1. 1
A
Report
On
Industrial Training
attended at
DUCAT
Report submitted to the
Department of Electronics and Communication Engineering
By
Anurag Sharma
1615103011
Training mentor
Mr. Dheeraj Kumar
(DUCAT, Greater Noida)
Department of Electronics and Communication Engineering
School of Electrical, Electronics and Communication Engineering
Galgotias University, Greater Noida, U.P., India
December, 2019
3. 3
Undertaking
I declare that the contents presented in this report are based on the industrial training attended by me during
June 15, 2019 to Sep 15, 2019 at DUCAT, Greater Noida. I understand that any violation of the above will
be cause for disciplinary action by the university against me as per the university rule.
Anurag Sharma
(1615103011)
4. 4
Recommendation
This is to certify that the Industrial Training report submitted by Anurag Sharma is verified by me and
recommended for submission.
Dr. Usha Chauhan
Faculty Mentor
5. 5
ACKNOWLEDGEMENTS
I am grateful to The Department of Electronics and Communication Engineering, for giving me the
opportunity to carry out this training, which is an integral fragment of the curriculum in Bachelor of
Technology program at the Galgotias University, Greater Noida. I would like to express my heartfelt
gratitude and regards to my training mentor, Mr. Dheeraj Kumar, for his unflagging support and continuous
encouragement throughout the training. And thanks to my faculty mentor Dr. Usha Chauhan, Asso.
Professor, SECE, Galgotias University who encourage me to do this training.
Special thanks to my Program Chair, Dr. B. Mohapatra, department of Electronics and Communication
Engineering for giving me this opportunity to enhance my knowledge through this training.
Last but not the least; I want to acknowledge the contributions of my parents and family members, for their
constant and never-ending motivation.
Galgotias university Anurag Sharma (1615103011)
6. 6
Table of contents
S.No. Title Page No.
Title 1
Certificate 2
Recommendation 3
Acknowledgements 4
List of Figures 8
List of Tables 9
1 Introduction 10
1.1 CISCO 10
1.2 OSI Model 10
1.3 Ethernet 11
1.4 HUB 12
1.5 Router 12
1.6 Switch 12
1.7 Server 13
1.8 IPv4 13
2 Theory of Networks 14
3 Routing protocol 15
3.1 Types of routing protocol 15
3.1.1 IGP 16
3.1.2 EGP 16
3.2 Basic routing protocol 16
3.3 Static routing 17
3.4 Default routing 18
7. 7
3.5 Routing Information Protocol 19
3.5.1 Versions of RIP 20
3.6 Enhanced Interior Gateway Routing Protocol 22
3.7 Open Shortest Path First 24
4 Switching 25
4.1 Spanning Tree Protocol 26
4.1.1 STP election process 26
4.1.2 Types of STP 26
4.2 Virtual Local Area Network 27
4.3 Inter VLAN routing 29
4.4 Port Security 30
4.5 Dynamic Host Configuration Protocol 30
4.6 Network Address Translation 32
4.6.1 Types of NAT 32
5 References 34
8. 8
List of figures
Figure 1: Router ............................................................................................................................................12
Figure 2:Switch .............................................................................................................................................13
Figure 3: Router configure............................................................................................................................17
Figure 4: Static routing..................................................................................................................................18
Figure 5:Default routing configuration .........................................................................................................19
Figure 6: Configuration of RIP .....................................................................................................................21
Figure 7:Configuration of EIGRP.................................................................................................................23
Figure 8:Configuration of OSPF...................................................................................................................25
Figure 9: Scenario of spanning tree protocol ................................................................................................26
Figure 10:Traffic share between different VLANs.......................................................................................27
Figure 11: InterVLAN routing......................................................................................................................28
Figure 12: Port Security ................................................................................................................................28
Figure 13: DHCP configuration....................................................................................................................28
Figure 14:Scenario of NAT...........................................................................................................................28
9. 9
List of Tables
Table 1: Seven layer of OSI model ...............................................................................................................11
Table 2: Range of Classes.............................................................................................................................14
Table 3: Comparison between OSI and TCP/IP ...........................................................................................14
Table 4: Versions of RIP...............................................................................................................................20
Table 5: Inverse mask table...........................................................................................................................24
Table 6: Description of VLAN Nos. .............................................................................................................27
10. 10
1. Introduction
Networking is simply defined as something that connects things together for a specific task or purposes. The
term NETWORK is to use in a variety of contexts, telephone, television, computers or even people
networks.
1.1 CISCO
CCNA is an IT certification from Cisco. The Cisco exams have changed several times. In 2013, Cisco
announced an update to its certification program that “aligns certification and training curricula with
evolving industry job roles. There are now several different types of Cisco-Certified Network Associate,
with “CCNA Routing and Switching” being closest to the original CCNA focus; other types of CCNA
focus on security, collaboration, datacenters, service providers, video, voice, and wireless.
A computer network connects two or more devices together to share a nearly limitless range of information
and services, including:
• Documents
• Email and messages
• Websites
• Printers and faxes
• Telephony and video conferencing
1.2 OSI Model
The Open Systems Interconnection model (OSI model) is conceptual model that characterizes and
standardizes the communication functions of a telecommunication or computing system without regard to
their underlying internal structure and technology. Its goal is the interoperability of diverse communication
systems with standard protocols. The model partitions a communication system into abstraction layers. The
original version of the model defined seven layers.
A layer serves the layer above it and is served by the layer below it. For example, a layer that provides
error-free communications across a network provides the path needed by applications above it, while it
calls the next lower layer to send and receive packets that comprise the contents of that path. Two instances
11. 11
at the same layer are visualized as connected by a horizontal connection in that layer.
The model is a product of the Open Systems Interconnection project at the International Organization for
Standardization (ISO).
Table 1: Seven layer of OSI model
1.3 Ethernet
Ethernet is a family of computer networking technologies commonly used in local area networks (LANs)
and metropolitan area networks (MANs). It was commercially introduced in 1980 and first standardized in
1983 as IEEE 802.3, and has since been refined to support higher bit rates and longer link distances. Over
time, Ethernet has largely replaced competing wired LAN technologies such as token ring, FDDI and
ARCNET.
The original 10BASE5 Ethernet uses coaxial cable as a shared medium, while the newerEthernet variants
use twisted pair and fiber optical links in conjunction with hubs or switches. Over the course of its
history, Ethernet data transfer rates have been increased from the original
2.94 megabits per second (Mbit/s) to the latest 100 gigabits per second (Gbit/s), with 400 Gbit/s expected
by late 2017. The Ethernet standards comprise several wiring and signaling variants of the OSI physical layer
in use with Ethernet.
APPLICATION LAYER
PRESENTATION LAYER
SESSION LAYER
TRANSPORT LAYER
NETWORK LAYER
DATA LINK LAYER
PHYSICAL LAYER
12. 12
1.4 HUB
A hub is the central part of a wheel that connects the axle to the wheel itself. Many expressions use the
term for a literal or figurative central structure connecting to a periphery. Hub is a component of a network,
a high- degree node. It refers to a node that has significantly bigger number of links in comparison with
other nodes in the network.
1.5 Router
A router is a networking device that forwards data packets between computer networks. Routers perform
the “traffic directing” functions on the Internet. A data packet is typically forwarded from one router to
another through the networks that constitute the internetwork until it reaches its destination node.
Figure 1: Router
A router is connected to two or more data lines from different networks (as opposed to a network switch,
which connects data lines from one single network). When a data packet comes in on one of the lines, the
router reads the address information in the packet to determine its ultimate destination. Then, using
information in its routing table or routing policy, it directs the packet to the next network on its journey.
This creates an overlay internetwork.
1.6 Switch
LAN switching is a form of packet switching used in Local Area Network (LAN). Switching technologies
are crucial to network design, as they allow traffic to be sent only where it is needed in most cases, using
fast, hardware –based methods. LAN switching uses different kinds of network switches. A standard
switch is known as a layer 2 switch and is commonly found in nearly any LAN. Layer 3 or layer 4 switches
require advanced technology (see managed switch) and are more expensive, and thus are usually only
found in larger LANs or in special network environments.
13. 13
1.7 Server
In computing, a server is a computer program or a device that provides functionality for other programs
or devices, called “clients”. This architecture is called the client–server model, and a single overall
computation is distributed across multiple processes or devices. Servers can provide various functionalities,
often called “services”, such as sharing data or resources among multiple clients, or performing
computation for a client. A single server can serve multiple clients, and a single client can use multiple
servers. A client process may run on the same device or may connect over a network to a server on a
different device. Typical servers are database servers, file server, mail servers, print servers, web servers,
game servers, and application servers.
1.8 IPv4
Internet Protocol version 4 (Ipv4) is the fourth version of the Internet Protocol (IP). It is one of the core
protocols of standards-based internetworking methods in the Internet, and was the first version deployed
for production in the ARPANET in 1983. It still routes most Internet traffic today, despite the ongoing
deployment of a successor protocol, Ipv6.
IP address was divided into two parts: the network identifier was the most significant (highest order) octet
of the address, and the host identifier was the rest of the address. The latter was therefore also called the
rest field. This enabled the creation of a maximum of 256 networks. This was quickly found to be
inadequate. To overcome this limit, the high order octet of the addresses was redefined to create a set of
classes of networks, in a system which later became known as classful networking. The system defined
five classes, Class A, B, C, D, and E. The Classes A, B, and C had different bit lengths for the new network
identification. The rest of an address was used as previously to identify a host within a network, which
meant that each network class had a different capacity to address hosts. Class D was allocated for multicast
addressingand Class E was reserved for future applications.
Figure 2:Switch
14. 14
Table 2: Range of Classes
CLASS A 1-126
CLASS B 127-191
CLASS C 192-223
CLASS D 224-239
CLASS E 240-255
2 Theory of networks
The network theory is completely based on the OSI model. There is also another model known as TCP/IP
model.
Table 3: Comparison between OSI and TCP/IP
OSI
(Open System Interconnection)
TCP/IP
(Transmission Control Protocol / Internet
Protocol)
OSI provides layer functioning and also
defines functions of all the layers.
TCP/IP model is more based on protocols and
protocols are not flexible with other layers.
In OSI model the transport layer guarantees
the delivery of packets
In TCP/IP model the transport layer does not
guarantees delivery of packets.
OSI model has a separate presentation layer TCP/IP does not have a separate presentation layer
OSI is a general model. TCP/IP model can’t be used in any other
application.
Network layer of OSI model provide both
connection oriented and connectionless
service.
The Network layer in TCP/IP model provides
connectionless service.
OSI model has a problem of fitting the
protocols in the model
TCP/IP model does not fit any protocol
Protocols are hidden in OSI model and are
easily replaced as the technology changes.
In TCP/IP replacing protocol is not easy.
OSI model defines services, interfaces and
protocols very clearly and makes clear
distinction between them.
In TCP/IP it is not clearly separated its services,
interfaces and protocols.
It has 7 layers It has 4 layers
15. 15
Networking is possible only with the help of network devices available, network devices consists of layer 3
devices and layer 2 devices (routers and switches). For communicating in Local Area Network, i.e. among
your own premises you need layer 2 devices such as switch which can communicate among 24 or 48
synchronous or asynchronous devices depending upon the characteristic of device. The layer 2 devices work
on the 2nd
layer i.e. Data link layer of the OSI Model. It understands only MAC address (media access
control).
For communication between different areas having different LAN`s, layer 3 devices such as routers are
needed. The layer 2 devices work on the 3rd
layer i.e. Network layer of the OSI Model. The layer devices
understand only internet protocol (internet protocol is a 32 bit unique address represented in 4 octets by a
dotted decimal format). The routers perform the function of transferring the data packet to the next
designated routers according to the requirements. The routers performs the process of transferring the data
packet with the help of routing protocols. A routing protocol specifies how routers communicate with each
other, disseminating information that enables them to select routes between any two nodes on
a computer network. Routing algorithms determine the specific choice of route. Each router has a priori
knowledge only of networks attached to it directly. A routing protocol shares this information first among
immediate neighbors, and then throughout the network. This way, routers gain knowledge of the topology
of the network.
3 Routing Protocols
A routing protocol specifies how routers communicate with each other, disseminating information that
enables them to select routes between any two nodes on a computer network. Routing
algorithms determine the specific choice of route. Each router has a priori knowledge only of networks
attached to it directly. A routing protocol shares this information first among immediate neighbors, and
then throughout the network. This way, routers gain knowledge of the topology of the network.
3.1 Types of Routing protocol
➢ Static routing
➢ Default routing
➢ Dynamic routing
16. 16
• IGP
• EGP
3.1.1 IGP (Interior Gateway Protocol)
Interior gateway protocols (IGPs) exchange routing information within a single routing domain. Examples
of IGPs include:
• Open Shortest Path First (OSPF)
• Routing Information Protocol (RIP)
• Intermediate System to Intermediate System (IS-IS)
• Enhanced Interior Gateway Routing Protocol (EIGRP)
3.1.2 EGP (Exterior Gateway Protocol)
Exterior gateway protocols exchange routing information between autonomous systems. Examples
include:
• Border Gateway Protocol (BGP)
3.2 Basic routing configuration
Router>enable // user mode
Router#configure terminal // privilege mode
Router(config)#hostname R1 // to change the name of Router (hostname - keyword)
R1(config)#interface f0/0 // global mode or Configuration mode
R1(config-if)#ip address 192.168.1.1 255.255.255.0 // global interface mode
17. 17
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#exit
To Set PASSWORD in CONSOLE PORT / AUX PORT
R1(config)#line con 0
R1(config-line)#password abcd
R1(config-line)#login
R1(config-line)#exit
3.3 Static routing
Command syntax to add a static route to a routing table:
Syntax for Static Routing
R1(config)#int f0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#int s2/0
R1(config-if)#ip address 10.0.0.1 255.0.0.0
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config)#ip route 172.16.0.0 255.255.0.0 s2/0
R1(config)#exit
R2(config)#int f0/0
R2(config-if)#ip address 172.16.0.1 255.255.0.0
R2(config-if)#no shutdown
R2(config-if)#exit
Figure 3: Router configure
19. 19
R3(config-if)#ip address 192.168.3.1 255.255.255.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#int s2/0
R3(config-if)#ip address 11.0.0.2 255.0.0.0
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#ip route 0.0.0.0 0.0.0.0 s2/0
R3(config)#exit
3.5 Routing Information Protocol
The Routing Information Protocol (RIP) is one of the oldest distance-vector routing protocols which
employ the hop count as a routing metric. RIP prevents routing loops by implementing a limit on the
number of hops allowed in a path from source to destination. The maximum number of hops allowed for
RIP is 15, which limits the size of networks that RIP can support. A hop count of 16 is considered an
infinite distance and the route is consider unreachable. RIP implements the split horizon, route poisoning
and hold down mechanisms to prevent incorrect routing information from being propagated.
Originally, each RIP router transmitted full updates every 30 seconds. In the early deployments, routing
tables were small enough that the traffic was not significant. As networks grew in size, however, it became
Figure 5:Default routing configuration
20. 20
evident there could be a massive traffic burst every 30 seconds, even if the routers had been initialized at
random times.In most networking environments, RIP is not the preferred choice for routing as its time
to converge and scalability are poor compared to EIGRP, OSPF, or IS-IS. However, it is easy to
configure, because RIP does not require any parameters unlike other protocols.
RIP uses the User Datagram Protocol (UDP) as its transport protocol, and is assigned the reserved port
number 520.
3.5.1 Versions of RIP
Table 4: Versions of RIP
RIP version 1 (RIPv1) RIP version 2 (RIPv2)
RIPv1 is a Distance-Vector Routing protocol RIPv2 is a Hybrid Routing Protocol.
RIPv1 is a Classfull routing protocol.
Classfull routing protocols support only the
networks which are not subnetted. Classful
routing protocols do not send subnet mask
information with their routing updates.
RIPv2 is classless routing, which allows us to use
subnetted networks also. RIPv2 has the option for
sending network mask in the update to allow classless
routing.
RIPv1 does not support VLSM (Variable
Length Subnet Masking).
RIPv2 support maximum metric (hop count) value of
15. Any router farther than 15 hops away is
considered as unreachable.
RIPv1 support maximum metric (hop count)
value of 15. Any router farther than 15
hops away is considered as unreachable.
RIPv2 support maximum metric (hop count) value of
15. Any router farther than 15 hops away is
considered as unreachable.
RIPv1 send routing updates periodically
every 30 seconds as broadcasts using
destination IP address as limited broadcast
IP adddress 255.255.255.255.
RIPv2 supports triggered updates. RIPv2 routing updates
are sent as Multicast traffic at destination multicast
address of 224.0.0.9. Multicast updates reduce the
network traffic. The Multicast routing updates also helps
in reducing routing update message processing overhead
in routers which are not running RIPv2.
22. 22
R3(config-router)#no auto-summary
R3(config-router)#exit
3.6 Enhanced Interior Gateway Routing protocol
The Enhanced Interior Gateway Routing Protocol replaced Interior Gateway Routing Protocol
(IGRP) in 1993.One of the major reasons for this was because the design of the Internet Protocol had been
changed to support classless IPv4 addresses, which IGRP could not support.
Almost all routers contain a routing table that contains rules by which traffic is forwarded in a network. If
the router does not contain a valid path to the destination, the traffic is discarded. EIGRP is a dynamic
routing protocol by which routers automatically share route information. This eases the workload on a
network administrator who does not have to configure changes to the routing table manually.
IGRP is a distance vector routing protocol that uses the diffusing update algorithm (DUAL) to improve
the efficiency of the protocol and to help prevent calculation errors when attempting to determine the best
path to a remote network.
• Multicast address : 224.0.0.10
• Algorithm : Diffusing Update Algorithm (DUAL)
• AD Value = 90 {for internal routes} ; 170 {for external routes}
• Independent protocol, Protocol No. – 88
• Classful routing protocol (by default), can be used as classless also
• Hello Time = 5 seconds
• Holddown time = 15seconds
24. 24
3.7 Open Shortest Path First (OSPF)
Open Shortest Path First (OSPF) is perhaps the most widely used interior gateway protocol (IGP) in large
enterprise networks. Intermediate System to Intermediate System (IS-IS), another link-state dynamic
routing protocol, is more common in large service provider networks. The most widely used exterior
gateway protocol is the Border Gateway Protocol (BGP), the principal routing protocol between
autonomous systems on the Internet. OSPF is an interior gateway protocol (IGP) for routing Internet
Protocol (IP) packets solely within a single routing domain, such as an autonomous system. It gathers link
state information from available routers and constructs a topology map of the network. The topology is
presented as a routing table to the Internet Layer which routes datagrams based solely on the destination
IP address found in IP packets. OSPF supports Internet Protocol Version 4 (IPv4) and Internet Protocol
Version 6 (IPv6) networks and features variable-length subnet masking (VLSM) and Classless Inter-
Domain Routing (CIDR) addressing models.
• Works on link state routing protocol
• Unlimited hop counts
• Hop counts divided into areas
• Area 0 is created first and is known as backbone area or management area
• All the areas must be connected with area 0
• AD Value = 110
• Multicast Address: 224.0.0.5 (for updates / to send a hello message)
: 224.0.0.6 (for DR/BDR)
• Metric = cost (Bandwidth)
• Algorithm = SPF (Shortest Path First)
• Hello Time = 10 seconds
• Hold down time = 40 seconds
Table 5: Inverse mask table
Wild Card Mask or Inverse Mask Table
Class A 0.255.255.255
Class B 0.0.255.255
Class C 0.0.0.255
25. 25
R1(config)#router ospf 10
R1(config-router)#network 192.168.1.0 0.0.0.255 area 0
R1(config-router)#network 10.0.0.0
R1(config-router)#exit
R2(config)#router ospf 10
0.255.255.255 area 0
R2(config-router)#network 10.0.0.0 0.255.255.255 area 0
R2(config-router)#network 11.0.0.0
R2(config-router)#exit
0.255.255.255 area 1
R3(config)#router ospf 10
R3(config-router)#network 11.0.0.0
0.255.255.255 area 1
R3(config-router)#network 12.0.0.0
R3(config-router)#exit
0.255.255.255 area 1
4 Switching
A network switch (officially MAC Bridge) is a computer networking device that connects devices together
on a computer network, by using packet switching to receive, process and forward data to the destination
device.
Unlike bridges that use software to create and manage a filter table, switches use application specific
integrated circuits (ASICs) to build and maintain their filter tables. But it’s still okay to think of a layer 2
switch as a multiport bridge because their basic reason being is the same: to break up collision domains.
Figure 8:Configuration of OSPF
26. 26
4.1 Spanning Tree Protocol
STP’s main task is to stop network loops from occurring on layer 2 network (bridges or switches). It
vigilantly monitors the network to find all links, making sure that no loops occur by shutting down any
redundant links. STP uses the spanning-tree algorithm (STA) to first create a topology database, then
search out and destroy redundant links. With STP running, frames will be forwarded only on the premium,
STP-picked links.
By default every switch has 32768 priority. Least priority is always preferred.
4.1.1 STP election process
• Finding root bridge
• Finding root port
• Finding designated port
• Blocking
4.1.2 Types of spanning tree protocol
• Common spanning tree
• Per VLAN spanning tree
• Rapid spanning tree protocol
• Multiple spanning tree
Figure 9: Scenario of spanning tree protocol
27. 27
4.2 Virtual Local Area Network (VLAN)
A VLAN is a logical grouping of network users and resources connected to administratively defined ports
on a switch. When we create VLANs, you are given the ability to create smaller broadcast domains within
a layer 2 switched internetwork by assigning different ports on the switch to different subnetworks. A
VLAN is treated like its own subnet or broadcast domain, which means that frames broadcast onto the
network are only switched between the ports logically grouped within the same VLAN.
TRUNK: Trunk is used to carry the traffic of multiple VLANS. It is used when we are transferring from
one switch to another switch or one network to another network.
Access: It is used to transfer single VLANs traffic.
Total No. of VLAN = 4096 Range: 0 – 4095
Table 6: Description of VLAN Nos.
VLAN No. Description
0, 4095 Reserved for systems
1 Default / Management / Native / Untagged VLAN
2 - 1001 Normal VLAN
1001 - 1005 Reserved for different technologies
1006 - 4094 Extended VLAN
Scenario: Traffic of SALE Department shouldn’t be shared with IT Department. Put SALE Department in
VLAN 10 and IT Department in VLAN 20.
Figure 10:Traffic share between different VLANs
28. 28
For Switch 1
Switch>enable
Switch#configure terminal
Switch(config)#hostname Switch1
Switch1(config)#VLAN 10
Switch1(config-vlan)#name sale
Switch1(config-vlan)#VLAN 20
Switch1(config-vlan)#name IT
Switch1(config-vlan)#exit
Switch1(config)#interface range f0/1-02
Switch1(config-if-range)#switchport mode access
Switch1(config-if-range)#switchport access VLAN 10
Switch1(config-if-range)#exit
Switch1(config)#interface range f0/3-04
Switch1(config-if-range)#switchport mode access
Switch1(config-if-range)#switchport access VLAN 20
Switch1(config-if-range)#exit
For Switch 2
Switch>enable
Switch#configure terminal
Switch(config)#hostname Switch2
Switch2(config)#VLAN 10
Switch2(config-vlan)#name sale
Switch2(config-vlan)#VLAN 20
Switch2(config-vlan)#name IT
Switch2(config-vlan)#exit
Switch2(config)#interface range f0/2-03
Switch2(config-if-range)#switchport mode access
Switch2(config-if-range)#switchport access VLAN 10
Switch2(config-if-range)#exit
Switch2(config)#interface range f0/4-05
Switch2(config-if-range)#switchport mode access
Switch2(config-if-range)#switchport access VLAN 20
29. 29
Switch2(config-if-range)#exit
Command to make an interface trunk as follows:
Switch1(config)#interface f0/5
Switch1(config-if)#switchport mode trunk
4.3 Inter VLAN routing
Switch>enable
Switch#configure terminal
Switch(config)#hostname Switch1
Switch1(config)#VLAN 10
Switch1(config-vlan)#VLAN 20
Switch1(config-vlan)#exit
Router(config)#interface f0/0
Router(config-if)#no shutdown
Router(config-if)#exit
Router(config)#int f0/0.10
Router(config-subif)#encapsulation dot1Q 10
Router(config-subif)#ip address 192.168.1.1 255.255.255.0
Figure 11: InterVLAN routing
30. 30
Router(config)#int f0/0.20
Router(config-subif)#encapsulation dot1Q 20
Router(config-subif)#ip address 10.0.0.1 255.0.0.0
Router(config-subif)#exit
4.4 Port Security
Port security is implemented on layer 2 switch. This is also known as MAC binding.
Switch>enable
Switch#configure terminal
Switch(config)#interface f0/1 //port where security to be enabled
Switch(config-if)#switchport mode access
Switch(config-if)#switchport access vlan 1
Switch(config-if)#switchport port-security
Switch(config-if)#switchport port-security maximum 1
Switch(config-if)#switchport port-security violation shutdown
Switch(config-if)#switchport port-security mac-address FFFF.FFFF.FFFF
Switch# show port-security: command to check the status of port security
Switch# show mac-address-table: command to check the mac address connected to the ports
4.5 Dynamic Host Configuration Protocol (DHCP)
• DHCP is a standardized network protocol used on Internet Protocol (IP) networks for dynamically
distributing network configuration parameters.
• Computers request IP addresses and networking parameters automatically from a DHCP server
Figure 12: Port Security
31. 31
• Port No. 67 for request
• Port No. 68 for reply
DHCP works on the concept of D O R A.
• DISCOVER
• OFFER
• REQUEST
• ACKNWOLEDGEMENT
Commands for providing IP addresses using DHCP
Router(config)# ip dhcp pool abcd
Router(dhcp-config)#network 192.168.1.0 255.255.255.0
Router(dhcp-config)#default-router 192.168.1.1
Router(config)# ip dhcp excluded-address 192.168.1.4 192.168.1.11
(To exclude theIP addresses frompool andto provide it manually
Figure 13: DHCP configuration
32. 32
4.6 Network Address Translation (NAT)
In NAT terminology, the inside network is the set of networks that are subject to translation.
The outside network refers to all other addresses – usually those located on the internet.
4.6.1 Types of NAT
• Static NAT: Designed to allow one-to-one mapping between local and global
addresses. This type requires to have one real internet IP address for every host on
network.
• Dynamic Nat: Designed to map an unregistered IP address to a registered IP address
from out of a pool of registered IP addresses. It’s allow many-to-many mapping. We
need enough real IP addresses for everyone who wants to send packets to and from the
internet.
• Port Address Translation (PAT): This is the most popular type of NAT configuration.
It is a form of dynamic NAT that maps multiple unregistered IP addresses to a single
registered IP address (many-to-one) by using different ports. It is also known as
overloading. By using PAT (NAT Overload), we can have thousands of users
connectto the internet using only one real global IP address. NAT Overload is the
only reason we have not run out of valid IP address on the internet.
Figure 14:Scenario of NAT
33. 33
Commands for NAT:
Static Type
R1(config)#ip nat inside source static 192.168.1.2 121.1.1.3
R1(config)#interface f0/0
R1(config-if)#ip nat inside
R1(config-if)#interface s2/0
R1(config-if)#ip nat outside
R1(config-if)#exit
Dynamic Type
R1(config)#access-list 1 permit host 192.168.1.2
R1(config)#access-list 1 permit host 192.168.1.3
R1(config)#ip nat inside source list 1 pool abcd
R1(config)#ip nat pool abcd 121.1.1.3 121.1.1.10
netmask 255.0.0.0
Port Address Translation (PAT)
R1(config)#access-list 1 permit 192.168.1.0 0.0.0.255
R1(config)#ip nat inside source list pool abcd overload
R1(config)#ip nat pool abcd 121.1.1.3 121.1.1.3 netmask 255.0.0.0
