Professional Documents
Culture Documents
Fayyaz Ahmed
The Person:
Hello Everybody This is Fayyaz Ahmed and the first thing I would like to tell you is that I
am not a book Writter, I am just a professional like everyother professional in the field and
student of CISCO Acadmey like you.
I completed my CCNA, & CCNP certifications by the Grace of ALLAH just some while
ago. And I Try to write a book on CCNA & CCNP in Roman Urdu which make easy
and helpful for every-one who knows english or not.
How I Write?
I read CCNA Book (Offical Cisco book) and 1 year personal research about CCNA on the internet then I made my
personal notes and try to maintain all my notes in a single book, which makes easiser for reading again. So please take
it serious because its all about CCNA if you really want to learn CCNA s0 read this clearful its not a book its my 1 year
personal reeasech about CCNA and I invest my losts of time & Efforts here I learn that topic first and then translate to
Roman, for others so that you guyss learn very easily and clear your concepts. My simple philosophy is shearing my
knowledge with others becasues when you share your knowledge its always increased.
Book desing?
The book desing 10 moudles (115) Pages like a classes in any academy you make your To DO list to read this book
and learn CCNA day by day.
Feedback Information:
As you read this Book and you think that this has helped you in any way then it would be great if you give me your
feedback and even if you think that it has been poorly conceived and written I would like to hear your Feedback and
your comments. Mail me on fayyazahmed007@outlook.com & Feel free to go my site which is http://fayyazahmedccna.weebly.com/ for online learning & share it with others.
Contant
Page.No
OSI Overview:
05
7) Application Layer:
o Telnet:
23
o SSH:
22
o FTP:
21
o TFTP:
69
o HTTP:
80
o HTTPS:
443
o NTP:
123
o
6) Presentation Layer:
o Encryption:
o Compression:
o Translation:
5) Session Layer:
4) Transport Layer:
o TCP:
o UDP:
o Flow Control:
o Segmentation:
o Fragmentation:
3) Network Layer:
2) Data Link Layer:
1) Physical Layer:
Protocol Data Unit (PDU)
06
07
08
09
HTTPS:
HTTPS means (Hyper Text Transfer Protocol Secure) ye bhi same HTTP ki tarha hi hy per HTTPS use hota hy hamari
secure websites per jessy hamari banks ki site hogai qk is ka link secure hota hy matlab ye 1 tarha sy 1 tunnel create
karta hy jis my sari traffic encrypted hoti hy jessi koi hack nahi kar pata or ye port 443 py work karta hy.
NTP:
NTP means (Network Time Protocol) jessy hamry network py bhut sary switches or Routers ya servers hy to in sub py
logs generate hoty hy to ye bhi must hy k sub servers per time same hona chahye taky wo servers apny statistics ko
accurate time per record kar saky to is k ley 1 protocol use hota hy jessy hum NTP khty hy ye bs hum kessi bhi router
ya server py run karty hy or jaha ye run hy waha hum jo time set karty hy sary server or switches py wohi time auto set
hojata hy or seconds ka bhi fark nahi aatta so NTP protocol is ley use hota hy or ye port number 123 py work karta hy
or ye sary hi protocols OSI ki application layer per work karty hy or yahi application layer ki responsibility hy.
Translation:
Translation bhi presentation layer my hoti hy jessy koi bhi language ho to computer ussy translate kar sakta hy suppose
Information convert to Data and data convert to Signals to is tarha data communication bhi translation ki form my hi
hoti hy.
Flow Control:
Transport layer hamy flow control provide karti hy matlab limited data send karti hy jinti k hamari speed hoti hy data
receiving ki us sy zada nahi karti warna conjunction ka khatra hota hy essi ley wo flow control ko use karti hy data
sending or receiving k doran Traffic k Flow ka 1 control hota hy.
Segmentation:
Transport layer hamy Segmentation bhi provide karti hy matlab jessy k agar bhut bara data send ho raha ho like 10MB
ka to wo us 10MB k data k phly 10 packets banati hy choty choty or pher ussy Arrange karti hy sequence my like 1 to
10 or her packet py 1 number laga dyti hy jis sy agar koi packet miss hojaye to ussy recover karny my aasani hu or sirf
wohi packet recover ho jo miss howa hy to is process ko hum segmentation khty hy.
Fragmentation:
Fragmentation opposite hota hy segmentation k segmentation my bara data choty choty packets my convert hota hy or
Fragmentation my wohi choty choty packets dobara destination py pouch k bary data my wapas convert hojaty hy.
10
PDUs:
PDUs means (Protocol Data Unit) PDUs hamy hamary packet ki form bataty hy 7 layer my jab data Application,
Presentation, Session layers py hota hy to wo sirf Data hi hota hy per jab Data Transport layer py ata hy to wo convert
hojata hy Segment my or pher jab Data Network layer py hota hy tab data khlata hy packet or pher jab Data Data link
py hota hy to data khelata hy Frame or physical layer py data bits ki form my hota hy essy khty hy PDUs matlab
protocol data unit.
1) Data on Transport Layer called Segment.
2) Data on Network Layer called Packet.
3) Data on Data link Layer called Frame.
11
Page.No
What is Switch
11
Switch Overview:
Process of Working Switch:
Benefit of using switch:
Working of Switch how Switch builds a mac address:
Swithcing Information
12
HUB?
Switch?
Types of Switches?
o Manageable Switch:
o Unmanageable Switch:
CISCO Hierarchical Model?
o Access Layer:
o Distribution Layer:
o Core Layer:
Switching Mode/ Switches Techniques?
o Fragment Free Switches:
o Store & Forward Switches:
o CUT Throw Switches:
13
Interface Modes
Types of Switch Interface Modes?
o Administrative Mode:
o Operational Mode:
Administrative Mode?
o Access Mode:
o Trunk Mode:
o Dynamic Auto / Dynamic Desirable:
Operational Mode?
o Access Mode:
o Trunk Mode:
Configuration Modes?
Cisco device modes?
14
15
12
What is Switch:
Switch:
Network switch 1 essi device hy jo computers ko dosry switches ko or network devices ko aapas my connect karti hy.
switch ko multi-port bridge bhi kaha jata hy or hamara switch OSI ki data link layer matlab layer 2 py work karty hy
lekin aajkal hammy essy switch bhi dekhny ko milty hy jo k layer 3 or layer 4 py bhi work karty hy essy switches ko
layer 3 switches ya multi-layer switches kaha jata hy agar kahi sirf switch word use hota hy to matlab k wo layer 2
switch ki bat ho rahi hy jo sirf LAN py connectivity provide karta hy routing wagera perform nahi karta. Switch ki
working bhut simple hoti hy switch apni port py messages ko receive karta hy in the form of frame or ussy transmit
karta hy ussi device ko jis device py wo message send kia jata hy yani 1 to 1 communication ye hub ki tarha nahi hy
qk hub py jo bhi message receive hota tha wo ussy broadcast kar dyta tha pory network py to jis k ley wo message hota
tha wo us message ko receive kar lyta tha or baki sub us message ko discard kardy ty thy to hub as a dumb kam karta
tha or switch as a intelligent kam karta hy jo sirf message ko ussi device py direct send karta hy jaha ussy jana hota hy
or yahi hub or switch ka sub sy bara difference hy, switch essa is ley kar pata hy qk switch apny andar 1 table banata
hy jessy Forwarding table ya MAC table bhi kahty hy is table my ye khud sy connect sari devices ki information ko
save rakhta hy taky messages ko direct ussi device py send kar saky jaha ussy jana hota hy.
3)
Switch hamy lan py connectivity provide karta hy or switch plug and play hota hy mtalab jessy hi
switch py cables connect hoti hy switch apni working auto hi start kar dyta hy.
Switch hamy lan py high-speed py data ko exchange karny ki facility provide karta hy qk ye work
karty hy 100, to 1000 Giga bits per. Is k elawa ye full duplex communication use karty hy (Sending
receiving both same time)
Switch hamy point to point data communication bhi provide karta hy.
13
Swithcing Information:
14
HUB:
Hub is a Dummy Device jo MAC address ko learn nahi karta. Or ye Layer 1 py work karta hy in the form of 1 or 0
HUB hamesha broadcast karta hy. Bandwidth ko sary pcs py share karta hy or is my 1 hi Collision Domain or 1 hi
Broadcast Domain hota hy.
Switch:
Switch apni her port py MAC address ko learn karta hy. Or ye layer 2 py work karta hy. Switch jab on hota hy to first
time Broadcast karta hy or pher us k bad Unicast karta hy broadcast nahi. Switch k andar 1 chip hoti hy jis ko ASIC
(Application Specific Integrated Circuit) khty hy jis ki waja sy ye essa kar patta hy or ye apny andar 1 MAC table
banata hy jis sy ye direct ussi pc ko data send karta hy jis ko wo jana hota hy yani unicast karta hy broadcast nahi. ye
fixes bandwidth py work karta hy bandwidth ko shared nahi karta. Switch my 1 Broadcast Domain hota hy or per port
py 1 single Collision Domain hota hy.
Types of Switches:
Manageable Switch:
Manageable switch ko hum Command sy configure kar sakty hy apni Network requirement k according changes kar
sakty hy. NIC Slots adds kar k uski ports ko increase kar sakty hy or manage karny k ley IP dy sakty hy.
Unmanageable Switch:
Unmanageable switch means jin ko hum manage nahi kar sakty ye fixed hoty hy or plug and play hoty ap is my khud
sy koi changes nahi kar sakty.
15
16
Details of Layers:
Access Layer:
Access Layer wo Layer hoti hy jis sy Direct Pcs connect hoty hy essi ley waha thory lowest end ki series k switches ko
lagaya jata hy jessy (1900 & 2900 Series k Switches).
Distribution Layer:
Distribution Layer wo layer hoti hy jo Network k Middle my hoti hy Core Layer or Access Layer k darmiyan
Connectivity provide karti hy or waha sy network distribute ho raha hota hy. Essi ley hum waha thori achi
series k switches lagaty hy jessy (3000 & 5000 Series k Switches).
Core Layer:
Core layer yani wo layer jo Network my sub sy important layer hoti hy jaha sy pora Network Manage ho raha hota hy
or dossri jagaho sy bhi Direct connect hota hy. Essi ley hum waha Best series k switches lagaty hy jo bhut hi Fast or
Powerful hoty hy jessy (7000, 8000 & 10,000 Series k Switches). So ye CISCO ka Hierarchical Design hy jis sy
Network bhut acha Design hota hy.
17
Administrative Mode:
Administrative mode my hum switch ki ports ko khud sy configure karty hy or is k 4 mode hoty hy.
Access Mode:
Access Mode end users k connecting ports hoti hy jo direct switch sy user ki end devices yani computer k
sath connect hoti hy Access mode sy 1 hi Vlan ka data carry hota hy ye hamesha aapni 1 port sy 1 hi vlan
ka data travel karti hy multiple vlans ka nahi. Or Access ports security purpose k ley bhi banai jati hy qk ye
ports auto as a trunk configure nahi hoti.
Trunk Mode:
Trunk Mode wo ports hoti hy jo 1 hi port per multiple vlans ka data send & receive kar sakti hy trunk port
py vlan tagging hoti hy jissy data ko pata lagta hy k ye data kon c vlan k ley hy. Or hum switch ki last port
ko jo k dosray switch sy connected hoti hu or switches per vlans banni hoti hy so un last ports ko hum
trunk port banaty hy taky wo multiple vlans ka data send or receive kar saky dosray switches per bhi.
18
Operational Mode:
Switch k 2 Operational Mode hoty hy basic mode 4 configure hoty hy but 2 Operational Mode hoty hy jis my wo port
configure ho k act karti hy.
1) Access Mode.
2) Trunk Mode.
Access or Trunk k elawa ports koi or ACT nahi karti ya to wo Trunk ACT kary gi ya pher Access.
Note:
19
Console port:
Console port: Cisco k router or switches GUI base bhi hoty hy or CLI base jaha hum commands k throw router ko
configure karty hy CLI mode my koi graphic nahi hoti is my kuch bhi apko graphic my nahi dekhta to router ko
configure karny k ley hamy kessi computer la laptop ki need hoti hy jis ki help sy hum router ko configure kar sakty hu
tu console port router ka display ap k computer per dyti hy jis sy ap us router ko configure kar sakty hy.
Simply console port router ko configure karny k ley use hoti hy. Or router ka console lyny k ley hum kuch software use
karty hy jessy window XP my Hyper Terminal use karty thy or ab window 7 ya latest window k ley hum putty
software ka use karty hy router ka console lyny k ley so is tarha hum rotuer ya switch ki configuration kar sakty hy us
ka console ly k.
20
Contant
Page.No
17
18
VTP Protocol:
VTP Overview?
How VTP Work?
VTP Modes?
o Sever Mode:
o Client Mode:
o Transparent Mode:
Requirment for VTP?
o Always Port Trunk:
o Always same Domain:
o VTP Password:
20
21
VLAN Overview:
Vlan eak logical network ko kehty hy hy suppose jessy k mery
network my 5 depart hy 1) Sales 2) H.R 3) admin 4) accounts 5)
Designing or mujhy on sub departs ko seprate rakhna hy to
CISCO k switch my 1 technique use hoti hy jaisy hum Vlan yani
(Virtual local area network) khty hy ye 1 hi switch py rehty howy
us switch k ander hi 1 virtual LAN create kar dyta hy or wo lan 1
alag separate network hota hy tu is tarha sy agar my in pancho
depart ko alag alag rakhkna chata hu tu mujhy 5 switch ki zarorat nahi hy essa karny k ley my 1 hi switch py 5 vlans
bana doga or in sary depart ko vlan k mutabik alag alag depart my assign karduga so essy wo sary depart separate rahy
gy or appas my communicate nahi kar sakky gy. Is ka 1 or faida ye bhi hy k per vlan as a separate network hoti hy
separate broadcast domain hoti hy. Essi waja sy 1 hi switch py rehty howy hamari broadcast traffic bhi reduce hojati hy
qk 1 vlan1 alag boundary hy tu 1 vlan sy koi bhi broadcast kessi dosri vlan my nahi jati jiski waja sy hamari broadcast
traffic bhi reduce hojati hy.
Types of Vlan:
Data Vlan
: Data
Default Vlan
Native Vlan
Management Vlan
: Management vlan mai hum vlans ko IP dy sakty hy taky hum apny switch ko bhi
router ki tarha remotely telnet session k throw configure kar saky to jis bhi vlan ko hum IP assign karty hy hamari wo
vlan management vlan khelat hy jaha sy hum switch ka remote ly k switch ko remotely bhi configure kar sakty hy.
22
SVI Vlan
: SVI
means (Switch Virtual Interface) jab bhi hum apny switch ko IP dyty hy to wo
kessi vlan ko active kar k dyty hy or switch ko IP dyny sy switch hamy layer 3 ki functionality dyta hy sirf 1 vlan k ley
to jis Vlan py IP address configure hota hy us Vlan ko hum SVI vlan khty hy qk wo as a Router k virtual interface ki
tarha perform kar raha hota hy or ye by default off hoti hy essy hamy forcelly configure karna hota hy
Extended Range:
1006 - 4094
Extended Vlans Range used for ISPs.
And vlan information stored in Running Configuration.
Trunks Port:
By default switch ki her port khud sy 1 hi vlan ka data access karti hy but agar hamari vlan kessi dosry switch py bhi
configure hy or different vlans hy to yaha hamy switch ki end ports ko Trunk Port banana parta hy qk trunk port 1
single port my hi multiple vlans ka data send and receive kar sakti hy. Agar hum switch ki last port lo trunk port nahi
bannye gy to different vlans k darmiyan communication nahi ho paye gi.
Router on a Stick:
Router on a stick ko inter vlan routing bhi khty hy jessy agar my
cha raha hu k 5 vlans my sy 2 vlans apas my communicate bhi kar
saky suppose Sales or Accounts depart to is conndition mai
hammy1 router device ki need hoti hy qk router 2 different
network k darmiyan communicate kar waata hy to essi ley hum is
process ko inter vlan routing bhi khty hy jis my 2 vlans 1
different network my rehty howy bhi apas my communicate kar
sakti hy is k ley my router py DOT1Q protocol ko use karty howy Sub Interfaces banta hy or pher virtual links create
karty hy jis ki help sy vlans communicate kar pati hy.
23
Inter-vlan Routing:
Inter vlan routing my router my do interface ko use kia jata hy
vlans ko apas my communicate karwany k ley is ka disadvantage
ye hy k router my bhut kam interfaces hoty hy or agar humary
pass vlan 5 ya us bhi zada ho tu my waha my itny sary interfaces
to nahi use kar sakta essi ley hum router on a stick trick ko use
karty hy is my hum bs 1 hi interface ko use karty hy or ussi in
sub interface dot1q protocol ko use karty howy 1 hi interface my different virtual interface create kar dyty hy jissy 1 hi
interface py rehty howay sari vlans apas my communicate kar rhi hoti hy or zada interfaces bhi use nahi hoty.
U
Inter-vlan Routing:
Creating sub-interface for VLAN 10 on router:
Router > en
Router # config t
Router (config) Int fa0/0.10
Router (config-subif) encapsulation dot1Q 10
Router (config-subif) ip address 10.0.0.100 255.0.0.0
Router (config-subif) no shut
Configuring Router:
Router(config)#interface fa0/0
Router(config-if)#no shutdown
Router(config-if)#exit
24 Protocol (VTP):
VLAN Trunking
VTP protocol:
VTP means (Vlan Trunking Protocol) VTP cisco ka propriety
protocol hy VTP protocol kam ye karta yehy k jaisy suppose
hamary network my (40) Switches hy or hum ny 1 switch py
vlan create karni hy like vlan10 so 1 switch tak to ye thk hy per
agar mujhy is vlan ko apny network py rakhy or switches sy bhi
connect karna hy to waha mujhy yehi vlan or switches py
bhi configure karni hogi Right so to kia my (40) switches
py alag alag jaja k yahi Vlan sub py create karta rahu ga?
Ye koi best way nahi hy olta thaka dyny wala kam hy to
essi ley CISCO ny VTP protocol banaya hy VTP protocol
my hum apny sary switches py VTP protocol ko enable karty hy or VTP protocol my switches k mode set karty hy
jaissy k Server mode or Client mode so Server mode my jo switch hota hy hum bs ussi switch py 1 vlan create karty hy
or wo switch khud sy connect sary switch py auto hi wo vlan create kar dyta hy. yani k vlan ki information sync kar
dyta hy. To hammy her switch py jaja k wohi vlan create nahi karni parti or yahi sub sy bara benefit hy is protocol ka.
Or VTP sirf CISCO k swithes py hi chalta hy.
Describe VTP:
Vlan Trunking Protocol Cisco ka propriety protocol hy ye run karta hy sirf Trunk links py or synchronize karta hy vlan
k database ko sary switches py jo same domain ka part hoty hy. VTP domain 1 administrative group hota hy or jin
switches py VTP run karna hy un ka same domain my hona lazmi hy jabhi wo vlan k database ko sary switches py
synchronize kar saky gy or un ka name bhi same configure hona chayee. VTP work karta hy us k Revision number sy
or VTP my maximum 4.3 billion revision num ban sakty hy.
1) Network my sary switches VTP ki advertisement ko send karty hy her 5 minute k bad or aagar un k vlan
database my koi changing hoi hu to foren hi VTP update send karty hy pher 5 minute wait nahi karty.
2) VTP work karta hy us k Revision number sy Network my koi Vlan banny ya delete ho too us my revision
number hamesha 1 plus hota rehta hy or pher wo revision number network my advertise hota hy or bakki k
switches ussy apny revision number sy match karty hy aagar revision number zada hota hy to wo us switch ka
databse apny database sy replace kar lyty hy. or jis switch ka revision number higher hota hy to sary switches
us vlan database ho khud my overwrite kar lyty hy.
25
VTP Modes:
Server Mode:
By default Cisco k switches my VTP enable hota hy or ye Server mode my ACT kar raha hota hy. Server mode
my ap khud sy Vlan banna bhi sakty hy us my editing bhi kar sakty hy or ussy delete bhi kar sakty hy.
Client Mode:
Client mode k switch my ap na to Vlan banna sakty hy na edit kar sakty hy or nahi delete kar sakty hy client
mode k switch hamesha khud my vlans ki information ko overwrite karty hy server mode k switch sy jessy hi
server mode k switch my 1 Vlan create hoti hy to wo Switch foren hi apny network my khud sy connect sary
switches ko 1 VTP update send karta hy or Client mode k sary switches us update ko accept karty hy or khud
my wohi Vlan update kar lyty hy jo server mode switch my forcefully configure hoi hoti hy.
Transparent Mode:
Transparent jaissy k name sy hi show ho rha hy matlab cross yani Arr Paarr. Cisco k Sary Switches py VTP
enable hota hy or hum essy disable nahi kar sakty suppose (40) switches my sy kuch switches essy bhi hy jin
my my koi bhi vla nahi banna chata qk waha vlan ki koi need hi nahi hy to essy my ma us switch ko server
mode py bhi chor nahi sakty qk pher us switch ko full rights mil jaye gy or mai VTP ko disable bhi nahi kar
sakta to bs itnaa kar sakty hu k us switch ka mode Transparent configure kar sakty hy. wessy to sary hi
switches VTP ki update ko poray network py send karty hy or client mode k switches us update ko accept kar k
khud my wohi changing kar lyty hy per transparent mode my switch us update ko receive to karyga per khud
my kuch changing nahi karyga or wessy hi us update ko agye forward kardy ga or switches ko. So transparent
mode k switches ko hum as a disable man lyty hy qk wo VTP ki Update receive to karty hy or direct hi agye
forward kar dyty hy means transparent mode k switches my VTP ki Update us switch sy cross means Arr Paarr
ho jati hy.
26
27
Contant
Page.No
Describe Solution:
STP Overview (802.1D):
Hows Spanning Tree protocol Works:
Elections Process of STP:
o ROOT switch Election?
o ROOT Port Election?
o Designated switch Election?
23
24
25
26
Ether Channel:
Ether-Channel Overview?
How Ether-Channel Works?
Range of Ether-Channel?
Benefits of Ehter-Channel?
Ehter-Channel Protocols?
o PAGP:
o LACP:
27
28
28
Spanning Tree
Protocol:
Redundant Topology:
STP ko samjhny sy phly ye samjhna zarori hy k redundant topology kia hoti hy. So jab bhi hum apny network my
multiple switches ko connect karty hy to is condition my hum 1 hi single link py depend nahi karty qk agar essa hoga
to wohi 1 link down hony per hamari Network sy connectivity break ho jaye gi. to essi liye hum multiple links create
karty hy switches k bech my jesy hum backup links bhi kehty hy. jis sy agar 1 link down ho bhi jaye jo network ki
traffic auto hi dosray link sy flow ho jati hy. Essa hum kar to dyty hy but multiple links create karny sy switches k
darmiyaan multiple Frames bhi copy hojaty hy or essi topology ko hum redundant topology jo k Daigram1 my show
hy.
29
Solution:
So multiple links create karny sy hammy in problems ko face karna pary ga jo k network k ley bilkul bhi thk nahi hy
per agar hammy pher bhi multiple links create karny hotu CISCO ny hammy 1 Protocol provide kia hy jessy hum khty
hy Spanning Tree Protocol or ye CISCO k Switch my by default enable hota hy. To jaisy hi hum CISCO k switches
ko multiple links sy connect karty hy to wessy hi STP run hota hy or multiple links my sy 1 links ko auto hi down kar
dyta hy jis sy 1 time py 1 hi link up hota hy or jessy hi Up Link down hota hy to spanning Tree Protocol Foren hi us
dosray link ko auto hi UP kar dyta hy jo hum ny multiple Way k ley create kiya tha to is sy hum apny switch py
multiple links create kar sakty hy. per Spanning Tree Protocol 1 time py 1 hi link ko UP rakhty hy taky wo looping or
in 3 problems ko network my na hony dy,
STP Overview:
1)
2)
3)
4)
5)
30
Third Election:
3rd election process hota hy k kon sa switch Designated switch banny ga matlab k ager 1 link py 2 switches Connect
hy to un 2 switches my sy kon sa switch designated switch hoga jis ki taraf data throw hoga. Or network mai jo switch
designated switch banta hy us switch ki ports bhi designated ports ban jati hy Root Port ko chor k Designated ports bhi
forwarding state my hoti hy or switch ki wo port jo k PCs sy connect hoti hy wo port designated khelati hy. Or wo
forwarding state my rehti hy blocking state my nahi jati. Ussi tarha agar hamary 2 switch apas my connect hy tu un my
sy koi 1 switch designated switch hoga jis sy data throw hoga or us ki port forwarding state my hogi or wo designated
switch banny ga apni port ki cost ko network my advertise kar k. or 1 switch hoga jo designated switch nahi hoga to us
ki port blocking state my chali jaye gi. Or agar in-case donu hi switch ki ports ki cost same hogi to jis switch ki Bridge
I.D choti hogi wo switch designated switch ban jaye ga. Root Switch ki sari Port Forwarding state my hogi or NON
Root switch ki 1 port Root Port hogi jo k forwarding State my hogi or 1 Switch essa hoga jo k designated switch hoga
or us ki connecting port bhi Forwarding State my hogi. So0o0o Spanning Tree Protocol ka algorithm chalny k bad bhi
agar koi port forwarding state my nahi jati to wo khud hi blocking state my chali jati hy STP ka Algorithm is tarha
work karta hy.
31
BPDU Process:
BPDU k kuch rule hy jessy k.
1) Network my jo bhi switch Root switch hoga wo apni bridge I.D sary switches ko advertised kary ga or sary
switches apny BPDU my us Root Switch ki Bridge I.D OR apni bridge I.D aapas my exchange kary gy.
2) Jo bhi switch BPDU send karta hy to wo us BPDU message my apni khud ki Bridge I.D TAG kar k agye
forward karta hy or Receiving k doran bhi same yahi Process hota hy.
3) Her Switch jab BPDU exchange kary ga to us my wo Root Switch tak pouchny ki Cost jo hogi wo or us switch
sy ly kar Root switch tak ki jo cost hogi wo donu hi us BPDU message my TAG kar k agy send kary ga.
BPDU Timer:
BPDU my 1 timer hota hy jis sy wo auto us time k bad send and receive hoty hy or ye timer hum khud sy bhi set kar
sakty hy BPDU my 3 tarha k timer use hoty hy or hum inhy manually bhi apni requirement k mutabik configure kar
sakty hy.
1) Hello Timer:
Hello Timer matlab kitni dair k bad dosray switch ko Hello message send kiyee jayee gy or ye by default 2sec hota
hy.
2) Max Age Timer:
Max age timer matlab kitni dair tak agar dosray switch sy bhi BPDU message ka rply nahi aaya to hum ye man ly
gy k dosra switch down hogaya hy or ye by default 20sec ka hota hy.
3) Forward Delay Timer:
Suppose k agar hamary kessi switch ki port blocking state my hoti hy or hum ussy Up kary to wo port Direct UP
nahi hoti kuch time bad up hoti hy us port ki kuch states hoti hy jessy Blocking, Listening or Learning state jis my
wo switch Mac address ko learn karta hy or pher wo forwarding state my jata hy. To hamara switch kitni dair tak
lessening state my rahy ga kitni dair tak learning state my rahy ga ye depand karta hy Forward Delay Timer py jo
k by default 15 second ka hota hy. to agar hamara switch py koi interface agar blocking ya disable mode my jata hy
to wo 15 second tak lessening state my rahy ga or 15 second tak wo learning state my rahy ga or pher total 30
second bad my wo switch ya interface Forwarding state my aaye ga. So in sub process my jo time lagta hy ussy
forward & delay timer kehty hy.
32
U
Is case my bhi Switch ye dekhty hy k kis rasty ki cost kam hy Root Switch tak pouchny k ley to wo Switch Designated
Switch ban jaye ga or us ki sari port Forwarding Sate my hoti hy jessy hum Designated Port bhi khty hy. Or agar cost
same hogi to jis switch ki Bridge I.D lowest hogi to wo Designated Switch ban jaye ga or in case ager Bridge I.D bhi
same hy to is case my hum pher us switch k lowest interface sy decide kary gy k kon sa switch Designated Switch
bannye
ga.
Or
in
cases
ko
hm
Tie
Braker
bhi
khty
hy.
To is tarha Spanning tree Protocol ka Algorithm work karta hy or STP ka election hota hy jis sy sub kuch decide hota
hy. Or jab tak inhy BPDU message milty rahy gy yahi process chalta rahy ga per agar 15 sec tak BPDU ka rply nahi
aya to switch consider kar ly gy k koi 1 switch down hogaya hy to jo port blocking state my hogi us k multiple links
my wo port up hojaye gi or traffic waha sy janna choro ho jaye gi. Or hamara Root Switch hi BPDU send karta hy sary
switches py or pher sary switches ussy aapas my exchange karty hy.
Commands of Enable BPDU Guard:
1) Spanning-tree portfast bpduguard defualt.
2) Spanning-tree bpduguard enable.
3) Show Spanning-tree summary totals.
33
T-Shoot Commands:
1)
2)
3)
4)
5)
6)
7)
Show interfaces
Show spanning tree
Show bridge
Show process cpu
Debug spanning tree
Show mac-address table aging-time (Vlan #)
Show spanning tree vlan (Vlan #) detail
Ether Channel:
Ether-channel:
Jab hum multiple links create karty hy apny switches my network
disaster sy bachny k ley to waha hum multiple links create karty hy
jis sy network mai Loop create ho jatty hy. Or Cisco k Switches my
Loop sy bachny k ley Spanning Tree Protocol Work karta hy or
hum Loop ki problem Sy bach jaty hy per jo multiple links hum
create karty hy us my bs 1 hi link kam kar raha hota hy or bakki sub
down hoty hy ya ap chaye jitney bhi links create karly us my sy
work bs 1 hi karyga or baki k sary interfaces Down State my rahy
gy. To jo links down state my hy unki jo speed hy jo Bandwidth hy
wo bhi west hoti hy qk jab link down hoga to us ki Bandwidth bhi
use nahi ho rahi ho gi to essy my Ether Channel 1 essa concept hy
jissy hum un links ki bandwidth ko bhi apny us single link py use kar sakty hy jo k us time py Down hoty hy jessy
suppose mery network my 2 switch lagye hy or un py 2 links create hy per 1 link Up hy or 1 link Down Spanning Tree
Protocol ki waja sy to mujhy maximum speed bhi 100mbps hi mil rahi hogi or 100mpbs dosry link ki jo down hy wo
waste ho rahi hogi to my Ether Channel configure kar k us link ki speed bhi apni single link py use kar sakta hu to
mujhy 1 link py hi 200mpbs ki speed milygi 100 apny link ki speed jo us time up hoga or 100 us link speed jo us time
Down hoga. So ether channel k throw mai apny down links ki speed bhi us single link py ly sakta hu jo k us time Up
hoga.
In Short:
Ether Channel 1 essa feature hy jo hamary multiple links ko bind kar k unhy 1 physical link bana dyta hy
Ether Channel jo Technology hy ye 1990s my 1 company ny invent kit hi jis ka name tha Kalpana lekin bad my
Cisco ny is company ko 1994 kharid lia or pher 2000 my is technology ko Cisco ny open Standard kardiya matlab ye
un switches py bhi configure ho sakta tha jo switch cisco k nahi hy. or pher IEEE ny essy 1 Number assign kia jo ab is
ki identity bhi hy or ab essy 802.3ad k name sy bhi janna jata hy.
---------------------This Book is written by Fayyaz Ahmed---------------------
34
35
Switch1> enable
Switch1# configure terminal
Switch-1(config)#interface range fa0/1 - 2
Switch-1(config-if-range)#channel-group 1 mode on
Switch-1(config-if-range)#exit
Switch-1(config)#interface port-channel 1
Switch-1(config-if)#switchport mode trunk
U
Configuring Switch-2:
<1 to 48>
<1 to 48>
Show Command:
36
IP Version 4 Addressing
U
Contant
IPv4 Addressing?
Define Both IPs?
Range of IP address?
Discussion about IPv4?
Subnet Mask?
WildCast Mask?
How to calculate wildcast mask?
Subnet CIDR?
How to define a Class by IANA?
Why Made Classes IANA?
Public& Private Address?
Private Address Range of Free ips?
Loopback Number (127)?
30
31
32
Subnetting:
Page.No
IP Address:
Define Subnetting?
Define Values?
Uses of Subnetting?
Subnetting of Class C:
33
34
VLSM:
Define VLSM?
VLSM for 4 Branches
First Branch 100 Host required
Second Branch 60 Host required
Third Branch 30 Host required
Forth Branch 10 Host required
35
36
37
IPv4 Addressing:
IPv4 Addressing:
IP address means k Ager hum apny kessi computers ko Network k sath connect karna chty hy or chty hy k wo
computers appas my data bhi share kary eak dosry k sath to waha hammy hamary computers ki identity chyee hogi us
ki source location or destination location ka computer ko pata hona chyee taky then wo destination computer sy
communicate kar saky. Example Jessy k hummary mobiles phones agar hummay kessi sy bat karni hoti hy to hammy
us person ka number chayee hota hy jis sy hammy bat karni hu Right. To same essi tarha hamary computer ko bhi
numbers chaye hoty hy taky computers appas my communicate kar saky so yaha hum computers k number k ley IP
address ka use karty hy jo un computers k ley un ka number ka kam karti hy or computers ko network sy connect kar k
data shearing or communication provide karti hy.
IP Version 4
2)
IP Version 6
Range of IP address:
IP Address
Network portion
Host portion
Class A
1 to 126
N.H.H.H/24 2 24 = 16,277,216
Class B
N.N.H.H/16 2 16 = 64,536
Class C
N.N.N.H/8 2 8 = 256
Class D
224 to 239
Class E
240 to 255
255.0.0.0/8
38
Subnet Mask:
Subnet Mask represent hota hy hamary networks k ley k hum kon sy Network ki IP ko Use kar rahy hy agar Class A ki
IP hy us my sirf 1 Network Portion hy to uska Subnet Mask hota hy 255.0.0.0 or Class B my 2 Network Portion hoty
hy to us ka Subnet Mask hota hy 255.255.0.0 or Class C my 3 Network portion hoty hy to Class C ka Subnet Mask
hota hy 255.255.255.0 to subnet hammary Network ko represent karta hy k hum kon sy network ko use kar rahy hy. Or
essi tarha ye Router ko bhi help karta hy Broadcasting rokny k ley jessy hi kessi 1 network ki Broadcast Router k pass
jati hy to Router sub sy phly us IP ka Subnet Mask check karta hy agar wo Subnet Mask us k dosray interface sy
connect Network sy match hota hy to Router ussy agye Forward kar dyta hy Or agar Subnet Mask same nahi hota to
wo Broadcasting ko wahi rok dyta hy. Qk us ka Subnet Mask kessi or network ka hota hy.
Essi ley Class A ki jo IPs hoti hy us my Network portion 1 hota hy or baki k portion Host portions hoty hy jo k
computers k ley use hoty hy to network portion 1 matlab 8 bit full hy essi ley hum Class A ki Ip ko /8 ka Subnet Mask
bhi khty hy or Class B ki IP my 2 Portion full to hum ussy /16 ka Subnet Mask khty hy or or Class C k Subnet Mask ko
hum /24 ka network khty hy qk us my 3 Network portion use hoty hy so 8 multiply by 3 its equals to 24.
WildCast Mask:
Wildcast mask opposite hota hy subnet mask ky jaisy k hum subnet mask my 1 bit ko count karty hy or 0 bit ko ignore
karty hy essi tarha hum wildcast mask my 0 bit ko count karty hy or 1 bit ko ignore karty hy. Wildcast mask my 0 bits
check hoty hy or 1 bit ignores hoty hy.
39
Class A ka Subnet Mask 255.0.0.0 hota hy so is Wildcast Mask mai 255 1 portion hy matlab ye 1 hy jo subnet mask
my count hota hy to wild cast k ley my 255 ki jaga 1 sy ussy 0 kar dy ga or bakki ki 0 bits ko 1 kar dy ga qk wildcast
mask opposite hota hy subnet mask k. So Class A ka Wildcast Mask banny ga 0.255.255.255 opposite of subnet.
Class B Subnet Mask 255.255.0.0 Wildcast Mask 0.0.255.255
But kabhi kabhi hummay is tarha ka bhi subnet dekhny ko milta hy like 255.192.0.0 to is condition my hum is mask ka
wiladcast mask nikalny k ley is mask ko minus karaty hy Globally subnet mask sy jo hy 255.255.255.255 so
255.192.0.0 minus 255.255.255.255 so wildcast mask aye ga 0.0.63.255 essi tarha 1 or example like mask hy
255.255.128.0 so again minus this mask into globally mask like 255.255.255.255 minus 255.255.128.0 so wildcast
mask is 0.0.127.255 as simple.
Subnet CIDR:
Hum jo subnet mask is tarha leakhty hy like /8 ya /16 to is tarha k mask ko CIDR matlab (Classless Inter Domain
Routing) khty hy.
40
ki 2 powers ko use kia like 2P7 P& 2P6 Pso ye hota hy 128+64 = 192 so essi ley Class C ki IP Start hoi 192 sy then
pher essi tarha Class D Start hoi 224 sy qk is my 3 bits ko use kia tha or Class E Start hoi 240 sy qk is my 4 bits ko use
kia tha. So is tarha IANA ny Classes ko Divide kia or new network milta raha to jaha sy wo new network start ho raha
tha us k last digit hamari phly class ka ending digit ban ga like Class A is 0 to 126 or 127 loopback number hota hy
jabhi hum essy IP my use karty nahi or hamara last word tha 128 jo k Class B ki IP my ja k lag gaya Simple.
1)
Class A
10.0.0.1
to
10.254.254.254
(1
Network)
2)
Class B
172.16.0.0
to
172.31.254.254
(15
Network)
3)
Class C
192.168.0.0
to
192.168.254.254
(254
Network)
So IANA na unhi IPs my sy kuch IPs ko Private k ley reserve kar diya or kuch IPs ko Public k ley reserve kar diya. To
Jab tak ap apny local network k indar hi communication kar rahy to tab to ap private Ip ko hi use kar sakty hu qk wo
internally communication k ley use ho rahi hy per jab hum internally communication sy nikal kar Externally
communication matlab out of the office kessi or branch sy ya kessi or Network ya internet ko access karna chahu gy to
waha hammy public IP ki required hogi jo hammy online connectivity provide kary gi.
Subnetting
41 FLSM:
Define Subnetting:
Subnetting means large Network/Class divide into Smaller Networks. eak hi Class ki IPs ko use karty howy ussy
multiple network my divide karny ko subnetting khty hy. suppose mery 4 offices hy or charu my hi mujhy class C k
network ki IP ko use karna hy to waha mai subnetting ko use karu ga or Class C ki IP ko 4 different networks my
divide karu ga suppose agar mujhy apny her office my 60 computer require hy charu office my 60\60 computer to is
tarha ki subnetting ko FLSM(Fix Lenght Subnet Mask) khty hy agar equal portion karny ho tu or agar different portion
karny hy jaisy 1 office my 100 computer or dosry office my 50 computer to is tarha ki subnetting ko VLSM (Variable
Length Subnet Mask) khty hy. Subnetting karny sy phly kuch basics bhut important hy jaisy k Class A my 1 Network
bit hoty hy or 3 Host bit hoty hy. To agar my un 8 bit ki power lyta hu to mujy kia value milti hy 255 Right. But
subnetting my hamary subnet mask change hoty hy. Jessy subnetting my subnet mask kuch is tarha bhi aata hy k /9,
/10, /23, /28 to suppose agar yaha /9 ka mask hy to 8 bit my tu mujy 255 mil raha tha right or 1 bit my us k baraber
waly portion sy ly lo ga jo k host portion hy 1 bit waha sy liya matlab 2 ki power 7 aai thi 128 right to 1 bit waha sy
liyaa tu /9 ka subnet mask howa 255.128.0.0 after subnetting or is my host ki value bhi barh jaye gy. Essi tarha agar /10
ka mask hy to 8 bit 1 portion sy complete hogaye or 2 bit us k baraber wally host portion sy ly lu ga to 128 one bit after
taking power or 64 second bit to 2 bit lyny k bad in ki power ko plus kar du ga to /10 ka subnet mask aye ga
255.192.0.0 after subnetting. Or is ko yad karny ka asan tarika hy k ap bits ki power phly calculate kar k yad kar ly k
agar itny bit lyny hy to kia value aaye gi to is sy asani hojati hy subnetting karny my.
So agar 1 bit lyna hy tu Value hogi
agar 2 bit lyna hy tu Value hogi
agar 3 bit lyna hy tu Value hogi
agar 4 bit lyna hy tu Value hogi
agar 5 bit lyna hy tu Value hogi
agar 6 bit lyna hy tu Value hogi
agar 7 bit lyna hy tu Value hogi
agar 8 bit lyna hy tu Value hogi
=
=
=
=
=
=
=
=
128
192
224
240
248
252
254
255
Subnetting my required ye hy k jitney bhi bits kaam pary baraber waly host portion sy utny bit ly ky un ki value ko
pick kar ly jaisy agar 5 value pick ki hy tu mask aye ga 255.248.0.0 is tarha sy bs host portion k bits ko 0 sy 1 count
karna hota hy.
In Short:
Subnetting eak way hota hy jis sy hum bary network ko choty choty networks my break karty hy
42
Uses of Subnetting:
1)
2)
3)
4)
U
Subnetting of Class C:
1) Required Host:
So phly hamy H ki Value nikalni parti hy yani Host bit k kis power ko ly k ap apni requirement pori kar sakty hy. to
agar my yaha 2 ki power 6 lyta ho to 2P6P so its equals to 64 so yaha meri requirement pori horahi hy to yaha my H ki
value yahi rakh sakta hu.
Class C my mujhy Host bits mil rahy thy 8 to mai un bits ko minus kardu ga apni H ki value sy jo meri required host hy
so 8 - 6 its equals to 2 to mera N yani Network bits 2 nikla ye 2 bits hum network portion my add karata hy.
Subnetworks:
yani subnetting k bad ab mujhy Class C ki 1 single IP kitny networks dy rahi hy. To us ka formula hota hy (2 ki power
N) so N kia tha hamary pass 2 to yahi aajye ga hamary pass k 2 ki power 2 like 2P2P = 4 to after this subnetting mujhy
Class C ki Network I.D 4 subnetwork Network bana k dygi.
43
44
Subnetting VLSM:
Define VLSM:
VLSM subnetting ki second type hy jis my um apni requirement k according subnetwork k size ko divide kar sakty hy
suppose hamary offices ki 4 branches hy or hammy un branches my different network ki IPs assign karni hy or jitney
host us branch my hy us sy bs kuch IP zada rakhni hy taky agar bad my kuch user add ho tu un ko bhi fulfill kar saky
or zada IPs waste na ho saky. jessy k subnetting my equal subnetwork hoty hy her subnetwork my equal size like 128
host ya 64 host to agar hamary kessi office my subnetting hoi v hy /26 k according jo k per branch my 64 host dy rahi
hy tu subnetting fixed hy agar kessi brach my sirf 10 computer hi hy to waha bakki ki IPs waste ho rahi hogi. Essi ley
VLSM my hum brachnes k according un ki IPs ki scheme ko design karty hy taky IPs waste na hu. Iska formula bhi
simple hy bus hammy jitney host chayee hoty hum hum host portion k utny bits ko 0 sy 1 kar k un ki powers ko count
kar lyty hy.
192.168.1.0 /24
255.255.255.0
:
:
:
255.255.255.00000000
255.255.255.10000000
255.255.255.128 /25
Yaha 1 bit hum ny is ley borrow kiya qk 128 my hamari 100 host ki requirement pori ho rahi thi or kuch extra IPs bhi
mil rahi thi so 27 = 128.
Network ID
First IP Address
Last IP Address
Brodcast IP Address
192.168.1.0
192.168.1.1
192.168.1.125
192.168.0.126
:
:
:
255.255.255.00000000
255.255.255.11000000
255.255.255.192 /26
Yaha 2 bit hum ny is ley borrow kiya qk 64 my hamari 60 host ki requirement pori ho rahi thi or kuch extra IPs bhi mil
rahi thi so 26 = 64.
---------------------This Book is written by Fayyaz Ahmed---------------------
45
Network ID
First IP Address
Last IP Address
Brodcast IP Address
192.168.1.128
192.168.1.129
192.168.1.190
192.168.0.191
:
:
:
255.255.255.00000000
255.255.255.11100000
255.255.255.224 /27
Yaha 3 bit hum ny is ley borrow kiya qk 32 my hamari 30 host ki requirement pori ho rahi thi or kuch extra IPs bhi mil
rahi thi so 25 = 32.
Network ID
First IP Address
Last IP Address
Brodcast IP Address
192.168.1.192
192.168.1.193
192.168.1.223
192.168.0.224
:
:
:
255.255.255.00000000
255.255.255.11110000
255.255.255.240 /28
Yaha 3 bit hum ny is ley borrow kiya qk 16 my hamari 10 host ki requirement pori ho rahi thi or kuch extra IPs bhi mil
rahi thi so 24 = 32.
Network ID
First IP Address
Last IP Address
Brodcast IP Address
192.168.1.225
192.168.1.226
192.168.1.239
192.168.0.240
46
Contant
Page.No
Router Topics:
What is Router?
Function of Router?
1) Restrict broadcast to the Lan:
2) Act as a default Gateway:
3) Route or Move Data Between Network:
4) Learn and advertise Loop free path:
5) How we can connect routers?
6) Directly connected Router:
7) Static Router:
8) Dynamic Router:
40
41
42
43
44
47
45
46
48
49
50
51
52
53
54
48
55
49
What is Router:
What is Router?
Router:
Router 1 essy specialize computer ko bolla jata jo different networks ko apas my connect karwata hy. essy hum
internetworking device bhi kehty hy.Router 1 essi device hy jo 2 different network ko apas my connect karta hy taky
wo appas my communicate kar saky. Router my 1 operating system use hota hy jessy IOS khty hy jis sy router operate
hota hy or routing wagera perform karta hy data ko 1 jaga sy dosri jaga move karta hy. Router Routing karny k ley
switch ki tarha 1 table create karta hy jessy routing table kehty hy or is routing table ki help sy wo 1 jaga sy dosri jaga
data send karta hy. Router OSI ki layer 3 Network layer py kam karta hy jessy hamary repeater or cables layer 1 py
kam karty hy Switches layer 2 py kam karty hy essi tarha router layer 3 network layer py kam karta hy. Router bhut
sary function perform karta hy per is ka main function kessi dosry network k sath communicate karwana hy. Or essi
tarha router ka dosra main function hy k ye broadcast traffic ko rokta hy bhut sari companies router banati hy jessy k
Junipher, 3COM, HP, Nortel or Cisco or is k elawa bhi bhut c companies router banati hy per most popular Cisco
router hy jo common best network k ley use worldwide use kiyee jaty hy.
U
Function of Router:
1)
Broadcast 1 essi transmission hy jis ka message network py sary PCs 1 sath receive karty hy yani 1 to all
communication. Lan my broadcast msg bhut hi common hoty hy or ye broadcast transmission physical layer, data link
layer, or network layer my use ki jati hy. without broadcasting k network my commination karna bhut hi mushkil ho
jata hy qk bhut sy protocol broadcast communication ko use karty hy jessy k ARP, RARP, DHCP or bhi bhut sary
protocol broadcast commination ko use karty hy networks my communicate karny ka essi wajja sy hum broadcasting
ko LAN sy to bilkul khatam nahi kar sakty hy qk ye zarori bhi hy. but hum essy restrict kar sakty hy throw the router
Qk router her 1 interface 1 alag broadcast domain hota hy.
2)
Eak network sy kessi network tk ya data ko kessi dosri jaga jany send karny k ley hum default Gateway use karty hy.
Agar hamry sary PC lan sy connect hy or wo aapas my communicate kar rahy hy to jab hamy default gateway ki
zarorat nahi hy qk wo sari pc 1 hi switch k sath lan sy connect hy per agar hamy internet py rakhy kessi server ya
computer ko use karna hy matlab agar hamy lan sy nikal k wan py jana hy tu waha hamy 1 gate ki zarorat hogi jaha sy
hamari request bahar ja saky or request ka response ander bhi aa saky to is k ley hum router ka use karty hy.
50
3)
Router 1 network sy dosray network tak jany k ley best route search karta hy or pher help karta hy k data router sy
dosry router tak 1 achy rasty sy travel ho k waha tak pouch saky. Router k bhut sary interfaces hoty hy jessy k Ethernet
interface, Serial interface, Router best path apny route table ko use kar k search karta hy or data ko uski destination per
move karta hy.
4)
Router apny her interface py dosray router ko learn kartay hy taky ussy 1 road mil saky jis sy data ko uski destination
location per send kar saky jessy. Commonly hum essy neighbor router kehtyh hy matlab us router k baraber my kon sa
router hy or us k agye kitny routers lagye hy. jessy hi do routers apas my connect hoty hy to wo apas my apna routing
table exchange karty hy dosray router k sath taky commination dono taraf sy aasan hu or yaha sy waha jany k rasty
donu router k pass mojood hu. Routers route learns karny k ley 3 proccess ka use karty hy jo k nechy describe hy.
U
Routing protocol
EIGRP:
51
Routing Protocol concept:
Terminology which use Routing Protocols:
Distance Vector Routing Protocol:
Distance vector routing protocol my Router apna pora Routing Table pori topology my exchange karty hy her 30
second k bad. (Example) :
IGRP, RIP & RIPv2
Link State Routing Protocol:
Link state routing protocol my router apna pora router table exchange nahi karty sirf Router my hoi changing ya
updates ko send karty hy. Benifit ye hota hy k kam bandwidth utilize hoti hy. (Example) :
OSPF
Hybrid Routing Prtocol:
Hybrid routing protocol my distance or link state donu hi routing protocol ki khososiyat hoti hy. (I.E) EIGRP
EIGRP Overview:
EIGRP sy phly IGRP hota tha jo k 1 (Distance Vector Routing Protocol) tha pher essi protocol ko Enhance kiya gaya
essy or better banaya gaya or pher IGRP ko Update kar k hi EIGRP yani (Enhance Interior Gateway Routing Protocol)
Cisco ny developed kia or EIGRP (Hybrid Routing Protocol) hy jo sirf router my hoi changing ya update ko send karta
hy pora routing table send nahi karta.
EIGRP Features:
1)
2)
3)
4)
52
EIGRP Concept:
EIGRP phly sirf CISCO Propriety protocol tha but ab cisco ny essy open standard kar diya hy.
EIGRP ka Administrative Distance yani A.D hota hy 90 or is ka protocol number hy 89.
EIGRP ka Algorithm hy DUAL (Diffusion Update Algorithm).
Best Path calculate based on Bandwidth & Delay.
Bandwidth zada delay km its equals to Best Path.
EIGRP Tables:
EIGRP routing karny sy phly 3 tarha k tables create karta hy.
Neighbor Table:
Neighbor Table my Router khud sy directly connected router ki information ko save karta hy k us k baraber my kon sa
Router laga hy or us tak janny ki kia information hy ya kia rasta hy. Or Router pher apny us neighbor Router k
interface py jis sy wo connect hota hy us interface py wo HELLO packets ko send karta hy jis sy Router ko pata lagta
rehta hyk us ka neighbor Router UP hy ya down hy essy KEEPALIVE message bhi khty hy. Or ye message her 5
second k bad auto send hoty hy. Or is ka dead timer hota hy 3 time load yani 15 second tak agar hello message ka
response nahi aata hy to router samajh jata hy k us ka nighbor Router down hogaya hy. Or ye HELLO packets bhi
Multicast IP py send hoty hy 224.0.0.10.
(Show ip eigrp nieghbors)
Topology Table:
Topology table my Routers apny pory network diagram rakhta hy or us my sary router ki information hoti hy or pori
topology information bhi save hoti hy. Or EIGRP ka 2nd best path bhi topology table my hota hy.
(Show ip eigrp Topology)
U
Routing Table:
Routing Table my sary Routers ki information hoti hy or best path bhi routing table my hota hy. Router table ko hum
router ka brain khty hy qk router wahi sy sary decision lyta hy.
(Show ip Route)
53
EIGRP Message:
EIGRP 5 tarha k Messages ko send karta hy.
1) Hello Message:
Networks my jab bhi koi update hoti hy tu waha Update message Multicast send kiye jaty hy.
3) Query Message:
Query message my jab best path down hojata hy to router 2nd best path ko up kar dyta hy or pher sy
second best path ko search karny k ley dosray routers ko query message send karta hy or wo dosry router sy
best route ki information k bary my pata karta hy.
4) Rply Message:
Rply message my router Hello message ka rply karty hy hello message sy hi.
5) Acknowledgment Message:
ACK message my router ko jab Update message mil jta hy to router ACK message send karty hy k
unhy update packets mil gaye hy.
U
EIGRP Transport:
Jessy IP ki transport TCP sy guzarti hy Voice ki traffic UDP sy guzarti hy wessy hi EIGRP ki Transport us k apny
protocol RTP (Reliable Transport Protocol) sy guzarti hy. Update Message, Query Message or Rply Message my RTP
use hota hy qk waha sy response milta hy to us ki traffic wow aha sy carry karta hy.
54
EIGRP Matricalculation:
EIGRP 5 chezzo ko use karta hy apni Matricalculation k ley jis sy wo best path wagera ki selection karta hy.
K1
K2
K3
K4
K5
=
=
=
=
=
Bandwidth
Delay
Load
Reliability
MFU
Value 1
Value 1
Value 0
Value 0
Value 0
K1
K2 Bandwidth + K3 Delay
Bandwidth +256 load
K5
256
K4 + reliability
55
kar rahy hy jo over the Internet hoga to waha ap ko IANA sy A.S number Purchase karna parta hy to ussy hum Public
A.S khty hy. Or is ki range 1 to 65535 tak hoti hy or hum 1 A.S my Maximum 255 Router laga sakty hy.
EIGRP Authentication:
EIGRP Authentication k ley MD5 yani (Message Digest 5) Algorithm ko use karta hy jis my us ka password encrypted
ho k Hash value my change hojata hy hash value encrypted hoti hy or jab ye hash value dosry Router k hash value sy
match hoti hy jabhi data flow hota hy warna nahi.
56
NOTE:
To yaha tak janny k ley 3 path ussy mil rahy hy tu router sub sy lowest metric k path ko as Best Path consider kary ga
or wahi sy data send kary ga. Or is ka Feasible Distance hoga 50 Right to ab hum dekhty hy k is ka second best path
kon bannye ga to second best path banny k ley condition ye hy k jis router ka A.D means (Advertise Distance) lowest
hoga best route k F.D (Feasible Distance) sy to wo second best banny ga jo is case my Router 2 hy qk is ka A.D lowest
hy best route k F.D sy.
To jab bhi hum unequal load balancing ki bat karty hy tu hum sirf feasible successor path ko hi consider karty hy
unequal cost load balancing k ley. To hum kia karty hy yaha py k jo variance ki value hy wo by default 1 hoti hy to
agar my variance ki value ko barha k kar do 2 kar do or pher ussy multiply kardu Rotuer 1 ki metric sy jo hamara best
path hy to variance ki value kitni aye gi 100 Right. To ab kia hoga hammary essy path jin ki metric 100 sy kam hy to
wo outh k routing table my chaly jaye gy. Jis sy Load balancing start ho jaye gi variance value ko hammy itna barhana
hota hy k hamara jo second route hy us ka F.D sy lowest hojaye successor Route k F.D sy. jabhi hum ny variance ki
value 2 consider ki thi takky 50 ko cross kar k wo 100 hojaye means multiply k bad or pher Router 2 ki Matric us sy
kam hojaye taky wo Route oth k Routing table my aajye or load balancing start hojaye. Agar hum essa nahi karty to
Router 2 wessy bhi hamara 2nd best path tha per wo load balancing nahi kar raha tha qk wo routing table my nahi tha
wo topology table my tha qk 2nd best path topology table my hoty hy routing table my nahi to jabhi hum unequal load
balancing k ley variance command ko use karty hy or us ki metric ko multiply kar k highest karty hy taky 2nd path
topology table sy oth k router table my aajye. Or hamesha feasible successor hi topology table sy oth k routing table
my aty hy koi or router nahi or hum Maximum 16 path ko routing table my la k load balancing kara sakty hy.
57
EIGRP Commands:
Adding networks for EIGRP on Router R1:
R1(config)#router eigrp 100
R1(config-router)#network 10.0.0.0
R1(config-router)#network 192.168.1.0
R1(config-router)#no auto-summary
R1(config-router)#exit
Note: All directly connected networks will be issued in the router eigrp mode. Autonomous System number must be
same on all the routers in the network.
OSPF Protocol
Concept:
58
OSPF Protocol Concept:
OSPF (Open Shortest Path First) open standard protocol hy hum essy kessi bhi Router py run kar sakty hy chahye 1
taraf Juniper ho or 1 taraf CISCO k routers ho OSPF run kar jaye ga. OSFP bhi EIGRP ki tarha Classless routing
protocol hy. EIGRP matric calculation ko use karta hy best path calculate karny k ley or OSPF links ki cost ko use
karta best path calculate karny k ley.
OSPF link state routing protocol hy or ye SPF (Shortest Path First) algorithm ko use karta hy best path ko calculate
karny k ley k pory network my sy best path kon sa hoga. Link state routing protocol router ki information ko get karty
hy us k network structure sy.
Quick View:
1)
2)
3)
4)
5)
6)
7)
8)
Open Standard.
Only IP base routing not IPX or Apple TAC like EIGRP.
Classless routing protocol.
Support VLSM.
Link state routing protocol.
No Feasible Successor.
No unequal load balancing.
OSPF Cost based upon bandwidth.
OSPF Routers aappas my Hello Message ko send karty hy apni neighbor relationship ko build karny k ley. Her 1 router
apny neighbor router ko learn karta hy us ki RID sy yani Router ID or us ki Cost sy. Or wo uski neighbor information
ko save rakhta hy apny Adjency Database my.
IMPORTANT POINT:
Neighbor table ko OSPF my Adjency database khty hy.
OSFP my Topology Table ko LSDB yani Link State Database khty hy qk is my topology same nahi hoti her
area my 1 alag topology hoti hy.
Her router SPF algorithm ko use karta hy best path ko calculate karny k ley or jab wo best path search kar lyta
hy to wo ussy apny Forwarding database my move kar dyta hy. Routing Table ko OSPF my Forwarding
Database khty hy.
U
59
OSPF Features:
1) Link State Protocol.
2) Routing Table is to short qk her area my sirf apny hi routes show hoty hy.
3) Router 1 to just Router 1 information and Router 2 to Router 2 information yaha her router apna separate
routing table banata hy or just ussi ki information rakhta hy sary routers ki nahi.
4) Update Customize yani jis Area my changing hoi hogi updates sirf ussi Area Flood hogi bakki k Areas my
nahi.
OSPF Areas:
Several Types of Ares in OSPF.
Backbone Area:
Area 0 hamara Backbone Area khelata hy jo k sary Areas sy connected hota hy.
Regular Area:
Wo Routers jo backbone area my nahi hoty wo regular area my hoty hy like Area 1 or area 2 or in k database my
Internal routes bhi hoty hy or External routes bhi.
Stub Area:
Stub Area k database my sirf default routes hoty hy or internal routes ki information hoti hy.
60
Virtual Links : Essy Router jo k direct connect nahi ho sakty Backbone Area sy to essy my hum ABR router per Virtual
Links create karty hy or then pher unhy Backbone Area sy connect karty hy. But that is a temporary
solution.
61
On Router 3
R3(config-router)# router ospf 1
R3(config-router)# area 1 virtual-link 10.10.10.10
Verify Virtual-links
R3# show ip ospf virtual-links
U
sary Interfaces ko 1 hi Area my rakhy or Link state database maintain kary sirf
Backbone Routers at
62
LSA Operation:
Her LSA 1 sequence number k sath hoti hy or 1 time k bad auto send hoti hy or iska default timer 30 minute hota hy.
Her router 30 minute k bad LSA ko send or dosray routers sy Receive bhi karty hy. Jab routers LSA ko receive karty
hy to pher wo ussy apny LSDB sy compare karty hy agar wo LSA new hoti hy to wo ussy apny LSDB py save/add kar
lyty hy or pher SPF algorithm ko run karty hy. Agar router k pass uski router ID phly sy hi hoti hy to wo pher LSA ka
sequence number apny oldest LSA k sequence number k sath match karta hy or then changing karta hy agar wo new
hoti hy to wo porani LSA ko discard kar k new LSA ko update kar lyta hy.
63
64
Hello Message:
Update Request jab send hoti hy network my to jab LSR Message Flood hoty hy.
Database Description:
Is Message my database ki pori summary hoti hy. Including Router ID or her LSA ka sequence number
bhi hota hy us k LSDB my.
Is message my network ki Update information send hoti hy like topology information router ID or
neighbor Router RID or us ki cost. Or 1 LSU apny ander multiple LSAs ko contain kar sakti hy.
(LSA ack) ye Message sary Routers send karty hy jab bhi un ko koi OSPF ka packet milta hy.
including Hello Message.
65
Area ID
Router Priority
DR Router or BDR Router ID authenticate ID.
Packet State
NOTE:
OSPF Traffic Multicast hoti hy 2 addresses py OSPF k jo sary Routers hy wo Packet ko Multicast karty hy 224.0.0.5
address py or OSPF my jo Designated Router hoty hy wo message ko Multicast karty hy 224.0.0.6 address py.
Jab Link Down hota hy or Hello Message bhi sent nahi howy hoty.
Init State
Jab Routers apny sary interfaces py Hello Messge ko Send kar raha hota hy.
Two-way State:
Jab Router Hello Message ko receive karty hy dosray router sy jis my us ki Router ID bhi hoti
hy Or agar sari requirements pori hoti hy routers Neighbors ban jaty hy.
Exstart State
Jab Router apny Routes ko exchange karta hy to wo ye dekhta hy k kis ny phly exchanging
process start kia hy.
Loading State :
Full State
Jab router k database my us k neighbor ki sari information hoti hy to wo Full State my hota hy.
66
R1(config)# router ospf 8
R1(config-router)# network 192.168.1.0
R1(config-router)# network 172.16.1.0
0.0.0.255 area 0
0.0.0.255 area 1
us k bad ap kessi single interface py bhi OSPF ka process run kar sakty hy like.
R1(config)# int s0/0/0
R1(config-router)# ip ospf 8 area 0
And if you want to clear OSPF process the command is.
R1(config)# clear ip ospf process *
Configure Virtual interface ya Loopback Interface command is.
R1(config)# interface loopback 0
R1(config-router)# ip address 10.0.0.1 255.255.255.0
If you want to change a Rotuer ID so command is.
R1(config)# router ospf 8
R1(config-router)# router-id 10.0.0.1
(This command also show the Designated Router & Backup Designated Router)
if you want to see the OSPF route table the command is.
R1# show ip route
& if you want to filter the Routing Table & show only that routes who learn OSPF Process the command is.
R1# show ip route ospf
If you any routing protocol issue. Use this command to verify parameters, timer values, identified network, and
OSPF Neighbor (routing information source) the command is.
R1# show ip protocol
If you want to see the Router ID timers & counters the command is.
R1# show ip ospf
67
If you want to see all OSPF interfaces the command is.
R1# show ip ospf interfaces
DR Router
=
BDR Router
(if priority is same so the 1st higher IP is DR router & 2nd higher IP is BDR Router)
(Router ki priority set karny k bad OSPF process ko clear kary gy taky sary router pher sy OSPF k process ko
run kary or New DR router ko select kary)
(Agar apni marzi sy DR Router bannana ho tu us router ki priority increase kar dygy jaissy DR Router bannana
hu)
(Or agar hum kessi Router ki priority 0 kar dy gy to wo router na to kabhi DR router bannye ga or na hi BDR
Router banny ga wo as a Other Router hi act kary ga)
If you want to set a priority on DR router so command is.
R1(config)# int fa0/1
R1(config-router)# ip ospf priority 2
68
Network Security
U
Contant
Page.No
Port Security:
58
59
60
Types of ACL?
1)
Standard ACL?
o Where to apply standard ACL?
o Important for standard ACL?
Extended ACL?
61
o Where to apply Extended ACL?
o Advantage of Extended ACL direct HTTP Block? 62
o Advantage of Extended ACL direct TELNET Block?
Named ACL on Cisco Router?
o Benefit of Named ACL?
o Criteria Of Applying ACL?
o Selection of ACL?
o Direction & Action of ACL?
o In Bound?
o Out Bound?
63
64
69
65
NAT Overview?
Types of NAT?
o Static NAT?
o Dynamic NAT?
o NAT over Loading / PAT?
NAT Terminology?
o Inside Local?
o Inside Global?
o Outside Local?
o Outside Global?
o
66
What is Port
70 Security:
Port Security:
Port security 1 essa feature hy cisco switches my jis sy ap apny network environment ko secure kar sakty hy. Is feature
ko apply karny k bad switch sirf unhi computer ko recognize karta hy jis ko hum allow karty hy. Or agar us computer k
elawa koi unknown computer agar us switch ki port py connect hota hy tu switch us port ko auto hi shutdown yaw o
action perform karta hy jo hum manually set karty hy. Port security computer k MAC address py lagayi lagti hy jis sy
switch sirf unhi computers ko network sy connect karta hy jis MAC address sy us port ko bind kia jata hy. Ya essa
samjh ly k wo computer jo us swtich ki port sy connect hota hy jo ussy assign ki gai hy.
Port Security network administrator ko security k kuch modes allow karti hy jo bhi action network administrator us
port py set karta hy port wohi action unknown computer k connect hoty hy perform karti hy is chez ko hum violation
kehty hy.
Shutdown:
Agar switch py port security enable hy or us py violation mode shutdown set hy to Shutdown mode jessy hi koi
unknown computer hamary network sy connect hony ki koshish karta hy to switch us port ko shutdown kar dyte hy or
us unknown computer ko network py nahi any dyta. Is violation ka disadvantage ye hy k ye port agar shutdown hogai
tu essy manually network administrator ko commands dy k up karna parta hy. Ye khud sy up nahi hoti.
Restricted:
Restrict mode my jessy hi unknown computer network sy connect hota hy to network administrator ko notification mil
jata hy. Or switch koi new MAC address learn nahi karta agar us ko koi new MAC address milta bhi hy to switch us
MAC address ko discard/ignore kar dyta hy.
Protect:
Protect mode my switch sirf ussi computer ko allow karta hy jis ka mac address ussy pta hota hy new computer milty
hi wo port ko auto shutdown kra dyta hy. Ye same shutdown mode ki tarha hy but is ka advantage ye hy k is my jessy
hi wo computer dobara is port k sath connect hota hy or ussy wo porana MAC address milta hy to switch auto hi us
port ko again up kar dyta hy administrator ko manually commands sy up nahi karna parta.
---------------------This Book is written by Fayyaz Ahmed---------------------
71
U
CISCO>enable
CISCO # configure terminal
CISCO(config)#interface fa0/1
CISCO(config-if)#switchport mode access
CISCO(config-if)#switchport port-security
CISCO(config-if)#switchport port-security mac-address sticky
CISCO(config-if)#switchport port-security maximum 1
CISCO(config-if)#switchport port-security violation shutdown
CISCO(config-if)#exit
CISCO(config)#interface fa0/2
CISCO(config-if)#switchport mode access
CISCO(config-if)#switchport port-security
CISCO(config-if)#switchport port-security mac-address sticky
CISCO(config-if)#switchport port-security maximum 1
CISCO(config-if)#switchport port-security violation shutdown
CISCO(config-if)#exit
Access Control
List:
72
Standard ACL:
Standard ACL my hum filtering kar sakty hy base upon the Source IP Address matlab kessi bhi computer ki IP dy
kar us ki Traffic k access ko block kai ja sakta hy. Standard ACL my hamy control bhut kam milta hy hum is py hum
blocking kar sakty but sirf us computer ki source IP py k Traffic kis IP sy aarahi hy kis Traffic py jaraha hy us py nahi.
To yaha hammy is ka bhut bara disadvantage face karny ko milta hy qk hum Router k interface py is source IP ko
block to kar dyty suppose k ye PC hamary Server ko access na kar saky to is condition my hum ny 1 ACL laga di or us
computer ki Source IP waha define kar di to Disadvantage ye hoga k pher wo PC server ko access nahi karye ga qk
ACL Apply hy per wo PC us k sath sath waha rakhy kessi Computer ko bhi Access nahi kar paye. jo k important hy qk
Standard ACL to Source IP dekh rahi hy Destination nahi ussy sirf ye pata hy k kis IP k Traffic ko block karna hy ye
nahi pata k kis k ley block karna hy to essy my wo us sub computer k ley us ki PC ki Traffic ko Block kar dygi jo
Router k dosray End py hy qk waha Router us packet ko filter kary ga or dekhy ga ACL hy sirf Source IP to waha wo
us IP ki sari Traffic ki Discard karta rahy ga or Traffic aggy pass nahi kary ga to essi ley hammy Router ki Selection
bhut dekh k karni parti hy matlab k wo Router hamry network per to hu per Client side sy na connect hu warna Client
side ki bhi Traffic Block hojaye gi hammy Router ko Select karna hoga jo k Server Side py laga ho qk wahi ki traffic
ko Block karna hy. TO essi ley hum zada tar Extended ACL ko Use karty hy qk waha hum pher Source or Destination
IP donu bataty hy manually to waha itni problem nahi hoti Per Router Selection waha bhi bhut important hy. ACL my
hum 1 single IP ko bhi Block kar sakty hy ACL ki 1 Statement sy pory Network ki IP ko bhi block kia ja sakta hy agar
us Source IP my apny Pory Network ki IP lekh dy ya Range define kardy like 192.168.0.10/20 Deny is tarha sy to 10
sy ly kar 20 tak k PC ki Traffic Block hojaye gi 1 single Statement sy. Or is tarha k Range PC ko Block karny k ley
hum use karty hy Wildcard Mask.
Range of Standard ACL is 1 to 99
&
Matlab hum jo bhi statement configure kary gy Router per us k statement number ki range 1 sy ly kar 99 tak hogi or
hum 1 hi statement per different actions laga sakty hy. Matlab k statement ka number 1 hi rahy or us py action change
ho yani Deny or Permit.
Where to Apply standard ACL?
73
Extended ACL:
Extended ACL is good for implementation because Extended ACL my hum filtering kar sakty hy base upon the.
1)
2)
3)
4)
Source IP Address.
Destination IP Address.
Protocol Base Blocking like HTTP, FTP, ICMP, UDP, TCP.
Blocking via Port Number.
To is my hammy control bhut zada milta hy is ley ye zada use hoti hy or ye 2nd type hy hamari ACL ki.
Range of Extendard ACL is 100 to 199 &
74
Phla advantage to hammy ye milla k hum direct hi us ki Destination IP ko Block kar sakty hy sirf ussi PC k ley or
bakki ki Communication permit hi rahy gi or bs us Destination Ip k ley hi deny hojaye gi.
2nd Advantage of Extended ACL:
Dosra advantage hammy ye milla Extended ACL ka k hum protocol base blocking bhi kar sakty hy jessy koi ping na
kar saky to waha hum ny ICMP ko Deny kar diya. Or 2nd k koi Browsing na kar saky to waha hum ny port number 80
dy HTTP ko Block kar diya matlab pori connectivity nahi block hoi just protocol ko block kia jo hum chaty thy.
Configuration Deny HTTP Protocol in Extended ACL:
Router(config)# Access-list 100 deny ICMP host 192.168.0.2 host 192.168.0.10
(1st Source & 2nd Destination IP)
Router(config)# Access-list 100 deny tcp host 192.168.0.3 host 192.168.0.10 eq 80 (HTTP Protocol Blocking here)
Router(config)# Access-list 100 Permit ip Any Any
Router(config)# int fa0/0
Router(int-config)# ip access-group 100 in
Router(int-config)# exit
Is Configuration mai problem ye hy k hum ny Telnet ko is my block kia per is my Problem ye hy agar is router my koi
Dosra interface Up hoga to waha sy Telnet hojaye ga wo kessi dosray interface sy telnet ka console ly lyga to agar
hammy Telnet rokna hoga to hum pher 1 Statement configure kary gy or pher waha us interface ki destination IP ko
configure kary gy to ye koi good solution nahi hy matlab Router per jitney bhi interfaces hongy hammy utni hi
Statement Again & Again Configure karni pary gi Telnet ko block karny k ley.
Configuration Deny Telnet Protocol in Extended ACL:
Router(config)# Access-list 100 deny tcp host 192.168.0.3 host 192.168.0.10 eq 23
Router(config)# Access-list 100 Permit ip Any Any
Router(config)# int fa0/0
Router(int-config)# ip access-group 100 in
Router(int-config)# exit
75
Bajaye is k k hum her interface per blocking kary telnet ki 1 simple or best way ye hy k hum us line ko hi block kar dy
jaha telnet use hoti hy or wo line hy line vty jaha telnet use hoti hy to best way ye hy k hum us Router per us line ko hi
Deny kar dy to jitney bhi interfaces hongy us Router per sub py auto hi Telnet deny hojaye ga.
Configuration Deny Telnet Protocol in Extended ACL in Best Way:
Router(config)# access-list 1 deny host 192.168.0.1
Router(config)# access-list 1 permit any
Router(config)# line vty 0 4
Router(config)#access-class 1 in
76
Router(int-config)# ip access-group Blocking-List in
Router(int-config)# exit
Note That:
Cisco ny named ACL my her ACL ko 1 number diya hy wo jab hum Show access-list ki command chalaty hy to
hammy wo number dekhty hy. or ye 10 sy start hoty hy or aagyee barhty jaty hy. Ye gape is ley hota hy taky agar
hammy koi statement bad my add karani hoi to hum us sy phly ka number use kar k us statement ki placement waha
kar sakty hy agar hum essa nahi kary gy or koi statement configure kar dygy to wo statement us list k last my ja kar lag
jaye gi jo permit statement k bad hogi or ussy number bhi us k bad ka hi milly ga to wo run nahi hi hopaye gi essi ley
hummy number bhi ussi gape ko use karty howy dyna hota hy jaha hammy wo statement place karni hu jaisy my ny
oper diya hy 10 or 20 k bech ka number taky wo statement jo my ny bad my configure ki hy wo waha ja k place ho
saky.
Configuration Of Named ACL for Extended ACL:
Router(config)# ip access-list extended Blocking-HTTP
(Blocking-HTTP is the Name of ACL)
Router(config-etd-nacl)# deny tcp host 192.168.0.1 host 192.168.0.10 eq 80
Router(config-etd-nacl)# Permit any
Router(config)# int fa0/0
Router(int-config)# ip access-group Blocking-HTTP in
Router(int-config)# exit
Meaning
Equals to
Not equals to
Less Then
Greater Then
Range of port Numbers
77
Selection of ACL:
1) Step k kon sy Router py ACL lagani hy agar ap k Network my multiple Router hy to phly to Router ki selection
hogi k kon sa router py ACL Apply karni hy.
2) Step k us Router k kon sy interface py ACL ko Apply karna hy like agar apky Rotuer per Multiple Ports hy to
waha apko ye bhi dekhna hoga k Router k kis interface py ap ACL ko Apply karo gy.
Means traffic jaha sy aarahi hu agar wo side Block karni hy tu waha hum InBound Direction ko use karty hy
ACL Apply karny k ley. Inbound direction ki ACL work karti hy Routing Decision sy phly. Jab koi bhi packet
Router py in hota hy to phly wo ussy match karta hy apni Routing table my or pher ACL statement ko check karta
hy k wo Deny hy ya Permit Deny hota hy Packet Discard kar dyta hy or Permit hota hy to Packet aagye Forward
kar dyta hy.
2) Out Bound:
Means traffic jaha sy Bahar ja rahi hu us side py Blocking lagany k ley hum Outbound Direction ko use karty hy
ACL Apply karny k ley. Or outbound direction ki ACL work karti hy Routing Decision k Baad.
Router k her (1) Single interface py hum sirf (2) ACL ko hi use kar saty hy wo bhi jab un donu ki directions different
hu yani 1 interface py 1 hi ACL lagi ho. incoming Traffic ko Block karny k ley or 1 ACL lagi hu Outgoing Traffic ko
Block karny k ley. Wo bhi jab agar hum 1 hi protocol ko use kar rahy hy blocking k ley like TCP is IP base. Ap
multiple statement k numbers same rakh sakty hu like statement 1 my hi bhut sari statement bana sakty hy per jab ap us
ko interface py configure karty hy to waha us k group py ap bs 1 hi action use kar sakty hy ya to inbound ya pher
outbound.
Network Address
Translation:
78
Static NAT:
Static NAT my network administrative khud sy IP ki mapping karta hy k agar Source IP ye hy to is ko translate kar k is
ki public IP ye hojaye is tarha wo sari IP khud sy configure karta hy manually. To yaha py 1 to 1 mapping hoti hy
matlab k her 1 private IP k ley 1 public IP or ye IP us k sath permit yani bind hojati hy. Example jessy mery pass Web
server rakha hy or my cha raha hu k wo internet py access ho saky tu my 1 IP purchase kar k apny server ki private IP
ko us Global IP k sath mapping kara do ga. one to one mapping Jitney computer utni hi IPs.
Dynamic NAT:
Dynamic NAT my hum 1 pool create karty hy or us my public IPs ko configure kar dty hy to jab koi computer internet
py janny ki request send karta hy router ko to router us computer ki exiting IP ko hide kar k ussi pool my sy 1 public IP
assign kar dyta hy. Is ki range hy k ap dynamic NAT my sirf 50 IPs ka pool bana sakty hy. difference ye hy k bs is my
hammy static NAT ki tarha one to one mapping nahi karni parti just one time pool create karna hota hy or IPs auto us
pool my sy assign hoti rehti hy.
79
NAT Terminology:
Inside Local:: matlab jo apka private network hy wo apka inside local address hota ga.
Inside Global: matlab jo public address humny apni private IP k sath map kar k rakha hy.
Outside Local : jis server ko ap access kar rahy hu agar us py bhi tranlate hoi ho gi to us k bhi 2 address hogy
Outside Global: agar wo server jis ko hum access kar rahy hy us py koi translation nahi hogi to us k address
LAB: Static
NAT
---------------------This Book is written by Fayyaz Ahmed---------------------
80
Configuration R0
Router#configure terminal
Router(config)#ip nat inside source static 10.0.0.1 172.16.1.3
Router(config)#interface f0/0
Router(config-if)#ip nat outside
Router(config-if)#ex
Router(config)#interface f0/1
Router(config-if)#ip nat inside
Router(config-if)#exit
81
Ping from pc 1 to server 1 after that run the show command Router(config)#do sh ip nat translation
Pro
icmp
icmp
icmp
icmp
icmp
Inside global
172.16.1.3:1
172.16.1.3:2
172.16.1.3:3
172.16.1.3:4
172.16.1.3:5
Inside local
10.0.0.1:1
10.0.0.1:2
10.0.0.1:3
10.0.0.1:4
10.0.0.1:5
Outside local
200.1.1.1:1
200.1.1.1:2
200.1.1.1:3
200.1.1.1:4
200.1.1.1:5
Outside global
200.1.1.1:1
200.1.1.1:2
200.1.1.1:3
200.1.1.1:4
200.1.1.1:5
82
Router(config)#ip nat pool abc 172.16.1.3 172.16.1.4 netmask 255.255.255.0
Router(config)#ip nat inside source list 10 pool abc
Router(config)#access-list 10 permit 10.0.0.0 0.0.0.255
Router(config)#interface f0/0
Router(config-if)#ip access-group 10 out
Ping from Pc1 & from Pc2 but not from Pc3
Router# show ip nat translations
Pro Inside global
tcp 172.16.1.3:1025
tcp 172.16.1.4:1025
LAB: PAT Objective: To Show Translation from One Public Ip Address to Many Private Ip
Address by Implementing Pat
83
Configuration on R1
Router(config)#ip nat pool abc 172.16.1.3 172.16.1.3 netmask 255.255.255.0
Router(config)#ip nat inside source list 10 pool abc overload
Router(config)#access-list 10 permit 10.0.0.0 0.0.0.255
Router(config)#interface f0/1
Router(config-if)#ip nat inside
Router(config-if)#ex
Router(config)#interface f0/0
Router(config-if)#ip nat outside
Router(config-if)#ex
Router(config)#ip route 0.0.0.0 0.0.0.0 f0/0
84
Page.No
72
HSRP Overview?
Router Modes in HSRP?
o Active Router?
o Standby Router?
o Listening Router?
Selection of Active Router?
HSRP States?
o Disable
o INIT
o Learn
o Listen
o Speak
o Standby
o Active
Lab of HSRP
73
VRRP Topics:
VRRP Overview?
VRRP Features?
75
GLBP Topics:
GLBP Overview?
GLBP Features?
77
86
HSRP States:
Disable: Suppose bhut sary routers hamary 1 hi group my chal rahy hy to active or standby router ko hata k hum baki
k routers ki port hum shutdown kar dyty hy to us condition my un routers per HSRP Disable mode my hota hy.
INIT : jab hum us group my koi new router lagaty hy or us ki ports ko up karty hy then jab HSRP INIT mode my
hota hy. This is a starting state when an interface is first boot up.
Learn : jab routers on hoty hy or active router sy hello message ko learn kar rahy hoty hy.
Listen : jab router us hello message ko learn kar lyta hy tu tab wo listening mode my hota hy or virtual IP ko listen kar
rahy hoty hy.
Speak : jab router pori tarha sy up ho jata hy learning or listening state sy agye barh jata hy jab wo speak mode my
aajata hy or Hello message ko apny neighbor router k sath share karna start kar dyta hy.
Standby: ab router finally ye decide karta hy k ab mujhy standby router banna hy ya active router. Agar us sy highest
IP ya priority ka router network my mojood hota hy tu tab wo standby mode my chala jata hy.
Active : yaha router un sub state ko cross kar k finally active mode my aajata hy or active state my act karta hy.
LAB: Hot Standby Router Protocol (HSRP): Objective: How to show Redundancy by using
HSRP
87
Configuring WAN-RT:
WAN-RT(config)#interface Loopback0
WAN-RT(config-if)#ip address 200.0.0.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/0
WAN-RT(config-if)#ip address 172.16.2.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/1
WAN-RT(config-if)#ip address 172.16.1.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#router rip
WAN-RT(config-router)#version 2
WAN-RT(config-router)#network 172.16.0.0
WAN-RT(config-router)#network 200.0.0.0
WAN-RT(config-router)#no auto-summary
WAN-RT(config-router)#exit
Configuring Master-RT:
Master-RT(config)#interface FastEthernet0/0
Master-RT(config-if)#ip address 10.0.0.10 255.255.255.0
Master-RT(config-if)#standby 1 ip 10.0.0.100
Master-RT(config-if)#standby 1 priority 110
Master-RT(config-if)#standby 1 preempt
Master-RT(config-if)#standby 1 track FastEthernet0/1
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit
Master-RT(config-if)
Master-RT(config )#interface FastEthernet0/1
Master-RT(config-if)#ip address 172.16.1.2 255.255.255.0
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit
Master-RT(config)#router rip
Master-RT(config-router)#version 2
Master-RT(config-router)#network 10.0.0.0
Master-RT(config-router)#network 172.16.0.0
Master-RT(config-router)#no auto-summary
88
Configuring Backup-RT:
Backup-RT(config)#interface FastEthernet0/0
Backup-RT(config-if)#ip address 10.0.0.9 255.255.255.0
Backup-RT(config-if)#standby 1 ip 10.0.0.100
Backup-RT(config-if)#standby 1 priority 95
Backup-RT(config-if)#standby 1 preempt
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#interface FastEthernet0/1
Backup-RT(config-if)#ip address 172.16.2.2 255.255.255.0
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#router rip
Backup-RT(config-router)#version 2
Backup-RT(config-router)#network 10.0.0.0
Backup-RT(config-router)#network 172.16.0.0
Backup-RT(config-router)#no auto-summary
VRRP:
VRRP (Virtual Router Redundancy Protocol) ye protocol IETF ny developed kia tha 1999 my open standard protocol
hy or iska RFC hy 2338. HSRP k bad IETF ko 5 saal lagyee essa protocol developed karny my jo HSRP ki tarha
redundancy kar saky but wo industry standard hu matlab k essy sary vender use kar saky to VRRP 1 essa protocol jo
cisco k elawa other vender k routers per bhi run ho sakta hy. Is ka benefit hi ye howa k agar 1 router cisco company ka
hy or dosra router kessi or vender ka hy to hum waha bhi VRRP ko run kar sakty hy gateway redundancy k ley. Or is
ka 2nd benefit ye hy k ye HSRP sy fast hy is ka hello timer hy 1 second or dead timer hy 3 second to is ki conversion
bhi HSRP sy fast hy.
VRRP Features:
1)
2)
3)
4)
5)
6)
7)
8)
The router with the highest priority becomes the Master Router.
All other router becomes backup Router.
By default, the virtual MAC address is 0000.5e00.01XX, where xx is the hexadecimal VRRP group number.
Hellos are send 1 second by default.
VRRP hellos are sent to multicast address 224.0.0.18 using UPD port 112,
In VRRP preempt by default.
Group Range 1 to 1024
In VRRP cannot track the interface.
89
LAB: Virtual Router Redundancy Protocol (VRRP) Objective: How to show Redundancy
by using VRRP
Configuring WAN-RT:
WAN-RT(config)#interface Loopback0
WAN-RT(config-if)#ip address 200.0.0.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/0
WAN-RT(config-if)#ip address 172.16.2.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/1
WAN-RT(config-if)#ip address 172.16.1.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#router rip
WAN-RT(config-router)#version 2
WAN-RT(config-router)#network 172.16.0.0
WAN-RT(config-router)#network 200.0.0.0
WAN-RT(config-router)#no auto-summary
WAN-RT(config-router)#exit
Configuring Master-RT:
Master-RT(config)#interface FastEthernet0/0
Master-RT(config-if)#ip address 10.0.0.10 255.255.255.0
Master-RT(config-if)#vrrp 1 ip 10.0.0.100
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit
90
Master-RT(config-if)
Master-RT(config )#interface FastEthernet0/1
Master-RT(config-if)#ip address 172.16.1.2 255.255.255.0
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit
Master-RT(config)#router rip
Master-RT(config-router)#version 2
Master-RT(config-router)#network 10.0.0.0
Master-RT(config-router)#network 172.16.0.0
Master-RT(config-router)#no auto-summary
Configuring Backup-RT:
Backup-RT(config)#interface FastEthernet0/0
Backup-RT(config-if)#ip address 10.0.0.9 255.255.255.0
Backup-RT(config-if)#vrrp 1 ip 10.0.0.100
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#interface FastEthernet0/1
Backup-RT(config-if)#ip address 172.16.2.2 255.255.255.0
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#router rip
Backup-RT(config-router)#version 2
Backup-RT(config-router)#network 10.0.0.0
Backup-RT(config-router)#network 172.16.0.0
Backup-RT(config-router)#no auto-summary
GLBP:
GLBP (Gateway Load Balancing Protocol) Cisco propriety protocol hy cisco ny eak or redundancy protocol developed
kia 2005 my jo gateway ki load balancing kar saky HSRP or VRRP my tu just 1 router hi up hota hy or dosra router
standby py hota hy but GLBP my hamary donu router hi active hoty hy or load balancing provide karty hy. Or aager
essy my donu router my sy koi eak router down ho jata hy tu dosra router as a fault tolerance use hota hy or sari traffic
apny interface sy agye forward karta hy.
GLBP Features:
1) Multicast IP 224.0.0.102
2) Group number 1 to 255
3) All routers are active
91
LAB: Gateway Load Balancing Protocol Objective: How to show Redundancy by using
GLBP
Configuring WAN-RT:
WAN-RT(config)#interface Loopback0
WAN-RT(config-if)#ip address 200.0.0.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/0
WAN-RT(config-if)#ip address 172.16.2.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#interface FastEthernet0/1
WAN-RT(config-if)#ip address 172.16.1.1 255.255.255.0
WAN-RT(config-if)#no shutdown
WAN-RT(config-if)#exit
WAN-RT(config)#router rip
WAN-RT(config-router)#version 2
WAN-RT(config-router)#network 172.16.0.0
WAN-RT(config-router)#network 200.0.0.0
WAN-RT(config-router)#no auto-summary
WAN-RT(config-router)#exit
Configuring Master-RT:
Master-RT(config)#interface FastEthernet0/0
Master-RT(config-if)#ip address 10.0.0.10 255.255.255.0
Master-RT(config-if)#glbp 1 ip 10.0.0.100
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit
---------------------This Book is written by Fayyaz Ahmed---------------------
92
Master-RT(config-if)
Master-RT(config )#interface FastEthernet0/1
Master-RT(config-if)#ip address 172.16.1.2 255.255.255.0
Master-RT(config-if)#no shutdown
Master-RT(config-if)#exit
Master-RT(config)#router rip
Master-RT(config-router)#version 2
Master-RT(config-router)#network 10.0.0.0
Master-RT(config-router)#network 172.16.0.0
Master-RT(config-router)#no auto-summary
Backup-RT(config-if)#exit
Configuring Backup-RT:
Backup-RT(config)#interface FastEthernet0/0
Backup-RT(config-if)#ip address 10.0.0.9 255.255.255.0
Backup-RT(config-if)#glbp 1 ip 10.0.0.100
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#interface FastEthernet0/1
Backup-RT(config-if)#ip address 172.16.2.2 255.255.255.0
Backup-RT(config-if)#no shutdown
Backup-RT(config-if)#exit
Backup-RT(config)#router rip
Backup-RT(config-router)#version 2
Backup-RT(config-router)#network 10.0.0.0
Backup-RT(config-router)#network 172.16.0.0
Backup-RT(config-router)#no auto-summary
Backup-RT(config-if)#exit
93
Network Management
Contant
Network Mangment:
Page.No
78
Syslog Server?
81
DHCP Overview?
DHCP Explain?
Configuration of DHCP server on Cisco Router?
82
SNMP Access:
Read-Only (RO):
Read only my hum sirf MIB variables k database ko sirf read kar sakty hy change nahi kar sakty.
Read-Write (RW):
Provide Read and Write access to all objects in the MIB.
SNMP Configuration:
R1 (config) # snmp-server community string RO|RW (community is kind of string or password)
95
Logging states:
Syslog message k sath 1 number hota hy jo hamary message ki state ko define karta hy jis sy hamy pata lagta hy k agar
message generate howa hy tu is ki state kia hy.
Level
0
1
2
3
4
5
6
States
Emergency
Alert
Critical
Error
Warning
Notification
Informational
Explanations
The system may be unusable.
Immediate action may be required.
A critical event took place.
The router experienced is error.
A condition might warrant attention.
A normal but significant condition occurred.
A normal event occurred.
---------------------This Book is written by Fayyaz Ahmed---------------------
96
7
Debugging
Agar hum chayee to sirf particular states ko bhi monitor kar sakty hy jaisy my cha raha hu k sirf Emergency, Warning
ya Error state k syslog message mujhy show hu tu hum command use karty hy R1(config) #logging trap 4 Trap k
agyee us message state ka number hum configure karty hy to jaissy yaha my ny 4 configure kia hy to mujhy ya 0 sy ly
kar 4 state tk k syslog message show hongy bss Notifications Informational or Debugging k message mujy show nahi
hongy is ka benefit ye hy k my sirf un states ko monitor kar sakta hu jaisy forcelly configure karu ga so that is all about
syslogs.
LAB: SYSLOG OBJECTIVE: To Implement Syslog and to Show The Output it Generates On the
Syslog Server
Configuration on Router
Router>enable
Router#conf t
Router(config)#int fa0/0
Router(config-if)#ip address 10.0.0.1 255.0.0.0
Router(config-if)#no shut
Router(config-if)#exit
Router(config)#int fa0/1
Router(config-if)#ip address 20.0.0.1 255.0.0.0
Router(config-if)#no shut
Router(config)#service timestamps log datetime msec
Router(config)#logging host 20.0.0.2
Router(config)#logging trap debugging
Router(config)#end
*Mar 01, 00:04:47.044: *Mar 01, 00:04:47.044: %SYS-5-CONFIG_I: Configured from console by console Enter
configuration commands, one per line. End with CNTL/Z. 83 Copyright@ CTTC
97
98
99
Transmission Technics:
Page.No
87
Transmission Technics?
Three Types of Transmission Technics?
First how to data transfer one place to another place?
o Simplex:
o Duplex:
Second how to bits transfer in channel?
o Serial Transmission:
o Parallel Transmission:
Third how to sync data between transmitter & receiver?
o Synchronic Transmission:
o A synchronic Transmission:
88
100
Frame Relay:
Frame Relay?
PVC (permanent Virtual Circuit)?
SVC (Switch Virtual Circuit)?
Frame-Relay Mapping?
DLCI Technical detail?
CIR (Committed information rate)?
LAR (Local Access Rate)?
LMI (Local Management Interface)?
LMI Types?
Version IOS?
LMI States?
93
94
95
101
Modes of Transmission:
Three types of Transmission Technics.
First Technic k Data 1 jaga sy dosri jag kessy transfer ho raha hy
Simplex
I.E (keyboard) qk keyboard py hum koi output nahi dekh sakty hum just keyboard ko input dyty hy key press kar k or
or wire k throw wo bits transmission ho k computer tk pouchty hy or hammy screen per show hoty hy. its like simplex
transmission technic jis my bits eak jaga sy move hoky kessi dosri jagga receive hoty hy.
2)
Duplex
Half duplex: Data 1 hi channel mai receive or send hu sakta hy but same time nahi one by one like (wokitoki) Calling.
Full duplex: Data 1 hi channel sy 1 hi time my receive bhi ho sakta hy or send bhi ho sakta hy like (mobile) Calling.
Yaha ye dekha jata hy k 1 hi channel sy 1 jaga sy dosri jaga kitni bits ko transfer ho rahy hy. Is ko hum 2 categories my
divide karty hy like Serial & Parallel.
1) Serial Transmission;
Just 1 bit 1 jaga sy dosri jaga transfer hota hy. Jo data transfer hoga wo bit by bit hoga 1 sath sari bits transfer nahi
hosakti to is type ki communication ko serial type of communication kehty hy. I.E (COM Port).
2) Parallel Transmission;
Jaha 1 sath number of bits transfer ho saky. to is type ki communication ko Parallel type of communication kehty hy
I.E (Parallel Port)
102
1)
Synchronic Transmission;
Synchronic way wo hota hy jaha transmitter or receiver 1 hi sath 1 hi time 1 hi clock or 1 hi interval k bad data send
kar rahy hu. I.E jessy hamary Army man jab PT karty hy to wo 1 hi sath apny pao ko othaty hy pr rakhty hy or sub 1 hi
tarha chal rahy hoty hy to is tarha ki transmission Synchronic transmission khlati hy.
2)
A-synchronic Transmission;
Asynchronic way wo hota hy jaha sender or receiver k darmiyan data transfer karny ka jo interval hota hy wo fix nahi
hota jessi requirement hoti hy data wessy hi move kia jata hy. I.E (Keyboard) hamra jab dil karta hy hum button press
Address Resolution Protocol:
karty hy koi fix time nahi hy k itny time button dabana hy or 1 sath dabana hy.
103
ARP packet hamesha broadcast hota hy jab bhi hum kessi computer ko ping karty hy us ki network connectivity ko
check karny k ley tu PC ko nahi pata k IP kiaa hy ussy apna MAC address pata hy so ARP karta ye hy k computer
ki IP ko us computer k MAC address my resolve kar dyta hy taky switch py connectivity easily ho saky. In short
ARP resolve the IP address into Computer MAC address.
2) Proxy ARP (PARP)
Routers Lan ki broadcast ko agyee forward nahi karta qk wo Lan py broadcast ko restrict karta hy essy my agar
hammy kessy different network sy communicate karna ho tu Router apna MAC address laga k us request ko agyee
forward karta hy or communication karwata hy ye process Proxy ARP kehlata hy. Qk router different network py
communicate karty waqt apna MAC address laga k sary packet send kar raha hota hy.
3) Gratuitous ARP (GARP)
Gratuitous ARP matlab jab hum apny network py kessi computer ko ya router ko same IP address dobara dyty hy
by mistake to GARP hammy notify karta hy k ye Ip address phly sy kahi use ho rahi hy GARP jab hum same IP
dyty hy to ussy notify karta hy.
4) RARP (Reverse ARP)
Reverse ARP like essy hum u samjhty hy k jab hum internet py search karty hy google.com to yaha computer ko
sirf us ka MAC address pata hota hy Google ka IP address nahi pata hota to essy my RARP ka packet send hota hy
to reverse ARP MAC address ko IP address my resolve karta hy or communication karata hy.
5) Inverse ARP (IARP)
Inverse ARP layer 2 address ko layer 3 address my resolve karta hy. Frame Relay inverse ARP ko use karta hy.
104 Protocols:
WAN Encapsulation
WAN Technologies:
WAN Technology ko use karty howy hum kuch Protocols or kuch ways/line ko use karty hy.
1) PPP
2) HDLC
105
Packet Switching:
Packet Switching Wan network yani ISP k Network my use hoti hy qk waha hamara packet multiple routers or
different switches k ho k agye forward hota hy so its like a packet switching.
Circuit Switching:
Packet switching my tu hamary packets multiple router sy forward hoty hy but Circuit switching 1 specific path define
hota hy 1 circuit design hota hy jis sy sary packets us 1 hi circuit sy ho k agyee forward hoty hy eak road map k throw.
WAN Technology\Terminology:
106
CSU\DSU Device:
CSU (Channel Service Unit) DSU (Data Service Unit) ye na to hamara source point hy or na hi destination point hy ye
bs 1 bridge hy jo hamari WAN sy communication karwata hy. WAN sy jo bhi hum connection lyty hy wo direct hum
apny router per terminate nahi kar sakty hum us link ko CSU\DSU device sy connect karty hy or pher hum ussy apny
router sy connect karty hy to CSU\DSU device hamay WAN sy connect karti hy like a modem. Jessy ISP ka
connection hamary pass aaya ab ya tu wo hamary modem sy connect hoga ya pher router sy connect hoga agar
CSU\DSU sy connect hoga tu digital circuit hona chayee or agar analog hy tu modem k thorw connect hoga or ab
modem sy 1 cable aaye gi jessy hum serial cable kehty hy or jo cable ISP hamay provide kary ga wo bhi 1 special
cable hoti hy jis my RJ48 connector use hota hy wo connect hota hy hamary CSU\DSU ya modem sy qk router direct
in signals ko nahi samajh sakta jabhi hum is device ko use kary gy or pher waha sy serial cable hamary router sy
connect hogi or pher LAN sy so that is all about CSU\DSU.
107
WAN Encapsulation Protocol Physical or Data link layer py perform hoty hy is ka matlab k jo ap ny frame send kia hy
wo is way my WAN connection sy send ho k destination my pouchye ga.
PPP Authentication:
1) PAP (Password Authentication Protocol):
PAP protocol my hamara username or password plan text my hota hy or routers password match karty hi data ko
send karna start kar dyty hy essi ley PAP zada Secure nahi hy.
108
CHAP my password Encrypted hota hy or Hash value my convert ho jata hy or jab tk routers us hash value ko
match na karly jab tk data send nahi karty routers phly hash value ko match karty hy or pher us k bad three way
handshake ka process run karty hy us k bad data ko send karty hy essi ley CHAP kafi secure hy as compare to
PAP.
Configuring R1:
R1(config)#int s0/3/0
255.255.255.252
R1(config-if)#clock rate 64000
R1(config-if)#encapsulation ppp
R1(config-if)#ppp authentication chap pap
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#username
R2 password cisco
Configuring R2:
R2(config)#int s0/3/0
R2(config-if)#ip address 192.168.1.2 255.255.255.252
R2(config-if)#encapsulation ppp
R2(config-if)#ppp authentication chap pap
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#username
R1 password cisco
Note: Username R2 must be created on Router R1 and username R1 must be created on Router R2, where usernames
R1 and R2 are the hostname of their respective Routers. Passwords on both the routers must be same.
Frame-Relay:
109
Frame Relay:
Frame Relay is a packet switching Technology Suppose 3 branches hy in a different location to is scenario my agar
hamy un branches ko connect ho tu jitni branches hogi hamy utni hi lease line ya dedicated line purchase karni hogi jo
k bhut hi costly bhi pary ga or bhut sari cables bhi hamy apny router k serial interface sy connect hogi to Frame Relay
eak essa feature hy jis my ap apny eak hi serial link ko use karty howy apny multiple remote Offices sy connect ho
sakty hu. tu ye eak basic overview hy k Frame Relay hota kia hy. Frame Relay packet Switching k throw hamari cost
ko reduce karta hy. Frame Relay packet switching py based hy per is my bhi circuit create hoty hy jessy hum kehty hy
Virtual Circuit VC jab bhi hum remote office sy connect hoty hy tu VC Virtual Circuit generate hota hy jis k throw
communication hoti hy. Hum bs apna router ISP sy connect karty hy or apny remote office ka router bhi ISP sy connect
karty hy or is tarha hamari do branches jo k different countries my hy wo appas my connect hojati hy bech my ISP ka
network hota hy jo k packet switching or Frame-Relay ka task perform karta hy.
110
Frame-Relay Mapping:
LAN py data link layer MAC address ko use karti hy us ki destination identity k ley essi thrha WAN py eak
protocol use hota hy jessy hum DLCI (Data link connection Identity) kehty hy. hota kia hy jessy humay
multiple Virtual circuit bany hy hamara branch router multiple remote routers k sath connect hy tu essy
my locations ko identify karny k ley DLCI Frame Relay number us ki Destination IP address
k sath bind kar diya jata hy. ye DLCI Frame Relay number ISP assign karta hy to essy my jab
bhi
hamara Router kessi Remote Office k Router ko data send
karta hy jo kessi or country my hy tu us ki destination IP
address k sath wo us Frame Relay ka number bind kar dyta
hy jo us k packets ki identity hoti hy DLCI number k throw link ki identity hoti hy.
DLCI Technical detail:
1)
2)
3)
4)
5)
6)
CIR:
Committed information Rate (CIR) ISP jo hamy link provide karta hy Frame Relay k connection k ley us ki jo speed
hoti hy suppose 2MBPS tu CIR matlab ye bandwidth fix hy zayada ho sakti hy is sy per 2mbps sy km nahi ho sakti
CIR my bandwidth fix hoti hy but jitni apki link ki speed hogi jo CIR ap select kary gy ussi hisab sy pher apko
payment bhi karni hoti hy.
---------------------This Book is written by Fayyaz Ahmed---------------------
111
LAR:
Local Access Rate (LAR) hamary office router sy jo cable ISP sy connect ho rahi hy us ki physical cable py jo speed
hoti hy ussy hum khety hy (LAR) means Local Access Rate.
LMI Types:
Three types of LMI.
1) Cisco LMI
2) ITU-T LMI (International Telecommunication Union-Telecom)
3) ANSI LMI (American National Standard institute)
Frame Relay connection my ISP k Routers or hamary Routers k bech my LMI ki type same honi chyee
Version IOS:
(11.0) sy ly kar (11.3) tak LMI ko hamy manually configure karna parta tha apny router per.
(12.0) sy still jo LMI type ISP k router per hy hamary Router per bhi wohi LMI type auto hi detect ho jati hy.
LMI States:
1) Active
2) In-Active
3) Deleted
(Link Ok)
(Frame-Relay Switch sy hamary Router tak k link my problem hy)
(hamara link ok hy destination router or us k Frame-Relay Switch k link my problem hy)
112
LAB:Frame Relay OBJECTIVE: To Show How Router Connects With Each Other Over Cloud
Using Frame Relay
Configuring R1:
R1(config)#int s0/3/0
R1(config-if)#no shutdown
R1(config-if)#encapsulation frame-relay
R1(config-if)#exit
R1(config)#interface s0/3/0.122 point-to-point
R1(config-subif)#ip address 10.1.2.1 255.255.255.0
R1(config-subif)#frame-relay interface-dlci 122
R1(config-subif)#exit
R1(config)#interface s0/3/0.123 point-to-point
R1(config-subif)#ip address 10.1.3.1 255.255.255.0
R1(config-subif)#frame-relay interface-dlci 123
R1(config-subif)#exit
R1(config)#router rip
R1(config-router)#version 2
R1(config-router)#no auto-summary
R1(config-router)#network 10.1.2.0
R1(config-router)#network 10.1.3.0
R1(config-router)#exit
113
Configuring R2:
R2(config)#int s0/3/0
R2(config-if)#ip address 10.1.2.2 255.255.255.0
R2(config-if)#encapsulation frame-relay
R2(config-if)#frame-relay interface-dlci 221
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#router rip
R2(config-router)#version 2
R2(config-router)#no auto-summary
R2(config-router)#network 10.1.2.0
Configuring R3:
R3(config)#int s0/3/0
R3(config-if)#ip address 10.1.3.2 255.255.255.0
R3(config-if)#encapsulation frame-relay
R3(config-if)#frame-relay interface-dlci 321
R3(config-if)#no shutdown R3(config-if)#exit
R3(config)#router rip
R3(config-router)#version 2
R3(config-router)#no auto-summary
R3(config-router)#network 10.1.3.0
R3(config-router)#exit
114
Note:
Click on WAN cloud then click on Config tab. You will see all the interfaces on the left hand side. Now click on
Serial0 button and add the DLCI value and Name as shown above and press Add button. Serial0 is linked to two
DLCI value, therefore both the DLCI values must be added. Now repeat the same procedure for Serial1 and Serial2.
Note:
Now click on Frame Relay button and map the DLCI accordingly as shown above and press the Add button.
You can now verify the connectivity by sending ping packets as follows.
On Router R1:
On Router R2:
On Router R3:
R1#ping 10.1.2.2
R1#ping 10.1.3.2
R2#ping 10.1.3.2
R3#ping 10.1.2.2
115
FREE Online
Edition
http://fayyazahmed-ccna.weebly.com
Visit my Page
www.facebook.com/MIEasier
www.facebook.com/Officialnetworksp
Feedback Information:
As you read this Book and you think that this has helped you in any way then it would be great
if you give me your feedback, and even if you think that it has been poorly conceived and
written I would like to hear your Feedback and your comments. Feel free to contact me in my
facebook ID https://www.facebook.com/fayyaz.feizi.
Also I have many notes in my knowledge about CCNA and topics like VLAN, TRUNKKING,
Switches, ACL, OSPF, EIGRP and lots more if you want so contact me on
fayyazahmed007@outlook.com . Thank You so much for reading this and also prays for my
bright Future stay connected. Fayyaz Ahmed Healty learning