This document is a project report submitted by Saurabh Bansal in partial fulfillment of a B.Tech degree in Electronics and Communication Engineering. The report contains 9 chapters that discuss topics related to computer networking including network types, devices, topologies, the OSI model, IP routing, addressing, access control lists, network address translation, and virtual LANs. During an internship, the author gained hands-on experience working in an actual IT environment and data center, learning about new technologies and procedures to help build their career in the field.

1. 1
A
PROJECT REPORT
On
CISCO CERTIFIED NETWORK ASSOCIATE
Submitted by
SAURABH BANSAL
In partial fulfilment for the award of the degree
Of
B.TECH
In
ELECTRONICS AND COMMUNICATION ENGINEERING
Under the Guidance
of
MR. SUMIT SINGH DHANDA
AMITY SCHOOL OF ENGINEERING TECHNOLOGY
AMITY UNVERSITY RAJASTHAN

2. 2
TABLE OF CONTENT
1. Certificate…………………………………………………………………………………….....i
2. Preface……………………………………………………………………………………….....ii
3. Acknowledgment………………………………………………………………………………iii
4. About The Company…………………………………………………………………………...vi
CHAPTER-1Introduction
1.1Network……………………………………………….………….……….………1
1.1.1 LAN (Local Area Network)…………………….…………………………....4
1.1.2 MAN (Metropolitan area networks...................................…...........................5
1.1.3 WAN (Wide Area Network)……………………….………………………...5
1.1.4 CAN (Campus area network)………………….…….……………………....6
CHAPTER-2
2.1Networking Devices
2.1.1Hub…………………………………………………………………………..7
2.1.2Switch………………………………………………………………………..8
2.1.3ROUTERS… …………………………………………………….……….....8
CHAPTER-3
3.1 NETWORK TOPOLOGY…………………………………………….………...11
3.1.1 Basic Topologies…………………………………………………………….12
CHAPTER-4
4.1 OSI MODEL………………………………………………..………………………………………………………………14
4.1.1Application (Layer 7)………………….…………………………………..….14
4.1.2Presentation (Layer 6)…………………….…………………………………...14
4.1.3Session (Layer 5)……………………………..……………………………….15
4.1.4Transport (Layer 4)……………………………….…………………………...15
4.1.5Network (Layer3)…………………………………….………………………..15
4.1.6Data Link (Layer 2)…………………...……...……………….….....................15
4.1.7Physical (Layer 1)……………...………………………..……………………..15

3. 3
CHAPTER-5
5.1 IP ROUTING……………………………………………………………………..17
5.1.1 Static routing………………………………………………………………….21
5.1.2 Dynamic Routing Protocols……….………………………….....................23
CHAPTER-6
6.1 IP ADDRESSING………………………………………………........................27
6.2 IP Saving Techniques………………………………………………….……….30
6.2.1Sub- netting………………………………………………………………….31
6.2.2VLSM……………………………………..………………………………...31
6.2.3CIDR………………………………………………………...........................31
CHAPTER-7
7.1Access Control Lists (ACLs) ……………………………………………………..33
7.1.1 How ACLs work ………………...………………………………………...…34
7.1.2 ACL Operations……………………..……………………………………….34
CHAPTER-8
8.1Network Address Translation………..……….……..…………………………… 39
CHAPTER-9
9.1Virtual LAN………………………………………..….…………………………...41
9.1.1Inter-VLAN Routing…………………………………………………………...44
APPENDIX-I
I.1 APPLICATION DETAILS……………………………………...……………….45
APPENDIX-II
II.1 HARDWARE DETAILS……………………………………………………….46
APPENDIX-III
III .1MATHEMATICAL REVIEW………………………………………….………49
APPENDIX-IV
IV.1 CONFIGURATION OF ROUTER…………………………..…………………53
PROJECT (Internet Working)……………………………………………………………...…...59
 List of Figure. …………………………………………………………………………….................................................3
 List of Table..........................................................................................................................….......4
 References...........................................................................................................................…......60

4. 4
PREFACE
There are certain phases of professional development that cannot be effectively taught in
the academic environment. These facets can only be learned through ground work with
the industry.
The internship program can best be described as an attempt to institutionalize efforts to
bridge the gap between the professional world and the academic institutions. Hence entire
effort in internship is in terms of extending the program of education and evaluation
beyond the classroom.
Excellence is an attitude that the whole of the human race is born with. It is the
environment that makes sure that makes sure whether the results of this attitude are
visible or otherwise. A well planned, properly executed & evaluated industrial helps a lot
in inculcating a professional attitude. It provides a linkage between the student & the
industry to develop an awareness of industrial approach to problem solving, based on a
broad understanding of process & mode of operation of organization.
The internship training helped us to gain direct, on-the-job experience, working with
successful professionals and experts in the field. Internship with the industry also
provided hands on practical experience to us on the work culture, work ethics and work
practices in the industry.
I had the opportunity to have a real experience on many ventures, which increased my
sphere of knowledge to a great extent.
SAURABH BANSAL

5. 5
ACKNOWLEDGEMENT
I have taken efforts in this project. However, it would not have been possible
without the kind support and help of many individuals and organizations. I would
like to extend my sincere thanks to all of them.
I am highly indebted to my guide MR. SUMIT SINGH DHANDA for his
guidance and constant supervision as well as for providing necessary information
regarding the project & also for his support in completing the project.
I would like to express my gratitude towards my parents and my program
coordinator Mr. Sanyog Rawat for their kind co-operation and encouragement
which help me in completion of this project.
My thanks and appreciations also go to my colleague in developing the project and
people who have willingly helped me out with their abilities.

6. 6
About The Company
Om Info Edutech Pvt Ltd is one of the leading IT consultancy which provides several services
includes Technical Consultancy on Linux Platforms and distribution, Oracle SUN Solaris,
Microsoft Windows Servers NT/2000/2003/2008, Microsoft Exchange and SQL servers. We also
serves industry by providing web hosting solutions such as Windows, Hosting, Linux Hosting,
VPS hosting, Reseller Hosting, Om Info Edutech Pvt Ltd is the fast growing company and
having Tie-up with several IT Gaints to provide reliable, fast and better services.
At OIEPL we believe that "Work is Worship" and we are always there to help our clients 24*7
either online or offline. We are the technical consultants not by our hobby but by our quality and
profession. We believe in to deliver the best solution in industry to our clients.
Western Railway in its present form came into existence on 5th November, 1951 by the merger
of its forerunner, the erstwhile Bombay, Baroda and Central India Railway (BB&CI), with other
State Railways viz, Saurashtra, Rajputana and Jaipur. The BB&CI Railway was itself
incorporated in 1855, starting with the construction of a 29 mile broad gauge track from
Ankleshwar to Utran in Gujarat state on the West Coast. In 1864, the railway was extended up to
Mumbai. Subsequently, the project was further extended beyond Baroda in a north easterly
direction towards Godhra, Ratlam, Nagda and thereafter northwards towards Mathura to
eventually link with the Great India Peninsula Railway, now Central Railway, which had already
started operating in Mumbai in 1853. In 1883, a Metre Guage Railway system, initially linking
Delhi with Agra, Jaipur and Ajmer, was established.
The Government of India took over the management of the BB&CI railway from 1.1.1942. In
1949, the Gaikwad Baroda State Railway was merged with the BB&CI Railway. After Western
Railway came into being certain further jurisdictional changes were effected.

7. 7
List of Figure
Figure 1.1-shows some of the common locations of networks ……………………………..........5
Figure 1.2-Local area network….....................................................................................................6
Figure 3.1-Bus topology…………………………………………………………………………13
Figure 3.2-Star Topology………………………………………………………………………...13
Figure 3.3-Ring Topology……………………………………………………….........................14
Figure 3.4-Tree Topology………………………………………………………………………..15
Figure 3.5-Mesh Topology…………………….……………………………….…......................15
Figure 4.1-Packet flow.....................................................................................…..........................18
Figure 5.1 IP Routing Process................................................................................................…...20
Figure 5.2-Network connection..............................................................................................…...21
Figure 5.3-Packet flow………………………………..………………………………………….22
Figure 5.4-Dynamic Routing Protocols………………………………………………………….25
Figure 5.5-remote network……………………………………………………………………….27
Figure 5.6-OSPF…………………………………………………………………………………28
Figure 5.7-OSPF Router.........................................................................................................…...28
Figure 5.8-OSPF Example…………………………………………………….............................28
Figure 7.1-access control lists………………………………………………...………………….36
Figure 7.2-Access list configuration.......................................................................................…...38
Figure 7.3- Access list Network………………………………………………………………….39
Figure 7.4-Access list HyperTerminal…………………………………………………………...39
Figure 9.1-Physical view of a LAN…………………………………………………….……......44
Figure 9.2-Physical and logical view of a VLAN…………………………….…………….……45
Figure iv.1-Configuration of router on Packet tracer…………………………………….....……55
List of Table
Table I.1-APPLICATION DETAILS……………………………………………………………47
Table I.2-HARDWARE DETAILS……………………………………………………………...48

8. 8
CHAPTER-1
INTRODUCTION
During the training period, I got the real, firsthand experience for working in the actual
environment. Most of the theoretical knowledge that had been gained during the course of the
studies was put to test here. Apart from this, I got an opportunity to learn the latest technology,
which immensely helped me in building my career.
Under this training I was taken to their customer site- Disaster Recovery Site where I was
assigned the project- Study of Data Centre.
In the Data Centre I learnt about different types of server such as blade server, sun server etc. and
the network rack consisting of switch, router, firewall, ISA server etc.
Under the guidance of my industry guide I was taught about the different procedures followed in
networking and storing data. I was also taught about the configuration of firewall, switch, router,
ISA server, McAfee applications with the help of different software.
I also learnt various concepts such as VLAN, SAN, NAS, RAID, ID-RACK. I also implemented
and created VLAN using a switch.
1.1 NETWORK
A computer network, or simply a network, is a collection of computer and other hardware
components interconnected by communication channels that allow sharing of resources and
information. Where at least one process in one device is able to send/receive data to/from at least
one process residing in a remote device, then the two devices are said to be in a network. Simply,
more than one computer interconnected through a communication medium for information
interchange is called a computer network.

9. 9
Networks carry data in many types of environments, including homes, small businesses, and
large enterprises. In a large enterprise, a number of locations might need to communicate with
each other, and you can describe those locations as follows:
■ Main office: A main office is a site where everyone is connected via a network and where
the bulk of corporate information is located. A main office can have hundreds or even thousands
of people who depend on network access to do their jobs. A main office might use several
connected networks, which can span many floors in an office building or cover a campus that
contains several buildings.
■ Remote locations: A variety of remote access locations use networks to connect to the
main office or to each other.
— Branch offices: In branch offices, smaller groups of people work and communicate with
each other via a network. Although some corporate information might be stored at a branch
office, it is more likely that branch offices have local network resources, such as printers, but
must access information directly from the main office.
— Home offices: When individuals work from home, the location is called a home office.
Home office workers often require on-demand connections to the main or branch offices to
access information or to use network resources such as file servers.
— Mobile users: Mobile users connect to the main office network while at the main office, at
the branch office, or traveling. The network access needs of mobile users are based on where the
mobile users are located.

10. 10
Figure 1.1 shows some of the common locations of networks that can be used to connect users to
business applications.
Many different types and locations of networks exist. You might use a network in your home or
home office to communicate via the Internet, to locate information, to place orders for
merchandise, and to send messages to friends.
Networks may be classified according to a wide variety of characteristics, such as the medium
used to transport the data, communications protocol used, scale, topology, and organizational
scope.
Communications protocols define the rules and data formats for exchanging information in a
computer network, and provide the basis for network programming. Well-known
communications protocols include Ethernet, hardware and link layer standard that is ubiquitous
in local area networks, and the Internet protocol suite, which defines a set of protocols for
internetworking, i.e. for data communication between multiple networks, as well as host-to-host
data transfer, and application-specific data transmission formats.
Computer networking is sometimes considered a sub-discipline of electrical engineering,
telecommunications, computer science, information technology or computer engineering, since it
relies upon the theoretical and practical application of these disciplines.

11. 11
1.1.1 LAN (Local Area Network)
A LAN (Local Area Network) is an individual network that covers a single geographical area,
providing networking services and applications to people within a common managerial structure,
such as a single business, campus or region.
A LAN is usually administered by a single organization. The administrative control that governs
the security and access control policies are enforced on the network level. LANs and WANs are
very useful to individual organizations. They connect the users within the organization. They
allow many forms of communication including exchange e-mails, corporate training, and other
resource sharing.
Figure 1.2
Communication with data, voice, and video is critical to business survival. Consequently, a
properly designed LAN is a fundamental requirement for doing business today. You must be
able to recognize a well-designed LAN and select the appropriate devices to support the network
specifications of a small- or medium-sized business.

12. 12
1.1.2 MAN (Metropolitan area networks):-
Metropolitan area networks, or MANs, are large computer networks usually spanning a city.
They typically use wireless infrastructure or Optical fiber connections to link their sites.
The IEE 802-2001 standard describes a MAN as being:
A MAN is optimized for a larger geographical area than a LAN, ranging from several blocks of
buildings to entire cities. MANs can also depend on communications channels of moderate-to-
high data rates. A MAN might be owned and operated by a single organization, but it usually
will be used by many individuals and organizations. MANs might also be owned and operated as
public utilities. They will often provide means for internetworking of local networks.
Metropolitan area networks can span up to 50km, devices used are modem and wire/cable
1.1.3 WAN (Wide Area Network)
Wide Area Network (WAN) is a computer network that covers a broad area (i.e., any network
whose communications links cross metropolitan, regional, or national boundaries. This is in
contrast with personal area networks (PANs), local area networks (LANs), campus area networks
(CANs), or metropolitan area networks (MANs) which are usually limited to a room, building,
campus or specific metropolitan area (e.g., a city) respectively. The largest and most well-known
example of a WAN is the Internet.
Major characteristics of WANs:
 WANs generally connect devices that are separated by a broader geographical area than
can be served by a LAN.
 WANs use the services of carriers, such as telephone companies, cable companies,
satellite systems, and network providers.
 WANs use serial connections of various types to provide access to bandwidth over large
geographic areas

13. 13
.
1.1.4 CAN (Campus area network)
Campus area network (CAN) is a computer network that interconnects local area networks
throughout a limited geographical area, such as a university campus, a corporate campus, or a
military base. It could be considered a metropolitan area network that is specific to a campus
setting. A campus area network is, therefore, larger than a local area network but smaller than a
wide area network. The term is sometimes used to refer to university campuses, while the term
corporate area network is used to refer to corporate campuses instead.

14. 14
CHAPTER-2
2.1 NETWORKING DEVICES
All but the most basic of networks require devices to provide connectivity and functionality.
Understanding how these networking devices operate and identifying the functions they perform
are essential skills for any network administrator and requirements for a Network+ candidate.
This chapter introduces commonly used networking devices, and, although it is true that you are
not likely to encounter all of the devices mentioned in this chapter on the exam, you can be
assured of working with at least some of them.
2.1.1 Hubs
At the bottom of the networking food chain, so to speak, are hubs. Hubs are used in networks
that use twisted-pair cabling to connect devices. Hubs can also be joined together to create larger
networks. Hubs are simple devices that direct data packets to all devices connected to the hub,
regardless of whether the data package is destined for the device. This makes them inefficient
devices and can create a performance bottleneck on busy networks. In its most basic form, a hub
does nothing except provide a pathway for the electrical signals to travel along. Such a device is
called a passive hub. Far more common nowadays is an active hub, which, as well as providing a
path for the data signals, regenerates the signal before it forwards it to all of the connected
devices. A hub does not perform any processing on the data that it forwards, nor does it perform
any error checking. Hubs come in a variety of shapes and sizes. Small hubs with five or eight
connection ports are commonly referred to as workgroup hubs. Others can accommodate larger
numbers of devices (normally up to 32). These are referred to as high-density devices. Because
hubs don’t perform any processing, they do little except enable communication between
connected devices. For today’s high-demand network applications, something with a little more
intelligence is required. That’s where switches come in.
2.1.2 Switches

15. 15
Like hubs, switches are the connectivity points of an Ethernet network. Devices connect to
switches via twisted-pair cabling, one cable for each Device. The difference between hubs and
switches is in how the devices deal with the data that they receive. Whereas a hub forwards the
data it receives to all of the ports on the device, a switch forwards it only to the port that connects
to the destination device. It does this by learning the MAC address of the devices attached to it,
and then by matching the destination MAC
2.1.3 ROUTERS:-
Router is a networking device whose software and hardware are usually tailored to the tasks of
routing and forwarding information. For example, on the Internet, information is directed to
various paths by routers.
Routers connect two or more logical subnets, which do not necessarily map one-to-one to the
physical interfaces of the router. The term "layer 3 switches" often is used interchangeably with
router, but switch is a general term without a rigorous technical definition. In marketing usage, it
is generally optimized for Ethernet LAN interfaces and may not have other physical interface
types. In comparison, a network hub does not do any routing; instead every packet it receives on
one network line gets forwarded to all the other network lines.
 Types of routers
Routers may provide connectivity inside enterprises, between enterprises and the Internet, and
inside Internet Service Providers (ISP). The largest routers (for example the Cisco CRS-1 or
Juniper T1600) interconnect ISPs, are used inside ISPs, or may be used in very large enterprise
networks. The smallest routers provide connectivity for small and home offices. Routers for
Internet connectivity and internal use
Routers intended for ISP and major enterprise connectivity will almost invariably exchange
routing information with the Border Gateway Protocol (BGP). RFC 4098 defines several types of
BGP-speaking routers:

16. 16
 Edge Router: Placed at the edge of an ISP network, it speaks external BGP (eBGP) to a
BGP speaker in another provider or large enterprise Autonomous System (AS).
 Subscriber Edge Router: Located at the edge of the subscriber's network, it speaks eBGP
to its provider's AS(s). It belongs to an end user (enterprise) organization.
 Inter-provider Border Router: Interconnecting ISPs, this is a BGP speaking router that
maintains BGP sessions with other BGP speaking routers in other providers' ASes.
 Core router: A router that resides within the middle or backbone of the LAN network rather than
at its periphery.
Within an ISP: Internal to the provider's AS, such a router speaks internal BGP (iBGP) to that
provider's edge routers, other intra-provider core routers, or the provider's inter-provider border
routers.
"Internet backbone:" The Internet does not have a clearly identifiable backbone, as did its
predecessors. See default-free zone (DFZ). Nevertheless, it is the major ISPs' routers that make
up what many would consider the core. These ISPs operate all four types of the BGP-speaking
routers described here. In ISP usage, a "core" router is internal to an ISP, and used to
interconnect its edge and border routers. Core routers may also have specialized functions in
virtual private networks based on a combination of BGP and Multi-Protocol Label Switching
(MPLS) Routers are also used for port forwarding for private servers
 MODES OF A ROUTER:-
 User Mode:-
Only some basic monitoring
 Privileged Mode:-
Monitoring and some troubleshooting
 Global Configurationmode:-
All Configurations that affect the router globally
 Interface mode:-

17. 17
Configurations done on the specific interface
 Roman Mode:-
Reverting Password
Console Connectivity
 Connect a rollover cable to the router console port (RJ-
 45 connector).
 Connect the other end of the rollover cable to the RJ-
 45 to DB-9 converter
 Attach the female DB-9 converter to a PC Serial Port.
 Open emulation software on the PC.
IN WINDOWS
• Start
 Programs
 Accessories
 Communications
 HyperTerminal
 HyperTerminal.
 Give the Connection Name & Select Any Icon
 Select Serial (Com) Port where Router is connected.

CHAPTER-3

18. 18
3.1 NETWORK TOPOLOGY
Network topology is defined as the interconnection of the various elements (links, nodes, etc.) of
a computer network. Network Topologies can be physical or logical. Physical Topology means
the physical design of a network including the devices, location and cable installation. Logical
topology refers to the fact that how data actually transfers in a network as opposed to its physical
design.
Any particular network topology is determined only by the graphical mapping of the
configuration of physical and/or logical connections between nodes. The study of network
topology uses graph theory. Distances between nodes, physical interconnections, transmission
rates, and/or signal types may differ in two networks and yet their topologies may be identical.
3.1.1 Basic Topologies:
The study of network topology recognizes five basic topologies:
 Bus topology
 Star topology
 Ring topology
 Tree topology
 Mesh topology
Bus Topology-
A bus network topology is a network architecture in which a set of clients are connected via a
shared communications line, called a bus.
Figure 3.1 Bus topology

19. 19
Star Topology-
A star network consists of one central switch, hub or computer, to which all other nodes are
connected; this central node provides a common connection point for all nodes through a hub.
Thus, the hub and leaf nodes, and the transmission lines between them, form a graph with the
topology of a star.
Figure 3.2
Ring Topology-
A ring network is a network topology in which each node connects to exactly two other nodes,
forming a single continuous pathway for signals through each node - a ring. Data travels from
node to node, with each node along the way handling every packet
Figure 3.3

20. 20
Tree Topology-
Also known as a hierarchical network. The type of network topology in which a central 'root'
node (the top level of the hierarchy) is connected to one or more other nodes that are one level
lower in the hierarchy (i.e., the second level) with a point-to-point link between each of the
second level nodes and the top level central 'root' node, while each of the second level nodes that
are connected to the top level central 'root' node will also have one or more other nodes that are
one level lower in the hierarchy (i.e., the third level) connected to it, also with a point-to-point
link, the top level central 'root' node being the only node that has no other node above it in the
hierarchy.
Figure 3.4
Mesh Topology-
Mesh networking is a type of networking wherein each node in the network may act as an
independent router, regardless of whether it is connected to another network or not. It allows for
continuous connections and reconfiguration around broken or blocked paths by “hopping” from
node to node until the destination is reached. A mesh network whose nodes are all connected to
each other is a fully connected network.
Figure 3.5

21. 21
CHAPTER-4
4.1 OSI MODEL
The Open Systems Interconnection (OSI) model is a product of the Open Systems
Interconnection effort at the International Organization for Standardization. It is a prescription of
characterizing and standardizing the functions of a communications system in terms
of abstraction layers. Similar communication functions are grouped into logical layers. A layer
serves the layer above it and is served by the layer below it.
For example, a layer that provides error-free communications across a network provides the path
needed by applications above it, while it calls the next lower layer to send and receive packets
that make up the contents of that path. Two instances at one layer are connected by a horizontal
connection on that layer.
4.1.1 Application (Layer 7)
This layer supports application and end-user processes. Communication partners are identified,
quality of service is identified, user authentication and privacy are considered, and any
constraints on data syntax are identified. Everything at this layer is application-specific. This
layer provides application services for email, email, and other network
software services. Telnet and FTP are applications that exist entirely in the application level.
Tiered application architectures are part of this layer.
4.1.2 Presentation (Layer 6)
This layer provides independence from differences in data representation (e.g., encryption) by
translating from application to network format, and vice versa. The presentation layer works to
transform data into the form that the application layer can accept. This layer formats and
encrypts data to be sent across a network, providing freedom from compatibility problems. It is
sometimes called the syntax layer..

22. 22
4.1.3 Session (Layer 5)
This layer establishes, manages and terminates connections between application. The session
layer sets up, coordinates, and terminates conversations, exchanges, and dialogues between the
applications at each end. It deals with session and connection coordination.
4.1.4 Transport (Layer 4)
This layer provides transparent transfer of data between end systems, or hosts, and is responsible
for end-to-end error recovery and flow control. It ensures complete data transfer.
4.1.5 Network (Layer 3)
This layer provides switching and routing technologies, creating logical paths, known as virtual
circuits, for transmitting data from node to node. Routing and forwarding are functions of this
layer, as well as addressing, internetworking, error handling congestion control and packet
sequencing.
4.1.6 Data Link (Layer 2)
At this layer, data packets are encoded and decoded into bits. It furnishes transmission
protocol knowledge and management and handles errors in the physical layer, flow control and
frame synchronization. The data link layer is divided into two sub layers: The Media Access
Control (MAC) layer and the Logical Link Control (LLC) layer. The MAC sub layer controls
how a computer on the network gains access to the data and permission to transmit it. The LLC
layer controls frame synchronization, flow control and error checking.
4.1.7 Physical (Layer 1)

23. 23
This layer conveys the bit stream - electrical impulse, light or radio signal -- through
the network at the electrical and mechanical level. It provides the hardware means of sending and
receiving data on a carrier, including defining cables, cards and physical aspects. Fast
Ethernet, RS232, and ATM are protocols with physical layer components.
Packetflow:-
Figure 4.1

24. 24
CHAPTER-5
5.1 IP ROUTING
IP routing is the process use by a router to forward packets towards destination network as found
in the routing table, which is created by routing algorithms or routing protocols.
A router makes decisions based upon the destination IP address of a packet. Routers don’t care
about hosts in a network, but networks and the best possible way to reach them. All network
devices along the way use the destination IP address to send the packet in the right direction to
reach its destination. To make the correct decisions, routers must learn how to reach remote
networks. Routers bus either dynamic routing - this information is learned from other routers, or
static routing - a network administrator configures information about remote networks manually.
Although it’s deemed necessary for every device in the network to be assigned a unique IP
address, but this is not sufficient for them to communicate. It’s the work of a router to acts as a
sort of traffic director to all packet destined to a destination.
In summary, routers route traffic to all networks in your internetwork. For a router to be able to
do this, it must know the following:
i. Destination address
ii. Possible routes to all networks
iii. Neighboring routers from which it will learn about remote networks
iv. The best route to reach a network
v. How to maintain and verify routing information.

25. 25
Example below shows how a router uses information in its routine table to make decisions:
Figure 5.1 IP Routing
R2#show IP route
[Output omitted]
Gateway of last resort is not set
C 192.168.1.32/27 is directly connected, fastEthernet0/1
C 192.168.1.0/27 is directly connected, fastEthernet0/2
C 10.10.1.0/30 is directly connected, serial 0/0/0

26. 26
The C in the routing table means the networks are directly connected. The remote networks are
not found and displayed in the routine table because, we have not added a routing protocol –
such asRIP, EIGRP, OSPFetc.or configured Static routes.
Looking at the output above, when the network router receive a packet with the destination
address of 192.168.1.10, the router will send the packet to interface fastEthernet0/2, and this
interface will frame the packet and then send it out on the network segment to Network B.
 The routing of data packets from one network segment to another
- For example from one subnet to another subnet
 A router (gateway) is often involved in the routing process
Figure 5.2
• Computer A will analyze (AND)the data packet against its subnet masks
– The data is to be sent to another subnet

27. 27
• Broadcast for the hardware address (eg: CC) of the gateway (IP address is already
known)
– Using ARP
• On receiving the hardware address, send the data packet to the gateway (router) to be
forwarded to its destination subnet
• The router will now be able to deliver the data packet to its destination in the other subnet
• An analysis of the data packet (ANDing) will determine the destination subnet
• The gateway will broadcast for the hardware address of the receiving host (IP already
known)
• On receiving a response, the packet will be forwarded to the destination host
Figure 5.3
Major Routing Methods:

28. 28
• Static routing
– Routing tables are hand maintained at the router
• Dynamic routing
– Routing tables are dynamically maintained by the routing protocol
– RIP (Routing Information Protocol)
– Open Shortest Path First (OSPF) protocol
• Static and dynamic routings may be integrated
Entries in to routing table:
• Network ID (Address)
• Network (subnet) mask
• Next hop (Gateway address)
• Interface
– Network interface for forwarding the data packet
• Metric
– Cost of each route for the selection of the best hop
5.1.1 Static routing
RIPv2
RIPv2 is a classless, distance vector routing protocol as defined in RFC 1723. Because RIPv2 is
a classless routing protocol, which means, it includes the subnet mask with the network
addresses in the routing updates. As with other classless routing protocols, RIPv2 supports CIDR
super nets, VLSM and discontiguous networks.
It’s equipped with the ability to support subnet information and supports Classless Inter-Domain
Routing (CIDR). A router that receives routing updates from multiple routers advertising the

29. 29
same classful summary route cannot determine which subnets belong to which summary route.
This inability leads to unexpected results including misrouted packets.
However, with RIPv2 automatic summarization can be disabled with the no auto-summary
command. Automatic summarization must be disabled to support discontiguous networks.
RIPv2 still maintains the hop count limit of 15 and incorporated a password authentication
mechanism.
The default version of RIP is version 1. The command version 2 is used to modify RIPv1 to
RIPv2.
Use the show ip protocols command to view that RIP is now sending and receiving version 2
updates and whether or not automatic summarization is in effect.
RIPv2 is actually an enhancement of RIPv1's features and extensions rather than an entirely new
protocol. Some of these enhanced features include:
 Next-hop addresses included in the routing updates
 Use of multicast addresses in sending updates
 Authentication option available
Like RIPv1, RIPv2 is a distance vector routing protocol. Both versions of RIP share the
following features and limitations:
 Use of hold down and other timers to help prevent routing loops.
 Use of split horizon or split horizon with poison reverse to also help prevent routing loops.
 Use of triggered updates when there is a change in the topology for faster convergence.
 Maximum hop count limit of 15 hops, with the hop count of 16 signifying an unreachable
network.
Configuring RIP v2 on a Network.

30. 30
HQ#configure terminal
HQ (config)#router rip
HQ(config-router)#version 2
HQ(config-router)#network 192.168.1.0
HQ(config-router)#network 192.168.2.0
HQ(config-router)#network 172.16.1.0
HQ(config-router)#network 172.16.2.0
HQ (config-router)#end
From the configuration above, the router rip command activates the protocol, version 2
defines the RIP version in use and the networks directly connected to the router HQ
network were all declared. All routers on the network must be configured the same way;
each router must declare its directly connected network to be seen by other routers on the
network.
5.1.2 Dynamic Routing Protocols I RIP Autonomous Systems:
• An autonomous system is a region of the Internet that is administered by a single entity.
• Examples of autonomous regions are:
 UVA’s campus network
 MCI’s backbone network
 Regional Internet Service Provider
 Routing is done differently within an autonomous system (intradomain routing) and
between autonomous systems (interdomain routing).
Intradomain Routing
• Routing within an AS
• Ignores the Internet outside the AS
Ethernet
Router
Ethernet
Ethernet
RouterRouter
Ethernet
Ethernet
EthernetRouter
Router
Router
Autonomous
System 2
Autonomous
System 1

31. 31
• Protocols for Intradomain routing are also called Interior Gateway Protocols or IGP’s.
• Popular protocols are
Figure 5.4
– RIP (simple, old)
– OSPF (better)Ff
Interdomain Routing
• Routing between AS’s
• Assumes that the Internet consists of a collection of interconnected AS’s
• Normally, there is one dedicated router in each AS that handles 3interdomain traffic.
• Protocols for interdomain routing are also called Exterior Gateway Protocols or EGP’s.
• Routing protocols:
– EGP
– BGP (more recent)
Approaches to Shortest Path Routing
• There are two basic routing algorithms found on the Internet.
1. Distance Vector Routing
• Each node knows the distance (=cost) to its directly connected neighbors
• A node sends periodically a list of routing updates to its neighbors.
• If all nodes update their distances, the routing tables eventually converge
• New nodes advertise themselves to their neighbors
2. Link State Routing
• Each node knows the distance to its neighbors
• The distance information (=link state) is broadcast to all nodes in the network
• Each node calculates the routing tables independently

32. 32
What Is Enhanced IGRP (EIGRP)?
• Enhanced IGRP supports:
– Rapid convergence
– Reduced bandwidth usage
– Multiple network-layer support
– Uses Diffused Update Algorithm (DUAL) to select loop-free routes and enable
fast convergence
Up to six unequal paths to a remote network (4 by default
Figure 5.5
Configuring EIGRP for IP
If you use the same AS number for EIGRP as IGRP, EIGRP will automatically redistribute IGRP
into EIGRP.
Introducing OSPF

33. 33
• Open standard
• Shortest path first (SPF) algorithm
• Link-state routing protocol (vs. distance vector)
• Can be used to route between AS’s
Figure 5.6
Types of OSPF Routers
Figure 5.7
OSPF Example

34. 34
Configuring Wildcards
If we want to advertise a partial octet (subnet), we need to use wildcards.
– 0.0.0.0 means all octets match exactly
– 0.0.0.255 means that the first three match exactly, but the last octet can be any
value
CHAPTER-6
6.1 IP ADDRESSING
6.1.1 IP Address:
An IP (Internet Protocol) address is a unique identifier for a node or host connection on an IP
network. It is a logical identification.
IP address is a combination of network bits or network field or network portion and host bits or
host field or host portion.

35. 35
6.1.2 IP Addressing:
IP addressing consists of following parts
 Planning of IP address
 Designing of IP address
 Implementation of IP address
 Troubleshooting of IP address
6.1.3 Characteristics of IPv4:
An IPv4 address is a 32- bit address that uniquely and universally defines the connection of a
device or host to the internet.
It is represented in binary form and dotted decimal form.
10000000 00001011 00000011 00011111
128.11.3.31
The address space of IPv4 is 232 i.e. 4,294,967,296.
6.1.4 Characteristics of IPv6:
An IPv4 address is a 128- bit address that uniquely and defines the connection of a device or host
to the internet.
It is represented in dotted hexadecimal form.
FF7B:84:740:0:1BCD:1011:23C6:9999

36. 36
The address space of IPv6 is 2128.
6.1.5 Classification of IPv4 Addresses:
 Based on Management-
o Classful Addressing
o Classless Addressing
6.1 Classful Addressing-
The address space in classful addressing is divided into five classes: A, B, C, D and E.
First Byte Second Byte Third Byte Fourth Byte Application
Class A 0-127 0-255 0-255 0-255 Unicast
Class B 128-191 0-255 0-255 0-255 Unicast
Class C 192-223 0-255 0-255 0-255 Unicast
Class D 224-239 0-255 0-255 0-255 Multicast
Class E 240-255 0-255 0-255 0-255 Reserved
 Based on Business-
o Private Address
o Public Address
Private Address-

37. 37
A private address is one used within a local area network and not accepted on the internet. The
range of private address is given as:
Range Total
10.0.0.0 to 10.255.255.255 224
172.16.0.0 to 172.31.255.255 220
192.168.0.0 to 192.168.255.255 216
Public Address-
A public address is the address the network is allocated on the internet to make it possible to
connect to other locations.
Default Mask:
It is a 32 bit binary number that will define how many bits belongs to network and how many
bits belongs to host in any IP address.
Default mask for Class full Addresses:
Class Default Mask Network and Host bits
A 255.0.0.0 N.H.H.H
B 255.255.0.0 N.N.H.H
C 255.255.255.0 N.N.N.H
N- Network bits
H- Host bits
 Network ID or Network address (NID):

38. 38
If each bit belongs to host in any IP address represent 0 then that IP address is known as NID. It
is not used by network administrator. It is only used by network device.
Example: For an IP address 122.123.41.68/8 the NID is 122.0.0.0/8.
 Broadcast ID or Broadcast address (BID):
If each bit belongs to host in any IP address represent 1 then that IP address is known as BID. It
is not used by network administrator. It is only used by network device.
Example: For an IP address 122.123.124.125/8 the BID is 122.255.255.255/8.
6.2 IP Saving Techniques:
A large number of IP addresses were wasted in class full addressing. Hence IP saving techniques
were required. The techniques are:
 Sub- netting
 VLSM
 CIDR
6.2.1 Sub-netting-
It is a process from which we can divide classful network IP (class A, B, C) into smaller
network. The smaller network is known as Subnet Network and the mask of the subnet network
is known as Subnet Mask.
6.2.2 VLSM-
VLSM (Variable Length Subnet Mask) allows an organization to use more than one subnet mask
within the same network address space. Implementing VLSM is often called sub-netting a
subnet. It can be used to maximize addressing efficiency.

39. 39
6.2.3 CIDR-
CIDR (Classless Inter Domain Routing) is a method for allocating IP addresses and routing
Internet Protocol packets. The Internet Engineering Task Force introduced CIDR in 1993 to
replace the previous addressing architecture of network design in the Internet. Their goal was to
slow the growth of routing tables on routers across the Internet, and to help slow the rapid
exhaustion of IPv4 addresses.
The syntax of CIDR notation is:
A.B.C.D/N
A- Takes value in the range 1-223
B- Takes value in the range 0-255
C- Takes value in the range 0-255
D- Takes value in the range 0-255
N- Network bits. Takes value in the range 0-31
 Summarization:
The process by which we can find the main network of a subnet network is known as
Summarization.
Example: We have four subnet networks 199.10.20.0/26, 199.10.20.64/26, 199.10.20.128/26 and
199.10.20.192/26. By the process of summarization we can find the main network of the four
subnet networks. The main network is 199.10.20.0/24.
 Default Gateway:
In computer networking, a gateway is a node (a router) on a TCP/IP network that serves as an
access point to another network. A default gateway is the node on the computer network that the
network software uses when an IP address does not match any other routes in the routing table.

40. 40
 DNS:
The DNS (Domain Name System) is a hierarchical distributed naming system for computers,
services, or any resource connected to the Internet or a private network. It associates various
information with domain names assigned to each of the participating entities. An often-used
analogy to explain the Domain Name System is that it serves as the phone book for the Internet
by translating human-friendly computer hostnames into IP addresses. For example, the domain
name www.example.com translates to the addresses 192.0.43.10 (IPv4) and
2620:0:2d0:200::10 (IPv6).
 DHCP:
The DHCP (Dynamic Host Configuration Protocol) is a network configuration protocol for hosts
on Internet Protocol (IP) networks. Computers that are connected to IP networks must be
configured before they can communicate with other hosts. The most essential information
needed is an IP address, and a default route and routing prefix. DHCP eliminates the manual task
by a network administrator. It also provides a central database of devices that are connected to
the network and eliminates duplicate resource assignments.
 Workgroup:
Microsoftoperating systems in the same workgroup may allow each other access to their files,
printers, or Internet connection. Members of different workgroups on the same local area
network and TCP/IP network can only access resources in workgroups to which they are joined.
Workgroups can be used only if Microsoft Network is enabled. A workgroup is Microsoft's
terminology for a peer-to-peer Windows computer network.
 Domain:
A domain name is an identification string that defines a realm of administrative autonomy,
authority, or control on the Internet. Domain names are formed by the rules and procedures of
the Domain Name System (DNS). Domain names are used in various networking contexts and
application-specific naming and addressing purposes.

41. 41
CHAPTER-7
7.1 Access Control Lists (ACLs)
Access Control List (ACL) are filters that enable you to control which routing updates or
packets are permitted or denied in or out of a network. They are specifically used by network
administrators to filter traffic and to provide extra security for their networks. This can be
applied on routers (Cisco).
ACLs provide a powerful way to control traffic into and out of your network; this control can be
as simple as permitting or denying network hosts or addresses. You can configure ACLs for all
routed network protocols.
The most important reason to configure ACLs is to provide security for your network. However,
ACLs can also be configured to control network traffic based on the TCP port being used.
7.1.1 How ACLs work
A router acts as a packet filter when it forwards or denies packets according to filtering rules. As
a Layer 3 device, a packet-filtering router uses rules to determine whether to permit or deny
traffic based on source and destination IP addresses, source port and destination port, and the
protocol of the packet. These rules are defined using access control lists or ACLs.
To simplify how ACL or a router uses packet filtering work, imagine a guard stationed at a
locked door. The guard's instruction is to allow only people whose names appear on a quest list
to pass through the door. The guard is filtering people based on the condition of having their
names on the authorized list.

42. 42
Figure 7.1 access control lists
When a packet arrives at the router, the router extracts certain information from the packet
header and makes decisions according to the filter rules as to whether the packet can pass
through or be dropped. Packet filtering process works at the Network layer of the Open Systems
Interconnection (OSI) model, or the Internet layer of TCP/IP.
7.1.2 ACL Operations
 Packets are compared to Each Statement in an Access-list SEQUENTIALLY- From the Top
Down.
 The sooner a decision is made the better.
 Well written Access-lists take care of the most abundant type of traffic first.
 All Access-lists End with an Implicit Deny All statement

43. 43
 Standard ACL
 Are given a # from 1-99
 Filtering based only on Source Address
Should be applied closest to the Destination
 Extended ACL
 Are given a # from 100-199
 Much more flexible and complex
 Can filter based on:
Source address
Destination address
Session Layer Protocol (ICMP, TCP, UDP..)
Port Number (80 http, 23 telnet…)
 Should be applied closest to the Source
 Implementing ACLs
Step 1 - Create the Access-list
Step 2 -Apply the Access-list to an Interface
Must be in interface config mode (config-if)#
IP access-group # in/out (routers point of view)
Remember the Implicit Deny All at the end of each access-list.
Two Approaches:
1. List the traffic you know you want to permit
Deny all other traffic
2. List the traffic you want to deny

44. 44
Permit all other traffic (permit any)
Figure 7.2
A(config)#access-list 5 deny 172.22.5.2 0.0.0.0
A(config)#access-list 5 deny 172.22.5.3 0.0.0.0
A(config)#access-list 5 permit any
So what does this access list do?
• Deny any host 172.22.5.2
Deny any host 172.22.5.3
• All other traffic can go
• A(config)#access-list 5 deny 172.22.5.2 0.0.0.0
• A(config)#access-list 5 deny 172.22.5.3 0.0.0.0
• A(config)#access-list 5 permit any
• A(config)#access-list 5 deny 172.22.5.4 0.0.0.0
Why does the last line have no affect?
How could we correct this situation?
Extended ACL

45. 45
figure 7.3
figure 7.4
Standard: Closed to source
Extended: Closed to destination
Restricted ACL access

46. 46
figure 7.4
figure 7.5

47. 47
figure 7.6

48. 48
CHAPTER-8
8.1 Network Address Translation
Network Address Translation (NAT) is the process where a network device, usually a firewall,
assigns a public address to a computer (or group of computers) inside a private network. The
main use of NAT is to limit the number of public IP addresses an organization or company must
use, for both economy and security purposes.
The most common form of network translation involves a large private network using addresses
in a private range (10.0.0.0 to 10.255.255.255, 172.16.0.0 to 172.31.255.255, or 192.168.0 0 to
192.168.255.255). The private addressing scheme works well for computers that only have to
access resources inside the network, like workstations needing access to file servers and printers.
Routers inside the private network can route traffic between private addresses with no trouble.
However, to access resources outside the network, like the Internet, these computers have to
have a public address in order for responses to their requests to return to them. This is where
NAT comes into play.
Internet requests that require Network Address Translation (NAT) are quite complex but happen
so rapidly that the end user rarely knows it has occurred. A workstation inside a network makes a
request to a computer on the Internet. Routers within the network recognize that the request is
not for a resource inside the network, so they send the request to the firewall. The firewall sees
the request from the computer with the internal IP. It then makes the same request to the Internet
using its own public address, and returns the response from the Internet resource to the computer
inside the private network. From the perspective of the resource on the Internet, it is sending
information to the address of the firewall. From the perspective of the workstation, it appears that
communication is directly with the site on the Internet. When NAT is used in this way, all users
inside the private network access the Internet have the same public IP address when they use the
Internet. That means only one public addresses is needed for hundreds or even thousands of
users.

49. 49
Most modern firewalls are state full - that is, they are able to set up the connection between the
internal workstation and the Internet resource. They can keep track of the details of the
connection, like ports, packet order, and the IP addresses involved. This is called keeping track
of the state of the connection. In this way, they are able to keep track of the session composed of
communication between the workstation and the firewall, and the firewall with the Internet.
When the session ends, the firewall discards all of the information about the connection.
There are other uses for Network Address Translation (NAT) beyond simply allowing
workstations with internal IP addresses to access the Internet. In large networks, some servers
may act as Web servers and require access from the Internet. These servers are assigned public
IP addresses on the firewall, allowing the public to access the servers only through that IP
address. However, as an additional layer of security, the firewall acts as the intermediary
between the outside world and the protected internal network. Additional rules can be added,
including which ports can be accessed at that IP address. Using NAT in this way allows network
engineers to more efficiently route internal network traffic to the same resources, and allow
access to more ports, while restricting access at the firewall. It also allows detailed logging of
communications between the network and the outside world.
Additionally, NAT can be used to allow selective access to the outside of the network, too.
Workstations or other computers requiring special access outside the network can be assigned
specific external IPs using NAT, allowing them to communicate with computers and applications
that require a unique public IP address. Again, the firewall acts as the intermediary, and can
control the session in both directions, restricting port access and protocols.
NAT is a very important aspect of firewall security. It conserves the number of public addresses
used within an organization, and it allows for stricter control of access to resources on both sides
of the firewall.

50. 50
CHAPTER-9
9.1 Virtual LAN
A Local Area Network (LAN) was originally defined as a network of computers located within
the same area. Today, Local Area Networks are defined as a single broadcast domain. This
means that if a user broadcasts information on his/her LAN, the broadcast will be received by
every other user on the LAN. Broadcasts are prevented from leaving a LAN by using a router.
The disadvantage of this method is routers usually take more time to process incoming data
compared to a bridge or a switch. More importantly, the formation of broadcast domains depends
on the physical connection of the devices in the network. Virtual Local Area Networks (VLAN's)
were developed as an alternative solution to using routers to 2.0 what are VLAN's?
In a traditional LAN, workstations are connected to each other by means of a hub or a repeater.
These devices propagate any incoming data throughout the network. However, if two people
attempt to send information at the same time, a collision will occur and all the transmitted data
will be lost. Once the collision has occurred, it will continue to be propagated throughout the
network by hubs and repeaters. The original information will therefore need to be resent after
waiting for the collision to be resolved, thereby incurring a significant wastage of time and
resources. To prevent collisions from traveling through all the workstations in the network, a
bridge or a switch can be used. These devices will not forward collisions, but will allow
broadcasts (to every user in the network) and multicasts (to a pre-specified group of users) to
pass through. A router may be used to prevent broadcasts and multicasts from traveling through
the network.
The workstations, hubs, and repeaters together form a LAN segment. A LAN segment is also
known as a collision domain since collisions remain within the segment. The area within which
broadcasts and multicasts are confined is called a broadcast domain or LAN. Thus a LAN can
consist of one or more LAN segments. Defining broadcast and collision domains in a LAN
depends on how the workstations, hubs, switches, and routers are physically connected together.
This means that everyone on a LAN must be located in the same area (see Figure1).

51. 51
Figure 9.1: Physical view of a LAN.
VLAN's allow a network manager to logically segment a LAN into different broadcast domains
(see Figure2). Since this is a logical segmentation and not a physical one, workstations do not
have to be physically located together. Users on different floors of the same building, or even in
different buildings can now belong to the same LAN.

52. 52
Physical View
Logical View
Figure 9.2: Physical and logical view of a VLAN.

53. 53
VLAN's also allow broadcast domains to be defined without using routers. Bridging software is
used instead to define which workstations are to be included in the broadcast domain. Routers
would only have to be used to communicate between two VLAN's contain broadcast traffic.
9.1.1 Inter-VLAN Routing
We define inter-VLAN routing as a process of forwarding network traffic from one VLAN to
another VLAN using a router or layer 3 device.
In the previous pages, we learned about how to configure VLANs on a network switch. To allow
devices connected to the various VLANs to communicate with each other, you need to connect a
router. As we’ve learned that each VLAN is a unique broadcast domain, so, computers on
separate VLANs are, by default, not able to communicate. There is a way to permit these
computers to communicate; it is called inter-VLAN routing.
One of the ways of the ways to carry out inter-VLAN routing is by connecting a router to the
switch infrastructure. VLANs are associated with unique IP subnets on the network. This subnet
configuration enables the routing process in a multi-VLAN environment. When using a router to
facilitate inter-VLAN routing, the router interfaces can be connected to separate VLANs
.Devices on those VLANs communicates with each other via the router.

54. 54
APPENDIX-I
APPLICATION DETAILS:
Company Application Function
McAfee Secured Internet Gateway Software McAfee secured Internet
Gateway 3200
Anti spam Software Module McAfee
URL filtering Software Module McAfee
McAfee Antivirus McAfee antivirus
EMC Network Management Console 7.6 Backup Software
EMC Recovery Point Manager
3.2.SP2.P2
Recovery Point
Management Application
EMC NaviSphere Manager 6.26.23.0.46 For manage clarion CX3-
40C
Power Path Administrator EMC
Corporation Version
For storage configuration
Juniper Network and Security Manager For patch update in Juniper
Firewall

55. 55
Table I.1
APPENDIX-II
HARDWARE DETAILS:
Item Description Function
Infrastructure Modular UPS system with accessories UPS
Precision Air Conditioning System AC
Rack Mounted PDUs with accessories Rack
Server Racks with accessories Rack
Networking Racks with accessories Rack
Environment Monitoring units with
accessories
Security
Surveillance System with accessories Security
Infrastructure Management System Infrastructure
1KVA Line Interactive UPS UPS
Gas Suppression System and accessories Security

56. 56
Fire Detection and Alarm System with
accessories
Security
Smoke detection system with accessories Security
Access control system with accessories Security
Burglar alarm system Security
Rodent control system with accessories Security
PA system Infrastructure
Water leakage detection system Security
Network Router with accessories Router
Firewall with accessories Security
Central switch with accessories (Type 1) Switch
Chassis based central switch with
accessories (Type 2)
Switch
McAfee Secure Internet Gateway Security
SCM Security

57. 57
Server/ Storage/ Other SAN with accessories Storage
NAS Gateway Storage
SAN switches and accessories Storage
Blade Server Server
Sun Server Server
Sun Workstation Server
Tape library and accessories Storage
A4 Mono Laser Printers Printer
24 Port cat 6 Jack Panel with accessories Cable
Cat 6 UTP Patch Cord 7 Feet Cable
24 Port LIU with fully loaded adapter and
connectors with accessories
Cable
Armored Optical Fiber Cable Multimode Cable
Optical fiber connector Cable
Table I.2

58. 58
APPENDIX-III
MATHEMATICAL REVIEW:
Formation of Subnets using Sub netting-
Major Network- 199.10.20.0/24
Step-1: Default Mask
255.255.255.0
Step-2: Binary representation of default mask
11111111.11111111.11111111.00000000
Step-3: Number of Subnets
No. of subnets= 2n
n- No. of bits borrowed from host
Here n=2
No. of subnets = 22 =4
Step-4: Subnet Mask
255.255.255.192
Step-5: Block Size
Block size of each subnet= 256- subnet mask = 256-192 =64
Step-6: Valid IP/ Subnet

59. 59
Valid IP/ Subnet= 2n -2
n- No. of Host bits
Here n=6
Valid IP/ Subnet= 26 – 2 = 64 – 2 = 62
Step 7: Starting of each subnet
Starting of 1st subnet = 0
Starting of 2nd subnet= 0+64= 64
Starting of 3rd subnet= 64+ 64= 128
Starting of 4th subnet= 128+ 64=192
Step-8: Subnets
1st Subnet
199.10.20.0/26 NID
199.10.20.1/26 1st Valid IP
199.10.20.62/26 Last Valid IP
199.10.20.63/26 BID
2nd Subnet
199.10.20.64/26 NID
199.10.20.65/26 1st Valid IP
199.10.20.126/26 Last Valid IP
199.10.20.127/26 BID

60. 60
3rd Subnet
199.10.20.128/26 NID
199.10.20.129/26 1st Valid IP
199.10.20.190/26 Last Valid IP
199.10.20.191/26 BID
4th Subnet
199.10.20.192/26 NID
199.10.20.193/26 1st Valid IP
199.10.20.254/26 Last Valid IP
199.10.20.255/26 BID
Formation of Subnets using VLSM-
We need to create 6 subnets with IP address requirement 49 IPs, 2 IPs, 10 IPs, 29 IPs, 2 IPs and
2 IPs respectively. The major network is 192.168.1.0/24.
Block size for VLSM- 4, 8, 16, 32, 64, 128, 256
The IPs arranged in descending order and then a block size is chosen such that the no of IPs are
satisfied with the particular block size. According to the block size the subnet mask varies.
Hence from a particular major network subnets are formed with variable length subnet mask.
No. of IPs Block Size IP Address
49 64 (0-63) 192.168.1.0/26 NID

61. 61
192.168.1.1/26 1st Valid IP
192.168.1.62/26 Last Valid IP
192.168.1.63/26 BID
29 32 (64-95) 192.168.1.64/27 NID
192.168.1.65/27 1st Valid IP
192.168.1.94/27 Last Valid IP
192.168.1.95/27 BID
10 16 (96-111) 192.168.1.96/28 NID
192.168.1.97/28 1st Valid IP
192.168.1.110/28 Last Valid IP
192.168.1.111/28 BID
2 4 (112-115) 192.168.1.112/30 NID
192.168.1.113/30 1st Valid IP
192.168.1.114/30 Last Valid IP
192.168.1.115/30 BID
2 4 (116-119) 192.168.1.116/30 NID
192.168.1.117/30 1st Valid IP
192.168.1.118/30 Last Valid IP
192.168.1.119/30 BID
2 4 (120-123) 192.168.1.120/30 NID

62. 62
APPENDIX-IV
CONFIGURATION OF ROUTER ON PACKET TRACER:
Figure IV.1
Common commands for all four routers-
Router> // User Execution Mode
Router> en
Router # config t // User Privileged Mode
Router (config) # hostname RA // Global Configuration Mode
RA (config) # enable password noida // to enable password

63. 63
RA (config) # enable secret ccna // To enable secret password
RA (config) # line console 0 // To enable console password
RA (config-line) # password 1234
RA (config-line) # login
RA (config-line) # exit
RA (config) # line vty 0 4 // To enable telnet password
RA (config-line) # password 789
RA (config-line) # exit
RA (config) # banner motd @WELCOME RA@ // To put banner
RA router commands-
RA (config) # interface e0/1/0
RA (config-if) # ip address 10.255.255.254 255.0.0.0
RA (config-if) # no shut down
RA (config-if) # interface s0/0/0
RA (config-if) # ip address 20.0.0.1 255.0.0.0
RA (config-if) # no shut down
RA (config-if) # exit
RA (config) # exit
RA # exit
RB router commands-

64. 64
RB (config) # interface s0/0/0
RB (config-if) # ip address 20.0.0.2 255.0.0.0
RB (config-if) # no shut down
RB (config-if) # clock rate 64000
RB (config-if) # interface e0/1/0
RB (config-if) # ip address 30.255.255.254 255.0.0.0
RB (config-if) # no shut down
RB (config-if) # interface s0/0/1
RB (config-if) # ip address 128.129.1.1 255.255.0.0
RB (config-if) # no shut down
RB (config-if) # clock rate 64000
RB (config-if) # exit
RB (config) # exit
RB # exit
RC router commands-
RC (config) # interface s0/0/0
RC (config-if) # ip address 128.129.1.2 255.255.0.0
RC (config-if) # no shut down

65. 65
RC (config-if) # interface e0/1/0
RC (config-if) # ip address 200.100.50.1 255.255.255.0
RC (config-if) # no shut down
RC (config-if) # exit
RC (config) # exit
RC # exit
RD router commands-
RD (config) # interface fa0/0
RD (config-if) # ip address 200.100.50.2 255.255.255.0
RD (config-if) # no shut down
RD (config-if) # interface fa0/1
RD (config-if) # ip address 192.168.100.254
RD (config-if) # no shut down
RD (config-if) # exit
RD (config) # exi

66. 66
PROJECT IMAGE

67. 67
References
 Networking
o J. F. Kurose and W. R. Ross, Computer Networking: A Top-Down Approach
Featuring the Internet.
o L.L. Peterson and B. S. Davie, Computer Networks: A System Approach.
o Andrew S.Tanenbaum, Computer Networks
o Douglas E. Comer, Computer Networks and Internets
o D. Bertsekas & R. Gallager, Data Networks.
o S. Keshav, An Engineering Approach to Computer Networking.
o J. Walrand & P. Varaiya, High-Performance Communication Networks.
o TCP/IP Tutorial and Technical Overview (IBM Redbook)
 Routing
o Sam Halabi & Danny McPherson, Internet Routing Architectures.
o Christian Huitema, Routing in the Internet.
o Radia Pearlman, Interconnections: Bridges and Routers.
o John T. Moy, OSPF: Anatomy of an Internet Routing Protocol.
o Jim Stewart, BGP4.
Research Papers
 Introduction
o [3ComWHITE01] 3Com, "Understanding IP Addressing: Everything You Ever
Wanted to Know," White Paper, May 2001.
o [CiscoIP] Cisco, "Internet Protocols," Internetworking Technology Handbook.
o [CiscoRouting] Cisco, "Routing Basics," Internetworking Technology
Handbook.
o [CiscoIntroInternet] Cisco, "Introduction to Internet," Internetworking
Technology Handbook.
o [RFC1180] T. Socolofsky and C. Kale, "A TCP/IP Tutorial," Jan 1991.
 Intra-Doman Routing
o [RFC1058] C. Hedrick, "Routing Information Protocol," Jun 1988.
o [RFC2328] J. Moy, "OSPF Version 2," Apr 1998.
o [RFC1723] G. Malkin, "RIP Version 2: Carrying Additional Information," Nov
1994.

68. 68
o [CiscoOSPF] Cisco, "Open Shortest Path First," Internetworking Technology
Handbook.
o [CiscoRIP] Cisco, "Routing Information Protocol," Internetworking Technology
Handbook.
o [CiscoIGRP] Cisco, "Interior Gateway Routing Protocol," Internetworking
Technology Handbook.
o [CiscoEIGRP] Cisco, "Enhanced IGRP," Internetworking Technology
Handbook.
o [GarciaTON93] J.J. Garcia-Luna-Aceves, "Loop-Free Routing Using Diffusing
Computations," IEEE/ACM Trans. Networking, February 1993.
o [AlbrightsonINTEROP94] Bob Albrightson, J.J. Garcia-Luna-Aceves, Joanne
Boyle, "EIGRP: A Fast Routing Protocol Based On Distance Vectors", Interop
1994.
 Inter-Doman Routing
o [RFC1771] Y. Rekhter and T. Li, "A Border Gateway Protocol 4 (BGP-4),"
Mar 1995.
o [RFC1772] Y. Rekhter and P. Gross, "Application of the Border Gateway
Protocol in the Internet," Mar 1995.
o [CiscoBGP] Cisco, "Border Gateway Protocol," Internetworking Technology
Handbook.
o [CiscoBGPCASES] Cisco, "BGP Case Studies and Tutorial".
o [Labovitz:SIGCOMM97] Craig Labovitz, G. Robert Malan, and Farnam
Jahanian, "Internet Routing Instability," SIGCOMM 1997.
o [Griffin:SIGCOMM99] Timothy G. Griffin and Gordon Wilfong, "An Analysis
of BGP Convergence Properties," SIGCOMM 1999.
o [Labovitz:SIGCOMM00] Craig Labovitz, Abha Ahuja, Abhijit Abose, Farnam
Jahanian, "An Experimental Study of Delayed Internet Routing Convergence,"
SIGCOMM 2000.
o [GaoTON01] L. Gao, J. Rexford, "Stable Internet Routing Without Global
Coordination," IEEE/ACM Transactions on Networking, December 2001.
o [Bremler-BarrINFOCOM03] Anat Bremler-Barr, Yehuda Afek, and Shemer
Schwarz, "Improved BGP Convergence via Ghost Flushing," INFOCOM 2003.
o [FeamsterSIGMETRICS03] Nick Feamster, David G. Andersen, Hari
Balakrishnan, M. Frans Kaashoek, "Measuring the Effects of Internet Path Faults
on Reactive Routing," SIGMETRICS 2003.

69. 69
 Multicast Routing
o [RamalhoICST00] M. Ramalho, "Intra- and Inter-Domain Multicast Routing
Protocols: A Survey and Taxonomy," IEEE Communications Surveys &
Tutorials, 1st Quarter 2000.
o [SahasrabuddheIN00] Laxman H. Sahasrabuddhe and B. Mukherjee, "Muliticast
Routing Algorithms and Protocols: A Tutorial," IEEE Network, Jan./Feb., 2000.
o [AngelNETMAG99] Jonathan Angel, "Multicasting," Network Magazine,
January 1999.
o [HandleyIPJ99] Mark Handley and Jon Crowcroft, "Internet Multicast Today,"
Internet Protocol Journal, December 1999.
o [HandleyIPJ02] Ian Brown, Jon Crowcroft, Mark Handley, and Brad Cain,
"Internet Multicast Tomorrow," Internet Protocol Journal, December 2002.
o [CiscoIPMulticast] Cisco, "Internet Protocol Multicast," Internetworking
Technology Handbook.
o [ChuJSAC02] Yang-hua Chu, Rao, S.G., Seshan, S., and Hui Zhang, "A case
for end system multicast," IEEE Journal on Selected Areas in Communications,
October 2002.
o [BanerjeeSIGCOMM02] Suman Banerjee, Bobby Bhattacharjee and
Christopher Kommareddy, "Scalable Application Layer Multicast," SIGCOMM
2002.
o [FloydTON97] Sally Floyd, Van Jacobson, Ching-Gung Liu, Steven McCanne,
Lixia Zhang, "A reliable multicast framework for light-weight sessions and
application level framing," IEEE/ACM Transactions on Networking, December
1997.
o [McCanneSIGCOMM96] S. McCanne, V. Jacobson, and M. Vetterli,
"Receiver-driven Layered Multicast," SIGCOMM 1996.
 MPLS and Traffic Engineering
o [TelliumMPLS] Tellium, "Multiprotocol Label Switching", Tutorial.
o [NortelMPLS] Nortel, "MPLS: An Introduction to Multiprotocol Label
Switching," White Paper.
o [CiscoMPLS] Cisco, "MPLS/Tag Switching," Internetworking Technology
Handbook.
o [RFC3031] E. Rosen, A. Viswanathan, and R. Callon, "Multiprotocol Label
Switching Architecture," Jan 2001.
o [DataConSIGNALING] Data Connection, "MPLS Traffic Engineering: A
Choice of Signaling Protocols", White Paper.
o [AwducheICM99] Awduche, D.O., "MPLS and traffic engineering in IP
networks," IEEE Communication Magazine, Dec 1999.
o {RFC3272] D. Awduche, A. Chiu, A. Elwalid, I. Widjaja, and X. Xiao,
"Overview and Principles of Internet Traffic Engineering," May 2002.
o [FortzICM02] B. Fortz, J. Rexford, and M. Thorup, "Traffic engineering with
traditional IP routing protocols," IEEE Communication Magazine, Oct 2002.

70. 70
o [SridharanINFOCOM03] Ashwin Sridharan, Roch Guerin, and Christophe Diot,
"Achieving Near-Optimal Traffic Engineering Solutions for Current OSPF/IS-IS
Networks," INFOCOM 2003.
o [IyerINFOCOM2003] Sundar Iyer, Supratik Bhattacharyya, Nina Taft, and
Christophe Diot, "An approach to alleviate link overload as observed on an IP
backbone," INFOCOM 2003.
o [ApplegateINFOCOM03] David Applegate, and Mikkel Thorup, "Load optimal
MPLS routing with N+M labels," INFOCOM 2003.
o [ApplegateSIGCOMM03] David Applegate, Edith Cohen, "Making Intra-
Domain Routing Robust to Changing and Uncertain Traffic Demands:
Understanding Fundamental Tradeoffs," SIGCOMM 2003.
 Failure Resiliency
o [DATACON-MPLS-RESTORE] Data Connection, "Protection and Restoration
in MPLS Networks," White Paper.
o [ShaikhINFOCOM 2002] Aman Shaikh, Rohit Dube and Anujan Varma,
"Avoiding Instability during Graceful Shutdown of OSPF," INFOCOM 2002.
o [KarINFOCOM 2002] K. Kar, M. Kodialam, T. V. Lakshman, "Routing
Restorable Bandwidth Guaranteed Connections Using Maximum 2-route Flows,"
INFOCOM 2002.
o [IyerINFOCOM2003] Sundar Iyer, Supratik Bhattacharyya, Nina Taft, and
Christophe Diot, "An approach to alleviate link overload as observed on an IP
backbone," INFOCOM 2003.
o [NelakuditiIWQOS03] Srihari Nelakuditi, Sanghwan Lee, Yinzhe Yu, and Zhi-
Li Zhang, "Failure Insensitive Routing for Ensuring Service Availability,"
IWQoS 2003.
o [AlaettinogluDRAFT] C. Alaettinoglu, V. Jacobson, H. Yu, "Towards Milli-
Second ICP Convergence," Internet Draft, draft-alaettinoglu-isis-convergence-
00.txt, November 2000.
o [AlaettinogluQWEST] C. Alaettinoglu, Stephen Casner, "Detailed Analysis of
ISIS Routing Protocol on the Qwest Backbone: A recipe for subsecond ISIS
convergence".
o [AlaettinogluIETF02] C. Alaettinoglu, Alex Zinin, "IGP Fast Reroute".
o [PeiDSN03] Dan Pei, Lan Wang, Daniel Massey, S. Felix Wu, Lixia Zhang, "A
Study of Packet Delivery Performance during Routing Convergence," IEEE DSN
2003.
o [ThorupFAIL01] Mikkel Thorup, "Fortifying OSPF/IS-IS against link-failure".
o [NucciITC03] Antonio Nucci, Bianca Schroeder, Supratik Bhattacharyya, Nina
Taft, Christophe Diot, "IGP Link Weight Assignment for Transient Link
Failures", ITC 18, 2003.