Saturday, March 24, 2012

Cisco CCNA: Additional Configurations


Cisco CCNA: Additional Configurations



Unit 1. ISDN



In this course, you will examine three frequently used WAN configurations that are more advanced than configurations discussed in previous courses. These configurations are ISDN, X.25, and Frame Relay.
In the first unit, you will investigate the commands to configure ISDN BRI using Dial-on-Demand routing.

After completing this unit, you should be able to:
  • List the required commands for configuring ISDN BRI

  • Identify the effects of each command

  • List optional, but recommended configuration commands


This unit does not address any specific Cisco objectives. However, it does provide background information that is essential for the CCNA exam.
In the course index, questions about background information are indicated with the abbreviation BCK and a short description of the question subject matter.

Topic 1.1: A Review of ISDN

*A Brief Review of ISDN
ISDN (Integrated Services Digital Network) is an example of WAN time-division multiplexing (TDM). TDM takes information from multiple sources and allocates bandwidth on a single media. Circuit-switched signaling determines the call route, which is a dedicated path between the sender and the receiver.

*ISDN Components
ISDN components, which are also known as function groups, consist of the following:
  • Terminals — such as TE1 and TE2
  • Terminal adapters (TAs) — these are used with TE2 devices
  • Network-terminating devices — such as NT1 or NT2
  • Line-terminating equipment — the local loop connection to the carrier equipment
  • Exchange-terminating devices — these are the switches in the carrier equipment


*TE1 and TE2 Devices
TE1 devices are specific to ISDN. Examples include computers, videoconferencing equipment, ISDN telephones and FAX machines, and ISDN bridges/routers. TE1s use the subscriber's four-wire, twisted-pair digital wiring to connect to the ISDN.
TE2 devices are not specific to ISDN. For example, standard analog telephones and modems are TE2s. TE2 devices require a TA, which can be either a standalone device or a board inside the TE2. If the TA is a board inside the TE2, then the TE2 needs to connect to a Physical-layer interface, such as a EIA/TIA-232-C, V.24, or V.35.

*The NT1
The NT1 terminating device is part of the subscriber's CPE (Customer Premises Equipment), which is also known as the DTE (Data Terminal Equipment). It is used in small businesses or homes. (This is true only for North America; otherwise the NT1 is classified as carrier equipment.)
The NT1 connects the CPE to the CO (Central Office) switching equipment, and converts a four-wire interface into a two-wire interface.
The two-wire interface is on the CPE side. It is a Physical-layer device.

*The NT2
The NT2 is a device that supplies multiple ISDN interfaces on the ISDN line.
For example, it could be a simple bridging device connected to an NT1, or it could be a complicated PBX that is used in larger enterprises.
The NT2 applies Layer 2 (Data Link) and Layer 3 (Network) protocols.

*ISDN Line
The ISDN line connects the subscriber to the standard, circuit-switched telephone network that is found everywhere (i.e., POTS — plain old telephone service). The ISDN line, or pipe as it is often called, is composed of channels. Channels are communication paths. Depending on the type of ISDN service, there may be three channels or twenty-four channels.
There are two types of channels:
  • B, which stands for Bearer
  • D, which stands for Data


*ISDN Channels
The B channel carries voice, data, and B channel packets at the high speed of 64 kbps.
The D channel carries the signaling and D channel packets at either 16 or 64 kbps. The signaling is out-of-band and is transmitted through the SS7 network, a separate network just for call signaling. The D channel functions on the Physical, Data Link, and Network layers of the OSI.

*Types of ISDN Services
There are two types of ISDN services:
  • BRI (Basic Rate Interface) — BRI service consists of two 64-kbps B channels and one 16-kbps D channel.
  • PRI (Primary Rate Interface) — In North America and Japan, PRI service consists of twenty-three 64-kbps B channels, and one 64-kbps D channel, and requires a T1 line.


*Basic Rate Interface
BRI is also known as a 2B+D connection. The two B channels are called B1 and B2, even though they share the same characteristics. These combinations of transmissions are possible with BRI:
  • Two simultaneous voice or data transmissions to the same or different locations
  • Simultaneous D packet transmissions to yet another location
In this unit we will limit our configuration to BRI.

Topic 1.2: Configuring ISDN

*One Router...
Now that we have reviewed the basics of ISDN, let's look at some configurations.
This configuration assumes you are configuring your local network so that one main router, installed with an ISDN BRI network module, is connected to an established ISDN line. DDR (Dial-on-Demand Routing) is used, which means that the router dials up to connect to a remote site. The alternative to DDR is a leased line.

*...That Uses PPP
This configuration also assumes that the router has already been assigned an IP address.
Finally, ISDN can use PPP, HDLC, or X.25 as the method of encapsulation.
This configuration assumes you are using PPP, and that the PPP hostname and password have already been configured. PPP configuration is covered in a previous course.

Topic 1.3: Global Configurations

*Configuring the Switch Type
The first command is executed in global configuration mode. The command syntax is:
Router(config)#isdn switch-type switch-type
This command configures the type of switch used at the Central Office (CO) of the service provider.
Router(config)#isdn switch-type basic-ni

*Interface Mode over Global Mode
This command can also be used in the interface mode. If the command is configured in both modes, the interface mode of this command supersedes the global mode.
In the code shown here, the basic-5ess switch type will be used.
Router(config)#isdn switch-type basic-ni
...
Router(config-if)#isdn switch-type basic-5ess

*North American Switch Types
There are many switch types, depending on the country for which you are configuring. One universal switch-type is none, which means no switch is defined. The switch-type for North America includes these:
  • basic-5ess — This configures AT&T 5ESS basic rate switches.
  • basic-dms100 — This configures Northern Telecom DMS-100 basic rate switches.
  • basic-ni — This configures National ISDN NI basic rate switches.


*Disabling switch-type
Instead of using the no keyword to disable the switch-type, use the argument none.
Router(config)#isdn switch-type none

Question 1

Question 2

Topic 1.4: Interface Configurations

*Configuring the ISDN Interface
Now it's time to configure the ISDN interface.
First, enter the interface submode of global configuration.
Router(config)#interface bri0

*Adding an Interface Description
Although it is optional, it is highly recommended that you add an interface description.
Router(config)#interface bri0
Router(config-if)#description ISDN BRI 0 interface

*Defining a SPID
If you are using DMS-100 (basic-dms100) or National ISDN (basic-ni) switches, you must now define a SPID (service profile identifier). SPID1 is a number that identifies the B1 channel, and SPID2 identifies the B2 channel.
SPIDs are assigned by the ISDN service provider. Although SPIDs have no uniform cross-vendor formatting, in the United States they are typically 10-digit phone numbers followed by a 4-digit number for the ISDN device.
This is the command syntax:
Router(config-if)#isdn spid1 spid-number [ldn]
Router(config-if)#isdn spid2 spid-number [ldn]
Router(config-if)#isdn spid1 12345678901234
Router(config-if)#isdn spid2 12345678901235

*The Local Directory Number
The ldn is the local directory number. This is a 7-digit number, also assigned by the ISDN service provider. The ldn is responsible for call routing.
Although ldn is optional, you must be aware of the implications of omitting it. DMS-100 (basic-dms100) or National ISDN (basic-ni) switches typically need both the SPID and the ldn. Without the ldn, the B1 channel is used as a full-duplex connection, but the B2 channel is used for outgoing connections only.

*The no Keyword
Use the no keyword to disable the SPIDs. Disabling prevents access to the service provider's switch.
Router(config-if)#no isdn spid1 12345678901234 5551234
Router(config-if)#no isdn spid2 12345678901235 5551235

*Authenticating Multiple Sites
The dialer map command is used to dial and authenticate multiple sites. Authentication uses the same hostname that is configured with PPP. This is the command syntax:
Router(config-if)#dialer map protocol next-hop-address [name hostname] [spc] [speed 56|64] [broadcast] [dial-string [:isdn-subaddress]]
Router(config-if)#dialer map ip 192.168.1.27 name myPPPhostname 5551234

*The protocol
The protocol can be AppleTalk, Banyan VINES, bridge, CLNS, DECnet, IP, IPX, Novell, Snapshot, or XNS.
The next-hop-address is the next-hop address, and is given for the selected protocol (except bridge, which doesn't need this argument).

*The Remote Device
The name hostname refers to the remote device. It must use the same hostname configured with PPP. This argument is case-sensitive. Use this option when using caller ID. The keyword spc is only used in Germany and Australia; it specifies a semipermanent connection between the customer's equipment and the service provider's exchange.

*The speed Options
Two speeds — 56 and 64 kbps — are the only valid options for speed. If none is specified, the default of 64 kbps is assumed.
The keyword broadcast specifies that broadcasts are sent to the address and protocol specified in this command.

*The Last Two Arguments
Now it's time for the last pair of arguments: dial-string [:isdn-subaddress]. dial-string is a telephone number. If any packets that are addressed with the next-hop address match the criteria specified in access lists, then the telephone number is sent to the dialing device. The isdn-subaddress is used in multipoint ISDN connections.
If the name hostname option is configured, but the dial-string [:isdn-subaddress] is not, then remote (i.e., called) sites can call this central site router. The central site router cannot call the remote site without the dial-string argument.

You can repeat the dialer map command for each destination you want to call.

Question 3

Question 4

Question 5

Question 6

Question 7

Topic 1.4.1: Configuring the Bandwidth

*Configuring Bandwidth on Demand
The next dialer command configures bandwidth on demand. This is done by setting a number value for the load threshold. The load threshold represents the allowed maximum actual usage of the maximum possible load on a connection. The actual load usage is computed dynamically by the router, and is based on bandwidth.
This is the command syntax:
Router(config-if)#dialer load-threshold load [outbound|inbound|either]
Router(config-if)#dialer load-threshold 75

You can configure your router to set a bandwidth value for an interface. The bandwidth is configured in the interface submode. You learned about this command in an earlier course in the series.
Router(config-if)#bandwidth kilobits

*The load and Its Options
As we just stated, the load represents the allowable actual usage of the maximum load. This value can range from 1 to 255. Therefore, 100% usage of the maximum possible load is 100% of 255, which equals 255. In our example, the load-threshold is 75, which represents about 29% of the maximum load (75/255 x 100 = 29%).
The options outbound, inbound, and either specify whether the load value is computed for the outgoing data, incoming data, or both.

*Reaching the Load Threshold
If the load threshold is reached, the router can add another link. When the computed load falls below the load threshold, the added link can be dropped.
The load threshold value is checked before a router can make another call because, in normal operation, the router does not interrupt current calls.
Router(config-if)#dialer load-threshold 75

*Configuring a Dialer Group
The next command configures a dialer group. This is the command syntax:
Router(config-if)#dialer-group group-number
This command configures the dialer group to which the interface belongs. This helps control access to the ISDN interface. Only one dialer group can be configured on the interface. If more than one have been configured, the latest dialer group is the valid one.
Router(config-if)#dialer-group 1

*The group-number
The group-number identifies the dialer group. It is any number in the range 1–10.

Question 8

Question 9

Topic 1.4.2: Configuring Timeouts

*Reconfiguring a Timeout
It is often useful to reconfigure a timeout that specifies the idle time before the disconnection of the line. Although this is especially true when encapsulating with PPP, it is just a general precaution to avoid overloading lines and switching equipment. The command syntax is as follows:
Router(config-if)#dialer idle-timeout seconds
Router(config-if)#dialer idle-timeout 15

*Idle Time
The seconds argument is the idle time that must occur on the interface before the disconnection of the line. The default is 120 seconds. Only calls for the specified dialer group can reset the timeout clock. The idle timeout operates on both incoming and outgoing calls.

*Longer Connection
When PPP multilinking is configured, you can set the timeout so that the multilink bundle can be connected for a longer time.
Router(config-if)#dialer idle-timeout 150

*The fast-idle Timer
However, if the interface tends to be busy, you can also set the fast-idle timer. This is the command syntax:
Router(config-if)#dialer fast-idle seconds
Router(config-if)#dialer fast-idle 15

*Competing for an Outgoing Line
This command is only used if there is contention, or competition, for incoming or outgoing lines. The argument seconds specifies the idle timeout until a line is disconnected if another call is waiting to be placed. The default is 20 seconds.

*Interesting Packets
Be aware that the dialer fast-idle command may cause packets to be dropped. This happens when a packet for a different next-hop address arrives at the router before the fast-idle timeout has ended. The current call cannot handle a packet that has a different next-hop address, and the call is not disconnected until the fast-idle timeout has ended. Incidentally, another packet, which has the same next-hop address as the current call's destination address, can be routed through; in this case, the fast-idle timer is reset.
A different next-hop packet is also dropped when an interesting packet, which has the same next-hop address, arrives. A packet is interesting if it matches an access-list permit entry.

*Fast Switching
By default, all DDR connections use fast switching. Fast switching uses a cache to switch earlier packets with later ones; therefore, fast switching provides greater throughput. However, you may prefer to disable fast switching if you need more memory on an interface card, or if want to reduce the congestion caused by high-bandwidth interfaces connecting to low-bandwidth interfaces.
To disable fast switching, use this command syntax:
Router(config-if)#no ip route-cache

*All or Nothing
With ISDN BRI, fast switching operates on all or none of the 2B+D channels. Because of this all-or-none condition, some administrators choose to disable it.
Re-enable fast switching with this command:
Router(config-if)#ip route-cache

*The Entire ISDN Configuration
The full configuration is shown here.
Router(config)#isdn switch-type basic-ni
Router(config)#interface bri0
Router(config-if)#description ISDN BRI0 interface
Router(config-if)#isdn spid1 12345678901234 5551234
Router(config-if)#isdn spid2 12345678901235 5551235
Router(config-if)#dialer map ip 192.168.1.27 name myPPPhostname 5551234
Router(config-if)#dialer load-threshold 75
Router(config-if)#dialer-group 1
Router(config-if)#dialer idle-timeout 150
Router(config-if)#dialer fast-idle 15
Router(config-if)#no ip route-cache

Question 10

Question 11

Question 12

Question 13

Question 14

Topic 1.5: Recommended Configurations

*Timestamping Messages
You may want to consider using the following two service timestamps commands, which place timestamps on log and debug messages.
Add these commands before entering any ISDN configurations.

*Configuring Timestamping
This is the command syntax:
Router(config)#service timestamps type datetime [msec] [localtime] [show-timezone]
The type argument specifies whether a debug or log message is timestamped. The uptime argument specifies the amount of time since the system was rebooted. uptime is formatted HHHH:MM:SS. The datetime is the system clock timestamp for the log or debug message, and it is formatted as MMM DD HH:MM:SS. The msec argument adds milliseconds to the timestamp. localtime shows the timestamp in the local time zone, and show-timezone displays the time zone as part of the timestamp.
Router(config)#service timestamps debug datetime msec
Router(config)#service timestamps log datetime msec

*The Complete Configuration
Here is a complete configuration, which includes PPP encapsulation, multiple BRI interfaces, and recommended configurations.
Router(config)#service timestamps debug datetime msec
Router(config)#service timestamps log datetime msec
Router(config)#isdn switch-type basic-ni
Router(config)#interface bri0
Router(config-if)#description ISDN BRI0 interface
Router(config-if)#encapsulation ppp
Router(config-if)#ppp authentication chap
Router(config-if)#ppp chap myPPPhostname
Router(config-if)#ppp chap password ok5678
Router(config-if)#compress stac
Router(config-if)#ppp multilink
Router(config-if)#ppp quality 75
Router(config-if)#isdn spid1 12345678901234 5551234
Router(config-if)#isdn spid2 12345678901235 5551235
Router(config-if)#dialer map ip 192.168.1.27 name myPPPhostname 5551234
Router(config-if)#dialer load-threshold 75
Router(config-if)#dialer-group 1
Router(config-if)#dialer idle-timeout 150
Router(config-if)#dialer fast-idle 15
Router(config-if)#no ip route-cache

Question 15


* Exercise 1
Try configuring ISDN BRI for Dial-on-Demand routing.


Examine the following table
Step Action
1 List the commands needed to configure ISDN BRI for Dial-on-Demand routing. Include encapsulation commands, since they influence ISDN configuration. Also include optional, but recommended, commands.
2 Beside each command, write the intended effect of the command.
3 Beside each command, write whether the command is applicable to your system. If another set of commands is applicable, such as X.25 encapsulation instead of PPP, try to substitute these commands.


Topic 1.6: Unit 1 Summary

In this unit, you learned how to configure ISDN BRI using Dial-on-Demand routing.
After reviewing some basic principles of ISDN, you looked at required ISDN BRI configurations. You learned what the results of each of the commands would be. You also learned about an optional, but recommended command to timestamp log and debug messages.
In the next unit, you will use show commands to verify the ISDN BRI configurations you learned in this unit.

Unit 2. Showing ISDN Configurations



In the preceding unit, you discovered that ISDN configuration is relatively complex. With this level of complexity, you need to verify your configuration.
In this unit, you'll examine the show commands that allow you to verify and monitor ISDN interfaces.

After completing this unit, you should be able to:
  • Identify the ISDN-specific show commands

  • List the non-ISDN-specific show commands that provide ISDN information

  • List the information displayed for each command


This unit does not address any specific Cisco objectives. However, it does provide background information that is essential for the CCNA exam.
In the course index, questions about background information are indicated with the abbreviation BCK and a short description of the question subject matter.

Topic 2.1: Displaying ISDN Information

*A Few Commands
We'll begin by pointing out some of the show commands that provide helpful information, even though they are not specific to ISDN. These commands include:
  • Router#show running-config
  • Router#show startup-config
  • Router#show interfaces

Router#show running-config
Building configuration...
Current configuration:
!
...
!
interface BRI0
 ip address 192.168.1.27 255.255.255.0
 no ip route-cache
 encapsulation ppp
 shutdown
 dialer idle-timeout 15
 dialer map ip 192.168.1.27 name cba 5551234
 dialer load-threshold 186
 dialer-group 1
 compress stac
 ppp authentication chap
...
*ISDN show Commands
However, there are some show commands that provide more detailed ISDN information. The commands we will discuss in this unit include:
  • Router#show isdn
  • Router#show controllers bri
  • Router#show interfaces bri
  • Router#show dialer


Even though we present the show commands in privileged EXEC mode, you can use them in user EXEC mode, unless specifically noted.

Topic 2.2: The All-Purpose Command

*The show isdn Command
The show isdn command is a great all-around command. The arguments for this command can be manipulated to show such information as past and current calls, time and memory statistics, and interface status.
This is the command syntax:
Router#show isdn {active|history|memory|status [dsl|interface-type number]|timers}
Router#show isdn active

*Showing Past and Current Information
The keyword active displays current information: called number, duration of the call (until call disconnection), and information about the AOC (Advice of Charge) charging units. AOC provides charging information to users for all calls. AOC-D gives charging information during a call. AOC-E gives charging information at the end of a call. The keyword history shows information for both past and present calls.
memory shows statistics about the memory pool. This is probably of little interest to you, but may be useful to tech support for the router or ISDN connection.

*Showing the ISDN Interface Status
The keyword status [dsl|interface-type number] shows the status of all ISDN interfaces. The combined status [dsl|interface-type number] displays link-specific or interface-specific information. dsl is an acronym for digital signal link. The interface-type can be bri or serial.

show isdn history Output
The keyword timers shows times for Layer 2 and Layer 3 timers.
Here is some sample output for show isdn history.
Router# show isdn history
-------------------------------------------------------------------------
                              ISDN CALL HISTORY
-------------------------------------------------------------------------
History Table MaxLength = 310 entries
History Retain Timer = 15 Minutes
-------------------------------------------------------------------------
Call  Calling  Called   Duration   Remote  Time until  Recorded Charges
Type  Number   Number   Seconds    Name    Disconnect  Units/Currency 
-------------------------------------------------------------------------
Out           16387654  240        smith                 5      u(D)
In    67890             90         jones
Out           12345678  Active(90) smith       240      13      u(D)
-------------------------------------------------------------------------

Question 16

Question 17

Question 18

Topic 2.3: Displaying Channel-Specific Information

*The show controllers bri Command
The show controllers bri command displays channel-specific information. The command syntax is as follows:
Router#show controllers bri number
The argument number ranges from 0–7 for routers with one 8-port BRI network interface module, and 0–15 for routers with two 8-port BRI network interface modules. This command must be executed in privileged EXEC mode.
Router#show controllers bri 0

*Some Output
Here is typical show controllers bri 0 output.
Router# show controllers bri 0

BRI unit 0
D Chan Info:
Layer 1 is ACTIVATED
idb 0x32089C, ds 0x3267D8, reset_mask 0x2
buffer size 1524
RX ring with 2 entries at 0x2101600 : Rxhead 0
00 pak=0x4122E8 ds=0x412444 status=D000 pak_size=0
01 pak=0x410C20 ds=0x410D7C status=F000 pak_size=0
TX ring with 1 entries at 0x2101640: tx_count = 0, tx_head = 0, tx_tail = 0
00 pak=0x000000 ds=0x000000 status=7C00 pak_size=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns
B1 Chan Info:
Layer 1 is ACTIVATED
idb 0x3224E8, ds 0x3268C8, reset_mask 0x0
buffer size 1524
RX ring with 8 entries at 0x2101400 : Rxhead 0
00 pak=0x421FC0 ds=0x42211C status=D000 pak_size=0
01 pak=0x4085E8 ds=0x408744 status=D000 pak_size=0
02 pak=0x422EF0 ds=0x42304C status=D000 pak_size=0
03 pak=0x4148E0 ds=0x414A3C status=D000 pak_size=0
04 pak=0x424D50 ds=0x424EAC status=D000 pak_size=0
05 pak=0x423688 ds=0x4237E4 status=D000 pak_size=0
06 pak=0x41AB98 ds=0x41ACF4 status=D000 pak_size=0
07 pak=0x41A400 ds=0x41A55C status=F000 pak_size=0
TX ring with 4 entries at 0x2101440: tx_count = 0, tx_head = 0, tx_tail = 0
00 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
01 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
02 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
03 pak=0x000000 ds=0x000000 status=7C00 pak_size=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns
B2 Chan Info:
Layer 1 is ACTIVATED
idb 0x324520, ds 0x3269B8, reset_mask 0x2
buffer size 1524
RX ring with 8 entries at 0x2101500 : Rxhead 0
00 pak=0x40FCF0 ds=0x40FE4C status=D000 pak_size=0
01 pak=0x40E628 ds=0x40E784 status=D000 pak_size=0
02 pak=0x40F558 ds=0x40F6B4 status=D000 pak_size=0
03 pak=0x413218 ds=0x413374 status=D000 pak_size=0
04 pak=0x40EDC0 ds=0x40EF1C status=D000 pak_size=0
05 pak=0x4113B8 ds=0x411514 status=D000 pak_size=0
06 pak=0x416ED8 ds=0x417034 status=D000 pak_size=0
07 pak=0x416740 ds=0x41689C status=F000 pak_size=0
TX ring with 4 entries at 0x2101540: tx_count = 0, tx_head = 0, tx_tail = 0
00 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
01 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
02 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
03 pak=0x000000 ds=0x000000 status=7C00 pak_size=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns

*Packets to be Transmitted
We'll point out just a few things for the show controllers bri 0 output. The values for tx_count, tx_head, and tx_tail represent, respectively, the number of packets that need to be transmitted, the start of the list, and the end of the transmit list.
TX ring with 1 entries at 0x2101640: tx_count = 0, tx_head = 0, tx_tail = 0

*Missed Packets
missed datagrams are incoming packets that are missed because of internal problems.
0 missed datagrams, 0 overruns, 0 bad frame addresses

overruns and transmitter underruns
overruns are the instances when the receiver hardware couldn't pass data to a hardware buffer. This occurs because the input rate is greater than the receiver hardware can handle.
However, transmitter underruns are the instances when the transmitter is running too fast for the router.
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns

Question 19

Question 20

Topic 2.4: Displaying Output for ISDN Channels

*The show interfaces bri Command
The show interfaces bri command displays output for ISDN B or D channels. This command is available only in privileged EXEC mode. This is the command syntax:
Router#show interfaces bri number[[:bchannel]|[first] [last]] [accounting]
The number is the interface number, which can range from 0–7 or 0–15, depending on your router. Notice that number is required. If you just list the number without the remaining options, the interface information for the D channel is displayed. In the example shown here, only D channel information on interface BRI 2 is displayed.
Router#show interfaces bri 2

*A Few Options
The next set of options is rather confusing. You can choose the :bchannel option or the first last options. The :bchannel option specifies a particular B channel. The first option displays output for the first B channel, which can be 1 or 2. The last option displays output for B channel 2. Please note, however, that using the last option implies that output for channels 1 and 2 will be displayed.
The keyword accounting displays a count of the packets that have passed through the interface. The packets are grouped according to type of protocol.

show interfaces bri Output
In the show interfaces bri example shown here, output is displayed for B channel 1 on interface BRI 0.
Router# show interfaces bri 0:1
BRI0:1 is down, line protocol is down
  Hardware is BRI
  MTU 1500 bytes, BW 64 Kbit, DLY 20000 usec, rely 255/255, load 1/255
  Encapsulation PPP, loopback not set, keepalive not set
  LCP Closed
  Closed: IPCP
  Last input never, output never, output hang never
  Last clearing of "show interface" counters never
  Queueing strategy: fifo
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
  5 minute input rate 0 bits/sec, 0 packets/sec
  5 minute output rate 0 bits/sec, 0 packets/sec
     0 packets input, 0 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 packets output, 0 bytes, 0 underruns
     0 output errors, 0 collisions, 7 interface resets
     0 output buffer failures, 0 output buffers swapped out
     0 carrier transitions

Question 21

Question 22

Topic 2.5: Showing Dial-on-Demand Configurations

*The show dialer Command
The show dialer command shows Dial-on-Demand configurations, which include synchronous serial, asynchronous serial, ISDN PRI, and ISDN BRI interfaces. This is the command syntax:
Router#show dialer [interface type number]
Router#show dialer interface bri0

show dialer interface Output
Here is a typical display of output from show dialer interface for ISDN BRI.
Router# show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String      Successes   Failures    Last called   Last status
0 incoming call(s) have been screened.
BRI0: B-Channel 1
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: ip (s=6.1.1.8, d=6.1.1.1)
Interface bound to profile Dialer0
Time until disconnect 102 secs
Current call connected 00:00:19
Connected to 5773872 (williams)
BRI0: B-Channel 2
Idle timer (200 secs), Fast idle timer (15 secs)
Wait for carrier (30 secs), Re-enable (14 secs)
Dialer state is idle

*The Dial String
In the last line shown here, the dial string was configured with this command:
Router(config-if)##dialer map ip 192.168.1.27 name myPPPusername 5551234
The successes include all successful connections, regardless of whether data was passed.
Router# show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String      Successes   Failures    Last called   Last status

*Dialer Operation
This last line of output shown here indicates that the dialer came up as expected.
If the message is physical layer up, then the line protocol LCP came up but NCP did not. If any other message is displayed, then the dialer is not operating as expected.
Router# show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String      Successes   Failures    Last called   Last status
0 incoming call(s) have been screened.
BRI0: B-Channel 1
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up

*Where the Data Goes
The last line shown here indicates that data was headed for the B1 channel.
Router# show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String      Successes   Failures    Last called   Last status
0 incoming call(s) have been screened.
BRI0: B-Channel 1

*Who Initiated the Call
The last line shown here indicates that an IP packet initiated the call.
Router# show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String      Successes   Failures    Last called   Last status
0 incoming call(s) have been screened.
BRI0: B-Channel 1
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: ip (s=6.1.1.8, d=6.1.1.1)

*Configuring the Timer
These commands were responsible for the last line of output shown here:
Router(config-if)#dialer idle-timeout 200
Router(config-if)#dialer fast-idle 15
Router# show dialer interface bri 0
BRI0 - dialer type = ISDN
Dial String      Successes   Failures    Last called   Last status
0 incoming call(s) have been screened.
BRI0: B-Channel 1
Idle timer (120 secs), Fast idle timer (20 secs)
Wait for carrier (30 secs), Re-enable (15 secs)
Dialer state is data link layer up
Dial reason: ip (s=6.1.1.8, d=6.1.1.1)
Interface bound to profile Dialer0
Time until disconnect 102 secs
Current call connected 00:00:19
Connected to 5773872 (williams)
BRI0: B-Channel 2
Idle timer (200 secs), Fast idle timer (15 secs)

Question 23

Question 24


* Exercise 1
Try verifying and monitoring your ISDN BRI configuration for Dial-on-Demand routing.

Examine the following table
Step Action
1 In the previous unit, you studied the commands for configuring ISDN BRI for Dial-on-Demand routing.
Now it's time to know whether you configured correctly. List the commands that enable you to verify and monitor your ISDN interface.
2 Next to each command, write the main focus of the output.
3 Also next to each command, list at least three parameters that are displayed.


Topic 2.6: Unit 2 Summary

In this unit, you learned some commands that help you to verify and monitor ISDN operations.
This concludes your examination of ISDN. In the next unit, you'll study X.25 configuration.

Unit 3. X.25



Although X.25 is relatively old in the realm of WANs, it is still useful to know how to configure an X.25 interface.
In this unit, you'll examine the minimum configurations needed for X.25, and then you'll look at some optional configurations that optimize X.25 network performance.

After completing this unit, you should be able to:
  • Discuss the required commands to configure an X.25 interface

  • Identify commands that can improve X.25 connections

  • List some commands that verify your configuration


This unit does not address any specific Cisco objectives. However, it does provide background information that is essential for the CCNA exam.
In the course index, questions about background information are indicated with the abbreviation BCK and a short description of the question subject matter.

Topic 3.1: A Review of X.25

*Another Look at X.25
X.25 uses packet-switching to enhance — not replace — the existing phone PDN (Public Data Network).
Some of the enhancements include flow control and error checking. One type of flow control is called windowing.

*X.25 and Windowing
Packet structure varies, depending on whether it follows modulo 8 or modulo 128 windowing. Windows are the number of data packets a source can send without receiving any acknowledgment messages. Modulo 128 is rare because it is typically used for satellite instead of virtual circuit transmissions.
Modulo 8 allows a maximum of 8 packets (numbered 0–7), and modulo 128 allows a maximum of 128 packets (numbered 0–127). The x.25 modulo command, which configures windowing, is discussed later in this unit.

*X.25 Network
At the minimum, an X.25 network consists of DTEs, DCEs, and a PSE (Packet Switching Exchange).

*DTEs
The DTEs are located on the users' — or subscribers' — premises. They can be any of these devices:
  • Dumb terminals, computers, or network hosts

  • Routers


*DCEs and PSE
The DCEs are the interfaces between the DTE and the PSE. The DCE is usually located in the carrier network. DCEs usually handle the clock signaling that synchronizes the transmission of data. DCEs consist of these devices:
  • Modems
  • Concentrators
The PSE consists of the switches that make up most of the carrier network, or PDN.

*X.25 Layout
The logical X.25 layout includes SVCs (Switched Virtual Circuits) and PVCs (Permanent Virtual Circuits). Virtual circuits are bi-directional (or full-duplex) paths that connect DTEs to other DTEs. The physical connection may pass through many circuits between the source and destination.

*X.121 Addresses
The X.121 protocol defines two fields for addressing X.25 packets. The PDN service provider provides the information needed for the X.121 address.
The first field of the address is the DNIC (Data Network ID Code). This number is assigned by the ITU and identifies the country and PSN where the destination DTE is located. This field is four digits.

*The DNIC and NTN
The second field of the address is the NTN (Network Terminal Number). The NTN identifies the actual destination DTE device. The first eight digits are defined by the PSN provider. The last two or three digits are assigned locally to a particular application or device.
Together, the DNIC and NTN range from 1–15 digits. We will configure X.121 addresses later in this unit.

Question 25

Question 26

Topic 3.2: Configuring X.25 Parameters

*Configuring over a Serial Interface
For our example, we will configure X.25 over a serial interface using X.25 encapsulation.
As in the previous unit, our example assumes that one router is being configured, and that the IP address and PPP hostname for this router have been configured previously.

*Configuring Timestamps
Also, like the previous unit, it is recommended that you configure the timestamps for log and debug messages and add an interface description.
Router(config)#service timestamps debug datetime msec
Router(config)#service timestamps log datetime msec
Router(config)#interface serial 0
Router(config-if)#description X.25 test interface

Topic 3.2.1: Interface Configurations

*Configure the Encapsulation Type
The first task is to configure the type of encapsulation, which for us will be X.25. If you do not specify X.25, then the default encapsulation will be used. For serial interfaces, the default is HDLC. This is the command syntax for configuring encapsulation:
Router(config-if)#encapsulation x25 [dte|dce] [ddn|bfe]|[ietf]
Router(config-if)#encapsulation x25

*Optional Arguments
All the arguments for X.25 encapsulation are optional. If you do not specify any arguments, Cisco's X.25 encapsulation is the default.
dte and dce have been discussed previously. DTEs are usually located on the users' premises. The DCEs are the interfaces between the DTE and the PSE. The DCE is usually located in the carrier network.

*The Defense Data Network
ddn is the Defense Data Network. ddn is used when the interface uses DDN X.25 Standard Service to connect to a Defense Data Network.
bfe is Blacker Front End. bfe is used when the interface connects with a BFE device. DDN and BFE devices differ from other typical X.25 network environments in that each uses its IP address to create an X.121 address. Also, a BFE can function as a DTE only, but the DDN device can be either DTE or DCE.
Router(config-if)#encapsulation x25 dce ddn

*Standardizing Encapsulation
ietf is the IETF's attempt to standardize X.25 encapsulation for all possible protocols.
This form of X.25 encapsulation allows the transmission of multiple protocols across one virtual circuit.
Router(config-if)#encapsulation x25 ietf

Question 27

Question 28

*The x.25 address Command
The next command — x25 address — assigns the X.121 address to a specified network interface. This is the command syntax:
Router(config-if)#x25 address x121-address
The argument x121-address is the X.121 address. This address is variable in length (1–15 digits) and is assigned by the X.25 service provider.
Router(config-if)#x25 12345678901

*Not Always Necessary
This command is not needed if the X.25 interface is only using X.25 switching to communicate. Also, as we said earlier, DDN and BFE systems create their own X.121 addresses, which cannot be changed. Therefore, this step of the configuration process is skipped sometimes.
Router(config-if)#

*Configuring the Mapping of LAN Protocols
The x25 map command configures the mapping of LAN protocols to the remote host. LAN-protocol-to-remote-host mapping is needed for every host that can receive X.25-encapsulated packets from the router. This is the command syntax:
Router(config-if)#x25 map protocol address [protocol2 address2[...[protocol9 address9]]] x121-address [option]
Router(config-if)#x25 map ip 192.168.1.27 12345678901

*The Protocols
At least one protocol and address pair must be configured. protocol is a keyword representing one of twelve protocols supported by X.25. These protocols include: apollo, appletalk, bridge, clns, compressedtcp, decnet, ip, ipx, pad (PAD links2), qllc (SNA encapsulation in X.253), vines, and xns. A maximum of nine protocols can be mapped per interface.
The x121-address is the X.121 address of the remote host.
Router(config-if)#x25 map ip 192.168.1.27 12345678901

*The [option] Argument
The [option] argument can be one of many functions specified for calls originating from the router end of an X.25 connection. A partial list of these functions includes broadcast, compress, reverse, and windowsize.
The broadcast option must be used for routing protocols, like IP and IPX, that use broadcasts or multicasts to communicate with other routers. Therefore, the broadcast option is frequently applied.
Router(config-if)#x25 map ip 192.168.1.27 12345678901 broadcast

*Options and Arguments
Several options carry their own arguments. For example, if you specify windowsize, you must include the number of packets allowed for the input and output windows for outgoing calls. This is the format:
windowsize in-size out-size
The in-size packet value usually equals the out-size packet value. Both values must fall in the range 1–127, and both must be less than the value configured with the command x25 modolo, which we will discuss in a later section.
Router(config-if)#x25 map ip 192.168.1.27 12345678901 windowsize 54 54

Only one protocol and address pair is allowed per map, and only one X.25 map is allowed per interface.
If you want to reconfigure options with the x25 map command, you can re-enter the command with the desired options. You must do this for every specified protocol and address pair defined in the map.
Likewise, to delete the configurations created by the x25 map command, you must use the no keyword in front of the command for every protocol and address pair you want to delete.

Question 29

Question 30

Question 31

Question 32

Question 33

Topic 3.2.2: Optional Configurations

*Some Common Options
There are some X.25 configurations that are optional but frequently used. Of these, we will discuss the following:
  • x25 ips and x25 ops
  • x25 modulo
  • x25 win and x25 wout


*The Maximum Packet Size
The x25 ips command configures the maximum size of input packets. The x25 ops command configures the maximum size of output packets. Here is the command syntax for both commands:
Router(config-if)#x25 ips bytes
Router(config-if)#x25 ops bytes
Router(config-if)#x25 ips 512
Router(config-if)#x25 ops 512

*The Byte Count
bytes is the maximum byte count. Any of the following values are valid: 16, 32, 64, 128, 256, 512, 1024, 2048, or 4096. In almost all networks, the value configured for x25 ips must equal the value configured for x25 ops. If the x25 ips and x25 ops commands are not executed, the default maximum is 128 bytes.
Also, for both commands, the maximum size for the interface should match the maximum size for the network.
Router(config-if)#x25 ips 512
Router(config-if)#x25 ops 512

Generally, it is advantageous to use larger packet sizes. The larger the packet size, the less processing is needed.
But, if packets are too big, they must be split into smaller packets. This splitting of packets requires more processing at both ends of the connection, and thus negates the benefits of bigger packets.

*The Window Modulus
The x25 modulo command configures the window modulus. The window modulus, which is a tool for X.25 flow control, is the number of sliding windows allowed on the interface. This is the command syntax:
Router(config-if)#x25 modulo modulus
modulus is the number of sliding windows. This number can be 8 or 128. The default is 8. The modulus on both ends of the X.25 connection must be equal.
Router(config-if)#x25 modulo 8

*The Window Size
The commands x25 win and x25 wout configure the number of packets that a virtual circuit can send or receive before sending an acknowledgment. x25 win configures the incoming window size, and x25 wout configures the outgoing window size. For both commands, the interface window size must match the network window size. Here is the command syntax:
Router(config-if)#x25 win packets
Router(config-if)#x25 wout packets
Router(config-if)#x25 win 5
Router(config-if)#x25 wout 5

*Receiving and Acknowledging Packets
packets is the number of packets that can be received before sending an acknowledgment. The minimum is 1, and the maximum is one less than the modulus, which means 7 or 127, because the modulus is either 8 or 128.
In almost all X.25 connections, the x25 win packet number must equal the x25 wout packet number. The default for both commands is 2 packets. Because the x25 win and x25 wout limit traffic by limiting acknowledgments, they help maximize bandwidth.

*The Entire Configuration
This is the entire configuration, including optional commands.
Router(config)#service timestamps debug datetime msec
Router(config)#service timestamps log datetime msec
Router(config)#interface serial 0
Router(config-if)#description X.25 test interface
Router(config-if)#encapsulation x25
Router(config-if)#x25 address 12345678901
Router(config-if)#x25 map ip 192.168.1.27 12345678901 broadcast
Router(config-if)#x25 modulo 8
Router(config-if)#x25 ips 512
Router(config-if)#x25 ops 512
Router(config-if)#x25 win 5
Router(config-if)#x25 wout 5

Question 34

Question 35

Question 36

Question 37

Topic 3.3: Showing X.25 Configurations

*X.25 show Commands
There are many X.25 show commands. A partial listing includes show x25 interface, show x25 map, show x25 route, show x25 services, and show x25 vc. Instead of having one command with several arguments, as in ISDN, each X.25 parameter essentially has a separate show command.
We will discuss just one command:
show x25 interface
Router#show x25 interface

You can also use the more generic show commands, such as
  • Router#show running-config
  • Router#show startup-config
  • Router#show interfaces


*Displaying Virtual Circuit Information
The show x25 interface command displays output for one or more virtual circuits that are used for the X.25 interface. This is the command syntax:
Router#show x25 interface [serial number|cmns-interface mac mac-address]
The keyword serial is the interface type and number is the interface number. The cmns-interface mac mac-address refers to nonserial Connection-Mode Network Service. For this option, you need to supply the local CMNS interface type and number. CMNS interface types include Ethernet, Token Ring, or FDDI. You also need to include the MAC address of the remote device.
Router#show x25 interface serial 1

show x25 interface Output
Here is typical show x25 interface output.
Router# show x25 interface serial 0
SVC 1,  State: D1,  Interface: Serial0
  Started 00:11:21, last input 00:00:05, output never
  Connects 1234 <-> ip 1.2.3.4
  Call PID ietf, Data PID none
  Window size input: 7, output: 7
  Packet size input: 512, output: 512
  PS: 0  PR: 6  ACK: 1  Remote PR: 0  RCNT: 5  RNR: no
  P/D state timeouts: 0  timer (secs): 0
  data bytes 0/2508 packets 0/54 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0
SVC 32,  State: D1,  Interface: Serial0.11
  Started 00:14:01, last input 00:00:37, output 00:00:28
  Connects 1234 <-> clns
  Call PID cisco, Data PID none
  Window size input: 7, output: 7
  Packet size input: 512, output: 512
  PS: 5  PR: 4  ACK: 4  Remote PR: 4  RCNT: 0  RNR: no
  P/D state timeouts: 0  timer (secs): 0
  data bytes 378/360 packets 21/20 Resets 0/0 RNRs 0/0 REJs 0/0 INTs 0/0

Question 38

Question 39


* Exercise 1
Try configuring your router for X.25 transmission.

Examine the following table
Step Action
1 List the required commands to configure an X.25 network.
2 List the optional commands to configure an X.25 network.
3 Name at least one show command with which you can verify your configuration. Describe the expected output for this command.


Topic 3.4: Unit 3 Summary

In this unit you refreshed your memory on X.25 networks. X.25 uses existing phone networks, but adds flow control and error checking.
You configured an X.25 interface, and learned how to configure such flow control tools as windowing.
In the next unit, you'll configure an interface that does not incorporate flow control and error checking. You'll configure Frame Relay.

Unit 4. Frame Relay



In this last unit, you will study Frame Relay configuration. For Frame Relay, you will need to configure a main interface, and, more than likely, you will need to configure subinterfaces. You will also need to configure encapsulation, LMI types, and DLCI numbers for your interfaces and subinterfaces. For routing to occur, you may need to configure address-to-DLCI tables.
After this, you'll look at the show commands to verify your configurations and monitor Frame Relay operation.

After completing this unit, you should be able to:
  • Configure a main interface and subinterfaces

  • Configure encapsulation, LMI types, and DLCI numbers

  • Configure address-to-DLCI maps

  • List show commands to verify configuration and monitor Frame Relay operation


This unit provides information that is relevant to the following CCNA exam objective:
  • Recognize key Frame Relay terms and features

  • List commands to configure Frame Relay LMIs, maps, and subinterfaces

  • List commands to monitor Frame Relay operation in the router


Topic 4.1: A Review of Frame Relay

*A Typical Frame Relay Network
Shown here is a typical Frame Relay network. Frame Relay connects DTE devices to DCE devices. The DCE devices are the carrier equipment that supply clocking and switching functions to transfer data through the network.

*Frame Relay Topologies
Three types of topologies exist for connecting to a remote site using Frame Relay:
  • Full mesh
  • Partial mesh
  • Star


*Frame Relay Circuits
Frame Relay relies on virtual switching to define the logical path. The Frame Relay virtual circuit defines the connection between two DTE devices across a Frame Relay packet-switching network. Before data is transmitted, the logical path is assigned a specific bandwidth. Then, when actual data needs to be transmitted, bandwidth is allocated on a per-packet basis.
The FR (Frame Relay) circuit is assigned a DLCI (Data Link Connection Identifier).

*DLCI
The DLCI is a number that identifies the virtual circuit between the DTE device (usually a router) and the FR switch. The FR switch maps the DLCI between each set of two routers along the Frame Relay connection. In essence, this creates a PVC (permanent virtual circuit). The DLCI is included in the header of the Frame Relay frame.

*Local Management Interface
LMI (Local Management Interface) is the signaling standard between the DTE device and Frame Relay switch. Generally, it is responsible for managing the connection and maintaining status between the devices.
LMI is actually a set of extensions which apply to specific areas, such as global addressing, the status of virtual circuits, the status of data flow, and the assignment of multicasting groups.

*Subinterfaces
Subinterfaces are logically assigned subdivisions of the interface. To configure a subinterface, every virtual circuit is considered a point-to-point connection. In essence, then, the connection is similar to a leased line, or a PVC. There are two types of configuration for subinterfaces:
  • Point-to-point
  • Multipoint


*Point-to-Point Subinterfaces
A point-to-point subinterface consists of a single subinterface that makes a PVC connection to another interface, which can be either a subinterface or physical interface.
Each interface is assigned a single DLCI, and each point-to-point connection forms its own subnet (look at the DLCIs shown here).

*Multipoint Subinterface
A multipoint subinterface consists of a single subinterface that uses multiple PVCs to connect to multiple interfaces (physical interfaces or subinterfaces) on remote routers.
These multipoint subinterfaces share the same subnet, but each interface receives its own DLCI (look at the DLCIs shown here).

Question 40

Topic 4.2: Configuring Frame Relay

*Frame Relay Configuration
For our example, we will configure Frame Relay over a serial interface. The type of encapsulation will be Frame Relay.
As in previous units, our example assumes that one router is being configured, and that the IP address and PPP hostname for this router have been configured previously.

*Configure Timestamps
Also, like previous units, it is recommended that you configure the timestamps for log and debug messages and add a description.
Router(config)#service timestamps debug datetime msec
Router(config)#service timestamps log datetime msec
Router(config)#interface serial 0
Router(config-if)#description Frame Relay to service provider

Topic 4.2.1: Interface Configuration

*The Command Syntax
We begin by entering the interface configuration mode and configuring the encapsulation. This is the command syntax:
Router(config-if)#encapsulation frame-relay [cisco|ietf]
cisco is the Cisco proprietary encapsulation and is the default. This type uses a four-byte header. Two bytes of the header specify the DLCI, and the other two bytes specify the packet type. ietf is the encapsulation created for the IETF. This type should be used when connecting to a non-Cisco router across the FR network.
Router(config-if)#encapsulation frame-relay

*Specifying LMI Types
The frame-relay lmi-type command specifies one of three LMI (Local Management Interface) types to apply to the interface. This is the command syntax:
Router(config-if)#frame-relay lmi-type {ansi|cisco|q933a}
ansi is the type known as Annex D, which is specified in the ANSI T1.617 standard. cisco is the type defined by the "gang of four" (Cisco, Digital Equipment, Northern Telecom, and StrataCom). q933a is the type known as Annex A, as defined in ITU-T Q.933.
Router(config-if)#frame-relay lmi-type q933a

*Autosensing
For IOS versions 11.1 and earlier, the default type is cisco.
For post-11.1 IOS versions, there is no default type because the router automatically tries to learn the LMI type from the FR switch. This process is called autosensing.
Router(config-if)#frame-relay lmi-type ansi

*Overriding Autosensing
If you want to override autosensing, you must enter the frame-relay lmi-type and keepalive commands. This is the keepalive command syntax:
Router(config-if)#keepalive number
The number is 10 seconds by default. For LMI, this value must be less than the keepalive interval on the FR switch. Shown here is a configuration on a router with a post-11.1 version of IOS.
Router(config-if)#frame-relay lmi-type ansi
Router(config-if)#keepalive 15

Question 41

Question 42

Topic 4.2.2: Subinterface Configuration

*Subinterfaces
Subinterfaces are used to divide partially meshed FR networks into fully connected virtual interfaces, each of which can have an individual network number if needed. They also can serve as backup interfaces.

*Creating a Subinterface
The command to create a subinterface is almost the same as an interface. This is the syntax:
Router(config)#interface type number.subinterface-number {multipoint|point-to-point}
The number.subinterface-number is the interface number for which you are defining the subinterface, and an assigned subinterface number. Notice that you have to specify either multipoint or point-to-point.
Router(config)#interface type 0.1 point-to-point

*Assigning DLCI
The command frame-relay interface-dlci assigns the DLCI to a Frame Relay interface or subinterface. This command, like the other commands that follow in this section, can be applied to an interface or a subinterface. This is the command syntax:
Router(config-if)#frame-relay interface-dlci dlci [ietf|cisco]
dlci is the DLCI number. ietf and cisco are the encapsulation types for this interface or subinterface. Most of the time the encapsulation types are stated in a separate command, but you can use this to specify a different type.
Router(config-if)#frame-relay interface-dlci 300 ietf

*Point-to-Point Subinterfaces
This frame-relay interface-dlci command must be configured for point-to-point subinterfaces:
Router(config-if)#frame-relay interface-dlci dlci [ietf|cisco]
If used on main interfaces, this command allows the use of the routing protocols that rely on Inverse ARP. Also, this command allows the main interface to specify a single PVC which is especially suited for certain routing conditions.
Router(config)#interface serial 0.1 point-to-point
Router(config-if)#frame-relay interface-dlci 300 ietf

*Configuring Multipoint Subinterfaces
Certain multipoint subinterfaces must also use the frame-relay interface-dlci command. Like main interfaces, this command must be configured if the multipoint subinterface is using Inverse ARP to dynamically resolve addressing. If the multipoint subinterface uses the frame-relay map to create a static address map, then the frame-relay interface-dlci command is not needed.
Router(config)#interface serial 0.1 multipoint
Router(config-if)#frame-relay interface-dlci 300 cisco

Each interface and subinterface on a router can be configured for differing types of encapsulation.
If you do not specify another encapsulation type in another command, such as frame-relay interface-dlci, the type specified in the encapsulation frame-relay command will be used.
Router(config)#interface serial 0
Router(config-if)#frame-relay interface-dlci 300
...
Router(config)#interface serial 0.1 point-to-point
Router(config-if)#frame-relay interface-dlci 310 ietf

*Configuring Bandwidth Value
The bandwidth command configures an optimal bandwidth value. It does not change the physical bandwidth of the Frame Relay connection. This is the command syntax:
Router(config-if)# bandwidth kilobits
Bandwidth is used as a metric in routing protocols such as IGRP.
Router(config-if)# bandwidth 256

Question 43

Question 44

Question 45

Topic 4.2.3: Optional Configurations

*Defining the Map
The frame-relay map command defines the map, which matches the DLCI to the destination protocol address. Frame Relay uses the DLCI to connect to the destination. You would probably want to do this for these reasons:
  • If Inverse ARP is not supported by the remote router
  • If configuring OSPF over Frame Relay
  • If you want to control broadcast traffic


*The Command Syntax
This is the frame-relay map command syntax:
Router(config-if)#frame-relay map protocol protocol-address dlci [broadcast] [ietf|cisco] [payload-compress {packet-by-packet|frf9 stac [hardware-options]}]
Router(config-if)#frame-relay map ip 192.168.1.27

*The protocol
The protocol and protocol-address represents the destination. Valid protocols are AppleTalk, DECnet, DLSw (data-link switching), IP, IPX, LLC2, RSRB (remote source-route bridging), VINES and XNS.
The dlci is the number assigned to the specified protocol address on the interface.
The keyword broadcast tells the router to forward broadcasts to the specified address if there is no multicasting protocol enabled. The keywords ietf and cisco are the encapsulation types, which you may wish to configure specifically for a subinterface.
Router(config-if)#frame-relay map ip 192.168.1.27 broadcast

*Some Options
The options [payload-compress {packet-by-packet|frf9 stac [hardware-options]}] are related to each other.
payload-compress packet-by-packet means that the Stacker protocol will be used to compress on a packet-by-packet basis.
Router(config-if)#frame-relay map ip 192.168.1.27
payload-compress packet-by-packet

*Breaking Down the Command
payload-compress frf9 stac means that the Stacker protocol will compress packets according to the Frame Relay Forum FRF.9 guidelines.
The hardware-options can be either distributed, software, or csa csa_number. The software option tells the router to use the compression stored in its main processor. The distributed option can be used only on Cisco 7500 series routers and the csa csa_number option can only be used on Cisco 7200 series routers.
Router(config-if)#frame-relay map ip 192.168.1.27
payload-compress frf9 stac software

*Enabling Inverse ARP
Because the router uses Inverse ARP to receive information from DLCIs to create its Frame Relay map table, you need to make sure Inverse ARP is enabled. This is the command syntax for doing this:
Router(config-if)#frame-relay inverse-arp [protocol] [dlci]
protocol is any of the protocols that support Inverse ARP. These include AppleTalk, DECnet, IP, IPX, VINES, and XNS. The dlci is the DLCI number, which must be in the range 16–1007.
Router(config-if)#frame-relay inverse-arp ip 320

*Maximizing LMI Performance
There is a set of commands that maximize LMI performance on DTE and DCE devices. Here is a list of these commands, all of which are executed in the interface configuration mode:
  • frame-relay lmi-n391dte keep-exchanges — configures the full status polling interval on a DTE or NNI
  • frame-relay lmi-t392dce timer — configures a polling verification timer on a DCE or NNI
  • frame-relay lmi-n392dce threshold — configures the error threshold for DCE and NNIs (Network-to-Network Interface)
  • frame-relay lmi-n392dte threshold — configures the error threshold for DTEs and NNIs
  • frame-relay lmi-n393dce events — configures the count of DCE and NNI monitored events
  • frame-relay lmi-n393dte events — configures the count of DTE and NNI monitored events


*A Configuration Sample
This is a sample configuration, which uses many of the optional commands.
Router(config)#service timestamps debug datetime msec
Router(config)#service timestamps log datetime msec
Router(config)#interface serial 0
Router(config-if)#description Frame Relay to service provider
Router(config-if)#encapsulation frame-relay
Router(config-if)#frame-relay lmi-type ansi
Router(config-if)#keepalive 15
Router(config-if)#frame-relay interface-dlci 300 ietf
Router(config-if)#frame-relay map ip 192.168.1.27 broadcast
Router(config-if)# bandwidth 1514
...
Router(config)#interface type 0.1 point-to-point
Router(config-if)#description Frame Relay subinterface point-to-point
Router(config-if)#frame-relay interface-dlci 310 ietf
Router(config-if)#frame-relay map ip 192.168.1.27
 payload-compress frf9 stac software
Router(config-if)# bandwidth 256
...
Router(config)#interface type 0.2 multipoint
Router(config-if)#description Frame Relay subinterface multipoint
Router(config-if)#frame-relay interface-dlci 320 ietf
Router(config-if)#frame-relay map ip 192.168.1.27
Router(config-if)#frame-relay inverse-arp ip 320
Router(config-if)# bandwidth 128

Question 46

Question 47

Question 48

Question 49

Topic 4.3: Showing Frame Relay Configuration

*Monitoring Frame Relay Operation
There are several commands which you can use to show configuration and to monitor Frame Relay operation. On the next page is a table describing nine of these commands. However, we will just discuss the following three:
  • Router#show interfaces serial
  • Router#show frame-relay lmi
  • Router#show frame-relay map


*Displaying Frame Relay Configuration and Operation
Here are the commands for displaying Frame Relay configuration and operation.
Examine the following table
Command Description
clear frame-relay-inarp Clears Frame Relay maps, which are dynamically created by Inverse ARP
show frame-relay lapf Shows LAPF status
show frame-relay lmi [type number] Shows LMI statistics
show frame-relay map Shows current map entries
show frame-relay pvc [type number [dlci]] Shows PVC statistics
show frame-relay route Shows configured static routes
show frame-relay svc maplist Shows SVCs for a specific map list
show frame-relay traffic Shows FR traffic statistics
show interfaces serial number Shows DLCI and LMI information


show interfaces serial Output
This is show interfaces serial output. The DLCI number is 1023, the LMI type is CISCO, and the interface is acting as the DTE.
Router# show interface serial 1
Serial1 is up, line protocol is down
  Hardware is MCI Serial
  Internet address is 198.168.17.27, subnet mask is 255.255.255.0
  MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 246/255, load 1/255
  Encapsulation FRAME-RELAY, loopback not set, keepalive set (10 sec)
  LMI enq sent  2, LMI stat recvd 0, LMI upd recvd 0, DTE LMI down
  LMI enq recvd 266, LMI stat sent  264, LMI upd sent  0
  LMI DLCI 1023  LMI type is CISCO  frame relay DTE
  Last input 0:00:04, output 0:00:02, output hang never
  Last clearing of "show interface" counters 0:44:32
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
  Five minute input rate 0 bits/sec, 0 packets/sec
  Five minute output rate 0 bits/sec, 0 packets/sec
     307 packets input, 6615 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
     0 input packets with dribble condition detected
     266 packets output, 3810 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets, 0 restarts
     178 carrier transitions

show frame-relay lmi Output
This is show frame-relay lmi output. Most of the output is self-explanatory, but we'll go over a few points here.
Invalid Prot Disc 0 indicates no LMI messages were received that had an invalid protocol discriminator. Num Status Enq. Sent 9 indicates that nine LMI status inquiry messages were sent. Num Status Timeouts 9 indicates that on nine occasions the status messages were not received within the specified keepalive time.
Router# show frame-relay lmi
LMI Statistics for interface Serial1 (Frame Relay DTE) LMI TYPE = ANSI
  Invalid Unnumbered info 0             Invalid Prot Disc 0
  Invalid dummy Call Ref 0              Invalid Msg Type 0
  Invalid Status Message 0              Invalid Lock Shift 0
  Invalid Information ID 0              Invalid Report IE Len 0
  Invalid Report Request 0              Invalid Keep IE Len 0
  Num Status Enq. Sent 9                Num Status msgs Rcvd 0
  Num Update Status Rcvd 0              Num Status Timeouts 9

show frame-relay map Output
The next command is show frame-relay map. Here is some sample output.
The destination address is 192.168.177.177. The DLCI number in decimal format is 177, in hexadecimal format is 0xB1, and in wire format is 0x2C10. The route entry is static route and the encapsulation is CISCO. The TCP/IP header was inherited from the interface instead of being actively configured.
Router# show frame-relay map
Serial 1 (administratively down): ip 192.168.177.177
dlci 177 (0xB1,0x2C10), static,
broadcast,
CISCO
TCP/IP Header Compression (inherited), passive (inherited)

Question 50

Question 51

Question 52


* Exercise 1
Try configuring your router for Frame Relay.

Examine the following table
Step Action
1 Draw a router that is interfacing your network and a Frame Relay network, which connects to another network. Identify on your drawing the DTEs and DCEs. Assign a DLCI to each network.
2 Assume your network has a partial-mesh topology. You will need one main interface and two subinterfaces to make a fully connected Frame Relay interface.
List the minimum commands to configure the given parameters.
3 List the optional commands to optimize Frame Relay performance.
4 State four show commands. For two of these commands, list some of the parameters displayed in the output.


Topic 4.4: Unit 4 Summary

In this unit, you configured Frame Relay interfaces and subinterfaces. You learned that you need to configure interfaces, subinterfaces, LMI types, DLCI numbers, and address-to-DLCI maps.
In this course, you examined the configurations for ISDN, X.25, and Frame Relay. In effect, this course required you to know and apply many courses' worth of theory and practice.

Unit 5. Switches



As you've learned in earlier courses, most switches work on the Data Link layer of the OSI reference model. Like bridges and routers, switches segment networks.
In this unit, you will study LAN switch commands for the Cisco Catalyst 1900, 2820, and 2900 switches.
Switch commands are similar to router commands because these switches use a version of the Cisco IOS.

After completing this unit, you should be able to:
  • Configure switches for basic administration tasks

  • Configure switches for SNMP, port security, and VLANs

  • Use the ? command to list available commands and the show command to check the switch configuration


This unit provides information that is relevant to the following CCNA exam objectives:
  • Describe the benefits of network segmentation with switches

  • Describe the operation of the Spanning Tree Protocol and its benefits

  • Describe the benefits of virtual LANs


Topic 5.1: A Review of Switches

*Review of Basics
A switch is a network device that operates on the Data Link layer of the OSI model. Switches are very similar to bridges, but are faster and provide a greater range of capabilities.
Like bridges, switches learn the network topology and calculate the spanning tree by studying the source addresses of the frames they receive.
The information gathered is stored in an address table that associates an address with a port.

*Switches Use Tables
When a switch receives a frame, it reads the destination address of the frame. Then the switch looks up the destination address in its address table to see which port is associated with the address.
If the port from the table is the same port from which the frame originated, the switch filters (discards) the frame. Otherwise, the frame is forwarded to the port listed in the table.

*Switches Are Speedy
Switches are faster than bridges when it comes to filtering and forwarding frames. One reason for this is that switches are not as software-dependent as bridges, and much of the switching process takes place in the hardware.
Switches also have the capability of using different switching methods, such as store-and-forward and cut-through.

*Logical Grouping of Nodes
Switches have the ability to simulate the breakup of a broadcast domain (local area). They do this by defining a group of nodes to be a VLAN (virtual LAN). A VLAN is a logical grouping of network nodes that may be on different LAN segments, but can communicate as if they were on the same segment. Broadcasts and multicasts in a VLAN are only forwarded to nodes within the same VLAN as the originating node.

*Assigning Nodes to VLANs
VLAN nodes may be assigned to a VLAN based on switch port numbers, MAC addresses, logical addresses, or the protocols used by the nodes. The choice of which method to use depends largely on implementation needs and vendor capabilities. Nodes in a VLAN may be on the same segment, different segments, different floors, or even different buildings. Regardless of their location, VLAN nodes share a single broadcast domain.

*Separate Spanning Trees
Since VLANs simulate a separate LAN, each VLAN needs to calculate a separate spanning tree to prevent bridging loops.
A spanning tree establishes a root node and ensures there is only one path to any destination.
Network devices exchange information so that loops can be removed and in case the root path fails, a new network topology can be structured from the redundant paths.

Question 53

Topic 5.2: Configuring Switches

*Command-Line Interfaces
Like routers, switches have four main command-line interface (CLI) modes:
Examine the following table
Mode Prompt
User exec switch>
Privileged exec switch#
Global configuration switch(config)#
Interface configuration switch(config-if)#

The CLI modes for switches use the same prompts and organize commands in a similar fashion to routers.

*Entering User Exec Mode
When you first log on to the switch the User Interface menu appears. Press K to enter CLI mode.
The CLI session starts in user exec mode. User exec mode can be used for monitoring and performing simple functions that cannot harm the network.
User Interface menu
[M] Menus
[K] Command Line
[I] IP Configuration
Enter Selection: K
switch>
*Privileged Exec Mode
The privileged exec mode can be used for configuring switch operating parameters and verifying commands.
Use the enable command from user exec mode to enter privileged exec mode.
switch> enable
switch#
*Global Configuration Mode
The global configuration mode is used for configuration that applies to the whole switch.
To enter global configuration mode use the config terminal command from the privileged prompt.
switch# config terminal
switch(config)#
*Interface Configuration Mode
The interface configuration mode is used to configure the LAN and WAN interfaces of the switch.
switch# config terminal
switch(config)#

Question 54

Topic 5.2.1: Basic Administration

*Basic Configuration
Just like router configuration, switches can be configured for passwords, hostnames, and banners. And, just like router configuration, these basic configuration commands take place in the global configuration mode.
However, unlike routers, switches are given an IP address and default gateway in global configuration mode.
These configurations described in this section are optional, but highly recommended.

*User Exec Mode Password
This is the command syntax to configure the user exec mode passwords used at switch login:
Console(config)# enable password level [1-14] password
The user exec mode passwords are not case-sensitive and must be between 4 to 8 characters long. These passwords are not encrypted.
Console(config)# enable password level 1 userpass

*Privileged Exec Mode Password
This is the command syntax to configure the unencrypted password for entering privileged exec mode from user exec mode:
Console(config)# enable password level 15 password
The privileged exec mode password is not case-sensitive and must be between 4 to 8 characters long.
Console(config)# enable password level 15 privpass

*Enable Secret Password
This command syntax is used to configure a more secure encrypted password for entering privileged exec mode from user exec mode:
Console(config)# enable secret password
The enable secret password will override the level 15 enable password if set. This password is case-sensitive and can be between 1 to 25 characters in length.
Console(config)# enable secret privilegedpass

*Hostname
Like routers, you can configure a system (i.e., switch) hostname.
This is the command syntax for setting a system hostname:
Console(config)# hostname name
Console(config)# hostname switchA
switchA(config)#

*IP Addressing
By default, a switch will work without IP configuration. However, if you want to Telnet into the switch or use network functions like VLANs you need to configure the switches IP addressing. The command syntax for assigning an IP address is:
switchA(config)# ip address ip-address mask
The command syntax for assigning a default gateway is:
switchA(config)# ip default-gateway ip-address

switchA(config)# ip address 192.168.3.123 255.255.255.0
switchA(config)# ip default-gateway 192.168.1.200

*MOTD Banner
The last recommended configuration involves the message-of-the-day banner, which appears at login. This is the command syntax:
switchA(config)# banner motd c [text] c
The two c characters represent delimiting characters. They delimit the actual text of the banner and cannot be used inside the text. Text length is limited to 255 characters. Although illogical, you can execute this command without the optional text.
switchA(config)# banner motd $
Welcome to switch configuration and management $

Question 55

Question 56

Topic 5.2.2: Interface Configuration

*Interface Configuration
So far, the configurations you've examined are useful for administering a switch. They did not change the ways to make your switch move data across networks.
However, the following sections will teach the commands necessary to make your switch function correctly and optimally in a network.

*Switch Interfaces
Cisco switches can contain various types and amounts of interfaces. Similar to routers, the interface types can be Ethernet, Fast Ethernet, FDDI, or ATM. The following sections use examples for the Cisco Catalyst 1900 switches.
Depending on what model, the Catalyst 1900 switches can contain either 12 or 24 full-duplex 10BaseT Ethernet ports. All 1900 models contain 2 full-duplex 100BaseT fast Ethernet uplinks and 1 AUI (Attachment Unit Interface ).

*The Interface Command
Like routers, use the interface command to specify the interface you want to configure. This will put you into interface configuration mode for that interface. The interface command has the following syntax:
switchA(config)# interface type module/port
On the 1900 switch, the argument type can be ethernet or fastethernet. The module is always 0 and the port can be numbers 1-24 for Ethernet and 26-27 for Fast Ethernet.
switchA(config)# interface ethernet 0/1
switchA(config-if)#
switchA(config)# interface fastethernet 0/26
switchA(config-if)#

By default, all interfaces on a switch are running. Like routers, use the shutdown command from interface configuration mode to disable an interface. An interface disabled by the administrator is called administratively down.
To bring the interface back up, use the no shutdown command from interface configuration mode.

*Interface Description
You can configure an interface description with the following syntax:
switchA(config-if)# description name
Enclose the name in quotation marks if you want to include spaces.
switchA(config-if)# description "File Server"

*Port Duplex
By default, the 1900 switch 10BaseT ports come in half-duplex mode and the 100BaseT ports are set to auto detect the duplex of the other end. To change the port duplex use this command syntax:
switchA(config-if)# duplex type
Duplex type may be half, full, full-flow-control,or auto. To use flow control with full duplex use full-flow-control.
switchA(config-if)# duplex full

Question 57

Question 58

Topic 5.2.3: SNMP

*SNMP Communities
Configuring SNMP requires setting community strings and traps on the primary LAN switch. Use the following command syntax to set community strings:
switchA(config)# snmp-server community string access-type
The argument access-type is the type of access available to the community: choices are ro (read-only) and rw (read-write). If the access-type is not specified it will default to read-only. The argument string is often public, private, or secret, but it can be any name that refers to your SNMP community.

switchA(config)# snmp-server community public ro
switchA(config)# snmp-server community private rw

*SNMP Traps
The snmp-server enable-trap command enables and disables SNMP entries into the authentication trap receiver table. This is the syntax:
switchA(config)# snmp-server enable traps [all|authentication|link-up-down|address-violation|bsc|vtp]
Inserting no in front of the command will disable the trap. Use the set of commands shown to enable or disable traps on the primary LAN switch.

switchA(config)# snmp-server enable traps all
switchA(config)# snmp-server enable traps authentication
switchA(config)# snmp-server enable traps link-up-down
switchA(config)# snmp-server enable traps address-violation
switchA(config)# no snmp-server enable traps bsc
switchA(config)# no snmp-server enable traps vtp

Question 59

Question 60

Topic 5.3: Security

*Interface Security
Switches can be used to add security by restricting clients access to the network. One way to configure security on the switch is to restrict the number of clients allowed on a switch interface. Use the following command syntax to limit the amount of hardware addresses on a port:
switchA(config-if)# port secure max-mac-count count
By default, interfaces can accept 132 addresses, the maximum amount. The argument count can be 1 to 132.
switch(comfit-if)# port secure max-Mac-count 2

*Assigning Permanent Addresses
Another way to add security is to configure a port to only accept a permanent MAC (hardware) address that you assign. The command syntax is:
switchA(config)# mac-address-table permanent mac-address interface
Delete a permanent MAC address by using the no mac-address-table permanent command.
switchA(config)# mac-address-table permanent
0230.B70A.2F43 ethernet 0/1

*Restricted Static Interfaces
You can also restrict the traffic a particular hardware address can receive through the switch. This command syntax will allow incoming frames, containing a particular hardware address, to be forwarded to the destination interface only if they are from specified source interfaces:
switchA(config)# mac-address-table restricted static mac-address destination-interface source-interface-list
The following example will only allow interfaces 0/3 and 0/4 on the switch to forward traffic bound for 0510.B718.2A54 on interface 0/2.
switchA(config)# mac-address-table restricted static
0510.B718.2A54 ethernet 0/2 ethernet 0/3 ethernet 0/4

Topic 5.4: VLANs

*Enabling VLANs
Configuring VLANs on a switch requires enabling the VLAN and then assigning ports to the VLAN. To enable and name a VLAN use the following command syntax:
switchA(config)# vlan vlan-ID name vlan-name
The vlan-ID may be any number between 1 and 1005. The vlan-name argument can be any identifying name. By default, all ports on the switch are members of VLAN 1.

*Assigning Ports to VLANs
Assign a VLAN to a port through interface configuration mode using the following command syntax:
switchA(config-if)# vlan-membership static vlan-ID

switchA(config)# vlan 2 name Development
switchA(config)# interface ethernet 0/4
switchA(config-if)# vlan-membership static 2

*Trunking
Trunking allows a switch interface to carry multiple VLANs. To enable trunking on  a Fast Ethernet switch uplink port use the following command syntax:
SwitchA(config-if)# trunk on
By default, all VLANs will be carried on an interface where trunking is enabled.
SwitchA(config)# interface fastethernet 0/26
SwitchA(config-if)# trunk on

Question 61

Question 62

Topic 5.5: Correcting Configurations

*Restoring Configurations
Like routers, Cisco switches use a running configuration stored in DRAM. However, unlike routers, switches will automatically save any changes you make on the running configuration to NVRAM. If you've incorrectly configured your switch, you can either modify individual configurations or restore a previous configuration from a TFTP server. This is the command syntax:
switchA# copy tftp://host/src_file nvram
The argument host is the host address and the argument src_file is file name of the configuration on the TFTP server. You can also use the copy nvram tftp://host/src_file command to back up the current configuration.
switchA# copy tftp://192.168.3.172/1900bkup.cfg nvram
TFTP successfully downloaded configuration file
switchA#
*Clearing NVRAM
However, you may simply want to clear the running configuration and return to the switches default factory settings. You do this with the delete nvram command.
To reset the switch, just enter the following:
switchA# delete nvram
After issuing this command, the CLI will prompt you whether you really want to do this.
switchA# delete nvram
This command resets the switch with factory defaults. All parameters
will revert to their default factory settings. All static system and
dynamic addresses will be removed.
Reset system with factory defaults, [y]es or [n]o? y

The command delete nvram will restore the system to factory defaults except for any VTP configurations that were made.
To completely restore everything to factory defaults you must use the delete vtp command to delete any VTP information as well.

Question 63

Question 64

Topic 5.6: Help Commands

*Getting Help
Just like router CLI, the ? command lists the possible commands available to your switch. The possible commands are limited by what CLI mode you are in. The help command will also list the available commands.
switchA(config-if)# ?
Interface configuration commands:
cdp              Cdp interface subcommands
description      Interface specific description
duplex           Configure duplex operation
exit             Exit from interface configuration mode
help             Description of the interactive help system
no               Negate a command or set its defaults
port             Perform switch port configuration
shutdown         Shutdown the selected interface
spantree         Spanning tree subsystem
vlan-membership  VLAN membership configuration

*Listing Command Arguments
You may have noticed that you can enter a command followed by a question mark for a list of available arguments for the command.

switchA(config)# mac-address-table ?
aging-time       Aging time of dynamic addresses
permanent        Configure a permanent address
restricted       Configure a restricted address

*Abbreviating Commands
As with router CLI, commands may also be abbreviated in switch CLI to simplify typing. The abbreviated command shown below is identical to interface ethernet 0/1?
switchA(config)# int e0/1
switchA(config-if)#

Question 65

Question 66

Topic 5.7: Showing Switch Configurations

*Show Information
The show commands for switches are like those for routers. They are used to check the status of the switch configuration. The list of show commands for switches is displayed when you enter show ? in privileged exec mode.

switchA# show ?
bridge-group......... Display port grouping using bridge groups
cdp                   Cdp information
cgmp                  Cgmp information
history               Display the session command history
interfaces            Interface status and configuration
ip                    Display IP configuration
line                  Display console/RS-232 port configuration
mac-address-table     MAC forwarding table
port                  Display port information
running-config        Show current operating configuration
snmp                  Display snmp related information
spantree              Spanning tree subsystem
spantree-option       Show STP port option parameter
spantree-template     Show STP bridge template parameters
storm-control         Show broadcast storm control configuration
tacacs                Shows tacacs+ server configuration
terminal              Display console/RS-232 port configuration
tftp                  TFTP configuration and status
trunk                 Display trunk information
uplink-fast           Uplink Fast
usage                 Display usage summaries
version               System hardware and software status
vlan                  Show VLAN information
vlan-membership       Show VLAN membership information
vtp                   VLAN trunk protocol

*Show Mac Address Table
As an example, enter the following to see the switch's frame filtering table:
switchA# show mac-address-table
This command shows the MAC addresses connected to the switches ports. A dynamic address type means that that the switch added the address to the filter table when it received a frame from the host connected to the port. The permanent and static addresses were assigned by previous commands in the Security section.

SwitchA# show mac-address-table
Number of permanent addresses :1
Number of restricted static addresses :1
Number of dynamic addresses :3
Address           Dest Interface    Type         Source Interface
-----------------------------------------------------------------
00D0.5868.F583    Ethernet 0/3      Dynamic      All
00E0.1E74.6ADA    Ethernet 0/5      Dynamic      All
0230.B70A.2F43    Ethernet 0/1      Permanent    All
0060.47D5.2770    Ethernet 0/4      Dynamic      All
0510.B718.2A54    Ethernet 0/2      Static       Et0/3,Et0/4
switchA#

Question 67


* Exercise 1
Try configuring your Catalyst switch.

Examine the following table
Step Action
1 Configure your switch for user exec mode and enable secret passwords, system hostname, IP addressing, and a message-of-the-day banner.
2 Configure a description and the port duplex for various interfaces on the switch.
3 Configure a permanent address, a static address, and VLANs for switch security.
4 Use the ? command to list commands at each CLI mode and to list arguments for the show command. Use the show command with different arguments to check the switch's status.


Topic 5.8: Unit 5 Summary

In this unit, you investigated the commands for switch configurations.
You discovered that a great many switch commands are similar to router commands because they both use a version of the Cisco IOS.
In the next unit, you'll learn some tricks in troubleshooting your configurations.

Unit 6. Troubleshooting



As you become more and more advanced in configuring routers and switches, and as your network grows in size and complexity, the chances for error also increase.
Throughout the previous courses, we have provided tips for troubleshooting while discussing other topics. In this last unit, however, you will investigate troubleshooting as the main topic.
In this unit, you'll examine router commands, and software and hardware tools for troubleshooting your network.

After completing this unit, you should be able to:
  • List router commands, such as show, debug, ping, and trace, that aid in troubleshooting

  • Name software tools that monitor and evaluate network activity

  • Describe equipment that tests hardware and physical connectivity


This unit provides information that is relevant to the following CCNA exam objectives:
  • Examine router elements

  • Verify IP addresses

  • Identify the functions performed by ICMP


Topic 6.1: Commands for Router Troubleshooting

*Router Diagnosis Commands
Some of the commands that you already have seen are great for diagnosing router problems. These are the commands:
Examine the following table
    show     ping     trace
    debug     Telnet

We will describe each of these separately over the next few pages.

Topic 6.1.1: show Commands

*Diagnosis with show
The show commands are simple to use and informative. In this section, we'll discuss the following commands:
  • show interfaces
  • show controllers
But, you should also consider the  show commands for troubleshooting listed on the following pages.

*Useful show Commands
Now, let's look at some show commands.
Examine the following table
Command Description
show buffers Displays information about router buffer pools.
show flash Displays information about the Flash memory, which stores the IOS software. The Flash can save multiple files containing different versions of the IOS.
show memory Displays memory statistics for a particular router. An example of a memory statistic is the memory free pool.
show processes Displays the status of active processes. The output for this command is quite extensive.


*More show Commands
Here are some other show commands you may encounter.
Examine the following table
Command Description
show running-config Displays the configuration parameters that are currently running in terminal memory, including IOS version, router hostname, and router IP address.
show stacks Displays the stack utilization of processes and the levels of interrupts, and the reason for last reboot. This output is especially useful when talking to Cisco technical support.
show starting-config Displays the backup configuration file, which contains such parameters as IOS version, router hostname, passwords, and NVRAM usage.
show version Displays the IOS version that is running, length of time the system has been up and running, name and origin of the system image file (boot file), and names and location of configuration files.


Question 68

Question 69

*Interface Troubleshooting
Now, back to specifics. The show interfaces command displays real-time statistics about each configured interface.
The show interfaces command is useful because it shows the activity of a specific interface, which is invaluable in determining whether the interface is functioning correctly.
It also shows if any interface configuration parameters have changed.
Router# show interfaces

*Interface Statistics
Statistics for show interfaces include:
  • State of an interface
  • Maximum transmission units
  • MAC address for the LAN card (e.g., Ethernet, Token Ring, or FDDI interface)
  • Encapsulation type
  • Number of packets received
  • Number of input and output packet errors
  • Number of collisions detected (on an Ethernet interface)

Router#show interfaces
Ethernet 1 is up, line protocol is up
  Hardware is MCI Ethernet, address is 3214.ac00.220b
(bia 03214.ac00.220b)
  Internet address is 182.168.3.27, subnet mask is
255.255.255.0
  MTU 1500 bytes, BW 10000 Kbit, DLY 100000 usec, rely
255/255, load 1/255
  Encapsulation ARPA, loopback not set, keepalive set
(10 sec)
  ARP type: ARPA, ARP Timeout 4:00:00
  Last input 0:00:00, output 0:00:00, output hang never
  Last clearing of "show interface" counters 0:00:00
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
  Five minute input rate 0 bits/sec, 0 packets/sec
  Five minute output rate 2000 bits/sec, 4 packets/sec
     1126466 packets input, 447221251 bytes, 0 no buffer
     Received 314125 broadcasts, 0 runts, 0 giants
     0 input errors, 0 CRC, 0 frame, 0 overrun,
0 ignored, 0 abort
     5132142 packets output, 491316039 bytes, 0
underruns
     0 output errors, 422 collisions, 0 interface
resets, 0 restarts
---More---
*Specific Interface Statistics
Furthermore, the show interfaces command can be made more interface-specific. Here are just a few examples:
  • show interfaces ethernet
  • show interfaces serial
  • show interfaces fddi

Router# show interface serial 1
Serial1 is up, line protocol is down
  Hardware is MCI Serial
  Internet address is 192.168.1.27, subnet mask is 255.255.255.0
  MTU 1500 bytes, BW 1544 Kbit, DLY 20000 usec, rely 246/255,
load 1/255
  Encapsulation FRAME-RELAY, loopback not set, keepalive set
(10 sec)
  LMI enq sent  2, LMI stat recvd 0, LMI upd recvd 0,
DTE LMI down
  LMI enq recvd 266, LMI stat sent  264, LMI upd sent  0
  LMI DLCI 1023  LMI type is CISCO  frame relay DTE
  Last input 0:00:04, output 0:00:02, output hang never
  Last clearing of "show interface" counters 0:44:32
  Output queue 0/40, 0 drops; input queue 0/75, 0 drops
  Five minute input rate 0 bits/sec, 0 packets/sec
  Five minute output rate 0 bits/sec, 0 packets/sec
     307 packets input, 6615 bytes, 0 no buffer
     Received 0 broadcasts, 0 runts, 0 giants
     0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored,
0 abort
     0 input packets with dribble condition detected
     264 packets output, 3794 bytes, 0 underruns
     0 output errors, 0 collisions, 2 interface resets,
0 restarts
     162 carrier transitions

*Router Controller Information
In an earlier course, you learned that show controllers displays information about interface card controllers.
This means you can use this command to determine the size of the transmit queue available to the interface specified on SCI and MCI serial interface cards, and whether your router has DCE or DTE cabling.
Router#show controllers

*Interface Controller Information
This command also can be directed to specific interfaces or controllers. For example, the show controllers command shows information about all the controllers for your router: The show controllers serial command shows information about all serial controllers. And the show controller serial 2 command shows information about a specific controller.
Router#show controllers bri 0

BRI unit 0
D Chan Info:
Layer 1 is ACTIVATED
idb 0x32089C, ds 0x3267D8, reset_mask 0x2
buffer size 1524
RX ring with 2 entries at 0x2101600 : Rxhead 0
00 pak=0x4122E8 ds=0x412444 status=D000 pak_size=0
01 pak=0x410C20 ds=0x410D7C status=F000 pak_size=0
TX ring with 1 entries at 0x2101640: tx_count = 0,
tx_head = 0, tx_tail = 0
00 pak=0x000000 ds=0x000000 status=7C00 pak_size=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns
B1 Chan Info:
Layer 1 is ACTIVATED
idb 0x3224E8, ds 0x3268C8, reset_mask 0x0
buffer size 1524
RX ring with 8 entries at 0x2101400 : Rxhead 0
00 pak=0x421FC0 ds=0x42211C status=D000 pak_size=0
01 pak=0x4085E8 ds=0x408744 status=D000 pak_size=0
02 pak=0x422EF0 ds=0x42304C status=D000 pak_size=0
03 pak=0x4148E0 ds=0x414A3C status=D000 pak_size=0
04 pak=0x424D50 ds=0x424EAC status=D000 pak_size=0
05 pak=0x423688 ds=0x4237E4 status=D000 pak_size=0
06 pak=0x41AB98 ds=0x41ACF4 status=D000 pak_size=0
07 pak=0x41A400 ds=0x41A55C status=F000 pak_size=0
TX ring with 4 entries at 0x2101440: tx_count = 0,
tx_head = 0, tx_tail = 0
00 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
01 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
02 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
03 pak=0x000000 ds=0x000000 status=7C00 pak_size=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns
B2 Chan Info:
Layer 1 is ACTIVATED
idb 0x324520, ds 0x3269B8, reset_mask 0x2
buffer size 1524
RX ring with 8 entries at 0x2101500 : Rxhead 0
00 pak=0x40FCF0 ds=0x40FE4C status=D000 pak_size=0
01 pak=0x40E628 ds=0x40E784 status=D000 pak_size=0
02 pak=0x40F558 ds=0x40F6B4 status=D000 pak_size=0
03 pak=0x413218 ds=0x413374 status=D000 pak_size=0
04 pak=0x40EDC0 ds=0x40EF1C status=D000 pak_size=0
05 pak=0x4113B8 ds=0x411514 status=D000 pak_size=0
06 pak=0x416ED8 ds=0x417034 status=D000 pak_size=0
07 pak=0x416740 ds=0x41689C status=F000 pak_size=0
TX ring with 4 entries at 0x2101540: tx_count = 0,
tx_head = 0, tx_tail = 0
00 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
01 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
02 pak=0x000000 ds=0x000000 status=5C00 pak_size=0
03 pak=0x000000 ds=0x000000 status=7C00 pak_size=0
0 missed datagrams, 0 overruns, 0 bad frame addresses
0 bad datagram encapsulations, 0 memory errors
0 transmitter underruns

Question 70

Question 71

Question 72

Topic 6.1.2: debug Commands

*Enabling debug Information
The debug commands are informative, but potentially harmful to your network. The harm results from the prolific output of some debug commands, and the resulting drain on network resources.
Unlike show commands, debug commands are enabled for use, and disabled when no longer needed.
router#debug ip igrp events 192.168.3.23
router#no debug ip igrp events 192.168.3.23

*Useful debug Commands
Other useful debug commands to consider include these:
  • debug ip igrp events — displays source and destination of IGRP routing updates and  number of routes in each update.
  • debug ip igrp transactions — displays IGRP transactions including information about individual routes. This produces a lot of output, especially compared to debug ip igrp events.
  • debug ipx routing — displays information about IPX routing packets sent and received by a router. This command is useful in internetworks that consist of more than 50 networks. In such situations, the router, which can include only 50 entries in an update of its routing table, would have to send more than one update packet for every update interval.
  • debug ipx sap — displays information about SAP packets. This command can use either the events or activities argument. For better troubleshooting use both debug ipx sap and debug ipx routing.

Router#debug ipx routing
IPX routing debugging is on
...
IPXRIP: update from 9876.0246.7a8b.1492
        111234 in 1 hops, delay 2
IPXRIP: sending update to 3030.ffff.ffff.ffff via Ethernet0
        network 1010, metric 2, delay 3
        network 1020, metric 3, delay 4

Question 73

Question 74

Topic 6.1.3: ping Command

ping
The ping command makes a connection between the Network layer of the source and the Network layer of the destination using ICMP (Internet Control Message Protocol) packets. The ping command sends an ICMP echo packet to the destination. When the destination receives the packet, it echoes the packet back to the source. ping is useful for testing connectivity to a remote device.

ping Output
The possibilities for output characters for ping are as follows:
  • ! Successful receipt of an echo reply
  • . Timed out waiting for a reply
  • U Destination unreachable
  • C Congestion-experienced packet
  • I Ping interrupted
  • ? Packet type unknown
  • & Packet TTL exceeded

router1>ping 204.71.200.243
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 204.71.200.243, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/72/84 ms
router1>
Question 75

Question 76

Topic 6.1.4: trace Command

trace
The trace command is used with IP packets that contain a TTL (Time-To-Live) field. When a router on the path between the source and target destination has to keep a packet because it doesn't know where to send it, the TTL value is regularly decremented as the router holds it. When the TTL equals zero, the router along the path notifies other routers on the path that the TTL values have been exceeded.

*Listing Routers
This process allows the source to calculate the time necessary to connect to each device along the route to the target.
The output of the trace command provides a sequential list of routers encountered along the path to the target.

*Troubleshooting the Route
The trace command allows you to troubleshoot individual hops along a route. Here's an example:
router1>trace 204.71.200.243
Type escape sequence to abort.
Tracing the route to yahoo.com (204.71.200.243)
  1 205.171.54.153 20 msec 28 msec *
  2 chi-core-02.inet.qwest.net (205.171.20.37) 16 msec 20 msec 16 msec
  3 sfo-core-02.inet.qwest.net (205.171.5.43) 64 msec 64 msec 64 msec
  4 sfo-edge-03.inet.qwest.net (205.171.18.1) 64 msec 64 msec 84 msec
  5 pos11-0-0-155M.br1.SFO1.gblx.net (206.57.8.33) 64 msec 64 msec 64 msec
  6 pos2-1-155M.cr2.SFO1.gblx.net (206.132.110.141) 68 msec 64 msec 64 msec
  7 pos6-0-622M.cr1.SNV.gblx.net (208.48.118.1) 64 msec 68 msec 64 msec
  8 pos0-0-2488M.hr8.SNV.gblx.net (206.132.254.37) 64 msec 64 msec 64 msec
  9 bas1r-ge3-0-hr8.snv.yahoo.com (208.178.103.62) 64 msec 68 msec 68 msec
 10 yahoo.com (204.71.200.243) 68 msec 64 msec 64 msec
router1>
Question 77

Question 78

Topic 6.1.5: telnet Command

telnet
The telnet command creates a connection from the Application layer of one device to the Application layer of the target device.
Router1> telnet 204.71.200.243

*Troubleshooting IP Addresses
The commands telnet, ping, and trace are used together to troubleshoot IP addresses. Use the following steps to find errors involving IP addresses:
  • Step 1: telnet to determine if an Application-layer-to-Application-layer connection can be established.
  • Step 2: ping to determine if a Network-layer-to-Network-layer connection can be established.
  • Step 3: trace to determine the last reachable router.


Question 79

Topic 6.2: Network Troubleshooting

*Troubleshooting with Tools
Although this series focuses on routers, routers are only one part of a network. Other parts of the network can also cause problems.
Troubleshooting networks can be done with
  • Software tools to monitor and analyze network activity

  • Physical tools to test hardware and physical connections


Topic 6.2.1: Software Tools

*Troubleshooting Software
Software packages, such as the following, are expressly created for troubleshooting and can save you valuable time when problems arise:
  • Network monitors

  • Protocol analyzers

  • Cisco proprietary software


*Network Monitors
Network monitors provide information on network traffic, including numbers and sizes of packets, and number of error packets.
*Protocol Analyzers
Protocol analyzers, such as the Network General Sniffer, troubleshoot at all seven layers of the OSI reference model.
Analyzers provide packet information and a breakdown of network activity, according to OSI layers.

*Cisco Proprietary Software
Cisco provides its own software applications for troubleshooting. Generally, Cisco troubleshooting products build upon the SNMP protocol to monitor network activity. Examples include
  • CiscoWorks for internetwork management
  • TrafficDirector RMON for remote monitoring
    VlanDirector for switch management

Topic 6.2.2: Physical Tools

*Testing Equipment
Sometimes the problems in your network result from hardware problems. Hardware, including the connections between devices, can be physically tested. You can test hardware without draining network resources. We will discuss some of the following testing equipment:
  • Time domain reflectors (TDRs) and optical time domain reflectors (OTDRs)
  • Volt-Ohm meters and digital multimeters
  • Cable testers
  • Breakout boxes and fox boxes

*TDRs
Time domain reflectors (TDR) test paired metallic cabling. TDRs can even work on underground cables.
TDRs can find the location of sheath faults, broken or loose connectors, crimps and cuts, water damage, and shorted conductors.
Optical time domain reflectors perform the same tests on fiber optics cabling.

*Meters
Volt-Ohm meters and digital multimeters test the physical connections of cabling by measuring AC/DC voltage, current, resistance, and capacitance.
*Cable Testers
Cable testers measure cable attenuation, noise, and NEXT (near-end crosstalk). In general, they test cable connectivity and continuity for both metallic and fiber-optic cabling.

*Breakout & Fox Boxes
Devices called breakout boxes and fox boxes test peripheral interfaces; that is, they test the interfaces where PCs, printers, modems, CSU/DSUs, for example, are connected to a network.

Question 80

Question 81

Question 82

Question 83


* Exercise 1
Try troubleshooting a network.

Examine the following table
Step Action
1 List the router commands that are useful when troubleshooting network problems. List advantages and disadvantages of each command. For each command, write at least one syntactically correct example, including arguments and keywords.
2 Describe the software tools available for troubleshooting.
3 Describe the hardware tools available for troubleshooting.


Topic 6.3: Unit 6 Summary

In this unit, you learned how to troubleshoot your network through router commands, software applications, and physical tools.
In this course, you also examined the configurations for ISDN, X.25, Frame Relay, and switches.
In effect, this course required you to know and apply many courses' worth of theory and practice.

No comments:

Post a Comment