Geek Certs Blog

When routers communicate with each other they use their own language, as you would assume. You no doubt are aware that a router’s main function is to receive a packet and then figure out the best path, based on what the router knows, to get the packet to its destination.

The packet received by the router - for example an IP (Internet Protocol) packet - is a <u>routed</u> protocol. The router takes the routed protocol and encapsulates it (entirely) inside its own protocol data unit (PDU). When the router performs this process, the newly-created PDU is sent to the next router.

Before the router sends the PDU to the next router, it needs to determine to which next router the PDU should be sent. Routers learn about best paths by communicating with other routers and use routing protocols like RIP (Routing Internet Protocol), OSPF (Open Shortest Path First), and EIGRP (Cisco routers only: Enhanced Internet Gateway Routing Protocol) to accomplish this goal.

RIP and EIGRP are classified as distance vector (DV) routing protocols, whereas OSPF is classified as a link state (LS) routing protocol. DV routing protocols keep track of distances and directions (or vectors) using a simple metric called hop count. Each router through which a packet must pass is equal to one hop. It’s that easy. One catch is that a DV routing protocol such as RIP will only route a PDU 16 times. Any hop count beyond that is considered unreachable. Therefore RIP seemingly does the impossible by defining infinity.

DV routing protocols talk to each other using the logic, or algorithm, of their underlying logic, and this talk results in the shortest distance to a destination. Of course, a router should have a path to every destination (unless you specifically do not want that). RIP’s algorithm is known as the <i>Bellman-Ford</i> algorithm, named after the men who developed it. Routers record what they learn about routes in what is called a topology table but the actual routes a router will use is recorded in a routing table. In other words, the topology table might contain more than one path to one destination, but the routing table will only record the one path that has the lowest metric (which makes this route the best path to a given destination).

LS routing protocols such as OSPF utilize the more complex <i>Dijkstra</i> algorithm, again, named after the person who created it. LS routing protocols create a composite metric by learning about the bandwidth and speed of the media through which the PDU will pass. We will discuss LS routing protocols in a later discussion.

Finally,  EIGRP, which, again, is a Cisco proprietary routing protocol, is referred to by Cisco as a hybrid routing protocol. A hybrid routing protocol (according to Cisco) takes the best features from the DV and LS routing protocols and uses them all. As with LS routing protocols. we will reserve our comments about EIGRP to a later discussion, when we can cover it fully.

If you noticed that I didn’t even mention IGRP, then you are ahead of the pack! Since IGRP and RIP (version 1) are no longer supported, I’m not going to discuss them in much detail. However, many features of RIP are common to IGRP with the exception of using only hop count to calculate its metric.

When a router boots up, like any other computer (or sentient being for my Star Trek fans), it first does an internal awareness check known as POST (power-on, self test). Once the router knows its internals are functioning as expected, the router next loads its operating system (OS). Cisco named its router (and switch) OS the Internetwork Operating System or IOS. Once the router loads its IOS, it next looks to see if it possesses a specific configuration file.

When a Windows computer reaches this stage of its boot process, it applies a specific configuration from its database known as the registry. The registry is stored on a computer’s hard drive, which means that it can be changed - such as when a user changes her desktop background - and then saved so that the next time the user logs in the new desktop color is applied. A router does not have an internal hard drive, however, it does have memory that is very similar to another type of memory found in computers - EPROM (erasible programmable read-only memory). Cisco refers to this memory as NVRAM (non-volatile random-access memory). Think of NVRAM as RAM that does <u>not</u> lose its contents when the router loses power. The configuration file stored in NVRAM contains router-specific information such as the router’s name, its IP addresses, security settings, and more.

Once the router applies its startup configuration file settings, it is now, finally, ready to talk to its neighbors. On Cisco routers, a router talks to its directly-connected neighbors using another special language via CDP (Cisco Discovery Protocol). Note that whenever you encounter a protocol with a vendor’s name in it, this protocol will only be installed and available if your equipment was manufactured by that vendor. In other words, a Juniper router will not run CDP and it won’t be able to use EIGRP. 

When Cisco routers communicate using CDP, they only tell each other about the network that directly connects them to each other. So, if Router1 is connected to another network, which is usually the case, Router2 will not learn of that network’s existance, meaning that if Router2 receives a packet addressed to the other network, Router2 just might drop the packet (not route it). Of course, the the Router2 human administrator can program a (static) route to the other network, but this is a lot of work and outside of a small network, this would not work!

After reading the above, you no doubt are thinking that if the router could communicate directly with other routers, without much human intervention, this process would work in small and large networks. If you are thinking along those lines, then you understand why RIP, EIGRP, OSPF, and other routing protocols were created. When a router is provided with a basic routing protocol configuration, the router is able to dynamically talk to other routers, learn about routes, send requests for information and answer such requests, all without human intervention. When routers operate in this fashion, the network is said to be <i>scalable</i>, meaning that regardless of the network’s size, the process still functions with little or no human intervention required.

So, after a Cisco router learns all it can via CDP, it needs a dynamic routing protocol, such as RIP, to learn about paths to networks beyond its directly-connected neighbors. The router’s next step, after completing the CDP process, is to send its entire routing table to each of its directly-connected neighbors. Once the neighbors receive this routing table, they recalculate their routing table using RIP’s algorithm and then send out their entire routing table to each of their directly-connected neighbors. This process continues until all of the routers in the network have no new routes to learn. In other words, when a router receives its neighbors routing table and learns nothing new, the process is complete. At this stage, the routers have reached agreement on how to reach known destinations. This stage of agreement is known as <i>convergence</i>.

In our next discussion, we will address timers, triggered updates, routing loops, split horizon, and route poisoning. Stay tuned for next week’s continuation!

Most of us are already are familiar with routers due to DSL, cable, wireless, and satellite Internet services. What’s probably missing is the meaty part of what routers do and how they function.

The basic purpose of a router is to find the best path to a destination. For example, your switch sends a frame to a router via its Ethernet interface. When the router receives the frame, it captures the frame’s destination IP (Internet Protocol) address. Next, the router checks its routing table to determine whether it knows how to get to that destination.

First, the router checks for what is known as a static route. If there is no static route to the destination, next, the router looks for a route discovered via a routing protocol (such as CDP, RIP, EIGRP, or OSPF). If no discovered route exists, the router looks for a default route. Finally, the router routes the (newly created) packet if one of these routes exists (in the order presented). A key point to keep in mind is that if the router cannot find a route to the destination IP address, it will simply drop (or destroy) the frame.

To view the routing table of a Cisco router, type the commands listed below:

show ip route

at the CLI (command line interface) when you’re logged into user mode (immediately after you type “enable”). Before you configure a static route, you should first configure the router’s interfaces.  To configure a router’s serial 0/0 interface with an IP address of 192.168.10.2 /24 and then verify the configuration, type the following commands:

enable

configure terminal

interface serial0/0

ip address 192.168.10.1 255.255.255.0

no shutdown

exit

exit

show ip interface serial0/0

Notice that in the configuration above, I did not specify a data speed rate for this interface, which is what you’d generally expect. If you guessed that I’m referring to the DCE (data circuit-terminating equipment) or DTE (data terminating equipment) status of a router, you’re right! Typically, your router will act as the DTE since the DCE role is usually played by your ISP’s router. If you have a difficult time remembering this, just commit to memory that the “C” in DCE refers to the clock (or timing) and that your ISP will set the clock rate for communication it controls.

At this point, you’re probably wondering just what a static route is. A static route is best used when you want to ‘rig’ how a packet is routed. For example, if your router possesses a discovered (or dynamic) route to a destination IP address, but you always want the router to use another route, you should configure the router with a static route.

You can use static routes for stub routers too. A stub router is a one that is connected to one and only one router. In other words, the stub router only has one path through which to route packets. When this is the case, configuring a routing protocol such as EIGRP is not useful. It’s easier and more efficient to use a static route.

You enter static routes when in global configuration mode (after you’ve typed in “configure terminal” at the CLI). The highly abbreviated command syntax for a static route is:

ip route major_network_address subnet_mask exit_interface

Now, let’s break this down into pieces:

1. “ip route” is the command used to initiate a static route command.

2. “major_network_address” represents the destination subnet for which you are configuring the static route. For example, if you want the static route to apply to all destination hosts in the 192.168.10.0 /24 subnet, then you would list that address in the command.

3. “subnet_mask” is the subnet that this command applies to. So, using the example in #2 above, you should type out the /24 as 255.255.255.0.

4. “exit_interface” is the interface name on your router through which the packet should exit. If you want the packet to exit via serial 0/0, then you would list that here.

The complete command, using the information froma above, would look like:

ip route 192.168.10.0 255.255.255.0 serial0/0

Cisco’s training material tells you that rather than listing your exit interface name, you can also list the IP address of the router on the other end of your router’s interface. However, I don’t recommend this because this slightly decreases your router’s speed.

When I outlined the router’s routing logic, I listed CDP as one of the router’s routing protocols, which is mostly true! CDP helps routers learn about routes, but not very many.

The Cisco Discovery Protocol runs only on Cisco routers and adds to the routing table information about interfaces (and their networks) that are directly-connected to the router. I can’t stress enough that if your router is running CDP and no other routing protocol, your router will only know about directly-connected routes (not routes directly-connected to other routers). One good thing about CDP is that it can learn about switches (Layer 2) and routers (Layer 3). Finally CDP is enabled by default on all Cisco routers. If all of your routers are not made by Cisco, you can turn it off for the router or per interface.

I also mentioned default routes. A default route is known as the router’s gateway of last resort because if no other route exists to a destination, the router will use a default route rather than drop a packet. Most routers should have a default route configured.

A default route is configured similarly to a static route except that the major_network_address and subnet_mask entries consist of all zeroes. If you want packets routed out of your serial 1/0 interface instead of dropping them, then in global configuration mode, type the following at the CLI:

ip route 0.0.0.0 0.0.0.0 serial1/0

Many writers refer to this as the ‘quad-zero’ command. The zeros are what make the route a default route.

Lastly, it’s important to point out that routers make routing decisions based on what they know - not on what other routers know. In other words, if a route is in your routing table, but not in mine, that does not help me at all. In addition, just because a router1 knows how to get to router2, this does not mean that router2 knows how to get to router1.

This means that once you configure your router, you should use the ping command to prove that you can get from router1 to router2 (and vice-versa if you need that type of connectivity).

We’ve covered a lot of material in this lesson. If you have any questions, please feel free to write for clarification.

Authenticating users is an important operating system function.

When you login to your computer, which begins when you press CTRL+ALT+DEL on the local keyboard, the Winlogon process (winlogon.exe) begins, and the Microsoft Graphical Identification and Authentication (MSGINA) DLL picks up the username and password to compare it against what is stored in the local accounts database (MSGINA picks this up and passes it back to Winlogon, who actually performs the work). This database is part of the registry. If your username/password combination is there, you log in. If not, you get a message asking you to try again.

Part of the logon process is to next find all of your individual settings stored on the computer and load all of this into RAM. These settings include your desktop colors, shortcuts, programs installed, and user rights associated with your logon profile.

The logon process assigns your user account a type of ‘license’ that stays with you throughout your logon session. This license is called a security identification (SID). Every object on your computer has its own SID. A SID is an alphanumeric string of variable length. It might look something like S-1-2-3 or it might be quite a bit longer.

For example, if you try to use the network to print in the college library, your SID is checked against the printer’s list of who can print. This list is an Access Control List, or ACL. If your user account is in the list, which is an Access Control Entry, or ACE, you get to print!

Further, your SID is checked every time you open a file/folder or use any hardware on your own computer. Each one of these objects has its own ACL and quickly determines whether or not you get to open/use the object. The ACL keeps track of the permissions associated with your SID.

Notice the use of two distinct terms in this discussion: user rights and permissions. MCSA candidates need to differentiate between these and understand that permissions apply to objects (examples are files, folders, printers, network shares, the registry, services, and group policy objects) a user (or other object) attempts to view, modify, or create. A Windows Object Manager manages this.

User rights are used to give permissions to user accounts. Yes, user accounts are a type of object, just like files and folders! However, user account objects are quite different from the other objects I’ve mentioned. An analogy might be that user accounts navigate to, open, and modify files but files do not navigate to, open, or modify user accounts.

Finally it is strongly recommended that you apply user rights to groups and not individual user accounts. Groups are special objects into which user accounts may be placed. We will discuss groups in a later discussion.

Linux is not often seen on the desktop. Indeed, out of 100 desktop (or laptop) computers, you would probably find 5 - Linix, 3 - Macintosh, 90 - Windows, and 2 - other operating systems. Most desktop computers run Windows! Keep in mind though that as you move to the world of servers, especially Web servers, this is not true.

However, this will probably change over the next five years since Dell and Novell partnered up last year to offer Linux on desktops. Dell, as you know, sells computers. Novell sells its NetWare server operating system, but is in the midst of killing it. Novell also sells a network email system named GroupWise. I haven’t heard that GroupWise is going away.

Novell and Dell’s partnership has to do with Novell providing a desktop operating system for Dell computers. The desktop operating system will be Linux SuSe. This will decrease the price of a new computer since Linux is less costly than Windows. Plus, Sun Software gives away a product, Star Office, that is similar to Microsoft Office.

With the above in mind, it’s probably a good idea for you to install Linux and play with it. You can download Open SuSe 10.3 for free, but it’s approximately 4 GB in size. You can purchase a copy too if the download is too large.

I recommend doing this in conjunction with Virtual PC 2007, which you can download free from Microsoft. VPC is a program that you install on your computer. To use VPC, you need to create a virtual machine and a virtual hard drive. Then, install your operating system on your virtual hard drive.

The virtual hard drive is just a file that is stored on your computer (like any other file). This file represents a hard drive that is associated with a virtual machine.

After you create a virtual machine and hard drive, you can install an operating system inside of it. Think of what this means! Instead of reformatting your hard drive, all you need to do is create a new virtual hard drive. You install your new operating system on the virtual hard drive. The new operating system’s settings are stored in the virtual machine.

For example, after installing VPC, open it. Then, click New. The New Virtual Machine Wizard starts. Let’s say that we’re going to install Linux in this VM. Click Next to continue. Make sure that the option to Create a virtual machine is selected and click Next.

In the Name and location text box, type RedHat and click Next. In the Operating system list, Other should be selected. Click the arrow to examine the operating systems you can install within VPC. Linux is not listed (imagine that), and this is why we must select Other. Click Next to continue.

Click Adjusting the RAM, set the RAM to 64 MB, and click Next. This is the amount of your computer’s RAM that will be allocated to your virtual machine.

Click A new virtual hard disk (VHD) and click Next. Set your Virtual hard disk size to 2048 MB (which is 2 GB). This will be the size of your virtual hard drive. Notice that your VPC files are stored by default in My Documents. Name your VHD Linux. Click Next. Then, click Finish.

You just created a virtual machine and a virtual hard drive. In the Virtual PC Console, click Linux and then click Start. Your virtual computer ‘boots’ itself. However, it doesn’t get very far because no operating is installed on the hard drive.

You can install an operating system from a CD or ISO image. On the VPC menu, click CD and then select Use physical drive X: from the list, where X: is the drive letter for your CD. Insert a CD with a Linux operating system on it.

Click anywhere on the black screen of your virtual hard drive. Then, press ENTER. The installation process should begin. Follow the steps from the SuSe Web site to install Linux on your VHD.

Next, follow the steps to log into your new Linux install. If you encounter any problems, Google them! Enjoy this experience because you are pioneering the probable future of the desktop operating system environment.

Most of you are probably quite familiar with a home network where you have one or more computers connected to a DSL or Cable Modem router which is in turn connected to the Internet. If we view your router as another computer (which it is), then you have a local area network, or LAN, and you are its network administrator! As we move through this discussion, remember that we are covering only the basics. Networking is a very complex topic and it takes years of experience and training to develop a complete understanding of how things actually work.

Your computer probably has a network interface card (NIC) with a cable connected to it, a wireless adapter with no cable required, or a modem that has a phone line connected to it. You might even have all three of them in one computer and use whichever one fits your current need. For example, you might use your modem for a dialup connection when at home but use a NIC wired connection at your place of work.

Computers are able to talk to each other through the use of protocols. Think of a protocol as the way ambassadors from different countries communicate with each other: lots of rules and etiquette. Internet protocols work the same way in that there are a lot of rules that tell computers how to speak to one another, how to understand what the other computer said, and when to say good-bye (and how). Sometimes, computers can talk to each other using names, other times they can talk using numbers, called Internet Protocol addresses, or IP addresses. Your IP address is made up of two parts, the IP address and subnet mask. These two numbers combine together so that your computer can be uniquely identified on your network.

Your computer has its own name. All computers do! You can discover your computer’s name by clicking Start, and then click Run. Type command on the Open line and at the DOS prompt, type hostname. The text that appears is your computer’s name! As you probably guessed, many computers can have the same name. So, sometimes, network communication using names just will not work! The larger the network, the more likely that using names will create communication traffic jams! Think of how horrible this would be on the Internet.

To fix this, we give computers names and IP addresses. For example, your Internet service provider’s (ISPs) router, located in your home and connected to your computer (by a wire or wireless), gives your computer an IP address every time you turn it on. This is done via a special protocol (dynamic host configuration protocol, or DHCP). The IP address given to each computer in a network is not given to any other computer. The Internet works in the same way. However, this gets much more complex and is beyond the scope of our discussion.

A router is a special type of computer that is always working to figure out the best path to move data from where it is to its destination. The Internet is made up of many routers that work in conjunction to get this done. Your DSL or Cable Modem equipment is a router. Routers can also act as DHCP servers.

A switch, on the other hand, doesn’t route very well. A switch doesn’t use a computer’s name or IP address. It likes to use your network adapter’s machine address code, or MAC address. Every NIC has its own MAC address burned into it. You can see your NIC’s MAC address by typing in ipconfig /all at the DOS prompt. The MAC address should be the first item on the list that appears, under Physical address. The address will be made up of numbers and letters (0-9 and A-F), known as the hexadecimal number system. A switch keeps something like a spreadsheet (for Cisco, this would be content addressable memory) showing your MAC address and which port your cable is plugged into. Wireless works similarly!

Some LANs do not have a master computer, or server, dictating which users and computers can use resources managed by the server. These networks are named peer-to-peer networks because each peer (computer) is equal to the others. There is no server (a computer with a network operating system installed, such as Windows Server 2003), meaning that each computer has to create rules for who can use its printers and/or shared folders.

A server has the ability to manage all of the computers in its neighborhood, also known as a domain. Think of a domain as a gated community, where a gatekeeper determines who can enter and use the club house, pool, and other amenities. If a computer or user is not registered within the domain, that computer/user cannot use the domain’s resources (such as a printer).

Let’s say that you work at a local bank that has offices throughout the state. Each branch office would be considered a LAN. However, what if we want computers in each office to speak to one another? All we need to do is join the LANs together and create a WAN (wide area network). This is easy to say and difficult to implement! Just remember that to do this, we need routers and ISPs (like Qwest).

When each office connects to the other, the connection might be made using a backbone. A backbone is made up of routers, switches, fast cabling (usually fiber optic cable), and traffic that goes from LAN to LAN (not traffic that would stay inside any LAN).

A network administrator is responsible for ensuring that the computers can all talk on the LAN and/or WAN. This is a heavy responsibility and requires extensive knowledge in how computers, routers, switches, and networks function. Network administrators can prove their skill by passing industry recognized certification exams. For example, after passing four exams, a person could pick up the MCSA (Microsoft Certified Systems Administrator) designation. An MCSA takes care of the day-to-day networking operations. The four certifications exams are: 1) Windows XP or Vista; 2) Server 2003 basics; 3) Server 2003 advanced topics; and 4) Network security (or another approved course).

The MCSE (Microsoft Certified Systems Engineer) is made up of seven certification exams (generally, the MCSA exams plus three more). The three extras include network security and how to manage a domain by using group policies to enforce domain rules. People with either certification are in high demand in the job market.

Certifications also exist for those who need to demonstrate their router and switch proficiency. Cisco is a leader in router and switch hardware and operating systems, and offers a number of industry recognized certifications including the well-received CCNA (Cisco Certified Network Administrator) designation. A CCNA must pass either a two-exam or one-exam certification exam. As you probably guessed, the one-exam option is a bit tougher to pass. Cisco Academies offer four courses designed to prepare students to sit for the exam(s).

The CCNP (Cisco Certified Network Professional) is a CCNA who passes four additional certification exams. These exams are more in-depth than the CCNA exams and relate more to large network administration.