Geek Certs Blog

RIP uses a number of timers to ensure that its routes are fresh and to avoid routing loops. A routing loop occurs when a router thinks it has a path to a destination, but it does not. In other words, if your cousin sends an invitation to you at your address in Chicago, but you don’t live there, you will never get it no matter how many times your cousin sends you the invitation.

Timers measure time in seconds and you can modify their default behavior. One of these timers, the update timer, controls how often a router sends a routing update to its neighbors. This is known as a periodic update. The default for a Cisco router is 30 seconds.

The invalid timer defines the length of time, 90 seconds by default, which must pass before a router considers a route invalid. In other words, if RouterA has a route to NetworkA, but does not receive an update from another router for the route to NetworkA for 90 seconds, RouterA considers its route to NetworkA to be non-existent.

Once a router determines a route to be non-existent, it begins a countdown as to when an invalid route should be purged (or flushed) from its routing table (which will trigger the router to send a routing table update to its neighbors). The flush timer has a default length of 240 seconds. Once this timer runs out, an invalid route is removed from the routing table.

Using a typical lab scenario of four interconnected routers (in circular fashion, with each router named Left, Top, Right, and Bottom), let’s look at what happens when Right informs Top that a network to its far right is down (since this is election week, why not!). I suggest you take out a paper and pencil and then draw out this network as you would do in the lab.

When Top learns of this update, it must protect itself from a false routing update from router Left. To understand this scenario, you must consider that electricity travels at about 70% the speed of light and that routers often handle millions of routing requests per second. Therefore, we need to slow this traffic down to about 5 MPH to understand how a router can receive information about a bad route and then tell another router about what it knows.

Slowing traffic down to an understandable level, let’s next suppose that half a second after Top learns of the bad route, Top receives a routing update from router Left. Left’s update does not include the update from router Right that its far right network went down (imagine that the network’s switch lost power). When Top examines Left’s update, it notices that the update contains (what appears to be) a valid route to the far right network through router Bottom. Of course, we know that this route is down, but router Bottom does not because half a second after it sent its update to router Left, it received an update from Right with the bad news about its far right network.

What should Top do with the update it received from Left, Top could conclude that it has a valid route, put this route in its routing table, and then send it to router Right. Can you see what a mess we would now have on our hands? If this scenario played out (again, slowing the clock down to a speed we can understand), when Right next receives a request to route to the far right network, Right will send the request to Top. Next, Top sends the request to Left, and finally, Left sends the request back to Right (who starts the loop all over again). This is an example of a routing loop!

Obviously, this can’t be allowed to happen. So, here’s what happens. Once Top learns from Right that it has an invalid route, Top invokes a principal known as split horizon and starts its holddown timer, which by default runs for 180 seconds. The concept of split horizon basically solves the problem I raised in the above scenario by forbidding router Top from sending an update to router Right about the route that is down. In other words, I can’t update you about a topic you originally told me about for a specific period of time (the holddown time). Once the holddown timer expires though, all bets are off. Cisco has a very detailed explanation of these concepts here in an EIGRP tutorial.

Newer implementations of distance vector routing protocols such as RIP and EIGRP add one more element to the intrigue by implementing split horizon known with poison reverse. Using poison reverse with our example above, router Top would receive the route update from Right and then send the invalid route immediately back to Right with an unreachable metric. RIP’s metric would be 16, which is its definition of an infinite path.

Finally, to conclude this discussion for this week, when router Top receives the update from Right, Top immediately recalculates its routing table and sends a triggered update to its directly-connected neighbors. A triggered update occurs when a router learns of a route change outside of its scheduled update time, sent when the router’s update timer expires.

When routers communicate with each other they use their own language, as you would assume. You no doubt are aware that a router’s main function is to receive a packet and then figure out the best path, based on what the router knows, to get the packet to its destination.

The packet received by the router - for example an IP (Internet Protocol) packet - is a <u>routed</u> protocol. The router takes the routed protocol and encapsulates it (entirely) inside its own protocol data unit (PDU). When the router performs this process, the newly-created PDU is sent to the next router.

Before the router sends the PDU to the next router, it needs to determine to which next router the PDU should be sent. Routers learn about best paths by communicating with other routers and use routing protocols like RIP (Routing Internet Protocol), OSPF (Open Shortest Path First), and EIGRP (Cisco routers only: Enhanced Internet Gateway Routing Protocol) to accomplish this goal.

RIP and EIGRP are classified as distance vector (DV) routing protocols, whereas OSPF is classified as a link state (LS) routing protocol. DV routing protocols keep track of distances and directions (or vectors) using a simple metric called hop count. Each router through which a packet must pass is equal to one hop. It’s that easy. One catch is that a DV routing protocol such as RIP will only route a PDU 16 times. Any hop count beyond that is considered unreachable. Therefore RIP seemingly does the impossible by defining infinity.

DV routing protocols talk to each other using the logic, or algorithm, of their underlying logic, and this talk results in the shortest distance to a destination. Of course, a router should have a path to every destination (unless you specifically do not want that). RIP’s algorithm is known as the <i>Bellman-Ford</i> algorithm, named after the men who developed it. Routers record what they learn about routes in what is called a topology table but the actual routes a router will use is recorded in a routing table. In other words, the topology table might contain more than one path to one destination, but the routing table will only record the one path that has the lowest metric (which makes this route the best path to a given destination).

LS routing protocols such as OSPF utilize the more complex <i>Dijkstra</i> algorithm, again, named after the person who created it. LS routing protocols create a composite metric by learning about the bandwidth and speed of the media through which the PDU will pass. We will discuss LS routing protocols in a later discussion.

Finally,  EIGRP, which, again, is a Cisco proprietary routing protocol, is referred to by Cisco as a hybrid routing protocol. A hybrid routing protocol (according to Cisco) takes the best features from the DV and LS routing protocols and uses them all. As with LS routing protocols. we will reserve our comments about EIGRP to a later discussion, when we can cover it fully.

If you noticed that I didn’t even mention IGRP, then you are ahead of the pack! Since IGRP and RIP (version 1) are no longer supported, I’m not going to discuss them in much detail. However, many features of RIP are common to IGRP with the exception of using only hop count to calculate its metric.

When a router boots up, like any other computer (or sentient being for my Star Trek fans), it first does an internal awareness check known as POST (power-on, self test). Once the router knows its internals are functioning as expected, the router next loads its operating system (OS). Cisco named its router (and switch) OS the Internetwork Operating System or IOS. Once the router loads its IOS, it next looks to see if it possesses a specific configuration file.

When a Windows computer reaches this stage of its boot process, it applies a specific configuration from its database known as the registry. The registry is stored on a computer’s hard drive, which means that it can be changed - such as when a user changes her desktop background - and then saved so that the next time the user logs in the new desktop color is applied. A router does not have an internal hard drive, however, it does have memory that is very similar to another type of memory found in computers - EPROM (erasible programmable read-only memory). Cisco refers to this memory as NVRAM (non-volatile random-access memory). Think of NVRAM as RAM that does <u>not</u> lose its contents when the router loses power. The configuration file stored in NVRAM contains router-specific information such as the router’s name, its IP addresses, security settings, and more.

Once the router applies its startup configuration file settings, it is now, finally, ready to talk to its neighbors. On Cisco routers, a router talks to its directly-connected neighbors using another special language via CDP (Cisco Discovery Protocol). Note that whenever you encounter a protocol with a vendor’s name in it, this protocol will only be installed and available if your equipment was manufactured by that vendor. In other words, a Juniper router will not run CDP and it won’t be able to use EIGRP. 

When Cisco routers communicate using CDP, they only tell each other about the network that directly connects them to each other. So, if Router1 is connected to another network, which is usually the case, Router2 will not learn of that network’s existance, meaning that if Router2 receives a packet addressed to the other network, Router2 just might drop the packet (not route it). Of course, the the Router2 human administrator can program a (static) route to the other network, but this is a lot of work and outside of a small network, this would not work!

After reading the above, you no doubt are thinking that if the router could communicate directly with other routers, without much human intervention, this process would work in small and large networks. If you are thinking along those lines, then you understand why RIP, EIGRP, OSPF, and other routing protocols were created. When a router is provided with a basic routing protocol configuration, the router is able to dynamically talk to other routers, learn about routes, send requests for information and answer such requests, all without human intervention. When routers operate in this fashion, the network is said to be <i>scalable</i>, meaning that regardless of the network’s size, the process still functions with little or no human intervention required.

So, after a Cisco router learns all it can via CDP, it needs a dynamic routing protocol, such as RIP, to learn about paths to networks beyond its directly-connected neighbors. The router’s next step, after completing the CDP process, is to send its entire routing table to each of its directly-connected neighbors. Once the neighbors receive this routing table, they recalculate their routing table using RIP’s algorithm and then send out their entire routing table to each of their directly-connected neighbors. This process continues until all of the routers in the network have no new routes to learn. In other words, when a router receives its neighbors routing table and learns nothing new, the process is complete. At this stage, the routers have reached agreement on how to reach known destinations. This stage of agreement is known as <i>convergence</i>.

In our next discussion, we will address timers, triggered updates, routing loops, split horizon, and route poisoning. Stay tuned for next week’s continuation!

Most of us are already are familiar with routers due to DSL, cable, wireless, and satellite Internet services. What’s probably missing is the meaty part of what routers do and how they function.

The basic purpose of a router is to find the best path to a destination. For example, your switch sends a frame to a router via its Ethernet interface. When the router receives the frame, it captures the frame’s destination IP (Internet Protocol) address. Next, the router checks its routing table to determine whether it knows how to get to that destination.

First, the router checks for what is known as a static route. If there is no static route to the destination, next, the router looks for a route discovered via a routing protocol (such as CDP, RIP, EIGRP, or OSPF). If no discovered route exists, the router looks for a default route. Finally, the router routes the (newly created) packet if one of these routes exists (in the order presented). A key point to keep in mind is that if the router cannot find a route to the destination IP address, it will simply drop (or destroy) the frame.

To view the routing table of a Cisco router, type the commands listed below:

show ip route

at the CLI (command line interface) when you’re logged into user mode (immediately after you type “enable”). Before you configure a static route, you should first configure the router’s interfaces.  To configure a router’s serial 0/0 interface with an IP address of 192.168.10.2 /24 and then verify the configuration, type the following commands:

enable

configure terminal

interface serial0/0

ip address 192.168.10.1 255.255.255.0

no shutdown

exit

exit

show ip interface serial0/0

Notice that in the configuration above, I did not specify a data speed rate for this interface, which is what you’d generally expect. If you guessed that I’m referring to the DCE (data circuit-terminating equipment) or DTE (data terminating equipment) status of a router, you’re right! Typically, your router will act as the DTE since the DCE role is usually played by your ISP’s router. If you have a difficult time remembering this, just commit to memory that the “C” in DCE refers to the clock (or timing) and that your ISP will set the clock rate for communication it controls.

At this point, you’re probably wondering just what a static route is. A static route is best used when you want to ‘rig’ how a packet is routed. For example, if your router possesses a discovered (or dynamic) route to a destination IP address, but you always want the router to use another route, you should configure the router with a static route.

You can use static routes for stub routers too. A stub router is a one that is connected to one and only one router. In other words, the stub router only has one path through which to route packets. When this is the case, configuring a routing protocol such as EIGRP is not useful. It’s easier and more efficient to use a static route.

You enter static routes when in global configuration mode (after you’ve typed in “configure terminal” at the CLI). The highly abbreviated command syntax for a static route is:

ip route major_network_address subnet_mask exit_interface

Now, let’s break this down into pieces:

1. “ip route” is the command used to initiate a static route command.

2. “major_network_address” represents the destination subnet for which you are configuring the static route. For example, if you want the static route to apply to all destination hosts in the 192.168.10.0 /24 subnet, then you would list that address in the command.

3. “subnet_mask” is the subnet that this command applies to. So, using the example in #2 above, you should type out the /24 as 255.255.255.0.

4. “exit_interface” is the interface name on your router through which the packet should exit. If you want the packet to exit via serial 0/0, then you would list that here.

The complete command, using the information froma above, would look like:

ip route 192.168.10.0 255.255.255.0 serial0/0

Cisco’s training material tells you that rather than listing your exit interface name, you can also list the IP address of the router on the other end of your router’s interface. However, I don’t recommend this because this slightly decreases your router’s speed.

When I outlined the router’s routing logic, I listed CDP as one of the router’s routing protocols, which is mostly true! CDP helps routers learn about routes, but not very many.

The Cisco Discovery Protocol runs only on Cisco routers and adds to the routing table information about interfaces (and their networks) that are directly-connected to the router. I can’t stress enough that if your router is running CDP and no other routing protocol, your router will only know about directly-connected routes (not routes directly-connected to other routers). One good thing about CDP is that it can learn about switches (Layer 2) and routers (Layer 3). Finally CDP is enabled by default on all Cisco routers. If all of your routers are not made by Cisco, you can turn it off for the router or per interface.

I also mentioned default routes. A default route is known as the router’s gateway of last resort because if no other route exists to a destination, the router will use a default route rather than drop a packet. Most routers should have a default route configured.

A default route is configured similarly to a static route except that the major_network_address and subnet_mask entries consist of all zeroes. If you want packets routed out of your serial 1/0 interface instead of dropping them, then in global configuration mode, type the following at the CLI:

ip route 0.0.0.0 0.0.0.0 serial1/0

Many writers refer to this as the ‘quad-zero’ command. The zeros are what make the route a default route.

Lastly, it’s important to point out that routers make routing decisions based on what they know - not on what other routers know. In other words, if a route is in your routing table, but not in mine, that does not help me at all. In addition, just because a router1 knows how to get to router2, this does not mean that router2 knows how to get to router1.

This means that once you configure your router, you should use the ping command to prove that you can get from router1 to router2 (and vice-versa if you need that type of connectivity).

We’ve covered a lot of material in this lesson. If you have any questions, please feel free to write for clarification.

Most of you are probably quite familiar with a home network where you have one or more computers connected to a DSL or Cable Modem router which is in turn connected to the Internet. If we view your router as another computer (which it is), then you have a local area network, or LAN, and you are its network administrator! As we move through this discussion, remember that we are covering only the basics. Networking is a very complex topic and it takes years of experience and training to develop a complete understanding of how things actually work.

Your computer probably has a network interface card (NIC) with a cable connected to it, a wireless adapter with no cable required, or a modem that has a phone line connected to it. You might even have all three of them in one computer and use whichever one fits your current need. For example, you might use your modem for a dialup connection when at home but use a NIC wired connection at your place of work.

Computers are able to talk to each other through the use of protocols. Think of a protocol as the way ambassadors from different countries communicate with each other: lots of rules and etiquette. Internet protocols work the same way in that there are a lot of rules that tell computers how to speak to one another, how to understand what the other computer said, and when to say good-bye (and how). Sometimes, computers can talk to each other using names, other times they can talk using numbers, called Internet Protocol addresses, or IP addresses. Your IP address is made up of two parts, the IP address and subnet mask. These two numbers combine together so that your computer can be uniquely identified on your network.

Your computer has its own name. All computers do! You can discover your computer’s name by clicking Start, and then click Run. Type command on the Open line and at the DOS prompt, type hostname. The text that appears is your computer’s name! As you probably guessed, many computers can have the same name. So, sometimes, network communication using names just will not work! The larger the network, the more likely that using names will create communication traffic jams! Think of how horrible this would be on the Internet.

To fix this, we give computers names and IP addresses. For example, your Internet service provider’s (ISPs) router, located in your home and connected to your computer (by a wire or wireless), gives your computer an IP address every time you turn it on. This is done via a special protocol (dynamic host configuration protocol, or DHCP). The IP address given to each computer in a network is not given to any other computer. The Internet works in the same way. However, this gets much more complex and is beyond the scope of our discussion.

A router is a special type of computer that is always working to figure out the best path to move data from where it is to its destination. The Internet is made up of many routers that work in conjunction to get this done. Your DSL or Cable Modem equipment is a router. Routers can also act as DHCP servers.

A switch, on the other hand, doesn’t route very well. A switch doesn’t use a computer’s name or IP address. It likes to use your network adapter’s machine address code, or MAC address. Every NIC has its own MAC address burned into it. You can see your NIC’s MAC address by typing in ipconfig /all at the DOS prompt. The MAC address should be the first item on the list that appears, under Physical address. The address will be made up of numbers and letters (0-9 and A-F), known as the hexadecimal number system. A switch keeps something like a spreadsheet (for Cisco, this would be content addressable memory) showing your MAC address and which port your cable is plugged into. Wireless works similarly!

Some LANs do not have a master computer, or server, dictating which users and computers can use resources managed by the server. These networks are named peer-to-peer networks because each peer (computer) is equal to the others. There is no server (a computer with a network operating system installed, such as Windows Server 2003), meaning that each computer has to create rules for who can use its printers and/or shared folders.

A server has the ability to manage all of the computers in its neighborhood, also known as a domain. Think of a domain as a gated community, where a gatekeeper determines who can enter and use the club house, pool, and other amenities. If a computer or user is not registered within the domain, that computer/user cannot use the domain’s resources (such as a printer).

Let’s say that you work at a local bank that has offices throughout the state. Each branch office would be considered a LAN. However, what if we want computers in each office to speak to one another? All we need to do is join the LANs together and create a WAN (wide area network). This is easy to say and difficult to implement! Just remember that to do this, we need routers and ISPs (like Qwest).

When each office connects to the other, the connection might be made using a backbone. A backbone is made up of routers, switches, fast cabling (usually fiber optic cable), and traffic that goes from LAN to LAN (not traffic that would stay inside any LAN).

A network administrator is responsible for ensuring that the computers can all talk on the LAN and/or WAN. This is a heavy responsibility and requires extensive knowledge in how computers, routers, switches, and networks function. Network administrators can prove their skill by passing industry recognized certification exams. For example, after passing four exams, a person could pick up the MCSA (Microsoft Certified Systems Administrator) designation. An MCSA takes care of the day-to-day networking operations. The four certifications exams are: 1) Windows XP or Vista; 2) Server 2003 basics; 3) Server 2003 advanced topics; and 4) Network security (or another approved course).

The MCSE (Microsoft Certified Systems Engineer) is made up of seven certification exams (generally, the MCSA exams plus three more). The three extras include network security and how to manage a domain by using group policies to enforce domain rules. People with either certification are in high demand in the job market.

Certifications also exist for those who need to demonstrate their router and switch proficiency. Cisco is a leader in router and switch hardware and operating systems, and offers a number of industry recognized certifications including the well-received CCNA (Cisco Certified Network Administrator) designation. A CCNA must pass either a two-exam or one-exam certification exam. As you probably guessed, the one-exam option is a bit tougher to pass. Cisco Academies offer four courses designed to prepare students to sit for the exam(s).

The CCNP (Cisco Certified Network Professional) is a CCNA who passes four additional certification exams. These exams are more in-depth than the CCNA exams and relate more to large network administration.

A VPN (virtual private network) allows a host (your computer) to communicate over an untrusted network (the Internet) in a secure environment (the VPN). Consider a tunnel that runs through a mountain. The tunnel is pretty safe, but anyone can use it. However, we want a private road that no one else can use. So, we build another tunnel inside the existing tunnel, taking up one of the lanes on the existing tunnel highway (a tunnel inside of a tunnel). The extra tunnel can be likened to a VPN.

Of course, VPNs are done using math and electricity, not cement and roads. For example, Microsoft provides a free VPN client for all of its Windows operating systems. Your network admin could install it on your computer. Then, that same administrator enables VPN capability on the network she manages so that when you remotely connect to the network, you must use a VPN client to connect to the network.

Cisco, and other vendors, sell VPN clients. Cisco’s is not free. They charge over $5,000 for each VPN client you want to install! Yikes. Many people pay the fee though, because Cisco’s product offers robust security.

You use the VPN client your network admin installed on your system by first clicking its icon to start it. After that, you get on the Internet and connect to your company’s IP address (the IP address you have to use to connect to the network). Next, log in to the network while you are safely tucked inside your VPN connection. No one on the Internet can touch your traffic when you’re working inside a VPN. A hacker might see your traffic, but it can’t be understood.

Try it yourself. Create a new network connection on your computer. Click Network Connections in the Control Panel. On the left side of the screen, click Create a New Connection. Pay attention to the windows and select the options to create a new VPN. Just make up a username, IP address, and server name so that you can step through the process. This sets up the client on your computer.

No matter what type of Internet connection we have at home, it seems that we never have enough! For those of you playing games online, faster is always better. When we have a good connection to the Internet, such as DSL or Cable Modem, we consider this to be good bandwidth. This raises the question as to what Bandwidth is.

Before we define this, let’s set a small scenario. Assume that you have a DSL connection at your home and that you are using Qwest as your Internet Service Provider (or ISP). With this in mind, bandwidth can be defined as the amount of data that can be transmitted from your DSL modem to some router at Qwest in a measured amount of time. Let’s select one second as the time measurement since this is quite common. Let’s also define what data is. When we open our browser and type in the Internet address (strangely known as an URL or Uniform Resource Locator) to Yahoo in the browser’s address line, we are sending data to Yahoo’s server. Data is broken down into little pieces – or bits – of electricity. One piece of data might be broken down into millions of bits. You can also think of a bit as being a very small unit of electricity.

In this case, if we measured the number of bits sent by you and received by Qwest in one second, it would probably be somewhere around 384,000 bits per second. We can shorten this to 384 thousand (kilo) bits per second or 384 Kbps.

Let’s change this up for a moment and say that we have an outstanding DSL connection and that we have something like 24 phone lines grouped together (this actually happens). In this case, we would probably have bandwidth of 1,544,000 bits per second. We can shorten this to read 1.544 million (mega) bits per second or 1.544 Mbps. By the way, when the phone company groups 24 phone lines together, this is known as a T1. Businesses pay a few hundred dollars a month for this amount of bandwidth. It’s about 4 times faster than DSL!

So, now you know what 56 Kbps means. This is the fastest theoretical speed we can get when we use a dialup modem to connect to our ISP. Pretty slow, wouldn’t you say?

When you connect to a modem (which is usually installed inside your computer), you use a phone line because phone lines are used for the entire connection from your computer all the way to your ISP. If you use DSL or cable modem, you use a network cable to connect your computer to the DSL or cable modem (this is the equipment that is provided for you by your ISP). A network cable plugs itself into a network adapter (which is also usually installed inside your computer). A network adapter is also known as a network interface card or NIC.

A network cable is different than a phone line cable. The network cable has eight wires inside whereas a phone cable usually has four wires. We’ll talk more about those wires in another post. At the end of your phone cable you should see a clear, plastic jack. This jack has an official name – RJ11 – which means registered jack, #11. Your network cable jack also has a name – RJ45. The RJ45 jack is larger than the small RJ11 phone jack.

Wireless and wired networking works similarly from our viewpoint. Each provides connectivity and bandwidth so that we can all get on the Internet. The equipment differs, but the goal is the same.

Broadband technology is everywhere (for example DSL). The difference between broadband and baseband is that the former splits a set of copper wires into a number of channels and allows a conversation, simultaneously, on each channel. Think of channels logically – not physically – to figure it out. Take your four copper phone wires and then, in your mind, expand those into 10,000 copper wires. This, of course, is not an exact number, but you get the idea. So, you and a number of other people can share one set of copper wires and use the Internet at the same time.

Baseband works differently. It uses the same set of copper wires but doesn’t split signals into channels. As before, let’s think logically, not about physical copper wires. Let’s say that your wire is 100 feet long. Broadband technology splits the signal into segments of that wire (pick an arbitrary number of feet, say one inch long). Each signal gets one of those segments at a time.

Every network NIC (network interface card) has its own unique alphanumeric code assigned to it. The code is in hexadecimal, which uses numbers (0-9) and characters (A-F) together to make up numbers. This code is known as a MAC (machine address code) address. You can see your MAC address by opening a DOS prompt and typing in the command ipconfig /all.

Open a DOS prompt by clicking Start / Run. In the Open text box, type command and press Enter.

In the output now on your screen, look for the line that reads Physical Address. The characters that follow are your NIC’s MAC address. They should be 12 characters long (6 sets of 2 characters, each set of 2 characters separated by a dash). The MAC address is important and you will use it in your Cisco studies (especially in Cisco 3).

While you’re there, also find your IP (Internet Protocol) address. You will use this command often – in school and in the real world. Notice too that this command shows you the door your PC uses to get out of your building to the Internet. This door is called the Default Gateway and is the IP address of the router at the end of your network and at the beginning of your ISP’s (Internet Service Provider’s) network.

By the way, this router is also probably the device that provides your NIC with its IP address (that’s right, your NIC, not your PC!). When your router provides you an IP address, it is using a special protocol to do so. The protocol name is DHCP (Dynamic Host Configuration Protocol). When your PC boots up, it sends a request to the network on a special IP address that only DHCP devices (also known as servers) listen on. This IP address is 255.255.255.255 and is known as a broadcast address. You’ll set up routers to do this in Cisco 4, if you are a Cisco Academy student.

A T1 is a group of 24 physical copper phone lines that have been programmed to work together as one logical unit. Together, they provide a bandwidth of 1.544 Mbps (megabits per second). Consider how much faster this is than dial-up, with a 56 Kbps (kilobits per second) connection! Mega means millions, while kilo means thousands in this example. So, 1 Mbps = 1,000,000 bits per second. Network speed is always measured in bits.

Disk storage is generally measured in bytes. The word “bit” always has a small “b” whereas the word “byte” always has a capital “B” when used. Therefore, 100 Mb is quite smaller than 100 MB. Again, remember that when these are used, one generally measures speed (bits) and the other generally measures storage (Bytes).

A T3 is 672 phone lines logically grouped together (you can also express this as being equivalent to 28 T1 lines). Large companies that require a large Internet bandwidth use T3s whereas many small businesses use T1s – or a number of T1s. As you probably imagined, these are very expensive!

Broadband technology is everywhere (for example DSL). The difference between broadband and baseband is that the former splits a set of copper wires into a number of channels and allows a conversation, simultaneously, on each channel. Think of channels logically – not physically – to figure it out. Take your four copper phone wires and then, in your mind, expand those into 10,000 copper wires. This, of course, is not an exact number, but you get the idea. So, you and a number of other people can share one set of copper wires and use the Internet at the same time.

Baseband works differently. It uses the same set of copper wires but doesn’t split signals into channels. As before, let’s think logically, not about physical copper wires. Let’s say that your wire is 100 feet long. Broadband technology splits the signal into segments of that wire (pick an arbitrary number of feet, say one inch long). Each signal gets one of those segments at a time.

Every network NIC (network interface card) has its own unique alphanumeric code assigned to it. The code is in hexadecimal, which uses numbers (0-9) and characters (A-F) together to make up numbers. This code is known as a MAC (machine address code) address. You can see your MAC address by opening a DOS prompt and typing in the command “ipconfig /all” (without the quote marks).

Open a DOS prompt by clicking Start / Run. In the Open text box, type “command” (without the quotes) and press Enter.

In the output now on your screen, look for the line that reads Physical Address. The characters that follow are your NIC’s MAC address. They should be 12 characters long (6 sets of 2 characters, each set of 2 characters separated by a dash). The MAC address is important and you will use it in your Cisco studies (especially in Cisco 3).

While you’re there, also find your IP (Internet Protocol) address. You will use this command often – in school and in the real world. Notice too that this command shows you the door your PC uses to get out of your building to the Internet. This door is called the Default Gateway and is the IP address of the router at the end of your network and at the beginning of your ISP’s (Internet Service Provider) network.

By the way, this router is also probably the device that provides your NIC with its IP address (that’s right, your NIC, not your PC!). When your router provides you an IP address, it is using a special protocol to do so. The protocol name is DHCP (Dynamic Host Configuration Protocol). When your PC boots up, it sends a request to the network on a special IP address that only DHCP devices (also known as servers) listen on. This IP address is 255.255.255.255 and is known as a broadcast address. You’ll set up routers to do this in Cisco 4, if you are a Cisco Academy student.

A T1 is a group of 24 physical copper phone lines that have been programmed to work together as one logical unit. Together, they provide a bandwidth of 1.544 Mbps (megabits per second). Consider how much faster this is than a 56 Kbps (kilobits per second) connection! Mega means millions, while kilo means thousands in this example. So, 1 Mbps = 1,000,000 bits per second. Network speed is always measured in bits.

Disk storage is generally measured in bytes. The word “bit” always has a small “b” whereas the word “byte” always has a capital “B” when it is used. Therefore, 100 Mb is quite smaller than 100 MB. Again, remember that when these are used, one measures speed and the other measures storage.

A T3 is 672 phone lines logically grouped together (you can also express this as being equivalent to 28 T1 lines). Large companies that require a large Internet bandwidth use T3s whereas many small businesses use T1s – or a number of T1s. These are expensive!

You will recall that earlier, we discussed IP addressing and how these are used in networking with port numbers (similar to a phone number with a phone extension) in order to create what is known as a socket. Please review that material if you’ve forgotten how to apply this analogy!

Let’s go back to a happy time in your networking education – back to the OSI model. Layer 4 – the Transport layer – sets up communication between the Application Layer (layer 7) and the lower layers of the OSI model. It is at this layer that TCP and UDP operate and split into their respective roles. Click here if you need a refresher on this topic!

You should recall that TCP (transmission control protocol) is a suite of connection-oriented protocols. UDP (universal datagram protocol) is a suite of connectionless protocols. The differences between these two center on how each deals with errors in network communication. Connectionless protocols do not check for or recover from errors whereas connection-oriented protocols check for errors and can recover from them.

A great way to remember this is: TCP is Trustworthy and UDP is Unreliable.

When we say that TCP is a suite of protocols, we mean that there are many protocols under the TCP umbrella. For example, HTTP is within this suite and is connection-oriented. The same is true for FTP, POP3, DNS, SMTP, and many others. UDP also has a number of associated protocols such as SNMP, TFTP, NFS, and others.

FTP (file transfer protocol) and Telnet are two DOS-based programs that allow us to connect to other computers (generally servers) for a variety of reasons. With FTP, we connect to servers so that we can quickly download files. On the other hand, Telnet was designed to allow us to connect to another computer in order to run commands as if we were sitting right in front of the remote computer! Both of these tools have been around for a long time, nearly 40 years!

Why use FTP when we can just click a link from a web page to download a file? The answer lies in the rules that were put into place when FTP was created. You’ll recall that a protocol is simply a set of rules (similar to rules – or protocols – used by ambassadors when they engage to resolve issues) that govern communication and events. FTP doesn’t have much ‘overhead’ built into it, so, for example, when we use it to download a file, the transaction completes fast. This is similar to the difference between a runner in a race, who is carrying nothing and wearing light clothing and another runner who is carrying items in each hand, with a backpack strapped to her back.

FTP communicates on two ports (20 and 21). Port 20 is used only for sending or receiving data whereas port 21 is utilized to control the communication. When you open FTP, log in, or change directories while logged in, you are using port 21. Therefore, when you issue a get command, the command is acknowledged by port 21 and the file you asked for is sent to you by port 20. It’s important to note that FTP sends your password in clear text (it’s not encrypted), so be aware that if a hacker or spy is monitoring (sniffing) your communication, they will be able to steal your login name, password, and files uploaded or downloaded.

If you’re worried about security, you might want to consider using SFTP (secure FTP). Using this protocol, all communication is encrypted and is much more secure than FTP. On the other hand, if you don’t care about security and want even faster communication, you might try TFTP (trivial FTP). TFTP, which uses port 69, has even less overhead than FTP because it is a connectionless protocol, unlike FTP which is connection-oriented. The big deal here is that under TFTP there is no attempt made by the protocol to prove that the file transfer occurred without errors. If errors occur, they are ignored! You will use TFTP to connect to Cisco routers when you transfer text files between your PC and router.

Keep in mind that TFTP isn’t used on the Internet and was exploited by the MSBlaster worm a while ago. Lacking error checking and recovery, TFTP doesn’t do well with large file transfers.

If you would like to review tutorials on FTP, simply Google the term “ftp tutorial” and you will find a number of good examples. Here’s a link that I found useful. Use this tutorial to manually perform the synopsis of FTP that follows.

You start a FTP session by choosing Start/Run. Type command and press ENTER to begin DOS mode. In the DOS window, enter the text FTP ip_address to start your FTP client and request a connection to the FTP server. You should be asked for your logon credentials and after that, you are connected to the server. Make sure that you practice using the FTP client because you will use it in the real world of networking.

When you’re logged into your FTP session, pay attention to the “response codes” that appear on the screen after you enter a command. As an example, before you enter your password, you should see the code “220” on the previous line. This response code indicates that the FTP server stands ready to service the user (in other words, to accept your login name after you enter it). If you see another code, don’t enter your login name since a server is not there to receive it!

Telnet, on the other hand, uses only one port (23) for its communication. As with TFTP, you’ll find this tool useful when connecting from one router to another. Making a connection with Telnet, which operates at Layer 7, proves that all seven layers of the OSI model are functioning properly. If you can’t connect, then you know that functionality at one or more of the layers is not working. At this point, you can put your troubleshooting skill to work and determine just where the problem is! For example, if you can’t ping your own NIC, then the problem probably can be found at Layer 1 – the Physical Layer. Look at your cable and/or NIC for the solution.

The concept of having a backup just in case your hard drive fails is not a new one. About 40 years ago, an engineer devised the RAID (Redundant Array of Independent Disks) concept and this has been the core of recovering from a failure ever since. The idea is that if your server’s hard drive goes down, your server should not go down with it. This is done by having redundancy.

Redundancy means to have more than one (hard drive, in this case) piece of hardware. Redundancy makes it possible for us to have fault tolerance. Fault tolerance (in our world) means that we can tolerate losing a piece of hardware (in this case, a hard drive) and continue to function.

So, let’s say that we have a server with two hard drives installed. If we set up RAID-0, we do NOT have redundancy. This is because the operating system writes whatever it is saving to both hard drives at the same time. So, you’d have pieces of one file stored in two places. Unfortunately, this means that if one of the places (hard drive) goes down, we lose that data and we probably lose the ability to get that file back. Therefore, RAID-0 is not really RAID (now, if that isn’t goofy all by itself, I don’t know what is).

RAID-0 works by using a math concept known as striping. Look at your book, page 229 for the picture and explanation.

But, what if we had set up RAID-1, assuming the same scenario as above? In this case, our file would be saved only to one of the hard drives. Then, after that was done, the second hard drive would get a copy of that file. Under RAID-1, hard drive 2 is an exact copy of hard drive 1. Therefore, if hard drive 1 fails, the operating system automatically moves over to use hard drive 2 (but if hard drive 2 fails before we replace hard drive 1 we will be in big trouble since we don’t have fault tolerance until we do that).

RAID-5 is the best of both RAID-0 and RAID-1. We need at least 3 disks to do RAID-5 and here, if one of our hard drives fails, the remaining drives know just enough about the data on the failed disk that they are able to work together to reconstruct the data on the failed disk and keep going as if nothing had happened! Look at page 231 for the picture and explanation of this. It is really cool. Of course, we would need to replace the failed disk immediately otherwise we are great risk of server failure (we lose fault tolerance when we lose one of our disks).

Under RAID-0 and RAID-5, the disks are organized by the operating system into what is called an “array.” This means that while they are physically separate units, they are viewed as one logical unit by the operating system and they are managed in a special way, allowing them to be fault tolerant. If more than one disk fails remember ~ we lose fault tolerance.

The public key / private key concept is tough. However, let’s look at an example to see if we can make sense of it. Let’s say that email between you and me must be private and secure. We might go online, download and install PGP (which is a free email program that accomplishes our ‘must haves’). Then, using PGP, we each give the other a public key. The program has an easy way to do this, but at this point, we don’t care how this is done. We only care about understanding the concept. So, your public key would be stored on my computer and my public key would be stored on yours. We never share with anyone our private key as this is the item that keeps everything secret!

Now, I send you an email via PGP. Well, PGP on my system finds your public key and encrypts my email message to you. The only way possible to decrypt that message is through the use of YOUR private key. No other private key can do this (the math odds are like 1:5 trillion, which is almost impossible without luck).

Let’s say that someone else wants to read our message and tries to intercept the message I sent to you. As you probably guessed, they can’t do it because you can only decrypt a message using your private key. Even if they have one of your public keys, they can’t do it because again, only your private key can decrypt a message encrypted with the public key you gave to me.

Plus, my public key has a code associated with it. Only your private key knows this code (no matter how many public keys you generate, only your private key can identify each one of them). This means that each public key + private key combination is unique in this universe. Ah, the power of math (the math for all of this is way beyond me!). By the way, I’ve left out a lot of details and simplified things here.

As a matter of fact, all computer security is done via math (encryption). Think of encryption as you did when you were a child speaking in ‘Pig Latin.’ Remember? We all thought that no one could understand us except the other kids who understood our code. Computer encryption is much tougher than that, but now, I hope you get the concept!