
Vlan1 [administratively down/down]
unassigned
R1#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
Configure Interfaces
Configure Verification Commands (Cont.)
Display the contents of the IP routing tables with the show ip route and show ipv6
route commands as shown here:
R1# show ip route
< output omitted>
Gateway of last resort is not set
192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.10.0/24 is directly connected, GigabitEthernet0/0/0
L 192.168.10.1/32 is directly connected, GigabitEthernet0/0/0
209.165.200.0/24 is variably subnetted, 2 subnets, 2 masks
C 209.165.200.224/30 is directly connected, GigabitEthernet0/0/1
L 209.165.200.225/32 is directly connected, GigabitEthernet0/0/1
R1#

R1# show ipv6 route


<output omitted>
C 2001:DB8:ACAD:10::/64 [0/0]
via GigabitEthernet0/0/0, directly connected
L 2001:DB8:ACAD:10::1/128 [0/0]
via GigabitEthernet0/0/0, receive
C 2001:DB8:FEED:224::/64 [0/0]
via GigabitEthernet0/0/1, directly connected
L 2001:DB8:FEED:224::1/128 [0/0]
via GigabitEthernet0/0/1, receive
L FF00::/8 [0/0]
via Null0, receive
R1# © 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
Configure Interfaces
Configure Verification Commands (Cont.)
Display statistics for all R1# show interfaces gig0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
interfaces with the show Hardware is ISR4321-2x1GE, address is a0e0.af0d.e140 (bia a0e0.af0d.e140)
Description: Link to LAN
interfaces command, as Internet address is 192.168.10.1/24
MTU 1500 bytes, BW 100000 Kbit/sec, DLY 100 usec,
shown here: reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive not supported
Full Duplex, 100Mbps, link type is auto, media type is RJ45
output flow-control is off, input flow-control is off
ARP type: ARPA, ARP Timeout 04:00:00
Last input 00:00:01, output 00:00:35, output hang never
Last clearing of "show interface" counters never
Input queue: 0/375/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/40 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
1180 packets input, 109486 bytes, 0 no buffer
Received 84 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles

<output omitted>

R1#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
Configure Interfaces
Configure Verification Commands (Cont.)
Display IPv4 statistics for R1# show ip interface g0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
router interfaces with the Internet address is 192.168.10.1/24
Broadcast address is 255.255.255.255
show ip interface Address determined by setup command
command, as shown here: MTU is 1500 bytes
Helper address is not set
Directed broadcast forwarding is disabled
Outgoing Common access list is not set
Outgoing access list is not set
Inbound Common access list is not set
Inbound access list is not set
Proxy ARP is enabled
Local Proxy ARP is disabled
Security level is default
Split horizon is enabled
ICMP redirects are always sent
ICMP unreachables are always sent
ICMP mask replies are never sent
IP fast switching is enabled
IP Flow switching is disabled

<output omitted>

R1#
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
Configure Interfaces
Configure Verification Commands (Cont.)
Display IPv6 statistics for R1# show ipv6 interface g0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
router interfaces with the IPv6 is enabled, link-local address is
FE80::868A:8DFF:FE44:49B0
show ipv6 interface No Virtual link-local address(es):
command shown here: Description: Link to LAN
Global unicast address(es):
2001:DB8:ACAD:10::1, subnet is 2001:DB8:ACAD:10::/64
Joined group address(es):
FF02::1
FF02::1:FF00:1
FF02::1:FF44:49B0
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND NS retransmit interval is 1000 milliseconds

R1#

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
Configure the Default Gateway
Default Gateway on a Host
• The default gateway is used
when a host sends a packet to a
device on another network.
• The default gateway address is
generally the router interface
address attached to the local
network of the host.
• To reach PC3, PC1 addresses a
packet with the IPv4 address of
PC3, but forwards the packet to
its default gateway, the G0/0/0
interface of R1.
Note: The IP address of the host and the router
interface must be in the same network.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Configure the Default Gateway
Default Gateway on a Switch
• A switch must have a default gateway address
configured to remotely manage the switch from another
network.
• To configure an IPv4 default gateway on a switch, use
the ip default-gateway ip-address global configuration
command.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
How a Host Routes
Host Forwarding Decision
• Packets are always created at the source.

• Each host devices creates their own routing table.

• A host can send packets to the following:


• Itself – 127.0.0.1 (IPv4), ::1 (IPv6)
• Local Hosts – destination is on the same LAN
• Remote Hosts – devices are not on the same LAN

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
How a Host Routes
Host Forwarding Decision (Cont.)
• The Source device determines whether the destination is local or remote

• Method of determination:
• IPv4 – Source uses its own IP address and Subnet mask, along with the destination IP
address
• IPv6 – Source uses the network address and prefix advertised by the local router
• Local traffic is dumped out the host interface to be handled by an intermediary device.

• Remote traffic is forwarded directly to the default gateway on the LAN.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
How a Host Routes
Default Gateway
A router or layer 3 switch can be a default-gateway.
Features of a default gateway (DGW):
• It must have an IP address in the same range as the rest of the LAN.
• It can accept data from the LAN and is capable of forwarding traffic off of the LAN.
• It can route to other networks.
If a device has no default gateway or a bad default gateway, its traffic will not be
able to leave the LAN.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
How a Host Routes
A Host Routes to the Default Gateway
• The host will know the default
gateway (DGW) either statically or
through DHCP in IPv4.
• IPv6 sends the DGW through a
router solicitation (RS) or can be
configured manually.
• A DGW is static route which will be
a last resort route in the routing
table.
• All device on the LAN will need the
DGW of the router if they intend to
send traffic remotely.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
How a Host Routes
Host Routing Tables
• On Windows, route print
or netstat -r to display
the PC routing table
• Three sections displayed
by these two commands:
• Interface List – all
potential interfaces and
MAC addressing
• IPv4 Routing Table
• IPv6 Routing Table

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 44
3.3 Configure wireless LAN

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Introduction to Wireless
Benefits of Wireless
• A Wireless LAN (WLAN) is a type of
wireless network that is commonly used
in homes, offices, and campus
environments.
• WLANs make mobility possible within
the home and business environments.
• Wireless infrastructures adapt to rapidly
changing needs and technologies.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Limitations of Wireless LAN

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Introduction to Wireless
Types of Wireless Networks
• Wireless Personal-Area Network (WPAN) – Low power and short-range (20-30ft
or 6-9 meters). Based on IEEE 802.15 standard and 2.4 GHz frequency. Bluetooth
and Zigbee are WPAN examples.
• Wireless LAN (WLAN) – Medium sized networks up to about 300 feet. Based on
IEEE 802.11 standard and 2.4 or 5.0 GHz frequency.
• Wireless MAN (WMAN) – Large geographic area such as city or district. Uses
specific licensed frequencies.
• Wireless WAN (WWAN) – Extensive geographic area for national or global
communication. Uses specific licensed frequencies.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
Introduction to Wireless
Wireless Technologies
Bluetooth – IEEE WPAN standard used for
device pairing at up to 300ft (100m)
distance.
• Bluetooth Low Energy (BLE) – Supports mesh
topology to large scale network devices.
• Bluetooth Basic Rate/Enhanced Rate
(BR/EDR) – Supports point-to-point topologies
and is optimized for audio streaming.

WiMAX (Worldwide Interoperability for


Microwave Access) – Alternative
broadband wired internet connections.
IEEE 802.16 WLAN standard for up 30
miles (50 km).

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
Introduction to Wireless
Wireless Technologies (Cont.)
Cellular Broadband – Carry both voice and
data. Used by phones, automobiles, tablets,
and laptops.
• Global System of Mobile (GSM) –
Internationally recognized
• Code Division Multiple Access (CDMA) –
Primarily used on the US.

Satellite Broadband – Uses directional


satellite dish aligned with satellite in
geostationary orbit. Needs clear line of site.
Typically used in rural locations where cable
and DSL are unavailable.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
Introduction to Wireless
802.11 Standards
802.11 WLAN standards define how radio frequencies are used for wireless links.
IEEE Standard Radio Frequency Description

802.11 2.4 GHz Data rates up to 2 Mb/s


802.11a 5 GHz Data rates up to 54 Mb/s
Not interoperable with 802.11b or 802.11g
802.11b 2.4 GHz Data rates up to 11 Mb/s
Longer range than 802.11a and better able to penetrate building
structures
802.11g 2.4 GHz Data rates up to 54 Mb/s
Backward compatible with 802.11b
802.11n 2.4 and 5 GHz Data rates 150 – 600 Mb/s
Require multiple antennas with MIMO technology
802.11ac 5 GHz Data rates 450 Mb/s – 1.3 Gb/s
Supports up to eight antennas
802.11ax 2.4 and 5 GHz High-Efficiency Wireless (HEW)
Capable of using 1 GHz and 7 GHz frequencies

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
Introduction to Wireless
Radio Frequencies
All wireless devices operate in the range of the electromagnetic spectrum. WLAN
networks operate in the 2.4 and 5 GHz frequency bands.
• 2.4 GHz (UHF) – 802.11b/g/n/ax
• 5 GHz (SHF) – 802.11a/n/ac/ax

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
Introduction to Wireless
Wireless Standards Organizations
Standards ensure interoperability between devices that are made by different
manufacturers. Internationally, the three organizations influencing WLAN standards:
• International Telecommunication Union (ITU) – Regulates the allocation of
radio spectrum and satellite orbits.
• Institute of Electrical and Electronics Engineers (IEEE) – Specifies how a
radio frequency is modulated to carry information. Maintains the standards for
local and metropolitan area networks (MAN) with the IEEE 802 LAN/MAN family
of standards.
• Wi-Fi Alliance – Promotes the growth and acceptance of WLANs. It is an
association of vendors whose objective is to improve the interoperability of
products that are based on the 802.11 standard

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
12.2 WLAN Components

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
WLAN Components
Video – WLAN Components

This video will cover the following:


• Antennas
• Wireless Router
• Internet Port
• Wireless Access Point
• Autonomous and controller-based access points

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
WLAN Components
Wireless NICs

To communicate wirelessly, laptops, tablets,


smart phones, and even the latest
automobiles include integrated wireless
NICs that incorporate a radio
transmitter/receiver.
If a device does not have an integrated
wireless NIC, then a USB wireless adapter
can be used.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
WLAN Components
Wireless Home Router

A home user typically interconnects


wireless devices using a small, wireless
router.
Wireless routers serve as the following:
•Access point – To provide wires access

•Switch – To interconnect wired devices

•Router - To provide a default gateway to other


networks and the Internet

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
WLAN Components
Wireless Access Point

Wireless clients use their wireless NIC to


discover nearby access points (APs).
Clients then attempt to associate and
authenticate with an AP.
After being authenticated, wireless users
have access to network resources.

Cisco Meraki Go access


points

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 58
WLAN Components
AP Categories
APs can be categorized as either
autonomous APs or controller-based APs.
• Autonomous APs – Standalone
devices configured through a command
line interface or GUI. Each autonomous
AP acts independently of the others and
is configured and managed manually by
an administrator.
• Controller-based APs – Also known as
lightweight APs (LAPs). Use Lightweight
Access Point Protocol (LWAPP) to
communicate with a LWAN controller
(WLC). Each LAP is automatically
configured and managed by the WLC.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 59
WLAN Components
Wireless Antennas

Types of external antennas:


• Omnidirectional – Provide 360-degree
coverage. Ideal in houses and office areas.
• Directional – Focus the radio signal in a
specific direction. Examples are the Yagi
and parabolic dish.
• Multiple Input Multiple Output (MIMO) –
Uses multiple antennas (Up to eight) to
increase bandwidth.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 60
12.3 WLAN Operation

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 61
WLAN Operation
Video – WLAN Operation
This video will cover the following:
• Infrastructure Mode
• Ad hoc Mode
• Tethering
• Basic Service Set (BSS)
• Extended Service Set (ESS)
• 802.11 Frame Structure
• Carrier Sense Multiple Access Collision Avoidance (CSMA/CA)
• Wireless Client AP Association
• Passive and Active Delivery Mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 62
WLAN Operation
802.11 Wireless Topology Modes

Ad hoc mode - Used to connect clients


in peer-to-peer manner without an AP.

Infrastructure mode - Used to connect


clients to the network using an AP.

Tethering - Variation of the ad hoc


topology is when a smart phone or
tablet with cellular data access is
enabled to create a personal hotspot.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 63
WLAN Operation
BSS and ESS

Infrastructure mode defines two


topology blocks:
Basic Service Set (BSS)
• Uses single AP to interconnect all
associated wireless clients.
• Clients in different BSSs cannot
communicate.
Extended Service Set (ESS)
• A union of two or more BSSs
interconnected by a wired distribution
system.
• Clients in each BSS can communication
through the ESS.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 64
WLAN Operation
802.11 Frame Structure

The 802.11 frame format is similar to the Ethernet frame format, except that
it contains more fields.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 65
WLAN Operation
CSMA/CA
WLANs are half-duplex and a client cannot “hear” while it is sending, making it
impossible to detect a collision.
WLANs use carrier sense multiple access with collision avoidance (CSMA/CA) to
determine how and when to send data. A wireless client does the following:
1. Listens to the channel to see if it is idle, i.e. no other traffic currently on the
channel.
2. Sends a ready to send (RTS) message the AP to request dedicated access to the
network.
3. Receives a clear to send (CTS) message from the AP granting access to send.
4. Waits a random amount of time before restarting the process if no CTS message
received.
5. Transmits the data.
6. Acknowledges all transmissions. If a wireless client does not receive an
acknowledgment, it assumes a collision occurred and restarts the process
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 66
WLAN Operation
Wireless Client and AP Association

For wireless devices to


communicate over a network, they
must first associate with an AP or
wireless router.
Wireless devices complete the
following three stage process:
• Discover a wireless AP
• Authenticate with the AP
• Associate with the AP

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 67
WLAN Operation
Wireless Client and AP Association (Cont.)

To achieve successful association, a wireless client and an AP must agree


on specific parameters:
• SSID – The client needs to know the name of the network to connect.
• Password – This is required for the client to authenticate to the AP.
• Network mode – The 802.11 standard in use.
• Security mode – The security parameter settings, i.e. WEP, WPA, or WPA2.
• Channel settings – The frequency bands in use.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 68
WLAN Operation
Passive and Active Discover Mode
Wireless clients connect to the AP using a
passive or active scanning (probing)
process.
• Passive mode – AP openly
advertises its service by periodically Passive
sending broadcast beacon frames mode
containing the SSID, supported
standards, and security settings.
• Active mode – Wireless clients must
know the name of the SSID. The
wireless client initiates the process by
broadcasting a probe request frame
Active
on multiple channels.
mode

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 69
Module Practice and Quiz
What did I learn in this module?
• The tasks that should be completed when configuring initial settings on a router.
• Configure the device name.
• Secure privileged EXEC mode.
• Secure user EXEC mode.
• Secure remote Telnet / SSH access.
• Secure all passwords in the config file.
• Provide legal notification.
• Save the configuration.
• For routers to be reachable, the router interfaces must be configured.
• Using the no shutdown command activates the interface. The interface must also be
connected to another device, such as a switch or a router, for the physical layer to be
active. There are several commands that can be used to verify interface configuration
including the show ip interface brief and show ipv6 interface brief, the show ip route
and show ipv6 route, as well as show interfaces, show ip interface and show ipv6
interface.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 70
Module Practice and Quiz
What did I learn in this module (Cont.)?
• For an end device to reach other networks, a default gateway must be configured.
• The IP address of the host device and the router interface address must be in the
same network.
• A switch must have a default gateway address configured to remotely manage the
switch from another network.
• To configure an IPv4 default gateway on a switch, use the ip default-gateway ip-
address global configuration command.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 71
Module Practice and Quiz
What did I learn in this module?
• The tasks that should be completed when configuring initial settings on a router.
• Configure the device name.
• Secure privileged EXEC mode.
• Secure user EXEC mode.
• Secure remote Telnet / SSH access.
• Secure all passwords in the config file.
• Provide legal notification.
• Save the configuration.
• For routers to be reachable, the router interfaces must be configured.
• Using the no shutdown command activates the interface. The interface must also be
connected to another device, such as a switch or a router, for the physical layer to be
active. There are several commands that can be used to verify interface configuration
including the show ip interface brief and show ipv6 interface brief, the show ip route
and show ipv6 route, as well as show interfaces, show ip interface and show ipv6
interface.
© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 73
Module Practice and Quiz
What did I learn in this module (Cont.)?
• For an end device to reach other networks, a default gateway must be configured.
• The IP address of the host device and the router interface address must be in the
same network.
• A switch must have a default gateway address configured to remotely manage the
switch from another network.
• To configure an IPv4 default gateway on a switch, use the ip default-gateway ip-
address global configuration command.

© 2016 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 74

You might also like