Ccna guide

Exam Cram
CCNA Practice Questions (Exam
640-802)
Third Edition
Jeremy Cora, CCIE No. 11727

Contents at a Glance
Part I: ICND1
CHAPTER 1: Operation of Data Networks
CHAPTER 2: Switching Foundations
CHAPTER 3: Basic IP Services
CHAPTER 4: IOS and Routing Foundations
CHAPTER 5: Wireless and Network Security Concepts
CHAPTER 6: Basic WAN Connectivity
Part II: ICND2
CHAPTER 7: Advanced Switching Concepts
CHAPTER 8: Subnetting, VLSM, and IPv6
CHAPTER 9: Advanced Routing Configuration
CHAPTER 10: Access Lists and Network Address Translation
CHAPTER 11: Frame Relay, PPP, and VPN Connectivity
APPENDIX: What's on the CD-ROM

Table of Contents
About the Author
Introduction
Part I: ICND1
Chapter 1: Operation of Data Networks
Quick Answer Key
Answers and Explanations
Chapter 2: Switching Foundations
Quick Answer Key
Chapter 3: Basic IP Services
Quick Answer Key
Chapter 4: IOS and Routing Foundations
Quick Answer Key
Chapter 5: Wireless and Network Security Concepts
Quick Answer Key
Chapter 6: Basic WAN Connectivity
Quick Answer Key
Part II: ICND2

Chapter 7: Advanced Switching Concepts
Quick Answer Key
Chapter 8: Subnetting, VLSM, and IPv6
Quick Answer Key
Chapter 9: Advanced Routing Configuration
Quick Answer Key
Chapter 10: Access Lists and Network Address Translation
Quick Answer Key
Chapter 11: Frame Relay, PPP, and VPN Connectivity
Quick Answer Key
Appendix: What's on the CD-ROM
Multiple Test Modes
Attention to Exam Objectives
Installing the CD
Creating a Shortcut to the MeasureUp Practice Tests
Technical Support

About the Author
Jeremy Cioara, CCIE No. 11727,

Part I: ICND1
Chapter 1 Operation of Data Networks
Chapter 2 Switching Foundations
Chapter 3 Basic IP Services
Chapter 4 IOS and Routing Foundations
Chapter 5 Wireless and Network Security Concepts
Chapter 6 Basic WAN Connectivity

Chapter 1. Operation of Data
Networks

This chapter covers the following CCNA objectives that fall under the content
area, Describe how a network works:

Describe the purpose and functions of various network devices.
Select the components required to meet a network specification.
Use the OSI and TCP/IP models and their associated protocols to
explain how data flows in a network.
Describe common networked applications including web
applications.
Describe the purpose and basic operation of the protocols in the OSI
and TCP models.
Describe the impact of applications (Voice over IP and Video over IP)
on a network.
Interpret network diagrams.
Determine the path between two hosts across a network.
Describe the components required for network and Internet
communications.
Identify and correct common network problems at Layers 1, 2, 3, and
7 using a layered model approach.
Differentiate between LAN/WAN operation and features.

1. You are a network technician at Bubbles, Inc. Your newly appointed
trainee is troubleshooting a connectivity problem on the network and
would like to test application layer connectivity between devices. What
command would you use?
1. A. ping
2. B. telnet
3. C. traceroute
4. D. verify
5. E. trace

Quick Answer: 16
Detailed Answer: 17

2. You are connecting a laptop to a Cisco router to configure it for the first
time. After opening your terminal program and selecting COM1, you are
prompted for the port settings. What settings should you use?
1. A. 9600bps, 8 data bits, no parity, 1 stop bit, hardware flow control
2. B. 9600bps, 8 data bits, no parity, 1 stop bit, no flow control
3. C. 56000bps, 8 data bits, no parity, 1 stop bit, hardware flow control
4. D. 56000bps, 8 data bits, no parity, 1 stop bit, no flow control

Quick Answer: 16
Detailed Answer: 17

3. Which of the following is a security concern when configuring a device
using Telnet?
1. A. All communication is sent in clear text.
2. B. Passwords are sent using reversible encryption.
3. C. Passwords cannot be changed in a Telnet session.
4. D. Passwords are not used during a Telnet session.

Quick Answer: 16
Detailed Answer: 17

4. You are attempting to test telnet connectivity to a Cisco router in your
company's lab environment, but are unable to create a session. What
should you do to resolve the problem?
1. A. Use a straight-through cable to connect your computer's COM port to the
router's console port.
2. B. Use a rollover cable to connect your computer's COM port to the router's
console port.
3. C. Use a straight-through cable to connect your computer's COM port to the
router's Ethernet port.
4. D. Use a crossover cable to connect your computer's Ethernet port to the
5. E. Use a rollover cable to connect your computer's Ethernet port to the
6. F. Use a straight-through cable to connect your computer's Ethernet port to
the router's Ethernet port.

Quick Answer: 16
Detailed Answer: 17

5. Which of the following is a valid benefit of using a hub in an enterprise
network?
1. A. A network hub could be used to monitor network traffic from multiple
sources using a packet sniffer or IDS/IPS appliance.
2. B. Because it is hardware-based, a hub can transmit traffic with less latency
than a network switch.
3. C. A hub provides a better throughput for steady, low-bandwidth streams of
traffic such as Voice over IP (VoIP) or Video over IP (VIP).
4. D. A hub provides dedicated bandwidth on a per-port basis.

Quick Answer: 16
Detailed Answer: 17

6. You are preparing to discuss the foundations of network communication
with a junior administrator at your company. How would you describe the
characteristics of TFTP using the OSI model?
1. A. TFTP is a transport layer protocol that transmits using TCP port 21.
2. B. TFTP is an application layer protocol that transmits over the transport
layer protocol TCP using port 21.
3. C. TFTP is an application layer protocol that transmits over the transport layer
protocol UDP using port 69.
4. D. TFTP is a network layer protocol that transmits using UDP port 69.

Quick Answer: 16
Detailed Answer: 17

7. You are using Microsoft Internet Explorer on a PC to access the Cisco
website (www.cisco.com). What source port will your PC use for
communication?
1. A. UDP port 80.
2. B. TCP port 80.
3. C. The port will be randomly assigned by the operating system.
4. D. Any TCP port under 1024.

Quick Answer: 16
Detailed Answer: 17

8. You are a network consultant for a small, 20-user company. The company
has purchased a new building and would like you to design a network
infrastructure using Cisco equipment. The company will be using a cable
modem Internet connection, multiple mobile laptops, and 15 stationary
desktop PCs. The company would also like VPN connectivity remotely to
the office. What are the most likely network components you will use?
(Choose three.)
1. A. Cisco switch
2. B. Cisco router
3. C. VLANs
4. D. ASA firewall
5. E. Cisco Wireless Access Point
6. F. Cisco IPS Sensor

Quick Answer: 16
Detailed Answer: 18

9. An interface capable of sending at a T1 speed would be transmitting data
at which of the following?
1. A. 1.544 Mbps

2. B. 1.544 MBps
3. C. 1.544 Gbps
4. D. 1.544 GBps

Quick Answer: 16
Detailed Answer: 18

10. Routing decisions are made at which layer of the OSI model?
1. A. Application
2. B. Transport
3. C. Session
4. D. Data Link
5. E. Network

Quick Answer: 16
Detailed Answer: 18

11. Which of the following protocols operate solely at Layer 2 of the OSI
model? (Choose three.)
1. A. 802.3 MAC
2. B. IP
3. C. HDLC
4. D. PPP
5. E. ISDN
6. F. TCP

Quick Answer: 16
Detailed Answer: 18

12. Which of the following are common network applications? (Choose
three.)
1. A. Graphics creation
2. B. Email
3. C. Spreadsheets
4. D. Instant messaging
5. E. Database
6. F. Word processing

Quick Answer: 16
Detailed Answer: 18

13. What is the primary purpose of a router? (Choose two.)
1. A. To provide an intermediary device where network signals are transmitted

from one device to another
2. B. To control broadcast and multicast traffic from flooding through multiple
networks
3. C. To interconnect networks and provide the best path between them
4. D. To protect networks using firewall capabilities implemented by using
access lists

Quick Answer: 16
Detailed Answer: 18

14. Refer to Figure 1.1. HostA wants to communicate with ServerB. What
destination MAC address will be in the header of the packet at position A
(as notated in Figure 1.1)?
Figure 1.1. Network diagram.

1. A. The MAC address of HostA
2. B. The MAC address of SwitchA
3. C. The MAC address of RouterA
4. D. The MAC address of RouterB
5. E. The MAC address of SwitchB
6. F. The MAC address of ServerB

Quick Answer: 16
Detailed Answer: 18

destination IP address will be in the header of the packet at position A
(as notated in Figure 1.1)?
1. A. The IP address of HostA
2. B. The IP address of SwitchA
3. C. The IP address of RouterA
4. D. The IP address of RouterB

5. E. The IP address of SwitchB
6. F. The IP address of ServerB

Quick Answer: 16
Detailed Answer: 19

source MAC address will be in the header of the packet at position B (as
notated in Figure 1.1)?
1. A. The MAC address of HostA
2. B. The MAC address of SwitchA
3. C. The MAC address of RouterA
4. D. The MAC address of RouterB
5. E. The MAC address of SwitchB
6. F. The MAC address of ServerB

Quick Answer: 16
Detailed Answer: 19

17. Refer to Figure 1.2. HostA is unable to communicate with ServerB. Based
on the information given in the Figure 1.2, what is the most likely cause of
the problem?

1. A. HostA and ServerB are on different subnets.
2. B. HostA and ServerB are on the same subnet.
3. C. RouterA or RouterB has an access list, which prevents HostA from reaching
ServerB.
4. D. Crossover cables should be replaced with straight-through cables.

Quick Answer: 16
Detailed Answer: 19

18. Which of the following are valid fields in a TCP header? (Choose four.)
1. A. Sequence number
2. B. Source IP address
3. C. Checksum
4. D. Acknowledgement number
5. E. Destination MAC address
6. F. Destination port

Quick Answer: 16
Detailed Answer: 19

19. Refer to Figure 1.3. HostA issues a ping request to HostB. Which of the
following outputs would accuratelyreflect the contents of the ARP table on
HostA?

1. A.

C:> arp -a
Interface: 192. 168. 1.10 on Interface 0x10000003
Internet Address Physical Address Type
192.168.1.1 00-0c-85-4c-05-00 dynamic

2. B.

C:> arp -a

192.168.1.1 00-0c-85-4c-05-00 dynamic
192.168.2.1 00-0c-85-4c-05-01 dynamic
192.168.2.10 00-b1-33-df-5e-11 dynamic

1. C.

C:> arp -a
Interface: 192 .168. 1.10 on Interface 0x10000003
192.168.1.1 00-0c-85-4c-05-00 dynamic
192.168.2.10 00-b1-33-df-5e-11 dynamic

2. D.

C:> arp -a
192. 168. 1.11 00-0a-11-3c-34-01 dynamic

Quick Answer: 16
Detailed Answer: 19
20. You are troubleshooting network connectivity issues between a Microsoft
Windows client and a server. The server's IP address recently changed
and you want to clear the client's ARP table. What command will
accomplish this?
1. A. arp -clear
2. B. arp -a
3. C. arp –c all
4. D. arp –d *

Quick Answer: 16
Detailed Answer: 19

21. Which of the following commands would allow a network client to test
connectivity to a destination device and verify the current delay for each
router traversed while making the connection?
1. A. ping
2. B. test
3. C. tracert
4. D. telnet
5. E. ssh –h -d

Quick Answer: 16
Detailed Answer: 19

22. Refer to Figure 1.4. HostA just transmitted a certain amount of data to
HostB. What does HostB's response indicate?

1. A. HostB's response is a retransmission of data requested by HostA.
2. B. HostB has indicated that a portion of HostA's transmission was not received
and needs to be retransmitted.
3. C. HostB's response indicates the TCP session will now close.
4. D. HostB's response is normal and expected. Network communication will
continue unhindered.

Quick Answer: 16
Detailed Answer: 20

23. The following is a list of network functions. Enter the appropriate letter to
match the network function to the corresponding OSI layer.
A = Data link layer
B = Network layer
1. A. ______Provides error detection
2. B. ______Routes data packets
3. C. ______Finds the best path to use when delivering data
4. D. ______Provides logical addressing
5. E. ______Provides physical addressing
6. F. ______Defines how data is formatted for transmission

Quick Answer: 16
Detailed Answer: 20

24. Match the correct term to the corresponding OSI layer.
A = Physical layer
B = Data link layer
C = Network layer
D = Transport layer

1. A. ______ Segments
2. B. ______ Frames
3. C. ______ Bits
4. D. ______ Packets

Quick Answer: 16
Detailed Answer: 20

25. The application layer of the TCP/IP stack corresponds to which of the
following three OSI model layers? (Choose three.)
1. A. ______ Physical
2. B. ______ Transport
3. C. ______ Data link
4. D. ______ Segments
5. E. ______ Presentation
6. F. ______ Session
7. G. ______ Network
8. H. ______ Application

Quick Answer: 16
Detailed Answer: 21

26. A host is assigned the IP address 10.5.62.173/27. An application on the
host attempts to contact a server with the IP address 10.5.62.158/27.
What is the next step in the process of network communication?
1. A. The host will send an ARP message directly to the destination server to
obtain its MAC address.
2. B. The host will contact the IP address of its default gateway to find the MAC
address for the destination server.
3. C. The host will send an ARP broadcast to find the MAC address of its default
gateway.
4. D. The host will send an ARP broadcast to find the MAC address of the
destination server.

Quick Answer: 16
Detailed Answer: 21

27. Users on a specific network segment in your organization are
complaining that they cannot reach the Internet. While working through
the troubleshooting process, you discover that all the ports connecting to
the PCs in the segment have been set to auto-negotiate speed and
duplex. You also gather information from one of the end-user
workstations; this information is shown in Figure 1.5. What is the most
likely cause of the problem?

Figure 1.5. Command prompt output.

1. A. All host and server connections in the network should have speed and duplex
hard coded.
2. B. The connectivity problems are related to an IP addressing issue.
3. C. The default gateway could be blocking ICMP ping traffic.
4. D. All ports should be set for 10Mbps, half-duplex connections for testing
purposes.

Quick Answer: 16
Detailed Answer: 22

28. Refer to Figure 1.6. HostA has just sent a ping request to HostB. Based on
the information given in Figure 1.6, how will the switch respond?

1. A. The switch will forward the frame out FA0/2.
2. B. The switch will flood the frame out all ports.
3. C. The switch will multicast the frame only to unknown ports.
4. D. The switch will flood the frame out all ports except FA0/1.

Quick Answer: 16
Detailed Answer: 22

Share

29. When data is being encapsulated, the last piece of information to be
added is the _________.
1. A. TCP source and destination port
2. B. Destination IP address
3. C. Source IP address
4. D. FCS

Table of Contents
Introduction

About This Book
How to Use This Book
How This Book Is Organized
Book I: Networking Basics
Book II: Building a Network
Book III: Network Administration and Security
Book IV: TCP/IP and the Internet
Book V: Wireless Networking
Book VI: Mobile Networking
Book VII: Windows Server 2008 R2 Reference
Book VIII: Using Other Windows Servers
Book IX: Managing Linux Systems
Icons Used in This Book
Where to Go from Here
Book I
Chapter 1: Understanding Networks
What Is a Network?
Network building blocks
Why bother?
Of Clients and Servers
Dedicated Servers and Peers
Networks Big and Small
Network Topology
Bus topology
Star topology
Expanding stars
Ring topology
Mesh topology
Chapter 2: Understanding Network Protocols and Standards
Understanding Protocols
Understanding Standards
The Seven Layers of the OSI Reference Model
The Physical Layer
The Data Link Layer
The Network Layer
The Transport Layer
The Session Layer
The Presentation Layer
The Application Layer
Following a Packet through the Layers
The Ethernet Protocol
Standard Ethernet

Fast Ethernet
Gigabit Ethernet
The TCP/IP Protocol Suite
IP
TCP
UDP
Other Protocols Worth Knowing About
Chapter 3: Understanding Network Hardware
Servers
What's important in a server
Components of a server computer
Server form factors
Network Interface Cards
Network Cable
Coaxial cable
Twisted-pair cable
Switches
Repeaters
Bridges
Routers
Network Attached Storage
Network Printers
Chapter 4: Understanding Network Operating Systems
Network Operating System Features
Network support
File-sharing services
Multitasking
Directory services
Security services
Microsoft's Server Operating Systems
Windows 2000 Server
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Other Server Operating Systems
Linux
Apple Mac OS/X Server
Novell NetWare
Peer-to-Peer Networking with Windows
Advantages of peer-to-peer networks
Drawbacks of peer-to-peer networks
Windows 7

Windows Vista
Older Windows versions
Book II
Chapter 1: Planning a Network
Making a Network Plan
Being Purposeful
Taking Stock
What you need to know
Programs that gather information for you
To Dedicate or Not to Dedicate: That Is the Question
Types of Servers
File servers
Print servers
Web servers
Mail servers
Database servers
Choosing a Server Operating System
Planning the Infrastructure
Drawing Diagrams
Sample Network Plans
Building a small network: California Sport Surface, Inc.
Connecting two networks: Creative Course Development, Inc.
Improving network performance: DCH Accounting
Chapter 2: Installing Network Hardware
Installing a Network Interface Card
Installing Twisted-Pair Cable
Cable categories
What's with the pairs?
To shield or not to shield
When to use plenum cable
Sometimes solid, sometimes stranded
Installation guidelines
Getting the tools that you need
Pinouts for twisted-pair cables
Attaching RJ-45 connectors
Crossover cables
Wall jacks and patch panels
Installing Coaxial Cable
Attaching a BNC Connector to Coaxial Cable
Installing Switches
Daisy-Chaining Switches
Chapter 3: Setting Up a Network Server

The Many Ways to Install a Network Operating System
Full install versus upgrade
Installing over the network
Automated and remote installations
Gathering Your Stuff
A capable server computer
The server operating system
Other software
A working Internet connection
A good book
Making Informed Decisions
Final Preparations
Installing a Network Operating System
Phase 1: Collecting Information
Phase 2: Installing Windows
Configuring Your Server
Chapter 4: Configuring Windows Clients
Configuring Network Connections
Configuring Windows XP network connections
Configuring Windows Vista network connections
Configuring Windows 7 network connections
Configuring Client Computer Identification
Configuring Windows XP computer identification
Configuring Windows Vista or Windows 7 computer
identification
Configuring Network Logon
Chapter 5: Macintosh Networking
What You Need to Know to Hook Up a Macintosh Network
Mac networking protocols
Mac OS X Server
What You Need to Know to Use a Macintosh Network
Configuring a Mac for networking
Accessing a network printer
Sharing files with other users
Accessing shared files
What You Need to Know to Network Macintoshes with PCs
Chapter 6: Configuring Other Network Features
Configuring Network Printers
Adding a network printer
Accessing a network printer using a Web interface
Configuring Internet Access
Configuring clients for DHCP

Using Internet Connection Sharing
Mapping Network Drives
Chapter 7: Verifying Your Network Installation
Is the Computer Connected to the Network?
Is the Network Configuration Working?
Can the Computers Ping Each Other?
Can You Log On?
Are Network Drives Mapped Correctly?
Do Network Printers Work?
Chapter 8: Going Virtual
Understanding Virtualization
Looking at the Benefits of Virtualization
Getting Started with Virtualization
Creating a Virtual Machine
Book III
Chapter 1: Help Wanted: Job Description for a Network
Administrator
Knowing What Network Administrators Do
Choosing the Part-Time Administrator
Establishing Routine Chores
Managing Network Users
Patching Up Your Operating System and Software
Discovering Software Tools for Network Administrators
Building a Library
Getting Certified
CompTIA
Microsoft
Cisco
Gurus Need Gurus, Too
Helpful Bluffs and Excuses
Chapter 2: Security 101
Do You Need Security?
Considering Two Approaches to Security
Physical Security: Locking Your Doors
Securing User Accounts
Obfuscating your usernames
Using passwords wisely
A Password Generator For Dummies
Securing the Administrator account
Hardening Your Network
Using a firewall
Disabling unnecessary services

Patching your servers
Securing Your Users
Chapter 3: Managing User Accounts
Exploring What User Accounts Consist Of
Looking at Built-In Accounts
The Administrator account
The Guest account
Service accounts
Assigning User Rights
Controlling User Access with Permissions (Who Gets What)
Assigning Permissions to Groups
Understanding User Profiles
Automating Tasks with Logon Scripts
Chapter 4: Firewalls and Virus Protection
Firewalls
The Many Types of Firewalls
Packet filtering
Stateful packet inspection (SPI)
Circuit-level gateway
Application gateway
The Built-In Windows Firewall
Virus Protection
What is a virus?
Antivirus programs
Safe computing
Using Windows Action Center
Chapter 5: Extending Your Network with VPN Access
Understanding VPN
Looking at VPN Security
Understanding VPN Servers and Clients
Chapter 6: Managing Network Software
Understanding Software Licenses
Using a License Server
Options for Deploying Network Software
Deploying software manually
Running Setup from a network share
Installing silently
Creating an administrative installation image
Pushing out software with group policy
Keeping Software Up to Date
Chapter 7: Solving Network Problems
When Bad Things Happen to Good Computers

Fixing Dead Computers
Ways to Check a Network Connection
A Bunch of Error Messages Just Flew By!
Double-Checking Your Network Settings
Using the Windows Networking Troubleshooter
Time to Experiment
Who's on First?
Restarting a Client Computer
Booting in Safe Mode
Using System Restore
Restarting Network Services
Restarting a Network Server
Looking at Event Logs
Documenting Your Trials and Tribulations
Chapter 8: Network Performance Anxiety
Why Administrators Hate Performance Problems
What Exactly Is a Bottleneck?
The Five Most Common Network Bottlenecks
The hardware inside your servers
The server's configuration options
Servers that do too much
The network infrastructure
Malfunctioning components
Tuning Your Network the Compulsive Way
Monitoring Network Performance
More Performance Tips
Chapter 9: Backing Up Your Data
Backing Up Your Data
All about Tapes and Tape Drives
Backup Software
Types of Backups
Normal backups
Copy backups
Daily backups
Incremental backups
Differential backups
Local versus Network Backups
How Many Sets of Backups Should You Keep?
A Word about Tape Reliability
About Cleaning the Heads
Backup Security
Chapter 10: Disaster Recovery and Business Continuity Planning

Assessing Different Types of Disasters
Environmental disasters
Deliberate disasters
Disruption of services
Equipment failure
Other disasters
Analyzing the Impact of a Disaster
Developing a Business Continuity Plan
Holding a Fire Drill
Book IV
Chapter 1: Introduction to TCP/IP and the Internet
What Is the Internet?
A Little Internet History
TCP/IP Standards and RFCs
The TCP/IP Protocol Framework
Network Interface layer
Network layer
Transport layer
Application layer
Chapter 2: Understanding IP Addresses
Understanding Binary
Counting by ones
Doing the logic thing
Working with the binary Windows Calculator
Introducing IP Addresses
Networks and hosts
The dotted-decimal dance
Classifying IP Addresses
Class A addresses
Class B addresses
Class C addresses
Subnetting
Subnets
Subnet masks
Network prefix notation
Default subnets
The great subnet roundup
IP block parties
Private and public addresses
Network Address Translation
Chapter 3: Using DHCP
Understanding DHCP

Configuration information provided by DHCP
DHCP servers
How DHCP actually works
Understanding Scopes
Feeling excluded?
Reservations suggested
How long to lease?
Working with a DHCP Server
Installing and configuring a DHCP server
Managing a DHCP server
How to Configure a Windows DHCP Client
Automatic Private IP Addressing
Renewing and releasing leases
Chapter 4: Using DNS
Understanding DNS Names
Domains and domain names
Fully qualified domain names
Top-Level Domains
Generic domains
Geographic domains
The Hosts File
Understanding DNS Servers and Zones
Zones
Primary and secondary servers
Root servers
Caching
Understanding DNS Queries
A real-life DNS example
Zone Files and Resource Records
SOA records
NS records
A records
CNAME records
PTR records
MX records
Reverse Lookup Zones
Working with the Windows DNS Server
How to Configure a Windows DNS Client
Chapter 5: Using FTP
Discovering FTP
Configuring an FTP Server
Installing FTP

Creating an FTP site
Changing the FTP site properties
Adding content to your FTP site
Accessing an FTP Site with a Browser
Using an FTP Command Line Client
FTP Command and Subcommand Reference
The FTP command
! (Escape)
? (Help)
append
ascii
bell
binary
bye
cd
close
debug
delete
dir
disconnect
get
glob
hash
help
lcd
literal
ls
mdelete
mdir
mget
mkdir
mls
mput
open
prompt
put
pwd
quit
quote
recv
remotehelp
rename

rmdir
send
status
trace
type
user
verbose
Chapter 6: TCP/IP Tools and Commands
Using the arp Command
Using the hostname Command
Using the ipconfig Command
Displaying basic IP configuration
Displaying detailed configuration information
Renewing an IP lease
Releasing an IP lease
Flushing the local DNS cache
Using the nbtstat Command
Using the netdiag Utility
Using the netstat Command
Displaying connections
Displaying interface statistics
Using the nslookup Command
Looking up an IP address
Using nslookup subcommands
Displaying DNS records
Locating the mail server for an e-mail address
Taking a ride through DNS-Land
Using the pathping Command
Using the ping Command
Using the route Command
Displaying the routing table
Modifying the routing table
Using the tracert Command
Book V
Chapter 1: Setting Up a Wireless Network
Diving into Wireless Networking
A Little High School Electronics
Waves and frequencies
Wavelength and antennas
Spectrums and the FCC
Eight-Oh-Two-Dot-Eleventy Something? (Or, Understanding
Wireless Standards)

Home on the Range
Wireless Network Adapters
Wireless Access Points
Infrastructure mode
Multifunction WAPs
Roaming
Wireless bridging
Ad-hoc networks
Configuring a Wireless Access Point
Basic configuration options
DHCP configuration
Configuring Windows XP for Wireless Networking
Using a Wireless Network with Windows XP
Connecting to a Wireless Network with Windows Vista
Connecting to a Wireless Network with Windows 7
Chapter 2: Securing a Wireless Network
Understanding Wireless Security Threats
Intruders
Freeloaders
Eavesdroppers
Spoilers
Rogue access points
What About Wardrivers and Warchalkers?
Wardriving
Warchalking
Securing Your Wireless Network
Changing the password
Securing the SSID
Enabling WEP
Using WPA
Using MAC address filtering
Placing your access points outside the firewall
Chapter 3: Hotspotting
What Is a Hotspot?
What's So Great about Hotspots?
Safe Hotspotting
Free Hotspots
Fee-Based Hotspots
T-Mobile
Boingo
Setting Up Your Own Hotspot
Chapter 4: Troubleshooting a Wireless Network

Checking for Obvious Problems
Pinpointing the Problem
Changing Channels
Fiddle with the Antennas
Adding Another Access Point
Help! I Forgot My Router's Password!
Chapter 5: Wireless Networking with Bluetooth
Understanding Bluetooth
Bluetooth Technical Stuff
How to Add Bluetooth to Your Computer
Using Bluetooth in Windows
Installing a USB Bluetooth Adapter
Enabling Discovery
Installing a Bluetooth Mouse or Keyboard
Book VI
Chapter 1: Managing Mobile Devices
The Many Types of Mobile Devices
Considering Security for Mobile Devices
Chapter 2: Managing BlackBerry Devices
Understanding BlackBerry
Adding a BES User
Locking and Erasing a Handheld
Chapter 3: Managing iPhone Devices
Understanding the iPhone
Integrating iPhone with Exchange
Enabling Exchange Mobile Services
Enabling ActiveSync for a user's mailbox
Configuring the iPhone for Exchange e-mail
Chapter 4: Managing Android Devices
Understanding Android Phones
Looking at the Android Operating System
Perusing Android's Core Applications
Integrating Android with Exchange
Chapter 5: Managing Netbooks
Understanding Netbook Computers
Connecting with a Netbook
Tips for Using a Netbook Effectively
Book VII
Chapter 1: Installing and Configuring Windows Server 2008 R2
Planning a Windows Server Installation
Checking system requirements
Reading the release notes

Deciding whether to upgrade or install
Considering your licensing options
Thinking about multiboot
Choosing a file system
Planning your partitions
Deciding your TCP/IP configuration
Choosing workgroups or domains
Before You Install . . .
Backing up
Checking the event logs
Uncompressing data
Disconnecting UPS devices
Running Setup
Adding Server Roles and Features
Chapter 2: Managing Windows Server 2008
Using the Administrator Account
Using Remote Desktop Connection
Enabling remote access
Connecting remotely
Using Microsoft Management Console
Working with MMC
An overview of the MMC consoles
Customizing MMC
Adding snap-ins
Adding taskpads
Chapter 3: Dealing with Active Directory
What Directories Do
Remembering the Good-Ol' Days of NT Domains
PDCs and BDCs
Trusts
NetBIOS names
Active Directory to the Rescue
Understanding How Active Directory Is Structured
Objects
Domains
Organizational units
Trees
Forests
Creating a Domain
Creating an Organizational Unit
Chapter 4: Managing Windows User Accounts
Understanding Windows User Accounts

Local accounts versus domain accounts
User account properties
Creating a New User
Setting User Properties
Changing the user's contact information
Setting account options
Specifying logon hours
Restricting access to certain computers
Setting the user's profile information
Resetting User Passwords
Disabling and Enabling User Accounts
Deleting a User
Working with Groups
Group types
Group scope
Default groups
Creating a group
Adding a member to a group
User Profiles
Types of user profiles
Creating a roaming profile
Creating a Logon Script
Chapter 5: Managing a File Server
Understanding Permissions
Understanding Shares
Configuring the File Server Role
Managing Your File Server
Using the Provision a Shared Folder Wizard
Sharing a folder without the wizard
Granting permissions
Chapter 6: Using Group Policy
Understanding Group Policy
Enabling Group Policy Management on Windows Server 2008
Creating Group Policy Objects
Filtering Group Policy Objects
Chapter 7: Troubleshooting
Working with the Event Viewer
Using the Event Viewer
Setting event log policies
Monitoring Performance
Using the Reliability and Performance Monitor
Creating performance logs

Using the Computer Management Console
Working with Services
Chapter 8: Windows Commands
Using a Command Window
Opening and closing a command window
Editing commands
Using the Control menu
Special Command Tricks
Wildcards
Chaining commands
Redirection and piping
Environment variables
Batch files
The EventCreate Command
Net Commands
The Net Accounts command
The Net Computer command
The Net Config command
The Net Continue command
The Net File command
The Net Group command
The Net Help command
The Net Helpmsg command
The Net Localgroup command
The Net Name command
The Net Pause command
The Net Print command
The Net Send command
The Net Session command
The Net Share command
The Net Start command
The Net Statistics command
The Net Stop command
The Net Time command
The Net Use command
The Net User command
The Net View command
The RunAs Command
Book VIII
Chapter 1: Using Internet Information System (IIS)
Installing IIS
Understanding the Default Web Site

Creating Web Sites
Chapter 2: Managing Exchange Server 2010
Creating a Mailbox
Managing Mailboxes
Enabling Mailbox Features
Creating a Forwarder
Setting Mailbox Storage Limits
Configuring Outlook for Exchange
Viewing Another Mailbox
Chapter 3: Using SQL Server 2008
What Is a Database?
What Is a Relational Database?
What Is SQL?
SQL dialects
SQL statements
Using the select statement
Installing SQL Server 2008
Using the SQL Server 2008 Management Studio
Creating a New Database
Creating Tables
Editing Tables
Working with Queries
Working with Scripts
Chapter 4: Using SharePoint
What Is SharePoint?
Connecting to a SharePoint Site
Adding Users
Adding and Removing Announcements
Creating New Pages
Editing the Quick Launch Menu
Working with Document Libraries
Book IX
Chapter 1: Installing a Linux Server
Planning a Linux Server Installation
Checking system requirements
Choosing a distribution
Thinking about multiboot
Planning your partitions
Deciding on your TCP/IP configuration
Installing Fedora 7
Using the Setup Agent
Chapter 2: Getting Used to Linux

Linux: It Isn't Windows
X Window
Virtual consoles
Understanding the file system
On Again, Off Again
Logging on
Logging off
Shutting down
Using GNOME
Getting to a Command Shell
Managing User Accounts
Chapter 3: Basic Linux Network Configuration
Using the Network Configuration Program
Restarting Your Network
Working with Network Configuration Files
The Network file
The ifcfg files
The Hosts file
The resolv.conf file
The nsswitch.conf file
The xinetd.conf file
Displaying Your Network Configuration with the ifconfig
Command
Chapter 4: Running DHCP and DNS
Running a DHCP Server
Installing DHCP
Configuring DHCP
Starting DHCP
Running a DNS Server
Installing BIND
Looking at BIND configuration files
Restarting BIND
Chapter 5: Doing the Samba Dance
Understanding Samba
Installing Samba
Starting and Stopping Samba
Using the Samba Server Configuration Tool
Configuring server settings
Configuring Samba users
Creating a share
Editing the smb.conf File
Using the Samba Client

Chapter 6: Running Apache
Installing Apache
Starting and Stopping Apache
Confirming that Apache Is Running
Using the HTTP Configuration Tool
Restricting Access to an Apache Server
Configuring Virtual Hosts
Configuring the default host
Creating a virtual host
Setting the Apache User Account
Manually Editing Apache's Configuration Files
Creating Web Pages
Chapter 7: Running Sendmail
Understanding E-Mail
Installing Sendmail
Modifying sendmail.mc
Enabling connections
Enabling masquerading
Setting up aliases
Using SpamAssassin
Installing SpamAssassin
Customizing SpamAssassin
Blacklisting and whitelisting e-mail addresses
Using the Mail Console Client
Using Evolution
Chapter 8: Running FTP
Installing vsftpd
Starting the vsftpd Service
Configuring FTP
Chapter 9: Linux Commands
Command Shell Basics
Getting to a shell
Editing commands
Wildcards
Redirection and piping
Environment variables
Shell scripts
Directory and File Handling Commands
The pwd command
The cd command
The mkdir command
The rmdir command

The ls command
The cp command
The rm command
The mv command
The touch command
The cat command
Commands for Working with Packages and Services
The service command
The rpm command
Commands for Administering Users
The useradd command
The usermod command
The userdel command
The chage command
The passwd command
The newusers command
The groupadd command
The groupdel command
The gpasswd command
Commands for Managing Ownership and Permissions
The chown command
The chgrp command
The chmod command
Networking Commands
The hostname command
The ifconfig command
The netstat command
The ping command
The route command
The traceroute command
Appendix A: Directory of Useful Web Sites
Certification
Hardware
Home and Small Business Networking
Linux
Magazines
Microsoft
Network Standards Organizations
Reference
Search
TCP/IP and the Internet
Wireless Networking

Smartphones
Appendix B: Glossary
Networking Basics

Chapter 1: Understanding Networks
In This Chapter
Introducing computer networks
Finding out all about clients, servers, and peers
Understanding the various types of networks
Figuring out the disadvantages of networking
The first computer network was invented when ancient mathematicians connected their abacuses (or is
it abaci?) together with kite string so they could instantly share their abacus answers with each other.
Over the years, computer networks became more and more sophisticated. Now, instead of string,
networks use electrical cables, fiber-optic cables, or wireless radio signals to connect computers to each
other. The purpose, however, has remained the same: sharing information and getting work done faster.
This chapter describes the basics of what computer networking is and how it works.
What Is a Network?
A network is nothing more than two or more computers connected to each other so that they can
exchange information, such as e-mail messages or documents, or share resources, such as disk storage or
printers. In most cases, this connection is made via electrical cables that carry the information in the form
of electrical signals. But in some cases, other types of connections are used. For example, fiber-optic
cables let computers communicate at extremely high speeds by using impulses of light. Wireless networks
let computers communicate by using radio signals, so the computers aren't restricted by physical cables.
In addition to the hardware that comprises the network, a network also requires special software to enable
communications. In the early days of networking, you had to add this software to each computer on the
network. Nowadays, network support is built in to all major operating systems, including all current
versions of Windows, Macintosh operating systems, and Linux.
Network building blocks

All networks, large or small, require specialized network hardware to make them work. For small
networks, the hardware may consist of nothing more than a collection of computers that are equipped
with network ports, a cable for each computer, and a network switch that all the computers plug in to via
the cable. Larger networks probably have additional components, such as routers or repeaters.
Small or large, all networks are built from the following basic building blocks:
♦ Client computers: The computers that end users use to access the resources of the network. Client
computers are typically computers located on users' desks. They usually run a desktop version of
Windows such as Windows 7, Vista, or XP. In addition, the client computers usually run some type of
application software such as Microsoft Office. Client computers are sometimes referred to
as workstations.
♦ Server computers: Computers that provide shared resources, such as disk storage and printers, as
well as network services, such as e-mail and Internet access. Server computers typically run a specialized
network operating system such as Windows Server 2008 or 2003, NetWare, or Linux, along with special
software to provide network services. For example, a server may run Microsoft Exchange to provide e-
mail services for the network, or it may run Apache Web Server so that the computer can serve Web
pages.
♦ Network interface: An interface — sometimes called a network port — that's installed in a computer
to enable the computer to communicate over a network. Almost all network interfaces implement a
networking standard called Ethernet.
A network interface is sometimes called a NIC, which stands for network interface card,because in the
early days of networking you actually had to install a separate circuit card in the computer to provide a
network interface. Nowadays, nearly all computers come with network interfaces built in as an integral
part of the computer's motherboard. Although separate network cards are rarely required these days, the
term NIC is still frequently used to refer to the network interface.

It's still common to install separate network interface cards to provide more than one network
interface on a single computer, or to replace a built-in network interface that has malfunctioned without
having to replace the entire motherboard.
♦ Cable: Computers in a network are usually physically connected to each other using cable. Although
several types of cable have been popular over the years, most networks today use a type of cable
called twisted-pair, also known by its official designation10BaseT.
Twisted-pair cable is also sometimes referred to as Cat-5 or Cat-6 cable. These terms refer to the
standards that determine the maximum speed with which the cable can carry data, Cat-6 being rated for
more speed than Cat-5.
Twisted-pair cable can also be referred to simply as copper, to distinguish it from fiber-optic cable which
is used for the highest-speed network connections. Fiber-optic cable uses strands of glass to transmit light
signals at very high speeds.
In many cases, the cables run through the walls and converge on a central room called awiring closet. But
for smaller networks, the cables are often just strung along the floor, hidden behind desks and other
furniture whenever possible.
♦ Switches: Network cable usually doesn't connect computers directly to each other. Instead, each
computer is connected by cable to a device known as a switch. The switch, in turn, connects to the rest of
the network. Each switch contains a certain number of ports,typically 8 or 16. Thus, you can use an eight-
port switch to connect up to eight computers. Switches can be connected to each other to build larger
networks. For more information about switches, see the "Network Topology" section later in this chapter.
(Older networks may use a more primitive type of device called a hub instead of a switch. A hub provides
the same function as a switch, but it isn't as efficient. The term hub is sometimes used to
meanswitch, even though hubs and switches are not technically the same thing.)
♦ Wireless networks: In many networks, cables and switches are making way for wireless network
connections, which enable computers to communicate via radio signals. In a wireless network, radio
transmitters and receivers take the place of cables. The main advantage of wireless networking is its
flexibility. With a wireless network, you don't have to run cables through walls or ceilings, and your client
computers can be located anywhere within range of the network broadcast. The main disadvantage of
wireless networking is that it's inherently less secure than a cabled network.

♦ Network software: Although network hardware is essential, what really makes a network work is
software. A whole bunch of software has to be set up just right in order to get a network working. Server
computers typically use a special network operating system(also known as a NOS) in order to function
efficiently, and client computers need to have their network settings configured properly in order to access
the network.
One of the most important networking choices to make is which network operating system you'll use on
the network's servers. That's because much of the task of building a new network and managing an
existing one is setting up and maintaining the network operating system on the servers.
Why bother?
If the truth be told, computer networks are a pain to set up. So, why bother? Because the benefits of
having a network make the difficulty of setting one up worthwhile. You don't have to be a Ph.D. to
understand the benefits of networking. In fact, you learned everything you need to know about the
benefits of networking in kindergarten. Networks are all about sharing. Specifically, networks are about
sharing three things: information, resources, and applications.
♦ Sharing information: Networks allow users to share information in several different ways. The most
common way of sharing information is to share individual files. For example, two or more people can
work together on a single spreadsheet file or word-processing document. In most networks, a large hard
drive on a central server computer is set up as a common storage area where users can store files to be
shared with other users.
In addition to sharing files, networks allow users to communicate with each other in various ways. For
example, messaging applications let network users exchange messages with each other using an e-mail
application such as Microsoft Outlook. Users can also hold online meetings over the network. In fact, with
inexpensive video cameras and the right software, users can hold videoconferences over the network.
♦ Sharing resources: Certain computer resources, such as printers or hard drives, can be set up so that
network users can share them. Sharing these resources can result in significant cost savings. For example,
it's cheaper to buy a single high-speed printer with advanced features such as collating, stapling, and
duplex printing that can be shared by an entire workgroup than it is to buy separate printers for each user
in the group.
Hard drives can also be shared resources. In fact, providing users with access to a shared hard drive is the
most common method of sharing files on a network. A computer whose main purpose in life is to host
shared hard drives is called a file server.
In actual practice, entire hard drives aren't usually shared. Instead, individual folders on a networked
hard drive are shared. This way, the network administrator can allow different network users to have
access to different shared folders. For example, a company may set up shared folders for its sales
department and accounting department. Then, sales personnel can access the sales department's folder,
and accounting personnel can access the accounting department's folder.
You can share other resources on a network. For example, a network can be used to share an Internet
connection. In the early days of the Internet, it was common for each user who required access to the
Internet to have his or her own modem connection. Nowadays, it's more common for the network to
provide a shared, high-speed Internet connection that everyone on the network can access.
♦ Sharing applications: One of the most common reasons for networking in many businesses is so that
several users can work together on a single business application. For example, an accounting department
may have accounting software that can be used from several computers at the same time. Or a sales-
processing department may have an order-entry application that runs on several computers to handle a
large volume of orders.
Of Clients and Servers

The network computer that contains the hard drives, printers, and other resources that are
shared with other network computers is called a server. This term comes up repeatedly, so you have to
remember it. Write it on the back of your left hand.
Any computer that's not a server is called a client. You have to remember this term, too. Write it on the
back of your right hand.
Only two kinds of computers are on a network: servers and clients. Look at your left hand and then look at
your right hand. Don't wash your hands until you have these terms memorized.

The distinction between servers and clients in a network would be somewhat fun to study in a sociology
class because it's similar to the distinction between the haves and the have-nots in society:
♦ Usually, the most powerful and expensive computers in a network are the servers. This fact makes sense
because every user on the network shares the server's resources.
♦ The cheaper and less powerful computers in a network are the clients. Clients are the computers used by
individual users for everyday work. Because clients' resources don't have to be shared, they don't have to
be as fancy.
♦ Most networks have more clients than servers. For example, a network with ten clients can probably get
by with one server.
♦ In some networks, a clear line of segregation exists between servers and clients. In other words, a
computer is either a server or a client, and not both. A server can't become a client, nor can a client
become a server.
♦ Other networks are more progressive, allowing any computer in the network to be a server and allowing
any computer to be both server and client at the same time. The network illustrated in Figure 1-1, later in
this chapter, is this type of network.
Dedicated Servers and Peers
In some networks, a server computer is a server computer and nothing else. This server computer is
dedicated solely to the task of providing shared resources, such as hard drives and printers, to be accessed
by the network client computers. Such a server is referred to as a dedicated server because it can perform
no other tasks besides network services. A network that relies on dedicated servers is sometimes called
a client/server network.
Other networks take an alternative approach, enabling any computer on the network to function as both a
client and a server. Thus, any computer can share its printers and hard drives with other computers on
the network. And while a computer is working as a server, you can still use that same computer for other
functions such as word processing. This type of network is called a peer-to-peer network because all the
computers are thought of as peers, or equals.
While you're walking the dog tomorrow morning, ponder these points concerning the difference between
dedicated server networks and peer-to-peer networks:
♦ Peer-to-peer networking has been built in to all versions of Windows since Windows 95. Thus, you don't
have to buy any additional software to turn your computer into a server. All you have to do is enable the
Windows server features.
♦ The network server features that are built in to desktop versions of Windows (including Windows 7,
Vista, and XP) aren't very efficient because these versions of Windows were not designed primarily to be
network servers. If you're going to dedicate a computer to the task of being a full-time server, you should
use a full-fledged network operating system, such as Windows Server 2008, instead.
Networks Big and Small
Networks come in all sizes and shapes. In fact, it's common to categorize networks based on the
geographical size they cover, as described in the following list:
♦ Local area networks: A local area network, or LAN, is a network in which computers are relatively
close together, such as within the same office or building.
Note that the term LAN doesn't imply that the network is small. A LAN can, in fact, contain hundreds or
even thousands of computers. What makes a network a LAN is that all those computers are located within
close proximity to each other. Usually a LAN is contained within a single building, but a LAN can extend
to several buildings on a campus — provided the buildings are close to each other (typically within 300
feet of each other, though greater distances are possible with special equipment).
♦ Wide area networks: A wide area network, or WAN, is a network that spans a large geographic
territory, such as an entire city or region, or even an entire country. WANs are typically used to connect
two or more LANs that are relatively far apart. For example, a WAN may connect an office in San
Francisco with an office in New York.
Again, it's the geographic distance, not the number of computers involved, that makes a network a WAN.
If the office in San Francisco and the office in New York both have only one computer, the WAN will have
a total of two computers but will span more than 3,000 miles.
♦ Metropolitan area networks: A metropolitan area network, or MAN, is a network that's smaller
than a typical WAN but larger than a LAN. Typically, a MAN connects two or more LANs that are within

the same city but are far enough apart that the networks can't be connected using a simple cable or
wireless connection.
Network Topology
The term network topology refers to the shape of how the computers and other network components are
connected to each other. There are several different types of network topologies, each with advantages and
disadvantages.
In the following discussion of network topologies, I use two important terms:
♦ Node: A node is a device that's connected to the network. For your purposes here, a node is the same as
a computer. Network topology deals with how the nodes of a network are connected to each other.
♦ Packet: A packet is a message that's sent over the network from one node to another node. The packet
includes the address of the node that sent the packet, the address of the node the packet is being sent to,
and data.
Bus topology
The first type of network topology is called a bus, in which nodes are strung together in a line, as shown in
Figure 1-1. The key to understanding how a bus topology works is to think of the entire network as a single
cable, with each node "tapping" into the cable so it can listen in on the packets being sent over that cable.
If you're old enough to remember party lines, you get the idea.
Figure 1-1: Bus topology.

In a bus topology, every node on the network can see every packet that's sent on the cable. Each node
looks at each packet to determine whether the packet is intended for it. If so, the node claims the packet.
If not, the node ignores the packet. This way, each computer can respond to data sent to it and ignore data
sent to other computers on the network.
If the cable in a bus network breaks, the entire network is effectively disabled. Obviously the nodes on
opposite sides of the break can't continue to communicate with each other because data can't span the gap
created by the break. But even those nodes that are on the same side of the break will be unable to
communicate with each other, because the open end of the cable left by the break disrupts the proper
transmission of electrical signals.
In the early days of Ethernet networking, bus topology was commonplace. Although bus topology has
given way to star topology (see the next section) for most networks today, many networks today still have
elements that rely on bus topology.
Star topology
In a star topology, each network node is connected to a central device called a hub or aswitch, as shown in
Figure 1-2. Star topologies are commonly used with LANs.
If a cable in a star network breaks, only the node connected to that cable is isolated from the network. The
other nodes can continue to operate without interruption — unless, of course, the node that's isolated
because of the break happens to be the file server.

You should be aware of the somewhat technical distinction between a hub and a switch. Simply
put, a hub doesn't know anything about the computers that are connected to each of its ports. So when a
computer connected to the hub sends a packet to a computer that's connected to another port, the hub

sends a duplicate copy of the packet to all its ports. In contrast, a switch knows which computer is
connected to each of its ports. As a result, when a switch receives a packet intended for a particular
computer, it sends the packet only to the port that the recipient is connected to.
Figure 1-2: Star topology.

Strictly speaking, only networks that use switches have a true star topology. If the network uses a hub, the
network topology has the physical appearance of a star, but is actually a bus. That's because when a hub is
used, each computer on the network sees all the packets sent over the network, just like in a bus topology.
In a true star topology, as when a switch is used, each computer sees only those packets that were sent
specifically to it, as well as packets that were specifically sent to all computers on the network (those types
of packets are called broadcast packets).
Expanding stars
Physicists say that the universe is expanding, and network administrators know they're right. A simple
bus or star topology is suitable only for small networks, with a dozen or so computers. But small networks
inevitably become large networks as more computers are added. For larger networks, it's common to
create more complicated topologies that combine stars and buses.
For example, a bus can be used to connect several stars. In this case, two or more hubs or switches are
connected to each other using a bus. Each of these hubs or switches is then the center of a star that
connects two or more computers to the network. This type of arrangement is commonly used in buildings
that have two or more distinct workgroups. The bus that connects the switches is sometimes called
a backbone.
Another way to expand a star topology is to use a technique called daisy-chaining. When you use daisy-
chaining, a switch is connected to another switch as if it were one of the nodes on the star. Then, this
second switch serves as the center of a second star.
Ring topology

A third type of network topology is called a ring, shown in Figure 1-3. In a ring topology, packets are sent
around the circle from computer to computer. Each computer looks at each packet to decide whether the
packet was intended for it. If not, the packet is passed on to the next computer in the ring.
Figure 1-3: Ring topology.

Years ago, ring topologies were common in LANs, as two popular networking technologies used rings:
ARCNET and Token Ring. ARCNET is still used for certain applications such as factory automation, but is
rarely used in business networks. Token Ring is still a popular network technology for IBM midrange
computers. Although plenty of Token Ring networks are still in existence, not many new networks use
Token Ring any more.
Ring topology was also used by FDDI, one of the first types of fiber-optic network connections. FDDI has
given way to more efficient fiber-optic techniques, however. So ring networks have all but vanished from
business networks.
Mesh topology
A fourth type of network topology, known as mesh, has multiple connections between each of the nodes
on the network, as shown in Figure 1-4. The advantage of a mesh topology is that if one cable breaks, the
network can use an alternative route to deliver its packets.
Figure 1-4: Mesh topology.

Mesh networks aren't very practical in a LAN setting. For example, to network eight computers in a mesh
topology, each computer would have to have seven network interface cards, and 28 cables would be
required to connect each computer to the seven other computers in the network. Obviously, this scheme
isn't very scalable.
However, mesh networks are common for metropolitan or wide area networks. These networks use
devices called routers to route packets from network to network. For reliability and performance reasons,
routers are usually arranged in a way that provides multiple paths between any two nodes on the network
in a meshlike arrangement.
Chapter 2: Understanding Network Protocols and
Standards
In This Chapter
Deciphering the layers of the OSI reference model
Understanding an Ethernet
Getting the inside scoop on TCP/IP and IPX/SPX
Finding out about other important protocols
Protocols and standards are what make networks work together. Protocols make it possible for the various
components of a network to communicate with each other. Standards also make it possible for network
components manufactured by different companies to work together. This chapter introduces you to the
protocols and standards that you're most likely to encounter when building and maintaining a network.
Understanding Protocols
A protocol is a set of rules that enables effective communications to occur. You encounter protocols every
day. For example, when you pay for groceries with a debit card, the clerk first tells you how much the
groceries cost. You then swipe your debit card in the card reader, punch in your security code, indicate
whether you want cash back, enter the amount of the cash back if you so indicated, then verify the total
amount. You then cross your fingers behind your back and say a quiet prayer while the machine
authorizes the purchase. Assuming the amount is authorized, the machine prints out your receipt.
Here's another example of an everyday protocol: making a phone call. You probably take most of the
details of the phone-calling protocol for granted, but it's pretty complicated if you think about it:
♦ When you pick up a phone, you must listen for a dial tone before dialing the number (unless you're
using a cell phone). If you don't hear a dial tone, you know that either (1) someone else in your family is
talking on the phone or (2) something is wrong with your phone.
♦ When you hear the dial tone, you initiate the call by dialing the number of the party you want to reach. If
the person you want to call is in the same area code as you, most of the time you simply dial that person's
seven-digit phone number. If the person is in a different area code, you dial a one, the three-digit area
code, and the person's seven-digit phone number.
♦ If you hear a series of long ringing tones, you wait until the other person answers the phone. If the
phone rings a certain number of times with no answer, you hang up and try again later. If you hear a voice
say, "Hello," you begin a conversation with the other party. If the person on the other end of the phone
has never heard of you, you say, "Sorry, wrong number," hang up, and try again.

♦ If you hear a voice that rambles on about how they're not home but they want to return your call, you
wait for a beep and leave a message.
♦ If you hear a series of short tones, you know the other person is talking to someone else on the phone. So
you hang up and try again later.
♦ If you hear a sequence of three tones that increase in pitch, followed by a recorded voice that says "We're
sorry . . ." you know that the number you dialed is invalid. Either you dialed the number incorrectly, or the
number has been disconnected.
I can go on and on, but I think you probably get the point. Exchanges such as using debit cards or making
phone calls follow the same rules every time they happen.
Computer networks depend upon many different types of protocols in order to work. These protocols are
very rigidly defined, and for good reason. Network cards must know how to talk to other network cards in
order to exchange information, operating systems must know how to talk to network cards in order to
send and receive data on the network, and application programs must know how to talk to operating
systems in order to know how to retrieve a file from a network server.
Protocols come in many different types. At the lowest level, protocols define exactly what type of electrical
signal represents a one and what type of signal represents a zero. At the highest level, protocols allow a
computer user in the United States to send an e-mail to another computer user in New Zealand. And in
between are many other levels of protocols. You find out more about these levels of protocols (which are
often called layers) in the section, "The Seven Layers of the OSI Reference Model," later in this chapter.

Various protocols tend to be used together in matched sets called protocol suites. The two most
popular protocol suites for networking are TCP/IP andEthernet. TCP/IP was originally developed for
Unix networks and is the protocol of the Internet and most local-area networks. Ethernet is a low-level
protocol that spells out the electrical characteristics of the network hardware used by most local-area
networks. A third important protocol is IPX/SPX, which is an alternative to TCP/IP that was originally
developed for NetWare networks. In the early days of networking, IPX/SPX was widely used in local area
networks, but TCP/IP is now the preferred protocol.
Understanding Standards
A standard is an agreed-upon definition of a protocol. In the early days of computer networking, each
computer manufacturer developed its own networking protocols. As a result, you weren't able to easily
mix equipment from different manufacturers on a single network.
Then along came standards to save the day. Standards are industry-wide protocol definitions that are not
tied to a particular manufacturer. With standard protocols, you can mix and match equipment from
different vendors. As long as the equipment implements the standard protocols, it should be able to
coexist on the same network.
Many organizations are involved in setting standards for networking. The five most important
organizations are
♦ American National Standards Institute (ANSI): The official standards organization in the United
States. ANSI is pronounced AN-see.
♦ Institute of Electrical and Electronics Engineers (IEEE): An international organization that
publishes several key networking standards — in particular, the official standard for the Ethernet
networking system (known officially as IEEE 802.3). IEEE is pronounced eye-triple-E.
♦ International Organization for Standardization (ISO): A federation of more than 100 standards
organizations from throughout the world. If I had studied French in high school, I'd probably understand
why the acronym for International Organization for Standardization is ISO, and not IOS.
♦ Internet Engineering Task Force (IETF): The organization responsible for the protocols that drive
the Internet.
♦ World Wide Web Consortium (W3C): An international organization that handles the development
of standards for the World Wide Web.
Table 2-1 lists the Web sites for each of these standards organizations.

The Seven Layers of the OSI Reference Model
OSI sounds like the name of a top-secret government agency you hear about only in Tom Clancy novels.
What it really stands for in the networking world is Open Systems Interconnection, as in the Open
Systems Interconnection Reference Model, affectionately known as the OSI model.
The OSI model breaks the various aspects of a computer network into seven distinct layers. These layers
are kind of like the layers of an onion: Each successive layer envelops the layer beneath it, hiding its
details from the levels above. The OSI model is also like an onion in that if you start to peel it apart to have
a look inside, you're bound to shed a few tears.
The OSI model is not a networking standard in the same sense that Ethernet and TCP/IP are networking
standards. Rather, the OSI model is a framework into which the various networking standards can fit. The
OSI model specifies what aspects of a network's operation can be addressed by various network
standards. So, in a sense, the OSI model is sort of a standard of standards.
Table 2-2 summarizes the seven layers of the OSI model.

The first three layers are sometimes called the lower layers. They deal with the mechanics of how
information is sent from one computer to another over a network. Layers 4 through 7 are sometimes
called the upper layers. They deal with how application software can relate to the network through
application programming interfaces.
The following sections describe each of these layers in greater detail.

The seven layers of the OSI model are a somewhat idealized view of how networking protocols
should work. In the real world, actual networking protocols don't follow the OSI model to the letter. The
real world is always messier than we'd like. Still, the OSI model provides a convenient — if not completely
accurate — conceptual picture of how networking works.
The Physical Layer
The bottom layer of the OSI model is the Physical layer. It addresses the physical characteristics of the
network, such as the types of cables used to connect devices, the types of connectors used, how long the
cables can be, and so on. For example, the Ethernet standard for 10BaseT cable specifies the electrical
characteristics of the twisted-pair cables, the size and shape of the connectors, the maximum length of the
cables, and so on. The star, bus, ring, and mesh network topologies described in Book I, Chapter 1 apply to
the Physical layer.
Another aspect of the Physical layer is the electrical characteristics of the signals used to transmit data
over the cables from one network node to another. The Physical layer doesn't define any meaning to those
signals other than the basic binary values of zero and one. The higher levels of the OSI model must assign
meanings to the bits that are transmitted at the Physical layer.
One type of Physical layer device commonly used in networks is a repeater. A repeater is used to
regenerate the signal whenever you need to exceed the cable length allowed by the Physical layer
standard. 10BaseT hubs are also Physical layer devices. Technically, they're known as multiport
repeaters because the purpose of a hub is to regenerate every packet received on any port on all of the
hub's other ports. Repeaters and hubs don't examine the contents of the packets that they regenerate. If
they did, they would be working at the Data Link layer, and not at the Physical layer.
The network adapter (also called a network interface card or NIC) that's installed in each computer on
the network is a Physical layer device. You can display information about the network adapter (or
adapters) installed in a Windows computer by displaying the adapter's Properties dialog box, as shown in
Figure 2-1. To access this dialog box in Windows 7 or Vista, open the Control Panel, choose Network and
Internet, choose View Network Status and Tasks, and choose Change Adapter Settings. Then, right-click
the Local Area Connection icon and choose Properties from the menu that appears.
Figure 2-1: The Properties dialog box for a network adapter.

The Data Link Layer
The Data Link layer is the lowest layer at which meaning is assigned to the bits that are transmitted over
the network. Data link protocols address things such as the size of each packet of data to be sent, a means

of addressing each packet so that it's delivered to the intended recipient, and a way to ensure that two or
more nodes don't try to transmit data on the network at the same time.
The Data Link layer also provides basic error detection and correction to ensure that the data sent is the
same as the data received. If an uncorrectable error occurs, the data link standard must specify how the
node is to be informed of the error so that it can retransmit the data.
At the Data Link layer, each device on the network has an address known as the Media Access Control
address, or MAC address. This address is actually hard-wired into every network device by the
manufacturer. MAC addresses are unique; no two network devices made by any manufacturer anywhere
in the world can have the same MAC address.
You can see the MAC address for a computer's network adapter by opening a command window and
running the ipconfig /all command, as shown in Figure 2-2. In this example, the MAC address of the
network card is A4-BA-DB-01-99-E8. (The ipconfigcommand refers to the MAC address as
the physical address.)
Figure 2-2: Using the ipconfig /all command to display the MAC address of a network adapter.

One of the most import functions of the Data Link layer is to provide a way for packets to be sent
safely over the physical media without interference from other nodes attempting to send packets at the
same time. The two most popular ways to do this are CSMA/CD and token passing. Ethernet networks use
CSMA/CD, and Token Ring networks use token passing.
Two types of Data Link layer devices are commonly used on networks: bridges and switches. A bridge is
an intelligent repeater that is aware of the MAC addresses of the nodes on either side of the bridge and
can forward packets accordingly. A switch is an intelligent hub that examines the MAC address of arriving
packets in order to determine which port to forward the packet to.

An important function of the Data Link layer is to make sure that two computers don't try to
send packets over the network at the same time. If they do, the signals will collide with each other, and the
transmission will be garbled. Ethernet accomplishes this feat by using a technique
called CSMA/CD, which stands for carrier sense multiple access with collision detection. This phrase is a
mouthful, but if you take it apart piece by piece, you'll get an idea of how it works.
Carrier sense means that whenever a device wants to send a packet over the network media, it first listens
to the network media to see whether anyone else is already sending a packet. If it doesn't hear any other
signals on the media, the computer assumes that the network is free, so it sends the packet.
Multiple access means that nothing prevents two or more devices from trying to send a message at the
same time. Sure, each device listens before sending. However, suppose that two devices listen, hear
nothing, and then proceed to send their packets at the same time? Picture what happens when you and
someone else arrive at a four-way stop sign at the same time. You wave the other driver on, he or she
waves you on, you wave, he or she waves, you both wave, and then you both go at the same time.
Collision detection means that after a device sends a packet, it listens carefully to see whether the packet
crashes into another packet. This is kind of like listening for the screeching of brakes at the four-way stop.
If the device hears the screeching of brakes, it waits a random period of time and then tries to send the
packet again. Because the delay is random, two packets that collide are sent again after different delay
periods, so a second collision is unlikely.
CSMA/CD works pretty well for smaller networks. After a network hits about 30 computers, however,
packets start to collide like crazy, and the network slows to a crawl. When that happens, the network
should be divided into two or more separate sections that are sometimes called collision domains.
The Network Layer
The Network layer handles the task of routing network messages from one computer to another. The two
most popular layer 3 protocols are IP (which is usually paired with TCP) and IPX (normally paired with
SPX for use with Novell and Windows networks).
Network layer protocols provide two important functions: logical addressing and routing. The following
sections describe these functions.
Logical addressing
As you know, every network device has a physical address called a MAC address, which is assigned to the
device at the factory. When you buy a network interface card to install into a computer, the MAC address
of that card is fixed and can't be changed. But what if you want to use some other addressing scheme to
refer to the computers and other devices on your network? This is where the concept of logical
addressing comes in; a logical address lets you access a network device by using an address that you
assign.
Logical addresses are created and used by Network layer protocols such as IP or IPX. The Network layer
protocol translates logical addresses to MAC addresses. For example, if you use IP as the Network layer
protocol, devices on the network are assigned IP addresses such as 207.120.67.30. Because the IP protocol
must use a Data Link layer protocol to actually send packets to devices, IP must know how to translate the
IP address of a device to the device's MAC address.

You can use the ipconfig command shown earlier in Figure 2-2 to see the IP address of your
computer. The IP address shown in the figure is 192.168.1.100. Another way to display this information is
to use the System Information command, found on the Start menu under Start⇒All
Programs⇒Accessories⇒System Tools⇒System Information. The IP address is highlighted in Figure 2-3.
Notice that the System Information program displays a lot of other useful information about the network
besides the IP address. For example, you can also see the MAC address, what protocols are being used,
and other information.
Figure 2-3: Displaying network information using the System Information program.

Although the exact format of logical addresses varies depending on the protocol being used, most
protocols divide the logical address into two parts: a network address and a device address. The network
address identifies which network the device resides on, and the device address then identifies the device
on that network. For example, in a typical IP address, such as 192.168.1.102, the network address is
192.168.1, and the device address (called a host address in IP) is 102.
Similarly, IPX addresses consist of two parts: a network address and a node address. In an IPX address,
the node address is the same as the MAC address. As a result, IPX doesn't have to translate between layer
3 and layer 2 addresses.
Routing
Routing comes into play when a computer on one network needs to send a packet to a computer on
another network. In this case, a device called a router is used to forward the packet to the destination
network. In some cases, a packet may actually have to travel through several intermediate networks in
order to reach its final destination network. You can find out more about routers in Book I, Chapter 3.
An important feature of routers is that you can use them to connect networks that use different layer 2
protocols. For example, a router can be used to send a packet from an Ethernet to a Token Ring network.
As long as both networks support the same layer 3 protocol, it doesn't matter whether their layer 1 and
layer 2 protocols are different.

A protocol is considered routable if it uses addresses that include a network part and a host part.
Any protocol that uses physical addresses isn't routable because physical addresses don't indicate to which
network a device belongs.
The Transport Layer

The Transport layer is the layer where you'll find two of the most well-known networking protocols: TCP
(normally paired with IP) and SPX (normally paired with IPX). As its name implies, the Transport layer is
concerned with the transportation of information from one computer to another.
The main purpose of the Transport layer is to ensure that packets are transported reliably and without
errors. The Transport layer does this task by establishing connections between network devices,
acknowledging the receipt of packets, and resending packets that aren't received or are corrupted when
they arrive.
In many cases, the Transport layer protocol divides large messages into smaller packets that can be sent
over the network efficiently. The Transport layer protocol reassembles the message on the receiving end,
making sure that all the packets that comprise a single transmission are received so that no data is lost.
For some applications, speed and efficiency are more important than reliability. In such cases,
a connectionless protocol can be used. A connectionless protocol doesn't go to the trouble of establishing a
connection before sending a packet. Instead, it simply sends the packet. TCP is a connection-oriented
Transport layer protocol. The connectionless protocol that works alongside TCP is called UDP.
In Windows XP or Vista, you can view information about the status of TCP and UDP connections by
running the Netstat command from a command window, as Figure 2-4 shows. In the figure, you can see
that several TCP connections are established.
Figure 2-4: Using the Netstat command.

In fact, you can use the command Netstat /N to see the numeric network addresses instead of the
names. With the /N switch, the output in Figure 2-4 would look like this:
Active Connections
Proto Local Address Foreign Address State
TCP 127.0.0.1:2869 127.0.0.1:54170 ESTABLISHED
TCP 127.0.0.1:5357 127.0.0.1:54172 TIME_WAIT
TCP 127.0.0.1:27015 127.0.0.1:49301 ESTABLISHED
TCP 127.0.0.1:49301 127.0.0.1:27015 ESTABLISHED
TCP 127.0.0.1:54170 127.0.0.1:2869 ESTABLISHED
TCP 192.168.1.100:49300 192.168.1.101:445 ESTABLISHED

TCP is a connection-oriented Transport layer protocol. UDP is a connectionless Transport layer
protocol.
The Session Layer
The Session layer establishes conversations known as sessions between networked devices. A session is an
exchange of connection-oriented transmissions between two network devices. Each of these transmissions
is handled by the Transport layer protocol. The session itself is managed by the Session layer protocol.
A single session can include many exchanges of data between the two computers involved in the session.
After a session between two computers has been established, it is maintained until the computers agree to
terminate the session.
The Session layer allows three types of transmission modes:
♦ Simplex: In this mode, data flows in only one direction.
♦ Half-duplex: In this mode, data flows in both directions, but only in one direction at a time.
♦ Full-duplex: In this mode, data flows in both directions at the same time.

In actual practice, the distinctions in the Session, Presentation, and Application layers are often
blurred, and some commonly used protocols actually span all three layers. For example, SMB — the
protocol that is the basis of file sharing in Windows networks — functions at all three layers.
The Presentation Layer
The Presentation layer is responsible for how data is represented to applications. Most computers —
including Windows, Unix, and Macintosh computers — use the American Standard Code for Information
Interchange (ASCII) to represent data. However, some computers (such as IBM mainframe computers)
use a different code, known as Extended Binary Coded Decimal Interchange Code (EBCDIC). ASCII and
EBCDIC aren't compatible with each other. To exchange information between a mainframe computer and
a Windows computer, the Presentation layer must convert the data from ASCII to EBCDIC and vice versa.
Besides simply converting data from one code to another, the Presentation layer can also apply
sophisticated compression techniques so that fewer bytes of data are required to represent the
information when it's sent over the network. At the other end of the transmission, the Presentation layer
then uncompresses the data.
The Presentation layer can also scramble the data before it is transmitted and unscramble it at the other
end by using a sophisticated encryption technique that even Sherlock Holmes would have trouble
breaking.
The Application Layer
The highest layer of the OSI model, the Application layer, deals with the techniques that application
programs use to communicate with the network. The name of this layer is a little confusing. Application
programs such as Microsoft Office or QuickBooks aren't a part of the Application layer. Rather, the
Application layer represents the programming interfaces that application programs such as Microsoft
Office or QuickBooks use to request network services.
Some of the better-known Application layer protocols are
♦ DNS (Domain Name System) for resolving Internet domain names.
♦ FTP (File Transfer Protocol) for file transfers.
♦ SMTP (Simple Mail Transfer Protocol) for e-mail.
♦ SMB (Server Message Block) for file sharing in Windows networks.
♦ NFS (Network File System) for file sharing in Unix networks.
♦ Telnet for terminal emulation.
Following a Packet through the Layers

Figure 2-5 shows how a packet of information flows through the seven layers as it travels from
one computer to another on the network. The data begins its journey when an end-user application sends
data to another network computer. The data enters the network through an Application layer interface,

such as SMB. The data then works its way down through the protocol stack. Along the way, the protocol at
each layer manipulates the data by adding header information, converting the data into different formats,
combining packets to form larger packets, and so on. When the data reaches the Physical layer protocol,
it's actually placed on the network media (in other words, the cable) and sent to the receiving computer.
When the receiving computer receives the data, the data works its way up through the protocol stack.
Then, the protocol at each layer reverses the processing that was done by the corresponding layer on the
sending computer. Headers are removed, data is converted back to its original format, packets that were
split into smaller packets are recombined into larger messages, and so on. When the packet reaches the
Application layer protocol, it's delivered to an application that can process the data.
Figure 2-5: How data travels through the seven layers.

The Ethernet Protocol
As you know, the first two layers of the OSI model deal with the physical structure of the network and the
means by which network devices can send information from one device on a network to another. By far,
the most popular set of protocols for the Physical and Data Link layers is Ethernet.
Ethernet has been around in various forms since the early 1970s. (For a brief history of Ethernet, see the
sidebar, "Ethernet folklore and mythology," later in this chapter.) The current incarnation of Ethernet is
defined by the IEEE standard known as 802.3. Various flavors of Ethernet operate at different speeds and
use different types of media. However, all the versions of Ethernet are compatible with each other, so you
can mix and match them on the same network by using devices such as bridges, hubs, and switches to link
network segments that use different types of media.

The actual transmission speed of Ethernet is measured in millions of bits per second, or Mbps.
Ethernet comes in three different speed versions: 10 Mbps, known as Standard Ethernet; 100 Mbps,
known as Fast Ethernet; and 1,000 Mbps, known as Gigabit Ethernet. Keep in mind, however, that
network transmission speed refers to the maximum speed that can be achieved over the network under
ideal conditions. In reality, the actual throughput of an Ethernet network rarely reaches this maximum
speed.
Ethernet operates at the first two layers of the OSI model — the Physical and the Data Link layers.
However, Ethernet divides the Data Link layer into two separate layers known as theLogical Link
Control (LLC) layer and the Medium Access Control (MAC) layer. Figure 2-6 shows how the various
elements of Ethernet match up to the OSI model.
Figure 2-6: Ethernet and the OSI model.

The following sections describe Standard Ethernet, Fast Ethernet, and Gigabit Ethernet in more detail.
Standard Ethernet
Standard Ethernet is the original Ethernet. It runs at 10 Mbps, which was considered fast in the 1970s but
is pretty slow by today's standards. Although there is still plenty of existing Standard Ethernet in use, it is
considered obsolete and should be replaced by Gigabit Ethernet as soon as possible.
Standard Ethernet comes in four incarnations, depending on the type of cable used to string the network
together:
♦ 10Base5: The original Ethernet cable was thick (about as thick as your thumb), heavy, and difficult to
work with. It's seen today only in museums.
♦ 10Base2: This thinner type of coaxial cable (it resembles television cable) became popular in the 1980s
and lingered into the early 1990s. Plenty of 10Base2 cable is still in use, but it's rarely installed in new
networks. 10Base2 (like 10Base5) uses a bus topology, so wiring a 10Base2 network involves running
cable from one computer to the next until all the computers are connected in a segment.

♦ 10BaseT: Unshielded twisted-pair cable (also known as UTP) became popular in the 1990s because it's
easier to install, lighter, and more reliable, and it offers more flexibility in how networks are designed.
10BaseT networks use a star topology with hubs at the center of each star. Although the maximum length
of 10BaseT cable is only 100 meters, hubs can be chained together to extend networks well beyond the
100-meter limit.
10BaseT cable has four pairs of wires that are twisted together throughout the entire span of the cable.
However, 10BaseT uses only two of these wire pairs, so the unused pairs are spares.
♦ 10BaseFL: Fiber-optic cables were originally supported at 10 Mbps by the 10BaseFL standard.
However, because faster fiber-optic versions of Ethernet now exist, 10BaseFL is rarely used.
Fast Ethernet
Fast Ethernet refers to Ethernet that runs at 100 Mbps, which is ten times the speed of Standard Ethernet.
The following are the three varieties of Fast Ethernet:
♦ 100BaseT4: The 100BaseT4 protocol allows transmission speeds of 100 Mbps over the same UTP
cable as 10BaseT networks. To do this, it uses all four pairs of wire in the cable. 100BaseT4 simplifies the
task of upgrading an existing 10BaseT network to 100 Mbps.
♦ 100BaseTX: The most commonly used standard for office networks today is 100BaseTX, which
transmits at 100 Mbps over just two pairs of a higher grade of UTP cable than the cable used by 10BaseT.
The higher-grade cable is referred to as Category 5.Most new networks are wired with Category 5 or
better cable.
♦ 100BaseFX: The fiber-optic version of Ethernet running at 100 Mbps is called 100BaseFX. Because
fiber-optic cable is expensive and tricky to install, it isn't used much for individual computers in a
network. However, it's commonly used as a networkbackbone. For example, a fiber backbone is often used
to connect individual workgroup hubs to routers and servers.
Ethernet folklore and mythology
If you're a history buff, you may be interested in the story of how Ethernet came to be so popular. Here's
how it happened: The original idea for the Ethernet was hatched in the mind of a graduate computer
science student at Harvard University named Robert Metcalfe. Looking for a thesis idea in 1970, he
refined a networking technique that was used in Hawaii, called the AlohaNet (it was actually a wireless
network), and developed a technique that would enable a network to efficiently use as much as 90 percent
of its capacity. By 1973, he had his first Ethernet network up and running at the famous Xerox Palo Alto
Research Center (PARC). Bob dubbed his network "Ethernet" in honor of the thick network cable, which
he called "the ether." (Xerox PARC was busy in 1973. In addition to Ethernet, PARC developed the first
personal computer that used a graphical user interface complete with icons, windows, and menus, and the
world's first laser printer.)
In 1979, Xerox began working with Intel and DEC (a once popular computer company) to make Ethernet
an industry standard networking product. Along the way, they enlisted the help of the IEEE, which
formed committee number 802.3 and began the process of standardizing Ethernet in 1981. The 802.3
committee released the first official Ethernet standard in 1983.
Meanwhile, Bob Metcalfe left Xerox, turned down a job offer from Steve Jobs to work at Apple computers,
and started a company called the Computer, Communication, and Compatibility Corporation — now
known as 3Com. 3Com has since become one of the largest manufacturers of Ethernet equipment in the
world.
Gigabit Ethernet
Gigabit Ethernet is Ethernet running at a whopping 1,000 Mbps, which is 100 times faster than the
original 10 Mbps Ethernet. Gigabit Ethernet was once considerably more expensive than Fast Ethernet, so
it was used only when the improved performance justified the extra cost. However, today Gigabit Ethernet
is the standard for nearly all desktop and laptop PCs.
Gigabit Ethernet comes in two flavors:
♦ 1000BaseT: Gigabit Ethernet can run on Category 5 UTP cable, but higher grades such as Category 5e
or Category 6 are preferred because they're more reliable.
♦ 1000BaseLX: Several varieties of fiber cable are used with Gigabit Ethernet, but the most popular is
called 1000BaseLX.
The TCP/IP Protocol Suite

TCP/IP, the protocol on which the Internet is built, is actually not a single protocol but rather an entire
suite of related protocols. TCP is even older than Ethernet. It was first conceived in 1969 by the
Department of Defense. For more on the history of TCP/IP, see the sidebar, "The fascinating story of
TCP/IP," later in this chapter. Currently, the Internet Engineering Task Force, or IETF, manages the
TCP/IP protocol suite.
The TCP/IP suite is based on a four-layer model of networking that is similar to the seven-layer OSI
model. Figure 2-7 shows how the TCP/IP model matches up with the OSI model and where some of the
key TCP/IP protocols fit into the model. As you can see, the lowest layer of the model, the Network
Interface layer, corresponds to the OSI model's Physical and Data Link layers. TCP/IP can run over a wide
variety of Network Interface layer protocols, including Ethernet, as well as other protocols, such as Token
Ring and FDDI (an older standard for fiber-optic networks).
Figure 2-7: TCP/IP and the OSI model.

The Application layer of the TCP/IP model corresponds to the upper three layers of the OSI model — that
is, the Session, Presentation, and Application layers. Many protocols can be used at this level. A few of the
most popular are HTTP, FTP, Telnet, SMTP, DNS, and SNMP.
You can find out about many of the details of these and other TCP/IP protocols in Book IV. In the
following sections, I just want to point out a few more details of the three most important protocols in the
TCP/IP suite: IP, TCP, and UDP.
IP
IP, which stands for Internet Protocol, is a Network layer protocol that is responsible for delivering
packets to network devices. The IP protocol uses logical IP addresses to refer to individual devices rather
than physical (MAC) addresses. A protocol called ARP (for Address Resolution Protocol) handles the task
of converting IP addresses to MAC addresses.

10Base what?
The names of Ethernet cable standards resemble the audible signals a quarterback might shout at the line
of scrimmage. In reality, the cable designations consist of three parts:
The first number is the speed of the network in Mbps. So 10BaseT is for 10 Mbps networks
(Standard Ethernet), 100BaseTX is for 100 Mbps networks (Fast Ethernet), and 1000BaseT is for 1,000
Mbps networks (Gigabit Ethernet).
The word Base indicates the type of network transmission that the cable uses. Base is short
for baseband. Baseband transmissions carry one signal at a time and are relatively simple to implement.
The alternative to baseband is broadband, which can carry more than one signal at a time but is more
difficult to implement. At one time, broadband incarnations of the 802.x networking standards existed,
but they have all but fizzled due to lack of use.

The tail end of the designation indicates the cable type. For coaxial cables, a number is used that
roughly indicates the maximum length of the cable in hundreds of meters. 10Base5 cables can run up to
500 meters. 10Base2 cables can run up to 185 meters. (The IEEE rounded 185 up to 200 to come up with
the name 10Base2.) If the designation ends with a T, twisted-pair cable is used. Other letters are used for
other types of cables.
Because IP addresses consist of a network part and a host part, IP is a routable protocol. As a result, IP
can forward a packet to another network if the host is not on the current network. (The ability to route
packets across networks is where IP gets its name. Aninternet is a series of two or more connected TCP/IP
networks that can be reached by routing.)
TCP
TCP, which stands for Transmission Control Protocol, is a connection-oriented Transport layer protocol.
TCP lets a device reliably send a packet to another device on the same network or on a different network.
TCP ensures that each packet is delivered if at all possible. It does so by establishing a connection with the
receiving device and then sending the packets. If a packet doesn't arrive, TCP resends the packet. The
connection is closed only after the packet has been successfully delivered or an unrecoverable error
condition has occurred.
One key aspect of TCP is that it's always used for one-to-one communications. In other words, TCP allows
a single network device to exchange data with another single network device. TCP isn't used to broadcast
messages to multiple network recipients. Instead, the User Datagram Protocol (UDP) is used for that
purpose.
The fascinating story of TCP/IP
Some people are fascinated by history. They subscribe to cable TV just to get the History Channel. If
you're one of those history buffs, you may be interested in the following chronicle of TCP/IP's humble
origins. (For maximum effect, play some melancholy violin music in the background as you read the rest
of this sidebar.)
In the summer of 1969, the four mop-topped singers from Liverpool were breaking up. The war in
Vietnam was escalating. Astronauts Neil Armstrong and Buzz Aldrin walked on the moon. And the
Department of Defense built a computer network called ARPANET to link its defense installations with
several major universities throughout the United States.
By the early 1970s, ARPANET was becoming difficult to manage. So it was split into two networks: one for
military use, called MILNET, and the other for nonmilitary use. The nonmilitary network retained the
name ARPANET. To link MILNET with ARPANET, a new method of connecting networks, called Internet
Protocol or just IP for short, was invented.
The whole purpose of IP was to enable these two networks to communicate with each other. Fortunately,
the designers of IP realized that it wouldn't be too long before other networks wanted to join in the fun, so
they designed IP to allow for more than two networks. In fact, their ingenious design allowed for tens of
thousands of networks to communicate via IP.
The decision was a fortuitous one, as the Internet quickly began to grow. By the mid-1980s, the original
ARPANET reached its limits. Just in time, the National Science Foundation (NSF) decided to get into the
game. NSF had built a network called NSFNET to link its huge supercomputers. NSFNET replaced
ARPANET as the new background for the Internet. Around that time, such magazines
as Time and Newsweek began writing articles about this new phenomenon called the Internet, and
the Net (as it became nicknamed) began to grow like wildfire. Soon NSFNET couldn't keep up with the
growth, so several private commercial networks took over management of the Internet backbone. The
Internet has grown at a dizzying rate ever since, and nobody knows how long this frenetic growth rate will
continue. One thing is sure: TCP/IP is now the most popular networking protocol in the world.
Many well-known Application layer protocols rely on TCP. For example, when a user running a Web
browser requests a page, the browser uses HTTP to send a request via TCP to the Web server. When the
Web server receives the request, it uses HTTP to send the requested Web page back to the browser, again
via TCP. Other Application layer protocols that use TCP include Telnet (for terminal emulation), FTP (for
file exchange), and SMTP (for e-mail).
UDP
The User Datagram Protocol (or UDP) is a connectionless Transport layer protocol that is used when the
overhead of a connection isn't required. After UDP has placed a packet on the network (via the IP
protocol), it forgets about it. UDP doesn't guarantee that the packet actually arrives at its destination.

Most applications that use UDP simply wait for any replies expected as a result of packets sent via UDP. If
a reply doesn't arrive within a certain period of time, the application either sends the packet again or gives
up.
Probably the best-known Application layer protocol that uses UDP is DNS, the Domain Name System.
When an application needs to access a domain name such aswww.wiley.com, DNS sends a UDP packet to
a DNS server to look up the domain. When the server finds the domain, it returns the domain's IP address
in another UDP packet. (Actually, the process is much more complicated than that. For a more detailed
explanation, see Book IV, Chapter 4.)
Other Protocols Worth Knowing About
Other networks besides Ethernet, TCP/IP, and IPX/SPX are worth knowing about:
♦ NetBIOS: Short for Network Basic Input/Output System, this is the basic application-programming
interface for network services on Windows computers. It's installed automatically when you install
TCP/IP, but doesn't show up as a separate protocol when you view the network connection properties.
(Refer to Figure 2-1.) NetBIOS is a Session layer protocol that can work with Transport layer protocols
such as TCP, SPX, or NetBEUI.
♦ NetBEUI: Short for Network BIOS Extended User Interface, this is a Transport layer protocol that was
designed for early IBM and Microsoft networks. NetBEUI is now considered obsolete.
♦ IPX/SPX: A protocol suite that was made popular in the 1980s by Novell for use with their NetWare
servers. TCP/IP has become so dominant that IPX/SPX is now only rarely used.
♦ AppleTalk: Apple computers have their own suite of network protocols known asAppleTalk. The
AppleTalk suite includes a Physical and Data Link layer protocol calledLocalTalk, but can also work with
standard lower-level protocols, including Ethernet and Token Ring.
♦ SNA: Systems Network Architecture is an IBM networking architecture that dates back to the 1970s,
when mainframe computers roamed the earth and PCs had barely emerged from the primordial computer
soup. SNA was designed primarily to support huge terminals such as airline reservation and banking
systems, with tens of thousands of terminals attached to central host computers. Now that IBM
mainframes support TCP/IP and terminal systems have all but vanished, SNA is beginning to fade away.
Still, many networks that incorporate mainframe computers have to contend with SNA.
Chapter 3: Understanding Network Hardware
In This Chapter
Introducing servers
Working with network interface cards
Becoming familiar with network cable, network hubs, and switches
Exploring repeaters, bridges, and routers
Figuring out network storage
The building blocks of networks are network hardware devices such as servers, adapter cards, cables,
hubs, switches, routers, and so on. This chapter provides an overview of these building blocks.
Servers
Server computers are the lifeblood of any network. Servers provide the shared resources that network
users crave, such as file storage, databases, e-mail, Web services, and so on. Choosing the equipment you
use for your network's servers is one of the key decisions you'll make when you set up a network. In the
following sections, I describe some of the various ways you can equip your network's servers.

Right off the bat, I want to make one thing clear: Only the smallest networks can do without at
least one dedicated server computer. For a home network or a small office network with only a few
computers, you can get away with true peer-to-peer networking. That's where each client computer
shares its resources such as file storage or printers, and a dedicated server computer isn't needed. For a
more-detailed explanation of why this isn't a good idea for larger networks, see Book II, Chapter 1.
What's important in a server
Here are some general things to keep in mind when picking a server computer for your network:
♦ Scalability: Scalability refers to the ability to increase the size and capacity of the server computer
without unreasonable hassle. It's a major mistake to purchase a server computer that just meets your

current needs because, you can rest assured, your needs will double within a year. If at all possible, equip
your servers with far more disk space, RAM, and processor power than you currently need.
♦ Reliability: The old adage "you get what you pay for" applies especially well to server computers. Why
spend $10,000 on a server computer when you can buy one with seemingly similar specifications at a
discount electronics store for $2,000?
One reason is reliability. When a client computer fails, only the person who uses that computer is affected.
When a server fails, however, everyone on the network is affected. The less-expensive computer is
probably made of inferior components that are more likely to fail.
♦ Availability: This concept of availability is closely related to reliability. When a server computer fails,
how long does it take to correct the problem and get the server up and running again? Server computers
are designed so their components can be easily diagnosed and replaced, which minimizes the downtime
that results when a component fails. In some servers, components are hot swappable, which means that
certain components can be replaced without shutting down the server. Some servers are designed to
be fault-tolerantso that they can continue to operate even if a major component fails.
♦ Service and support: Service and support are factors often overlooked when picking computers. If a
component in a server computer fails, do you have someone on site qualified to repair the broken
computer? If not, you should get an on-site maintenance contract for the computer. Don't settle for a
maintenance contract that requires you to take the computer in to a repair shop or, worse, mail it to a
repair facility. You can't afford to be without your server that long.
Components of a server computer
The hardware components that comprise a typical server computer are similar to the components used in
less expensive client computers. However, server computers are usually built from higher-grade
components than client computers for the reasons given in the preceding section. The following
paragraphs describe the typical components of a server computer:
♦ Motherboard: The motherboard is the computer's main electronic circuit board to which all the other
components of your computer are connected. More than any other component, the motherboard is the
computer. All other components attach to the motherboard.
The major components on the motherboard include the processor (or CPU), supporting circuitry called
the chipset, memory, expansion slots, a standard IDE hard drive controller, and I/O ports for devices such
as keyboards, mice, and printers. Some motherboards also include additional built-in features such as a
graphic adapter, SCSI disk controller, or network interface.
♦ Processor: The processor, or CPU, is the brain of the computer. Although the processor isn't the only
component that affects overall system performance, it's the one that most people think of first when
deciding what type of server to purchase. At the time of this writing, Intel had two processor models
specifically designed for use in server computers, as summarized in Table 3-1.
Each motherboard is designed to support a particular type of processor. CPUs come in two basic
mounting styles: slot or socket. However, you can choose from several types of slots and sockets, so you
have to make sure that the motherboard supports the specific slot or socket style used by the CPU. Some
server motherboards have two or more slots or sockets to hold two or more CPUs.

The term clock speed refers to how fast the basic clock that drives the processor's operation
ticks. In theory, the faster the clock speed, the faster the processor. However, clock speed alone is reliable
only for comparing processors within the same family. In fact, the Itanium processors are faster than
Xeon processors at the same clock speed. That's because the Itanium processor models contain more
advanced circuitry than the older model, so they can accomplish more work with each tick of the clock.
The number of processor cores also has a dramatic effect on performance. Each processor core acts as if
it's a separate processor. Most server computers use dual-core (two processor cores) or quad-core (four
cores) chips.

♦ Memory: Don't scrimp on memory. People rarely complain about servers having too much memory.
Many different types of memory are available, so you have to pick the right type of memory to match the
memory supported by your motherboard. The total memory capacity of the server depends on the
motherboard. Most new servers can support at least 16GB of memory, and some can handle up to 256GB.
♦ Hard drives: Most desktop computers use inexpensive hard drives called SATA drives.These drives are
adequate for individual users, but because performance is more important for servers, another type of
drive known as SCSI is usually used instead. For the best performance, use the SCSI drives along with a
high-performance SCSI controller card. (However, because of its low cost, SATA drives are often used in
inexpensive servers.)
♦ Network connection: The network connection is one of the most important parts of any server. Many
servers have network adapters built into the motherboard. If your server isn't equipped as such, you'll
need to add a separate network adapter card. See the section, "Network Interface Cards," later in this
chapter, for more information.
♦ Video: Fancy graphics aren't that important for a server computer. You can equip your servers with
inexpensive generic video cards and monitors without affecting network performance. (This is one of the
few areas where it's acceptable to cut costs on a server.)
♦ Power supply: Because a server usually has more devices than a typical desktop computer, it requires
a larger power supply (typically 300 watts). If the server houses a large number of hard drives, it may
require an even larger power supply.
Server form factors
The term form factor refers to the size, shape, and packaging of a hardware device. Server computers
typically come in one of three form factors:
♦ Tower case: Most servers are housed in a traditional tower case, similar to the tower cases used for
desktop computers. A typical server tower case is 18-inches high, 20-inches deep, and 9-inches wide and
has room inside for a motherboard, five or more hard drives, and other components. Tower cases also
come with built-in power supplies.
Some server cases include advanced features specially designed for servers, such as redundant power
supplies (so both servers can continue operating if one of the power supplies fails), hot-swappable fans,
and hot-swappable disk drive bays. (Hot-swappablecomponents can be replaced without powering down
the server.)
♦ Rack mount: If you need only a few servers, tower cases are fine. You can just place the servers next to
each other on a table or in a cabinet that's specially designed to hold servers. If you need more than a few
servers, though, space can quickly become an issue. For example, what if your departmental network
requires a bank of ten file servers? You'd need a pretty long table.
Rack-mount servers are designed to save space when you need more than a few servers in a confined area.
A rack-mount server is housed in a small chassis that's designed to fit into a standard 19-inch equipment
rack. The rack allows you to vertically stack servers in order to save space.
♦ Blade servers: Blade servers are designed to save even more space than rack-mount servers. A blade
server is a server on a single card that can be mounted alongside other blade servers in a blade chassis,
which itself fits into a standard 19-inch equipment rack. A typical blade chassis holds six or more servers,
depending on the manufacturer.
One of the key benefits of blade servers is that you don't need a separate power supply for each server.
Instead, the blade enclosure provides power for all its blade servers. Some blade server systems provide
rack-mounted power supplies that can serve several blade enclosures mounted in a single rack.

In addition, the blade enclosure provides KVM switching so that you don't have to use a separate KVM
switch. You can control any of the servers in a blade server network from a single keyboard, monitor, and
mouse. (For more information, see the sidebar, "Saving space with a KVM switch.")
One of the biggest benefits of blade servers is that they drastically cut down the amount of cable clutter.
With rack-mount servers, each server requires its own power cable, keyboard cable, video cable, mouse
cable, and network cables. With blade servers, a single set of cables can service all the servers in a blade
enclosure.
Saving space with a KVM switch
If you have more than two or three servers in one location, you should consider getting a device called
a KVM switch to save space. A KVM switch lets you connect several server computers to a single
keyboard, monitor, and mouse. (KVM stands for keyboard, video, and mouse.) Then, you can control any
of the servers from a single keyboard, monitor, and mouse by turning a dial or by pressing a button on the
KVM switch.
Simple KVM switches are mechanical affairs that let you choose from among 2 to 16 or more computers.
More elaborate KVM switches can control more computers, using a pop-up menu or a special keyboard
combination to switch among computers. Some advanced KVMs can even control a mix of PCs and
Macintosh computers from a single keyboard, monitor, and mouse.
To find more information about KVM switches, go to a Web search engine such as Google and search for
"KVM."
Network Interface Cards
Every computer on a network, both clients and servers, requires a network interface card (or NIC) in
order to access the network. A NIC is usually a separate adapter card that slides into one of the server's
motherboard expansion slots. However, most newer computers have the NIC built into the motherboard,
so a separate card isn't needed.
For client computers, you can usually get away with using the inexpensive built-in NIC because client
computers are used to connect only one user to the network. However, the NIC in a server computer
connects many network users to the server. As a result, it makes sense to spend more money on a higher-
quality NIC for a heavily used server. Most network administrators prefer to use name-brand cards from
manufacturers such as Intel, SMC, or 3Com.
Most NICs made today support 1 Gbps networking and will also support slower 100 Mbps and even
ancient 10 Mbps networks. These cards automatically adjust their speed to match the speed of the
network. So you can use a gigabit card on a network that has older 100 Mbps cards without trouble. You
can find inexpensive gigabit cards for as little as $5 each, but a typical name-brand card (such as Linksys
or Intel) will cost around $25 or $30.
Here are a few other points to ponder concerning network interface cards:
♦ A NIC is a Physical layer and Data Link layer device. Because a NIC establishes a network node, it must
have a physical network address, also known as a MAC address. The MAC address is burned into the NIC
at the factory, so you can't change it. Every NIC ever manufactured has a unique MAC address.
♦ For server computers, it makes sense to use more than one NIC. That way, the server can handle more
network traffic. Some server NICs have two or more network interfaces built into a single card.
♦ Fiber-optic networks also require NICs. Fiber-optic NICs are still too expensive for desktop use in most
networks. Instead, they're used for high-speed backbones. If a server connects to a high-speed fiber
backbone, it will need a fiber-optic NIC that matches the fiber-optic cable being used.
Network Cable
Nearly all modern networks are constructed using a type of cable called twisted-pair cable, which looks a
little like phone cable but is subtly different.
You may encounter other types of cable in an existing network: coax cable that resembles TV cable, thick
yellow cable that used to be the only type of cable used for Ethernet, fiber-optic cables that span long
distances at high speeds, or thick twisted-pair bundles that carry multiple sets of twisted-pair cable
between wiring closets in a large building. But as I mentioned, it's twisted-pair cable for nearly all new
networks.

A choice that's becoming more popular every day is to forego network cable and instead build
your network using wireless network components. Because Book V is devoted exclusively to wireless
networking, I don't describe wireless network components in this chapter.
Coaxial cable
A type of cable that was once popular for Ethernet networks is coaxial cable, sometimes
called thinnet or BNC cable because of the type of connectors used on each end of the cable. Thinnet cable
operates only at 10 Mbps and is rarely used for new networks. However, you'll find plenty of existing
thinnet networks still being used. Figure 3-1 shows a typical coaxial cable.
Figure 3-1: Coax cable.

Here are some salient points about coaxial cable:
♦ You attach thinnet to the network interface card by using a goofy twist-on connector called a BNC
connector. You can purchase preassembled cables with BNC connectors already attached in lengths of 25
or 50 feet, or you can buy bulk cable on a big spool and attach the connectors yourself by using a special
tool. (I suggest buying preassembled cables. Attaching connectors to bulk cable can be tricky.)
♦ With coaxial cables, you connect your computers point-to-point in a bus topology. At each computer, a T
connector is used to connect two cables to the network interface card.
♦ A special plug called a terminator is required at each end of a series of thinnet cables. The terminator
prevents data from spilling out the end of the cable and staining the carpet.
♦ The cables strung end-to-end from one terminator to the other are collectively called asegment. The
maximum length of a thinnet segment is about 200 meters (actually, 185 meters). You can connect as
many as 30 computers on one segment. To span a distance greater than 185 meters or to connect more
than 30 computers, you must use two or more segments with a device called a repeater to connect each
segment.

♦ Although Ethernet coaxial cable resembles TV coaxial cable, the two types of cable aren't
interchangeable. Don't try to cut costs by wiring your network with cheap TV cable.
Twisted-pair cable
The most popular type of cable today is twisted-pair cable, or UTP. (The U stands for unshielded, but no
one says unshielded twisted pair. Just twisted pair will do.) UTP cable is even cheaper than thin coaxial
cable, and best of all, many modern buildings are already wired with twisted-pair cable because this type
of wiring is often used with modern phone systems. Figure 3-2 shows a twisted-pair cable.
Figure 3-2: Twisted-pair cable.

When you use UTP cable to construct an Ethernet network, you connect the computers in a star
arrangement. In the center of the star is a device called a hub. Depending on the model, Ethernet hubs
enable you to connect from 4 to 24 computers using twisted-pair cable.
An advantage of UTP's star arrangement is that if one cable goes bad, only the computer attached to that
cable is affected; the rest of the network continues to chug along. With coaxial cable, a bad cable affects
the entire network, and not just the computer to which the bad cable is connected.
Here are a few other details that you should know about twisted-pair cabling:
♦ UTP cable consists of pairs of thin wire twisted around each other; several such pairs are gathered up
inside an outer insulating jacket. Ethernet uses two pairs of wires, or four wires altogether. The number of
pairs in a UTP cable varies, but it's often more than two.
♦ UTP cable comes in various grades called Categories. Don't use anything less than Category 5e cable for
your network. Although cheaper, it may not be able to support faster networks.
Although higher-Category cables are more expensive than lower-Category cables, the real cost of installing
Ethernet cabling is the labor required to actually pull the cables through the walls. As a result, I
recommend that you always spend the extra money to buy Category 5e cable.
♦ If you want to sound like you know what you're talking about, say "Cat 5e" instead of "Category 5e."

♦ Many existing networks are cabled with Category 5 cable, which is fine for 100Mbps networks
but isn't rated for Gigabit networks. Category 5e cable (the e stands for enhanced) and Category 6 cable
will support 1,000 Mbps networks.
♦ UTP cable connectors look like modular phone connectors but are a bit larger. UTP connectors are
officially called RJ-45 connectors.
♦ Like thinnet cable, UTP cable is also sold in prefabricated lengths. However, RJ-45 connectors are much
easier to attach to bulk UTP cable than BNC cables are to attach to bulk coaxial cable. As a result, I suggest

that you buy bulk cable and connectors unless your network consists of just two or three computers. A
basic crimp tool to attach the RJ-45 connectors costs about $50.
♦ The maximum allowable cable length between the hub and the computer is 100 meters (about 328 feet).
Switches
The biggest difference between using coaxial cable and twisted-pair cable is that when you use twisted-
pair cable, you also must use a separate device called a switch. Years ago, switches were expensive devices
— expensive enough that most do-it-yourself networkers who were building small networks opted for
thinnet cable in order to avoid the expense and hassle of using hubs.
Nowadays, the cost of switches has dropped so much that the advantages of twisted-pair cabling outweigh
the hassle and cost of using switches. With twisted-pair cabling, you can more easily add new computers
to the network, move computers, find and correct cable problems, and service the computers that you
need to remove from the network temporarily.
Note that in some older networks, you may see a device known as a hub used instead of a switch. Hubs
used to be used because they were less expensive than switches. However, the cost of switches came down
dramatically, pushing hubs into relic status. If you have an older network that uses hubs and seems to run
slowly, you can probably improve the network's speed by replacing the older hubs with newer switches.
For more information, see the sidebar, "Hubs and switches demystified," later in this chapter.

Hubs and switches demystified
Both hubs and switches let you connect multiple computers to a twisted-pair network. Switches are more
efficient than hubs, but not just because they're faster. If you really want to know, here's the actual
difference between a hub and a switch:
In a hub, every packet that arrives at the hub on any of its ports is automatically sent out on every
other port. The hub has to do this because it's a Physical layer device, so it has no way to keep track of
which computer is connected to each port. For example, suppose that John's computer is connected to
port 1 on an 8-port hub, and Andrea's computer is connected to port 5. If John's computer sends a packet
of information to Andrea's computer, the hub receives the packet on port 1 and then sends it out on ports
2-8. All the computers connected to the hub get to see the packet so that they can determine whether the
packet was intended for them.
A switch is a Data Link layer device, which means it's able to look into the packets that pass
through it to examine a critical piece of Data Link layer information: the MAC address. With this
information in hand, a switch can keep track of which computer is connected to each of its ports. So if
John's computer on port 1 sends a packet to Andrea's computer on port 5, the switch receives the packet
on port 1 and then sends the packet out on port 5 only. This process is not only faster, but also improves
the security of the system because other computers don't see packets that aren't meant for them.
If you use twisted-pair cabling, you need to know some of the ins and outs of using hubs:
♦ Because you must run a cable from each computer to the switch, find a central location for the switch to
which you can easily route the cables.
♦ The switch requires electrical power, so make sure that an electrical outlet is handy.
♦ When you purchase a switch, purchase one with at least twice as many connections as you need. Don't
buy a four-port switch if you want to network four computers because when (not if) you add the fifth
computer, you have to buy another switch.
♦ You can connect switches to one another, as shown in Figure 3-3; this is called daisy chaining. When
you daisy chain switches, you connect one end of a cable to a port on one switch and the other end to a
port on the other switch. Note that on some switches, you must use a special designated port for daisy
chaining. So be sure to read the instructions that come with the switch to make sure that you daisy chain it
properly.
Figure 3-3: Daisy chaining switches together.

♦ You can daisy chain no more than three switches together. If you have more computers than three hubs
can accommodate, don't panic. For a small additional cost, you can purchase hubs that have a BNC
connection on the back. Then you can string the hubs together using thinnet cable. The three-hub limit
doesn't apply when you use thinnet cable to connect the hubs. You can also get stackable switches that
have high-speed direct connections that enable two or more switches to be counted as a single switch.
♦ When you shop for network hubs, you may notice that the expensive ones have network-management
features that support something called SNMP. These hubs are calledmanaged hubs. Unless your network
is very large and you know what SNMP is, don't bother with the more expensive managed hubs. You'd be
paying for a feature that you may never use.
♦ For large networks, you may want to consider using a managed switch. A managed switch allows you to
monitor and control various aspects of the switch's operation from a remote computer. The switch can
alert you when something goes wrong with the network, and it can keep performance statistics so that you
can determine which parts of the network are heavily used and which aren't. A managed switch costs two
or three times as much as an unmanaged switch, but for larger networks, the benefits of managed
switches are well worth the additional cost.
Repeaters
A repeater (sometimes called an extender) is a gizmo that gives your network signals a boost so that the
signals can travel farther. It's kind of like a Gatorade station in a marathon. As the signals travel past the
repeater, they pick up a cup of Gatorade, take a sip, splash the rest of it on their heads, toss the cup, and
hop in a cab when they're sure that no one is looking.
You need a repeater when the total length of a single span of network cable exceeds 100 meters (328 feet).
The 100-meter length limit applies to the cable that connects a computer to the switch or the cable that
connects switches to each other when switches are daisy chained together. In other words, you can
connect each computer to the switch with no more than 100 meters of cable, and you can connect switches
to each other with no more than 100 meters of cable.
Figure 3-4 shows how you can use a repeater to connect two groups of computers that are too far apart to
be strung on a single segment. When you use a repeater like this, the repeater divides the cable into two
segments. The cable length limit still applies to the cable on each side of the repeater.
Here are some points to ponder when you lie awake tonight wondering about repeaters:
♦ Repeaters are not typically used with twisted-pair networks.
Well, technically, that's not true because the switches themselves function as repeaters. So what I really
meant is that you typically see repeaters as stand-alone devices only when a single cable segment would
be more than 100 meters.
♦ A basic rule of Ethernet life is that a signal can't pass through more than three repeaters on its way from
one node to another. That doesn't mean you can't have more than three repeaters or switches, but if you
do, you have to carefully plan the network cabling so that the three-repeater rule isn't violated.
♦ Repeaters are legitimate components of a by-the-book Ethernet network. They don't extend the
maximum length of a single segment; they just enable you to tie two segments together. Beware of the
little black boxes that claim to extend the segment limit beyond the standard 100-meter limit for
10/100BaseT cable. These products usually work, but playing by the rules is better.
Figure 3-4: Using a repeater.

Bridges
A bridge is a device that connects two networks so that they act as if they're one network. Bridges are used
to partition one large network into two smaller networks for performance reasons. You can think of a
bridge as a kind of smart repeater.
Repeaters listen to signals coming down one network cable, amplify them, and send them down the other
cable. They do this blindly, paying no attention to the content of the messages that they repeat.
In contrast, a bridge is a little smarter about the messages that come down the pike. For starters, most
bridges have the capability to listen to the network and automatically figure out the address of each
computer on both sides of the bridge. Then the bridge can inspect each message that comes from one side
of the bridge and broadcast it on the other side of the bridge, but only if the message is intended for a
computer that's on the other side.
This key feature enables bridges to partition a large network into two smaller, more efficient networks.
Bridges work best in networks that are highly segregated. For example (humor me here — I'm a Dr. Seuss
fan), suppose that the Sneetches networked all their computers and discovered that, although the Star-
Bellied Sneetches' computers talked to each other frequently and the Plain-Bellied Sneetches' computers
also talked to each other frequently, rarely did a Star-Bellied Sneetch's computer talk to a Plain-Bellied
Sneetch's computer.

A bridge can partition the Sneetchnet into two networks: the Star-Bellied network and the Plain-Bellied
network. The bridge automatically learns which computers are on the Star-Bellied network and which are
on the Plain-Bellied network. The bridge forwards messages from the Star-Bellied side to the Plain-Bellied
side (and vice versa) only when necessary. The overall performance of both networks improves, although
the performance of any network operation that has to travel over the bridge slows down a bit.
Here are a few additional things to consider about bridges:
♦ Some bridges also have the capability to translate the messages from one format to another. For
example, if the Star-Bellied Sneetches build their network with Ethernet and the Plain-Bellied Sneetches
use Token Ring, a bridge can tie the two together.
♦ You can get a basic bridge to partition two Ethernet networks for about $500 from mail order suppliers.
More sophisticated bridges can cost as much as $5,000 or more.
♦ For simple bridge applications, you don't need an expensive specialized bridge device; instead, you can
just use a switch. That's because a switch is effectively a multi-port bridge.
♦ If you've never read Dr. Seuss's classic story of the Sneetches, you should.
Routers
A router is like a bridge, but with a key difference. Bridges are Data Link layer devices, so they can tell the
MAC address of the network node to which each message is sent, and can forward the message to the
appropriate segment. However, they can't peek into the message itself to see what type of information is
being sent. In contrast, a router is a Network layer device, so it can work with the network packets at a
higher level. In particular, a router can examine the IP address of the packets that pass through it. And
because IP addresses have both a network and a host address, a router can determine what network a
message is coming from and going to. Bridges are ignorant of this information.
One key difference between a bridge and a router is that a bridge is essentially transparent to the network.
In contrast, a router is itself a node on the network, with its own MAC and IP addresses. This means that
messages can be directed to a router, which can then examine the contents of the message to determine
how it should handle the message.
You can configure a network with several routers that can work cooperatively together. For example, some
routers are able to monitor the network to determine the most efficient path for sending a message to its
ultimate destination. If a part of the network is extremely busy, a router can automatically route messages
along a less-busy route. In this respect, the router is kind of like a traffic reporter up in a helicopter. The
router knows that the 101 is bumper-to-bumper all the way through Sunnyvale, so it sends the message on
280 instead.
Here's some additional information about routers:
♦ The functional distinctions between bridges and routers — and switches and hubs, for that matter — get
blurrier all the time. As bridges, hubs, and switches become more sophisticated, they're able to take on
some of the chores that used to require a router, thus putting many routers out of work.
♦ Some routers are nothing more than computers with several network interface cards and special
software to perform the router functions.
♦ Routers can also connect networks that are geographically distant from each other via a phone line
(using modems) or ISDN.
♦ You can also use a router to join your LAN to the Internet. Figure 3-5 shows a router used for this
purpose.
Figure 3-5: Connecting to the Internet with a router.

Network Attached Storage
Many network servers exist solely for the purpose of making disk space available to network users. As
networks grow to support more users, and users require more disk space, network administrators are
constantly finding ways to add more storage to their networks. One way to do that is to add more file
servers. However, a simpler and less expensive way is to use network attached storage, also known as
NAS.
A NAS device is a self-contained file server that's preconfigured and ready to run. All you have to do to set
it up is take it out of the box, plug it in, and turn it on. NAS devices are easy to set up and configure, easy
to maintain, and less expensive than traditional file servers.

NAS should not be confused with a related technology called storage area networks, or SAN.
SAN is a much more complicated and expensive technology that provides huge quantities of data storage
for large networks. For more information on SAN, see the sidebar, "SAN is NAS spelled backwards."
A typical entry-level NAS device is the Dell PowerVault NX300. This device is a self-contained file server
built into a small rack-mount chassis. It supports up to four hard drives with a total capacity up to four
terabyte (or 4,000GB). The NX300 uses a Xeon processor and two built-in gigabit network ports.
SAN is NAS spelled backwards

It's easy to confuse the terms storage area network (SAN) and network attached storage(NAS). Both
refer to relatively new network technologies that let you manage the disk storage on your network.
However, NAS is a much simpler and less expensive technology. A NAS device is nothing more than an
inexpensive self-contained file server. Using NAS devices actually simplifies the task of adding storage to a
network because the NAS eliminates the chore of configuring a network operating system for routine file-
sharing tasks.
A storage area network is designed for managing very large amounts of network storage — sometimes
downright huge amounts. A SAN consists of three components: storage devices (perhaps hundreds of
them), a separate high-speed network (usually fiber-optic) that directly connects the storage devices to
each other, and one or more SAN servers that connect the SAN to the local area network. The SAN server
manages the storage devices attached to the SAN and allows users of the LAN to access the storage.
Setting up and managing a storage area network is a job for a SAN expert. For more information about
storage area networks, see the home page of the Storage Networking Industry Association
at www.snia.org.
The Dell NX300 runs a special version of Windows Server 2008 called the Windows Storage Server 2008.
This version of Windows is designed specifically for NAS devices. It allows you to configure the network
storage from any computer on the network by using a Web browser.
Note that some NAS devices use customized versions of Linux rather than Windows Storage Server. Also,
in some systems, the operating system resides on a separate hard drive that's isolated from the shared
disks. This prevents the user from inadvertently damaging the operating system.
Network Printers
Although you can share a printer on a network by attaching the printer to a server computer, many
printers have network interfaces built in. This lets you connect the printer directly to the network. Then
network users can connect to the printer and use it without going through a server.
Even if you connect a printer directly to the network, it's still a good idea to have the printer managed by a
server computer running a network operating system such as Windows Server 2003 or 2007. That way,
the server can store print jobs sent to the printer by multiple users and print the jobs in the order in which
they were received.
Chapter 4: Understanding Network Operating Systems
In This Chapter
Understanding what network operating systems do
Figuring out the advantages of Windows Server 2003
Analyzing Windows 2000 Server
Taking a look at Windows NT Server
Navigating NetWare
Delving into peer-to-peer networking
Exploring other network operating systems
One of the basic choices that you must make before you proceed any further is to decide which network
operating system (NOS) to use as the foundation for your network. This chapter begins with a description
of several important features found in all network operating systems. Next, it provides an overview of the
advantages and disadvantages of the most popular network operating systems.
Network Operating System Features
All network operating systems, from the simplest to the most complex, must provide certain core
functions. These include the ability to connect to other computers on the network, share files and other
resources, provide for security, and so on. In the following sections, I describe some of these core NOS
features in general terms.
Network support
It goes without saying that a network operating system should support networks. (I can picture Mike
Myers in his classic Saturday Night Live role as Linda Richman, host ofCoffee Talk, saying "I'm getting a
little verklempt. . . . Talk amongst yourselves. . . . I'll give you a topic — network operating systems do not
network, nor do they operate. Discuss.")
A network operating system must support a wide variety of networking protocols in order to meet the
needs of its users. That's because a large network typically consists of a mixture of various versions of

Windows, as well as a few scattered Macintosh (mostly in the art department) and possibly some Linux
computers. The computers often have distinct protocols.
Many servers have more than one network interface card installed. In that case, the NOS must be able to
support multiple network connections. Ideally, the NOS should have the ability to balance the network
load among its network interfaces. In addition, in the event that one of the connections fails, the NOS
should be able to seamlessly switch to another connection.
Finally, most network operating systems include a built-in ability to function as a router that connects two
networks. The NOS router functions should also include firewall features in order to keep unauthorized
packets from entering the local network.
File-sharing services
One of the most important functions of a network operating system is its ability to share resources with
other network users. The most common resource that's shared is the server's file system. A network server
must be able to share some or all of its disk space with other users so that those users can treat the
server's disk space as an extension of their own computers' disk spaces.
The NOS allows the system administrator to determine which portions of the server's file system to share.
Although an entire hard drive can be shared, it isn't commonly done. Instead, individual directories or
folders are shared. The administrator can control which users are allowed to access each shared folder.
Because file sharing is the reason many network servers exist, network operating systems have more
sophisticated disk management features than are found in desktop operating systems. For example, most
network operating systems have the ability to manage two or more hard drives as if they were a single
drive. In addition, most can create mirrors, which automatically keep backup copies of drives on a second
drive.
Multitasking
Only one user at a time uses a desktop computer; however, multiple users simultaneously use server
computers. As a result, a network operating system must provide support for multiple users who access
the server remotely via the network.
At the heart of multiuser support is multitasking, which is the ability of an operating system to execute
more than one program — called a task or a process — at a time. Multitasking operating systems are like
the guy who used to spin plates balanced on sticks on the old Ed Sullivan Show. He'd run from plate to
plate, trying to keep them all spinning so they wouldn't fall off the sticks. To make it challenging, he'd do it
blindfolded or riding on a unicycle.
Although multitasking creates the appearance that two or more programs are executing on the computer
at one time, in reality, a computer with a single processor can execute only one program at a time. The
operating system switches the CPU from one program to another to create the appearance that several
programs are executing simultaneously, but at any given moment, only one of the programs is actually
executing. The others are patiently waiting for their turns. (However, if the computer has more than one
CPU, the CPUs can execute programs simultaneously, which is called multiprocessing.)
To see multitasking in operation on a Windows computer, press Ctrl+Alt+Delete to bring up the Windows
Task Manager and then click the Processes tab. All the tasks currently active on the computer appear.
For multitasking to work reliably, the network operating system must completely isolate the executing
programs from each other. Otherwise, one program may perform an operation that adversely affects
another program. Multitasking operating systems do this by providing each task with its own
unique address space that makes it almost impossible for one task to affect memory that belongs to
another task.

In most cases, each program executes as a single task or process within the memory address
space allocated to the task. However, a single program can also be split into several tasks. This technique
is usually called multithreading, and the program's tasks are called threads.

The two approaches to multitasking are preemptive and non-preemptive. Inpreemptive
multitasking, the operating system decides how long each task gets to execute before it should step aside
so that another task can execute. When a task's time is up, the operating system's task manager interrupts

the task and switches to the next task in line. All the network operating systems in widespread use today
use preemptive multitasking.
The alternative to preemptive multitasking is non-preemptive multitasking. In non-preemptive
multitasking, each task that gets control of the CPU is allowed to run until it voluntarily gives up control
so that another task can run. Non-preemptive multitasking requires less operating system overhead
because the operating system doesn't have to keep track of how long each task has run. However,
programs have to be carefully written so that they don't hog the computer all to themselves.
Directory services
Directories are everywhere. When you need to make a phone call, you look up the number in a phone
directory. When you need to find the address of a client, you look up his or her name in your Rolodex. And
when you need to find the Sam Goody store at a shopping mall, you look for the mall directory.
Networks have directories, too. Network directories provide information about the resources that are
available on the network, such as users, computers, printers, shared folders, and files. Directories are an
essential part of any network operating system.

CompTIA Network+ N10-005
Authorized Cert Guide

Introduction
CHAPTER 1 Introducing Computer Networks
CHAPTER 2 Dissecting the OSI Model
CHAPTER 3 Identifying Network Components
CHAPTER 4 Understanding Ethernet
CHAPTER 5 Working with IP Addresses
CHAPTER 6 Routing Traffic
CHAPTER 7 Introducing Wide-Area Networks
CHAPTER 8 Connecting Wirelessly
CHAPTER 9 Optimizing Network Performance
CHAPTER 10 Using Command-Line Utilities
CHAPTER 11 Managing a Network
CHAPTER 12 Securing a Network
CHAPTER 13 Troubleshooting Network Issues
CHAPTER 14 Final Preparation
APPENDIX A Answers to Review Questions
APPENDIX B CompTIA Network+ N10-005 Exam Updates, Version 1.0
Glossary
Index
APPENDIX C Memory Tables (DVD Only)
APPENDIX D Memory Table Answer Key (DVD Only)

Table of Contents
Introduction
Chapter 1 Introducing Computer Networks
Foundation Topics
Defining a Network
The Purpose of Networks
Overview of Network Components
Networks Defined by Geography
LAN
WAN
Other Categories of Networks
CAN
MAN
PAN
Networks Defined by Topology
Physical Versus Logical Topology
Bus Topology
Ring Topology

Star Topology
Hub-and-Spoke Topology
Full-Mesh Topology
Partial-Mesh Topology
Networks Defined by Resource Location
Client-Server Networks
Peer-to-Peer Networks
Summary
Exam Preparation Tasks
Review All the Key Topics
Complete Tables and Lists from Memory
Define Key Terms
Review Questions
Chapter 2 Dissecting the OSI Model
Foundation Topics
The Purpose of Reference Models
The OSI Model
Layer 1: The Physical Layer
Layer 2: The Data Link Layer
Media Access Control
Logical Link Control
Layer 3: The Network Layer
Layer 4: The Transport Layer
Layer 5: The Session Layer
Layer 6: The Presentation Layer
Layer 7: The Application Layer
The TCP/IP Stack
Layers of the TCP/IP Stack
Common Application Protocols in the TCP/IP Stack
Summary
Define Key Terms
Review Questions
Chapter 3 Identifying Network Components
Foundation Topics
Media
Coaxial Cable
Twisted-Pair Cable
Shielded Twisted Pair
Unshielded Twisted Pair

Plenum Versus Non-Plenum Cable
Fiber-Optic Cable
Multimode Fiber
Single-Mode Fiber
Cable Distribution
Wireless Technologies
Network Infrastructure Devices
Hubs
Bridges
Switches
Multilayer Switches
Routers
Infrastructure Device Summary
Specialized Network Devices
VPN Concentrators
Firewalls
DNS Servers
DHCP Servers
Proxy Servers
Content Engines
Content Switches
Virtual Network Devices
Virtual Servers
Virtual Switches
Virtual Desktops
Other Virtualization Solutions
Voice over IP Protocols and Components
Summary
Define Key Terms
Review Questions
Chapter 4 Understanding Ethernet
Foundation Topics
Principles of Ethernet
Ethernet Origins
Carrier Sense Multiple Access Collision Detect
Distance and Speed Limitations
Ethernet Switch Features
Virtual LANs
Trunks

Spanning Tree Protocol
Corruption of a Switch’s MAC Address Table
Broadcast Storms
STP Operation
Link Aggregation
Power over Ethernet
Port Monitoring
User Authentication
First-Hop Redundancy
Other Switch Features
Summary
Define Key Terms
Review Questions
Chapter 5 Working with IP Addresses
Foundation Topics
Binary Numbering
Principles of Binary Numbering
Converting a Binary Number to a Decimal Number
Converting a Decimal Number to a Binary Number
Binary Numbering Practice
Binary Conversion Exercise #1
Binary Conversion Exercise #1: Solution
IPv4 Addressing
IPv4 Address Structure
Classes of Addresses
Types of Addresses
Unicast
Broadcast
Multicast
Assigning IPv4 Addresses
IP Addressing Components
Static Configuration
Dynamic Configuration

BOOTP
DHCP
Automatic Private IP Addressing
Subnetting
Purpose of Subnetting
Subnet Mask Notation
Subnet Notation: Practice Exercise #1
Subnet Notation: Practice Exercise #1 Solution
Subnet Notation: Practice Exercise #2
Subnet Notation: Practice Exercise #2 Solution
Extending a Classful Mask
Borrowed Bits
Calculating the Number of Created Subnets
Calculating the Number of Available Hosts
Basic Subnetting Practice: Exercise #1
Basic Subnetting Practice: Exercise #1 Solution
Basic Subnetting Practice: Exercise #2
Basic Subnetting Practice: Exercise #2 Solution
Calculating New IP Address Ranges
Advanced Subnetting Practice: Exercise #1
Advanced Subnetting Practice: Exercise #1 Solution
Advanced Subnetting Practice: Exercise #2
Advanced Subnetting Practice: Exercise #2 Solution
Additional Practice
Classless Inter-Domain Routing
IP Version 6
Need for IPv6
IPv6 Address Structure
IPv6 Data Flows
Unicast
Multicast
Anycast
Summary
Define Key Terms
Review Questions
Chapter 6 Routing Traffic
Foundation Topics
Basic Routing Processes
Sources of Routing Information

Directly Connected Routes
Static Routes
Dynamic Routing Protocols
Routing Protocol Characteristics
Believability of a Route
Metrics
Interior Versus Exterior Gateway Protocols
Route Advertisement Method
Distance Vector
Link State
Routing Protocol Examples
Address Translation
NAT
PAT
Multicast Routing
IGMP
PIM
PIM-DM
PIM-SM
Summary
Define Key Terms
Review Questions
Chapter 7 Introducing Wide-Area Networks
Foundation Topics
WAN Properties
WAN Connection Types
WAN Data Rates
WAN Media Types
Physical Media
Wireless Media
WAN Technologies
Dedicated Leased Line
T1
E1
T3
E3
CSU/DSU
Point-to-Point Protocol
Digital Subscriber Line

Cable Modem
Synchronous Optical Network
Satellite
Plain Old Telephone Service
Integrated Services Digital Network
Frame Relay
Asynchronous Transfer Mode
Multiprotocol Label Switching
Summary
Define Key Terms
Review Questions
Chapter 8 Connecting Wirelessly
Foundation Topics
Introducing Wireless LANs
WLAN Concepts and Components
Wireless Routers
Wireless Access Point
Antennas
Frequencies and Channels
CSMA/CA
Transmission Methods
WLAN Standards
802.11a
802.11b
802.11g
802.11n
Deploying Wireless LANs
Types of WLANs
IBSS
BSS
ESS
Sources of Interference
Wireless AP Placement
Securing Wireless LANs
Security Issues
Approaches to WLAN Security
Security Standards
WEP
WPA

WPA2
Summary
Define Key Terms
Review Questions
Chapter 9 Optimizing Network Performance
Foundation Topics
High Availability
High-Availability Measurement
Fault-Tolerant Network Design
Hardware Redundancy
Layer 3 Redundancy
Design Considerations for High-Availability Networks
High-Availability Best Practices
Content Caching
Load Balancing
QoS Technologies
Introduction to QoS
QoS Configuration Steps
QoS Components
QoS Mechanisms
Classification
Marking
Congestion Management
Congestion Avoidance
Policing and Shaping
Link Efficiency
Case Study: SOHO Network Design
Case Study Scenario
Suggested Solution
IP Addressing
Layer 1 Media
Layer 2 Devices
Layer 3 Devices
Wireless Design
Environmental Factors
Cost Savings Versus Performance
Topology
Summary

Define Key Terms
Review Questions
Chapter 10 Using Command-Line Utilities
Foundation Topics
Windows Commands
arp
ipconfig
nbtstat
netstat
nslookup
ping
route
tracert
UNIX Commands
arp
dig and nslookup
host
ifconfig
traceroute
netstat
ping
Summary
Define Key Terms
Review Questions
Chapter 11 Managing a Network
Foundation Topics
Maintenance Tools
Bit-Error Rate Tester
Butt Set
Cable Certifier
Cable Tester
Connectivity Software
Crimper
Electrostatic Discharge Wrist Strap
Environmental Monitor
Loopback Plug
Multimeter

Protocol Analyzer
Punch-Down Tool
Throughput Tester
Time Domain Reflectometer/Optical Time Domain Reflectometer
Toner Probe
Configuration Management
Monitoring Resources and Reports
SNMP
Syslog
Logs
Application Logs
Security Logs
System Logs
Summary
Define Key Terms
Review Questions
Chapter 12 Securing a Network
Foundation Topics
Security Fundamentals
Network Security Goals
Confidentiality
Integrity
Availability
Categories of Network Attacks
Confidentiality Attacks
Integrity Attacks
Availability Attacks
Defending Against Attacks
User Training
Patching
Security Policies
Governing Policy
Technical Policies
End User Policies
More Detailed Documents
Incident Response
Vulnerability Scanners
Nessus
Nmap

Honey Pots and Honey Nets
Access Control Lists
Remote Access Security
Firewalls
Firewall Types
Firewall Inspection Types
Packet-Filtering Firewall
Stateful Firewall
Firewall Zones
Virtual Private Networks
Overview of IPsec
IKE Modes and Phases
Authentication Header and Encapsulating Security Payload
The Five Steps in Setting Up and Tearing Down an IPsec Site-to-Site VPN
Other VPN Technologies
Intrusion Detection and Prevention
IDS Versus IPS
IDS and IPS Device Categories
Detection Methods
Deploying Network-Based and Host-Based Solutions
Summary
Define Key Terms
Review Questions
Chapter 13 Troubleshooting Network Issues
Foundation Topics
Troubleshooting Basics
Troubleshooting Fundamentals
Structured Troubleshooting Methodology
Physical Layer Troubleshooting
Physical Layer Troubleshooting: Scenario
Physical Layer Troubleshooting: Solution
Data Link Layer Troubleshooting
Data Link Layer Troubleshooting: Scenario
Data Link Layer Troubleshooting: Solution
Network Layer Troubleshooting
Layer 3 Data Structures
Common Layer 3 Troubleshooting Issues
Network Layer Troubleshooting: Scenario
Network Layer Troubleshooting: Solution

Wireless Troubleshooting
Wireless Network Troubleshooting: Scenario
Wireless Network Troubleshooting: Solution
Summary
Define Key Terms
Review Questions
Chapter 14 Final Preparation
Tools for Final Preparation
Pearson Cert Practice Test Engine and Questions on the DVD
Install the Software from the DVD
Activate and Download the Practice Exam
Activating Other Exams
Premium Edition
Video Training on DVD
Memory Tables
End-of-Chapter Review Tools
Suggested Plan for Final Review and Study
Summary
APPENDIX A Answers to Review Questions
APPENDIX B CompTIA Network+ N10-005 Exam Updates, Version 1.0
Glossary
Index
APPENDIX C Memory Tables (DVD Only)
APPENDIX D Memory Table Answer Key (DVD Only)

Reader Services
Visit our website and register this book
atwww.pearsonitcertification.com/title/9780789748218 for convenient access
to any updates, downloads, or errata that might be available for this book.

CompTIA Network+
The CompTIA Network+ (2011 Edition) certification ensures that the
successful candidate has the important knowledge and skills necessary to
manage, maintain, troubleshoot, install, operate, and configure basic network
infrastructure, describe networking technologies, basic design principles, and
adhere to wiring standards and use testing tools.
It Pays to Get Certified

In a digital world, digital literacy is an essential survival skill—
Certification proves you have the knowledge and skill to solve business
problems in virtually any business environment. Certifications are highly
valued credentials that qualify you for jobs, increased compensation, and
promotion.
CompTIA Network+ certification held by many IT staff in
organizations—21% of IT staff within a random sampling of U.S.
organizations within a cross section of industry verticals hold Network+
certification.

• The CompTIA Network+ credential—Proves knowledge of networking
features and functions and is the leading vendor-neutral certification for
networking professionals.
• Starting Salary—The average starting salary of network engineers can be
up to $70,000.
• Career Pathway—CompTIA Network+ is the first step in starting a
networking career and is recognized by Microsoft as part of their MS program.
Other corporations, such as Novell, Cisco, and HP, also recognize CompTIA
Network+ as part of their certification tracks.
• More than 260,000—Individuals worldwide are CompTIA Network+
certified.
• Mandated/recommended by organizations worldwide—Such as
Cisco, HP, Ricoh, the U.S. State Department, and U.S. government contractors
such as EDS, General Dynamics, and Northrop Grumman.
How Certification Helps Your Career

CompTIA Career Pathway
CompTIA offers a number of credentials that form a foundation for your
career in technology and allow you to pursue specific areas of concentration.
Depending on the path you choose to take, CompTIA certifications help you

build upon your skills and knowledge, supporting learning throughout your
entire career.

Join the Professional Community

Content Seal of Quality
This courseware bears the seal of CompTIA Approved Quality
Content. This seal signifies this content covers 100% of the exam objectives
and implements important instructional design principles. CompTIA
recommends multiple learning tools to help increase coverage of the learning
objectives.

Why CompTIA?
• Global Recognition—CompTIA is recognized globally as the leading IT
non-profit trade association and has enormous credibility. Plus, CompTIA’s
certifications are vendor-neutral and offer proof of foundational knowledge
that translates across technologies.
• Valued by Hiring Managers—Hiring managers value CompTIA
certification, because it is vendor- and technology-independent validation of
your technical skills.
• Recommended or Required by Government and Businesses—Many
government organizations and corporations either recommend or require
technical staff to be CompTIA certified. (For example, Dell, Sharp, Ricoh, the
U.S. Department of Defense, and many more.)
• Three CompTIA Certifications Ranked in the Top 10—In a study by
DICE of 17,000 technology professionals, certifications helped command
higher salaries at all experience levels.
How to Obtain More Information

• Visit CompTIA online—www.comptia.org to learn more about getting
CompTIA certified.
• Contact CompTIA—Call 866-835-8020 ext. 5 or
emailquestions@comptia.org.
• Join the IT Pro community—http://itpro.comptia.org to join the IT
community to get relevant career information.
• Connect with us—

Introduction
The CompTIA Network+ certification is a popular certification for those
entering the computer-networking field. Although many vendor-specific
networking certifications are popular in the industry, the CompTIA Network+
certification is unique in that it is vendor-neutral. The CompTIA Network+
certification often acts as a stepping-stone to more specialized and vendor-
specific certifications, such as those offered by Cisco Systems.
Notice in your CompTIA Network+ study that the topics are mostly generic, in
that they can apply to networking equipment regardless of vendor. However,
as you grow in your career, I encourage you to seek specialized training for the
equipment you work with on a daily basis.
Goals and Methods
The goal of this book is twofold. The #1 goal of this book is a simple one: to
help you pass the N10-005 version of the CompTIA Network+ exam.
To aid you in mastering and understanding the Network+ certification
objectives, this book uses the following methods:
• Opening topics list: This defines the topics that are covered in the chapter.
• Foundation topics: At the heart of a chapter, this section explains the
topics from a hands-on and a theory-based standpoint. This includes in-depth
descriptions, tables, and figures that build your knowledge so that you can
pass the N10-005 exam. The chapters are each broken into multiple sections.

• Key topics: This indicates important figures, tables, and lists of information
that you need to know for the exam. They are sprinkled throughout each
chapter and are summarized in table format at the end of each chapter.
• Memory tables: These can be found on the DVD within Appendices C and
D. Use them to help memorize important information.
• Key terms: Key terms without definitions are listed at the end of each
chapter. Write down the definition of each term, and check your work against
the complete key terms in the Glossary.
For current information about the CompTIA Network+ certification exam, you
can
visithttp://certification.comptia.org/getCertified/certifications/network.aspx.
Who Should Read This Book?
The CompTIA Network+ exam measures the necessary competencies for an
entry-level networking professional with the equivalent knowledge of at least
500 hours of hands-on experience in the lab or field. This book was written for
people who have that amount of experience working with computer networks.
Average readers will have connected a computer to a network, configured IP
addressing on that computer, installed software on that computer, used
command-line utilities (for example, the ping command), and used a browser
to connect to the Internet.
Readers will range from people who are attempting to attain a position in the
IT field to people who want to keep their skills sharp or perhaps retain their
job because of a company policy that mandates they take the new exams.
This book also targets the reader who wants to acquire additional
certifications beyond the Network+ certification (for example, the Cisco
Certified Network Associate [CCNA] certification and beyond). The book is
designed in such a way to offer easy transition to future certification studies.
Strategies for Exam Preparation
Strategies for exam preparation vary, depending on your existing skills,
knowledge, and equipment available. Of course, the ideal exam preparation
would include building and configuring a computer network from scratch.
Preferably, the network would contain both Microsoft Windows® and UNIX
hosts, at least two Ethernet switches, and at least two routers.
However, not everyone has access to this equipment, so the next best step you
can take is to read the chapters in this book, jotting down notes with key
concepts or configurations on a separate notepad. For more visual learners,
you might consider the Network+ Video Mentor product by Anthony Sequeira,
which is available from Pearson IT Certification, where you get to watch an
expert perform multiple configurations.
After you read the book, you can download the current exam objectives by
submitting a form on the following web

page:http://certification.comptia.org/Training/testingcenters/examobjectives
.aspx
If there are any areas shown in the certification exam outline that you still
want to study, find those sections in this book and review them.
When you feel confident in your skills, attempt the practice exam, which is
included on this book’s DVD. As you work through the practice exam, note the
areas where you lack confidence and review those concepts or configurations
in this book. After you review these areas, work through the practice exam a
second time, and rate your skills. Keep in mind that the more you work
through the practice exam, the more familiar the questions become, and the
practice exam becomes a less accurate judge of your skills.
After you work through the practice exam a second time and feel confident
with your skills, schedule the real CompTIA Network+ exam (N10-005). The
following website provides information about registering for the
exam:http://certification.comptia.org/Training/testingcenters.aspx
To prevent the information from evaporating out of your mind, you should
typically take the exam within a week of when you consider yourself ready to
take it.
CompTIA Network+ Exam Topics
Table I-1 lists general exam topics (objectives) and specific topics under each
general topic (subobjectives) for the CompTIA Network+ N10-005 exam. This
table also lists the chapter in which each exam topic is covered. Note that
some objectives and subobjectives are addressed in multiple chapters.
Table I-1 CompTIA Network+ Exam Topics

How This Book Is Organized
Although this book could be read cover-to-cover, it is designed to be flexible
and allow you to easily move between chapters and sections of chapters to
cover just the material that you need more work with. However, if you do
intend to read all the chapters, the order in the book is an excellent sequence
to use:
• Chapter 1, ―Introducing Computer Networks,‖ introduces the
purpose of computer networks and their constituent components.
Additionally, networks are categorized by their geography, topology, and
resource location.
• Chapter 2, ―Dissecting the OSI Model,‖ presents the two network
models: the OSI model and the TCP/IP stack. These models categorize various
network components from a network cable up to and including an application,
such as e-mail. These models are contrasted, and you are given a listing of
well-known TCP and UDP port numbers used for specific applications.
• Chapter 3, ―Identifying Network Components.‖ A variety of network
components are introduced in this chapter. You are given an explanation of
various media types, the roles of specific infrastructure components, and the

features provided by specialized network devices (for example, a firewall or
content switch).
• Chapter 4, ―Understanding Ethernet.‖ The most widely deployed LAN
technology is Ethernet, and this chapter describes the characteristics of
Ethernet networks. Topics include media access, collision domains, broadcast
domains, and distance/speed limitations for popular Ethernet standards.
Additionally, you are introduced to some of the features available on Ethernet
switches, such as VLANs, trunks, STP, link aggregation, PoE, port monitoring,
and user authentication.
• Chapter 5, ―Working with IP Addresses.‖ One of the most challenging
concepts for many CompTIA Network+ students is IP subnetting. This chapter
demystifies IP subnetting by reviewing the basics of binary numbering, before
delving into basic subnetting and then advanced subnetting. Although most of
the focus of this chapter is on IP version 4 (IPv4) addressing, the chapter
concludes with an introduction to IP version 6 (IPv6).
• Chapter 6, ―Routing Traffic.‖ A primary job of a computer network is to
route traffic between subnets. This chapter reviews the operation of routing IP
traffic and discusses how a router obtains routing information. One way a
router can populate its routing table is through the use of dynamic routing
protocols, several of which are discussed in this chapter. Many environments
(such as a home network connecting to the Internet via a cable modem) use
NAT to convert between private IP addresses inside a network and public IP
addresses outside a network. This chapter discusses DNAT, SNAT, and PAT.
Although the primary focus on this chapter is on unicast routing, the chapter
concludes with a discussion of multicast routing.
• Chapter 7, ―Introducing Wide-Area Networks.‖ Many corporate
networks need to interconnect multiple sites separated by large distances.
Connections between such geographically dispersed sites make up a WAN.
This chapter discusses three categories of WAN connections and contrasts
various WAN connection types, based on supported data rates and media
types. Finally, this chapter lists characteristics for multiple WAN technologies.
• Chapter 8, ―Connecting Wirelessly.‖ In this increasingly mobile world,
wireless technologies are exploding in popularity. This chapter discusses the
basic operation of WLANs. Additionally, WLAN design and security
considerations are addressed.
• Chapter 9, ―Optimizing Network Performance.‖ This chapter
explains the importance of high availability for a network and what
mechanisms help provide a high level of availability. Network performance
optimization strategies are addressed, including a section on QoS. Finally, this
chapter allows you to use what you have learned in this and preceding
chapters to design a SOHO network.

• Chapter 10, ―Using Command-Line Utilities.‖ In your daily
administration and troubleshooting of computer networks, you need
familiarity with various command-line utilities available on the operating
systems present in your network. This chapter presents a collection of popular
command-line utilities for both Microsoft Windows® and UNIX platforms.
• Chapter 11, ―Managing a Network,‖ reviews some of the more common
tools used to physically maintain a network. The components of configuration
management are also presented. Finally, this chapter discusses some of the
network-monitoring tools available to network administrators and what types
of information are included in various logs.
• Chapter 12, ―Securing a Network.‖ Network security is an issue for most
any network, and this chapter covers a variety of network security
technologies. You begin by understanding the goals of network security and
the types of attacks you must defend against. Then, you review a collection of
security best practices. Next, the chapter discusses specific security
technologies, including firewalls, VPNs, IDSs, and IPSs.
• Chapter 13, ―Troubleshooting Network Issues.‖Troubleshooting
network issues in an inherent part of network administration, and this chapter
presents a structured approach to troubleshooting various network
technologies. Specifically, you learn how to troubleshoot common Layer 2,
Layer 3, and wireless network issues.
• Chapter 14, ―Final Preparation,‖ reviews the exam-preparation tools
available in this book and the enclosed DVD. For example, the enclosed DVD
contains a practice exam engine and a collection of ten training videos
presented by the author. Finally, a suggested study plan is presented to assist
you in preparing for the CompTIA Network+ exam (N10-005).
In addition to the 13 main chapters, this book includes tools to help you verify
that you are prepared to take the exam. The DVD includes a practice test and
memory tables that you can work through to verify your knowledge of the
subject matter. The DVD also contains ten training videos that cover some of
the most fundamental and misunderstood content in the CompTIA Network+
curriculum, specifically the OSI model and IP addressing.

Chapter 1. Introducing Computer Networks
After completion of this chapter, you will be able to answer the following
questions:
• What is the purpose of a network?
• What are some examples of network components?
• How are networks defined by geography?
• How are networks defined by topology?
• How are networks defined by resource location?

What comes to mind when you think of a computer network? Is it the
Internet? Is it e-mail? Is it the wireless connection that lets you print to your
printer from your laptop?
Whatever your current perception of a computer network, this chapter and
book, as a whole, helps you gain deep appreciation and understanding of
networked computing. Be aware that although we commonly think of
computer networks as interconnecting computers, today, computer networks
interconnect a variety of devices in addition to just computers. Examples
include game consoles, video-surveillance devices, and IP-based telephones.
Therefore, throughout this book, you can think of the term computer
network as being synonymous with the more generic term network, as these
terms will be used interchangeably.
In this chapter, the goal is to acquaint you with the purpose of a network and
help you categorize a given network based on criteria such as geography,
topology, and the location of a network’s resources. An implied goal of this
and all other chapters in this book is to prepare you to successfully pass the
CompTIA Network+ exam, which is considered to be a cornerstone exam in
the information technology (IT) industry.
Foundation Topics: Defining a Network
It was in the movie A Field of Dreams where they said, ―If you build it, they
will come.‖ That phrase most certainly applies to the evolution of network-
based services seen in modern-day networks. Computer networks are no
longer relegated to allowing a group of computers to access a common set of
files stored on a computer designated as a file server. Instead, with the
building of high-speed, highly redundant networks, network architects are
seeing the wisdom of placing a variety of traffic types on a single network.
Examples include voice and video, in addition to data.
One could argue that a network is the sum of its parts. So, as you begin your
study of networking, you should grasp a basic understanding of fundamental
networking components. These components include such entities as a client,
server, hub, switch, router, and the media used to interconnect these devices.
The Purpose of Networks
At its essence, a network’s purpose is to make connections. These connections
might be between a PC and a printer or between a laptop and the Internet, as
just a couple of examples. However, the true value of a network comes from
the traffic flowing over those connections. Consider a sampling of applications
that can travel over a network’s connections:
• File sharing between two computers
• Video chatting between computers located in different parts of the world

• Surfing the web (for example, to use social media sites, watch streaming
video, listen to an Internet radio station, or do research for a school term
paper)
• Instant messaging (IM) between computers with IM software installed
• E-mail
• Voice over IP (VoIP), to replace traditional telephony systems
A term commonly given to a network transporting multiple types of traffic (for
example, voice, video, and data) is a converged network. A converged network
might offer significant cost savings to organizations that previously supported
separate network infrastructures for voice, data, and video traffic. This
convergence can also potentially reduce staffing costs, because only a single
network needs to be maintained, rather than separate networks for separate
traffic types.
Overview of Network Components
Designing, installing, administering, and troubleshooting a network requires
the ability to recognize various network components and their functions.
Although this is the focus of Chapter 3, ―Identifying Network Components,‖
before we can proceed much further, we need a basic working knowledge of
how individual components come together to form a functioning network.
The components to consider for now are client, server, hub, switch, router,
media, and wide-area network (WAN) link. As a reference for this discussion,
consider Figure 1-1.
Figure 1-1 Sample Computer Network

The following list describes the network components depicted in Figure 1-
1 and the functions they serve:
• Client: The term client defines the device an end user uses to access a
network. This device might be a workstation, laptop, smartphone with
wireless capabilities, or a variety of other end-user terminal devices.

• Server: A server, as the name suggests, serves up resources to a network.
These resources might include e-mail access as provided by an e-mail server,
web pages as provided by a web server, or files available on a file server.
• Hub: A hub is an older technology that interconnects network components,
such as clients and servers. Hubs vary in their number of available ports.
However, for scalability, hubs can be interconnected, up to a point. If too
many hubs are chained together, network errors can result. As discussed
further in Chapter 3, a hub does not perform any inspection of the traffic it
passes. Rather, a hub simply receives traffic in a port (that is, a receptacle to
which a network cable connects) and repeats that traffic out all of the other
ports.
• Switch: Like a hub, a switch interconnects network components, and they
are available with a variety of port densities. However, unlike a hub, a switch
does not simply take traffic in on one port and blast that traffic out all other
ports. Rather, a switch learns which devices reside off of which ports. As a
result, when traffic comes in a switch port, the switch interrogates the traffic
to see where it is destined. Then, based on what the switch has learned, the
switch forwards the traffic out of the appropriate port, and not out all of the
other ports. This dramatically cuts down on the volume of traffic coursing
through your network. A switch is considered a Layer 2 device, which means
that it makes its forwarding decisions based on addresses that are physically
burned into a network interface card (NIC) installed in ahost (that is, any
device that transmits or receives traffic on a network). This burned-in address
is a Media Access Control (MAC) address.
• Router: As discussed in Chapter 3, a router is considered to be aLayer
3 device, which means that it makes its forwarding decisions based on logical
network addresses. Most modern networks useInternet Protocol (IP)
addressing. Therefore, most routers know what logical IP networks reside off
of which router interfaces. Then, when traffic comes into a router, the router
examines the destination IP address of the traffic and, based on the router’s
database of networks (that is, the routing table), the router intelligently
forwards the traffic out the appropriate interface.
• Media: The previously mentioned devices need to be interconnected via
some sort of media. This media could be copper cabling. It could be a fiber-
optic cable. Media might not even be a cable, as is the case with wireless
networks, where radio waves travel through the media of air.Chapter
3 expands on this discussion of media. For now, realize that media varies in its
cost, bandwidth capacity, and distance limitation. For example, although
fiber-optic cabling is more expensive than unshielded twisted-pair cabling, it
can typically carry traffic over longer distances and has a greater bandwidth
capacity (that is, the capacity to carry a higher data rate).

• WAN link: Today, most networks connect to one or more other networks.
For example, if your company has two locations, and those two locations are
interconnected (perhaps via a Frame Relay or Multiprotocol Label Switching
[MPLS] network), the link that interconnects those networks is typically
referred to as a wide-area network (WAN) link. WANs, and technologies
supporting WANs, are covered in Chapter 7, ―Introducing Wide-Area
Networks.‖
Networks Defined by Geography
As you might be sensing at this point, not all networks look the same. They
vary in numerous ways. One criterion by which we can classify networks is
how geographically dispersed the networks components are. For example, a
network might interconnect devices within an office, or a network might
interconnect a database at a corporate headquarters location with a remote
sales office located on the opposite side of the globe.
Based on the geographical dispersion of network components, networks can
be classified into various categories, including the following:
• Local-area network (LAN)

• Wide-area network (WAN)
• Campus-area network (CAN)
• Metropolitan-area network (MAN)
• Personal-area network (PAN)
The following sections describe these different classifications of networks in
more detail.
LAN
A LAN interconnects network components within a local region (for example,
within a building). Examples of common LAN technologies you’re likely to
encounter include Ethernet (that is, IEEE 802.3) and wireless networks (that
is, IEEE 802.11). Figure 1-2 illustrates an example of a LAN.
Figure 1-2 Sample LAN Topology

Note
IEEE stands for the Institute of Electrical and Electronics Engineers, and it is
an internationally recognized standards body.

WAN
A WAN interconnects network components that are geographically separated.
For example, a corporate headquarters might have multiple WAN connections
to remote office sites. Multiprotocol Label Switching (MPLS), Asynchronous
Transfer Mode (ATM), and Frame Relay are examples of WAN
technologies.Figure 1-3 depicts a simple WAN topology, which interconnects
two geographically dispersed locations.
Figure 1-3 Sample WAN Topology

Other Categories of Networks
Although LANs and WANs are the most common terms used to categorize
computer networks based on geography, other categories include campus-area
network (CAN), metropolitan-area network (MAN), and personal-area
network (PAN).
CAN

Years ago, I was a network manager for a university. The university covered
several square miles and had several dozen buildings. Within many of these
buildings was a LAN. However, those building-centric LANs were
interconnected. By interconnecting these LANs, another network type was
created, a CAN. Besides an actual university campus, a CAN might also be
found in an industrial park or business park.
MAN
More widespread than a CAN and less widespread than a WAN, a MAN
interconnects locations scattered throughout a metropolitan area. Imagine, for
example, that a business in Chicago had a location near O’Hare Airport,
another location near the Navy Pier, and another location in the Sears Tower.
If a service provider could interconnect those locations using a high-speed
network, such as a 10-Gbps (that is, 10 billion bits per second) network, the
interconnection of those locations would constitute a MAN. One example of a
MAN technology is Metro Ethernet.
PAN
A PAN is a network whose scale is even smaller than a LAN. As an example, a
connection between a PC and a digital camera via a universal serial bus (USB)
cable could be considered a PAN. Another example is a PC connected to an
external hard drive via a FireWire connection. A PAN, however, is not
necessarily a wired connection. A Bluetooth connection between your cell
phone and your car’s audio system is considered a wireless PAN (WPAN). The
main distinction of a PAN, however, is that its range is typically limited to just
a few meters.
Networks Defined by Topology
In addition to classifying networks based on the geographical placement of
their components, another approach to classifying a network is to use the
network’s topology. Looks can be deceiving, however. You need to be able to
distinguish between a physical topology and a logical topology.
Physical Versus Logical Topology
Just because a network appears to be a star topology (that is, where the
network components all connect back to a centralized device, such as a
switch), the traffic might be flowing in a circular pattern through all the
network components attached to the centralized device. The actual traffic flow
determines the logical topology, while how components are physically
interconnected determines thephysical topology.
As an example, consider Figure 1-4. The figure shows a collection of computers
connected to a Token Ring Media Access Unit (MAU). From a quick
inspection ofFigure 1-4, you can conclude that the devices are physically

connected in a star topology, where the connected devices radiate out from a
centralized aggregation point (that is, the MAU in this example).
Figure 1-4 Physical Star Topology

Next, contrast the physical topology in Figure 1-4 with the logical topology
illustrated in Figure 1-5. Although the computers physically connect to a
centralized MAU, when you examine the flow of traffic through (or in this
case, around) the network, you see that the traffic flow actually loops round-
and-round the network. The traffic flow dictates how to classify a network’s
logical topology. In this instance, the logical topology is a ring topology,
because the traffic circulates around the network as if circulating around a
ring.
Figure 1-5 Logical Ring Topology

Although Token Ring, as used in this example, is rarely seen in modern
networks, it illustrates how a network’s physical and logical topologies can be
quite different.
Bus Topology
A bus topology, as depicted in Figure 1-6, typically uses a cable running
through the area requiring connectivity. Devices that need to connect to the
network then tap into this nearby cable. Early Ethernet networks commonly
relied on bus topologies.
Figure 1-6 Bus Topology

A network tap might be in the form of a T connector (commonly used in older
10BASE2 networks) or a vampire tap (commonly used in older 10BASE5
networks). Figure 1-7 shows an example of a T connector.
Figure 1-7 T Connector

Note
The Ethernet standards mentioned here (that is, 10BASE2 and 10BASE5), in
addition to many other Ethernet standards, are discussed in detail in Chapter
4, ―Understanding Ethernet.‖

A bus and all devices connected to that bus make up a network segment. As
discussed in Chapter 4, a single network segment is a single collision domain,
which means that all devices connected to the bus might try to gain access to
the bus at the same time, resulting in an error condition known as
a collision. Table 1-1 identifies some of the primary characteristics, benefits,
and drawbacks of a bus topology.
Table 1-1 Characteristics, Benefits, and Drawbacks of a Bus Topology

Ring Topology
Figure 1-8 offers an example of a ring topology, where traffic flows in a circular
fashion around a closed network loop (that is, a ring). Typically, a ring
topology sends data, in a single direction, to each connected device in turn,
until the intended destination receives the data. Token Ring networks typically
relied on a ring topology, although the ring might have been the logical
topology, while physically, the topology was a star topology.
Figure 1-8 Ring Topology

Token Ring, however, was not the only popular ring-based topology popular in
networks back in the 1990s. Fiber Distributed Data Interface (FDDI) was
another variant of a ring-based topology. Most FDDI networks (which, as the
name suggests, have fiber optics as the media) used not just one ring, but two.
These two rings sent data in opposite directions, resulting in counter-rotating
rings. One benefit of counter-rotating rings was that if a fiber broke, the
stations on each side of the break could interconnect their two rings, resulting
in a single ring capable of reaching all stations on the ring.
Because a ring topology allows devices on the ring to take turns transmitting
on the ring, contention for media access was not a problem, as it was for a bus
topology. If a network had a single ring, however, the ring became a single
point of failure. If the ring were broken at any point, data would stop
flowing. Table 1-2identifies some of the primary characteristics, benefits, and
drawbacks of a ring topology.
Table 1-2 Characteristics, Benefits, and Drawbacks of a Ring Topology

Star Topology
Figure 1-9 shows a sample star topology with a hub at the center of the
topology and a collection of clients individually connected to the hub. Notice
that a star topology has a central point from which all attached devices radiate.
In LANs, that centralized device was typically a hub back in the early 1990s.
Modern networks, however, usually have a switch located at the center of the
star.
Figure 1-9 Star Topology

Note
Chapter 3 discusses UTP and other types of cabling.

The star topology is the most popular physical LAN topology in use today, with
an Ethernet switch at the center of the star and unshielded twisted-pair cable
(UTP) used to connect from the switch ports to clients.
Table 1-3 identifies some of the primary characteristics, benefits, and
drawbacks of a star topology.
Table 1-3 Characteristics, Benefits, and Drawbacks of a Star Topology

Hub-and-Spoke Topology
When interconnecting multiple sites (for example, multiple corporate
locations) via WAN links, a hub-and-spoke topology has a WAN link from each
remote site (that is, a spoke site) to the main site (that is, the hub site). This
approach, an example of which is shown in Figure 1-10, is similar to the star
topology used in LANs.
Figure 1-10 Hub-and-Spoke Topology

With WAN links, a service provider is paid a recurring fee for each link.
Therefore, a hub-and-spoke topology helps minimize WAN expenses by not
directly connecting any two spoke locations. If two spoke locations need to
communicate between themselves, their communication is sent via the hub
location. Table 1-4 contrasts the benefits and drawbacks of a hub-and-spoke
WAN topology.
Table 1-4 Characteristics, Benefits, and Drawbacks of a Hub-and-Spoke WAN Topology

Full-Mesh Topology
Although a hub-and-spoke WAN topology lacked redundancy and suffered
from suboptimal routes, a full-mesh topology, as shown in Figure 1-11, directly
connects every site to every other site.
Figure 1-11 Full-Mesh Topology

Because each site connects directly to every other site, an optimal path can be
selected, as opposed to relaying traffic via another site. Also, a full-mesh
topology is highly fault tolerant. By inspecting Figure 1-11, you can see that
multiple links in the topology could be lost, and every site might still be able to
connect to every other site. Table 1-5 summarizes the characteristics of a full-
mesh topology.
Table 1-5 Characteristics, Benefits, and Drawbacks of a Full-Mesh WAN Topology

Partial-Mesh Topology
A partial-mesh WAN topology, as depicted in Figure 1-12, is a hybrid of the
previously described hub-and-spoke topology and full-mesh topology.
Specifically, a partial-mesh topology can be designed to provide an optimal
route between selected sites, while avoiding the expense of interconnecting
every site to every other site.
Figure 1-12 Partial-Mesh Topology

When designing a partial-mesh topology, a network designer must consider
network traffic patterns and strategically add links interconnecting sites that
have higher volumes of traffic between themselves. Table 1-6 highlights the
characteristics, benefits, and drawbacks of a partial-mesh topology.
Table 1-6 Characteristics, Benefits, and Drawbacks of a Partial-Mesh Topology

Networks Defined by Resource Location
Yet another way to categorize networks is based on where network resources
reside. An example of a client-server network is a collection of PCs all sharing
files located on a centralized server. However, if those PCs had their operating
system (OS) (for example, Microsoft Windows 7 or Mac OS X) configured for

file sharing, they could share files from one another’s hard drives. Such an
arrangement would be referred to as a peer-to-peer network, because the
peers (that is, the PCs in this example) make resources available to other
peers. The following sections describe client-server and peer-to-peer networks
in more detail.
Client-Server Networks
Figure 1-13 illustrates an example of a client-server network, where a
dedicated file server provides shared access to files, and a networked printer is
available as a resource to the network’s clients. Client-server networks are
commonly used by businesses. Because resources are located on one or more
servers, administration is simpler than trying to administer network resources
on multiple peer devices.
Figure 1-13 Client-Server Network Example

Performance of a client-server network can be better than that of a peer-to-
peer network, because resources can be located on dedicated servers, rather
than on a PC running a variety of end-user applications. Backups can be
simplified, since fewer locations must be backed up. However, client-server
networks come with the extra expense of dedicated server resources. Table 1-
7 contrasts the benefits and drawbacks of client-server networks.
Table 1-7 Characteristics, Benefits, and Drawbacks of a Client-Server Network

Note
A server in a client-server network could be a computer running anetwork
operating system (NOS), such as Novell NetWare or a variety of Microsoft
Windows Server OSs. Alternately, a server might be a host making its file
system available to remote clients via the Network File System (NFS) service,
which was originally developed by Sun Microsystems.

Note
A variant of the traditional server in a client-server network, where the server
provides shared file access, is network-attached storage (NAS). A NAS device
is a mass storage device that attaches directly to a network. Rather than
running an advanced NOS, a NAS device typically makes files available to
network clients via a service such as NFS.

Peer-to-Peer Networks
Peer-to-peer networks allow interconnected devices (for example, PCs) to
share their resources with one another. Those resources could be, for example,
files or printers. As an example of a peer-to-peer network, consider Figure 1-
14, where each of the peers can share files on their own hard drives, and one of
the peers has a directly attached printer that can be shared with the other
peers in the network.
Figure 1-14 Peer-to-Peer Network Example

Peer-to-peer networks are commonly seen in smaller businesses and in
homes. The popularity of these peer-to-peer networks is fueled in part by
client operating systems which support file and print sharing. Scalability for
peer-to-peer networks is a concern, however. Specifically, as the number of
devices (that is, peers) increases, the administration burden increases. For
example, a network administrator might have to manage file permissions on
multiple devices, as opposed to a single server. Consider the characteristics of
peer-to-peer networks as presented in Table 1-8.
Table 1-8 Characteristics, Benefits, and Drawbacks of a Peer-to-Peer Network

Note
Some networks have characteristics of both peer-to-peer and client-server
networks. For example, PCs in a company might all point to a centralized
server for accessing a shared database in a client-server topology. However,
these PCs might simultaneously share files and printers between one another
in a peer-to-peer topology. Such a network, which has a mixture of client-
server and peer-to-peer characteristics, is called a hybrid network.

Summary
The main topics covered in this chapter are the following:
• You were introduced to various network components, including client,
server, hub, switch, router, media, and WAN link.
• One way to classify networks is by their geographical dispersion. Specifically,
these network types were identified: LAN, WAN, CAN, MAN, and PAN.
• Another approach to classifying networks is based on a network’s topology.
Examples of network types, based on topology, include bus, ring, star, partial
mesh, full mesh, and hub-and-spoke.
• This chapter contrasted client-server and peer-to-peer networks.
Review the most important topics from inside the chapter, noted with the Key
Topic icon in the outer margin of the page. Table 1-9 lists these key topics and
the page numbers where each is found.
Table 1-9 Key Topics for Chapter 1

Print a copy of Appendix C, ―Memory Tables‖ (found on the DVD), or at least
the section for this chapter, and complete as much of the tables as possible
from memory. Appendix D, ―Memory Tables Answer Key,‖ also on the DVD,
includes the completed tables and lists so you can check your work.
Define Key Terms
Define the following key terms from this chapter, and check your answers in
the Glossary:
client,
server,
hub,
switch,
router,
media,
WAN link,
local-area network (LAN),
wide-area network (WAN),
campus-area network (CAN),
metropolitan-area network (MAN),
personal-area network (PAN),
logical topology,
physical topology,
bus topology,
ring topology,
star topology,
hub-and-spoke topology,
full-mesh topology,
partial-mesh topology,
client-server network,
peer-to-peer network
Review Questions
The answers to these review questions appear in Appendix A, ―Answers to
Review Questions.‖
1. Which of the following is a device directly used by an end user to access a
network?
a. Server
b. LAN
c. Client
d. Router
2. Which device makes traffic-forwarding decisions based on MAC addresses?
a. Hub

b. Router
c. Switch
d. Multiplexer
3. A company has various locations in a city interconnected using Metro
Ethernet connections. This is an example of what type of network?
a. WAN
b. CAN
c. PAN
d. MAN
4. A network formed by interconnecting a PC to a digital camera via a USB
cable is considered what type of network?
a. WAN
b. CAN
c. PAN
d. MAN
5. Which of the following LAN topologies requires the most cabling?
a. Bus
b. Ring
c. Star
d. WLAN
6. Which of the following topologies offers the highest level of redundancy?
a. Full mesh
b. Hub and spoke
c. Bus
d. Partial mesh
7. How many WAN links are required to create a full mesh of connections
between five remote sites?
a. 5
b. 10
c. 15
d. 20
8. Identify two advantages of a hub-and-spoke WAN topology as compared to
a full-mesh WAN topology. (Choose two.)
a. Lower cost
b. Optimal routes
c. More scalable
d. More redundancy
9. Which type of network is based on network clients sharing resources with
one another?
a. Client-server
b. Client-peer
c. Peer-to-peer

d. Peer-to-server
10. Which of the following is an advantage of a peer-to-peer network, as
compared with a client-server network?
a. More scalable
b. Less expensive
c. Better performance
d. Simplified administration

Chapter 2. Dissecting the OSI Model
After completion of this chapter, you will be able to answer the following
questions:
• What is the purpose of a network model?
• What are the layers of the OSI model?
• What are the characteristics of each layer of the OSI model?
• How does the TCP/IP stack compare to the OSI model?
• What are the well-known TCP and/or UDP port numbers for a given
collection of common applications?
Way back in 1977, the International Organization for Standardization (ISO)
developed a subcommittee to focus on the interoperability of multivendor
communications systems. What sprang from this subcommittee was the Open
Systems Interconnection (OSI) reference model (commonly referred to as
the OSI model or the OSI stack). With this model, you can take just about any
networking technology and categorize that technology as residing at one or
more of the seven layers of the model.
This chapter defines those seven layers and provides examples of what you
might find at each layer. Finally, this chapter contrasts the OSI model with
another model (the TCP/IP stack, also known as the Department of
Defense [DoD]model), which focuses on Internet Protocol (IP)
communications.
Foundation Topics: The Purpose of Reference Models
Throughout your networking career, and throughout this book, you will
encounter various protocols and devices that play a role in your network. To
better understand how a particular technology fits in, however, it helps to have
a common point of reference against which various technologies from various
vendors can be compared.
One of the most common ways of categorizing the function of a network
technology is to state at what layer (or layers) of the OSI model that
technology operates. Based on how that technology performs a certain
function at a certain layer of the OSI model, you can better determine if one
device is going to be able to communicate with another device, which might or

might not be using a similar technology at that layer of the OSI reference
model.
For example, when your laptop connects to a web server on the Internet, your
laptop has been assigned an IP address. Similarly, the web server to which you
are communicating has an IP address. As you see in this chapter, an IP
address lives at Layer 3 (the network layer) of the OSI model. Because both
your laptop and the web server use a common protocol (that is, IP) at Layer 3,
they can communicate with one another.
Personally, I’ve been in the computer-networking industry since 1989, and I
have had the OSI model explained in many classes I’ve attended and books
I’ve read. From this, I’ve taken away a collection of metaphors to help describe
the operation of the different layers of the OSI model. Some of the metaphors
involve sending a letter from one location to another or placing a message in a
series of envelopes. However, my favorite (and the most accurate) way to
describe the OSI model is to simply think of it as being analogous to a
bookshelf, such as the one shown in Figure 2-1.
Figure 2-1 A Bookshelf Is Analogous to the OSI Model

If you were to look at a bookshelf in my home, you’d see that I organized
different types of books on different shelves. One shelf contains my collection
of Star Wars books, another shelf contains the books I wrote for Cisco Press,
another shelf contains my audio books, and so on. I grouped similar books
together on a shelf, just as the OSI model groups similar protocols and
functions together in a layer.

A common pitfall my students and readers encounter when studying the OSI
model is to try to neatly fit all the devices and protocols in their network into
one of the OSI model’s seven layers. However, not every technology is a
perfect fit into these layers. In fact, some networks might not have any
technologies operating at one or more of these layers. This reminds me of my
favorite statement regarding the OSI model. It comes from Rich Seifert’s
book The Switch Book. In that book, Rich reminds us that the OSI model is
a reference model, not a reverence model. That is, there is no cosmic law
stating that all technologies must cleanly plug into the model. So, as you
discover the characteristics of the OSI model layers throughout this chapter,
remember that these layers are like shelves for organizing similar protocols
and functions, not immutable laws.
The OSI Model
As previously stated, the OSI model is comprised of seven layers:
• Layer 1: The physical layer

• Layer 2: The data link layer
• Layer 3: The network layer
• Layer 4: The transport layer
• Layer 5: The session layer
• Layer 6: The presentation layer
• Layer 7: The application layer
Graphically, these layers are usually depicted with Layer 1 at the bottom of the
stack, as shown in Figure 2-2.
Figure 2-2 OSI ―Stack‖

Various mnemonics are available to help memorize these layers in their
proper order. A top-down (that is, starting at the top of the stack with Layer 7
and working your way down to Layer 1) acrostic is All People Seem To Need
Data Processing. As a couple of examples, using this acrostic, the A in All

reminds us of the A in Application, and the P in People reminds us of
the P in Presentation.
At the physical layer, binary expressions (that is, a series of 1s and 0s)
represent data. A binary expression is made up of bits, where a bit is a single 1
or a single 0. At upper layers, however, bits are grouped together, into what is
known as aprotocol data unit (PDU) or a data service unit.
The term packet is used fairly generically to refer to these PDUs. However,
PDUs might have an additional name, depending on their OSI layer. Figure 2-
3illustrates these PDU names. A common memory aid for these PDUs is the
acrostic Some People Fear Birthdays, where the S in Some reminds us of
the S inSegments. The P in People reminds us of the P in Packets, and
the F in Fear reflects the F in Frames. Finally, the B in Birthdays reminds us of
the B in Bits.
Figure 2-3 PDU Names

Layer 1: The Physical Layer
The physical layer, as shown in Figure 2-4, is concerned with the transmission
of data on the network.
Figure 2-4 Layer 1: The Physical Layer

As a few examples, the physical layer defines
• How bits are represented on the medium: Data on a computer
network is represented as a binary expression. Chapter 5, ―Working with IP
Addresses,‖ discusses binary in much more detail. Electrical voltage (on
copper wiring) or light (carried via fiber-optic cabling) can represent these 1s
and 0s.
For example, the presence or the absence of voltage on a wire can represent a
binary 1 or a binary 0, respectively, as illustrated in Figure 2-5. Similarly, the
presence or absence of light on a fiber-optic cable can represent a 1 or 0 in
binary. This type of approach is called current state modulation.
Figure 2-5 Current State Modulation

An alternate approach to representing binary data is state transition
modulation, as shown in Figure 2-6, where the transition between voltages or
the presence of light indicates a binary value.
Figure 2-6 Transition Modulation

Note
Other modulation types you might be familiar with from radio include
amplitude modulation (AM) and frequency modulation (FM). AM uses a
variation in a waveform’s amplitude (that is, signal strength) to represent the
original signal. However, FM uses a variation in frequency to represent the
original signal.

• Wiring standards for connectors and jacks: Several standards for
network connectors are addressed in Chapter 3, ―Identifying Network
Components.‖ As an example, however, the TIA/EIA-568-B standard
describes how an RJ-45 connector should be wired for use on a 100BASE-TX
Ethernet network, as shown in Figure 2-7.
Figure 2-7 TIA/EIA-568-B Wiring Standard for an RJ-45 Connector

• Physical topology: Layer 1 devices view a network as a physical topology
(as opposed to a logical topology). Examples of a physical topology include
bus, ring, and star topologies, as described in Chapter 1, ―Introducing
Computer Networks.‖
• Synchronizing bits: For two networked devices to successfully
communicate at the physical layer, they must agree on when one bit stops and
another bit starts. Specifically, what is needed is a method to synchronize the
bits. Two basic approaches to bit synchronization
include asynchronous and synchronous synchronization:
• Asynchronous: With this approach, a sender indicates that it’s about to
start transmitting by sending a start bit to the receiver. When the receiver sees

this, it starts its own internal clock to measure the subsequent bits. After the
sender transmits its data, it sends a stop bit to indicate that is has finished its
transmission.
• Synchronous: This approach synchronizes the internal clocks of both the
sender and receiver to ensure that they agree on when bits begin and end. A
common approach to make this synchronization happen is to use an external
clock (for example, a clock provided by a service provider), which is referenced
by both the sender and receiver.
• Bandwidth usage: The two fundamental approaches to bandwidth usage
on a network are broadband and baseband:
• Broadband: Broadband technologies divide the bandwidth available on a
medium (for example, copper or fiber-optic cabling) into different channels.
Different communication streams are then transmitted over the various
channels. As an example, considerFrequency-Division Multiplexing (FDM)
used by a cable modem. Specifically, a cable modem uses certain ranges of
frequencies on the cable coming into your home from the local cable company
to carry incoming data, another range of frequencies for outgoing data, and
several other frequency ranges for various TV stations.
• Baseband: Baseband technologies, in contrast, use all the available
frequencies on a medium to transmit data. Ethernet is an example of a
networking technology that uses baseband.
• Multiplexing strategy: Multiplexing allows multiple communications
sessions to share the same physical medium. Cable TV, as previously
mentioned, allows you to receive multiple channels over a single physical
medium (for example, a coaxial cable plugged into the back of your television).
Here are some of the more common approaches to multiplexing:
• Time-division multiplexing (TDM): TDM supports different
communication sessions (for example, different telephone conversations in a
telephony network) on the same physical medium by causing the sessions to
take turns. For a brief period of time, defined as a time slotdata from the first
session will be sent, followed by data from the second session. This continues
until all sessions have had a turn, and the process repeats itself.
• Statistical time-division multiplexing (StatTDM): A downside to
TDM is that each communication session receives its own time slot, even if
one of the sessions does not have any data to transmit at the moment. To
make a more efficient use of available bandwidth, StatTDM dynamically
assigns time slots to communications sessions on an as-needed basis.
• Frequency-division multiplexing (FDM): FDM divides a medium’s
frequency range into channels, and different communication sessions transmit
their data over different channels. As previously described, this approach to
bandwidth usage is called broadband.

Examples of devices defined by physical layer standards include hubs, wireless
access points, and network cabling.
Note
A hub can interconnect PCs in a LAN. However, it is considered to be a
physical layer device, because a hub takes bits coming in on one port and
retransmits those bits out all other hub ports. At no point does the hub
interrogate any addressing information in the data.

Layer 2: The Data Link Layer
The data link layer, as shown in Figure 2-8, is concerned with packaging data
into frames and transmitting those frames on the network, performing error
detection/correction, uniquely identifying network devices with an address,
and handling flow control. These processes are collectively referred to as data
link control (DLC).
Figure 2-8 Layer 2: The Data Link Layer

In fact, the data link layer is unique from the other layers in that it has two
sublayers of its own: MAC and LLC.
Media Access Control
Characteristics of the Media Access Control (MAC) sublayer include the
following:
• Physical addressing: A common example of a Layer 2 address is a MAC
address, which is a 48-bit address assigned to a device’s network interface
card (NIC). The address is commonly written in hexadecimal notation (for
example, 58:55:ca:eb:27:83). The first 24 bits of the 48-bit address are
collectively referred to as the vendor code. Vendors of networking equipment
are assigned one or more unique vendor codes. You can use the list of vendor

codes athttp://standards.ieee.org/develop/regauth/oui/oui.txt to determine the
manufacturer of a networking device, based on the first half of the device’s
MAC address. Because each vendor is responsible for using unique values in
the last 24 bits of a MAC address, and because each vendor has a unique
vendor code, no two MAC addresses in the world should have the same value.
• Logical topology: Layer 2 devices view a network as a logical topology.
Examples of a logical topology include bus and ring topologies, as described
in Chapter 1.
• Method of transmitting on the media: With several devices connected
to a network, there needs to be some strategy for determining when a device is
allowed to transmit on the media. Otherwise, multiple devices might transmit
at the same time, and interfere with one another’s transmissions.
Logical Link Control
Characteristics of the Logical Link Control (LLC) sublayer include the
following:
• Connection services: When a device on a network receives a message
from another device on the network, that recipient device can provide
feedback to the sender in the form of an acknowledgment message. The two
main functions provided by these acknowledgment messages are as follows:
• Flow control: Limits the amount of data a sender can send at one time; this
prevents the receiver from being overwhelmed with too much information.
• Error control: Allows the recipient of data to let the sender know if the
expected data frame was not received or if it was received, but is corrupted.
The recipient determines if the data frame is corrupted by mathematically
calculating a checksum of the data received. If the calculated checksum does
not match the checksum received with the data frame, the recipient of the data
draws the conclusion that the data frame is corrupted and can then notify the
sender via an acknowledgment message.
• Synchronizing transmissions: Senders and receivers of data frames
need to coordinate when a data frame is being transmitted and should be
received. Three methods of performing this synchronization are as follows:
• Isochronous: With isochronous transmission, network devices look to a
common device in the network as a clock source, which creates fixed-length
time slots. Network devices can determine how much free space, if any, is
available within a time slot and insert data into an available time slot. A time
slot can accommodate more than one data frame. Isochronous transmission
does not need to provide clocking at the beginning of a data string (as does
synchronous transmission) or for every data frame (as does asynchronous
transmission). As a result, isochronous transmission uses little overhead when
compared to asynchronous or synchronous transmission methods.

• Asynchronous: With asynchronous transmission, network devices
reference their own internal clocks, and network devices do not need to
synchronize their clocks. Instead, the sender places a start bit at the beginning
of each data frame and a stop bit at the end of each data frame. These start
and stop bits tell the receiver when to monitor the medium for the presence of
bits.
An additional bit, called the parity bit, might also be added to the end of each
byte in a frame to detect an error in the frame. For example, if even parity
error detection (as opposed to odd parity error detection) is used, the parity
bit (with a value of either 0 or 1) would be added to the end of a byte, causing
the total number of 1s in the data frame to be an even number. If the receiver
of a byte is configured for even parity error detection and receives a byte
where the total number of bits (including the parity bit) is even, the receiver
can conclude that the byte was not corrupted during transmission.
Note
Using a parity bit to detect errors might not be effective if a byte has more
than one error (that is, more than one bit that has been changed from its
original value).

• Synchronous: With synchronous transmission, two network devices that
want to communicate between themselves must agree on a clocking method to
indicate the beginning and ending of data frames. One approach to providing
this clocking is to use a separate communications channel over which a clock
signal is sent. Another approach relies on specific bit combinations or control
characters to indicate the beginning of a frame or a byte of data.
Like asynchronous transmissions, synchronous transmissions can perform
error detection. However, rather than using parity bits, synchronous
communication runs a mathematical algorithm on the data to create a cyclic
redundancy check (CRC). If both the sender and receiver calculate the same
CRC value for the same chunk of data, the receiver can conclude that the data
was not corrupted during transmission.
Examples of devices defined by data link layer standards include switches,
bridges, and network interface cards (NIC).
Note
NICs are not entirely defined at the data link layer, because they are partially
based on physical layer standards, such as a NIC’s network connector.

Layer 3: The Network Layer
The network layer, as shown in Figure 2-9, is primarily concerned with
forwarding data based on logical addresses.

Figure 2-9 Layer 3: The Network Layer

Although many network administrators immediately think of routing and IP
addressing when they hear about the network layer, this layer is actually
responsible for a variety of tasks:
• Logical addressing: Although the data link layer uses physical addresses
to make forwarding decisions, the network layer uses logical addressing to
make forwarding decisions. A variety of routed protocols (for example,
AppleTalk and IPX) have their own logical addressing schemes, but by far, the
most widely deployed routed protocol is Internet Protocol (IP). IP addressing
is discussed in detail in Chapter 5, ―Working with IP Addresses.‖
• Switching: The term switching is often associated with Layer 2
technologies; however, the concept of switching also exists at Layer 3.
Switching, at its essence, is making decisions about how data should be
forwarded. At Layer 3, three common switching techniques exist:
• Packet switching: With packet switching, a data stream is divided into
packets. Each packet has a Layer 3 header, which includes a source and
destination Layer 3 address. Another term for packet switching is routing,
which is discussed in more detail in Chapter 6, ―Routing Traffic.‖
• Circuit switching: Circuit switching dynamically brings up a dedicated
communication link between two parties in order for those parties to
communicate.
As a simple example of circuit switching, think of making a phone call from
your home to a business. Assuming you have a traditional landline servicing
your phone, the telephone company’s switching equipment interconnects your
home phone with the phone system of the business you’re calling. This
interconnection (that is, circuit) only exists for the duration of the phone call.
• Message switching: Unlike packet switching and circuit switching
technologies, message switching is usually not well-suited for real-time
applications, because of the delay involved. Specifically, with message

switching, a data stream is divided into messages. Each message is tagged with
a destination address, and the messages travel from one network device to
another network device on the way to their destination. Because these devices
might briefly store the messages before forwarding them, a network using
message switching is sometimes called a store-and-forward network.
Metaphorically, you could visualize message switching like routing an e-mail
message, where the e-mail message might be briefly stored on an e-mail server
before being forwarded to the recipient.
• Route discovery and selection: Because Layer 3 devices make
forwarding decisions based on logical network addresses, a Layer 3 device
might need to know how to reach various network addresses. For example, a
common Layer 3 device is a router. A router can maintain a routing table
indicating how to forward a packet based on the packet’s destination network
address.
A router can have its routing table populated via manual configuration (that is,
by entering static routes), via a dynamic routing protocol (for example, RIP,
OSPF, or EIGRP), or simply by the fact that the router is directly connected to
certain networks.
Note
Routing protocols are discussed in Chapter 6.

• Connection services: Just as the data link layer provided connection
services for flow control and error control, connection services also exist at the
network layer. Connection services at the network layer can improve the
communication reliability, in the event that the data link’s LLC sublayer is not
performing connection services.
The following functions are performed by connection services at the network
layer:
• Flow control (also known as congestion control): Helps prevent a
sender from sending data more rapidly that the receiver is capable is receiving
the data.
• Packet reordering: Allows packets to be placed in the appropriate
sequence as they are sent to the receiver. This might be necessary, because
some networks support load-balancing, where multiple links are used to send
packets between two devices. Because multiple links are used, packets might
arrive out of order.
Examples of devices found at the network layer include routers and multilayer
switches. The most common Layer 3 protocol in use today, and the protocol on
which the Internet is based, is IP.
A less popular Layer 3 protocol is Novell’s Internetwork Packet
Exchange (IPX), which has its own format for Layer 3 addressing. Although

IPX is a Novell-developed protocol, most modern Novell networks use IP as
their Layer 3 protocol.
Note
Routers and multilayer switches are discussed in Chapter 3.

Layer 4: The Transport Layer
The transport layer, as shown in Figure 2-10, acts as a dividing line between
the upper layers and lower layers of the OSI model. Specifically, messages are
taken from upper layers (Layers 5–7) and are encapsulated into segments for
transmission to the lower layers (Layers 1–3). Similarly, data streams coming
from lower layers are decapsulated and sent to Layer 5 (the session layer), or
some other upper layer, depending on the protocol.
Figure 2-10 Layer 4: The Transport Layer

Two common transport layer protocols include Transmission Control
Protocol(TCP) and User Datagram Protocol (UDP):
• Transmission Control Protocol (TCP): A connection-oriented transport
protocol. Connection-oriented transport protocols provide reliable transport,
in that if a segment is dropped, the sender can detect that drop and retransmit
that dropped segment. Specifically, a receiver acknowledges segments that it
receives. Based on those acknowledgments, a sender can determine which
segments were successfully received and which segments need to be
transmitted again.
• User Datagram Protocol (UDP): A connectionless transport protocol.
Connectionless transport protocols provide unreliable transport, in that if a
segment is dropped, the sender is unaware of the drop, and no retransmission
occurs.
A less popular Layer 4 protocol is Novell’s Sequenced Packet Exchange (SPX).
Similar to the TCP/IP stack of protocols, Novell’s solution (much more

popular in the mid 1990s) was the IPX/SPX stack of protocols. However, most
modern Novell networks rely on TCP/IP rather than IPX/SPX.
Note
Microsoft introduced its own implementation of Novell’s IPX/SPX, which was
named NWLink IPX/SPX.

Just as Layer 2 and Layer 3 each offer flow control services, flow control
services also exist at Layer 4. Two common flow control approaches at Layer 4
are as follows:
• Windowing: TCP communication uses windowing, in that one or more
segments are sent at one time, and a receiver can acknowledge the receipt of
all the segments in a window with a single acknowledgment. In some cases, as
illustrated in Figure 2-11, TCP uses a sliding window, where the window size
begins with one segment. If there is a successful acknowledgment of that one
segment (that is, the receiver sends an acknowledgment asking for the next
segment), the window size doubles to two segments. Upon successful receipt
of those two segments, the next window contains four segments. This
exponential increase in window size continues until the receiver does not
acknowledge successful receipt of all segments within a certain time period
(known as the round trip time [RTT], which is sometimes called real transfer
time), or until a configured maximum window size is reached.
Figure 2-11 TCP Sliding Window

• Buffering: With buffering, a device (for example, a router) allocates a
chunk of memory (sometimes called a buffer or a queue) to store segments if
bandwidth is not currently available to transmit those segments. A queue has
a finite capacity, however, and can overflow (that is, drop segments) in the
event of sustained network congestion.
In addition to TCP and UDP, Internet Control Message Protocol (ICMP) is
another transport layer protocol you are likely to encounter. ICMP is used by
utilities such as ping and traceroute, which are discussed in Chapter 10,
―Using Command-Line Utilities.‖
Layer 5: The Session Layer
The session layer, as shown in Figure 2-12, is responsible for setting up,
maintaining, and tearing down sessions. A session can be thought of as a
conversation that needs to be treated separately from other sessions to avoid
intermingling of data from different conversations.
Figure 2-12 Layer 5: The Session Layer

• Setting up a session: Examples of the procedures involved in setting up a
session include:
• Checking user credentials (for example, username and password)
• Assigning numbers to a session’s communications flows to uniquely identify
each flow
• Negotiating services required during the session
• Negotiating which device begins sending data
• Maintaining a session: Examples of the procedures involved in
maintaining a session include:
• Transferring data
• Reestablishing a disconnected session
• Acknowledging receipt of data
• Tearing down a session: A session can be disconnected based on mutual
agreement of the devices in the session. Alternately, a session might be torn
down because one party disconnects (either intentionally or because of an
error condition). In the event that one party disconnects, the other party can
detect a loss of communication with that party and tear down its side of the
session.

Table of Contents
Title Page
Copyright Page
Acknowledgements
About the Author
Introduction
Chapter 1 - Basic IOS Commands

Booting the Router
Configuring a Router
Using the show Command

Chapter 2 - Managing a Cisco Internetwork

Understanding the Internal Components of a Cisco Router
Managing the Configuration Register
Backing Up and Restoring the Cisco IOS
Backing Up and Restoring the Cisco Configuration
Using Cisco Discovery Protocol (CDP)
Using Telnet
Resolving Hostnames
Checking Network Connectivity and Troubleshooting
Using the sh processes Command

Chapter 3 - IP Routing

Routing Basics
Routing Protocol Basics
Routing Information Protocol (RIP)

Chapter 4 - Enhanced IGRP (EIGRP) and Open Shortest Path First (OSPF)

Understanding EIGRP Basics
Understanding Open Shortest Path First (OSPF) Basics
Configuring OSPF
Verifying OSPF Configuration

Chapter 5 - Layer-2 Switching and Spanning-Tree Protocol (STP)

Switching Services

Chapter 6 - Virtual LANs (VLANs)

Understanding VLAN Basics
Configuring VLANs
Configuring VTP
Telephony: Configuring Voice VLANs

Chapter 7 - Security

Perimeter Routers, Firewalls, and Internal Routers
Introduction to Access Lists
Standard Access Lists
Extended Access Lists
Monitoring Access Lists

Chapter 8 - Network Address Translation (NAT)

When Do We Use NAT?
Types of Network Address Translation
NAT Names
Configuring NAT Using SDM

Chapter 9 - Cisco’s Wireless Technologies

Introducing Wireless Technology
Configuring Cisco Wireless Using the IOS
Configuring Cisco Wireless Using the SDM/HTTP

Chapter 10 - Internet Protocol Version 6 (IPv6)

Why Do We Need IPv6?
IPv6 Addressing and Expressions
IPv6 Routing Protocols
Migrating to IPv6
Verifying RIPng
Verifying OSPFv3

Chapter 11 - Wide Area Networks (WANs)

Introduction to Wide Area Networks
High-Level Data-Link Control (HDLC) Protocol
Point-to-Point Protocol (PPP)
Introduction to Frame Relay Technology

Chapter 12 - Cisco’s Security Device Manager (SDM)

Configuring Your Router to Be Set Up Through the SDM
Using the SDM to Manage the Flash Memory
Using the SDM to Back Up, Restore, and Edit the Router’s Configuration
Configuring LAN and WAN Interfaces and Verifying a Router Using SDM

Configuring RIP on a Router with SDM
Configuring OSPF with the SDM

What Does This Book Cover?
This book covers everything you need to know in order to understand the
CCNA exam objective commands. However, taking the time to study and
practice with routers or a router simulator is the real key to success.
You will learn the following information in this book:
• Chapter 1 introduces you to the Cisco Internetwork Operating System (IOS)
and command-line interface (CLI). In this chapter you will learn how to turn
on a router and configure the basics of the IOS, including setting passwords,
banners, and more. IP configuration using the Secure Device Manager (SDM)
will be discussed in Chapter 12.
• Chapter 2 provides you with the management skills needed to run a Cisco
IOS network. Backing up and restoring the IOS, as well as router
configuration, are covered, as are the troubleshooting command tools
necessary to keep a network up and running. Chapter 12 will provide you the
SDM configuration covered in this chapter.
• Chapter 3 teaches you about IP routing. This is an important chapter,
because you will learn how to build a network, add IP addresses, and route
data between routers. You will also learn about static, default, and dynamic
routing using RIP and RIPv2 (with a small touch of IGRP).
• Chapter 4 dives into more complex dynamic routing with Enhanced IGRP
and OSPF routing.
• Chapter 5 gives you a background on layer-2 switching and how switches
perform address learning and make forwarding and filtering decisions.
Network loops and how to avoid them with the Spanning Tree Protocol (STP)
will be discussed, as well as the 802.1w STP version.
• Chapter 6 covers virtual LANs and how you can use them in your
internetwork. This chapter also covers the nitty-gritty of VLANs and the
different concepts and protocols used with VLANs, as well as troubleshooting.
• Chapter 7 covers security and access lists, which are created on routers to
filter the network. IP standard, extended, and named access lists are covered
in detail.
• Chapter 8 covers Network Address Translation (NAT). New information and
all the configuration commands, troubleshooting, and verification commands
needed to understand the NAT CCNA objectives are covered in this chapter.
• Chapter 9 covers wireless technologies. This is an introductory chapter
regarding wireless technologies as Cisco views wireless. Make sure you
understand your basic wireless technologies such as access points and clients
as well as the difference between 802.11a, b, and g. This chapter is more

technology based than configuration based to cover the current CCNA
objectives.
• Chapter 10 covers IPv6. This is a very fun chapter and has some great
information. IPv6 is not the big, bad scary monster that most people think it
is. IPv6 is an objective on this new exam, so study this chapter carefully. This
chapter is more technology based then configuration based to cover the
current CCNA objectives. Keep an eye out at www.lammle.com for up-to-the-
minute updates.
• Chapter 11 concentrates on Cisco wide area network (WAN) protocols. This
chapter covers HDLC, PPP, and Frame Relay in depth. You must be proficient
in all these protocols to be successful on the CCNA exam.
• Chapter 12 covers SDM for basic router configures that we covered in
Chapters 1, 2, 3, and 4.

For up-to-the minute updates covering additions or modifications to the
CCNA certification exams, as well as additional study tools and review
questions, be sure to visit the Todd Lammle forum and website
at www.lammle.com or www.sybex.com/go/ccnafastpass.

Cisco Certified Network Associate (CCNA)
The CCNA certification was the first in the new line of Cisco certifications and
was the precursor to all current Cisco certifications. Now you can become a
Cisco Certified Network Associate for the meager cost of this book and either
one test at $150 or two tests at $125 each—although the CCNA exams are
extremely hard and cover a lot of material, so you have to really know your
stuff! Taking a Cisco class or spending months with hands-on experience is
not out of the norm.
Once you have your CCNA, you don’t have to stop there—you can choose to
continue with your studies and achieve a higher certification, called the Cisco
Certified Network Professional (CCNP). Someone with a CCNP has all the
skills and knowledge he or she needs to attempt the routing and switching
CCIE lab. Just becoming a CCNA can land you that job you’ve dreamed about.

Why Become a CCNA?
Cisco, not unlike Microsoft and Novell (Linux), has created the certification
process to give administrators a set of skills and to equip prospective
employers with a way to measure skills or match certain criteria. Becoming a

CCNA can be the initial step of a successful journey toward a new, highly
rewarding, sustainable career.
The CCNA program was created to provide a solid introduction not only to
the Cisco Internetwork Operating System (IOS) and Cisco hardware but also
to internetworking in general, making it helpful to you in areas that are not
exclusively Cisco’s. At this point in the certification process, it’s not unrealistic
that network managers—even those without Cisco equipment—require Cisco
certifications for their job applicants.
If you make it through the CCNA and are still interested in Cisco and
internetworking, you’re headed down a path to certain success.

What Skills Do You Need to Become a CCNA?
To meet the CCNA certification skill level, you must be able to understand or
do the following:
• A CCNA certified professional can install, configure, and operate LAN, WAN,
and wireless access services securely, as well as troubleshoot and configure
small to medium networks (500 nodes or fewer) for performance.
• This knowledge includes, but is not limited to, use of these protocols: IP,
IPv6, EIGRP, RIP, RIPv2, OSPF, serial connections, Frame Relay, cable, DSL,
PPPoE, LAN switching, VLANs, Ethernet, security, and access lists.

How Do You Become a CCNA?
The way to become a CCNA is to pass one little test (CCNA Composite exam
640-802). Then—poof!—you’re a CCNA. (Don’t you wish it were that easy?)
True, it can be just one test, but you still have to possess enough knowledge to
understand what the test writers are saying.
However, Cisco has a two-step process that you can take in order to become
a CCNA that may or may not be easier than taking one longer exam (this book
is based on the one-step 640-802 method; however, this book has all the
information you need to pass all three exams.
The two-step method involves passing the following:
• Exam 640-822: Interconnecting Cisco Networking Devices 1(ICND1)
• Exam 640-816: Introduction to Cisco Networking Devices 2 (ICND2)
I can’t stress this enough: It’s critical that you have some hands-on
experience with Cisco routers. If you can get ahold of some 1841 or 2800
series routers, you’re set. But if you can’t, I’ve worked hard to provide
hundreds of configuration examples throughout this book to help network
administrators (or people who want to become network administrators) learn
what they need to know to pass the CCNA exam.

Since the new 640-802 exam is so hard, Cisco wants to reward you for
taking the two-test approach. Or so it seems anyway. If you take the ICND1
exam, you actually receive a certification called the Cisco Certified Entry
Networking Technician (CCENT). This is one step toward your CCNA. To
achieve your CCNA, you must still pass your ICND2 exam.
Again, this book is written to help you study for all three exams.

For Cisco-authorized hands-on training with CCSI Todd Lammle, please
see www.globalnettraining.com. Each student will get hands-on experience by
configuring at least three routers and two switches—no sharing of equipment!

Where Do You Take the Exams?
You may take any of the CCNA exams at any of the Pearson VUE authorized
centers (www.vue.com) or call (877) 404-EXAM (3926).
To register for a Cisco Certified Network Associate exam, follow these steps:
1. Determine the number of the exam you want to take.
2. Register with the nearest Pearson VUE testing center. At this point, you will
be asked to pay in advance for the exam. At the time of this writing, the exam
for the 640-802 is $150 and must be taken within one year of payment. You
can schedule exams up to six weeks in advance or as late as the same day you
want to take it—but if you fail a Cisco exam, you must wait five days before you
will be allowed to retake the exam. If something comes up and you need to
cancel or reschedule your exam appointment, contact Pearson VUE at least 24
hours in advance.
3. When you schedule the exam, you’ll get instructions regarding all
appointment and cancellation procedures, the ID requirements, and
information about the testing-center location.

Tips for Taking Your CCNA Exams
The CCNA Composite exam test contains about 55 questions and must be
completed in 75 to 90 minutes or less. This information can change per exam.
You must get a score of about 80 to 85 percent to pass this exam, but again,
each exam can be different.
Many questions on the exam have answer choices that at first glance look
identical—especially the syntax questions! Remember to read through the
choices carefully because close doesn’t cut it. If you get commands in the
wrong order or forget one measly character, you’ll get the question wrong. So,

to practice, do the hands-on exercises at the end of this book’s chapters over
and over again until they feel natural to you.
Also, never forget that the right answer is the Cisco answer. In many cases,
more than one appropriate answer is presented, but the correct answer is the
one that Cisco recommends. On the exam, you’re always instructed to pick
one, two, or three, never ―choose all that apply.‖ The latest CCNA exams may
include the following test formats:
• Multiple-choice single answer
• Multiple-choice multiple answer
• Drag-and-drop
• Fill-in-the-blank
• Router simulations
In addition to multiple choice and fill-in response questions, Cisco Career
Certifications exams may include performance simulation exam items. They
do allow partial command responses. For example, show config, sho config, or
sh conf would be acceptable. Router#show ip protocol or router#show ip prot
would be acceptable.
Here are some general tips for exam success:
• Arrive early at the exam center so you can relax and review your study
materials.
• Read the questions carefully. Don’t jump to conclusions. Make sure you’re
clear about exactly what each question asks.
• When answering multiple-choice questions that you’re not sure about, use
the process of elimination to get rid of the obviously incorrect answers first.
Doing this greatly improves your odds if you need to make an educated guess.
• You can no longer move forward and backward through the Cisco exams, so
double check your answer before clicking Next since you can’t change your
mind.
After you complete an exam, you’ll get immediate, online notification of
your pass or fail status, a printed Examination Score Report that indicates
your pass or fail status, and your exam results by section. (The test
administrator will give you the printed score report.) Test scores are
automatically forwarded to Cisco within five working days after you take the
test, so you don’t need to send your score to them. If you pass the exam, you’ll
receive confirmation from Cisco, typically within two to four weeks,
sometimes longer.

This book covers everything CCNA related. For up-to-date information on
Todd Lammle Cisco Authorized CCNA CCNP, CCSP, CCVP, and CCIE boot
camps, please see www.lammle.com orwww.globalnettraining.com.

How to Contact the Author
You can reach Todd Lammle through GlobalNet Training Solutions, Inc.,
(www.globalnettraining.com), his training and systems Integration Company
in Dallas, Texas—or through his forum at www.lammle.com.
Chapter 1
Basic IOS Commands

This book starts by introducing you to the Cisco Internetwork Operating
System (IOS). The IOS is what runs Cisco routers as well as some Cisco
switches, and it’s what allows you to configure the devices. You use the
command-line interface (CLI) to configure a router, and that is what I’ll show
you in this chapter.
The Cisco router IOS software is responsible for the following important
tasks:
• Carrying network protocols and functions
• Connecting high-speed traffic between devices
• Adding security to control access and stop unauthorized network use
• Providing scalability for ease of network growth and redundancy
• Supplying network reliability for connecting to network resources
You can access the Cisco IOS through the console port of a router, from a
modem into the auxiliary (or aux) port, or even through Telnet and Secure
Shell (SSH). Access to the IOS command line is called an exec session.
Once you have attached your console cable (this is a rolled cable, sometimes
referred to as a rollover cable) to the router and have started your terminal
software, you will be ready to power on the router. Assuming that this is a new
router, it will have no configuration and thus will need to have, well,
everything set up. In this chapter, first I’ll cover the power-on process of the
router, and then I’ll introduce the setup script.

For up-to-the minute updates for this chapter, please seewww.lammle.com

Booting the Router

The following messages appear when you first boot or reload a router:

Notice the following in the previous messages:
• The type of router (2811) and the amount of memory (262,144KB)
• The version of software the router is running (12.4, 13)
• The interfaces on the router (two Fast Ethernet and four serial)
Figure 1.1 shows a picture of an 1841 router, which is what is called
anintegrated services router (ISR), just like the 2811 router output shown
earlier.

FIGURE 1.1 A Cisco 1841 router

An 1841 router holds most of the same interfaces as a 2800 router, but it’s
smaller and less expensive.

Setup Mode
If the router has no initial configuration, you will be prompted to use setup
mode to establish an initial configuration. You can also enter setup mode at
any time from the command line by typing the command setup from
something calledprivileged mode. Setup mode covers only some global
commands and is generally just not helpful. Here is an example:

You can exit setup mode at any time by pressing Ctrl+C.

Router Configuration Modes
One key to navigating the CLI is to always be aware of which router
configuration mode you are currently in (see Table 1.1). You can tell which
configuration mode you are in by watching the CLI prompt.

TABLE 1.1 Router Configuration Modes

Once you understand the different modes, you will need to be able to move
from one mode to another within the CLI. The commands in Table 1.2 allow
you to navigate between the assorted CLI modes.

TABLE 1.2 Moving Between Modes

Editing and Help Features
One difference between a good and a great CLI engineer is the ability to
quickly edit the line being entered into the router. Great CLI engineers can
quickly recall previously entered commands and modify them, which is often
much quicker than reentering the entire command. Table 1.3 shows some of
the editing commands most commonly used.

TABLE 1.3 CLI Editing Commands

The CLI also provides extensive online help. Any great CLI engineer will
have an excessively worn question-mark key on the keyboard! Table 1.4 shows
some examples of using the online help.

TABLE 1.4 Online Help Commands

Using the Question Mark
The only command is the question mark; however, it does make a difference
where you use it. When entering complex IOS commands, it is common to use
the question mark repeatedly while entering the command, as in the following
example:

Using the Pipe
The pipe (|) allows you to wade through all the configurations or other long
outputs and get straight to your goods fast. Table 1.5 shows the pipe
commands.

TABLE 1.5 Pipe Commands

Here’s an example of using the pipe command to view just interface
information on a router:

Configuring a Router
In the following sections, I’ll introduce the commands used to do basic router
configuration. You’ll use these commands (or should use them) on every
router you configure.

Hostnames
You can set the identity of the router with the hostname command. This is
only locally significant, which means it has no bearing on how the router
performs name lookups or how the router works on the internetwork. Table
1.6 shows the command for setting a router’s hostname.

TABLE 1.6 Setting a Router Hostname

Here’s an example of setting a hostname on a router:

Banners
You can create a banner to give anyone who shows up on the router exactly the
information you want them to have. Make sure you’re familiar with these four
available banner types: exec process creation banner, incoming terminal line

banner, login banner, and message of the day banner (all illustrated in Table
1.7).

TABLE 1.7 Setting a Banner

The following describes the various banners:
MOTD banner The MOTD banner will be displayed whenever anyone
attaches to the router, regardless of how they access the router.
Exec banner You can configure a line activation (exec) banner to be
displayed when an EXEC process (such as a line activation or incoming
connection to a VTY line) is created. By simply starting a user exec session
through a console port, you’ll activate the exec banner.
Incoming banner You can configure a banner to be displayed on terminals
connected to reverse Telnet lines. This banner is useful for providing
instructions to users who use reverse Telnet.
Login banner You can configure a login banner to be displayed on all
connected terminals. This banner is displayed after the MOTD banner but
before the login prompts. The login banner can’t be disabled on a per-line
basis, so to globally disable it, you have to delete it with the no banner login
command.

Passwords
You can use five passwords to secure your Cisco routers: console, auxiliary,
Telnet (VTY), enable password, and enable secret. However, other commands
are necessary to complete the password configurations on a router or switch,
as shown in Table 1.8.

TABLE 1.8 Setting Passwords

Setting Passwords
Here’s an example of setting all your passwords and then encrypting them in
the plain configuration file:

Some other console helpful commands include the following. This
sets the console timeout in second and minutes from 0-35791:

This redisplays interrupted console input:

Here’s an example of setting the exec-timeout and logging synchronous
commands:

Setting Up Secure Shell (SSH)
Instead of Telnet, you can use Secure Shell, which creates a more secure
session than the Telnet application that uses an unencrypted data stream. SSH
uses encrypted keys to send data so that your username and password are not
sent in the clear. Table 1.9 lists the commands.

TABLE 1.9 SSH Commands

Here’s an example of how you set up SSH on a router:
1. Set your hostname:

2. Set the domain name (both the hostname and domain name are required
for the encryption keys to be generated):

3. Generate the encryption keys for securing the session:

4. Set the maximum idle timer for an SSH session:

5. Set the maximum failed attempts for an SSH connection:

6. Connect to the VTY lines of the router:

7. Last, configure SSH and then Telnet as access protocols:

If you do not use the keyword tel net at the end of the command string, then
only SSH will work on the router. I suggest that you use just SSH if at all
possible. Telnet is just too insecure for today’s networks.

A Practical Guide to Advanced
Networking

Introduction
1 Network Infrastructure Design
2 Advanced Router Configuration I
3 Advanced Router Configuration II
4 Configuring Juniper Routers
5 Configuring and Managing the Network Infrastructure
6 Analyzing Network Data Traffic
7 Network Security
8 IPv6
9 Linux Networking
10 Internet Routing
11 Voice over IP
Glossary
Index

Table of Contents
Introduction
Chapter 1 Network Infrastructure Design
Chapter Outline
Objectives
Key Terms
Introduction
1-1 Physical Network Design
Core
Distribution Layer
Access Layer
Data Flow
Selecting the Media
1-2 IP Subnet Design
IP Address Range
Determining the Number of Subnetworks Needed for the Network
Determining the Size or the Number of IP Host Addresses Needed for the
Network
IP Assignment
1-3 VLAN Network
Virtual LAN (VLAN)
VLAN Configuration
VLAN Tagging
802.1Q Configuration
Networking Challenge: Static VLAN Configuration

Configuring the HP Procurve Switch
1-4 Routed Network
Router
Gateway Address
Network Segments
Multilayer Switch
Layer 3 Routed Networks
Routed Port Configuration
InterVLAN Routing Configuration
Serial and ATM Port Configuration
Summary
Questions and Problems
Chapter 2 Advanced Router Configuration I
Chapter Outline
Objectives
Key Terms
Introduction
2-1 Configuring Static Routing
Gateway of Last Resort
Configuring Static Routes
Load Balancing and Redundancy
Networking Challenge—Static Routes
2-2 Dynamic Routing Protocols
Distance Vector Protocols
Link State Protocols
2-3 Configuring RIPv2
Configuring Routes with RIP
Configuring Routes with RIP Version 2
Networking Challenge—RIP
2-4 TFTP—Trivial File Transfer Protocol
Configuring TFTP
Summary
Chapter 3 Advanced Router Configuration II
Chapter Outline
Objectives
Key Terms
Introduction
3-1 Configuring Link State Protocols—OSPF
Link State Protocols
Configuring Routes with OSPF
Load Balancing and Redundancy with OSPF

Networking Challenge—OSPF
3-2 Configuring Link State Protocols—IS-IS
Configuring Routes with IS-IS
Load Balancing and Redundancy with IS-IS
Networking Challenge: IS-IS
3-3 Configuring Hybrid Routing Protocols—EIGRP
Configuring Routes with EIGRP
Load Balancing and Redundancy
Networking Challenge: EIGRP
3-4 Advanced Routing Redistribution
Route Redistribution into RIP
Route Redistribution into OSPF
Route Redistribution into EIGRP
Route Redistribution into IS-IS
3-5 Analyzing OSPF ―Hello‖ Packets
Summary
Chapter 4 Configuring Juniper Routers
Chapter Outline
Objectives
Key Terms
Introduction
4-1 Operational Mode
4-2 Router Configuration Mode
Displaying the Router Interfaces
Hostname Configuration
Assigning an IP Address to an Interface
4-3 Configuring Routes on Juniper Routers
Configure STATIC Routes on Juniper Routers
Configure RIP on Juniper Routers
Configure OSPF on Juniper Routers
Configure IS-IS on Juniper Routers
4-4 Configuring Route Redistribution on Juniper Routers
Summary
Chapter 5 Configuring and Managing the Network Infrastructure
Chapter Outline
Objectives
Key Terms
Introduction
5-1 Domain Name and IP Assignment
5-2 IP Management with DHCP

DHCP Data Packets
DHCP Deployment
5-3 Scaling the Network with NAT and PAT
Configuring NAT
5-4 Domain Name Service (DNS)
DNS Tree Hierarchy
DNS Resource Records
Summary
Chapter 6 Analyzing Network Data Traffic
Chapter Outline
Objectives
Key Terms
Introduction
6-1 Protocol Analysis/Forensics
Basic TCP/UDP Forensics
ARP and ICMP
6-2 Wireshark Protocol Analyzer
Using Wireshark to Capture Packets
6-3 Analyzing Network Data Traffic
Configuring SNMP
NetFlow
6-4 Filtering
FTP Filtering
Right-Click Filtering Logic Rules
Filtering DHCP
Summary
Chapter 7 Network Security
Chapter Outline
Objectives
Key Terms
Introduction
7-1 Denial of Service
Distributed Denial of Service Attacks (DDoS)
7-2 Firewalls and Access Lists
Network Attack Prevention
Access Lists
7-3 Router Security
Router Access
Router Services
Router Logging and Access-List

7-4 Switch Security
Switch Port Security
Switch Special Features
7-5 Wireless Security
7-6 VPN Security
VPN Tunneling Protocols
Configuring a VPN Virtual Interface (Router to Router)
Troubleshooting the VPN Tunnel Link
Summary
Chapter 8 IPv6
Chapter Outline
Objectives
Key Terms
Introduction
8-1 Comparison of IPv6 and IPv4
8-2 IPv6 Addressing
8-3 IPv6 Network Settings
8-4 Configuring a Router for IPv6
8-5 IPv6 Routing
IPv6: Static
IPv6: RIP
IPv6: OSPF
IPv6: EIGRP
IPv6: IS-IS
8-6 Troubleshooting IPv6 Connection
Summary
Chapter 9 Linux Networking
Chapter Outline
Objectives
Key Terms
Introduction
9-1 Logging On to Linux
Adding a User Account
9-2 Linux File Structure and File Commands
Listing Files
Displaying File Contents
Directory Operations
File Operations
Permissions and Ownership
9-3 Linux Administration Commands

The man (manual) Command
The ps (processes) Command
The su (substitute user) Command
The mount Command
The shutdown Command
Linux Tips
9-4 Adding Applications to Linux
9-5 Linux Networking
Installing SSH
The FTP Client
DNS Service on Linux
Changing the Hostname
9-6 Troubleshooting System and Network Problems with Linux
Troubleshooting Boot Processes
Listing Users on the System
Network Security
Enabling and Disabling Boot Services
9-7 Managing the Linux System
Summary
Chapter 10 Internet Routing
Chapter Outline
Objectives
Key Terms
Introduction
10-1 Internet Routing—BGP
Configuring a WAN Connection
Configuring an Internet Connection
10-2 Configuring BGP
Configuring BGP
Networking Challenge: BGP
10-3 BGP Best Path Selection
10-4 IPv6 over the Internet
10-5 Configure BGP on JUNIPER Routers
Summary
Chapter 11 Voice over IP
Chapter Outline
Objectives
Key Terms
Introduction
11-1 The Basics of Voice over IP

11-2 Voice over IP Networks
Replacing an Existing PBX Tie Line
Upgrading Existing PBXs to Support IP Telephony
Switching to a Complete IP Telephony Solution
11-3 Quality of Service
Jitter
Network Latency
Queuing
QOS Configuration Example
11-4 Analyzing VoIP Data Packets
Analyzing VoIP Telephone Call Data Packets
11-5 VoIP Security
Summary
Key Terms Glossary
Index

About the Authors
Jeffrey S. Beasley is with the Department of Engineering Technology and
Surveying Engineering at New Mexico State University. He has been teaching
with the department since 1988 and is the co-author of Modern Electronic
Communication and Electronic Devices and Circuits, and the author
ofNetworking.
Piyasat Nilkaew is a network engineer with 15 years of experience in
network management and consulting, and has extensive expertise in
deploying and integrating multiprotocol and multivendor data, voice, and
video network solutions on limited budgets.

Dedications
This book is dedicated to my family, Kim, Damon, and Dana.
—Jeff Beasley
This book is dedicated to Jeff Harris and Norma Grijalva. Not only have
you given me my networking career, but you are also my mentors. You
inspire me to think outside the box and motivate me to continue improving
my skills. Thank you for giving me the opportunity of a lifetime. I am very
grateful.
—Piyasat Nilkaew

Acknowledgments
I am grateful to the many people who have helped with this text. My sincere
thanks go to the following technical consultants:

• Danny Bosch and Matthew Peralta for sharing their expertise with optical
networks and unshielded twisted-pair cabling, and Don Yates for his help with
the initial Net-Challenge Software.
• Abel Sanchez, for his review of the Linux Networking chapter.
I also want to thank my many past and present students for their help with
this book:
• David Potts, Jonathan Trejo, and Nate Murillo for their work on the Net-
Challenge Software. Josiah Jones, Raul Marquez Jr., Brandon Wise, and Chris
Lascano for their help with the Wireshark material. Also, thanks to Wayne
Randall and Iantha Finley Malbon for the chapter reviews.
Your efforts are greatly appreciated.
I appreciate the excellent feedback of the following reviewers: Phillip Davis,
DelMar College, TX; Thomas D. Edwards, Carteret Community College, NC;
William Hessmiller, Editors & Training Associates; Bill Liu, DeVry University,
CA; and Timothy Staley, DeVry University, TX.
My thanks to the people at Pearson for making this project possible: Dave
Dusthimer, for providing me with the opportunity to work on this book, and
Vanessa Evans, for helping make this process enjoyable. Thanks to Brett
Bartow, Christopher Cleveland, and all the people at Pearson, and to the many
technical editors for their help with editing the manuscript.
Special thanks to our families for their continued support and patience.
—Jeffrey S. Beasley and Piyasat Nilkaew

About the Technical Reviewers
Wayne Randall started working in the Information Technology field in 1994
at Franklin Pierce College (now Franklin Pierce University) in Rindge, NH,
before becoming a Microsoft Certified Trainer and a consultant at Enterprise
Training and Consulting in Nashua, NH.
Wayne acquired his first certification in Windows NT 3.51 in 1994, became an
MCSE in NT 4.0 in 1996, was a Certified Enterasys Network Switching
Engineer in 2000, and then worked as a networking and systems consultant
from 2001 to 2006 before becoming a director of IT for a privately held
company. Wayne currently works for Bodycote, PLC, as a network
engineer/solutions architect. Bodycote has 170 locations across 27 countries
with 43 locations in North America. Wayne has taught for Lincoln Education
since 2001 and developed curricula for it since 2011. Mr. Randall holds a BA in
American Studies from Franklin Pierce University.
Iantha Finley Malbon’s teaching career has spanned 20 years from middle
school to collegiate settings and is currently a CIS professor at Virginia Union
University. She is also an adjunct professor at ECPI University, having
previously served as CIS Department Chair, teaching Cisco routing,
networking, and Information Technology courses. She implemented the Cisco

Academy for Hanover Schools and was the CCAI for the Academy. She earned
her master’s degree in Information Systems from Virginia Commonwealth
University and bachelor’s degree in Technology Education from Virginia Tech.
She holds numerous certifications including CCNA, Network+, A+, and Fiber
Optic Technician.

We Want to Hear from You!
As the reader of this book, you are our most important critic and
commentator. We value your opinion and want to know what we’re doing
right, what we could do better, what areas you’d like to see us publish in, and
any other words of wisdom you’re willing to pass our way.
As the associate publisher for Pearson IT Certification, I welcome your
comments. You can email or write me directly to let me know what you did or
didn’t like about this book—as well as what we can do to make our books
better.
Please note that I cannot help you with technical problems related to the
topic of this book. We do have a User Services group, however, where I will
forward specific technical questions related to the book.
When you write, please be sure to include this book’s title and author as well
as your name, email address, and phone number. I will carefully review your
comments and share them with the author and editors who worked on the
book.
Email: feedback@pearsonitcertification.com
Mail: Dave Dusthimer
Associate Publisher
Pearson IT Certification
800 East 96th Street
Indianapolis, IN 46240 USA

Reader Services
Visit our website and register this book at
www.pearsonitcertification.com/register for convenient access to any updates,
downloads, or errata that might be available for this book.

Introduction
This book looks at advanced computer networking. It first guides readers
through network infrastructure design. The readers are then introduced to
configuring static, RIPv2, OSPF, ISIS, EIGRP routing protocols, techniques
for configuring Juniper router, managing the network infrastructure,
analyzing network data traffic using Wireshark, network security, IPv6, Linux
networking, Internet routing, and Voice over IP. After covering the entire text,

readers will have gained a solid knowledge base in advanced computer
networks.
In my years of teaching, I have observed that technology students prefer to
learn ―how to swim‖ after they have gotten wet and taken in a little water.
Then, they are ready for more challenges. Show the students the technology,
how it is used, and why, and they will take the applications of the technology
to the next level. Allowing them to experiment with the technology helps them
to develop a greater understanding. This book does just that.

Organization of the Text
This textbook is adapted from the second edition of Networking. This third
volume has been revised and reorganized around the needs of advanced
networking students. This book assumes that the students have been
introduced to the basics of computer networking. Throughout the text, the
students are introduced to more advanced computer networking concepts.
This involves network infrastructure design, advanced router configuration,
network security, analyzing data traffic, Internet routing, and Voice over IP.
Key Pedagogical Features
• Chapter Outline, Key Terms, and Introduction at the beginning of each
chapter clearly outline specific goals for the reader. An example of these
features is shown in Figure P-1.

Figure P-1
• Net-Challenge Software provides a simulated, hands-on experience in
configuring routers and switches. Exercises provided in the text (see Figure P-
2) and on the CD challenge readers to undertake certain router/ network
configuration tasks. The challenges check the students’ ability to enter basic
networking commands and set up router function, such as configuring the
interface (Ethernet and Serial) and routing protocols (that is, static, RIPv2,
OSPF, ISIS, EIGRP, BGP, and VLANs). The software has the look and feel of
actually being connected to the router’s and switch console port.

Figure P-2
• The textbook features and introduces how to use the Wireshark Network
Protocol Analyzer. Examples of using the software to analyze data traffic are
included throughout the text, as shown inFigure P-3.

Figure P-3
• Numerous worked-out examples are included in every chapter to reinforce
key concepts and aid in subject mastery, as shown in Figure P-4.

Figure P-4
• Key Terms and their definitions are highlighted in the margins to foster
inquisitiveness and ensure retention. This is illustrated inFigure P-5.

Figure P-5
• Extensive Summaries, Questions, and Problems, as well as Critical Thinking
Questions, are found at the end of each chapter, as shown inFigure P-6.

Figure P-6
• An extensive Glossary is found at the end of this book and offers quick,
accessible definitions to key terms and acronyms, as well as an exhaustive
Index (see Figure P-7).

Figure P-7
Accompanying CD-ROM
The CD-ROM packaged with the text includes the captured data packets used
in the text. It also includes the Net-Challenge Software, which was developed
specifically for this text.
Instructor Resources
The Instructor’s Manual to accompany A Practical Guide to Advanced
Networking, (ISBN: 978-0-132-88303-0) provides the entire book in PDF
format along with instructor notes for each section within each chapter,
recommending key concepts that should be covered in each chapter. Solutions
to all Chapter Questions and Problems sections are also included. In addition,
the instructor can also access 13 lab and lab-related exercises and a test bank
with which to generate quizzes on the material found within the student
edition of the book.

Chapter 1. Network Infrastructure Design
Chapter Outline
Introduction

1-1 Physical Network Design
1-2 IP Subnet Design
1-3 VLAN Network
1-4 Routed Network
Summary
Objectives
• Understand the purpose of the three layers of a campus network design
• Understand the issue of data flow and selecting the network media
• Develop techniques for IP allocation and subnet design
• Understand the process of configuring a VLAN
• Understand the issues of configuring the Layer 3 routed network
Key Terms
core
distribution layer
access layer
CIDR
ISP
intranets
NAT
PAT
Overloading
supernet
gateway
broadcast domain
flat network
VLAN (virtual LAN)
port-based VLAN
tag-based VLAN
protocol-based VLAN
VLAN ID
802.1Q
static VLAN
dynamic VLAN
show vlan
vlan database
vlan vlan_id
show vlan name vlan-name
interface vlan 1
show interface status
trunk port
Inter-Switch Link (ISL)

Switchport mode trunk
switchport trunk encapsulation dot1q
switchport trunk encapsulation isl
switchport trunk allowed vlan vlan_id
show interfaces trunk
network address
logical address
router interface
routing table
subnet, NET
multilayer switch (MLS)
wire speed routing
routed network
Layer 3 network
SONET
WAN
terminal monitor (term mon)
terminal no monitor (term no mon)
show ip interface brief (sh ip int br)
no switchport
secondary IP address
InterVLAN routing
router on a stick
SVI
DS
CSU/DSU
AMI
B8ZS
Minimum Ones Density
HDLC
PPP
WIC
VWIC
service-module t1
show controller t1 slot/port
ATM
Virtual Path Connection (VPC)
Virtual Channel Connection (VCC)
SVC
VPI
VCI

Introduction
The objective of this chapter is to examine the computer networking issues
that arise when planning a campus network. The term campus
network applies to any network that has multiple LANs interconnected. The
LANs are typically in multiple buildings that are close to each other and
interconnected with switches and routers. This chapter looks at the planning
and designs of a simple campus network, including network design, IP subnet
assignment, VLAN configuration, and routed network configuration.
The basics of configuring the three layers of a campus LAN (core, distribution,
and access) are first examined in Section 1-1. This section also addresses the
important issues of data flow and selecting the proper network media. Section
1-2 examines IP allocation and subnet design. Section 1-3 discusses the VLAN
network, including a step-by-step process of how to configure a VLAN, which
provides an introduction to the basic switch commands and the steps for
configuring a static VLAN. Section 1-4 examines the Layer 3 routed network.
This section explores the functions of the router and includes configuration
examples in different scenarios.

1-1. Physical Network Design
Most campus networks follow a design that has core, distribution, and access
layers. These layers, shown in Figure 1-1, can be spread out into more layers or
compacted into fewer, depending on the size of these networks. This three-
layer network structure is incorporated in campus networks to improve data
handling and routing within the network. The issues of data flow and network
media are also examined in this section.

Figure 1-1. The core, distribution, and access layers of a campus
network
Core
The network core usually contains high-end Layer 3 switches or routers.
Thecore is the heart, or backbone, of the network. The major portion of a
network’s data traffic passes through the core. The core must be able to
quickly forward data to other parts of the network. Data congestion should be
avoided at the core, if possible. This means that unnecessary route policies
should be avoided. An example of a route policy is traffic filtering, which
limits what traffic can pass from one part of a network to another. Keep in
mind that it takes time for a router to examine each data packet, and
unnecessary route policies can slow down the network’s data traffic.

Core
The Backbone of the Network

High-end routers and Layer 3 switches are typically selected for use in the
core. Of the two, the Layer 3 switch is the best choice. A Layer 3 switch is
essentially a router that uses electronic hardware instead of software to make
routing decisions. The advantage of the Layer 3 switch is the speed at which it
can make a routing decision and establish a network connection.
Another alternative for networking hardware in the core is a Layer 2 switch.
The Layer 2 switch does not make any routing decisions and can quickly make

network connection decisions based on the network hardware connected to its
ports. The advantage of using the Layer 2 switch in the core is cost. The
disadvantage is that the Layer 2 switch does not route data packets; however,
high-speed Layer 2 switches are more affordable than high-speed routers and
Layer 3 switches.
An important design issue in a campus network and the core is
redundancy.Redundancy provides for a backup route or network connection
in case of a link failure. The core hardware is typically interconnected to all
distribution network hardware, as shown in Figure 1-1. The objective is to
ensure that data traffic continues for the entire network, even if a core
networking device or link fails.
Each layer beyond the core breaks the network into smaller networks with the
final result being a group of networks that are capable of handling the amount
of traffic generated. The design should thus incorporate some level of
redundancy.
Distribution Layer
The distribution layer in the network is the point where the individual
LANs connect to the campus network routers or Layer 3 switches. Routing and
filtering policies are more easily implemented at the distribution layer without
having a negative impact on the performance of the network data traffic. Also,
the speed of the network data connections at the distribution layer is typically
slower than at the core. For example, connection speeds at the core should be
the highest possible, such as 1 or 10 gigabits, where the data speed connections
at the distribution layer could be 100 Mbps or 1 gigabit. Figure 1-1 shows the
connections to the access and core layers via the router’s Ethernet interfaces.

Distribution Layer
Point where the individual LANs connect together.

Access Layer
The access layer is where the networking devices in a LAN connect together.
The network hardware used here is typically a Layer 2 switch. Remember, a
switch is a better choice because it forwards data packets directly to
destination hosts connected to its ports, and network data traffic is not
forwarded to all hosts in the network. The exception to this is a broadcast
where data packets are sent to all hosts connected to the switch.

Access Layer
Where the networking devices in a LAN connect together.

Note
Hubs are not recommended at all in modern computer networks.

Data Flow
An important networking issue is how data traffic flows in the core,
distribution, and access layers of a campus LAN. In reference to Figure 1-1, if
computer A1 in LAN A sends data to computer D1 in LAN D, the data is first
sent through the switch in LAN A and then to Router A in the distribution
layer. Router A then forwards the data to the core switches, Switch A or Switch
B. Switch A or Switch B then forwards the data to Router C. The data packet is
then sent to the destination host in LAN D.
The following are some questions often asked when setting up a network that
implements the core, distribution, and access layers:
• In what layer are the campus network servers (web, email, DHCP,
DNS, and so on) located? This varies for all campus networks, and there is
not a definitive answer. However, most campus network servers are located in
the access layer.
• Why not connect directly from Router A to Router C at the
distribution layer? There are network stability issues when routing large
amounts of network data traffic if the networks are fully or even partially
meshed together. This means that connecting routers together in the
distribution layer should be avoided.
• Where is the campus backbone located in the layers of a campus
network? The backbone of a campus network carries the bulk of the routed
data traffic. Based on this, the backbone of the campus network connects the
distribution and the core layer networking devices.
Selecting the Media
The choices for the media used to interconnect networks in a campus network
are based on several criteria. The following is a partial list of things to
consider:
• Desired data speed
• Distance for connections
• Budget
The desired data speed for the network connection is probably the first
consideration given when selecting the network media. Twisted-pair cable
works well at 100 Mbps and 1 Gbps and is specified to support data speeds of
10-gigabit data traffic. Fiber-optic cable supports LAN data rates up to 10
Gbps or higher. Wireless networks support data rates up to 200+ Mbps.
The distance consideration limits the choice of media. CAT 6/5e or better have
a distance limitation of 100 meters. Fiber-optic cable can be run for many
kilometers, depending on the electronics and optical devices used. Wireless

LAN connections can also be used to interconnect networks a few kilometers
apart.
The available budget is always the final deciding factor when planning the
design for a campus LAN. If the budget allows, fiber-optic cable is probably
the best overall choice, especially in the high-speed backbone of the campus
network. The cost of fiber is continually dropping, making it more competitive
with lower-cost network media, such as twisted-pair cable. Also, fiber cable
will always be able to carry a greater amount of data traffic and can easily grow
with the bandwidth requirements of a network.
Twisted-pair cable is a popular choice for connecting computers in a wired
LAN. The twisted-pair technologies support bandwidths suitable for most
LANs, and the performance capabilities of twisted-pair cable is always
improving.
Wireless LANs are being used to connect networking devices together in LANs
where a wired connection is not feasible or mobility is the major concern. For
example, a wireless LAN could be used to connect two LANs in a building
together. This is a cost-effective choice if there is not a cable duct to run the
cable to interconnect the LANs or if the cost of running the cable is too high.
Also, wireless connections are playing an important role with mobile users
within a LAN. The mobile user can make a network connection without having
to use a physical connection or jack. For example, a wireless LAN could be
used to enable network users to connect their mobile computers to the campus
network.
1-2. IP Subnet Design
Once the physical infrastructure for a network is in place, the next big step is
to plan and allocate IP space for the network. Take time to plan the IP subnet
design, because it is not easy to change the IP subnet assignments once they
are in place. It is crucial for a network engineer to consider three factors
before coming up with the final IP subnet design. These three factors are
1. The assigned IP address range
2. The number of subnetworks needed for the network
3. The size or the number of IP host addresses needed for the network
The final steps in designing the IP subnet is to assign an IP address to the
interface that will serve as the gateway out of each subnet.
IP Address Range
The IP address range defines the size of the IP network you can work with. In
some cases, a classless interdomain routing (CIDR) block of public IP
addresses might be allocated to the network by an ISP. For example, the block
of IP address 206.206.156.0/24 could be assigned to the network. This case
allocates 256 IP addresses to the 206.206.156.0 network. In another case, a
CIDR block of private IP addresses, like 10.10.10.0/24, could be used. In this

case, 256 IP addresses are assigned to the 10.10.10.0 network. For established
networks with an IP address range already in use, the network engineer
generally has to work within the existing IP address assignments. With a
brand new network, the engineer has the luxury of creating a network from
scratch.
In most network situations, an IP address block will have been previously
assigned to the network for Internet use. The public IP addresses are typically
obtained from the ISP (Internet service provider). This IP block of addresses
could be from Class A, B, or C networks, as shown in Table 1-1.
Table 1-1. Address Range for Each Class of Network

CIDR
Classless Interdomain Routing
ISP
Internet service provider: An organization that provides Internet access for
the public.

Today, only public Class C addresses are assigned by ISPs, and most of them
are not even a full set of Class C addresses (256 IP addresses). A lot of ISPs
partition their allotted IP space into smaller subnets and then, in turn, provide
those smaller portions to the customers. The bottom line is the limited
number of public IP addresses are now a commodity on the Internet, and it is
important to note that there are fees associated with acquiring an IP range
from an ISP.
Not many institutions or businesses have the luxury of using public IP
addresses inside their network anymore. This is because the growing number
of devices being used in a network exceeds the number of public IP addresses
assigned to them. The solution is that most networks are using private IP
addresses in their internal network. Private addresses are IP addresses set
aside for use in privateintranets. An intranet is an internal internetwork that
provides file and resource sharing. Private addresses are not valid addresses
for Internet use, because they have been reserved for internal use and are not
routable on the Internet. However, these addresses can be used within a
private LAN (intranet) to create the internal IP network.

Intranets
Internetwork that provides file and resource sharing.
NAT
Network Address Translation. A technique used to translate an internal
private IP address to a public IP address.
PAT
Port Address Translation. A port number is tracked with the client computer’s
private address when translating to a public address.
Overloading
Where NAT translates the home network’s private IP addresses to a single
public IP address.

The private IP addresses must be translated to public IP addresses using
techniques like NAT (Network Address Translation) or PAT (Port Address
Translation) before being routed over the Internet. For example, computer 1 in
the home network (see Figure 1-2) might be trying to establish a connection to
an Internet website. The wireless router uses NAT to translate computer 1’s
private IP address to the public IP address assigned to the router. The router
uses a technique called overloading, where NAT translates the home
network’s private IP addresses to the single public IP address assigned by the
ISP. In addition, the NAT process tracks a port number for the connection.
This technique is called Port Address Translation (PAT). The router stores the
home network’s IP address and port number in a NAT lookup table. The port
number differentiates the computer that is establishing a connection to the
Internet because the router uses the same public address for all computers.
This port number is used when a data packet is returned to the home network.
This port number identifies the computer that established the Internet
connection, and the router can deliver the data packet back to the correct
computer. An example of this conversion is provided in Figure 1-3. This
example shows three data connections originating from the home network of
192.168.0.0/24. A single 128.123.246.55 IP address is used for the Internet
connection. Port address translation is being used to map the data packet back
to the origination source. In this case, the port numbers are 1962, 1970, and
1973.

Figure 1-2. An example of a home computer connecting to the ISP

Figure 1-3. This example shows the three data connections
originating from the home network of 192.168.0.0/24
Determining the Number of Subnetworks Needed for the Network
The use of private IP addresses is a viable technique for creating a large
amount of IP addresses for intranet use. Obviously, there is a big difference
when designing an IP network for a single network than there is when
designing an IP network for multiple networks. When designing an IP network
for one single network, things are quite simple. This type of configuration is
typically found in the home, small office, or a small business environment
where one IP subnet is allocated and only one small router is involved.
For situations requiring multiple networks, each network must be sized
accordingly. Therefore, the subnet must be carefully designed. In addition,
networks with multiple subnets require a router or multiple routers with
multiple routed network interfaces to interconnect the networks. For example,
if the network engineer is using private addresses and needs to design for
three different networks, one possibility is to assign 10.10.10.0/24 for the first

network, 172.16.0.0/24 for the second network, and 192.168.1.0/24 for the
third network. Is this a good approach? Technically, this can be done, but it is
probably not logically sound. It makes more sense to group these networks
within the same big CIDR block. This will make it easier for a network
engineer to remember the IP assignments and to manage the subnets. A better
design is to assign 10.10.10.0/24 to the first network, 10.10.20.0/24 to the
second network, and 10.10.30.0/24 to the third network. All three networks
are all in the same ―10‖ network, which makes it easier for the network
engineer to track the IP assignments. The term subnet and network are used
interchangeably in multiple network environments. The term subnet usually
indicates a bigger network address is partitioned and is assigned to smaller
networks or subnets.
Another design factor that the network engineer must address is the network
size. Two questions that a good network engineer must ask are
• How many network devices must be accommodated in the network?
(Current demand)
• How many network devices must be accommodated in the future? (Future
growth)
Simply put, the IP network must be designed to accommodate the current
demand, and it must be designed to accommodate future growth. Once the
size of a network is determined, a subnet can be assigned. In the case of a
single network, the design is not too complicated. For example, if the network
needs to be able to accommodate 150 network devices, an entire Class C
address, like 192.168.1.0/24, can be assigned to the network. This will handle
the current 150 network devices and leave enough room for growth. In this
example, 104 additional IP address will be available for future growth.
When allocating IP address blocks, a table like Table 1-2 can be used to
provide the CIDR for the most common subnet masks and their corresponding
number of available IP addresses.
Table 1-2. CIDR—Subnet Mask-IPs Conversion

Even with a much smaller network, like the home network, where only a
handful of network computers and peripherals are present, an entire Class C
private address is generally allocated to the home network. In fact, most home
routers are preconfigured with a private Class C address within the
192.168.0.0–192.168.0.255 range. This technique is user friendly and easy to
use and sets aside private IP addresses for internal network use. This
technique virtually guarantees that users will never have to worry about
subnetting the CIDR block.
For a bigger network that must handle more than 254 network devices, a
supernet can be deployed. A supernet is when two or more classful contiguous
networks are grouped together. The technique of supernetting was proposed
in 1992 to eliminate the class boundaries and make available the unused IP
address space. Supernetting allows multiple networks to be specified by one
subnet mask. In other words, the class boundary could be overcome. For

example, if the network needs to be able to accommodate 300 network
devices, two Class C networks, like 192.168.0.0/24 and 192.168.1.0/24, can be
grouped together to form a supernet of 192.168.0.0/23, which can
accommodate up to 510 network devices. As shown in Table 1-2, a /23 CIDR
provides 512 available IP addresses. However, one IP is reserved for the
network address and another one is reserved for the network broadcast
address. Therefore, a /23 CIDR yields 512 – 2 = 510 usable host IP addresses.

Supernet
Two or more classful contiguous networks are grouped together.

Determining the Size or the Number of IP Host Addresses Needed for the
Network
The problem with randomly applying CIDR blocks to Class A, B, and C
addresses is that there are boundaries in each class, and these boundaries
can’t be crossed. If a boundary is crossed, the IP address maps to another
subnet. For example, if a CIDR block is expanded to include four Class C
networks, all four Class C networks need to be specified by the same CIDR
subnet mask to avoid crossing boundaries. The following example illustrates
this.

Example 1-1
Figure 1-4 shows three different networks with different size requirements.
The needed capacity (number of devices) for each network is specified in the
figure. Your task is to determine the CIDR block required for each network
that will satisfy the number of expected users. You are to use Class C private IP
addresses when configuring the CIDR blocks.

Figure 1-4. Three different networks
Solution:
For LAN A, a CIDR block that can handle at least 300 networking devices
must be provided. In this case, two contiguous Class C networks of
192.168.0.0/24 and 192.168.1.0/24 can be grouped together to form a
192.168.0.0/23 network. Referring to Table 1-2, a /23 CIDR with a subnet
mask of 255.255.254.0 provides 512 IP addresses which more than satisfies
the required 300 networking devices.

The next question is to determine what the network address is for LAN A. This
can be determined by ANDing the 255.255.254.0 subnet mask with
192.168.0.0 and 192.168.1.0.

This shows that applying the /23 [255.255.254.0] subnet mask to the specified
IP address places both in the same 192.168.0.0 network. This also means that
this CIDR block does not cross boundaries, because applying the subnet mask
to each network address places both in the same 192.168.0.0 network.
For LAN B1, the requirement is that a CIDR block that can handle 800
network devices must be provided. According to Table 1-2, a /22 CIDR yields
1,022 usable host IP addresses and is equivalent to grouping four Class C
networks together. Therefore, a /22 CIDR can be used.
The next decision is selecting the group of IP addresses to create the CIDR
block and decide where the IP addresses should start. Recall that the
192.168.0.0 and 192.168.1.0 networks are being used to create the LAN A

CIDR block. Should LAN B1 start from 192.168.2.0/22, which is the next
contiguous space? The answer is no. The 192.168.2.0/22 is still within the
boundary of the 192.168.0.0/23 network. Remember, the requirement is that
a CIDR block that can handle 800 network devices must be provided and that
boundaries cannot be crossed, and the designer must be careful not to overlap
the networks when assigning subnets to more than one network. In this case,
when the /22 subnet mask (255.255.252.0) is applied to 192.168.2.0, this
yields the network 192.168.0.0. The AND operation is shown:
192. 168. 2. 0
255. 255.252. 0 (/22)
192. 168. 0. 0
This happens to be the same network address as when the /23 CIDR subnet
mask (255.255.254.0) is applied to any IP within the range of 192.168.0.0-
192.168.1.255, as shown:

There is an overlap between 192.168.0.0/23 and 192.168.2.0/22. Moving to
the next contiguous Class C of 192.168.3.0/22, we still find that it’s still in the
192.168.0.0:
192.168.3.0
255.255.252.0 (/22)
192.168.0.0 is still in the same subnet.
Based on this information, the next Class C range 192.168.4.0/22 is selected.
This yields a nonoverlapping network of 192.168.4.0, so the subnet
192.168.4.0/22 is a valid for this network:
192.168.4.0
255.255.252.0 (/22)
192.168.4.0 is not the same subnet; therefore, this is an acceptable CIDR
block.
Recall that the CIDR for LANB1 is a /22 and is equivalent to grouping four
Class C networks. This means that LANB1 uses the following Class C networks:
192.168.4.0
192.168.5.0
192.168.6.0
192.168.7.0
The IP subnet design gets more complicated when designing multiple
networks with different size subnets. This generally means that the subnet
mask or the CIDR will not be uniformly assigned to every network. For
example, one network might be a /25 network or /22, while another is a /30
network.

The next requirement is that a CIDR block that can handle 800 network
devices must be tasked to assign a CIDR block to LAN B2. This LAN is a server
network that houses a fixed number of servers. The number is not expected to
grow beyond 80 servers. One easy approach is to assign a /24 CIDR to this
network.
This means that the next network is 192.168.8.0/24, which is the next
nonoverlapping CIDR block after 192.168.4.0/22. The /24 CIDR gives 254
host IP addresses, but only 80 IP addresses are required. Another approach is
to size it appropriately. According to Table 1-2, a good CIDR to use is a /25,
which allows for 126 host IP addresses. Therefore, a network 192.168.8.0/25
can be used for this network.
Assigning a 192.168.8.0/24 CIDR, which can accommodate 254 hosts, seems
like a waste, because the network is expected to be a fixed size, and it will
house no more than 80 servers. By assigning a 192.168.8.0/25 CIDR, enough
room is left for another contiguous CIDR, 192.168.8.128/25. Obviously, this is
a more efficient way of managing the available IP space.
Last but not least is the interconnection shown in Figure 1-4. This is the
router-to-router link between Router A and Router B. The interconnection
usually gets the least attention, but it exists everywhere in the multiple
networks environment. Nonetheless, a CIDR block has to be assigned to it.
Because there are always only two interface IP addresses involved plus the
network and broadcast address, giving an entire Class C address would
definitely be a waste. Typically, a /30 CIDR is used for this type of connection.
Therefore, a CIDR block for the interconnection between Router A and Router
B can be 192.168.9.0/30. This yields two IP host addresses: one for Router A
and one for Router B.
The complete subnet assignment for Example 1-1 and Figure 1-4 is provided
inTable 1-3.
Table 1-3. Completed Design of Subnets for Figure 1-4

IP Assignment
The next task requirement is that a CIDR block that can handle 800 network
devices must be required to assign an IP address to each routed interface. This
address will become the gateway IP address of the subnet. The gateway
describes the networking device that enables hosts in a LAN to connect to

networks (and hosts) outside the LAN. Figure 1-5 provides an example of the
gateway. Every network device within its subnet (LAN) will use this IP address
as its gateway to communicate from its local subnet to devices on other
subnets. The gateway IP address is preselected and is distributed to a network
device by way of manual configuration or dynamic assignment.

Figure 1-5. The gateway for a network

Gateway
Describes the networking device that enables hosts in a LAN to connect to
networks (and hosts) outside the LAN.

For LAN A in Example 1-1, the IP address 192.168.0.0 is already reserved as
the network address, and the IP address 192.168.0.255 is reserved as the
broadcast address. This leaves any IP address within the range 192.168.0.1–
192.168.0.254 available for use for the gateway address. Choosing the gateway
IP address is not an exact science. Generally, the first IP address or the last IP
address of the available range is chosen. Whatever convention is chosen, it
should apply to the rest of the subnets for the ease of management. Once the
gateway IP address is chosen, this IP address is reserved and is not to be used
by any other devices in the subnet. Otherwise, an IP conflict will be
introduced. The following is an example of how the gateway IP addresses
could be assigned to the LANs inExample 1-1.

1-3. VLAN Network
This section examines the function of using a switch in a VLAN within the
campus network. The terminology and steps for implementing VLANs will be
presented first. The second part examines basic Cisco switch configuration
and provides an introduction to the commands needed for configuring the
VLAN. The third part of Section 1-3 demonstrates the commands needed to set
up a static VLAN. Next is a discussion on VLAN tagging using 802.1Q. The
section concludes with a look at configuring an HP Procurve switch.
LANs are not necessarily restricted in size. A LAN can have 20 computers, 200
computers, or even more. Multiple LANs also can be interconnected to
essentially create one large LAN. For example, the first floor of a building
could be set up as one LAN, the second floor as another LAN, and the third
floor another. The three LANs in the building can be interconnected into
essentially one large LAN using switches, with the switches interconnected, as
shown in Figure 1-6.

Figure 1-6. Three floors of a building interconnected using
switches to form one large LAN
Is it bad to interconnect LANs this way? As long as switches are being used to
interconnect the computers, the interconnected LANs have minimal impact on
network performance. This is true as long as there are not too many
computers in the LAN. The number of computers in the LAN is an issue,
because Layer 2 switches do not separate broadcast domains. This means
that any broadcast sent out on the network (for example, the broadcast
associated with an ARP request) will be sent to all computers in the LAN.
Excessive broadcasts are a problem, because each computer must process the
broadcast to determine whether it needs to respond; this essentially slows
down the computer and the network.

Broadcast Domain
Any broadcast sent out on the network is seen by all hosts in this domain.

A network with multiple LANs interconnected at the Layer 2 level is called
a flat network. A flat network is where the LANs share the same broadcast
domain. The use of a flat network should be avoided if possible for the simple
reason that the network response time is greatly affected. Flat networks can be
avoided by the use of virtual LANs (VLAN) or routers. Although both options
can be used to separate broadcast domains, they differ in that the VLAN
operates at the OSI Layer 2, while routers use Layer 3 networking to
accomplish the task. The topic of a virtual VLAN is discussed next.

Flat Network
A network where the LANs share the same broadcast domain.

Virtual LAN (VLAN)
Obviously, if the LANs are not connected, then each LAN is segregated only to
a switch. The broadcast domain is contained to that switch; however, this does
not scale in a practical network, and it is not cost effective because each LAN
requires its own Layer 2 switches. This is where the concept of virtual LAN
(VLAN) can help out. A VLAN is a way to have multiple LANs co-exist in the
same Layer 2 switch, but their traffic is segregated from each other. Even
though they reside on the same physical switch, they behave as if they are on
different switches (hence, the term virtual). VLAN compatible switches can
communicate to each other and extend the segregation of multiple LANs
throughout the entire switched network. A switch can be configured with a
VLAN where a group of host computers and servers are configured as if they
are in the same LAN, even if they reside across routers in separate LANs. Each

VLAN has its own broadcast domain. Hence, traffic from one VLAN cannot
pass to another VLAN. The advantage of using VLANs is the network
administrator can group computers and servers in the same VLAN based on
the organizational group (such as Sales, Engineering) even if they are not on
the same physical segment—or even the same building.

VLAN (Virtual LAN)
A group of host computers and servers that are configured as if they are in the
same LAN, even if they reside across routers in separate LANs.

There are three types of VLANs: port-based VLANs, tag-based VLANs,
andprotocol-based VLANs. The port-based VLAN is one where the host
computers connected to specific ports on a switch are assigned to a specific
VLAN. For example, assume the computers connected to switch ports 2, 3,
and 4 are assigned to the Sales VLAN 2, while the computers connected to
switch ports 6, 7, and 8 are assigned to the Engineering VLAN 3, as shown
in Figure 1-7. The switch will be configured as a port-based VLAN so that the
groups of ports [2,3,4] are assigned to the sales VLAN while ports [6,7,8]
belong to the Engineering VLAN. The devices assigned to the same VLAN will
share broadcasts for that LAN; however, computers that are connected to
ports not assigned to the VLAN will not share the broadcasts. For example, the
computers in VLAN 2 (Sales) share the same broadcast domain and
computers in VLAN 3 (Engineering) share a different broadcast domain.

Figure 1-7. An example of the grouping for port-based VLANs

Port-Based VLAN
Host computers connected to specific ports on a switch are assigned to a
specific VLAN.
Tagged-Based VLAN
Used VLAN ID based on 802.1Q.
Protocol-Based VLAN
Connection to ports is based on the protocol being used.

In tag-based VLANs, a tag is added to the Ethernet frames. This tag contains
theVLAN ID that is used to identify that a frame belongs to a specific VLAN.
The addition of the VLAN ID is based on the 802.1Q specification. The
802.1Q standard defines a system of VLAN tagging for Ethernet frames. An
advantage of an 802.1Q VLAN is that it helps contain broadcast and multicast
data traffic, which helps minimize data congestion and improve throughput.
This specification also provides guidelines for a switch port to belong to more
than one VLAN. Additionally, the tag-based VLANs can help provide better
security by logically isolating and grouping users.

VLAN ID
Used to identify that a frame belongs to a specific VLAN.
802.1Q
This standard defines a system of VLAN tagging for Ethernet frames.

In protocol-based VLANs, the data traffic is connected to specific ports based
on the type of protocol being used. The packet is dropped when it enters the
switch if the protocol doesn’t match any of the VLANs. For example, an IP
network could be set up for the Engineering VLAN on ports 6,7,8 and an IPX
network for the Sales VLAN on ports 2,3, and 4. The advantage of this is the
data traffic for the two networks is separated.
There are two approaches for assigning VLAN membership:
• Static VLAN: Basically a port-based VLAN. The assignments are created
when ports are assigned to a specific VLAN.
• Dynamic VLAN: Ports are assigned to a VLAN based on either the
computer’s MAC address or the username of the client logged onto the
computer. This means that the system has been previously configured with the
VLAN assignments for the computer or the username. The advantage of this is
the username and/or the computer can move to a different location, but VLAN
membership will be retained.

Static VLAN
Basically, a port-based VLAN.
Dynamic VLAN
Ports are assigned to a VLAN based on either the computer’s MAC address or
the username of the client logged onto the computer.

VLAN Configuration
This section demonstrates the steps for configuring a static VLAN. In this
example, the ports for VLAN 2 (Sales) and VLAN 3 (Engineering) will be

defined. This requires that VLAN memberships be defined for the required
ports. The steps and the commands will be demonstrated.
The show vlan command can be used to verify what ports have been defined
for the switch. By default, all ports are assigned to VLAN 1. An example using
theshow vlan command is provided next.
Click here to view code image
SwitchA# show vlan

VLAN Name Status Ports
---- -------------------------- --------- -----------------------------
1 default active Fa0/1, Fa0/2,
Fa0/3, Fa0/4
Fa0/5,
Fa0/6, Fa0/7, Fa0/8
Fa0/9,
Fa0/10

show vlan
Used to verify what ports have been defined for the switch.

This shows that all the FastEthernet interfaces on the switch are currently
assigned to VLAN 1, which is a default VLAN. In the next step, two additional
VLANs will be created for both Sales and Engineering. The two new VLANs
will have the VLAN ID of 2 and 3 respectively, and each VLAN will be assigned
a name associated to it. This is accomplished by modifying the VLAN database
using thevlan database command, as shown in the next steps.

vlan database
The command used on older Cisco switches to enter the VLAN database.

SwitchA#vlan database

SwitchA(vlan)#vlan 2 name Sales
VLAN 2 modified:
Name: Sales
SwitchA(vlan)#vlan 3 name Engineering
VLAN 3 modified:
Name: Engineering
On newer Cisco switches, users will get the following message that the
commandvlan database is being deprecated:
% Warning: It is recommended to configure VLAN from config mode,
as VLAN database mode is being deprecated. Please consult user
documentation for configuring VTP/VLAN in config mode.
Cisco has moved away from the VLAN database-style command to an IOS
global command. Similarly to other IOS global commands, the switch must be
in the configuration mode (config)#. However, the concept remains the same

that a VLAN must be created for it to be activated and ready for use. The steps
for creating the VLAN on newer Cisco switches are as follows:
SwitchA# conf t
SwitchA(config)#vlan 2
SwitchA(config-vlan)#name Sales
SwitchA(config-vlan)#vlan 3
SwitchA(config-vlan)#name Engineering
SwitchA(config-vlan)#exit
SwitchA(config)#exit
To start configuring a VLAN, one must specify which VLAN needs to be
configured using the vlan [vlan_id] command. If the specific VLAN does not
exist, this command will create the VLAN as well. As shown in the preceding
example, the command vlan 2 is entered to configure vlan 2 and then the
command name Sales is entered to configure the name associated to the
VLAN. The similar steps are done for VLAN 3 with the name Engineering.

vlan [vlan_id]
The IOS global command used to create VLAN ID.

The rest of the VLAN commands are almost identical in the older switches and
newer switches. The next step is used to verify that the new VLANs have been
created using the show vlan command:
Switch#show vlan

---- -------------------------- --------- -----------------------------
1 default active Fa0/1, Fa0/2, Fa0/3,
Fa0/4
Fa0/5, Fa0/6,
Fa0/7, Fa0/8
Fa0/9, Fa0/10
2 Sales active
3 Engineering active
This shows that both the Sales and Engineering VLANs have been created. In
the next steps, ports will be assigned to the newly created VLANs. This
requires that the configuration mode be entered and each FastEthernet
interface (port) must be assigned to the proper VLAN using the two
commands switchport mode access and switchport access vlan vlan-id.
An example is presented for FastEthernet interface 0/2 being assigned to
VLAN 2 on a Cisco switch:
SwitchA#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SwitchA(config)#int fa 0/2
SwitchA(config-if)#switchport mode access
SwitchA(config-if)#switchport access vlan 2
SwitchA(config-if)#end

The next step is used to verify that FastEthernet 0/2 has been assigned to the
Sales VLAN (VLAN2). This can be verified using the show vlan
brief command, as shown. This command only displays the interfaces
assigned to each VLAN:
SwitchA#sh vlan brief

---- ----------------------------- --------- ------------------------
1 default active Fa0/1, Fa0/3, Fa0/4,
Fa0/5
Fa0/6, Fa0/7,
Fa0/8, Fa0/9
Fa0/10
2 Sales active Fa0/2
The next steps are to assign ports 3 and 4 to the Sales VLAN (VLAN 2) and
ports 6,7,8 to Engineering (VLAN 3). Once this is completed, the port
assignments can be verified using the show vlan command, as shown:
SwitchA#show vlan

---- ---------------------------- --------- -------------------------
1 default active Fa0/1, Fa0/5,
Fa0/9, Fa0/10

2 Sales active Fa0/2, Fa0/3,
Fa0/4

3 Engineering active Fa0/6, Fa0/7, Fa0/8
You can look specifically at the assignments for only one of the VLANs by
entering the command show vlan name vlan-name, where vlan-name is
the name assigned to the VLAN. Note that the name is case-sensitive. You can
also use the number of the VLAN instead of using the command show vlan
id vlan-id. Examples of both are presented:

show vlan name vlanname
The command to look specifically at only one of the VLANs.

SwitchA#show vlan name Engineering

---- -------------------------------- --------- ---------------------
3 Engineering active Fa0/6, Fa0/7,
Fa0/8

Switch#show vlan id 3


---- -------------------------------- --------- ---------------------
3 Engineering active Fa0/6, Fa0/7,
Fa0/8
On Layer 2 switches, an IP address can be assigned to a VLAN interface. This
merely assigns an IP address to a switch, so that a switch can communicate
with other network devices on the same VLAN and vice-versa. The IP VLAN
interface does not perform any routing functions when running as a layer 2
switch. As a matter of fact, the IP VLAN interface is not required in order for a
switch to start forwarding packets and perform its other Layer 2 functions. By
default, theinterface VLAN 1 is automatically created. The following
command sequence demonstrates how to assign the IP address to the VLAN
interface:

interface VLAN 1
The default vlan for the switch.

SwitchA(config)# interface VLAN 1
SwitchA(config-if)# ip address 192.168.1.1 255.255.255.0
SwitchA(config-if)# no shutdown
Note that the IP address is being set for VLAN 1. The interface for the switch is
also enabled at this same point using the no shutdown command, as shown.
In order for the interface VLAN to be up, at least one switch port in the VLAN
must be up or have a physical link. The status of a switch port can be verified
with the command show interface or, better yet, with the command show
interface status. Although the command show interface shows detailed
information of individual interface one at a time, the command show
interface statusdisplays the status of all the switch ports including their
speed, duplex, and VLAN, as shown. This gives a quick and precise look of the
port status of a switch where port density is high.

show interface status
Used to verify the status of a switchport.

SwitchA#show interface status

Port Name Status Vlan Duplex Speed Type
Fa0/1 connected 1 a-full a-100
10/100BaseTX
10/100BaseTX
10/100BaseTX
10/100BaseTX

10/100BaseTX
10/100BaseTX
10/100BaseTX
10/100BaseTX
10/100BaseTX
10/100BaseTX
The overall configuration of the switch can be viewed using the show
running-config (sh run) command, as shown. (Only a part of the
configuration is displayed.)
Switch#sh run - -
Building configuration...

Current configuration : 1411 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname Switch
!
ip subnet-zero
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
spanning-tree extend system-id
!
interface FastEthernet0/1
!-
switchport access vlan 2
switchport mode access
. .
. .
. .
. .
!
switchport access vlan 3
switchport mode access
!
!
!
!
interface Vlan1
ip address 192.168.1.1 255.255.255.0

no ip route-cache
!
ip http server
!
line con 0
line vty 0 15
login
end
The running-configuration for the switch shows that the FastEthernet
interfaces have been assigned to the proper VLANs. Additionally, this shows
that an IP address has been assigned to the default interface VLAN1.
This portion of the text has demonstrated the steps for creating a static VLAN.
Both Sales and Engineering VLANs were created, and specific ports on the
switch were assigned to the respective VLANs. Unassigned ports remained as
part of the default VLAN 1.
VLAN Tagging
This section explores the concept of VLAN tagging (802.1Q) and demonstrates
the steps required for this configuration. The concept of VLAN tagging can be
explained using the example network shown in Figure 1-8. In this network, the
Sales team is spread out in two different buildings. Therefore, the Sales VLAN
network must be available in both buildings. Each building has its own
network switch, and both switches are connected via one physical link.

Figure 1-8. An example of a scenario with two VLANS spread
across two buildings
In a scenario like this, not only is it necessary to have the same Sales VLAN
running on both building switches, it is also important to have members of the
same VLAN being able to communicate with each other across buildings and
to adhere to the same VLAN restrictions. To accomplish this, a technique
called VLAN tagging is used. VLAN tagging is a technique deployed on a
switch interface to carry Ethernet frames of multiple VLANs. The interface
must connect to another switch port, router port, or network device that
understands VLAN tagging, and both sides must agree on the VLAN tagging
protocol.

Trunk Port
A switch interface or port configured to carry multiple VLANs.

Inter-Switch Link (ISL)
The Cisco proprietary VLAN tagging protocol.

The standard protocol for VLAN tagging is IEEE 802.1Q. This standard
protocol is widely supported by every switch manufacturer, as well as Cisco. A
switch interface or port configured to carry traffic for multiple VLANs is often
referred to as a trunk port. The term was made famous by Cisco, and it is
used explicitly as the VLAN tagging command in Cisco switches. Note that
Cisco has its own proprietary VLAN tagging protocol called Inter-Switch
Link (ISL). The big difference between ISL and 802.1Q is how the frame is
treated. In ISL, every Ethernet frame is encapsulated within a 26-Byte header
containing the VLAN ID and a 4 Byte CRC at the end. This makes the size of
an ISL frame bigger than an 802.1Q frame, as discussed next.
To accomplish the VLAN tagging of the Ethernet frames, IEEE 802.1Q simply
inserts additional data to the Ethernet frame header, as shown in Figure 1-9.
An 802.1Q tag is a 4-Byte tag field that is inserted between the Source Address
field and the Ethernet Type/Length field. By inserting an additional 4-Byte
field, the Ethernet frame size is increased. Its minimum frame size is now
increased from 64 Bytes to 68 Bytes, and its maximum frame size is now
increased from 1,518 Bytes to 1,522 Bytes. Figure 1-9 also provides a detailed
calculation of the Ethernet frame size. Because of the additional tag field and
the increased frame size, it is important that both sides of the link be
compatible. Otherwise, the tagged Ethernet frames will not be understood
and, therefore, the frames will be dropped by a non-802.1Q-compliant
interface.

Figure 1-9. Typical Ethernet frame versus Ethernet frame with
802.1Q tag
802.1Q Configuration
This section demonstrates the steps for configuring 802.1Q VLAN tagging.
The 802.1Q VLAN tagging is configured at the switch interface that
interconnects to another network switch. In this case, interface FastEthernet
0/1 of Switch A is selected as a 802.1Q VLAN tagging port or a trunk port. The
following demonstrates how to configure an interface as a trunk port on a
Cisco switch.
First, the interface is assigned as a trunk port by the command switchport
mode trunk. This essentially turns on trunking. The next step is to define the
tagging protocol, which is 802.1Q, in this case. The command switchport
trunk encapsulation dot1q is used. If ISL is used, the command would
beswitchport trunk encapsulation isl. The next command, switchport
trunk allowed vlan vlan-id, is optional, but it is useful in limiting VLANs
that can be carried across the link.

switchport mode trunk
Turns on trunking.
switchport trunk encapsulation dot1q
This command defines that 802.1Q tagging protocol is being used.
switchport trunk encapsulation isl
This command defines that the tagging protocol is ISL.
switchport trunk allowed vlan vlan-id
This command is used to limit the VLANs that can be carried across the link.

SwitchA#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SwitchA(config)#int fa 0/1
SwitchA(config-if)#switchport mode trunk
SwitchA(config-if)#switchport trunk encapsulation dot1q
SwitchA(config-if)#switchport trunk allowed vlan 1,2
SwitchA(config-if)#end
By default, all configured VLANs are allowed across the trunk port. In order
for VLAN tagging to work properly, it is important to configure the same
commands on SwitchB’s trunk port. To verify the 802.1Q configuration, the
command show interfaces trunk can be used:

show interfaces trunk
This command is used to verify the 802.1Q configuration.

SwitchA#sh interfaces trunk
Port Mode Encapsulation Status Native vlan
Fa0/1 on 802.1q trunking 1

Port Vlans allowed on trunk
Fa0/1 1,2

Port Vlans allowed and active in management domain
Fa0/1 1,2

Port Vlans in spanning tree forwarding state and not pruned
Fa0/1 1,2

Networking Challenge: Static VLAN Configuration
Use the Net-Challenge Simulator Software included with the text’s companion
CD-ROM to demonstrate that you can perform basic switch and static VLAN
configuration and set up a trunk connection. Place the CD-ROM in your
computer’s drive. Open the Net-Challenge folder, and
click NetChallengeV3-2.exe. After the software is running, click theSelect
Challenge button. This opens a Select Challenge drop-down menu. Select

the Chapter 1 - Static VLAN Configurationchallenge to open a checkbox
that can be used to verify that you have completed all the tasks. Do the
following:
1. Enter the privileged EXEC mode on the switch (password: Chile).
2. Enter the switch’s configuration mode: Router(config).
3. Set the hostname of the switch to switch-A.
4. Configure the IP address for VLAN 1 interface with the following:
IP address: 10.10.20.250
Subnet mask: 255.255.255.0
5. Enable the VLAN 1 interface.
6. Use the command to display the current VLAN settings for the switch.
7. Issue the command that lets you modify the VLAN database.
8. Create a VLAN 2 named Sales.
9. Verify that a new Sales VLAN has been created.
10. Issue the command to enter the fa0/2 interface configuration mode.
11. Enter the sequence of commands that are used to assign interface fa0/2 to
the Sales VLAN.
12. Enter the command that enables you to display the interface assigned to
each VLAN.
13. Enter the command that enables you to view specifically the assignments
for the Sales VLAN.
14. Issue the command that allows you to view the switch’s running-
configuration.
15. Issue the command to turn on trunking for SwitchA.
16. Issue the command to set trunk encapsulation to 802.1Q.
17. Issue the command that enables VLAN 1 and VLAN 2 to be carried across
the link.

Configuring the HP Procurve Switch
This should not come as a surprise to learn that many switch manufacturers
follow a similar configuration path as the Cisco switches. A similar Cisco-
styled command-line interface (CLI) is deployed by those manufacturers as
well. The following is an example of how to configure an HP Procurve switch.
The first step is to enter the configuration mode using the
command configure. Next, the VLAN # is entered using the vlan
2 command. Finally, the VLAN is assigned a name from the (vlan-2) prompt
using the command name-Sales:
SwitchHP# configure
SwitchHP(config)#vlan 2
SwitchHP(vlan-2)#name Sales

The command show vlan also exists on the HP switches, but the output
result is different than the one produced from Cisco switches. The HP’s show
vlancommand does not provide ports with VLAN membership, while the
Cisco command does:
SwitchHP# show vlan
Status and Counters - VLAN Information

Maximum VLANs to support : 8
Primary VLAN : DEFAULT_VLAN
Management VLAN :

802.1Q VLAN ID Name Status Voice Jumbo
-------------- ------------ ------------ ----- -----
1 DEFAULT_VLAN Port-based No No
2 Sales Port-based No No
On a Cisco switch, the VLAN membership is configured at the interface level.
On an HP switch, it is configured at the VLAN level, where each VLAN
contains its port members. This example shows how a VLAN membership is
assigned on an HP switch:
SwitchHP# configure
SwitchHP(config)#vlan 2
SwitchHP(vlan-2)#untagged 48
In VLAN 2, port 48 is configured as an untagged member. This means that the
port is not a tagged VLAN port. It is essentially just a port-based VLAN. It was
mentioned earlier that the HP’s command show vlan does not give much
detail. To get more VLAN details, one must specify the VLAN ID. The show
vlan 2command can be used to verify that port 48 has been assigned to the
Sales VLAN (VLAN2):
SwitchHP# show vlan 2
Status and Counters - VLAN Information - Ports - VLAN 2

802.1Q VLAN ID : 2
Name : Sales
Status : Port-based Voice : No
Jumbo : No

Port Information Mode Unknown VLAN Status
------------------- -------------------- ---------- ---------
48 Untagged Learn Up
On HP switches and other switch manufacturers, the command syntax for
enabling a port to carry 802.1Q tagged frames is basically the same. On HP
switches, there is not a trunk command. The step is to simply assign tagging
ability to the switch port by issuing the
command tagged port_number. Because this is a non-Cisco switch, 802.1Q is
the only VLAN tagging protocol that can be used. The following command

sequence demonstrates how to configure an interface port 24 on an HP switch
as a 802.1Q VLAN tagging port:
SwitchHP# conf
SwitchHP(config)# vlan 1
SwitchHP(vlan-1)# tagged 24
SwitchHP(vlan-1)# exit
SwitchHP(config)# vlan 2
SwitchHP(vlan-2)# tagged 24
SwitchHP(vlan-2)# exit
Unlike Cisco switches where an 802.1Q is configured at the interface level, the
tagging configuration is done at the VLAN level on HP switches. Port 24 is
designated as tagged port for both VLAN 1 and VLAN 2, which enables it to
carry VLAN 1 and VLAN 2 frames. Generally, untagged ports belong to one
specific VLAN, while tagged ports can belong to one or more VLANs.
1-4. Routed Network
This section examines the Layer 3 network and how data is routed in the
network. This section also introduces another Layer 3 device, the multilayer
switch. You need to understand the advantages and disadvantages of this
device. This section also introduces interVLAN configuration, which enables
VLANs to communicate across networks. The section concludes with a look at
both serial and ATM configurations. Some network engineers will argue that
the serial and ATM technologies are a dying technology and are now
considered obsolete. However, being obsolete does not mean they are
nonexistent. These technologies are still being used throughout the world, and
it is still an important topic.
Router
The router is a powerful networking device used to interconnect LANs. The
router is a Layer 3 device in the OSI model, which means the router uses
thenetwork address (Layer 3 addressing) to make routing decisions
regarding forwarding data packets. In the OSI model, the Layer 3, or network,
layer responsibilities include handling of the network address. The network
address is also called a logical address, rather than being a physical address
(such as the MAC address, which is embedded into the network interface card
[NIC]). Thelogical address describes the IP address location of the network
and the address location of the host in the network.

Network Address
Another name for the Layer 3 address.
Logical Address
This describes the IP address location of the network and the address location
of the host in the network.

Essentially, the router is configured to know how to route data packets
entering or exiting the LAN. This differs from the bridge and the Layer 2
switch, which use the Ethernet address for making decisions regarding
forwarding data packets and only know how to forward data to hosts
physically connected to their ports.
Routers are used to interconnect LANs in a campus network. Routers can be
used to interconnect networks that use the same protocol (for example,
Ethernet), or they can be used to interconnect LANs that are using different
Layer 2 technologies, such as an Ethernet, ATM, T1, and so on. Routers also
make it possible to interconnect to LANs around the country and the world
and interconnect to many different networking protocols. The router ports
arebidirectional, meaning that data can enter and exit the same router port.
Often, the router ports are called the router interface, which is the physical
connection where the router connects to the network.

Router Interface
The physical connection where the router connects to the network.

The network provided in Figure 1-10 is an example of a simple three-router
campus network. This configuration enables data packets to be sent and
received from any host on the network after the routers in the network have
been properly configured. For example, computer A1 in LAN A could be
sending data to computer D1 in LAN D. This requires that the IP address for
computer D1 is known by the user sending the data from computer A1. The
data from computer A1 will first travel to the switch where the data is passed
to Router A via the FA0/0 FastEthernet data port. Router A will examine the
network address of the data packet and use configured routing instructions
stored in the router’s routing tables to decide where to forward the data.
Router A determines that an available path to Router C is via the FA0/2
FastEthernet port connection. The data is then sent directly to Router C.
Router C determines that the data packet should be forwarded to its FA0/0
port to reach computer D1 in LAN D. The data is then sent to D1. Alternatively,
Router A could have sent the data to Router C through Router B via Router A’s
FA0/1 FastEthernet port.

Figure 1-10. The three-router campus LAN
Delivery of the information over the network was made possible by the use of
an IP address and routing table. Routing tables keep track of the routes used
for forwarding data to its destination. RouterA used its routing table to
determine a network data path so computer A1’s data could reach computer
D1 in LAN D. After the data packet arrived on Router C, an ARP request is
issued by Router C to determine the MAC address of computer D1. The MAC
address is then used for final delivery of the data to computer D1.

Routing Table
Keeps track of the routes to use for forwarding data to its destination.

If Router A determines that the network path to Router C is down, Router A
can route the data packet to Router C through Router B. After Router B
receives the data packet from Router A, it uses its routing tables to determine
where to forward the data packet. Router B determines that the data needs to
be sent to Router C. Router B will then use its FA0/3 FastEthernet port to
forward the data to Router C.

Gateway Address
As previously discussed, the term gateway is used to describe the address of
the networking device that enables the hosts in a LAN to connect to networks
and hosts outside the LAN. For example, the gateway address for all hosts in
LAN A will be 10.10.20.250. This address is configured on the host computer,
as shown in Figure 1-11. Any IP packets with a destination outside the LAN A
network will be sent to this gateway address. Note that the destination
network is determined by the subnet mask. In this case, the subnet mask is
255.255.255.0.

Figure 1-11. Network settings configuration for the default
gateway
Network Segments
The network segment defines the networking link between two LANs. There is
a segment associated with each connection of an internetworking device (for
example, router-hub, router-switch, router-router). For example, the IP
address for the network segment connecting LAN A to the router is 10.10.20.0.
All hosts connected to this segment must contain a 10.10.20.x, because a
subnet mask of 255.255.255.0 is being used. Subnet masking is fully explained
in Network Essentials Chapter 6, ―TCP/IP.‖

Routers use the information about the network segments to determine where
to forward data packets. For example, referring to Figure 1-10, the network
segments that connect to Router A include
10.10.20.0
10.10.200.0
10.10.100.0
The segment is sometimes called the subnet or NET. These terms are
associated with a network segment address, such as 10.10.20.0. In this case,
the network is called the 10.10.20.0 NET. All hosts in the 10.10.20.0 NET will
have a 10.10.20.x IP address. The network addresses are used when
configuring the routers and defining which networks are connected to the
router.

Subnet, NET
Other terms for the segment.

According to Figure 1-11, all the computers in LAN A must have a 10.10.20.x
address. This is defined by the 255.255.255.0 subnet mask. For example,
computer A1 in LAN A will have the assigned IP address of 10.10.20.1 and a
gateway address of 10.10.20.250. The computers in LAN B (see Figure 1-10)
are located in the 10.10.10.0 network. This means that all the computers in
this network must contain a 10.10.10.x IP address. In this case, the x part of
the IP address is assigned for each host. The gateway address for the hosts in
LAN B is 10.10.10.250. Notice that the routers are all using the same .250
gateway address. Remember, any valid IP address can be used for the gateway
address, but it is a good design procedure to use the same number for number
for all routers. In this case, .250 is being used. In other cases, it could be .1 or
.254.
The subnet mask is used to determine whether the data is to stay in the LAN
or is to be forwarded to the default gateway provided by the router. The router
uses its subnet mask to determine the destination network address. The
destination network address is checked with the router’s routing table to select
the best route to the destination. The data is then forwarded to the next router,
which is the next hop address. The next router examines the data packet,
determines the destination network address, checks its routing table, and then
forwards the data to the next hop. If the destination network is directly
connected to the router, it issues an ARP request to determine the MAC
address of the destination host. Final delivery is then accomplished by
forwarding the data using the destination host computer’s MAC address.
Routing of the data through the networks is at Layer 3, and the final delivery
of data in the network is at Layer 2.

Multilayer Switch
So far, the topic of network switches revolves around their Layer 2
functionalities. Today, the scope of operations has changed for switches.
Newer switch technologies are available to help further improve the
performance of computer networks. This new development started with Layer
3 switches and now there are multilayer switches. The term used to describe
these switches that can operate above the OSI Layer 2 is multilayer
switches (MLS). An example is a Layer 3 switch. Layer 3 switches still work
at Layer 2, but additionally work at the network layer (Layer 3) of the OSI
model and use IP addressing for making decisions to route a data packet in the
best direction. The major difference is that the packet switching in basic
routers is handled by a programmed microprocessor. The multilayer switch
uses application specific integrated circuits (ASIC) hardware to handle the
packet switching. The advantage of using hardware to handle the packet
switching is a significant reduction in processing time (software versus
hardware). In fact, the processing time of multilayer switches can be as fast as
the input data rate. This is called wire speed routing, where the data
packets are processed as fast as they are arriving. Multilayer switches can also
work at the upper layers of the OSI model. An example is a Layer 4 switch that
processes data packets at the transport layer of the OSI model.

Multilayer Switch (MLS)
Operates at Layer 2, but functions at the higher layers.
Wire Speed Routing
Data packets are processed as fast as they arrive.

Through this evolution, the line between routers and multilayer switches is
getting more and more blurry. Routers were once considered the more
intelligent device, but this is no longer true. With new developments, the
multilayer switches can do almost everything the routers can. More
importantly, most of the Layer 3 switch configuration commands are almost
identical to the ones used on the routers. Routers tend to be more expensive
when it comes to cost per port. Therefore, most of the traditional designs have
a router connecting to a switch or switches to provide more port density. This
can be expensive depending on the size of the network. So, there has been a
shift toward deploying multilayer switches in the network LAN environment
in place of routers. In this case, the routers and switches in Figure 1-10 then
could all be replaced with multilayer switches. This also means there will be
less network equipment to maintain, which reduces the maintenance cost and
makes this a more cost-effective solution. With its greater port density, a
multilayer switch can serve more clients than a router could. However, there is
a common drawback for most multilayer switches: These devices only support

Ethernet. Other Layer 2 technologies, such as ATM, DSL,T1, still depend on
routers for making this connection.
Layer 3 Routed Networks
As discussed previously, the hosts are interconnected with a switch or hub.
This allows data to be exchanged within the LAN; however, data cannot be
routed to other networks. Also, the broadcast domain of one LAN is not
isolated from another LAN’s broadcast domain. The solution for breaking up
the broadcast domains and providing network routing is to incorporate
routing hardware into the network design to create a routed network. A
routed network uses Layer 3 addressing for selecting routes to forward data
packets, so a better name for this network is a Layer 3 network.

Routed Network
Uses Layer 3 addressing for selecting routes to forward data packets.
Layer 3 Network
Another name for a routed network.

In Layer 3 networks, routers and multilayer switches are used to interconnect
the networks and LANs, isolating broadcast domains and enabling hosts from
different LANs and networks to exchange data. Data packet delivery is
achieved by handing off data to adjacent routers until the packet reaches its
final destination. This typically involves passing data packets through many
routers and many networks. An example of a Layer 3 network is shown
in Figure 1-10. This example has four LANs interconnected using three
routers. The IP address for each networking device is listed.
The physical layer interface on the router provides a way to connect the router
to other networking devices on the network. For example, the FastEthernet
ports on the router are used to connect to other FastEthernet ports on other
routers or switches. Gigabit and 10-gigabit Ethernet ports are also available on
routers to connect to other high-speed Ethernet ports (the sample network
shown in Figure 1-10 includes only FastEthernet ports). Routers also contain
other types of interfaces, such as serial interfaces and Synchronous Optical
Network (SONET) interfaces. These interfaces were widely used to
interconnect the router and the network to other wide-area networks (WAN).
For example, connection to WANs requires the use of a serial interface or
SONET interface to connect to a communications carrier, such as Sprint,
AT&T, Century Link, and so on. The data speeds for the serial communication
ports on routers can vary from slow (56 kbps) up to high-speed DS3 data rates
(47+ Mbps), and the SONET could range from OC3 (155 Mbps), OC12 (622
Mbps), or even OC192 (9953 Mbps).

Synchronous Optical Network (SONET)
Used to interconnect the router and the network to other WANs.
WAN
Wide-area network.

Routed Port Configuration
Routers can have Ethernet (10 Mbps), Fast Ethernet (100 Mbps), Gigabit
Ethernet (1,000 Mbps), and 10 gigabit (10 GB), Serial, and ATM interfaces.
These routers can have multiple interfaces, and the steps for configuring each
interface are basically the same. Each interface is assigned a number. For
example, a router could have three FastEthernet interfaces identified as
FastEthernet 0/0
FastEthernet 0/1
FastEthernet 0/2
The notation 0/0 indicates the [interface-card-slot/port].
On Cisco’s routers, a routed port can be configured simply by assigning an IP
address to the interface. Once an IP address and its subnet mask are assigned
to the interface and the interface is enabled, a Layer 3 network is created. The
interface IP address becomes the gateway for that network. To program the
interface, the router must be in the configuration mode. The following
demonstrates how to configure a router’s FastEthernet 0/0 port (FastEthernet
0/0, also listed as fa0/0 and FA0/0) as a routed interface.
Router(config)# int fa0/0
Router(config-if)# ip address 10.10.20.250 255.255.255.0
Router(config-if)#no shut
2w0d: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/0,
changed state to up
Notice that the router prompts you that the line protocol on interface
FastEthernet 0/0 changed state to up. These log messages are always
displayed when connecting via the console port. However, they are suppressed
when it is a remote terminal session, like Telnet or SSH. To display log
messages on the remote terminal, issue the command terminal
monitor or term mon at the router prompt:

terminal monitor (term mon)
Displays log messages on the remote terminal.
Router# term mon
The log messages can be useful when bringing up a new connection.
Sometimes, they can be annoying if the router is logging too many events. To
disable the logging to the terminal, the command is terminal no

monitor or term no mon. One would think the command syntax would
start with no, like typical Cisco command, but it is not so in this case:

terminal no monitor (term no mon)
Disables the logging to the terminal.
Router# term no mon
The command show ip interface brief (sh ip int brief) entered at the
enable prompt (Router#) can be used to verify the status of the router
interfaces. The following is an example:
Router# sh ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10.10.20.250 YES manual up up
FastEthernet0/1 unassigned YES manual administratively down
down
FastEthernet0/2 unassigned YES manual administratively down
down

show ip interface brief (sh ip int brief)
Verifies the status of the router interfaces.

The output shows that the interface FastEthernet0/0 was configured with the
IP address and its status is up. Because the FastEthernet0/1 and
FastEthernet0/2 were not yet configured, their IP addresses are shown as
unassigned and their interfaces are still administratively shut down.
Also, a routed port can be assigned to a multilayer switch. This configuration
is simple and the same as configuring a router port. The first step is to convert
the native switch port to a router port. This is accomplished by issuing the
commandno switchport on the desired switch interface. Then, the IP
address and other configuration can be applied to the interface just like a
typical router port:
SwitchA(config)# interface FastEthernet0/1
SwitchA(config-if)# no switchport
SwitchA(config-if)# ip address 192.168.1.1 255.255.255.0
SwitchA(config-if)# no shutdown

no switchport
Converts the native switch port to a router port.

One concept that is worth exploring is secondary IP address. The primary
address is the IP address that is assigned to the interface. The secondary IP
address is a way to support multiple IP addresses per router interface. Hence,
it allows multiple Layer 3 networks to reside on the same physical link.

Secondary IP addresses can be useful when you want to add more networks
without having to disturb the existing network or to use it as a transitional
network for network migration. Some people might just want to run multiple
logical subnets on one physical subnet. To add a secondary IP address to the
interface, the command isip address [ip_address]
[subnet_mask] secondary. The keyword secondaryis used to specify the
secondary IP address. The secondary IP address configuration is as follows:
Router(config)# interface FastEthernet0/0
Router(config-if)# ip address 10.10.20.250 255.255.255.0
Router(config-if)# ip address 172.16.1.1 255.255.255.0 secondary

Secondary IP Address
Allows multiple Layer 3 networks to reside on the same physical link.

In order to configure the secondary IP address, the primary IP address must
exist first. There can be as many secondary IP addresses as needed. The
secondary IP address cannot be verified with the show int or show ip int
brief command. The results will only display the primary IP address
information.
InterVLAN Routing Configuration
As previously discussed in Section 1-3, ―VLAN Network,‖ each VLAN is its own
broadcast domain. It cannot forward traffic across its VLAN boundaries.
However, it is almost impractical in today’s applications for a VLAN not to be
able to communicate beyond itself. To enable communications among
VLANs,InterVLAN routing is required.

InterVLAN routing
Enables communications among VLANs.
router on a stick
Eliminates connecting a link from each VLAN to a router port by utilizing a
trunk or 802.1Q port.

The most logical solution to route traffic between different VLANs is to
introduce or create a Layer 3 routed network between them. One traditional
way is to connect each VLAN to a router interface. Then, each router interface
is configured as a different Layer 3 network. This enables VLANs to
communicate and pass traffic via the Layer 3 IP network. For a few VLANs,
this does not present an issue, but for a large number of VLANs, this could
create some issues. This means that every VLAN will require a physical
connection to a router port. Router ports are expensive, and this design can be
costly as the number of VLANs increases and more physical links are required.

A more common and popular design is to implement a router on a stick.
The router on a stick design eliminates connecting a link from each VLAN to a
router port by utilizing a trunk or 802.1Q port. A single trunk port is
connected to a router, and it passes the tagged VLAN traffic to the router, as
depicted in Figure 1-12.

Figure 1-12. Router on a stick topology
This design requires that the router must be configured to accept the tagged
VLANs. A Layer 3 network is then assigned to each VLAN coming to the
router. To accomplish this, subinterfaces are created under the router
interface at which the switch trunk port is terminated. The subinterface is a
virtual interface, and its notation is a dot followed by the subinterface number.
In the example provided, the subinterfaces are listed as FastEthernet0/0.1,
0.2, and 0.3. For the ease of programming, it is recommended to keep the
subinterface number the same as the VLAN ID. Recall that the default VLAN
is 1, the Sales VLAN is 2, and the Engineering VLAN is 3. The next step is to
define the VLAN tagging encapsulation. In this case, it is dot1q, which
essentially is 802.1Q. With the encapsulation, the appropriate VLAN ID is
specified. Next, the IP address is assigned creating a routed Layer 3 network
for a VLAN. The following example demonstrates how to configure a Cisco
router for a 802.1Q interVLAN routing:
Router(config)#interface FastEthernet0/0
Router(config-if)#no ip address
Router(config-if)#interface FastEthernet0/0.1
Router(config-if)#description Default VLAN
Router(config-subif)#encapsulation dot1Q 1
Router(config-subif)#ip address 172.16.10.1 255.255.255.0

Router(config-subif)#interface FastEthernet0/0.2
Router(config-subif)#description Sales VLAN


Router(config-subif)#interface FastEthernet0/0.3
Router(config-subif)#description Engineering VLAN

Ccna guide

More Related Content

What's hot (20)

Viewers also liked (20)

Similar to Ccna guide (20)

More from Ramesh Kumar (19)

Ccna guide