Advanced Networking

Lecture-1 Link Layer Concepts

1. Link Layer Services

● Framing: All link-layer protocols encapsulate each network-layer datagram within
a link-layer frame before transmission over the link. A frame consists of a data
field, in which the network-layer datagram is inserted, and a number of header
fields. The structure of the frame is specified by the link-layer protocol.
● Link access: A medium access control (MAC) protocol specifies the rules by
which a frame is transmitted onto the link.
● Reliable delivery: When a link-layer protocol provides reliable delivery service, it
guarantees to move each network-layer datagram across the link without error.
● Error detection and correction: Many link-layer protocols provide a mechanism
to detect bit errors. This is done by having the transmitting node include error-
detection bits in the frame, and having the receiving node perform an error
check.

2. Link Layer Implementation

On the sending side, the controller takes a datagram that has been created and
stored in host memory by the higher layers of the protocol stack, encapsulates the
datagram in a link-layer frame (filling in the frame’s various fields), and then transmits
the frame into the communication link, following the link-access protocol.
On the receiving side, the controller receives the entire frame, and extracts the
network layer datagram. If the link layer performs error detection, then it is the sending
controller that sets the error-detection bits in the frame header, and it is the receiving
controller that performs error detection.

3. Multiple Access Links

● There are two types of network links: point-to-point links and broadcast links.
● A point-to-point link consists of a single sender at one end of the link and a
single receiver at the other end of the link. Many link-layer protocols have been
designed for point-to-point links; the point-to-point protocol (PPP) and high-level
data link control (HDLC) are two such protocols.
● A broadcast link can have multiple sending and receiving nodes all connected
to the same, single, shared broadcast channel. The term broadcast is used here
 because when any one node transmits a frame, the channel broadcasts the
frame and each of the other nodes receives a copy.
Ethernet and wireless LANs are examples of broadcast link-layer technologies.

4. Functions of Layer 2 switch

● Filtering is the switch function that determines whether a frame should be
forwarded to some interface or should just be dropped.
● Forwarding is the switch function that determines the interfaces to which a
frame should be directed, and then moves the frame to those interfaces.

5. Switch Forwarding Methods

Switches use software on application-specific-integrated circuits (ASICs) to make
very quick decisions.A switch will use one of two methods to make forwarding decisions
after it receives a frame:
● Store-and-forward switching: Receives the entire frame and ensures the frame
is valid. Store-and-forward switching is Cisco’s preferred switching method.
● Cut-through switching: Forwards the frame immediately after determining the
destination MAC address of an incoming frame and the egress port.

6. Alleviated Network Congestion

7. Switches vs Routers
Both are store-and-forward:
● routers: network-layer devices (examine networklayer headers)
● switches: link-layer devices (examine link-layer headers)
Both have forwarding tables:
● routers: compute tables using routing algorithms, IP addresses
● switches: learn forwarding table using flooding, learning, MAC addresses

Lecture-2 Virtual Local Area Networks (VLANs)

1. Characteristics of VLAN
● VLANs are logical connections with other similar devices.
● Placing devices into various VLANs have the following characteristics:
○ Provides segmentation of the various groups of devices on the same
switches
○ Provide organization that is more manageable
○ Broadcasts, multicasts and unicasts are isolated in the individual VLAN
○ Each VLAN will have its own unique range of IP addressing
○ Smaller broadcast domain

2. Benefits of VLAN Design

3. Types of VLANs
● Data VLAN: Data VLANs are VLANs configured to separate user-generated
traffic. They are referred to as user VLANs because they separate the network
into groups of users or devices. A modern network would have many data VLANs
depending on organizational requirements. Note that voice and network
management traffic should not be permitted on data VLANs.
● Native VLAN: User traffic from a VLAN must be tagged with its VLAN ID when it
is sent to another switch. Trunk ports are used between switches to support the
transmission of tagged traffic. Specifically, an 802.1Q trunk port inserts a 4-byte
tag in the Ethernet frame header to identify the VLAN to which the frame
belongs. A switch may also have to send untagged traffic across a trunk link.
Untagged traffic is generated by a switch and may also come from legacy
devices. The 802.1Q trunk port places untagged traffic on the native VLAN. The
native VLAN on a Cisco switch is VLAN 1 (i.e., default VLAN). It is a best practice
to configure the native VLAN as an unused VLAN, distinct from VLAN 1 and
other VLANs. In fact, it is not unusual to dedicate a fixed VLAN to serve the role
of the native VLAN for all trunk ports in the switched domain.
 ● Management VLAN: A management VLAN is a data VLAN configured
specifically for network management traffic including SSH, Telnet, HTTPS,
HTTP, and SNMP. By default, VLAN 1 is configured as the management VLAN
on a Layer 2 switch.
● Voice VLAN: A separate VLAN is needed to support Voice over IP (VoIP). VoIP
traffic requires the following:
○ Assured bandwidth to ensure voice quality
○ Transmission priority over other types of network traffic
○ Ability to be routed around congested areas on the network
○ Delay of less than 150 ms across the network.
To meet these requirements, the entire network has to be designed to
support VoIP.

4. Dynamic Trunking Protocol (DTP) can speed up the configuration process for a
network administrator. Ethernet trunk interfaces support different trunking modes. An
interface can be set to trunking or nontrunking, or to negotiate trunking with the neighbor
interface. Trunk negotiation is managed by DTP, which operates on a point-to-point
basis only, between network devices.

5. Negotiated Interface Modes

6. Results of a DTP Configuration

Lecture-3 Inter-VLAN Routing

1. What is Inter-VLAN routing?

 VLANs are used to segment switched Layer 2 networks for a variety of reasons.
Regardless of the reason, hosts in one VLAN cannot communicate with hosts in another
VLAN unless there is a router or a Layer 3 switch to provide routing services. Inter-VLAN
routing is the process of forwarding network traffic from one VLAN to another VLAN.
There are three inter-VLAN routing options:
● Legacy Inter-VLAN routing - This is a legacy solution. It does not scale well.
● Router-on-a-Stick - This is an acceptable solution for a small to medium-sized
network.
● Layer 3 switch using switched virtual interfaces (SVIs) - This is the most scalable
solution for medium to large organizations.

2. Advantages of Layer 3 Switch

The following are advantages of using Layer 3 switches for inter-VLAN routing:
● They are much faster than router-on-a-stick because everything is hardware
switched and routed.
● There is no need for external links from the switch to the router for routing.
● They are not limited to one link because Layer 2 EtherChannels can be used as
trunk links between the switches to increase bandwidth.
● Latency is much lower because data does not need to leave the switch in order
to be routed to a different network.
● They are more commonly deployed in a campus LAN than routers.
● The only disadvantage is that Layer 3 switches are more expensive.

Lecture-4 Redundant Networks

1. Issues with Redundant Switch Links

● Path redundancy provides multiple network services by eliminating the possibility
of a single point of failure. When multiple paths exist between two devices on an
Ethernet network, and there is no spanning tree implementation on the switches,
a Layer 2 loop occurs. A Layer 2 loop can result in MAC address table instability,
link saturation, and high CPU utilization on switches and end-devices, resulting in
the network becoming unusable.
● Layer 2 Ethernet does not include a mechanism to recognize and eliminate
endlessly looping frames. Both IPv4 and IPv6 include a mechanism that limits the
number of times a Layer 3 networking device can retransmit a packet. A router
will decrement the TTL (Time to Live) in every IPv4 packet, and the Hop Limit
field in every IPv6 packet. When these fields are decremented to 0, a router will
drop the packet. Ethernet and Ethernet switches have no comparable
mechanism for limiting the number of times a switch retransmits a Layer 2 frame.
STP was developed specifically as a loop prevention mechanism for Layer 2
Ethernet.

2. How does the STA create a loop-free topology?

 ● Selecting a Root Bridge: This bridge (switch) is the reference point for the
entire network to build a spanning tree around.
● Block Redundant Paths: STP ensures that there is only one logical path
between all destinations on the network by intentionally blocking redundant paths
that could cause a loop. When a port is blocked, user data is prevented from
entering or leaving that port.
● Create a Loop-Free Topology: A blocked port has the effect of making that link
a non-forwarding link between the two switches. This creates a topology where
each switch has only a single path to the root bridge, similar to branches on a
tree that connect to the root of the tree.
● Recalculate in case of Link Failure: The physical paths still exist to provide
redundancy, but these paths are disabled to prevent the loops from occurring. If
the path is ever needed to compensate for a network cable or switch failure, STP
recalculates the paths and unblocks the necessary ports to allow the redundant
path to become active. STP recalculations can also occur any time a new switch
or new inter-switch link is added to the network.

3. Broadcast Storm
A broadcast storm is an abnormally high number of broadcasts overwhelming the
network during a specific amount of time. Broadcast storms can disable a network within
seconds by overwhelming switches and end devices. Broadcast storms can be caused
by a hardware problem such as a faulty NIC or from a Layer 2 loop in the network.

4. PortFast and BPDU Guard

● When a device is connected to a switch port or when a switch powers up, the
switch port goes through both the listening and learning states, each time waiting
for the Forward Delay timer to expire. This delay is 15 seconds for each state for
a total of 30 seconds. This can present a problem for DHCP clients trying to
discover a DHCP server because the DHCP process may timeout. The result is
that an IPv4 client will not receive a valid IPv4 address.
● When a switch port is configured with PortFast, that port transitions from blocking
to forwarding state immediately, avoiding the 30 second delay. You can use
PortFast on access ports to allow devices connected to these ports to access the
network immediately. PortFast should only be used on access ports. If you
enable PortFast on a port connecting to another switch, you risk creating a
spanning tree loop.
● A PortFast-enabled switch port should never receive BPDUs because that would
indicate that switch is connected to the port, potentially causing a spanning tree
loop. Cisco switches support a feature called BPDU guard. When enabled, it
immediately puts the switch port in an errdisabled (error-disabled) state upon
receipt of any BPDU. This protects against potential loops by effectively shutting
down the port. The administrator must manually put the interface back into
service.
5. RSTP Port Status and Port Roles
 ● There are only three port states in RSTP that correspond to the three possible
operational states in STP. The 802.1D disabled, blocking, and listening states
are merged into a unique 802.1w discarding state.
● Root ports and designated ports are the same for both STP and RSTP. However,
there are two RSTP port roles that correspond to the blocking state of STP. In
STP, a blocked port is defined as not being the designated or root port. RSTP
has two port roles for this purpose.

6. Link Aggregation
● There are scenarios in which more bandwidth or redundancy between devices is
needed than what can be provided by a single link. Multiple links could be
connected between devices to increase bandwidth. However, Spanning Tree
Protocol (STP), which is enabled on Layer 2 devices like Cisco switches by
default, will block redundant links to prevent switching loops.
● When the bandwidth of the interfaces connected to end hosts is greater than the
bandwidth of the connection to the distribution switch(es), this is called over
subscription. Some oversubscription is acceptable, but too much will cause
congestion.
● A link aggregation technology is needed that allows redundant links between
devices that will not be blocked by STP. That technology is known as
EtherChannel.

7. EtherChannel
● EtherChannel is a link aggregation technology that groups multiple physical
Ethernet links together into one single logical link. It is used to provide fault-
tolerance, load sharing, increased bandwidth, and redundancy between
switches, routers, and servers.
● EtherChannel technology makes it possible to combine the number of physical
links between the switches to increase the overall speed of switch-to-switch
communication.

8. When an EtherChannel is configured, the resulting virtual interface is called a port

channel.The physical interfaces are bundled together into a port channel interface.

9. EtherChannel Implementation Restrictions

● Interface types cannot be mixed
● Currently each EtherChannel can consist of up to eight compatibly - configured
Ethernet ports.
● The individual EtherChannel group member port configuration must be consistent
on both devices.
● Each EtherChannel has a logical port channel interface.

10. What are two etherchannel protocols?

 EtherChannels can be formed through negotiation using one of two protocols,
Port Aggregation Protocol (PAgP) or Link Aggregation Control Protocol (LACP).

11. Configuration Guidelines

● EtherChannel support - All Ethernet interfaces must support EtherChannel with
no requirement that interfaces be physically contiguous.
● Speed and duplex - Configure all interfaces in an EtherChannel to operate at
the same speed and in the same duplex mode.
● VLAN match - All interfaces in the EtherChannel bundle must be assigned to the
same VLAN or be configured as a trunk (shown in the figure).
● Range of VLANs - An EtherChannel supports the same allowed range of VLANs
on all the interfaces in a trunking EtherChannel. If the allowed range of VLANs is
not the same, the interfaces do not form an EtherChannel, even when they are
set to auto or desirable mode.

Lecture-5 DHCP Concepts and Operation

1. DHCP Operation
Four step processes for a client to obtain a lease
● DHCP Discover (DHCPDISCOVER) - client uses Layer 2 and Layer 3 broadcast
addresses to find a DHCP server.
● DHCP Offer (DHCPOFFER) - DHCPv4 server sends the binding DHCPOFFER
message to the requesting client as a unicast.
● DHCP Request (DHCPREQUEST) – the client sends back a broadcast
DHCPREQUEST in response to the servers offer.
● DHCP Acknowledgment (DHCPACK) – the server replies with a unicast
DHCPACK message.

2. Steps to Renew a Lease

 Prior to lease expiration, the client begins a two-step process to renew the lease with the
DHCPv4 server.
● DHCP Request (DHCPREQUEST) Before the lease expires, the client sends a
DHCPREQUEST message directly to the DHCPv4 server that originally offered
the IPv4 address. If a DHCPACK is not received within a specified amount of
time, the client broadcasts another DHCPREQUEST so that one of the other
DHCPv4 servers can extend the lease.
● DHCPAcknowledgment (DHCPACK) On receiving the DHCPREQUEST
message, the server verifies the lease information by returning a DHCPACK.

3. What is a DHCP Relay agent?

A DHCP Relay Agent allows devices in different segments to obtain IP
addresses from a centralized DHCP server, even when the server is not directly on their
local network segment.

Lecture-6 SLAAC and DHCPv6 Operation

1. IPV6 GUA Assignment

By default, an IPv6-enabled router periodically send ICMPv6 RAs which
simplifies how a host can dynamically create or acquire its IPv6 configuration. A host can
dynamically be assigned a GUA using stateless and stateful services.

2.
 3. How a client obtains an IPv6 GUA depends on settings in the RA message?
An ICMPv6 RA message includes the following three flags:
● A flag - The Address Autoconfiguration flag signifies to use Stateless Address
Autoconfiguration (SLAAC) to create an IPv6 GUA
● O flag - The Other Configuration flag signifies that additional information is
available from a stateless DHCPv6 server.
● M flag - The Managed Address Configuration flag signifies to use a stateful
DHCPv6 server to obtain an IPv6 GUA.

4. EUI-64
The host creates an interface ID using its 48-bit MAC address. The host inserts
the hex value of FFFE in the middle of the address, and flips the seventh bit of the
interface ID.

Lecture-7 First Hop Redundancy Protocol (FHRP)

1. FHRP Concepts : Default Gateway Limitations

End devices are typically configured with a single default gateway IPv4 address.
● If the default gateway router interface fails, LAN hosts lose outside LAN
connectivity.
● This occurs even if a redundant router or Layer 3 switch that could serve as a
default gateway exists.
First Hop Redundancy Protocols (FHRPs) are mechanisms that provide alternate
default gateways in switched networks where two or more routers are connected to the
same VLANs.

2. FHRP Concepts : Router Redundancy

One way to prevent a single point of failure at the default gateway is to

implement a virtual router. To implement this type of router redundancy, multiple routers
are configured to work together to present the illusion of a single router to the hosts on
the LAN. By sharing an IPaddress and a MAC address, two or more routers can act as a
single virtual router.
● The IPv4 address of the virtual router is configured as the default gateway for the
workstations on a specific IPv4 segment.

● When frames are sent from host devices to the default gateway, the hosts use
ARP to resolve the MAC address that is associated with the IPv4 address of the
default gateway. The ARP resolution returns the MAC address of the virtual
router. Frames that are sent to the MAC address of the virtual router can then be
physically processed by the currently active router within the virtual router group.

● A protocol is used to identify two or more routers as the devices that are
responsible for processing frames that are sent to the MAC or IPaddress of a
single virtual router. Host devices send traffic to the address of the virtual router.
The physical router that forwards this traffic is transparent to the host devices.

● A redundancy protocol provides the mechanism for determining which router

should take the active role in forwarding traffic. It also determines when the
forwarding role must be taken over by a standby router. The transition from one
forwarding router to another is transparent to the end devices.

● The ability of a network to dynamically recover from the failure of a device acting
as a default gateway is known as first hop redundancy.

3. HSRP Priority and Preemption

The role of the active and standby routers is determined during the HSRP
election process. By default, the router with the numerically highest IPv4 address is
elected as the active router.
 By default, after a router becomes the active router, it will remain the active
router even if another router comes online with a higher HSRP priority. Preemption is the
ability of an HSRP router to trigger the re-election process. Preemption only allows a
router to become the active router if it has a higher priority.

Lecture-8 Routing Concepts

1. IP Routing Table
A routing table contains a list of routes to known networks (prefixes and prefix
lengths). The source of this information is derived from the following:
○ Directly connected networks
○ Static routes
○ Dynamic routing protocols

The source for each route in the routing table is identified by a code. Common
codes include the following:
L- Identifies the address assigned to a router interface.
C-Identifies a directly connected network.
S- Identifies a static route created to reach a specific network.
O-Identifies a dynamically learned network from another router using the OSPF
routing protocol.
*- This route is a candidate for a default route

2. Routing Table Entries

Route source - This identifies how the route was learned.

Destination network (prefix and prefix length) - This identifies the address of the
remote network.

Administrative distance: This identifies the trustworthiness of the route source. Lower
values indicate preferred route source.

Metric - This identifies the value assigned to reach the remote network. Lower values
indicate preferred routes.

Next-hop - This identifies the IP address of the next router to which the packet would be
forwarded.

Route timestamp - This identifies how much time has passed since the route was
learned.

Exit interface - This identifies the egress interface to use for outgoing packets to reach
their final destination
Lecture-9 Static and Dynamic Routing

1. Types of Static Routes

Static routes are commonly implemented on a network. This is true even when
there is a dynamic routing protocol configured. Static routes can be configured for IPv4
and IPv6. Both protocols support the following types of static routes:
● Standard static route
● Default static route
● Floating static route
● Summary static route
Static routes are configured using the ip route and ipv6 route global configuration
commands.

2. Static and Dynamic Routing (Scenario)

Static and dynamic routing are not mutually exclusive. Rather,most networks
use a combination of dynamic routing protocols and static routes.

Static routes are commonly used in the following scenarios:

● As a default route forwarding packets to serviceprovider
● For routes outside the routing domain and not learned by the dynamic routing
protocol
● When the network administrator wants to explicitly define the path for a specific
network
● For routing between stub networks
Static routes are useful for smaller networks with only one path to an outside
network. They also provide security in a larger network for certain types of traffic, or links
to other networks that need more control.

Dynamic routing protocols are commonly used in the following scenarios:

● In networks consisting of more than just a few routers
● When a change in the network topology requires the network to automatically
determine another path
● As the network grows, the dynamic routing protocol automatically learns about
any new networks.
Dynamic routing protocols are implemented in any type of network consisting of
more than just a few routers. Dynamic routing protocols are scalable and automatically
determine better routes if there is a change in the topology.

3. Floating Static Routes

● Static routes that are used to provide a backup path
● Used when primary route is not available
● Configured with a higher administrative distance (trustworthiness) than the
primary route
 4. Difference between Static and Dynamic Routes (In terms of features)

Lecture-10 Wireless LAN Concepts

1. What is Handoff or handover?

When a mobile host moves beyond the range of one base station and into the
range of another, it will change its point of attachment into the larger network (i.e.,
change the base station with which it is associated)—a process referred to as handoff or
handover.

2. Passive/ Active Scanning

Passive scanning:
(1) beacon frames sent from APs
(2) association Request frame sent: H1 to selected AP
(3) association Response frame sent from selected AP to H1
 Active scanning:
(1) Probe Request frame broadcast from H1
(2) Probe Response frames sent from APs
(3) Association Request frame sent: H1 to selected AP
(4) Association Response frame sent from selected AP to H1

3. IEEE 802.11 MAC Protocol: CSMA/CA

802.11 sender
1. if sense channel idle for Distributed Inter-frame Space (DIFS) then transmit entire
frame (no CD)
2. if sense channel busy then start random backoff time timer counts down while
channel idle transmit when timer expires if no ACK, increase random backoff
interval, repeat 2
802.11 receiver
if frame received OK return ACK after Short Inter-frame Spacing (SIFS) (ACK
needed due to hidden terminal problem)

4. 802.11 Frame Structure

 Pone htl mhr blank phyae khine ml

5. Wireless Network Taxonomy

6. Types of Wireless Networks

● Wireless Personal-Area Network (WPAN) – Low power and short-range (20-30ft
or 6-9 meters). Based on IEEE 802.15 standard and 2.4 GHz frequency.
Bluetooth and Zigbee are WPAN examples.
● Wireless LAN (WLAN) – Medium sized networks up to about 300 feet. Based on
IEEE 802.11 standard and 2.4 or 5.0 GHz frequency.
● Wireless MAN (WMAN) – Large geographic area such as city or district. Uses
specific licensed frequencies.
● Wireless WAN (WWAN) – Extensive geographic area for national or global
communication. Uses specific licensed frequencies.