Call Now!

Study Material

  • Application Layer: Interacts with software applications that implement communication. Provides user interface for remote file, printer, email, and database access. Examples: TCP/IP, Telnet, SMTP, FTP.
  • Presentation Layer: Converts data into a format the application layer can accept. Handles data representation and protocol conversion. Examples: JPEG, AUI.
  • Session Layer: Manages sessions between computers, provides full/half/simplex communication and graceful close. Examples: RPC.
  • Transport Layer: Ensures reliable transfer of data via flow control, segmentation, and error correction. Examples: TCP, UDP.
  • Network Layer: Handles logical addressing and routing, fragmentation, and error reporting. Example device: Router.
  • Data Link Layer: Transfers data between nodes and corrects physical layer errors. Examples: Ethernet, Switch, HDLC.
  • Physical Layer: Defines physical connections like pins, voltages, and cables. Examples: Hubs, repeaters, network adapters.

  • Application Layer: Combines OSI’s Application, Presentation, and Session layers. Examples: BGP, RIP.
  • Host-to-Host Layer: Corresponds to Transport layer; controls data flow and reliability.
  • Internet Layer: Handles routing and addressing through IP packets.
  • Data Link Layer: Controls access to physical medium and device identification.
  • Physical Layer: Defines communication over the physical medium.

  • Version: 4 bits — 0100 for IPv4, 0110 for IPv6.
  • Header Length: 20–60 octets; packet max 65,535 bytes.
  • Type of Service: Defines priority and handling (precedence + TOS).
  • Total Length: Specifies total packet size.
  • Identifier: Used for fragmentation.
  • Flags: 3 bits — unused, don’t fragment, more fragments.
  • Fragment Offset: 13-bit offset in units of 8 bytes.
  • TTL: Time to live; default 64.
  • Protocol: Indicates transport protocol (e.g., 1=ICMP, 6=TCP, 17=UDP).
  • Header Checksum: Error detection for header.
  • Source & Destination Address: 32-bit IPs.
  • Options: Optional, variable length, used mainly for testing.

  • Source & Destination Ports (16 bits each)
  • Sequence Number (32 bits)
  • Acknowledgment Number (32 bits)
  • Header Length (4 bits)
  • Reserved (4 bits)
  • Flags (8 bits) — URG, ACK, PSH, RST, SYN, FIN
  • Checksum (16 bits)
  • Urgent Pointer (used with URG)
  • Options (variable)

Provides reliable, connection-oriented service. Uses sequence numbers, acknowledgements, and windowing for flow control.

Three-way handshake:

  1. Sender sends SYN
  2. Receiver responds with SYN-ACK
  3. Sender sends ACK

Common TCP ports: FTP (20/21), Telnet (23), SMTP (25), HTTP (80)

Provides connectionless, best-effort delivery. Suitable for small data bursts or latency-sensitive applications.

Common UDP ports: DNS (53), TFTP (69), SNMP (161), RIP (520)

  • Segments: Transport layer; Datagrams: Internet layer.
  • Port Ranges: Well-known (0–1023), Registered (1024–49151), Dynamic (49152–65535).
  • MAC Address: 48-bit unique hardware ID (OUI + device-specific bytes).
  • Collision Domain: Area where data collisions occur; Broadcast Domain: Area where broadcasts are sent.

Administrative Distance:

Connected: 0
Static: 1
EIGRP summary: 5
eBGP: 20
EIGRP internal: 90
IGRP: 100
OSPF: 110
IS-IS: 115
RIP: 120
EIGRP external: 170
BGP internal: 200
Unknown: 255

IOS Modes: Native (IOS only), Hybrid (CatOS + IOS).

CEF (Cisco Express Forwarding): Proprietary scalable switching with central/distributed modes.

Advantages
  • OSPF is a link-state protocol that handles routing for IP traffic.
  • It is an open standard like RIP and uses the Dijkstra algorithm.
  • Administrative Distance (AD) is 110.
  • Provides fast convergence via triggered incremental updates using LSAs (Link State Advertisements).
  • Supports hierarchical design with VLSM and route summarization.
  • Supports authentication for more secure networks.
Disadvantages
  • Requires more memory to hold lists of neighbors and routing tables.
  • Consumes extra CPU resources to run the SPF algorithm.
  • Large networks require careful hierarchical design.
Guidelines

Summarization happens only at area boundaries. OSPF supports AS and areas to control routing information sharing. In hierarchical networks, changes affect only within an area. OSPF has two-layer hierarchy:

  • Backbone Area (Area 0): Transit area.
  • Non-Backbone Area (1–65,535): Regular area.

OSPF uses Cost = 108 / bandwidth as a metric; the lower the cost, the better the path. Supports up to six equal-cost paths. Each router has a unique Router ID (highest loopback IP or active interface IP).

OSPF Adjacency and Hello Process
  • Routers send Hello LSAs every 10 seconds. If no response in 40 seconds, the neighbor is declared dead.
  • To become neighbors, routers must match Area ID, Hello/Dead intervals, password, and Stub flag.
  • Hello packets include Router ID, Area ID, DR/BDR IPs, authentication, and priority.
OSPF States
  1. Down State: No exchange yet.
  2. Init State: Router received Hello from source.
  3. Two-Way State: Both routers exchange Hellos; DR/BDR election begins.
  4. ExStart: DR/BDR form adjacency; highest Router ID becomes master.
  5. Exchange: Master shares LSAs using DBD packets.
  6. Loading: Slave requests missing LSAs; master sends updates (LSU/LSA).
  7. Full State: Database fully synchronized.
OSPF Multicast Addresses
  • DR communication: 224.0.0.6
  • All routers communication: 224.0.0.5
Designated Router (DR) & Backup DR

Used in LANs to reduce flooding. DR maintains the topology database and floods LSAs every 30 minutes. Highest priority or Router ID decides DR; default priority = 1 (0–255 range).

Cost and Process ID

Process ID is locally significant (not related to AS). Cost is inverse of bandwidth: Cost = 10^8 / bandwidth. Can be changed with auto-cost reference-bandwidth.

OSPF Packet Types
  1. Hello – Discover neighbors and maintain adjacencies.
  2. Database Description (DBD) – Share link-state database summary.
  3. Link State Request (LSR) – Request specific LSAs.
  4. Link State Update (LSU) – Send LSAs between neighbors.
  5. Link State Acknowledgment – Ensure reliable LSA delivery.
OSPF LSA Types
  • Type 1: Router LSA
  • Type 2: Network LSA (from DR)
  • Type 3: Network Summary LSA (from ABR)
  • Type 4: ASBR Summary LSA (from ABR)
  • Type 5: AS External LSA (from ASBR)
  • Type 6: Multicast OSPF LSA
  • Type 7: NSSA External LSA
  • Types 9–11: Opaque LSAs
OSPF Network Types
  • Broadcast Multi-access: LANs like Ethernet, DR/BDR elected.
  • Point-to-Point: Two directly connected routers.
  • Point-to-Multipoint: One-to-many setup using one subnet.
  • NBMA: Frame Relay, ATM, etc. Requires manual neighbor configuration.
  • Virtual Links: Logical connection to connect an area to Area 0.
OSPF Area Types
  • Backbone Area (Area 0): Interconnects other areas.
  • Regular Area: Connects users/resources; all external traffic via Area 0.
  • Stub Area: No external routes or ASBRs; uses default route 0.0.0.0.
  • Totally Stubby Area: Cisco proprietary; no external routes; uses default route.
  • NSSA: Allows ASBR within the area; uses Type 7 LSAs.
OSPF Design Guidelines
  • Routers per domain: 20–1000
  • Routers per area: 20–350
  • Areas per domain: 1–60
OSPF Router Types
  • Internal Router: All interfaces in same area.
  • Backbone Router: Internal router in Area 0.
  • ABR: Connects multiple areas; must touch Area 0.
  • ASBR: Redistributes external routes into OSPF domain.
OSPF Route Types
  • Intra-Area
  • Inter-Area
  • Type 1 External (E1): Adds internal + external cost.
  • Type 2 External (E2): Uses only external cost.
OSPF Troubleshooting Commands
  • show ip ospf neighbor – View neighbor, DR/BDR info.
  • show ip route ospf – Display OSPF routes.
  • show ip ospf interface – View Router ID, Area ID, adjacency info.
Troubleshooting Tips
  • Ensure same IP mask, MTU, Hello/Dead intervals, and area type on both routers.
  • Check OSPF authentication and timers.

Guideline: The main goal of BGP (Border Gateway Protocol) is to provide interdomain routing that guarantees loop-free exchange of routing information between autonomous systems. BGP is a Path Vector Protocol, supporting incremental and triggered updates.

It is designed to scale large internetworks (i.e., the Internet) and is a policy-based routing protocol allowing administrators to control traffic flow using multiple attributes.

BGP exchanges network reachability information (path vectors/attributes) including a list of full paths. BGP-4 supports VLSM and CIDR, using TCP as its transport protocol (reliable delivery). Other protocols differ: OSPF/EIGRP/IGRP operate at IP layer, IS-IS at network layer, RIP uses UDP. BGP sends Keepalive messages similar to Hello messages.

Use BGP when:

  • AS allows packets to transmit to other autonomous systems.
  • AS has multiple connections to other ASes.
  • Traffic entering and leaving the AS must be manipulated.

Do not use BGP when:

  • Only a single connection exists to the Internet or another AS.
  • Router lacks memory to handle constant BGP updates.
  • Administrator lacks understanding of route selection.
  • Low bandwidth exists between ASes.

  • Split Horizon Rule: Routes learned via iBGP are never propagated to other iBGP peers.
  • Synchronization Rule: A BGP router should not use or advertise to an external neighbor routes learned by iBGP until they are known via IGP.

Multihoming: When one AS connects to multiple ISPs for redundancy and path optimization.

Types of Multihoming:

  • All ISPs pass only default routes to the AS.
  • ISPs pass default plus selected routes.
  • ISPs pass all routes to the AS.

  • Neighbor List: List of BGP neighbors.
  • BGP Forwarding Table: List of all networks learned from each neighbor (with path attributes).
  • IP Routing Table: Best paths to destination networks.

Message Types:

  • Open – includes hold time & router ID
  • Keepalive
  • Update – contains path attributes and networks
  • Notification – sent when error detected

BGP States:

  1. Idle
  2. Connect
  3. Open Sent
  4. Open Confirm
  5. Established

Types:

  • Well-Known Mandatory: Origin, AS_Path, Next_Hop
  • Well-Known Discretionary: Local Preference, Atomic Aggregate
  • Optional Transitive: Communities, Aggregator
  • Optional Non-Transitive: MED (Multi Exit Disc)
  • Weight: Cisco-specific, local to router (higher = preferred, default 32768)

  1. Highest weight (local)
  2. Highest local preference (within AS)
  3. Route originated by local router
  4. Shortest AS_Path
  5. Lowest origin code
  6. Lowest MED
  7. eBGP path over iBGP path
  8. Path through closest IGP neighbor
  9. Oldest route for eBGP path
  10. Lowest neighbor BGP router ID

Route Reflectors: Allow internal BGP routers to reflect learned routes, solving full-mesh requirement. Used for redundancy; forwarding is unaffected.

Route Dampening: Reduces instability from route flaps (frequent up/down).

Route Collector: Displays reachability information within the network.

Sample Configuration:
Router(config)# router bgp 7633
Router(config-router)# neighbor 202.41.226.248 remote-as 4755
Router(config-router)# neighbor 202.41.226.248 description ### Internet Link ###
Router(config-router)# neighbor 202.41.226.248 ebgp-multihop 255
Router(config-router)# neighbor 202.41.226.248 update-source loopback0
Router(config-router)# neighbor 202.41.226.248 route-map VSNL out
Router(config-router)# neighbor 202.41.226.248 filter-list 10 in
Router(config-router)# no neighbor 202.41.226.248 shutdown

MPLS (Multiprotocol Label Switching) is a packet-forwarding technology that uses labels to make data forwarding decisions. MPLS performs Layer 3 header analysis once when the packet enters the MPLS domain, and thereafter, forwarding is done based on the label.

Key Applications:
  • Virtual Private Networking (VPN)
  • Traffic Engineering (TE)
  • Quality of Service (QoS)
  • Any Transport over MPLS (AToM)

MPLS reduces forwarding overhead on core routers and can work with any Layer 3 protocol.

Label Details:

A Label is a short, 4-byte, fixed-length identifier used to identify a Forwarding Equivalence Class (FEC) — a group of packets forwarded the same way.

Reserved Labels (0–15):

  • 0 – IPv4 Explicit NULL Label
  • 1 – Router Alert Label
  • 2 – IPv6 Explicit NULL Label
  • 3 – Implicit NULL Label
Features of MPLS:
  • Multiple customer routes can be carried on a single backbone.
  • Service provider backbone is isolated from customers.
  • Supports both Layer 2 and Layer 3 services.
MPLS Components:
  • Control Plane: Manages Layer 3 routing info and maintains Label Switching Tables (LIB/LFIB).
  • Data Plane: Forwards packets based on label values.
Types of Routers:
  • PE (Edge LSR): Labels packets when entering and removes labels when exiting the MPLS domain.
  • P (LSR): Forwards packets based on labels.
Important Terms:
  • LIB: Mapping between IP prefixes and assigned labels.
  • LFIB: Contains incoming/outgoing label mappings, interfaces, and MAC addresses.
  • FEC: Group of packets treated the same in forwarding.
Modes of Operation:
  • Frame Mode: 32-bit label inserted between Layer 2 and 3 headers.
  • Cell Mode: Uses ATM header as label.
Label Distribution Protocols:
  • TDP (Tag Distribution Protocol): Cisco proprietary (TCP/UDP port 711)
  • LDP (Label Distribution Protocol): IETF standard (TCP/UDP port 646)
Additional MPLS Components:
  • Route Target: Controls which routes are imported/exported.
  • Route Distinguisher: Creates unique VPNv4 addresses (64-bit RD + 32-bit IPv4 = 96 bits).
  • MP-BGP: Distributes VPN routing info between PEs.
  • VRF: Holds customer-specific routes on PE routers.
  • RSVP: Used for bandwidth reservation in MPLS-TE.
Configuration Example:

ip cef
mpls label protocol ldp
interface serial1/0
 mpls ip
mpls mtu 1504
Troubleshooting Commands:

show ip cef
show mpls forwarding-table
show mpls ldp binding
MPLS L2VPN:

Transparently transfers Layer 2 user data over MPLS. Frameworks include:

  • Martini Draft: Uses LDP for VC label signaling.
  • Kompella Draft: Uses extended BGP for Layer 2 reachability.
MPLS L3VPN:

PE-based L3VPN technology that uses BGP for VPN route advertisement and MPLS for packet forwarding.

Sham Link:

Used when OSPF prefers non-MPLS routes over MPLS routes to ensure MPLS path preference.

Why MPLS is Fast:
  • Exact match (not longest prefix match).
  • LFIB is smaller than routing tables, reducing lookup time.

VPN (Virtual Private Network) carries private traffic over a public network using encryption and tunneling to ensure data confidentiality, integrity, and authentication.

Types of VPN:
  • Remote Access VPN
    • Client-Initiated
    • Network Access Server
  • Site-to-Site VPN
    • Intranet
    • Extranet
Tunneling Protocols:
  • L2TP: Layer 2 Tunneling Protocol
  • PPTP: Point-to-Point Tunneling Protocol
  • GRE: Generic Routing Encapsulation
  • IPsec: Internet Protocol Security (Layer 3)
Authentication Protocols:
  • PAP – Password Authentication Protocol
  • CHAP – Challenge Handshake Authentication Protocol
Key IPsec Terms:
  • AH: Authentication Header – provides data authentication.
  • ESP: Encapsulating Security Payload – provides encryption & integrity.
  • ISAKMP: Manages key exchange and security associations.
  • IKE: Internet Key Exchange protocol for negotiation and keys.
  • HMAC: Combines hashing and secret keys for message authentication.
  • DES, 3DES, AES: Encryption algorithms.
  • SA (Security Association): Defines how peers use security services.
Crypto System Overview:
  • Encryption: Symmetric (DES, 3DES, AES), Asymmetric (RSA)
  • Authentication: HMAC, Digital Signature
  • Hashing: SHA, MD5
IPsec Phases:
  1. IKE Phase 1 – Establish secure channel
  2. IKE Phase 2 – Negotiate IPsec SAs
  3. IKE Phase 3 – Data transfer via tunnel
Sample VPN Configuration:

crypto isakmp policy 1
 encr 3des
 authentication pre-share
crypto isakmp key cisco address 172.1.1.71
crypto isakmp keepalive 30 10
crypto map WAN1 ipsec-isakmp
 set peer 172.1.1.71
 set security-association lifetime 43200
 set transform-set BOI
 match address cryptofordc
Access List Example:

ip access-list extended crypto-for-DC
 permit ip 172.11.47.0 0.0.0.255 host 172.1.2.71
 permit ip 172.11.47.0 0.0.0.255 host 172.1.2.69
 permit ip 172.11.47.0 0.0.0.255 host 172.1.2.39
 permit ip 172.11.47.0 0.0.0.255 host 172.1.2.69

QoS (Quality of Service) is the ability of a network to provide better service to selected traffic across technologies like Frame Relay, ATM, Ethernet, SONET, and IP networks. It ensures predictable performance by controlling bandwidth, delay, and packet loss.

QoS Improves Network Service By:
  • Supporting dedicated bandwidth
  • Improving loss characteristics
  • Avoiding and managing congestion
  • Shaping network traffic
  • Setting traffic priorities across the network
QoS Abstractions:
  • Class-Maps: Defines traffic classes based on ACLs, DSCP, protocol, or MAC addresses.
  • Policy-Maps: Defines actions like bandwidth, policing, shaping, queue-limit, etc.
  • Service-Policy: Applies QoS policies on interfaces (input/output).
IETF QoS Architectures:
  • 1. Integrated Services (IntServ): Uses RSVP to reserve resources and signal QoS requirements end-to-end.
  • 2. Differentiated Services (DiffServ): Uses DSCP bits in IP header to mark traffic priority levels.
Congestion:

Occurs when traffic exceeds interface capacity, leading to delay and jitter (variation in delay).

QoS Class Limitations:

Up to 256 classes per policy (if reused). If using CBWFQ, maximum of 64 classes supported.

Hierarchical QoS:

Used to provide modularity by nesting a child policy within a parent policy for structured traffic handling.

Deployment Considerations:
  • QoS is not for improving raw performance but for prioritizing critical traffic.
  • Best applied at the distribution layer, not at the core.
  • Common use case: prioritizing VOIP or Citrix traffic over general data.
QoS Implementation Steps:
  1. Plan and classify traffic (voice, video, data) using ACLs.
  2. Create class maps for each traffic type.
  3. Create policy maps with bandwidth or priority per class.
  4. Apply policy maps on interfaces using service-policy (input/output).
  5. Alternatively, use AutoQoS on Cisco devices.
QoS Pre-classification:

Classifies traffic before encryption or tunneling to ensure accurate QoS treatment.

Policing vs Shaping:
  • Policing: Enforces bandwidth limits — may drop packets but ensures low latency.
  • Shaping: Queues excess packets — introduces delay but avoids drops.
Queuing:

Stores packets temporarily to prevent drops; assigns priorities and thresholds per queue.

Delay-Sensitive Traffic:

Best handled using policing + priority queuing for guaranteed bandwidth and low delay.

QoS Mapping Example:

Command: qos map dscp 46 to cos 5

This maps DSCP value 46 (EF) to CoS 5 — aligning Layer 3 and Layer 2 QoS markings.

QoS vs ToS:
  • ToS: Defines the value or marking of traffic (indicator).
  • QoS: Defines the policy or mechanism used to act on ToS markings.
Policy Recommendation:
  • Voice Traffic: Priority queue with low latency.
  • Data Traffic: Bandwidth-based policy with burst capability.
  • Rest of traffic: Best-effort class.
QoS Configuration Commands:

Router(config)# class-map match-any VOICE
Router(config-cmap)# match ip dscp ef

Router(config)# policy-map QOS-POLICY
Router(config-pmap)# class VOICE
Router(config-pmap-c)# priority 1000
Router(config-pmap)# class DATA
Router(config-pmap-c)# bandwidth 2000

Router(config)# interface GigabitEthernet0/0
Router(config-if)# service-policy output QOS-POLICY
MQC (Modular QoS CLI):
  1. Define a class using class-map.
  2. Create a policy using policy-map.
  3. Apply the policy using service-policy.
Troubleshooting QoS Issues
(A) High CPU Utilization

Symptoms: Slow Telnet, console lag, routing update failure, no ping response.

Initial Checks:

  • Check for security issues (worm/virus).
  • Review recent config changes.
  • Disable debugging: undebug all
  • Collect output: show process cpu, show logging

Command Example:


router#show processes cpu
CPU utilization for five seconds: 8%; one minute: 6%; five minutes: 5%
PID  Runtime(uS)  Invoked  uSecs  5Sec  1Min  5Min  TTY  Process
1    384          32789    11     0.00% 0.00% 0.00% 0    Load Meter
Common CPU Causes:
  • CEF switching interrupts
  • ARP Input
  • BGP Scanner / Router Process
  • SNMP, TCP Timer, TTY background tasks
Scheduler Commands:

scheduler interval 500
scheduler allocate 3000 1000
(B) Memory Allocation Failure

Causes: Router runs out of memory or memory is fragmented.


Router>show processes memory
Total: 3149760, Used: 2334300, Free: 815460
PID TTY Allocated Freed Holding Getbufs Retbufs Process
0   0   10750692  3442000 5812 2813524 0 *Dead*

Note: *Dead* process shows memory held by a terminated process. Each block tracks its creator — if the process no longer exists, memory is marked dead.

Copyright © 2025 | All rights reserved. Design By Creative Mind