CCNA 4 - Course (EN V 3 0)

Cisco CCNA 4
Essential
www.supinfo.com
Copyright SUPINFO. All rights reserved
Campus Booster ID : 327

Version 3.0
Table Of Contents
1. NAT & PAT....................................................................................................................................................... 4
1.1. PRIVATE AND PUBLIC ADDRESSING .................................................................................................................. 4
1.2. ADDRESS TRANSLATION .................................................................................................................................. 4
1.2.1. NAT principle ............................................................................................................................................ 4
1.2.2. PAT principle............................................................................................................................................. 6
1.3. CONFIGURATION .............................................................................................................................................. 6
1.3.1. Commands ................................................................................................................................................. 6
1.3.2. Configuration steps ................................................................................................................................... 7
1.3.3. Verification................................................................................................................................................ 7
2. DHCP PROTOCOL ......................................................................................................................................... 8
2.1. INTRODUCTION ................................................................................................................................................ 8
2.1.1. Comparison between BOOTP and DHCP................................................................................................. 8
2.1.2. DHCP operation........................................................................................................................................ 9
2.1.3. DHCP relay ............................................................................................................................................. 10
2.2. CONFIGURATION ............................................................................................................................................ 11
2.2.1. Commands ............................................................................................................................................... 11
2.2.2. Configuration steps ................................................................................................................................. 12
2.2.3. Verification.............................................................................................................................................. 12
3. WAN NETWORKS ........................................................................................................................................ 13
3.1. DEFINITIONS .................................................................................................................................................. 13
3.2. EQUIPMENTS AND DEVICES ............................................................................................................................ 14
3.3. WAN NORMS ................................................................................................................................................. 15
3.4. CLASSIFICATION OF THE SEVERAL WAN LINK TYPES .................................................................................... 17
4. WAN DESIGN ................................................................................................................................................ 19
4.1. WAN COMMUNICATION................................................................................................................................. 19
4.2. FIRST STEPS OF WAN DESIGN ........................................................................................................................ 19
4.3. HIERARCHICAL NETWORK MODEL.................................................................................................................. 20
4.3.1. Three layered model ................................................................................................................................ 21
4.3.2. Two layered model .................................................................................................................................. 22
4.3.3. One layered model................................................................................................................................... 23
5. PPP PROTOCOL ........................................................................................................................................... 24
5.1. STUDY OF PPP PROTOCOL .............................................................................................................................. 24
5.2. ESTABLISHING A PPP SESSION ....................................................................................................................... 25
5.3. AUTHENTICATION/CONFIGURATION ............................................................................................................... 26
5.3.1. Procedure of PAP protocol configuration............................................................................................... 28
5.3.2. Procedure of CHAP configuration .......................................................................................................... 29
6. ISDN TECHNOLOGIES................................................................................................................................ 30
6.1. TECHNOLOGY ................................................................................................................................................ 30
6.2. TERMS AND EQUIPMENTS ............................................................................................................................... 31
6.3. STANDARDS ................................................................................................................................................... 32
6.4. USE/IMPLEMENTATION .................................................................................................................................. 33
6.5. DIAL ON DEMAND ROUTING (DDR) .............................................................................................................. 34
6.6. COMMANDS ................................................................................................................................................... 35
6.7. CONFIGURATION ............................................................................................................................................ 37
Essential – Cisco CCNA 4 3 / 60
7. FRAME RELAY TECHNOLOGIES............................................................................................................ 38

7.1. TECHNOLOGY ................................................................................................................................................ 38
7.2. LMI & DLCI INTERFACES ............................................................................................................................. 39
7.3. FUNCTIONING, SWITCHING TABLE AND TRANSMISSION PROCESS ................................................................... 40
7.4. FRAME RELAY SUBINTERFACES ..................................................................................................................... 42
7.5. COMMANDS ................................................................................................................................................... 44
7.6. CONFIGURATION ............................................................................................................................................ 45
8. INITIATION TO NETWORK MONITORING .......................................................................................... 47
8.1. WORKSTATIONS AND SERVERS ...................................................................................................................... 47
8.1.1. Workstations ............................................................................................................................................ 47
8.1.2. Servers ..................................................................................................................................................... 47
8.2. NETWORK OPERATING SYSTEM ...................................................................................................................... 47
8.2.1. Network operating system Microsoft Windows ....................................................................................... 48
8.2.2. Network operating system UNIX and LINUX.......................................................................................... 48
8.2.3. Network operating system Apple ............................................................................................................. 49
8.3. NETWORK MANAGEMENT .............................................................................................................................. 49
8.3.1. Introduction in network management...................................................................................................... 49
8.3.2. Model of network management and OSI.................................................................................................. 50
8.4. SNMP PROTOCOL .......................................................................................................................................... 51
8.4.1. Introduction ............................................................................................................................................. 51
8.4.2. Functioning ............................................................................................................................................. 51
8.4.3. MIB.......................................................................................................................................................... 53
8.4.4. Configuration .......................................................................................................................................... 55
8.4.5. RMON...................................................................................................................................................... 56
8.5. SYSLOG .......................................................................................................................................................... 59
8.5.1. Functioning ............................................................................................................................................. 59
8.5.2. Configuration .......................................................................................................................................... 60
1. NAT & PAT
1.1. Private and public addressing

In the beginning of the year 90s, the very strong growth and the popularity of Internet brought very
quickly to the saturation of addresses which can be provided by the IP protocol version 4. That’s why
the system of private addressing was elaborated, so as to slow down the inevitable, namely the
exhaustion of all the addresses IPv4.
The ranges of private addresses defined by the RFC 1918 are the followings:
Addresses classes Range of private addresses correspondent CIDR

A From 10.0.0.0 to 10.255.255.255 10.0.0.0 /8
B From 172.16.0.0 to 172.31.255.255 172.16.0.0 /16
C From 192.168.0.0 to 192.168.255.255 192.168.0.0 /24
These ranges of private addresses collectively used in the address’s translations, allow many networks
to use the same addresses. The translation of addresses takes all its interest by translating, or replacing,
private addresses in one or more public addresses to cross on Internet.
That creates many private addresses "cells" which can be identical for various networks, knowing that
every cell is accessible from Internet only from the public addresses attributed to every company.
Even if private addresses are being reserved for an internal use; they cannot be used directly on
Internet. This is why the routers of edge of the FAI are configured to prevent the routing of these
addresses.
1.2. Address translation

The address translation is a generic process that allows the replacement of one address by another one,
and so permits to mask private addresses of the local networks behind a public address.
This process exists under two variants:

• NAT (Network Address Translation)
o Static
o Dynamic
• PAT (Port Address Translation)
1.2.1. NAT principle
NAT was made to save IP addresses by allowing the translation of private IP addresses (RFC1918),
internals in an entity (a company, a school etc.), in one or more public IP addresses routable on
Internet.
Remark: the IP address used for the translation is not always a public IP address and can be again a
private IP that can be, itself, translated.
This address translation is mainly made on a company’s border routers connected to Internet. The
network using the private IP addresses is called the internal network (inside), whereas the part of the
network using public IP addresses (Internet) is called the external network (outside).
When a internal network (inside) user wants to communicate with a host of the external network
(outside), the router receives the packet with the private IP address and rewrites the packet by
changing the IP source address with the public IP address of the router (it’s the operation of
translation).
Then the router consults its routing table to forward the packet until the good destination. The address
will receive the packet with source public IP address of router and not the host’s private IP address
that sends the packet to the internal network.
Beyond naming "inside" and "outside", Cisco defined 4 types of addresses for the NAT:
• Inside local address: IP address attributed to a host in a LAN.
• Inside global address: IP address attributed by the ISP recognized on the Internet used to
represent a LAN.
• Outside local address: IP address attributed to a host of the external network known by users
of the internal network.
• Outside global address: IP address attributed to a host of the external network.
NAT can be used in several cases; however it can be configured by two different manners statically or
dynamically:
• Static NAT always translates a private IP address with the same public IP address. If 4 users
require a translation of address, it will thus be necessary to use 4 public IP addresses.
• Dynamic NAT translates a private IP address with a public IP address belonging to a pool of
addresses. The public IP address used for the translation is still not the same. If there aren’t
enough public IP addresses available, users will have to wait an address releases itself to be
able translated.
The advantage of NAT, besides the big economy of IP addresses, is to avoid rebuilding all the
addressing IP space during an Internet Service Provider change.
This technology also brings some security within an internal network because machines are not
accessible from outside (Internet).
1.2.2. PAT principle
PAT (Port Address Translation) or Overloading allows attribution of a single public IP address for the
translation of several private IP addresses. Every user is differentiated thanks to a unique port number
which is attributed to him when he wants to communicate.
Given that there are 65536 different ports, a router could translate until 65536 different private IP
addresses. However really, equipment can manage on average that the translation about 4000 ports by
public IP addresses.
1.3. Configuration
1.3.1. Commands
• ip nat inside
o Interface configuration mode
o Specifies inside interface
o Additional to others NAT commands
• ip nat outside
o Specifies outside interface
o Additional to others NAT commands
• ip nat inside source static {local-ip} {global-ip}

o Global configuration mode
o Establishes a static translation between one ‘Inside local address’ and ‘Inside global
address’
• access-list {number} permit {prefix} {wildcard_mask}

o
Global configuration mode
Specifies one or several networks authorized to be translated
• ip nat inside source list {number} pool {pool_name}

o Defines the pool which is going to be translated
• ip nat pool {pool_name} {first-ip} {last-ip} netmask {subnet_mask}

o Specifies the IP address pool: all addresses between the ‘first-ip’ and ‘last-ip’
• ip nat inside source list {number} interface type {number} overload

o PAT configuration on the outside interface
• clear ip nat translation

o Privileged exec mode
o Clears the NAT translation table (port association)
1.3.2. Configuration steps
• Specify the outside and inside interfaces (ip nat outside / inside)
o Static NAT
Specify every address one by one (ip nat inside static source ip1 ip2)
o Dynamic NAT
Specify the private block
Specify the public pool
Activate NAT with the private block and the public pool in argument
o PAT
Specify the private block
Activate NAT on the outside interface with the private block argument
1.3.3. Verification
• show ip nat translations

o privileged mode
o Displays information about every current translation in particular the time which since
it’s active.
• show ip statistics nat

o privileged mode
o Displays information about NAT
• show running-config
o privileged mode
o displays router configuration
• debug ip nat
o privileged mode
o displays all translated packets in real-time
2. DHCP protocol
2.1. Introduction
DHCP (Dynamic Host Configuration Protocol) is a protocol working on a client-server mode. It
provides to the client a layer 3 configuration: principally an address (IP), but also gateway address,
DNS, NETBIOS, domain names, etc.
This protocol allows a dynamic management of the level 3 addressing. It also reduces the work of a
network administrator.
On most operational systems, DHCP clients are provided to users. By sending a request to the server,
the client can receive layer 3 addresses. Only user equipments have to benefit of this service, the
servers and network equipments must get a static address.
The DHCP works on a rent principle or lease. The server attributes an address to a client for
predetermined duration (days, minutes, and seconds). The client has to make again a request to get his
lease prolonged.
There are three address allowance types:

• Automatic: a permanent IP address is automatically attributed to client. A static mapping
(MAC - IP) allows to find the same address during a disconnection / reconnection.
• Manual: the allocation is manually made by the network administrator (static mapping). The
DHCP protocol takes care to send this information to the client during a demand.
• Dynamic: the allocation is made in an unpredictable way. A free IP address is attributed to a
client by making a request for a definite duration.
DHCP servers are generally managed by workgroup servers (service generally assured by the
Operating System), but they can also be configured on routers.
2.1.1. Comparison between BOOTP and DHCP
BOOTP (Bootstrap Protocol) is the ancestor of the DHCP protocol. Its purpose was to attribute a
layer 3 configuration to workstations without hard disk. DHCP takes back some of its characteristics:
• Functions in client / server mode
• Uses the UDP ports 67 (server) and 68 (client), called BOOTP ports
• Attributes an IP address
• Attributes a subnet mask
• Attributes a gateway address
• Attributes a DNS server address
The protocol BOOTP assigns addresses in a static way: first, the BOOTP server has to get a
correspondence table of MAC - IP to attribute an IP. BOOTP doesn’t get notion about lease and thus
makes a permanent mapping between a host and an IP address that it’ll give to host.
Finally, the DHCP protocol can provide until 30 configuration options, against only 4 for BOOTP (IP,
mask, gateway, DNS address).
2.1.2. DHCP operation
The configuration of a client with the DHCP protocol is made in 4 steps:
1) DHCP DISCOVER
• When a DHCP configuration client is located on an workstation’s user, it sends a
broadcast request to the servers DHCP, called DHCP DISCOVER
2) DHCP OFFER
• The DHCP server receiving the broadcast and being able to response the request sends
a unicast request to the client. This DHCP OFFER contains all necessary information
for the client (IP, gateway, duration of lease, DNS server, WINS, etc.)
3) DHCP REQUEST
• The client sends then a broadcast answer to confirm the offer that he selected (the one
which arrived firstly at it).
• If there were several DHCP servers, every one knows each other and can release their
offer together as a consequence.
• If it is about a lease renewal, the client suggests to the server the IP that he wants to
get again.
4) DHCP ACK
• A unicast ACK confirmation is sent by the DHCP server to the client. Once, DHCP
ACK successful, the client can then use the IP address as well as the rest of the
attributed configuration.
There are three other DHCP requests:
• DHCP DECLINE: If the client detects the IP that was proposed on the same network
segment, it sends this request to the server. The process restarts.
• DHCP NACK: When a server detects that the IP for which it has to send back an ACK, is
already used on the network, it sends a DHCP NACK. The process has to restart for the
concerned client.
• DHCP RELEASE: When a client wants to cancel the lease (stopping system, ipconfig
/release Windows command), this request is sent to the server so that he releases the address’s
booking.
2.1.3. DHCP relay
The DHCP server is a part of the company’s server. It is very current that these servers are placed on a
different sub-network from the user’s one.
A problem occurs: although client requests are being sent to the DHCP server by broadcast, a router
by segmenting the network (broadcast domain) will also stop these broadcasts the same way it does for
DNS services, TFTP, TACACS (authentication service), etc.
We can avoid this problem by applying the “ip helper-address” command to the interface of a router.
This one allows to relieve broadcast UDP towards a unicast defined address. Those relays are done for
all the following UDP services:
• Time Protocol
• TACACS
• DNS protocol
• BOOTP / DHCP service
• TFTP
• NetBIOS service
DHCP DISCOVER
Serveur DHCP (Unicast)
10.0.0.1
F 0/0
F 0/0 ip helper-address 10.0.0.1
DHCP DISCOVER
(Broadcast)
IP = ?
2.2. Configuration
Like for NAT, the DHCP configuration requires to define groups of attributed addresses range.
2.2.1. Commands
• ip dhcp pool {group_name}

o Passes in DHCP configuration mode
o Specifies and names a group of addresses
• ip dhcp excluded-address {prefix} [prefix2]

o Specifies one address or a range of addresses to be excluded from DHCP
• [no] service dhcp

o Activates / deactivates DHCP service
o Default active
• network {prefix} {mask}

o DHCP configuration mode
o Specifies the range of attributable addresses
• default-router {prefix}
o Specifies default gateway
• dns-server {prefix} [prefix2, prefix3, …]

o Specifies DNS server(s)
• netbios-name-server {prefix}
o Specifies NETBIOS WINS server
• domain-name {name}
o Specifies domain name
• lease {infinite | days [hours] [minutes]}

o Specifies lease duration
o Default value : one day
• ip helper-address {prefix}
o Relays UDP broadcasts (received on interface) towards specified unicast address
2.2.2. Configuration steps
Here is the procedure allowing configuration of DHCP service on a Cisco router:
• Define the group address name (ip dhcp pool command)

• Define the range of attributable addresses (network command)
• Specify the default gateway (default-router command)
• Exclude the static IP addresses (ip dhcp excluded-address command)
Optional commands:
• Specify the DNS server address (dns-server command)

• Specify the lease duration (lease command)
• Specify the NETBIOS server address (netbios-name-server command)
• Specify the domain name (domain-name command)
• Relieve broadcast towards the concerned server (ip helper-address command)
2.2.3. Verification
Two show commands allow verifying the good functioning of DHCP protocol:
• show ip dhcp binding
o Privileged mode
o Displays connections created by DHCP (MAC - IP)
o Displays the date of the end of lease
o Displays the address allowance type (Automatic, Manuel, Dynamic)
• show ip dhcp server statistics

o Privileged mode
o Displays DHCP requests emitted and received
3. WAN networks
3.1. Definitions
Main characteristics of WAN networks:
• Operate on a wide geographical area
• Make us of Telecom operator services
• Carry several kind of traffic
• Focused on physical and data-link layers of the OSI model
The “local loop” is the part located between the customer’s POP and the service provider Central
Office (CO).
A WAN network, from a global general point of view, is a group of interconnected link from several
service providers.
Service provider’s role is to supply end-to-end communication, using several switching methods
(circuits, packets, cells).
The three types of services provided by service provider are:
Communication Establishment
• Also called signalization, this service allows to establish or to end the communication between
users of the telephony system.
Data transit
• Time-division multiplexing: Simple principle that allocates all the available bandwidth of a
line during a fixed time interval to each user.
• Bandwidth sharing: We have all the bandwidth available on the backbone, and the users that
are connected to it share the bandwidth equally.
The WAN path that interconnects the DTE is called:

• Link
• Circuit
• Channel
• Line
The main objective of the DCE is to be the interface between the DTE and the WAN communication
link of the provider:
The DTE provide the user’s data (Example: Router)

The DCE convert the user’s data in a usable format that can be used by the WAN equipment
(Example: Modem, CSU/DSU, TA, NT1).
There are two types of circuits:
• Point-to-point circuit: Physical circuit dedicated to both extremity (Example: POTS or ISND
circuit)
• Virtual circuit : Logical circuit that goes trough networks ( Example: Frame Relay, X25)
Virtual circuits are cut out into two categories:
• SVC
o Dynamically established on demand and closed at the end of the transmission.
o Communication in 3 steps: Circuit establishment, data transfer, circuit closing.
o Consume bandwidth because of the several communication steps.
o Cost related to the occupation (in Time) of the circuit
• PVC
o Permanently Established
o Is used to transmit constant throughput
o Communication in one step: data transmission
o Bandwidth consumption reduced compared to SVC
o Greater cost because of the permanent availability of the service
Example of WAN link and corresponding bandwidth:
Link type Bandwidth

T1 1.544 Mbits/s
E1 2.048 Mbits/s
E3 34.064 Mbits/s
T3 44.736 Mbits/s
3.2. Equipments and devices
Router
Communication server
WAN switches (ATM, RNIS, etc.)
Modem (CSU/DSU, TA, NT1, etc.)
• Router: Routing device, that features several services and interface ports for LAN and WAN
network.
• Communication server: Inbound and outbound communication concentrator.
• WAN switches: Multi-ports devices that ensure WAN traffic switching.
• Modem: Equipment used to convert a digital signal to an analogical one using modulation and
demodulation principle.
• CSU/DSU: Digital interface (or two separated interfaces, if the CSU and the DSU are
separated) that adapt the DTE interface to the DCE one. This unit is usually inside the router.
• CPE: Equipment placed in the customers premises that belong to him or rent out by the
provider (Example: Modem).
• Demarcation line: Demarcation between the customer and the provider part (local loop). The
responsibility of each side (customer and provider) stops there.
• Local loop: Part that link the demarcation line to the service provider equipment.
• Central Office Switch: Switching point that is nearest to the customer.
• Service provider interurban network: Units and switches (call network lines) located in the
“provider’s cloud”.
3.3. WAN norms

WAN networks norms usually describes the delivery ways of the physical layer and the configuration
needed for the configuration of data-link layer such as:
• The addressing
• The flow control
• The encapsulation
The main organisms that define and manage WAN norms are:
• ITU-T (International Telecommunication Union – Telecommunication Standardization

Sector), formerly known as the International Telegraph and Telephone Consultative
Committee (CCITT, from the French name Comité Consultatif International Télégraphique et
Téléphonique).
• ISO (International Standards Organization).
• IETF (Internet Engineering Task Force).
• EIA (Electrical Industries Association).
• TIA (Telecommunications Industry Association).
The physical layer of a WAN network mainly describes the interface between the DTE (connected
unit) and the DCE (provider side):
• EIA/TIA-232: Similar to the V.24 and formerly called RS-232. Used for the asymmetrical
circuits whom bandwidth can reach 64 Kbits/s.
• EIA/TIA-449: Faster version of EIA/TIA-232 (2 Mbits/s).
• EIA/TIA-612/613: Describe the HSSI interface (for T3, E3, SDH STM-0, etc.).
• V.24.
• V.35: Describe a synchronous protocol, used for communication in a packet network.
• X.21: For the synchronous digital lines.
• G.703: Connection using BNC connector and working at E1 throughput.
• EIA-530: Two electrical implementation of EIA/TIA-449:
o RS-422: Symmetrical transmission.
o RS-423: Asymmetrical transmission.
The data-link layer defines the data encapsulation on WAN networks:

• Frame Relay:
o Lightweight encapsulation.
o Without any error correction mechanism.
o To be used with the very top of digital equipments.
o Transmit data very quickly compared to other WAN encapsulation method.
o This encapsulation exists in two variant, Cisco and IETF.
• PPP:
o Got a field that identifies the network layer protocol.
o Verify the quality of the transmission at the connection establishment.
o Manage the authentication thanks to CHAP and PAP protocol
• RNIS: Group of digital services for voice and data on the old switched network
• LAPB:
o Packet encapsulation at layer 2 of the X.25 stack on switching packet network.
o Also on point-to-point link, if they are not reliable or have an inherent delay
(Example: Satellite link).
o Bring reliability and flow control on a point-to-point basis.
• HDLC:
o Can be incompatible between providers because each of them has their own
implementation of HDLC.
o Take in charge point-to-point and point-to-multipoint configuration.
o Comes from the SDLC protocol.
o Protocol enable by default on serial interface of Cisco router.
o Extremely simplified: do not contains any windowing or flow control feature.
o Address field contains only some “1”, with a proprietary code written on 2 bytes
indicating the locking type of the provider frame.
The HDLC protocol is recommended on a link interconnecting two equipment using IOS. If not the
case, it is highly recommended to use PPP.
3.4. Classification of the several WAN link types
The several types of WAN link usually available are:
• Dedicated lines (also called specialized line or leased line):

o Provide a continuous service.
o It is a physical dedicated link that goes directly from one port of the customer’s router
to one port of the service provider’s router, without going through a switched
environment.
o It is necessary to have a one port by client connection on the service provider’s router.
o Provided using synchronous point-to-point serial link.
o This point-to-point link is used for:
A physical directly connected link
Virtual links build up of several physical links.
o Convenient for big volume of data and constant traffic.
• Switched connection:
o Circuit switching:
Physical commutation of telephony central offices in order to get a point-to-
point link.
o Packets/cells Switching:
“Logical” switching performed at the layer2 of the OSI model.
The two big family of switching link are:
• Circuit switching:
o Physical dedicated circuit enable by switching of central telephony offices.
o Established, maintained and closed at each session.
o Established on demand.
o Also used as backup link for main link.
o Provided a dedicated bandwidth
• Packet/cells switching:
o Usage of a PVC similar to a point-to-point link.
o Possibility to forward variable length frames (packets) or fixed length frames (cells).
o The network equipment shares a unique point-to-point link.
o More flexible and use the bandwidth better that circuit switching services.
4. WAN design
4.1. WAN communication

WAN communication is usually called service, because it has a cost depending on the used time of
this WAN link (Fixed price or consumption based price) as the opposite as LAN communication (we
only have the equipment installation cost). WAN communication features:
• Low throughput
• Important latency (because of the distance)
• High error rate (WAN network are more sensitive to external disruption)
Choice of a WAN service mainly depends on:

• Bandwidth optimization.
• Cost reduction
• Optimization of the service efficiency
Needs related to WAN services are the following:

• Rising of network usage (client/server application, multimedia, etc.).
• Constant evolution of software requirement (quality, etc.).
• Number of increasing remote connection (distant or mobile user, remote site around the world,
communication between customer and provider, etc.).
• Growing of Intranet and Extranet (bandwidth)
• More and more usage of enterprise server.
4.2. First steps of WAN design

The two main objectives of WAN design and WAN implementation are:
• Application availability (Access to application = network efficiency)
• Cost (Cost effective usage of resources)
Those two criterions are fundamentally in conflict. It is then necessary to keep the balance between the
significance of the resources availability and the global cost.
The first step of WAN design is to gather information:

• Data on the hierarchy and the workflow of the company
• Determine the people that are likely to help us to design the network.
• Identify the user’s need (concerning the application availability):
o Latency
o Throughput
o Reliability
The methods of user’s evaluation are:

• User’s profiles: Definition of the various user group’s needs
• Meetings, survey: Set up some basis and reference.
• Meeting with group of key-users: Method to gather information from a sample of people.
• Evaluation of the human resources: Test in labs with a significant group of users. It is the
most expensive and accurate evaluation method
This analysis of the user needs is to determine:

• The kind of processed traffic.
• The type of traffic.
• The traffic level.
• The host system response time.
• The duration of some file transfer.
• The usage of the existing network equipment.
The needs can change; we need to take in consideration:

• The access to the network that can change in time (peak period).
• Differences related to the kind of traffic (sensitivity to lost packets, requirement in
bandwidth).
• The random type of network traffic ( peak period can change)
Then, we are left to make a sensitivity test by breaking working links and looking at the result. We can
use one of theses methods:
• Delete one active interface: Observation of the traffic redirection, of one connectivity loss.
• Modify the network load: Observation of the network behavior during the network
saturation.
4.3. Hierarchical network model

We have two structure of network model:
• Hierarchical
o Network divided in layers.
o Separated function associated to each layer
• Mesh
o Linear topology.
o All equipments have the same function.
The interest of using a hierarchical model during the design is:
• Make easy the modification and understanding of the network ( modular network)
• Limit the costs and complexity of network updates (applied to one sub-group exclusively)
• Make easy the identification of weak point.
Using a hierarchical model gives advantages such as:

• Evolution.
• Easy implementation.
• Easy troubleshooting.
• Foresee ability.
• Protocol undertaking.
• Easy management.
In a design model, layers are separated by layer 3 of the OSI model equipment that divide network in
broadcast domain.
4.3.1. Three layered model
Core layer
Distribution layer
Campus Backbone
Enterprise
Server
Inter-Building
Access layer Backbone
Workgroup
Server
Remote workgroup Local workgroup
The layers of this model are:

• Core layer (main): Optimize the transport between site
• Distribution layer: Gives connectivity based on policies
• Access layer: Allow users and workgroups to access network
The Core Layer

• Ensure communication (the faster possible) between remote sites.
• Usually composed of point-to-point links
• We have no host at this layer, only communication units
• Service (Frame Relay, T1/E1, and SMDS) rented from a service provider.
• Do not take in charge filtering or security
• Require redundant path for service continuity in case of failure
• Routing protocol feature very important ( Load balancing, fast convergence)
• Efficient usage of bandwidth is the main objective
The distribution Layer

• Feature services to several LAN within one WAN (campus backbone).
• It is the layer where we place the WAN backbone (Fast Ethernet type).
• Used to interconnect buildings.
• Place of enterprise servers (DNS, centralized messaging system).
• Has the role of defining boundaries (using policies).
• Take in charge filtering (ACL), and VLAN routing.
The Access Layer

• LAN part of the network.
• Host (users) location.
• Workgroup’s server location (file storage, printing).
• Ability to use ACLs in order to determine precise needs of a user group.
• Sharing and/or switching of bandwidth, micro segmentation and VLAN.
• Regrouping of users based on their function, needs.
• Isolation of the broadcast traffic for a workgroup of the LAN.
4.3.2. Two layered model

Workgroup
Server
In a two-layered model, each site is interconnected using WAN link at the Core layer. Each site can
contain several LAN.
4.3.3. One layered model
Light traffic rate
Core WAN
Workgroup
Server
Enterprise
Server
Heavy traffic rate
A one-layered model (linear model) is set up within companies that do not have lots of remote sites
and if the application needed to be access are mainly within the LAN.
5. PPP protocol
5.1. Study of PPP protocol

It is the most spread WAN network protocol, the successor of the SLIP protocol, allowing:
• Connection between routers or between a host and a router.
• Management of the synchronous and asynchronous circuits.
• Control of the link’s configuration.
• Possibility of dynamic allocation of the layer 3 addresses.
• Multiplexing of network protocols (Possibility of making cross several packages of different
protocols on the same link).
• Configuration of the links and checking of their quality.
• Error’s detection.
• Option’s negotiation (Layer 3’s addresses, Compression, etc.).
The protocol PPP consists in three main distinct parts:
• Encapsulation mode: the PPP is a modified generic HDLC frame.

• The LCP protocol (Link Control Protocol): establishment and session’s control.
o LCP frame of establishment’s link.
o LCP frame of close link.
o LCP frame of maintenance’s link.
• A family of NCP protocols (Network Control Protocol): management of the layer 3
protocols.
o IPCP (Internet Protocol Control Protocol).
o IPXCP (Internetwork Packet exchanges Control Protocol).
o BCP (Bridge Control Protocol).
o A PPP frame is like :
• Flag: indicate the beginning or the end of the frame (Value = 01111110).
• Address: standard broadcast address (Value = 11111111), because PPP does not attribute
host's address (Layer 2).
• Control: supply a not oriented connection service (similar to LLC) (Value = 00000011).
• Protocol: identification of the encapsulated protocol (IP, IPX, etc.).
• Data: contains either zero value, or data (1500 bytes max).
• FCS: Frame Control Sequence for checking errors.
5.2. Establishing a PPP session

A PPP connection establish in four phases for a point to point connection:
• Establishing a connection.
• Determinate the link’s quality.
• Configure one or several network layer protocols.
• Close the connection.
Phase 1 - Establishment of the link:

• The origin node sends LCP frame to configure and establish link.
• Negotiation of parameters configuration by the option field of LCP frame (MTU,
compression, authentication, etc…). These options can thus be explicit (indicated in LCP
frame) or implicit (Using default values).
• End of this phase by sending and receiving a LCP frame of configuration acknowledgement.
Phase 2 - Determinate the link’s quality:
• This phase is optional.
• Check of sufficient quality to activate the layer 3 protocols.
• If necessary, once connection established, the authentication process is launched.
Phase 3 - Configuration of one or several layer 3 network protocols:
• Sending NCP packets to configure the chosen layer 3 protocols.
• Single configuration of layer 3 protocols with the appropriate NCP protocol.
• Activate or Close layer 3 protocols when needed.
• Once configured by NCP’s, the layer 3 protocols are emitted.
Phase 4 – Closing the connection:
• Close via LCP frame or specific NCP packets (If LCP closes the connection; it informs the
layer 3 protocols by the corresponding NCP).
• Closing because of an outside event (time of wait, loss of signals, etc…).
• Closing in case of user demand.
We can verify the state of protocols LCP and NCP with the show interfaces command.
5.3. Authentication/configuration
PPP protocol can take care of several authentication modes:
• No authentication.
• Using of PAP protocol.
• Using of CHAP protocol.
The characteristics of PAP are:

• 2-Way Handshake (after the authentication request)
o Sends information of authentication.
o Acceptance or refusal.
• Simple authentication method: sending user / password by repeated way until
o Confirmation of the authentication.
o Interruption of the connection.
• PAP is not very efficient
o Passwords are sent clearly.
o No protection (reading repeated of the information, brute force attacks).
o The node authenticating controls the frequency and the period of authentication
attempts.
For PAP protocol, we have the choice between 2 authentications:

• Unidirectional: only client is authenticated on the server.
• Bidirectional: host authenticates each others.
Those of the CHAP protocol are:

• 3-Way Handshake (after the authentication request)
o Confirmation.
o Answer.
o Acceptance or refusal.
• More evolved authentication method
o Regular check the identity of the distant node (At the establishment then at any time).
o Authentication for the two “hosts”.
o Impossibility to attempt an authentication without received a confirmation request.
o Encrypted authentication via the MD5 algorithm during the transit on the connection.
• Efficiency against hacking
o Using of random, unique and unpredictable value confirmation.
o Repetition of the confirmation request aiming to limit the exposure duration to
attacks.
o Every side controls the frequency and the attempt’s duration of authentication.
These commands allow configuration of all the various aspects of the PPP protocol:
• username {name} password {password}

o Global configuration mode.
o Name parameter: host's name which we wish to accept.
o Password parameter: password to be used for authentication. If we use CHAP, this
one has to correspond to the encrypted privileged mode’s password of the distant
router. This password must be the same on both routers.
o Define user's account locally, to allow authentication of a distant host.
• PPP encapsulation
o Interface configuration mode.
o Specifies the encapsulation type for the current interface.
• ppp authentication {chap | chap pap | pap chap | pap} [callin]

o Define the authentication method requested. We have possibility to define two
different methods. The first one is used directly. The second method will be used
when the first failed.
o The calling parameter is used to differentiate the unidirectional authentication from
the bidirectional.
• ppp pap sent-username {name} password {password}

o Indicates information that’ll be sent during a PAP authentication request. The
information must correspond to user account defined on the distant router.
• ppp chap hostname {name}

o Allow authentication on several routers by always giving the same host’s name.
• ppp chap password {password}

o Idem that for the hostname, but for the password. That allows limiting the entries
number user / password.
• ppp quality {percentage}

o Allow to configure LQM (Link Quality Monitor) on the current PPP link. If the
quality of the link goes down the specified percentage, the router will interrupt the
connection.
For any problem about the authentication and the negotiation link related to the PPP protocol,
we can use the following commands:
• debug ppp authentication
• debug ppp negociation
5.3.1. Procedure of PAP protocol configuration
Hostname : Hostname :
Password : Password :
First, we are going to study the configuration which is necessary to use for a unidirectional
authentication:
Lab_A (config-if)# encapsulation ppp

Lab_A (config-if)# ppp authentication pap callin
Lab_A (config-if)# ppp pap sent-username Lab_A password
password_pap
Lab_B (config)# username Lab_A password password_pap

Lab_B (config-if)# encapsulation ppp
Lab_B (config-if)# ppp authentication pap
For a bidirectional authentication, we proceed as follow:
Lab_A (config)# username Lab_B password password_pap

Lab_A (config-if)# ppp authentication pap
Lab_A (config-if)# ppp pap sent-username Lab_A password
password_pap
Lab_B (config)# username Lab_A password password_pap

Lab_B (config-if)# ppp authentication pap
Lab_B (config-if)# ppp pap sent-username Lab_B password
password_pap
5.3.2. Procedure of CHAP configuration
Hostname : Hostname :
Password : Password :
The authentication schema above represents the authentication in a single way. We must
repeat this schema in both ways of the CHAP authentication.
For that purpose, we are going to make the following configuration tasks on the router Lab_A:
Lab_A (config)# username Lab_B password password_chap

Lab_A (config-if)# ppp authentication chap
Commands for the router named Lab_B are:
Lab_B (config)# username Lab_A password password_chap

Lab_B (config-if)# ppp authentication chap
6. ISDN technologies
6.1. Technology
There are two types of ISDN services:
• BRI: Basic Rate Interface.
o Also called 2B+D channel.
o 2 B channels - 64 Kbits/s (8 bits).
o 1 D channel - 16 Kbits/s (2 bits).
o Bit rate: 192 Kbits/s (8000 24 bits frames).
o Real rate: 144 Kbits/s (2 B channels + 1 D channel).
• PRI: Primary Rate Interface (working on dedicated lines).
o T1 (Runs at 1.544 Mbits/s):
23 B channels - 64 Kbits/s (8 bits).
1 D channel - 64 Kbits/s (8 bits).
1 bit for frames locking.
8000 frames per second.
o E1 (Runs at 2.048 Mbits/s):
30 B channels - 64 Kbits/s (8 bits).
1 D channel - 64 Kbits/s (8 bits).
1 channel - 8 bits for frames locking.
Speed transmission is always of 8000 frames per second per channel. This two services use multiples
channels, divided in two types:
• B channel (Bearer):
o Traffic transportation of voice and data.
o IDSN offers a great flexibility of use, because it’s possible to use each B channel
separately, to transmit both voice (phone) and data (computer).
o Multilink PPP protocol can be used to regroup bandwidth when multiple B
channels are used for data traffic.
o The possible use of a SPID for B channel. This identifier allows determining the line
configuration, and looks like a telephone number. The switch can therefore link asked
services at the connection
• D channel (Delta):
o Channel of signalization of channel B data processing instructions.
o The signalization protocol for this channel executes at the layers 1 to 3 from the OSI
model.
The LAPD protocol (layer 2) is used on D channel and allows circulation and adequate reception of
information flows of control and signalization. This protocol is similar to HDLC and LAPB (X.25).
It’s possible to connect many user devices on the same ISDN connection. In this case collisions may
occur. D channel takes in charge functions allowing determining conflicts on the line. A simple
principle has been implemented to allow each terminal to transmit:
• A terminal can only transmit on D channel when it detects a precise number of 1

(indicating an empty signal), which corresponds to a determined priority level.
• If the terminal detects an E bit (see IDSN standards) which is different from its canal D
bits, it has to stop transmission immediately.
• As soon as the channel D message has been transmitted; the terminal level priority is
reduced.
• A terminal can not get a higher priority level while all other terminals on the same line
didn’t have the possibility to transmit a channel D message.
• The phone communication has priority to the other services (Data, etc.).
• The signalization information has priority to the other information types.
6.2. Terms and equipments
The different types of equipments we can find on an IDSN network are:
IDSN switch: Layer 2 device enabling switching between different ISDN links.
• NT1 (Network Termination 1):

o Device connecting the four-wire subscriber wiring to the conventional two-wire local
loop.
• NT2 (Network Termination 2):

o Device managing routes traffic from different terminal units (TE1 and TE2) to a
NT1.
o Ensures switching and concentrating functions (allows to connect multiple TE on a
NT1).
o Usually found in PABX.
• TA (Terminal Adapter):
o Device which converts standard signals (coming from a TE2) into ISDN format.
o Linked upstream from a NT1 or 2.
• TE1 (Terminal equipment 1):

o ISDN compatible terminal.
o Linked to a NT 1 or 2.
o Linked to the network by a four-wire twisted pair numerical link.
• TE2 (Terminal equipment 2):

o Non-ISDSN compatible terminal.
o Linked to a TA.
ISDN reference points include the four followings:
• R: The reference point between a T2 and a TA.

• S: The reference point between a TA or TE1 and the NT2. This device enables calls between
the different CPE.
• T: Electrically identical to S but corresponding to a connection between a NT2 and a NT1 or
the ISDN network.
• S/T: The reference point between a TE1 and TA, directly to a NT1 (because NT2 is
optional).
• U: The reference point between NT1 devices and the IDSN network. The U reference point
is relevant only in North America, where the NT1 function is not managed by the internet
providers.
6.3. Standards
The IDSN technology has been created in order to uniform services offered by providers. This
standardization includes the UNI interface (Correspond to basic generic information and network
functions). In addition, a complete stack of protocols (layers 1 to 3) has been defined.
The different ISDN protocols have been divided into three categories:
• E: ISDN phone network standards.
o E.164: ISDN international addressing.
• I: Concepts, terminology and general methods.
o I.100 Series: General concepts.
o I.200 Series: ISDN services aspect.
o I.300 Series: Network aspect.
o I.400 Series: How the UNI interface is provided.
• Q: Signalization and switching working.
o Q.921: Describes LAPD process protocols (D channel).
o Q.931: Precise layer 3 functions (between the termination point and the ISDN
switch).
The Q.931 standards don’t impose recommendation from one end to the other. This standard can be
used according to the provider and the switch type. During the configuration this point must be
explicit.
The different standards we will study according to the OSI model layers are:
• Physical layer:
o I.430: BRI physical layer specification.
o I.431: PRI physical layer specification.
• Data link layer:
o Q.920 to Q.923: Specification built on LAPD.
• Network layer:
o Q.930 (I.450) et Q.931 (I.451): Connection definition between users, packets or
circuit switching. Establishing, holding and closing signalization of ISDN
network connections is the main objective of these two standards. They also
provide a lot of messages (configuration, connection, release, information on
users, cancellation, status and disconnection).
There are two types of ISDN frames:

• TE frame: outgoing frame (terminal to network).
• NT frame: incoming frame (network to terminal).
They are 48 bits long, of which 36 is data. In reality, there’s two successive 24bits (2 B channel 8 bits
+ one D channel 2 bits + 6 bits of locking frame):
• Flag: Similar to the HDLC field.

• Address: Can contain 1 or 2 bytes (Depends on EA bits value).
o SAPI: Service access point identifier (6 bits). Indicate the portal where LAPD
services are provided to the layer 3.
o C/R: Command/response bit.
o EA: Extended addressing bits. If the first EA is defined, then the address contains 1
octet, else 2.
o TEI: End point terminal identifier. This field specifies the number of terminal or
whether it’s a broadcast.
• Control: Similar to the HDLC field.
• Data: Data provided by the channel B.
• FCS: Frame Checksum (Error control).
6.4. Use/implementation
ISDN technology has many applications:
• Backup for dedicated lines.
• Remote access:
o Distant nodes.
o SOHO (Small Office / Home Office) connectivity.
Dedicated line (LS)

on the WIC-1T
The Internet
Cisco 2610
+ WIC-1T
+WIC-1B-U Backup link (RNIS BRI)
on the WIC-1B-U
Use of IDSN as an alternative to dedicated lines allows service continuity in case of main link failure.
The use of backup link is automatic, because the best metric route going through the main link will be
disabled, leaving the backup link as the only crossing choice.
LAN
Distant access for an isolated node (Moving employees, etc.) allows an ephemeral connectivity.
The environment presented to the user is the same to what he would see if he was on the local network
(VPN use). The only difference for a distant node is that the link is slower than a LAN, and cross by
the intermediary of an access server, which provide LAN services.
SOHO Main site
BRI
Distant access for a SOHO (company branch, etc.) allows to a small users group to have an access to
main site resources. The SOHO router does the address translation, in order to provide services to
multiple workers using a single WAN connection (only one IP).
6.5. Dial on Demand Routing (DDR)

The DDR principle is to open and close dynamically a communication session, over circuit switched
WAN links (ISDN).
The interesting traffic notion for DDR is traffic, or a packet set, that the router has to send by a
WAN link. This can be based:
• On layer 3 addresses.
• On specific network services, based on port numbers of layer 4 protocols.
Working function of the DDR:

• When a router receive an interesting traffic, it will open a session, in order to transmit this
traffic.
• These sessions will be closed after the delay expiration of the inactivity counter.
• This inactivity counter is reset only if an interesting traffic is received.
DDR advantages are numerous:

• Cheaper than leased or multipoint lines, when the traffic being transmitted doesn’t need a
permanent circuit.
• Load balancing, when we have multiple serial links, which allows using only the necessary
number of lines. In that case, we would have to configure the DDR in order to open sessions only
when the previous line is overloaded.
• Backup line for a leased line. DDR offers a backup mean of communication when the main
line failed (leased line).
The traffic crossing a line using DDR is less important and more intermitting than the traffic crossing
a LAN network or a dedicated line.
Steps into DDR configuration on a router are the followings:

• Use of ACL: Precises the layer 3 addresses (source and destination), the layer 4
protocols and the associated port numbers. That’s defining what we want to consider as
an interesting.
• Definition of interfaces using DDR: Indicate the numbering group which associates a WAN
interface with ACL for the DDR.
6.6. Commands
The necessary to know commands in order to be able to configure a router plugged on an IDSN link
are:
• interface bri {number}

o Specifies the interface and begins interface configuration mode.
• interface dialer {number}

o Allow entering the on demand connection interface configuration mode.
• isdn switch-type {isdn_switch_type}

o Allows specifying the IDSN switch type we’re linked.
o The isdn_switch_type parameter support as values basic-1tr6 (Germany), basic-5ess
(USA),
basic-dms100 (UK), basic-net3 (UK and Europe), basic-ni, basic-qsig, basic-ts013
(Australia), ntt (Japan) and vn3 (France).
• isdn spid1 {valeur_spid_1}

o BRI interface configuration mode.
o Specifies a SPID and local directory number for the B1 channel.
• isdn spid2 {valeur_spid_2}

o Specifies a SPID and local directory number for the B2 channel.
• dialer-list {group_number} protocol {proto} {permit | deny | list {acl_number}}

o This command allows defining the interesting traffic for the DDR.
o The group_number parameter indicates the group for which we attribute the
interesting traffic.
o proto allows specifying the layer 3 protocol which will be part of the interesting
traffic.
o The last parameter allows to make interesting all the specified protocol (permit), all
except the specified protocol (deny), or to limit the interesting traffic to all that
correspond to the indicated ACL (list).
• dialer-group {group_number}
o BRI or Dialer interface configuration mode.
o Assigns the interface to a dialer group to control access to the interface
(corresponding dialer-list).
• dialer pool {number}

o Dialer interface configuration mode.
o Allows the Dialer interfaces gathering on a specific BRI interface (dialer pool-
member).
• dialer pool-member {number}

o Allows specifying the BRI interface what will be the Dialer interfaces source (dialer
pool).
• dialer string {number}

o Allows configuring the phone number of the destination to call.
• dialer wait-for-carrier-time {time}

o Time configuration during which the router will wait for the carrier.
• dialer idle-timeout {time}

o Time configuration of max idle time before disconnecting.
• dialer remote-name {distant_name}

o Allows specifying the hostname of the distant node.
• dialer in-band
o Indicate that we will let cross the signalization flow in the data channel.
• dialer map {protocol} {address} name {nom} {number}

o Precise the phone number to call to reach the indicated address destination.
o Don’t use this command with dialer string at the same time.
• dialer load-threshold {load} [inbound | outbound | either]

o Specify to which line load percentage a new B channel must be used (only with
PPP), inbound, outbound or either.
o charge must be a number between 1 and 255 (255 = 100 %).
• PPP multilink
o Indicate that PPP protocol on the current interface will be able to take in charge the
multiple lines management.
In order to solve possible problems and to watch for protocols and connections status, IOS provide
different commands:
• show interfaces bri {number}:{bearer}: Allow visualizing the status of a particular B
channel of a BRI interface.
• show isdn status: ISDN link status. This command indicates the type of ISDN switch
configured the layer 1-2 status, and the number of actives connections on the link.
• show isdn active: Shows active connections.
• show dialer: Shows parameters and statistics regarding the DDR interface (Dialer).
• debug isdn events: Allows obtaining ISDN events information.
• debug isdn q921: Allows verifying the connection to the ISDN switch (problems linked to the
SPID).
• debug isdn q931: Allows identifying problems between the router and the switch (problems
linked to a bad configuration of ISDN switch type).
• debug dialer [events | packets]: Allows visualizing DDR state.
6.7. Configuration
We can choose between multiple encapsulation types when configuring an ISDN line:
• HDLC (default)
• PPP (Generally used)
Tasks to be accomplished are:

• Determination of ISDN switch type on which we are linked on.
• Choose the link encapsulation (HDLC, or PPP with or without authentication).
• Definition of SPID’s for B channels (if necessary).
• Configuration of one or many Dialer, according to needs:
o Indicate the call number.
o Indicate the mapping of the current Dialer interface to a BRI interface.
o Precise the type of traffic transmitted (DDR).
o Create a static route to direct traffic onto the right interface.
7. Frame Relay technologies
7.1. Technology
The Frame Relay technology has the following characteristics:
• Designated for high-tech numerical equipment and with high bandwidth.
• Functioning on the level of layers 1 and 2 of OSI model.
• Use virtual circuits in a switched environment.
• Technology with packet switching, and multiple accesses.
• DTE and DCE are respectively generally the client router and the operator switch.
• Replace point-to-point networks, too expensive.
• Base itself on HDLC encapsulation.
• Use the multiplexing to share the total bandwidth of the Frame Relay cloud.
This technology comprises some disadvantages, which:

• Capacity of errors checking and low reliability (left for the upper layer protocols).
• Affect the functioning of certain aspects (Split Horizon, broadcasts, etc).
• Do not diffuse the broadcasts. To make some, it is necessary to send a package to each
network destination.
A network Frame Relay can be conceived according to two topologies:

• Global mesh: Each extremity is connected via distinct PVC towards each other destination.
• Partial mesh: Also called star topology or “hub-and-spokes”. Each extremity is not connected
to all the others.
Definitions:
• Local loop speed: Clock rate connection.
• DLCI (Data Link Connection Identifier): It is a number indicating an extremity point. The
switch Frame Relay maps two DLCI (Source and destination) in order to create a PVC. It has
a local range.
• PVC (Permanent Virtual Circuit): Virtual circuit acting like a connection point-to-point
dedicated to connect two extremities in a switched environment.
• LMI (Local Management Interface): Signals standard between the point of extremity and
the Frame Relay switch in charge of management and maintenance of the state between the
units.
• CIR (Committed information rate): Data flow which the operator commits itself providing.
• Bc (Committed burst rate): Numbers maximum of bits which the switch accepts to transfer
on a given period.
• Be (Committed excess rate): Numbers maximum unguaranted bits that the switch will try to
transfer beyond the CIR. It is generally limited by the speed of the port of the local loop. The
frame emitted in excess have their eligibility bit to the suppression put at 1.
• FECN (Forward Explicit Congestion Notification): Bit defined in a screen which
announces to the receiving unit of launching prevention of congestion procedures.
• BECN (Backward Explicit Congestion Notification): Idem but for the unit source. A router
receiving this notification will reduce the rate of transmission of 25%.
• Bit of deleting eligibility: Bit which indicates that the frame can be removed in priority in
case of congestion.
The Frame Relay frames format is the next:
• Flag: Indicate the beginning and the end of frame.

• Address: Contain the extremity address (the 10 first bits), as well as the mechanisms of
notification of congestion (the 3 last bits).
o DLCI.
o FECN.
o BECN.
o Bit of deleting eligibility.
• Data: Encapsulated information of upper layer.
• FCS: Frame Check sequence.
7.2. LMI & DLCI interfaces

The Frame Relay implementation and the functioning rest primarily on the LMI interfaces, whose
basic functions are:
• To determine the functionality of the PVC known by the router.
• To transmit wakefulness messages, to prevent that PVC is not closed due to inactivity.
• Indicate to the router the PVC available.
There are extensions LMI, which are optional:

• Messages of virtual circuits state (Universal extension): Periodic indication on PVC (New,
removed, their integrity, etc).
• Multicast diffusion (Facultative Extension): Permits to forward ARP and routing protocol
messages, which normally have to be forwarded to multiple destinations. This uses DLCI
from 1019 to 1022.
• Global addressing (Facultative Extension): Total range of the DLCI instead of local.
Allows having a single DLCI on the network Frame Relay.
• Simple flow control (Facultative Extension): Control flow of the type XON/XOFF, destined
for the units whose upper layer cannot use the bits of notification of congestion, but requiring
a flow level control.
The diagram above represents a Frame Relay frame specific to messages LMI.
• DLCI LMI: DLCI for messages LMI. It is fixed at 1023.
• Protocol indicator: Defined on a value specifying LMI interface.
• Type of message: Two types were defined, which make it possible to check the integrity of
the logical and physical connections.
o State message: Emitted in response to a message of request for state. Wakefulness
message before or state message on each DLCI defined for the connection.
o Request state message.
• Information elements (IE): Contain one or more data elements of 1 byte each one, and one
or more bytes of data.
DLCI identifier are locally recognized, that implicate they are not necessarily unique in the Frame
Relay cloud (excepted if we use LMI global addressing extension). Two ETTD units can use the same
DLCI value or different to design the distant PVC.
The DLCI space addressing is limited to 10 bits. An address range (0 to 1023) can be used for the end
point addresses (to transport users data), and the rest is reserved to be implemented by the constructor
(LMI messages, multicast address, etc.).
The DLCI exploitable address range is defined by the LMI used type:
• ansi: The DLCI host range is from 16 to 992.
• cisco: The DLCI host range is from 16 to 1007.
• q933a: Same DLCI range as ansi version.
7.3. Functioning, switching table and transmission

process
The Frame Relay basic standard does support only local PVC. There are no addresses to design distant
node. We can not use a classical address resolving process. To resolve this problem, there are two
solutions:
• To create manually static cards with frame-relay map command.
• To opt for an LMI extension on the global addressing. Then, each node will have a unique
DLCI.
The Frame Relay card has three fields:

• The local DLCI over which to pass to reach the destination.
• The layer 3 address of the distant node.
• Connections state:
o Active state: Active connection. Routers can exchange data.
o Inactive state: The local connection to the switch is running, but the distant router
connection to the switch isn’t.
o Deleted state: Either any LMI is received from the switch; either any service is
maintained between the local router and the switch.
There is an inverse-resolving address process (Inverse-ARP), which allows to the router to create
automatically the Frame Relay card:
• The router learns the DLCI when the LMI is sent by the switch.
• It sends an Inverse-ARP request for each DLCI and each layer 3 protocol locally configured.
• Information which is sent is used to fill in the Frame Relay card.
Switching table for the port P0
IN_Port IN_DLCI OUT_Port OUT_DLCI

P0 20 P1 21
P2 22
P3 23
The Frame Relay switching table uses four columns:

• Input port.
• Input DLCI.
• Output port.
• Output DLCI.
This switching table is based on a switch port; there are as much tables as used ports. Once more, the
table is managed, which mean the provider decide about each table contents. It will be used for:
• At the moment of first LMI exchange, in order to inform the router of the DLCI of the distant
nodes which are accessible for it.
• During the data transmission, where it functions like a switch LAN table.
The discovery process is as follows:

• Emission of a requesting message for state to the switch Frame Relay (gives the state of the
local router and request that of the distant routers connection).
• The switch answers with a message of state, containing the distant routers DLCI which are
accessible to the local router.
• For each active DLCI, the router sends an Inverse-ARP packet in order to present itself and to
ask the distant routers to be identified (layer 3 addresses).
• The router maps in his card each address of distant node which it receives by the means of an
inverse-resolution address message.
• The messages of reverse-resolution address are then exchanged every 60 seconds.
• The awakening messages are sent every 10 seconds to the switch.
The process of data transmission through a network Frame Relay is:

• The router source encapsulates the data to be transmitted in a Frame Relay frame, whose value
of the address field corresponds to the DLCI of the recipient, then sends it.
• The switch receives this frame, and uses the table of switching of the entry port in order to
determine the exit port, and thus the DLCI of exit.
• The switch modifies the frame while replacing the DLCI of the source, so that the destination
can know which this source is.
• The destination router receives the frame emitted by the switch. He will answer, if needed, by
emitting a frame to the DLCI indicated in the received frame.
7.4. Frame Relay subinterfaces
Serial interface 0.1
Serial 0
Subinterfaces are logical subdivisions of a physical interface and can be of two types:
• Point-to-point.
• Multipoint.
The point-to-point subinterfaces characteristics are:

• One subinterface per PVC.
• A static attribution of DLCI per subinterface.
• Each connection point-to-point is its own sub-network.
• Each interface has only one DLCI.
• Split horizon does not function as it would be liked that it functions in the principle, because it
is unaware of the subinterface principle, which wants to say that the updates of routing will
not be propagated towards the other subinterfaces.
The characteristics of the multipoint subinterfaces are:

• Only one subinterface to establish several PVC.
• As many static attributions of DLCI as there is PVC (Destination).
• All the interfaces belong to the same sub-network.
• Each interface has its local DLCI.
• Split horizon functions with this type of subinterface.
7.5. Commands
The commands relating to Frame Relay are:
• interface serial {number}
o Allows passing in the desired interface configuration mode.
• interface serial {number}.{subnumber} {multipoint | point-to-point}

o Allow to pass in the desired subinterface configuration mode.
o The multipoint parameter or Point-to-Point defines the type of subinterface used.
o It is necessary to use multipoint if it is wanted that the router sends the broadcast and
updates of routing which it receives.
• encapsulation frame-relay [ietf]

o Specify the frame encapsulation for the current interface.
o Cisco is the default value, and is used when we are plugged to another Cisco device.
o Parameter IETF is useful to be connected to a device other than Cisco.
• frame-relay interface-dlci {dlci}

o Subinterface configuration mode
o Affect a DLCI for the current subinterface.
• frame-relay local-dlci {dlci}

o Allows to allocate the DLCI value to the current interface (instead of the automatic
allocation with LMI)
o This command is used when there aren’t any LMI interfaces.
• frame-relay lmi-type {ansi | cisco | q933a}

o The value is set by default to Cisco
o This command must only be used for an old IOS version because the new IOS can
automatically detect the LMI type
• bandwidth {bp}
o Allow to specify the bandwidth of an interface. The value is NOT use to shape the
connection. This value is only use for routing protocol.
• frame-relay inverse-arp {protocol} {dlci}

o Set up the inverse layer 3 address resolution for the value {dlci}
o Inverse-ARP is activated by default.
• frame-relay map {protocol} {address} {dlci} [broadcast]

o Allows to locally map a distant layer 3 address with a local DLCI to use to reach the
destination
• frame-relay intf-type {dte | dce | nni}

o Allow to define the local Frame relay interface.
o The default value is dte.
o dce is to use for Frame relay switch interface linked to the DTE (ETTD), and nni is
for the interfaces that link Frame Relay between them.
• frame-relay switching
o Allow to activate PVC switching on an ETCD unit.
o Activate the LMI interface.
• frame-relay route {src_dlci} interface {type} {number} {dest_dlci}

o Allows to create an entry into the Frame Relay switching table
o The source DLCI, the local interface and the destination DLCI must be indicated
o This command must only be used on a Frame Relay switch.
IOS give us ‘show’ and ‘debug’ command in order to verify the network and especially the Frame
Relay details. Those commands are used to locate and identify the problems.
• show interfaces serial {number}: Prints information about used DLCI.

• show frame-relay pvc: Prints the state of each connection with the traffic statistic. This
command also prints the BECN and FECN packet number received on the router.
• show frame-relay map: Prints the layer 3 addresses with the associated DLCI to each
destination connected to the local router.
• show frame-relay lmi: Prints statistics about LMI traffic
• show frame-relay route: Prints Frame Relay routes with their status.
• show frame-relay traffic: Prints Frame Relay statistics
• debug frame-relay events: Prints real time ARP answers.
• debug frame-relay lmi: Prints real time LMI packet trade between the router and the switch.
• debug frame-relay packet: Prints real time Frame relay packet analysis.
7.6. Configuration
The DTE interface configuration procedure uses the following steps:
• Go the interface configuration mode (interface serial {number})
• Define a layer address (ip address {IP} {SM}).
• Define the encapsulation type (encapsulation frame-relay).
• Define the local DLCI when the LMI (frame-relay local-dlci {dlci}).(optional)
• Define the link bandwidth (bandwidth {bp}).
• Activate the interface (no shutdown).
The same procedure is not exactly the same when it’s about sub-interface:
• Go the interface configuration mode
• Remove the layer 3 address (no ip address).
• Define the interface encapsulation
• Go the sub interface configuration mode (interface serial {if.subif} {point-to-point |
multipoint}).
• Define a layer 3 address
• Define the local DLCI, (LMI is not supported for sub interfaces) (frame-relay interface-dlci
{dlci}).
• Define the link bandwidth.
• Activate the subinterface
It is possible to simulate a Frame Relay switch with a router. The interfaces are then DCE.
• Activate the frame relay switching on the router (frame-relay switching).
• Go the interface configuration mode
• Remove layer 3 addresses
• Define the encapsulation type
• Define the speed link (clock rate {value}).
• Define the Frame Relay interface type
• Define a route to each reachable destination (frame-relay route {src_dlci} interface serial
{number} {dest_dlci}).
• Activate the interface
8. Initiation to network monitoring
8.1. Workstations and servers

First personal computers (PC) were made to work in an autonomously. The operating system used on
those computers authorized files and resources access for one user at the once. Then, PC invaded
workspaces, requiring from operating systems network functions, allowing data sharing.
Those network operating systems classify computers in 2 large families:

• Workstations
• Servers
8.1.1. Workstations
A workstation is a user post which executes an application and which is connected to a server from
whom it obtains shared data. Most of them have network connections and support multi-user access. A
workstation can be:
• a desktop computer
• a laptop
• a hard disk-less computer
8.1.2. Servers
A server is a computer which executes a network operating system in which workstations will come to
connect. Generally, servers are machine more powerful and sturdier than workstations.
8.2. Network operating system

An operating system is an environment through which applications and services are executed on a
machine. A network operating system, so called NOS, allows communication between several
equipments and resources through the network. It's a multi-tasks and multi-users system able to
execute several programs at once. The characteristics of those systems are:
• performance
• management and supervision
• security
• scalability
• Robustness / tolerance of breakdown.
There are several families of network operating system (Windows, Unix, Linux, and Apple). The most
known are detailed below.
8.2.1. Network operating system Microsoft Windows
Microsoft has, in his commercial offer, several NOS:
• Windows NT4 server

Released in July, 1996, Windows NT4 can be used as workstation (NT4 Workstation) like as server
(NT4 Server). Windows NT uses a domain structure to control how the users access to the resources.
Each NT domain requires the presence of a domain controller containing the SAM1 base. When a user
logs on the NT domain, the user account information is sent to de SAM database. If the account is
valid, the user is authenticated on the domain and has access to the workstation.
• Windows 2000 server

Released in February, 2000, Windows 2000 exists in version "Professional" and "Server". Based on
the Windows NT4 core, Windows 2000 Server also integrates the "plug and play" technology. The
management of the users and the resources of a domain can now be made as objects. Those can be
places in containers, the management of which can be delegated to a user or a group. All this is
possible through the Active Directory technology.
• Windows 2003 Server

Released in April, 2003, Windows 2003 Server resumes the key points of Windows 2000 Server. It
increases the migration feature since Windows NT4, while being compatible with a NT4 domain.
Different network services were improved, such as "IIS Web Server". Moreover, the .NET technology
was directly integrated into the system.
8.2.2. Network operating system UNIX and LINUX
• UNIX
UNIX is a name given to a group of operating system coming from Bell's laboratories of 1969. It's a
multi-user and multi-tasks system that supports Internet network protocols. With passing years, several
companies contributed to the development of UNIX, what led in the 1980's its marketing under
different naming:
• Hewlett Packard UNIX (HP-UX)
• Santa Cruz Operation (SCO) UNIX
• Sun Solaris
• IBM UNIX (AIX)
Berkley Software Design, INC. (BSD UNIX) will also distribute its UNIX version which will produce
by-products such as:
• FreeBSD
• OpenBSD
• NetBSD
UNIX, under its different forms, composes and strengthens its position of reliable and secure operating
system today. However, UNIX is often associated to expensive and owning material, but the creation
of Linux is changing this image.
1
Security Accounts Management Database
• Linux
In 1991, frustrated by the office operating system's state, but also by the cost and the problem
licenses, a Finnish student named Linus Torvald started to work on an operating system intended
for computers base on processor 80386. His system was similar to UNIX, and the peculiarity of
this was that the code was opened and free for all user. His work led to an international
collaboration in the community of developers, and from the end of the 1990's, Linux had become
an alternative of UNIX servers and office system Windows.
• Following the example of Unix, there are several versions of Linux among which :
• Red Hat Linux – distributed by Red Hat Software
• OpenLinux – distributed by Caldera
• Corel Linux
• Slackware
• Debian GNU/Linux
• SuSE Linux
Linux is endowed with integrated network components, allowing logging on a local area network, to
establish a network connection commuted towards the Internet, or to make tunneling. The pile of
protocol TCP/IP is moreover directly integrated into the Linux's core.
8.2.3. Network operating system Apple
Apple also has a server version of its famous operating system Mac OS X. This one, named
Mac OS X Server, is able to manage computers under various operating system Apple or competitors
(Mac OS 9, Microsoft Windows, UNIX and Linux, etc…). The core of Mac OS X, which is called
"Darwin", is a derivate from the BSD4.5 and 5.0 technologies. It results from it an overall of the most
popular open-source server technology, combined in the easy installation and the easy use of the
Apple System. The ordinary network applications are all supported (NTP, SMTP, DNS, LDAP, etc.)
and the data sharing with UNIX and Windows is also supported (NFS, Samba).
8.3. Network management
8.3.1. Introduction in network management
A network evolves. As this one extends, it becomes a more and more crucial resource for the
organization. Its management gets complicated, and consequently, it becomes more and more
complex. In this case, the administrator’s work becomes hard: if there is a failing service, it can lead to
heavy consequences, particularly in a production environment.
The administrator has to manage the network in an actively, diagnose the troubles, foresee
breakdowns, and prevent them for arising. Bad performances and loss of network resources aren't
acceptable for the users. It becomes very hard for an administrator, even impossible, to carry out all
these tasks without software help, neither automatic network management tools.
The factors which govern the network administration are:

• Enterprise resources control – Efficient management of network resources. If the need be,
results won't be up to an efficient administration.
• Complexity control –To control the network evolution to avoid that too much complexity
leads to the loss of its control.
• Service improvement –To make sure that user enjoy a better service, at least equal to the
ancient, as the network evolves.
• Balancing of different needs – The accessible applications for the users have to be accessible
to a given level of support, of availability and security.
• Pauses reduction – To assure redundancy services in high availability environment.
• Control of the costs –To supervise and control the using resources, so that user can be
satisfied with reasonable cost.
The network administration implies the tasks below:
• Supervising network availability

• Improving automation
• Supervising response time
• Implementation of security features
• Rebooking traffic
• Restoring features
• Registering users
8.3.2. Model of network management and OSI
To have a builder’s common model, the ISO took care of creating a standard for network management.
The creation of a common network administration model was given to a committee managed by the
OSI group.
The committee in charge of this modeling created a network administration model shared in four parts:
• Organization model: it defines different network administration components, administrator,
NMS, SNMP agent, etc, as their relations.
• Information model: it defines the administration information stocking structure, called SMI
• Communication model: it defines the way witch data is forwarded from NMS to SNMP
agent. It deals with communication protocol (SNMP).
• Functional model: it handles network administration’s applications which work on the NMS.
Network
monitoring
Organisation Information Communication Functional

model model model model
Figure 1- ISO network management model

8.4. SNMP protocol
8.4.1. Introduction
SNMP (Simple Network Management Protocol) was adopted as standard for TCP/IP network in 1989.
This protocol indicates a set of administration standards, notably:
• a communication protocol
• a database structure specification
• a data objects set
Very popular and present in most of the company networks, SNMP knows an upgrade (SNMP v2c) in
1993, improving, among others, administration information structure, authentication and the protocol
itself. SNMP evolves to arrive at the version 3 (SNMP v3) which support authentication and
communication encoding, while remaining compatible with previous versions.
8.4.2. Functioning
SNMP is an application layer protocol, conceived to facilitate administration information exchange

between the network equipments. For example we can use it to reach administration information data,
such as the number of output packets on the WAN interface of the router, the number of TCP
connections opened, or the quantity of mistakes detected on this interface.
The amount of accessible and recoverable information is very numerous and detailed. SNMP is a
simple protocol, but its functions are enough efficient to manage problems bound to the administration
of heterogeneous networks. The organizational model of the SNMP network administration contains
four elements:
• The network management station (NMS: Network Management System)

• The supervision agents (SNMP agent)
• The management information base (MIB)
• The network management protocol
Figure 2- SNMP functioning

The NMS is generally an autonomous workstation. It consists of a set of software named NMA.
Those integrate a user interface allowing administrator to supervise the network by getting back
information on SNMP agents. Those are situated on the different network equipments (router, bridge,
hub, switch, application server).
A SNMP agent can answer an action execution request from the NMS. It can also go back up useful
information, not asked by the NMS, such as the loss of connectivity between two routers, or a
dysfunction of the company mail service.
A SNMP agent can make a follow-up of these elements:

• The number and the state of its virtual circuits
• The number of certain types of received error message
• The number of input/output bytes and packets going through the equipment
• The maximal length of the output waiting line for routers and other inter-network equipments.
• The broadcast messages sent and received
• The state of activation of the network interfaces.
To allow a NMS to have a dialogue with a SNMP agent, the protocol defines a chain of characters:
"the community string". Exchanges are possible only between agents and NMA of the same SNMP
community.
This very basic form of checking stays a simple identification implemented by the SNMP protocol
(SNMPv1)
Because this represents a big security failure (the identifier travels without being encoded), the version
2 of SNMP benefited from the implementation of authentication and integrity mechanisms (symmetric
encoding with private keys, using algorithm HMAC-MD5-96).
This one raising compatibility problems with previous versions, the version 3 was conceived to
prevent these problems. SNMPv3 allows a greater security, as a compatibility with previous versions.
A community sting can have read only or reading / writing permissions on objects. The community by
default for read only is "public", and "private" for the access in reading and writing.
Version Authentication Confidentiality Encryption Processing

SNMPv1 No No No Identification made by the
membership in the community
SNMP
SNMPv2c Yes Yes Yes Authentication by symmetric
encoding.
Problem of compatibility with
previous versions.
SNMPv3 Yes Yes Yes Authentication by symmetric
encoding.
Compatible with previous versions
Table 1-Differences between SNMPv1, SNMPv2c, SNMPv3
SNMP is a protocol of the application layer, which uses 161 (NMS) and 162 (Agent) UDP ports. It
works according to a system of exchange of message. Those can be of types:
• Get: recovery of the value of a MIB objects from the agent; requires at last reading rights.
• Set: allocate a value to one of the MIB objects, thanks to the agent; requires reading and
writing rights.
• Trap: used by the agent to indicate information considered as "important" for the NMS.
Picture 3 – Types of SNMP messages
8.4.3. MIB
The MIB is organized in a tree structure defined by the SMI1 standard. SMI also specifies the data
types used to stock an object (integer, character string), the way witch are called those objects etc.
Every final element of the MIB represents an attribute of the network equipment concerned.
It’s a system of reference holding a full of information about the equipment. You can find standard a
proprietary MIB
Bellow an example of MIB-II:
Picture 2 – Software screenshot of MIB
Every sheet of the MIB is identified by an OID

OID is information built of value decimal. (Example: 1.3.6.1.2.1.4.3).
Every decimal value of the OID identifies one of the MIB branches
Example for the object « ipInReceives »:

iso(1).org(3).dod(6).internet(1).mgmt(2).mib-2(1).ip(4).ipInReceives(3)
The diagram below presents different group of the MIB as their OID:
Picture 3 – Diagram of the MIB group and their OID
8.4.4. Configuration
The following commands allow configuring a communication between the different network
equipments and the NMS:
• snmp-server community {community} ro

o The community specified has the access in read only
• snmp-server community { community } rw
o The community specified has the access in read - write
• snmp-server location {location}
o Specify the location of the router
• snmp-server contact {string}
o Specify information about people to contact in case of problem
• snmp-server host {IP of the NMS} { community }
o Specify a NMS which will receive the SNMP Traps
• snmp-server enable traps snmp [authentication][linkup][linkdown][coldstart]
[warmstart]
o Specify the event(s) which will trigger the traps sending.
8.4.5. RMON
RMON defines a monitoring MIB witch complete MIB-II. This MIB contain statistics
information got by analyzing every frame from a network segment. To do this, material monitoring
equipment (RMON probe) are located on the network segment to monitor. Those equipments allow
creating alerts defined by the user, but above all gathering multiple crucial statistics thank to a serious
analyze of every frame.
With RMON, the administrator can get information about the global estate of a LAN segment
(collisions rate on the segment, terminal sending the most broadcast etc.). Now the administrator is not
restricted to see local information and own to equipment executing a classic SNMP agent.
RMON did not require the SNMP protocol change, to integrate RMON it just need to add MIB entities
in the MIB. There are two versions:
RMON1 – Working at 1 and 2 model layers.

RMON2 – Working at 3 to 7 OSI model layers.
There are also RMON extensions as Token Ring.
RMON1 and RMON2 group are defined below:

• Statistics group
Manage statistics errors (CRC, fragment, etc.) and network using as the bandwidth rate used,
the rate of broadcast and multicast.
• History group
Keep samples from statistics group in order to reply to the later administrator request.
• Alarm group
Allow to configure alarms (threshold, intervals) about data coming from statistics group.
• Host group
Measure the different type of traffic from a source host to a destination network.
• Host TopN group

Generate a log of systems hosts « TOPN » base on the statistics coming from statistics groups.
• Traffic matrix group

Stock the errors and the using statistics about the nodes pairs witch communicate on the
network .For example errors, bytes, and packets.
• Filter group
Define a set of filters to identify and catch a flow of packets matching to a different plan.
• Packet capture group

Define an internal buffering packet method which matches to the filtering requirements.
• Event group
Stock the events for the administrator. It can be personalized reports base on the alarm type.
• Directories protocols group

Contain a protocol list supported by the probe RMON2; this group is essential when an agent
RMON2 want to know witch communication protocol use RMON2, all above when the agents
builder and the probe are different.
• Distribution protocols group

Contain data gathered by the probe, classified by protocols.
• Ip mapping group
Conserve information about binds between MAC et IP addresses.
• Network host group

Conserve network layer statistics about an IP address.
• Network layer matrix group

Contain network layer statistics about exchanges existing between two.
• Application host group

Contain statistics about application layer protocols from a host.
• Application traffic matrix group

Stocks application layer statistics about exchanges between two hosts.
• User log group

Allow to the network administrator to archive data about any segment hosts, web server or
others.
• Configuration probe group

Allow to a manufacturer application configuring by remote the RMON2 probe of another
manufacturer.
Bellow, different group: RMON1, RMON2, and Token Ring:
Iso
Org
DoD
Internet Mgmt MIB RMON Event
Capture
Filter
Matrix
Host TopN
Hosts
Alarm
History
Statistics
protocolDir
protocolDist
addressMap
nlHost
nlMatrix
alHost
alMatrix
RMON1
userHistory
RMON2
probeConfig
TOKEN RING
TokenRing
8.5. Syslog
8.5.1. Functioning
Syslog is a monitoring events utility of Cisco based on the utility Syslog of UNIX. Originally, Syslog
was developed only for the software called Sendmail. But the usefulness of this last was such as, that
many application went on to use it. Syslog works on a client – server architecture.
The used port on the server is the UDP port 514 and the messages size can not up to 1024 bytes.
In 2001, the Syslog’s specifications were defined in the RFC 3164.
On routers and switches Cisco Syslog events can be sent on a NMS. So the messages sent will “non-
solicited” (Traps).
Every Syslog message is time stamped, and contain a severity level as a log message. Those messages
are sometimes the only way to resolve a problem on the equipments. It exist 8 severity levels in the
Syslog Traps. (0 to 7). The level 0 is the most critical and 7 the least.
A network equipment will not send Syslog messages to the server witch the severity is upper (lower
with the number) to the defined limit.
The default level of severity is 6 on the Cisco equipments. All the messages will available except for
the debug messages.
Severity level Description

0 Emergencies
1 Alerts
2 Critical
3 Errors
4 Warnings
Default severity 5 Notifications
level of Cisco 6 Informational
IOS 7 Debugging
The default level of severity is 6 on the Cisco equipments. This parameter is configurable.
8.5.2. Configuration
In order to NMS could receive Syslog traps of an equipment, it must have a Syslog (CiscoWorks2000,
Kiwi Syslog, etc.) application server configured on this last.
You have to configure the router for sending events on the NMS. Bellow, different needed
configuration commands on the router 2620xm:
• logging on
o Enable events recording
• logging {hostname} | {host IP address}

o Specify to the router NMS terminal receiving Syslog traps
• logging trap {debugging | informational | notification | warnings | errors | critical | alerts |

emergencies}
o Configure the severity level (optional)
• service timestamps log datetime

o Timestamp syslog messages (optional)

CCNA 4 - Course (EN V 3 0)

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CCNA 4 - Course (EN V 3 0)

Uploaded by

Copyright:

Available Formats

Cisco CCNA 4

Campus Booster ID : 327

7. FRAME RELAY TECHNOLOGIES............................................................................................................ 38

1. NAT & PAT

1.1. Private and public addressing

Addresses classes Range of private addresses correspondent CIDR

1.2. Address translation

This process exists under two variants:

1.2.1. NAT principle

1.2.2. PAT principle

• ip nat inside source static {local-ip} {global-ip}

• access-list {number} permit {prefix} {wildcard_mask}

• ip nat inside source list {number} pool {pool_name}

• ip nat pool {pool_name} {first-ip} {last-ip} netmask {subnet_mask}

• ip nat inside source list {number} interface type {number} overload

• clear ip nat translation

1.3.2. Configuration steps

• show ip nat translations

• show ip statistics nat

There are three address allowance types:

2.1.1. Comparison between BOOTP and DHCP

2.1.2. DHCP operation

The configuration of a client with the DHCP protocol is made in 4 steps:

There are three other DHCP requests:

2.1.3. DHCP relay

• ip dhcp pool {group_name}

• ip dhcp excluded-address {prefix} [prefix2]

• [no] service dhcp

• network {prefix} {mask}

• dns-server {prefix} [prefix2, prefix3, …]

• lease {infinite | days [hours] [minutes]}

2.2.2. Configuration steps

Here is the procedure allowing configuration of DHCP service on a Cisco router:

• Define the group address name (ip dhcp pool command)

• Specify the DNS server address (dns-server command)

• show ip dhcp server statistics

The three types of services provided by service provider are:

The WAN path that interconnects the DTE is called:

The DTE provide the user’s data (Example: Router)

There are two types of circuits:

Virtual circuits are cut out into two categories:

Example of WAN link and corresponding bandwidth:

Link type Bandwidth

3.2. Equipments and devices

WAN switches (ATM, RNIS, etc.)

Modem (CSU/DSU, TA, NT1, etc.)

3.3. WAN norms

• ITU-T (International Telecommunication Union – Telecommunication Standardization

The data-link layer defines the data encapsulation on WAN networks:

3.4. Classification of the several WAN link types

The several types of WAN link usually available are:

• Dedicated lines (also called specialized line or leased line):

The two big family of switching link are:

4.1. WAN communication

Choice of a WAN service mainly depends on:

Needs related to WAN services are the following:

4.2. First steps of WAN design

The first step of WAN design is to gather information:

The methods of user’s evaluation are:

This analysis of the user needs is to determine:

The needs can change; we need to take in consideration:

4.3. Hierarchical network model

The interest of using a hierarchical model during the design is: