Cisco Networking Essentials E-Book

Table of Contents

Title Page

Copyright

Dedication

Acknowledgments

About the Author

Introduction

Who Should Read This Book

What's Inside

How to Contact the Author

Chapter 1: Networks

Describing Network Components

Classifying Networks by Function

Defining Network Architectures

Chapter 2: The OSI Model

Using Reference Models

Introducing the Layers of the OSI Model

Describing the OSI Encapsulation Process

Chapter 3: TCP/IP

Understanding the TCP/IP Model

Describing the TCP/IP Encapsulation Process

Describing the Functions at the Transport Layer

Describing the Functions at the Internet Layer

Describing the Functions of ARP

Chapter 4: Protocols

Understanding the Function of Protocols

Exploring Application Layer Protocols

Exploring Transport Layer Protocols

Exploring Internet Layer Protocols

Exploring Network Access Layer Protocols

Chapter 5: Physical and Logical Topologies

Designing the Physical Topology

Designing the Logical Topology

Chapter 6: Numbering Systems

Exploring Binary Numbering

Exploring Hexadecimal Numbering

Applying Conversions

Chapter 7: Classful IP Addressing

Describing the Function of IP Addresses

Identifying IP Address Types

Utilizing Diagnostic Tools

Understanding DHCP

Introducing IPv6

Chapter 8: Classless IP Addressing

Understanding the Limitations of Classful Networking

Understanding the Benefits of Subnetting

Describing the Components of CIDR

Chapter 9: Media

Selecting the Proper Media Type

Understanding Cabling

Describing Wireless Standards

Chapter 10: Network Devices

Describing Device Functions

Understanding Device Placement Principles

Chapter 11: LAN Operations

Understanding the Routing Process

Describing the Switching Process

Describing End-to-End Communications

Chapter 12: Managing the Cisco IOS

Describing Components

Describing IOS Navigation

Understanding and Managing the Boot Process

Chapter 13: Configuring Routers

Cabling the Router

Creating a Console Session

Configuring Passwords

Configuring Interfaces

Saving Configuration Changes

Chapter 14: Configuring Switches

Cabling the Switch

Creating a Session with the Switch

Configuring Passwords

Configuring Interfaces

Understanding Advanced Switch Functions

Chapter 15: Configuring Static Routing

Populating the Routing Table

Configuring Inter-VLAN Routing

Chapter 16: Configuring Dynamic Routing

Understanding Routing Protocols

Configuring Routing Protocols

Chapter 17: Device Security

Understanding Access Lists

Configuring Numbered Access Lists

Configuring Named Access Lists

Editing Access Lists Using Sequence Numbers

Understanding Network Address Translation (NAT)

Implementing Static NAT, Dynamic NAT, and PAT

Configuring a Switch or Router as an NTP Client or Server

Implementing and Requiring SSH

Limiting Remote Access with ACLs

Appendix A: Answers to Review Questions

Chapter 1

Chapter 2

Chapter 3

Chapter 4

Chapter 5

Chapter 6

Chapter 7

Chapter 8

Chapter 9

Chapter 10

Chapter 11

Chapter 12

Chapter 13

Chapter 14

Chapter 15

Chapter 16

Chapter 17

Appendix B: CCNA Essentials: Ancillary Exercises

Chapter 1: Networks

Chapter 2: The OSI Model

Chapter 3: TCP/IP

Chapter 4: Protocols

Chapter 5: Physical and Logical Topologies

Chapter 6: Numbering Systems

Chapter 7: Classful IP Addressing

Chapter 8: Classless IP Addressing

Chapter 9: Media

Chapter 10: Network Devices

Chapter 11: LAN Operations

Chapter 12: Managing the Cisco IOS

Chapter 13: Configuring Routers

Chapter 14: Configuring Switches

Chapter 15: Configuring Static Routing

Chapter 16: Configuring Dynamic Routing

Chapter 17: Device Security

End User License Agreement

Pages

v

vii

ix

x

xxiii

xxiv

xxv

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

91

92

93

94

95

96

97

98

99

100

101

102

103

104

105

106

107

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

153

154

155

156

157

158

159

160

161

163

164

162

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

353

354

355

356

357

358

359

360

361

362

363

365

364

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

393

394

395

396

397

398

399

400

401

402

403

404

405

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

Guide

Cover

Table of Contents

Introduction

Begin Reading

List of Illustrations

Chapter 1: Networks

Figure 1.1 Cisco routers and switches

Figure 1.2 Network installation

Figure 1.3 Sharing resources

Figure 1.4 Transmission mediums

Figure 1.5 Protocol agreement

Figure 1.6 A wide area network (WAN)

Figure 1.7 Peer-to-peer architecture

Figure 1.8 Broadcasting

Figure 1.9 The client-server model (top) and the peer-to-peer model (bottom)

Chapter 2: The OSI Model

Figure 2.1 OSI and DoD models

Figure 2.2 Encryption/decryption

Figure 2.3 Compression/decompression

Figure 2.4 The use of port numbers

Figure 2.5 Transmission types

Figure 2.6 TCP and UDP port numbers

Figure 2.7 MAC addresses and network adaptors

Figure 2.8 Header, data, and trailer

Chapter 3: TCP/IP

Figure 3.1 TCP/IP model

Figure 3.2 OSI and TCP/IP models

Figure 3.3 Protocol data units

Figure 3.4 Encapsulation and de-encapsulation

Figure 3.5 TCP and UDP headers

Figure 3.6 MAC address

Figure 3.7 ARP broadcast

Figure 3.8 Frame forwarding

Chapter 4: Protocols

Figure 4.1 DNS use of TCP and UDP

Figure 4.2 SNMP messages

Figure 4.3 ACK with no errors

Figure 4.4 ACK with errors

Figure 4.5 TCP three-way handshake

Figure 4.6 TCP header

Figure 4.7 UDP header

Figure 4.8 IP header

Figure 4.9 Echo request and reply

Figure 4.10 Request timed out

Figure 4.11

tracert

Figure 4.12 Multicasting

Chapter 5: Physical and Logical Topologies

Figure 5.1 Bus topology

Figure 5.2 Ring topology

Figure 5.3 Star topology

Figure 5.4 Star implementation

Figure 5.5 Mesh topology

Figure 5.6 Hybrid topology

Figure 5.7 Point-to-point using multiple interfaces

Figure 5.8 Point-to-point using one interface

Figure 5.9 Point-to-multipoint

Figure 5.10 Token Ring

Figure 5.11 FDDI ring

Chapter 6: Numbering Systems

Figure 6.1 MAC address output

Figure 6.2 OUI and UAA

Figure 6.3 MAC and IP address

Chapter 7: Classful IP Addressing

Figure 7.1 Ethernet and Internet Protocol headers

Figure 7.2 Subnet masks for each class

Figure 7.3

ipconfig

Figure 7.4 DHCP settings

Figure 7.5 DHCP process

Figure 7.6 Router and switch layout

Figure 7.7

ipconfig

IPv6

Chapter 8: Classless IP Addressing

Figure 8.1 Subnets with no router

Figure 8.2 Subnet with router

Figure 8.3 Simple VLSM

Figure 8.4 Network design

Figure 8.5 Network solution

Figure 8.6 VLSM exercise

Chapter 9: Media

Figure 9.1 Rogue access point 1

Figure 9.2 Rogue access point 2

Figure 9.3 SFP SC and LC

Figure 9.4 Straight-through cable

Figure 9.5 Crossover cable

Figure 9.6 Console port

Figure 9.7 Console 1

Figure 9.8 Console 2

Figure 9.9 WLAN

Figure 9.10 IBSS

Figure 9.11 ESS

Chapter 10: Network Devices

Figure 10.1 Hub operation

Figure 10.2 Bridging operation

Figure 10.3 Bridges

Figure 10.4 Switches

Figure 10.5 Network Access layer switch

Figure 10.6 Router

Figure 10.7 Directly connected routes

Figure 10.8 Routing tables updated

Figure 10.9 Multiple routes

Figure 10.10 Route fault tolerance

Figure 10.11 AP as a switch

Figure 10.12 Wireless router

Figure 10.13 Broadcast domains

Figure 10.14 Collision domains

Figure 10.15 Collision and broadcast domains

Figure 10.16 Three-layer model

Figure 10.17 Domain exercise 1

Figure 10.18 Domain exercise 2

Chapter 11: LAN Operations

Figure 11.1 Local routing

Figure 11.2 Routing table visualized

Figure 11.3 Distance-vector route selection

Figure 11.4 Routing table visualized 2

Figure 11.5 An area border router (ABR)

Figure 11.6 Autonomous system border router (ASBR)

Figure 11.7 Ethernet frame

Figure 11.8 Local LAN process

Figure 11.9 Remote communication process

Chapter 12: Managing the Cisco IOS

Figure 12.1 Router RAM

Figure 12.2 Flash SIMMs and card slot

Figure 12.3 ROM

Figure 12.4 Cisco storage

Figure 12.5 Console port to serial port

Figure 12.6 Location Information dialog box

Figure 12.7 The COM1 Properties dialog box

Figure 12.8 Access modes

Figure 12.9 Configuration register

Chapter 13: Configuring Routers

Figure 13.1 Cisco 2501 backplane

Figure 13.2 Cisco 871 backplane

Figure 13.3 Cisco 1841 with modules installed

Figure 13.4 Ethernet router-to-router

Figure 13.5 Serial connection with V.35

Figure 13.6 Back-to-back

Figure 13.7 Router to switch

Figure 13.8 PC to router with Ethernet cable

Figure 13.9 PC to router with console cable

Figure 13.10 CSU/DSU connectors

Figure 13.11 CSU/DSU in router

Figure 13.12 USB Console connection

Chapter 14: Configuring Switches

Figure 14.1 Switch-to-switch connection

Figure 14.2 Router-to-switch connection

Figure 14.3 Host connections

Figure 14.4 Console cable connection to the switch

Figure 14.5 VLANs 2 and 3

Figure 14.6 Router-on-a-stick

Figure 14.7 No redundancy

Figure 14.8 Redundancy

Figure 14.9 Root and nonroot ports

Figure 14.10 STP port operations

Chapter 15: Configuring Static Routing

Figure 15.1 Static routing

Figure 15.2 Inter-VLAN routing

Figure 15.3 Subinterfaces and IP addresses

Figure 15.4

Chapter 16: Configuring Dynamic Routing

Figure 16.1 Split horizon

Figure 16.2 Poison reverse

Figure 16.3 RIP example

Figure 16.4 OSPF example

Figure 16.5

Chapter 17: Device Security

Figure 17.1 Inbound ACL processing

Figure 17.2 Network Address Translation

Figure 17.3 Attempting the connection

Figure 17.4 ACL configuration diagram

List of Tables

Chapter 2: The OSI Model

Table 2.1 Computer details for sample

Chapter 3: TCP/IP

Table 3.1 Device IP addresses and MAC addresses

Table 3.2 Handoff destination addresses

Table 3.3 Device IP addresses and MAC addresses

Table 3.4 Handoff destination addresses

CISCO® NETWORKINGESSENTIALS

Second Edition

Senior Acquisitions Editor: Kenyon Brown

Development Editor: Kelly Talbot

Technical Editor: Paul Sutton

Production Editor: Joel Jones

Copy Editor: Kathy Grider-Carlyle

Editorial Manager: Mary Beth Wakefield

Production Manager: Kathleen Wisor

Associate Publisher: Jim Minatel

Proofreader: Kathryn Duggan

Indexer: Nancy Guenther

Project Coordinator, Cover: Brent Savage

Cover Designer: Wiley

Cover Image: ©TimotiSt/iStockphoto; Back Cover Images: Courtesy of Troy McMillan

Copyright © 2015 by John Wiley & Sons, Inc., Indianapolis, Indiana

Published simultaneously in Canada

ISBN: 978-1-119-09215-5

ISBN: 978-1-119-09212-4 (ebk.)

ISBN: 978-1-119-09213-1 (ebk.)

No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except as permitted under Sections 107 or 108 of the 1976 United States Copyright Act, without either the prior written permission of the Publisher, or authorization through payment of the appropriate per-copy fee to the Copyright Clearance Center, 222 Rosewood Drive, Danvers, MA 01923, (978) 750-8400, fax (978) 646-8600. Requests to the Publisher for permission should be addressed to the Permissions Department, John Wiley & Sons, Inc., 111 River Street, Hoboken, NJ 07030, (201) 748-6011, fax (201) 748-6008, or online at http://www.wiley.com/go/permissions.

Limit of Liability/Disclaimer of Warranty: The publisher and the author make no representations or warranties with respect to the accuracy or completeness of the contents of this work and specifically disclaim all warranties, including without limitation warranties of fitness for a particular purpose. No warranty may be created or extended by sales or promotional materials. The advice and strategies contained herein may not be suitable for every situation. This work is sold with the understanding that the publisher is not engaged in rendering legal, accounting, or other professional services. If professional assistance is required, the services of a competent professional person should be sought. Neither the publisher nor the author shall be liable for damages arising herefrom. The fact that an organization or Web site is referred to in this work as a citation and/or a potential source of further information does not mean that the author or the publisher endorses the information the organization or Web site may provide or recommendations it may make. Further, readers should be aware that Internet Web sites listed in this work may have changed or disappeared between when this work was written and when it is read.

For general information on our other products and services or to obtain technical support, please contact our Customer Care Department within the U.S. at (877) 762-2974, outside the U.S. at (317) 572-3993 or fax (317) 572-4002.

Wiley publishes in a variety of print and electronic formats and by print-on-demand. Some material included with standard print versions of this book may not be included in e-books or in print-on-demand. If this book refers to media such as a CD or DVD that is not included in the version you purchased, you may download this material at http://booksupport.wiley.com. For more information about Wiley products, visit www.wiley.com.

Library of Congress Control Number: 2015943420

TRADEMARKS: Wiley, the Wiley logo, and the Sybex logo are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates, in the United States and other countries, and may not be used without written permission. Cisco is a registered trademark of Cisco Systems, Inc. All other trademarks are the property of their respective owners. John Wiley & Sons, Inc. is not associated with any product or vendor mentioned in this book.

To my dear wife, Heike, and to her father, Joseph Polteraitis, whom we loved and lost this year.

Acknowledgments

I want to thank the entire editing and production staff who have helped to make this book as good as it can possibly be. That includes Kelly Talbot, my development editor, who gave me great advice beyond simply grammar and style. I took full advantage of all his years of experience as an editor. He was the conductor of this orchestra and ensured everything was where it was supposed to be when it as supposed to be.

I also would like to thank the technical editor, Paul Sutton, who saved me from myself a number of times. It is so comforting to know that someone with deep technical knowledge is looking over your shoulder.

A special thanks goes to Ken Brown for encouraging me to update this book and helping to select new topics to add.

About the Author

Troy McMillan is a trainer and writer from Sugarloaf Key, Florida. He began his IT career with IBM in 1999, supporting point-of-sale systems. After achieving his MCSE, he became a network administrator in the Atlanta office of a global manufacturer of electric motors. In 2000 he took his first job as a trainer, teaching MCSE classes to career changers at a local IT school in Atlanta.

In 2001 Troy started delivering corporate training for New Horizons in Atlanta. His concentration was in Microsoft, CompTIA, and Cisco classes. In 2002, Troy started his own training company while continuing with New Horizons on a contract basis and also teaching at various colleges and technical schools in the Atlanta area.

In 2003 Troy began traveling the United States and Canada teaching Cisco, wireless (CWNA program), and Microsoft classes for training organizations such as Global Knowledge, New Horizons, and PPI.

In 2005 Troy accepted a position with Kaplan University of Professional and Continuing Education, creating practice tests and study guides for the Self-Test and Transcender brands. His work includes Microsoft, but he is the principal Cisco writer.

Troy's first book, Change Your Career: Computer Network Security as Your New Profession (Kaplan Publishing) was released in 2007. It is a guide that provides resources and helpful hints for career changers considering a career in this field.

Troy began contributing to and providing technical edits for a number of Sybex books in 2009. This included contributing to Todd Lammle's CCNA Wireless Study Guide: IUWNE Exam 640-721 and CompTIA Network+ Study Guide (Exam: N10-005), doing technical edits and contributing to Todd's CCNA Cisco Certified Network Associate Review Guide, and acting as technical editor for Darril Gibson's Windows 7 Desktop Support and Administration: Real World Skills for MCITP Certification and Beyond (Exams 70-685 and 70-686). He is currently providing technical editing on Toby Skandier's Network Administrator Street Smarts: A Real World Guide to CompTIA Network+ Skills.

In 2010 Troy coauthored the VCP VMware Certified Professional on vSphere 4 Review Guide with Brian Perry, Chris Huss, and Jeantet Fields. In 2010 he also created and edited text books for Penn-Foster on Apple computers, basic troubleshooting, and mobile devices. Troy created classroom instruction materials for many of the Sybex titles already listed as well as for the MCTS: Windows Server 2008 R2 Complete Study Guide (Exams 70-640, 70-642 and 70-643) by William Panek.

Since 2010 Troy has worked on the following print projects:

Coauthor of

CISSP Cert Guide

(Pearson Education)

Prep test question writer for

CCNA Wireless 640-722 Official Cert Guide

(Cisco Press)

Coauthor of

CompTIA A+ Complete Review Guide: Exams 220-801 and 220-802

(Sybex)

Author of

CompTIA A+ Complete Review Guide: Exams 220-901 and 220-902

(Sybex)

Assisted Todd Lammle with the update to

CompTIA Network+ Study Guide: Exam N10-006

(Sybex)

Coauthor of

CompTIA Advanced Security Practitioner (CASP) CAS-002 Cert Guide

(Pearson Education)

He also has written and appeared in the following training videos for Oncourse learning:

Security +

Network +

Microsoft 70-410, 411,412 exam prep

ICND 1

ICND 2

Cloud +

CASP

CISSP

Prior to his career in IT, Troy was a professional musician. From 1968 to 1986, he recorded and performed with many of his own bands and as a backup musician for acts including Vassar Clements and Delbert McClinton. He worked for a number of years as a session musician and songwriter in Nashville as well. In 1983 he returned to school, earning a BBA in Management from Georgia State University in 1986. He operated his own businesses after graduation, as well as working several years in retail management. He began a self-study in IT in the 1990s, leading to his first IT job at IBM.

Troy lives with his wife, Heike, and a house full of dogs, cats, and birds in Sugarloaf Key, Florida. He enjoys running, music, and sports of all kind, especially NASCAR.

Introduction

The first edition of this book was designed to fill a gap that has existed for some time in technical books and instructional materials covering networking in general and Cisco technology in particular. As a trainer, I struggled to find materials that struck a middle ground between basic networking texts and books that jump immediately into certification-level topics for which many readers and students were not prepared to digest. The reaction to the first edition confirmed my belief that a book of this type is needed and drove the creation of this second edition.

There will always be a market for books designed to present and review certification-level topics to those who are already familiar with the knowledge required to understand those topics. In today's economic times, however, there is a whole new breed of students who are either taking classes or operating in a self-study capacity who do not have this prerequisite knowledge and may not even realize this as they attempt to tackle certification-level classes and books.

I have seen these students in my classes over the years. They are no less intelligent or motivated than the students who have more background and experience. But at the pace at which these books and classes must move to cover all the material, they soon find themselves struggling. Some even give up entirely.

This book is designed to cover all of the basics required to really understand routing and switching, providing the required amount of time to digest the fundamentals and then moving on to actually setting up and configuring the routers and switches and seeing them operate. It does not attempt to cover every bell and whistle that these devices offer, nor does it cover every topic that is on a Cisco CCENT exam. What it does do is provide all of the basic network information from a Cisco perspective.

The student who reads this book and works through these exercises or the student who takes a class using this book as its text will come away ready in every way to tackle books and classes targeted for exam prep for the CCNA. That is the goal of this book and was our guiding principle throughout its creation.

Who Should Read This Book

This book is designed for anyone wishing to gain a basic understanding of how networks operate and how Cisco devices in particular fulfill their roles in the process. This includes:

Those who have been away from the IT industry for some time and are reentering the field

Career changers with no previous experience

Students who have struggled with certification-level prep materials

Students who have had success with certification-level prep materials but came away from the experience with a shallow understanding of the core foundational knowledge

What's Inside

Here is a glance at what's in each chapter.

Chapter 1

, “Networks,”

describes network components, classifies LANs and WANs by function, and compares and contrasts peer-to-peer and client-server networks.

Chapter 2

, “The OSI Model,”

explains the purpose of reference models, introduces the layers of the OSI model, and describes how the layers relate to the encapsulation process.

Chapter 3

, “TCP/IP,”

explains the TCP/IP reference model, compares it to the OSI model, and describes the function of the four layers of the model.

Chapter 4

, “Protocols,”

describes the function of protocols in networking and surveys various protocols that operate at each layer of the TCP/IP model.

Chapter 5

, “Physical and Logical Topologies,”

defines the meaning of a topology in networking and describes the main physical and logical topologies.

Chapter 6

, “Numbering Systems,”

explains the main numbering systems of importance in networking, the binary and hexadecimal systems, and how they are converted to and from the decimal system.

Chapter 7

, “Classful IP Addressing,”

explains the basics of IP addressing, identifies the types of IP addresses, introduces network troubleshooting tools, and describes the use of DHCP to automate the IP configuration process.

Chapter 8

, “Classless IP Addressing,”

points out the shortcomings of classful IP addressing, explains the benefits of classless subnetting, and introduces the components of CIDR.

Chapter 9

, “Media,”

begins with a brief description of media types, then explains cable behaviors and characteristics, and ends with a survey of the types of cables and their proper use.

Chapter 10

, “Network Devices,”

describes the function of the various devices found in a network and explains design principles guiding their placement.

Chapter 11

, “LAN Operations,”

explains both the routing and the switching process and describes how they fit together in end-to-end communication.

Chapter 12

, “Managing the Cisco IOS,”

introduces the components of the Cisco operating system, describes the boot process of a router or switch, and describes how to navigate the command-line interface.

Chapter 13

, “Configuring Routers,”

explains how to get a router operational, including cabling the router, logging into the IOS, securing the router, and configuring its interfaces.

Chapter 14

, “Configuring Switches,”

explains how to get a switch operational, including cabling the switch, logging into the IOS, securing the switch, configuring its switch ports, and creating and managing VLANs.

Chapter 15

, “Configuring Static Routing,”

explains how routes are configured and verified at the CLI and how to configure inter-VLAN routing.

Chapter 16

, “Configuring Dynamic Routing,”

introduces how dynamic routing functions, explains the types of routing protocols, and describes how to configure an example of each.

Chapter 17

, “Device Security,”

describes the security features available in Cisco devices and the issues those features address. It also covers the implementation of these features.

How to Contact the Author

I welcome feedback from you about this book or about books you'd like to see from me in the future. You can reach me by writing to [email protected].

Sybex strives to keep you supplied with the latest tools and information you need for your work. Please check their website at www.sybex.com, where we'll post additional content and updates that supplement this book should the need arise. Enter Cisco Networking Essentials in the Search box (or type the book's ISBN—978-1-119-09215-5), and click Go to get to the book's update page.

Chapter 1Networks

Computer networks are everywhere. It's impossible to escape them in the modern world in which we live and work. We use them at work, at home, and even in between, in places like our cars, the park, and the coffee shop. We have come to take them for granted in the same way we treat electricity and hot water.

But a lot is going on behind the scenes when we use these networks. Cisco routers and switches play a critical role in successful network operation.

This opening chapter lays the foundation required to understand all the details that make networks function. Specifically, this chapter covers the following topics:

Describing network components

Classifying networks by function

Defining network architectures

Describing Network Components

To understand how networks work, it helps to have an appreciation of why they exist in the first place. As incredible as it may seem now, for a number of years when computers first came into use, very few computers were networked. They operated as little islands of information with no connection to one another. Data had to be transferred between computers by copying it to a floppy disk, physically taking that floppy disk to the other computer, and copying the data to the destination machine. This process is now sometimes jokingly referred to as the sneakernet.

Modern networks can include many components. Some of the most basic components are computers, routers, and switches. Figure 1.1 shows some Cisco routers and switches. Routers are used in a network to transfer information between computers that are not on the same network. Routers are capable of doing this by maintaining a table of all networks and the routes (directions) used to locate those networks. Switches come in two varieties: layer 2 and layer 3. Layer 2 switches simply connect computers or devices that are in the same network. Layer 3 switches can do that but are capable of acting as routers as well. Two models of routers are depicted in Figure 1.1, with a switch in the middle of the stack. Routers and switches are covered in depth in Chapter 10, “Network Devices.”

Figure 1.1 Cisco routers and switches

In this section, the benefits of networking are covered as well as the components required to constitute a network.

Defining the Benefits of Networks

There are many benefits to networks, one of which was touched on in the introduction to this section: using a network makes sharing resources possible (without putting on your sneakers and leaving your seat). When connected by networks, users can share files, folders, printers, music, movies—you name it! If it can be put on a hard drive, it can be shared. Additional benefits are included in the following list:

Resource Sharing

Resource sharing is less earthshaking at home, but in the workplace, it was a key element that drove the adoption of PCs. Other computer types such as mainframe computers and dumb terminals were already in use, but were seen as specialized pieces of equipment to be used only by guys in lab coats and some other geeky types. There were other reasons for the PC revolution, but resource sharing helped to increase productivity. As an example, 10 coworkers could access a file on the network at the same time, which eliminated the time and effort spent burning, labeling, transporting, and storing 10 floppies.

The term resource is used extensively when discussing networking and simply refers to anything that a user on one computer may want to access on a different computer. Examples include files, folders, printers, and scanners.

Reduced Cost and Easier Installation of Software

Although it didn't become apparent as quickly as resource sharing did, a reduced cost of software is another advantage. Many software products are sold to organizations on a network basis. For example, instead of buying 25 retail versions of word-processing software, a single copy can be purchased for the network and then a number of seat licenses can be added to the bundle. The result is a significant savings to the company.

Taking that idea a step further, the network also makes it possible to place the installation files (from the CD containing the software) on a server and then install the software over the network (as shown in Figure 1.2). This capability relieves IT staff from having to physically visit each machine with CD in hand to perform the installation. Moreover, the software can be installed on all five machines at once over the network by using those same files.

Figure 1.2 Network installation

Improved Security

All this peace, love, and sharing doesn't mean that everything is available to everyone. Shared resources can be secured with restrictions on who can access them and what exact access each individual possesses. So you can share a file on your computer but share it with only two of your coworkers, not all of them. Moreover, you could allow one coworker to only read the document, while the other could be allowed to edit or even delete the document.

This type of control was difficult when files were shared on floppies. After the floppy left your hand, it was out of your control. Computer networks can enforce security controls among the computers and users.

Improved Communications

It's hard to even imagine today's workplace without email, instant messaging, video chatting, and conferencing, but 25 years ago, these tools did not exist. In today's world, almost

no

communication can wait for regular postal mail. (This service that we once depended on is now often called

snail mail

.) Even more impressive is that distance is no obstacle. You can chat online with someone in India or China as easily as with a fellow worker sitting in the next cubical!

Think of all the paper that is being saved that used to be consumed by companies sending regular mail to one another. The problem was multiplied by the need to keep multiple copies of the documents sent through the regular mail. Email systems can be configured to maintain a copy of every email sent, and documents that used to exist in multiple physical copies now reside as a single digital copy on a server (and probably also on a backup tape).

Meetings that used to require plane trips and hotel stays can now be held online with all participants able to see one another, share documents, view slides or documents from the presenter, and even hold votes and surveys. The only consideration is time zones!

More Workplace Flexibility

Users are no longer physically tied to the same computer. If resources are stored on servers, as they are in most organizations, a computer problem no longer renders a user unable to work. In a domain-based network (more on that later in this chapter in the section “Understanding Client-Server Networks”), the user can move to any other computer that is a member of the domain, access his files on the server, and continue to work while his computer is repaired or replaced.

Telecommuting means working from another physical location, usually from home. It saves gas, time, and in many cases, results in increased productivity on the part of the worker.

Building on this idea, workers are increasingly telecommuting as they can use the Internet to connect to the work network and operate as if physically present in the office.

Reduced Cost of Peripherals

When users can share printers, scanners, and fax machines, usually fewer devices are needed. This reduces costs for the organization. Sharing these devices also offloads the responsibility for managing and maintaining these shared devices.

Peripherals are any devices that operate in conjunction with the computer yet reside outside the computer's box. Examples include the display, mouse, keyboard, printer, camera, speakers, and scanners.

Centralized Administration

Although not possible in a peer-to-peer network, in a domain-based network, all computer administration is centralized. This means that the LAN administrator is responsible for maintaining the security of the network, and this work is done from a special type of server called a

domain

controller

. Domain controllers do more than provide security. They also serve as the directory of the resources available on the network. This is why these services are called

directory services

. (Peer-to-peer networks, domain-based networks, and LANs are explained throughout the rest of this chapter.)

Directory Assistance, Please!

Directory services, such as Active Directory by Microsoft, help users to locate files, folders, and other resources in the network.

Identifying the Requirements for a Network

A network cannot be called a network if it does not meet certain requirements. At their simplest, those requirements include the following:

At least two computers

A resource that needs to be shared

A transmission medium

A communications agreement

Each requirement is detailed in the following list. The coverage of the last two bullet points is somewhat brief as transmission mediums are discussed in Chapter 9, “Media,” and protocols (communications agreements) are covered in detail in Chapter 4, “Protocols.”

At Least Two Computers

It seems obvious, but if there are not at least two computers, there is no need for a network. A single computer doesn't need a network to access the information on its own hard drive. Getting information from computer A to computer B without using the sneakernet is what drove the development of networks.

A Resource That Can Be Shared

From our earlier discussion, you already know that resources are anything that needs to be shared. This can include physical entities such as printers and scanners, or it can be files and folders located on another computer, as shown in

Figure 1.3

. If it can be shared and moved from one computer to another, it can be considered a resource.

Figure 1.3 Sharing resources

A Transmission Medium

Some form of communications medium is also required. The most common form is a cable, but wireless communications are becoming increasingly widespread because of certain advantages to this approach. Both methods are shown in

Figure 1.4

.

Figure 1.4 Transmission mediums

Medium? Do I Need a Ouija Board?

A communications medium is any process that can be used by two computers to transfer data. It can be bounded (via a cable) or boundless (wireless).

A Communications Agreement

One of the main stumbling blocks present when computers were first being networked was a language problem. As you know, two people who need to converse cannot do so unless they speak a common language. Likewise, computers have to be speaking the same language in order to have a communications agreement. Networking languages are called

protocols

. In

Figure 1.5

, workstation 2 is able to communicate with workstation 3 because they are both using TCP/IP, but cannot communicate with workstation 1, because it is using IPX/SPX, a different networking protocol.

Protocols are discussed in Chapter 4.

Figure 1.5 Protocol agreement

Before the standardization of network protocols, brought about by the explosion of the Internet and the introduction of reference models such as the OSI and the DoD models, computers from different vendors could not be networked together, because they used proprietary and dissimilar network protocols. Although network protocol standardization is not a common concern today because all network devices, including PCs, come with TCP/IP preinstalled, each system also needs this piece of software called a networking client that allows the device to “speak” the particular network protocol (such as TCP/IP, IPX/SPX, and so on).

The OSI and DoD network models are covered in Chapter 2, “The OSI Model.”

In addition to the minimum requirements for a network, additional components are usually present in varying combinations. Repeaters are devices designed to regenerate or strengthen transmission signals to avoid attenuation or weakening of the signal, which leads to data corruption. Hubs are junction boxes with no intelligence that are used to connect devices together on the same physical network. Switches can act as hubs but provide vastly improved performance and offer additional functions not available in hubs. Routers, as discussed earlier, are used to connect networks and allow computers located on different networks to communicate. Cisco routers and switches are intelligent because of the Cisco Internetwork Operating System (IOS), which is included in and is used to manage the functions of these products. The Cisco IOS is discussed in Chapter 12, “Managing the Cisco IOS.” Routers, switches, and hubs are covered in detail in Chapter 10.

Proprietary vs. Standard

The term proprietary, used often in the IT world, refers to any process or way of doing something that works only on a single vendor's equipment. The opposite of this is a standard, which is any way of carrying out a function that the industry has agreed upon. An everyday example of a standard is the ubiquitous wall socket. A standard was developed so that consumers could be assured that any electrical device would match this standard outlet type.

As the next few chapters unfold, you will gain perspective about these requirements as you learn more about the details of each. Now let's look at some characteristics of various types of networks.

Classifying Networks by Function

Networks can be classified according to a number of different characteristics. They can differ based on location, and they can differ in the security relationship that the computers have with another. These are not the only ways networks can differ, but they are commonly used distinctions. In this section, the distance factor is examined in a discussion of LANs and WANs. After examining LANs and WANs, you will take a closer look at defining networks by security relationships in the “Defining Network Architectures” section.

Understanding LANs

If you survey networking books, you will find that the distinction between a local area network (LAN) and a wide area network (WAN) differs from one text to the next. In some treatments of this subject, the difference lies in physical location, while in others, the distinction is discussed in terms of the speed of the connection. Because this text is designed to prepare you to manage Cisco routers and switches, a Cisco perspective is appropriate.

Cisco defines a LAN as a high-speed data network covering a small geographical area. For the purposes of this discussion, a LAN is a single physical location, which could be a part of a building, an entire building, or a complex of buildings. Although Cisco describes each LAN as a single layer 2 environment, don't lose sight of the fact that in many discussions, the term LAN means a single physical location that is composed of multiple IP subnets, each of which is a separate layer 2 network.

In the vast majority of cases, the network will use a networking technology called Ethernet. Other technologies do exist (such as one called Token Ring), but Ethernet has become the de facto standard technology that is used for connecting LANs.

Ethernet is discussed in more detail in Chapter 2 and Chapter 5, “Physical and Logical Topologies.”

Standards

As stated earlier in this chapter, a standard is an agreed-upon way of doing things. In the networking world, there are two types: official and de facto. An official standard is one that all parties agree to and is usually adopted by a body formed to create standards, such as the International Organization for Standardization (ISO) or the Institute of Electrical and Electronics Engineers (IEEE). A de facto standard, on the other hand, is one that becomes the standard simply by being the method that all parties gradually choose to use over a period of time, without a formal adoption process.

Ethernet networks are typically built, owned, and managed by an organization. It is impractical for the organization to connect offices in two cities with Ethernet cabling (for many reasons that will be discussed later, one of which is a limit on cable length of about 100 meters).

Cables are discussed in Chapter 9.

In a LAN, all of the computers are connected with a high-speed connection. High speed is a relative term, but in this case, it indicates at least 10 Mbps. In most cases today, the connection will be either 100 Mbps or 1,000 Mbps. The location may contain multiple buildings; it could even be an entire complex, but if the buildings are connected with a high-speed connection, they would still collectively be considered a single LAN.

Understanding WANs

A wide area network (WAN) is a collection of LANs connected to one another with a WAN technology or with the Internet, allowing it to function as one large network. In the previous section, the impracticality of a company strung together by private Ethernet lines from one office to another was mentioned. Above and beyond the cable length issue, there would be issues of where to place the cables and how to maintain them.

The solutions that are available are as follows:

Leasing a WAN connection from a telecommunications company

Using the Internet

When a WAN connection is leased from a telecommunications provider, the company offloads all maintenance and simply uses the existing network that the telecommunication provider built. The advantage to this approach is that your connection is dedicated, meaning there is no other traffic on it. WAN technologies do not use Ethernet. There are a variety of WAN connection types, such as Frame Relay, Integrated Services Digital Network (ISDN), and Point-to-Point Protocol (PPP), and each has advantages and disadvantages.

WAN technologies are beyond the scope of this book. For more information, simply search for WAN methods on the Internet.

Another available option is to use the Internet. When this approach is taken, the company creates a logical connection called a virtual private network (VPN) between the offices by using the Internet as the physical medium. It is called private because the information that crosses the Internet from one office to another is typically encrypted so that if it is intercepted, it cannot be read.

Regardless of the underlying details, a WAN is used to connect LANs. The relationship between the two network types is illustrated in Figure 1.6. The figure depicts three LANs in different cities using the wide area connection to form a WAN.

Figure 1.6 A wide area network (WAN)

Defining Network Architectures

The architecture (or structure) of a network can be discussed from both a physical and a logical viewpoint. For example, in the previous section you looked at how distance can be used to differentiate networks into architectures called LANs and WANs. The architecture of a network can also describe the rules and processes used on the network. The security relationships that exist among the computers on the network can define different architectures. In this section, the difference between peer-to-peer and client-server architectures is explored.

Understanding Peer-to-Peer Networks

Peer-to-peer networks were the first type of networks to appear. This type of network is often referred to as a workgroup. In a peer-to-peer network, each computer is in charge of its own security, and the computers have no security relationship with one another. This does not mean that the users on the computers cannot share resources; otherwise, it wouldn't be a network!

There are certain shortcomings to this paradigm. In a workgroup, a user can access resources on another computer only if that user has an account on the computer where the resource resides. Moreover, depending on how the sharing is set up, the user may also have to identify herself and provide a password to access the resource.

The ramifications of this can be illustrated with an example. Suppose you have four computers in an office that are used by four different users. If your goal is to allow all users to access resources located on all four computers, you would have to create an account for each person on all four computers. That means you would be creating 16 accounts in all (4 computers × 4 people). That's a lot of work! (I guess it's a form of job security.)

Figure 1.7 illustrates this situation. Each computer is named after its user, and as you can see, all users must have an account on all computers. Also note that each user can be given different levels of access. Note that the passwords that a user has been assigned on any two computers have no relationship to each other. A user can have the same password on all computers, or a different password on each computer, with no effect on functionality, because they are not related to each other in any way in a peer-to-peer network.

Figure 1.7 Peer-to-peer architecture

A MAC address is a number in a specific format that is used to identify a computer. This topic is covered in detail in Chapter 6, “Numbering Systems,” and Chapter 11, “LAN Operations.”

Another challenge with workgroups is that after the number of computers gets beyond 10, two problems occur. First, because of the nature of the communication process that occurs in a workgroup, traffic overwhelms the physical infrastructure, and the network gets very slow. This occurs because in order to locate each other, the computers must broadcast for one another. A broadcast is akin to a person calling out in a crowded room, “Who is Joe?” Then, when Joe answers, you send him the data. In Figure 1.8, workstation 10 is seeking to connect to a computer named Banannarama, so a broadcast is sent out to every computer. Then Banannarama answers with its MAC address.

Figure 1.8 Broadcasting

Moreover, unlike humans, the computers can remember who is who for only a minute or so, and then they must broadcast again.

The second problem that occurs when more than 10 computers are present in a peer-to-peer network has to do with the design of client operating systems. Most client operating systems (meaning any operating system that is not a server operating system) can host only 10 concurrent connections from other computers at a time. So if a popular file is located on a computer in a workgroup, and 10 computers are already connected, the 11th computer won't be able to access the resource until a computer disconnects!

Workgroups still have their place and their advantages. One advantage is their low cost when compared to client-server networks. Obviously, no servers (which cost more than client computers) need to be purchased. Workgroups are also quite simple to set up when compared to client-server networks. Home networks are usually peer-to-peer, and many small office and home office (SOHO) networks function well as workgroups.

However, in medium to large networks, the management of security becomes an administrative nightmare. As discussed earlier, each user must have an account on every computer that he or she will use or access over the network. Also, peer-to-peer networks are not scalable. When a network can be grown (with respect to the number of computers) without causing additional network traffic or additional administrative effort, it is said to be scalable.

In summary, the advantages of a peer-to-peer network are as follows:

Low cost

Easy to set up

No server required

The disadvantages of a peer-to-peer network are as follows:

No centralized control of security

Administrative burden of maintaining accounts on all computers

Not scalable

Understanding Client-Server Networks

The most obvious difference between a client-server network and a peer-to-peer network is the presence of at least one server. This brings up an issue that needs to be addressed before you encounter it. Two explanations of a client-server network are commonly used. Both are applicable, so let's cover both.

First, a client-server network can be explained in terms of resource access. When viewed from this perspective, it means that the shared data is centralized on a device called a file server.

What's the Difference between a Client and a Server, Anyway?

Which computer is the client and which is the server is simply a matter of perspective. If the computer is seeking to access a resource on another computer, it is acting as a client. If it possesses a resource that another computer accesses, it is acting as a server. Consequently, computers in a peer-to-peer network will be acting as either at various times, depending on whether they are accessing a resource or allowing access to a resource.

A file server is a computer that contains resources (files) that users in the network need. A server's operating system is designed differently than one that will be used on client computers. It is not bound by a limit to the number of connections. Hundreds of computers can connect. The advantage is that the security surrounding the resources can be centralized on that server.

Using our example from Figure 1.7, if there were a file server in that network, we would not have to create an account for every user on all computers. We would have to do that only one time, on the server where the resources are located.

The other explanation of a client-server network takes this a step further. These networks are sometimes called domain-based networks. In this case, the server is a special type of server called a directory server or domain controller.

A directory server or domain controller maintains the location of all resources in the network (including the computers themselves) and the locations of each. The computers in the network use this server to find things. Instead of broadcasting to find resources, the computers check with the directory server, which results in a great reduction of traffic!

The domain controller creates a group security association between the computers that are members of what is commonly called a domain (or a realm in Unix). After a user is made a member of the domain, the user will have two types of user accounts: a local account on her computer, as she had in the peer-to-peer network, and a domain account. The domain account will be created on the domain controller where it will be stored.

This domain account will allow the user to log into the domain from any computer that is a member of the domain. This simplifies the account creation process in the same way as previously illustrated in the explanation of using a file server. The accounts are created one time on the domain controller, and then the account will work on any computer in the domain.

The domain controller, rather than the individual computers, is responsible for validating the credentials of users. Whenever a user logs into the domain from a member computer, the login request is sent to the domain controller, which verifies the name and password and then sends the user an access token. An access token is a file that lists the resources that the user is allowed to access in the network, regardless of where the resource is located.

The benefit of this security paradigm is a feature called single sign-on. After logging into the domain, a user will not be prompted for a password again, even when accessing resources. It doesn't even matter which computer the resource is on!

On other hand, there are disadvantages to implementing a client-server network. The hardware and software required to deploy servers is significantly more expensive than client software found in a peer-to-peer network. Configuring and maintaining these servers also requires a much higher degree of skill.

Moreover, when a single domain controller is in use, a single point of failure has been introduced to the operation of the network. If something happens to the domain controller, such as a hardware failure, all access to resources can be interrupted. For these reasons, most networks deploy multiple domain controllers to eliminate this single point of failure, further adding to the cost of deploying a client-server network.

In summary, these are the advantages of a client-server network:

Centralized administration

Single sign-on

Reduced broadcast traffic

Scalability

Scalability means that the network can grow without the congestion problems that arise when a peer-to-peer network grows larger.

Disadvantages of a client-server network are as follows:

Higher cost for server software and hardware

More challenging technically to implement

Single point of failure with a single domain controller or single file server

Figure 1.9 compares the peer-to-peer and client-server networks.

Figure 1.9 The client-server model (top) and the peer-to-peer model (bottom)

The Essentials and Beyond

Networks allow computers to communicate and share resources. At their simplest, the requirements are two computers connected by communications media sharing a resource. The advantages of networks are resource sharing, lower software and peripheral costs in the enterprise, workplace flexibility, improved communications and security, and centralized administration.

A LAN is a network of computers connected with a high-speed connection and located in one physical location. A WAN is a group of geographically distributed LANs joined by a WAN connection. A LAN can be either a peer-to-peer network or a client-server network. Resource access and security are distributed in a peer-to-peer network, while both are centralized in a client-server network.

Exercises

You are a consultant specializing in network design. Consider the following scenarios and propose a design using the principles discussed in this chapter (LAN, WAN, peer-to-peer, client-server). Be prepared to discuss and defend your answer.

An auto parts chain with 75 locations in five states

A doctor's office with three computers

A call center in which the users work in three shifts using a single set of computers

Review Questions

Which of the following is

not

an advantage of networking computers?

Resource sharing

Reduced security for data

Potential for increased productivity

Improved communications

What type of server forms a security association between network members and helps to locate resources?

File

Directory services

Security controller

Network browser

What is the minimum number of computers required to form a network?

One

Two

Three

Four

True or False: Telecommuting is when a user works from another physical location.

What is a protocol?

A type of transmission medium

A security agreement

A communications agreement

A suggested best practice

What is the term for any process or way of doing something that works only on a single vendor's equipment?

Proprietary

Standard

De facto

Registered

Which statement is true with regard to a LAN?

Distributed across a large geographical area

High speed

Leased from a telecommunications company

Requires a server

True or False: A de facto standard is one that all parties agree to and is usually adopted by a body formed to create standards.

A peer-to-peer network is also sometimes called a what?

Realm

Domain

Workgroup

Organizational unit

Which of the following are shortcomings of a peer-to-peer network?

Difficult to implement

Requires server

High cost

Network congestion