Download project report on ccna

The working principle of the router is totally different from a switch. Router makes a table known as routing table, which contains all the IP address in the network, the information for IP address router obtains directly all configured IP address on it or indirectly from neighbour routers. When a packet is received it compares the destination IP address of the packet with the available IP addresses in its Routing table.

If the IP address is not available in the routing table then it simply discard the packet instead of flooding in all the ports like a switch. Detailed Information about router in chap.

Feature Hub Bridge Switch Router Number of 1 per broadcast router domains Segment 1 1 interface Number of 1 per 1 per collision bridge 1 per switch router domains 1 port port interface Forwards LAN broadcasts? There is a company, which has 2 offices. And the offices are meters apart. The connectivity between these two offices is the main requirement to be fulfilled.

In each office there are three different departments each department at different floor. In building Ist At each floor there are 20 users and also at 3rd floor there are 2 Servers. In building IInd At floor 1st and 2nd there are 20 users each. And at 3rd floor there are 40 users. The bandwidth requirement of each user is Mbps while the bandwidth requirement for the server is 1 Gbps. All floors must be connected to a central switch to be placed at IInd floor in office 2nd.

And connectivity should be via optical fiber. Every switch should be provide with one GBIC slot for future connectivity of server. Every where smart and managed switch should be used. Here we will use Cat5e UTP cable because bandwidth requirement is Mbps This trend of connecting the users to the switch will be followed at each and every floor but at floor 3rd of building IInd there are 40 user so here instead of 1 switch we require 2 switches.

At 3rd floor of building 1st 2 servers are also present whose bandwidth requirement is 1Gbps. So now we have two options either to connect with UTP cable or Fiber optic cable. But here we will use fiber optic as we are already using it so thee is no need to waste money on UTP Cat 6 Cable. So here we will simply use the fiber optic patch cord to connect the server to switch. Now only one thing is left i. As the connection requirement is via optical fiber so we at central location we require a switch having all its ports as GBIC slots and no of ports should not be more than 8 as there are only 7 24 port switches in use one optical cable line from each switch.

Now here as the distance between the two offices is only meters so here we will use multimode optical fiber and that too FX type and as the cable is to be laid in open so outdoor armored cable will be use. Enhance CAT. Construction: Corrugated steel tape armoured cable construction Multimode — Length- 1 meter. Like a computer, a router has a CPU that varies in performance and capabilities depending upon router platform.

It has typically 4 types of memory in it. We can also upgrade our ROM. Flash memory is erasable, reprogrammable ROM. Our IOS software is present in this memory and we can upgrade it also. Flash content is retained even when we switch off or restart the router.

RAM also provides caching and packet buffering capabilities. Its content is lost when we switch off or restart the router.

When we configure the router at that time actually we are writing in RAM. It does not lose data when power is switched off. So the contents of startup configuration files are maintained even when we switch off or restart the router. Console port can be connected to computers serial connection to gain terminal access to router.

Most routers also have an auxiliary port that is very similar to console port but, is typically used for modem connection for remote router management. The console port of the router is connected to the serial i. The detailed configuration is given in the section. We use HyperTerminal Program to open a console session and log into the router locally.

This console connection allows to connect to and to communicate with router without having to connect to the network to which it belongs. Now, the PC becomes the console that allows to enter commands and communicate directly with the router. These are the com port settings:. After pressing enter or OK to accept these settings, we came across a blank window. This is a session window. The Following steps are adopted to access a router through the console port with a Windows based PC.

Password: Now write password over here. This is done to secure access to router. After this. Router will appear on the screen this shows that we are in privileged mode and now we try to enter in configuration mode. Router configure terminal This is done to enter configuration mode. Now starts the configuration of router Now we will assign IP address to each and very interface connected to router.

Subnet mask should be given with a proper care. Following steps are to be followed:. Router config interface serial 0 Router config-if ip address RIP calculates the best route based on hop count. This makes RIP very fast to converge RIP sends full table updates at regular intervals specified by the route-update timer 30 seconds is the default.

This means that a RIP router summarizes all routes it knows along classful boundaries and sends the summary information to all other RIP routing devices.

RIP updates can contain up to 25 messages. Interval between route update advertisements timeout sec. Interval a route should stay 'live' in the routing table. This counter is reset every time the router hears an update for this route. Flush sec. How long to wait from the time the route was received to delete a route 60 seconds after timeout. The routing-update timer controls the time between routing updates. Default is usually 30 seconds, plus a small random delay to prevent all RIP routers from sending updates simultaneously.

The route-timeout timer controls when a route is no longer available. The default is usually seconds. If a router has not seen the route in an update during this specified interval, it is dropped from the router's announcements. The route is maintained long enough for the router to advertise the route as down hop count of The route-flush timer controls how long before a route is completely flushed from the routing table.

The default setting is usually seconds. According to the recollection of InetDaemon, configuring a Cisco router for a basic RIP configuration would look something like this:. The example above assumes that the interfaces that will be running RIP have IP addresses on them that fall within the IGRP IGRP is a distance-vector routing protocol that considers a composite metric which, by default, uses bandwidth and delay as parameters instead of hop count.

IGRP has a maximum hop limit of , by default, and can be configured to support a network diameter of With IGRP, routers usually select paths with a larger minimum-link bandwidth over paths with a smaller hop count. Links do not have a hop count. They are exactly one hop. IGRP sends its routing table to its neighbors every 90 seconds.

IGRP's default update period of 90 seconds is a benefit compared to RIP, which can consume excessive bandwidth when sending updates every 30 seconds. IGRP uses an invalid timer to mark a route as invalid after seconds three times the update timer. As with RIP, IGRP uses a flush timer to remove a route from the routing table; the default flush timer is set to seconds seven times the update period and more than 10 minutes.

If a network goes down or the metric for the network increases, the route is placed in holddown. The router accepts no new changes for the route until the holddown timer expires. This setup prevents routing loops in the network.

The default holddown timer is seconds three times the update timer plus 10 seconds. Update 90 seconds Invalid seconds. Holddown seconds Flush seconds. IP access lists cause a router to discard some packets based on criteria defined by the network engineer.

The goal of these filters is to prevent unwanted traffic in the network—whether to prevent hackers from penetrating the network, or just to prevent employees from using systems that they should not be using.

Therefore, if a packet does not match any of your access list statements, it is blocked. Access lists have two major steps in their logic: matching and action. Matching logic examines each packet and determines whether it matches the access-list statement. As soon as an access-list statement is matched, there are two actions to choose from: deny and permit. Deny means to discard the packet, and permit implies that the packet should continue on its way.

As the limits of networking is increasing unfolded so the danger of information leaking in and leaking out increases. So a mechanism is required to keep good bits in and bad bits out.

A firewall is a device of some kind that separates and protects our network - in most cases, from the Internet. It restricts traffic to only what is acceptable, and monitors that what is happening.

Every firewall has at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to.

A firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. It may be a hardware device or a software program running on a secure host computer. Hardware device means a physical devise connected at the gateway which checks every incoming or outgoing packet. Software program means that software is loaded in computer that determines as what to allow and what to reject. A firewall examines all traffic routed between the two networks to see if it meets certain criteria.

A firewall filters both inbound and outbound traffic. There are three different types of firewall technologies: 1 Packet Filtering 2 Proxy 3 Stateful Inspection. Packet Filtering A packet filtering firewall simply inspects incoming traffic at the transport layer of the OSI model.

In that case they use proxy i. Stateful Inspection It is a combination of Packet filtering and proxy services. This is the most secure technology and provides the most functionality because connections are not only applied to ACL, but are logged into a static table. After a connection is established, all session data is compared to the static table. If the session data does not match the state table information for that connection, then connection is dropped.

Five basic commands are used to do a basic configuring of the firewall. There are various options provided to us by the firewall regarding speed. Shutdown This parameter administratively shuts down the interface. The outside and inside interfaces are named by default and have default security values of 0 and , respectively. By default, the interfaces have their hardware ID. Ethernet 0 is the outside interface, and Ethernet 1 is the inside interface. The ip address command is used to configure IP addresses on the interfaces.

The ip address command binds a logical address IP address to the hardware ID. If the mask value is not entered, the firewall assigns a classful network mask. Example: ip address inside This is usually the inside network IP address. This results in more security as every time it has to pass through firewall. Examples: nat inside 1 An IDS is a security counter measure. It monitors network traffic and monitors for suspicious activity and alerts the system or network administrator.

Therefore, if you need to allow an opening to a system like a web-server , then a firewall cannot protect against intrusion attempts against this opening. In contrast, intrusion detection systems can monitor for hostile activity on these openings. A HIDS monitors the inbound and outbound packets from the device only and will alert the user or administrator of suspicious activity if detected.

NIDS Network Intrusion Detection Systems are placed at a strategic point or points within the network to monitor traffic to and from all devices on the network. Ideally you would scan all inbound and outbound traffic, however doing so might create a bottleneck that would impair the overall speed of the network. When an unauthorized user logs in successfully, or attempts to log in, they are best tracked with host-based IDS.

However, detecting the unauthorized user before their log on attempt is best accomplished with network-based IDS. There are four basic techniques used to detect intruders: 1 Anomaly detection 2 misuse detection signature detection 3 target monitoring. An example of this would be if a user logs on and off of a machine 20 times a day instead of the normal 1 or 2. Also, if a computer is used at AM when normally no one outside of business hours should have access, this should raise some suspicions.

At another level, anomaly detection can investigate user patterns, such as profiling the programs executed daily. If a user in the graphics department suddenly starts accessing accounting programs or compiling code, the system can properly alert its administrators.

Misuse Detection or Signature Detection this method uses specifically known patterns of unauthorized behavior to predict and detect subsequent similar attempts. These specific patterns are called signatures. For host-based intrusion detection, one example of a signature is "three failed logins. Target Monitoring These systems do not actively search for anomalies or misuse, but instead look for the modification of specified files.

This is more of a corrective control, designed to uncover an unauthorized action after it occurs in order to reverse it. One way to check for the covert editing of files is by computing a cryptographic hash beforehand and comparing this to new hashes of the file at regular intervals. This type of system is the easiest to implement, because it does not require constant monitoring by the administrator.

When suspicious or malicious traffic is detected an alert is generated and sent to the administrator or user and it is up to them to take action to block the activity or respond in some way. Reactive IDS A reactive IDS will not only detect suspicious or malicious traffic and alert the administrator, but will take pre-defined proactive actions to respond to the threat.

Typically this means blocking any further network traffic from the source IP address or user. IDS is required to be properly configured to recognize what is normal traffic on your network vs.

As with each BGC location further locations are connected so it is required to use a router at each location. Al the BGC locations are to be connected to the central location having a point to point connectivity. The BGC location are having a leased line connectivity of Kbps which can be up gradable to 2 Mbps. As per the requirement the proposed solution is to have point to point connectivity between the central location and the 28 BGC locations. The modem at the customer end is connected to a modem at the ISP side.

Like this way the central location having a Cisco Router is connected to 28 nos of 2 Mbps Leased Line modem pair. The connectivity diagram and the bill of material required for the solution is given in the following pages. In a traditional LAN each computer physically connects to the network via wires and a network port. A Wireless Local Area Network WLAN is a network that provides the same services but without the need for physical connections between the computers and the network.

Wireless LANs offer many advantages over traditional wired networks, such as mobility, flexibility, scalability and speed, simplicity and reduced cost of installation. IEEE developed the With time-to-time development in the field of technology three standards has been finalized. IEEE This is a topology used when there are many access points in a single location. By deploying multiple Access Points APs with overlapping coverage areas, organizations can achieve broad network coverage.

Each client is equipped with wireless network interface card NIC that consists of the radio transceiver and the logic to interact with the client machine and software. While the AP is essentially a radio transceiver on one side and the wired backbone on the other. In this architecture, client stations are grouped into a single geographic area and can be Internet-worked without access to the wired LAN infrastructure network.

The ad hoc configuration is similar to a peer-to-peer office network in which no node is required to function as a server. In ad hoc there is no need of any AP as all devices are wirelessly connected to each other. ISDN is actually a set of communication protocols proposed by telephone companies that allows them to carry a group of digital services that simultaneously convey data, text, voice, music, graphics, and video to end users, and it was designed to achieve this over the telephone systems already in place.

B channel Bearer channels B channels are used to transport data. B channels are called bearer channels because they bear the burden of transporting the data.

B channels operate at speeds of up to 64 kbps. D channel D channels are used for signaling. They are used to establish the session before the data is actually transfer. Both BRI and PRI provide multiple digital bearer channels over which temporary connections can be made and data can be sent. Uses an S reference point. Uses an R reference point, typically an RS or V. Can be thought of as the TE1 function group on behalf of a TE2. Connects with T or S reference points to other customer premises equipment.

R between TE2 and TA. T between NT2 and NT1. Open navigation menu. Close suggestions Search Search. User Settings.

Skip carousel. Carousel Previous. Carousel Next. What is Scribd? Explore Ebooks. Bestsellers Editors' Picks All Ebooks. Explore Audiobooks. Bestsellers Editors' Picks All audiobooks. Explore Magazines. Editors' Picks All magazines. Explore Podcasts All podcasts.

Difficulty Beginner Intermediate Advanced. Explore Documents. Show related SlideShares at end. WordPress Shortcode.

Share Email. Top clipped slide. Download Now Download Download to read offline. It is major training report of CCNA. Nikita Kaushal Follow.

Probation Officer. Ccna Presentation. Report training. CCNA ppt. Ccna training report. CCNA presentation. Related Books Free with a 30 day trial from Scribd. Dry: A Memoir Augusten Burroughs. Related Audiobooks Free with a 30 day trial from Scribd. Empath Up! Abhijeet Gund. Tahira Iqbal. Malik Hashmat. Ahmed Araishy. Noman Elbakly. Atmeshwar Singh. Nityanand Singh. Levendra gendle , Student at rungta college raipur. Shailesh Arya.

Kaushikee Dwivedi. Ravikant Kumar. Arush Khajuria. Show More. Views Total views. Actions Shares. No notes for slide. CCNA training report 1. Amit Mr. Sharma Nikita Kaushal 2.