icnd2 notes... after odom

Visibility: Open to anyone

    icnd2 notes...

    the following are my notes for ccna based on Odom's icnd2... it includes  most everything except isdn and not much subnetting , again based on  Odom's text... this is intended for those who have already been through  the entire text at least once, and as a review only... i make no  apologies...  it is loaded with mistakes, very raw, 21 pages long, and  not for the faint of heart...


    reading this **** is no substitute for active learning, by which i mean,  while reading a text, you should slow down, force yourself to take  notes as you read, and then re-read those notes, re-read the text again,  and make comparisons of your notes with the text... and don't just take  whats written as gospel...  if you have equipment, or access to gns3 or  packet tracer, prove the author's veracity by setting up your own  experiments, no matter how simple or trivial...  try to prove the  masters wrong at every turn...


    feel free to scrape at will and don't forget to thank your daddy (Odom)






    3 types of addresses
    Unicast-a MAC address that defines a single NIC
    Broadcast-all F’s FFFF.FFFF.FFFF. the most often used IEEE group MAC address. A broadcast address implies that all devices on a LAN should receive and process a frame sent to the broadcast address.
    Muliticast-address:  frames sent to unicast addresses are destined for one NIC, frames sent to a broadcast address are sent to all NICS, frames destined for mulicast addresses are destined for a subset of declared NIC’s on a LAN
    Learning-the switch learns MAC addresses by examining the source MAC address of each frame it receives.
    Forward or filter-the switch forwards or filters the frame based on the frame’s destination MAC address.  The MAC address table is used for forwarding decisions.
    Loop prevention- in a redundant topology (meshed) a switch creates a loop free environment with the help of STP.
    Switches reduce network overhead by forwarding traffic from one segment to another when necessary.  The switch performs this with the aid of its MAC-address-table.
    Filter, drop the frameForward to another port, because the frame is destined for a different port.
    Switches forward lan broadcasts and unknown unicast frames out all ports except the one upon which it was received.  Unknown unicast frames are frames whose destination Mac’s are not yet in the mac-address-table.
    Switch logic summary
    1. a frame is received
    2. if it’s a broadcast or multicast, forward out all ports except the upon which it was received.
    3. if unknown unicast (not in table) forward out all ports except the one upon which it was received.
    4. if unicast, and in the table, and associated interface is not the upon which it was received, forward out the correct port.
    5. otherwise, filter.
    Page 2
    Sh int status
    Sh mac-address-table dynamic
    Sh port-security int
    Sh port-security int
    Chapter 1 q&a
    1. a switch examines an incoming frame’s destination address in its mac-address-table. If a match is found, the switch forwards the frame out the corresponding interface. if not found, the switch forwards the frame out all interfaces except the one on which it arrived. The mac-address-table is built with incoming source mac addresses.
    2.  a switch builds it’s mac-address-table by examining and learning source mac addresses.
    3.  line cons 0
    password xxx
    will force the console user to issue a valid password for access. You must be in line configuration mode to set this.
    4.  the line cons 0
    password xxxx
    command set will force a user login and password for console access to the switch.
    5.  enable password xxxx and enable secret xxxx are the commands to set the enable password.  The enable secret will be encrypted using md5 and takes precedence.
    6.  the passwords for console and telnet may be configured (and should be) as different.
    7.  sh startup-config will show the config file stored in nvram.  Sh config is the older command
    8.  sh running-config will show the config currently running in ram. Wr mem is the older version.
    ICND chapter 2
    Spanning-tree Protocol
    Page 3
    802.1d STP
    802.1w RSTP rapid spanning tree protocol
    STP prevents switching loops from occurring on a redundantly linked LAN.  STP ensures that only one active path exists between segments (collision domains) at any given time.
    The STA (spanning tree algorithm) determines whether ports will be forwarding or blocking.  Switches can forward or receive on forwarding ports; switches do not forward or receive on blocking ports.
    If a redundant active link fails, STP will converge and bring the formerly blocked link up in its place within 50 seconds.
    Forwarding/Blocking criteria
    STP elects a root bridge (switch) and puts all root bridge interfaces into forwarding state
    Each non root bridge (switch) determines which of its ports has the least administrative cost (best) to the root bridge and STP makes that port that switch’s root port.
    The switch with the lowest (best) cost  to the root is put in forwarding state.
    The lowest cost switch on each segment is the designated bridge (switch) and the interface on that switch is called the designated port.
                The root bridge’s (switch) ports are always in forwarding state and the root switch (bridge) is always the designated bridge on all connected segments.
                The non root bridge root port is always forwarding. This port receives the lowest cost BPDU from the root.
                Each LAN’s designated port is always forwarding and the bridge forwarding the lowest cost BPDU is the segment’s designated bridge (switch)
                 All other ports are blocking. No forwarding frames, no receiving frames.
             At first each switch claims to be root by sending BPDU’s that contain:
                     The root bridge ID- a combination switch priority and MAC address,                 lower number, higher priority
                 The cost to reach the root- again the lower, the better
                 And it’s own bridge ID
    The root bridge is elected based on the lowest value bridge ID (usually priority) and in case of a tie, the MAC address breaks the tie.  The bridge ID and cost is the hello BPDU
    Page 4
    Each switch has one root port which is the port  receiving the least cost BPDU from the root.
    The root bridge send a new hello every 2 seconds by default.
    Hello time- 2 seconds, the default, is the time root waits to send the next hello BPDU
    Max age- 20 seconds that any bridge waits after not hearing bpdu’s before initiating STP topology changes.
    Forward delay- delay (15 sec) involved when a port goes from blocking to forwarding.
    A stable STP network operates thusly:
    1. root sends BPDU’s, cost of 0 out all its interfaces
    2. neighbor switches forward the hello’s out their non-root designated ports, identifying the root and adding their own cost
    3.  every bridge in the network repeats step 2 upon receiving BPDU’s
    4.  root repeat step 1 every hello interval (2 seconds)
    5.  the switches continue as normal until lack of BPDU reaches max-age, they then react
    blocking and forwarding are the only stable states. Listening and learning are transition states.
    When a switch detects a topology change, ie it’s best link to the root has gone down, the switch sends a TCN BPDU as soon as its affected port transitions to listening.  Topology Change Notification BPDU.
    STP summary
    1.  all bridge (switch ports) stabilize at forwarding or blocking.  Forwarding ports are considered part of the spanning tree.
    2.  one switch is elected root, and its ports will all move to forwarding state.
    3.  each switch receives hellos from the root, directly or through another switch. The port that receives the least cost BPDU is placed in forwarding and becomes that switch’s root port
    4.  for each segment one switch forwards the BPDU with the lowest cost.  That switch becomes that segment’s designated bridge.
    5.  the other interfaces are placed in blocking
    6.  the root sends BPDU’s every 2 seconds. This time interval can be modified and will be noted in the BPDU.
    7.  if max-age elapses (20 seconds, default) and no BPDU, panic ensues and the spanning tree changes.
    Page 5
    8.  forward delay (default 15 seconds) is the time it takes for a port to transition through the ******* states to forwarding. (listening, 15 seconds, learning 15 seconds)
    9.  when a switch goes into listening, it sends a TCN BPDU (topology change notification) through the new path to the root. Other switches will refresh their tables with the new entry.
    10. spanning tree creates these delays to prevent transitional loops because…
    spanning tree, very pretty and the bpdu’s are sweet,
    but the root of the poor spanning, is impossible to eat…
    for spanning-tree the path cost value represents media speed.\
    etherchannel is an aggregate linking of trunks that disallows the need for convergence in the spanning tree.  Two or more trunks become one link, however, in the event that one of the trunks goes down, there is no interruption by spanning tree.  Both or all links must fail in the channel group for stp to need to converge.  It is also supposed to provide more bandwidth because the added links create an aggregate.  I have yet to prove this.
    Portfast allows for a switch to be put in forwarding state immediately after the link comes up.  This precludes the 30 to 50 seconds the spanning tree takes for convergence.
    The bpduguard feature will disable portfast if a bpdu is received.  Portfast is optimal on access links (hosts, printers, servers)
    Rapid spanning tree protocol:
    Rstp performs elections in the same way as stp however it uses only 2, states forwarding and blocking, and blocking is referred to as discarding. The issue is convergence and rstp’s shorter convergence time makes it desirable. Remember stp requires max-age 20 seconds and 2 forward delay of 15 seconds for each transition state, listening, learning.
    Rstp characterizes 3 types of link connectivity:
    Link type: point to point (switch to switch)
    Edge type: link to endge device (host)
    Shared type: hub in between
    Rstp can improve convergence with link type (point to point) and edge type, but not shared.
    Page 6
    Stp states        RSTP states    like stp, rstp only includes learning and forwarding in the
    Blocking         discarding       active topology
    Listening         discarding
    Learning         learning
    Forwarding     forwarding
    Disabled          disabled
    Besides root port and designated port, RSTP defines three others
    Alternate port- a port on a switch that receives suboptimal BPDU’s
    Backup port-  a nondesignated port that is attached to the same link as another port on that switch
    Disabled-  an administratively disabled port
    To enable rstp on edge ports, simply use portfast. Remember with rstp, ports that can be immediately transitioned to forwarding (after port negotiation with the other end) will be. Max-age is reduced significantly, listening is discarded and learning is reduced.
    Chapter 2 q&a
    1.  layer 2 devices do not use routing protocols.
    2.  a switch examines the bridge priority and the mac-address contained in received bpdu’s (lowest number combination wins) to resolve a root switch election in that spanning trees segment.
    3.  a switch that receives bpdu’s from multiple switches will determine its root port based on the lowest cost path to the root switch.
    4.  the root switch ports will never change to blocking, are always forwarding because they have least cost path, 0 to the switch.
    5.  spanning tree prevents loops in a redundant network.  Spanning tree will determine usability of links, and will automatically change blocking ports to forwarding ports to keep the links up.
    6.  when a switch initializes it always declares itself root.  Of course that is subject to change with a LAN election.
    7.  3 reasons why a port is placed into forwarding by spanning –tree:
       1.  one port on each switch is designated, therefore always forwarding
       2.  a member of  the root switch (hence always forwarding)
       3.  one switch on the LAN is designated, therefore it’s port is always forwarding
    8.  besides forwarding, three other states are part of  a ports evolution. Blocking, listening and learning.  Of these four states, listening and learning are transitional.
    Page 7
    9.  2 reasons a non-root switch will place a port in forwarding state.
       1.  if it’s designated on its segment and
       2.  if it is the root port, otherwise block it.
    10.  sh span and sh spann  int x/x will show the overall state of spanning tree and the state of spanning tree for a particulaqr interface.
    Chapter 3  Vlans and trunking
    Isl and 802.1q both support a separate instance of spanning tree per vlan.
    Cisco’s pvst+ will support 802.1q  for multiple spanning tree instances over 802.1q trunks.
    802.1q defines one native vlan per each trunk. The default is vlan 1. when a switch on the other side receives NO TAG (native vlan is tagless) it knows it’s from vlan 1 or native vlan.
    Cisco proprietary protocol for the exchange of vlan information between switches.  VTP will allow for switch configuration consistency throughout a network with a defined layer 2 messaging protocol.  A centrally located switch can control the configurations of all the switches in a network, minimizing mistakes, misconfigurations and inconsistencies, ie, duplicate vlans or incorrect type settings.
    VTP floods its advertisements throughout the VTP domain every five minutes or whenever there is a vlan configuration change.  This advertisement includes a revision number, vlan names and numbers and which switches have which ports assigned to which vlans.  Vlan propagation is the operative word here.
    The revision number is vital. When a vtp server modifies its vlan configuration, it increments its revision number.  The receiving switches, based on this higher number (if it is in fact higher) update their vlan configurations accordingly.
    3 modes of operation:
    server , client and transparent– a server creates, modifies and deletes vlans and other parameters for the entire VTP domain.  Servers save this configuration in NVRAM, but clients do not. Clients cannot create change or delete vlans nor save the configuration to NVRAM. In transparent mode a switch forwards vtp advertisements while ignoring the configuration information although it does save the information in NVRAM.
    Page 8
    A transparent switch can create, modify and delete vlan configuration information only locally.  This information is not propagated to other switches in the domain.
    A trunk carries all traffic for all vlans by default
    VTP pruning allows switches to prevent broadcasts and unknown unicasts from going to switches that are not members of that corresponding vlan.  VTP increases available bandwidth by limiting broadcasts and unknown unicasts.  VTP pruning is the second most valuable reason to use VTP.  The first is of course, to make configuration easier, and more consistent.
    See page 80 and practice 2950 vlan command list.
    Access- doesn’t trunk
    Trunk- always tries to trunk
    Dynamic desirable- trunks to dyn desirable trunk or dynamic auto
    Dynamic auto- trunks to trunk or dynamic desirable
    Chapter 3 q&a
    1.  a broadcast domain is the set of all nics in a network that may receive broadcasts.  Switches flood broadcasts, routers segment broadcast domains.  Routers will only ever pass broadcasts with the aid of ip helper- address
    2.  a vlan is a layer 2 construct that allows for devices on geographically and physically different networks to communicate across a network.  Basically a pointer to layer 3. a vlan treats one subset (group) of a switch’s interfaces as one broadcast domain.
    3.  a vlan trunking protocol is wholly unnecessary for a switch with only one vlan.  Two cisco switches may use ISL, because ISL is cisco proprietary.  With cisco and another vendor 802.1q would have to be employed.
    4.  VTP virtual trunking protocol (cisco proprietary) will allow for a single point of configuration and management for all switches in the VTP domain.  Adds, deletions and modifications to VLANS are made simpler and more consistent throughout the domain.
    5.  3 modes of VTP; server client and transparent.  Client mode cannot add change or delete, and doesn’t save in NVRAM.  Transparent mode can add change delete and save, but only locally.
    6.  sw mode  dyn desirable
    will allow a port at the other end to negotiate trunking, if it is set to dyn auto dyn desi or trunk
    page 9
    7.  server mode allows a switch to create vlans and advertise them to other switches.
    8.  vlans create connections across geographic boundaries, and a part of the same broadcast domain.
    9.  isl is cisco’s proprietary trunking protocol.
    10.  vtp pruning will prohibit broadcasts and unknown unicasts from going where they have no switch supported vlan interfaces.
    11.  a vlan is a broadcast domain, a subnet and a network, however it is a layer 2 construct in that it is a pointer to layer 3
    12.  802.1Q inserts a a vlan tag to identify the vlan unless it originates from the native vlan. This is a 4 byte header is added after the source mac address field.
    13.  a switch in vtp transparent mode forwards advertisements but does not participate in vtp.  It can change add or delete vlans, but only locally.
    14.  config t
    vlan 5
    name 5
    are the commands to create a new vlan in vlan configuration mode
    15. in interface configuration mode put the port in vlan 5 with
    sw acc vlan 5
    16.  configuration mode is the better choice and vlan database mode is becoming obsolete. In database mode the commands don’t take effect immediately, only after exiting the mode.
    17.  sw mode trunk will put an interface into trunking mode.
    Sw mode dyn desirable will prepare the interface for trunking at the other end
    Sw mode dyn auto will prep the interface to trunk
    18.  sh int fa0/0 sw
           s hint fa0/0 trunk
    will both give trunking status on the interface
    Chapter 5 RIP IGRP and Static Routes
    Static route-  to get to network 1 use
    In other words ip route
    Or ip route s0/0
    Routers add directly connected networks to their routing tables, with or without a routing protocol
    Page 10
    A router sends routes out its interfaces to directly connected neighbors advertisng the routes it knows, including routes learned from other routers
    Routers listen for routes from their neighbors to learn new routes
    The information includes metrics, the goodness of a route, lower metric is better, and subnet numbers
    Routers will use broadcasts and/or multicasts for advertising
    In the case of multiple routes to the same network, the router picks the best route
    Periodic updates are sent and received with neighbors
    Failure of advertising neighbors means a removal of routes previously learned from the failing router
    A route received from a router is considered the next hop for the route
    Metrics (hops) define the distance of a route
    Split horizon – route advertisements are not forwarded out the interface upon which they are received
    Split horizon with poison reverse-  split horizon remains in effect unless a route fails.  In the case of failure the route is advertised out ALL interfaces with an infinite metric (hop count 16 = infinite)
    Route poisoning- advertise the network with an infinite metric. This applies to routes that are advertised when the route is valid
    Hold-down timer – after route failure, the router waits a determined amount of time before believing new information about the router that failed
    Triggered updates- an update is sent immediately once a route fails.
    Rip and IGRP use split horizon with poison reverse as default.
    Rip uses hop count as its metric, IGRP uses bandwidth and delay of the line.  Bandwidth and delay of the line taken together are a better metric than hop count because IGRP prefers faster links over longer hop counts. RIP and IGRP do not support VLSM.
    Page 11
    Important router points
    A router multicasts and/or broadcasts route updates out an interface
    It listens for updates from the same interface
    When sending an update the router includes THAT interface’s subnet
    A router matches the network command with a corresponding interface network, if it can
    Unlike RIP, IGRP includes the autonomous system number.
    Autonomous system means a network that is under control of the same entity.  For IGRP, the AS number has to be the same.
    IGRP (EIGRP) calculates a metric using BANDWIDTH and DELAY OF THE LINE by default. It also can use  load, reliability and MTU if configured.  IGRP has as its administrative distance 100. the default bandwidth value on serial lines is T1 speed (1.544 Mbps or 1544 kbps), on Ethernet lines it is the Ethernet default.
    The calculation of bandwidth and delay are inverse; higher bandwidth, lower metric, lower the cumulative delay, lower the metric.  Again lower is better.
    The maximum-paths subcommand set to 1 means that the table will only show the first route learned from multiple paths. The default is 4.
    Use the variance command to inform the router that routes close in metric value should be treated as equal, so that if one goes down, convergence on the new link is instant.
    Chapter 5 q&a
    1.  A distance vector routing protocol uses a hold down timers to prevent counting to infinity delays in the path; to wit, a router waits a hold down period befor believing any new information about a route.
    2.  split horizon means that a router will not advertise a route out the same interface upon which it was received.  Split horizon applies to DV only.
    Page 12
    3.  to migrate from rip to igrp use
    config t
    router igrp 1 (AS number must be the same for the AS)
    no router rip
    4.  A directly connected route is denoted by a C next to the route.  A RIP route with an R and an IGRP route with an I, static uses S, EIGRP uses D, ospf uses O.
    5.  config t
    router igrp 5
    see question 5
    6.  config t
    router igrp 1
    7.  sh ip proto will tell you where routes are being received from.
    8.  A network needs to be configured before it can be advertised by the routing protocol out its interface.
    9.  A network has to be configured by the routing protocol before it can be advertised from any interface.
    10.  yes, as long as the network is directly connected it will show up as C with sh ip route.  However it will not be advertised without the network statement.
    11.  The variance command can be used to set the parameters of goodness for routes that are near equal so that multiple routes can inhabit the routing table.
    12.  with RIP the maximum-path command can be used to override the default of 4 equal cost routes that can be added to the router.  6 is the most that can be used.
    Page 13
    13.  for IGRP the maximum-path command would also be used to override the default of 4 equal cost routes that can be added to the routing table.  Likewise, six is the most.
    14.  sh ip route rip will list only those routes learned by RIP.
    15.  you can also show by networks, for instance, sh ip route
    16.  DV routers learn routes by rumor, meaning from directly connected neighbors.
    17.  the router will place a route it found first in the table even if the routes have equal metrics.
    18. when a router discovers a link down it will advertise that route out all interfaces except the one upon which it was received. Poison reverse will advertise it out all interfaces, regardless. This helps prevent routing loops.
    19.  triggered updates occur when a route is identified as down.  A flash update will be sent to all neighbors.
    20.  The underlying logic in OSPF is link state
    chapter 6 link state and OSPF
    OSPF doesn’t get told best paths (metrics) to other routers, it calculated them.
    Routing updates are called LSU, or link state updates, which contain LSA’s or link state advertisements.  The LSA contains subnet, mask, metric and other information about the subnet.
    How it works
    1.  a router discovers its neighbors on each interface.  A list is kept in its neighbor table.
    2.  A router uses a reliable protocol to exchange topology information (LSA’s) with its neighbors.
    3.  The topology information goes in the routers topology database.
    4.  Each router runs the SPF algorithm (Dijkstra) against its own topology database to calculate the best routes to each subnet.
    Page 14
    5.  OSPF routers place the best route in their routing tables.
    Uses neighbor table and topology database
    OSPF Areas
    OSPF areas break up the network so that routers from one area know  little about the routers in another. With smaller topology databases routers use less memory and less processing time.
    ABR – area border router sits between two areas, advertising summary information about the routers in the other area. The information it distributes (subnets and topologies) make for less information overall in both areas.
    See rfc 2328
    Balanced Hybrid
    Cisco supports two DV’s, RIP and IGRP
    And two Link State, IS-IS and OSPF
    Cisco supports one balanced hybrid, EIGRP; some link state and some distance vector qualities in EIGRP
    EIGRP updatesNeighbor discovery >  Full routing update >   Continuous hellos >  Partial updates >    Same metric calculation as IGRP except multiplied by 256 to accommodate high bandwidth values    An alternative route to the currently best route is known as the successor (lowest metric). Any other routes that could be used without causing a loop are called feasible successor.    When a route fails and there is no feasible successor EIGRP uses DUAL, which sends queries looking for a loop free route to that network.              Page 15    Chapter  7 go back for review  Chapter 8    Scaling IP    CIDR- Classless inter domain routing, rfc1817    Aggregates multiple network numbers into a single routing entity. Think ISP    Private addressing- rfc 1918  Defined ip address space class A                                  class B                                  class C  these numbers are not routable (cannot be advertised) on the internet    NAT-  rfc 1631 a private address has the ability to communicate on the internet once natted to a qualified routable internet address.  The private address is changed to a public registered address by NAT inside the IP packet.  The private source address is changed into a routable registered address, while the destination address remains the same. NAT performs this translation.    Static NAT- one to one.    More here, discuss inside source, outside source local and global…      ICMP    Part of the network layer; instrumental in controlling and managing, troubleshooting.  There is no transport header, the ICMP message resides inside an IP packet.  Rfc 792    Echo request/reply  Sent and received by ping.  Pinging means sending an echo request.  Any data sent in echo request is returned in echo reply.  See extended ping.    Destination unreachable  Five codes (port unreachable has 5 subcodes)   1) network unreachable-no match in routing table at destination- sent by router  2) host unreachable- routes to destination network but no host response- sent by router          page 15    3)  can’t fragment- don’t fragment bit is set and a router must fragment in order to forward the packet (packet too large)- sent by router  4) protocol unreachable(unlikely, TCP or UDP)- delivered to host but layer 4 (transport) protocol is not available- sent by host  5) port unreachable- delivered to host, but destination port is not open- sent by host  ping codes: ! = echo received                     . = nothing received before ping time out                   U = unreachable destination                   N = unreachable destination                   P = unreachable port                  Q = source quench                  M = can’t fragment code                   ? = packet unknown    Time exceeded  TTL (time to live) field in IP header has expired, therefore discarded (decremented by a router before forwarding; at zero, see ya) TRACE uses time exceeded    Redirect – used to tell the host there is a better local router to send the packet to    Chapter 8 q&a    1.  rfc 1918 defines private addresses as those that sit behind the horizon (internet) on a private network, and are not routable.  Classs A B &C  A –  B –  C    2.  see 1    3.  CIDR affects the size of routing tables in that it summarizes routes to create less routes in the routing tables.    4.   NAT is network address translation. Essentially it takes a private address, translates it into a public address so it can be routed out the internet.    5.  inside local means inside private, or host address behind the horizon.    6. inside global would be the natted address for the host on it’s way to the outside local.    7. config t        page 16    int fa0/0  ip address  ip nat inside source    int s0/0  ip address  ip nat outside source    ip nat inside source list 1 interface serial 0/0 overload  access-list 1 permit  access-list 1 permit    8.  same as above except  ip nat inside source static     and  no access-list    9.  FTP is more robust and requires more lines of source code than TFTP, TCP versus UDP    10.  FTP and TFTP do error recovery, FTP with TCP and TFTP using application layer error recovery one block at a time    11.  If a packet is too large for a router’s MTU and the don’t fragment bit is not set, a router will fragment the packet into usable sizes before forwarding and the packet will be reassembled at the destination host.    12.  16 class B networks are available with rfc 1918 class B addressing.    13.  Hosts use an Ethernet broadcast to find the hardware address of  another IP host.    14.  one of the routers (based on the limits of its MTU) fragments the packet into a forwardable size which is then reassembled at the application layer of the destination host.    15.  config t  int fa0/0.1  encap isl 1  ip address  int fa0/0.2          Page 17    encap isl  ip address  encap isl 2    16.  NAT overload supports one internal ip address but many ports on that IP address making the addressing unique as a result      chapter 9    WAN    Leased line- dedicated, always on circuit between two endpoints. More expensive than packet switched    Dial/circuit switched- dedicated bandwidth per call duration, cheaper than leased especially when constant connectivity is not essential.  A good back up for packet switched or leased    Packet switched- virtual circuits between two points, contracted traffic rates.  Consists of a leased line from the site to provider network and usually cheaper than leased    DCE is always the clock rate provider    HDLC and PPP provision data delivery across a single serial point to point link    HDLC and  PPP can use Synchronous serial; PPP can also use Asynchronous.    Synchronous WAN datalink protocols are frame oriented.  HDLC and PPP define idle frames, sending back and forth signal transitions to maintain clock synchronization.      Synchronous protocols allow more throughput than do asynchronous, but async uses less expensive hardware because transitions do not need to be monitored to adjust clock rate.  Between routers, synchronous is usually preferred.  A PC through a modem to an ISP uses Async.      Both PPP and HDLC perform error detection using an FCS in the frame trailer.  Frames with errors are discarded.  Error recovery may be performed by the datalink layer protocol, a higher layer protocol or not at all.  Error recovery results in the retransmission of  errored or lost frames.  Again error detection is just that, and errored frames are discarded.          Page 18    HDLC has a proprietary protocol type field; PPP has a standardized protocol type field.  This field defines the type of packet encapsulated in the frame.      HDLC only supports synchronous without error correction, while PPP supports async and sync, and error correction is supported but not on by default.    Encap PPP will place the interface in PPP mode.  No encap PPP will place the interface in HDLC and remove all traces of PPP, including other config commands.  Encap hdlc also accomplishes this.    PPP has more features than HDLC, and is therefore preferred. To wit:    PPP has at it’s heart LCP (link control protocol)  LCP provides:     Error detection in the form of Link Quality Monitoring.  LQM determines the quality of a link based on its errored percentage.  It will take a link down based on a configuration determined amount of loss.       Looped link detection using Magic Number.  Magic number messages are passed among routers.  Receipt of a magic number means the link is looped.  A config setting determines whether or not a link should be shut (in redundant routes)       Multilink using Multilink PPP.  Fragmented packets are load balanced across multiple links.    Authentication using PAP or CHAP.  PAP and CHAP can exchange identities on each of the links. (security) PAP is clear message, CHAP uses a three way handshake and  MD5 hashing. The username is the opposite routers hostname (case sensitive), and vice versa, the passwords are the same. Until there is a match on both sides, the link will come down.      Chapter 9 q&a    1.  DCE (data communications equipment) provides clocking sync at the physical layer for a DTE (data terminal equipment).  For point to point serial links an encapsulation protocol such as PPP is required.      2.  use the clock rate command, ie. Clock rate 64000 to set the clocking on the DCE device.  Sh int s0/0 will show you the clock rate (64000) in the output show controllers serial 0/1 will show the interface as the DCE and type (V.35) plus the clocking rate              Page 19    3.  PPP is a datalink protocol that is used over point to point lines. IPCP is used to announce the ip address of the link.    4.  PPP can automatically assign an ip address using IPCP but it is not the default    5.  config t  int s0/0  ip addr  encap ppp  clock rate 64000 (if DCE)     use sh controllers s0/0 to determine DCE or DTE    6.  PAP password authentication protocol and CHAP challenge authentication protocol. PAP authenticates using clear text, whereas CHAP authenticates with a challenge (three way handshake) and uses MD5 hashing.  (the password is never passed over the link, the hash is)    7.  CHAP uses as it’s username the other router’s hostname and each router uses the same password.    8.  a protocol type field (for multiprotocol traffic; architected) is proprietary for HDLC (cisco).    9.  frame relay, x.25 and ATM are packet switching technologies.  ATM changes the size of  packets to fit in cells (53 byte cells that are reassembled at the receiving end)    10.  four wire leased circuits allows for full duplex communication (as contrasted with two wire)    11.  synchronous refers to “with clocking”.  Timing of signals must be synchronized for communication to occur (best effort) adjustments are made (and therefore more expensive) to impose time ordering on a bit stream.    12.  CHAP config  username r1 passw cisco  int s0/0  encap ppp  ppp authentic chap            Page 20    Username r2 pass cisco  int s0/1 (other router)  encap ppp  ppp authentic chap      Chapter 11 Frame Relay    Frame relay is a multi-access networking topology, unlike PPP.  Frame is NBMA (non-broadcast multi access) which means broadcasts cannot traverse the frame architecture.  It requires a layer 3 identifier simply because it is mult-access.      An access link (leased line) is installed between the router and frame relay switch, and again on the other end, supporting DTE devices (routers) on both sides.  The frame relay switches are the DCE devices in between provisioning the communication.  Keepalive messages are upheld between each router (DTE) and each Frame relay switch, respectively, by the LMI (local management interface protocol)      A VC (virtual circuit) is provided between each pair; DTE and DCE, and identified by a (DLCI) data link connection identifier.  The DLCI is the frame relay address that the VC transports.  The layer 3 packet is encapsulated between a frame header and trailer for forwarding across the VC (frame switches)    VC- logical representation of the path frames take between DTE’s    PVC- (permanent virtual circuit)  defined VC (think lease line)    SVC- (switched virtual circuit) a dynamically setup PVC (think dial connection)    DTE/DCE- see above    Access link- the leased line between DTE’s and DCE’s    DLCI-  frame relay address used in FR headers to identify the VC    NBMA- multi access (more than two devices) NON-BROADCAST    LMI- protocol between the DTE and DCE to manage communication    Signaling messages for SVC’s, PVC status messages and keepalives come under the              Purview of the LMI            Page 21    CIR- committed information rate  each VC has a guaranteed amount of bandwidth from the provider    PVC’ are provisioned (predefined) by the provider, SVC’s are created dynamically.    LMI status messages  Keepalive between the DTE and the DCE  And PVC active or inactive status signaling messages.    LMI uses one of three protocols:  Cisco, ANSI or ITU, which is agreed upon by the DTE and the DCE  Cisco- parameter cisco  ANSI- parameter ansi  ITU- parameter q933A    The frame router encapsulates each packet inside a Frame Relay header and trailer. The header and trailer are defined by the LAPF (link access procedure frame bearer services) specification ITU Q.922-A    Rfc 1490 and later 2427 defined Multiprotocol Interconnect over Frame Relay. Encapsulations are CISCO and IETF    The DLCI IS THE FRAME RELAY ADDRESS.  There is only one DLCI header, not both source and destination, and the DLCI is locally significant.    Mapping is needed on multi-access networks; it is the process that associates a next ** router’s network address with the hardware address needed to reach it. Sh frame-relay map shows the ip next hop address dlci (layer 2) it uses to get there.    Inverse arp maps the next hop ip  to its corresponding dlci dynamically, inarp enabled by default.    Chapter 11 q&a    1.  PPP and frame-relay are wan datalink protocols that define a method for announcing an interface’s layer 3 address.                Page 22    2.  In Arp is not a broadcast.  A router discovers the ip address of a device on the other end of a VC when that device sends an InArp    3.  review this    4.  Nonbroadcast multi access is NBMA.  NBMA applies to frame networks because from does not transmit broadcasts by default, and more than two devices are connected.    5.  the datalink layer and the physical layer are the OSI layers most associated with Frame relay because it uses frames at the datalink layer and signaling at the physical.    6.  no additional configuration is required for a network using IGRP because the forwarding of broadcasts as unicasts can be enabled on each VC and protocol for which InArp is received.    7.  A partial mesh frame network is one where all devices are connected logically but not physically.  For instance a fully meshed frame network would have an access link for every router, a partially meshed frame network would be more akin to hub and spoke.    8.  the keys to a frame-relay map statement are the ip address of the next hop router, the dlci to reach that router and whether or not broadcasts are necessary.      9.  config t  int s0/0  encap frame  int s0/0.1 point-to-point  frame interface-dlci 202  int s0/0.2 point-to-point  frame interface-dlci 203     10.  show frame pvc command declares the time that the pvc came up    11.  sh frame map will show the ip addresses that are mapped in the case of multipoint subinterfaces or when     12.  the no keepalive command will no longer send LMI messages across the access link.    13.  debug frame events will show inarp messages    14.  false only one layer 3 address per map statement