Wednesday, July 23, 2008

Cisco Routers - Basic ISDN Configuration

Introduction

Configuration of ISDN interfaces on Cisco routers are usually considered a straight-forward process, however there are some details which can cause your ISDN dialer interface to fail.

This article will take you through the basic steps of configuring a Cisco Router to work with ISDN. Below is a table of ISDN Switch Types. Before you attempt to configure ISDN you need to ensure that you know which type of ISDN switch you are connecting to at the Telco.

Telco Switch Type

Cisco Keyword

AT&T Basic Rate Switch

basic-5ess

Nortel DMS-100 Basic Rate Switch

basic-dms100

National ISDN-1 switch

basic-ni1

PINX (PBS) Switches with QSIG Signalling per Q.931

basic-qsig

NET3 Switch Type for UK , Europe , Asia & Australia

basic-net3

AT&T 4ESS (ISDN PRI Only)

primary-4ess

AT&T 5ESS (ISDN PRI Only)

primary-5ess

Nortel DMS-100 (ISDN PRI Only)

primary-dms100

National ISDN Switch Type

primary-ni

NTT ISDN PRI Switches ( Japan )

primary-ntt

European and Australian ISDN PRI Switches

primary-net5

QSIG Signaling per Q.931

primary-qsig

No Switch Type

none

For a very basic BRI ISDN configuration on a Cisco Router, you need to perform the following steps (that's providing you are not using DDR - Demand Dial Routing);

• Configure the Switch Type (Using switch-type)

• Configure the ISDN Dialer Map; this basically maps the IP Address of the end router's IP Address with its telephone number (Using dialer-map)

• Configure your ISDN Interface IP Address (using interface & ip address)

• Configure a routing rule (using ip route)

For Example,

Router(config)#isdn switch-type basic-5ess
Router(config)#isdn dialer map ip 10.10.10.2 name main_office 66552
Router(config)#ip route 192.168.0.0 255.255.255.0 10.10.10.2
Router(config)#interface BRI 0
Router(config-if)#ip address 10.10.10.1 255.255.255.0

N.B. If using the DMS-100 and National-1 switch types (as well as AT&T 5ESS), you will need to obtain from you telco the Service Profile Identifier (SPIDs) of which you require one per each Bearer Channel. For these switch types, these need to be configured using the isdn spid1 and isdn spid2 commands. The SPIDs are used to authenticate call requests at the telco's switch. The format for using the SPIDs is isdn spid1 spid-number ldn and isdn spid2 spid-number ldn.

Demand Dial Routing

Since ISDN is a circuit switched technology, you usually pay for the amount of time that the line is active. For this reason, you generally do not want to raise the ISDN line for just any type of traffic. In order to accommodate this, you can configure what's called Demand Dial Routing or, DDR for short. The idea behind DDR is that you to specify the ‘interesting traffic' that will be able to raise the ISDN line.

For example, you can set as ‘interesting traffic', all packets destined towards a specific remote network you connect to. If none of the routed traffic that is heading for that network (on the other side of the ISDN line), the line doesn't get raised. This saves on unnecessary costs due to none essential traffic raising the line.

The way you specify ‘interesting traffic' is with the use of Access Control Lists (ACL's). If the traffic destined for the remote network doesn't match this interesting traffic, then the line stays down, otherwise the line is raised and traffic is allowed to travel to the remote network. It's worth mentioning here that although you have defined this “Interesting” traffic, it doesn't mean that other traffic will not be allowed to travel along the ISDN link. If the link is active, any traffic (unless blocked by Access Lists) is allowed to travel the link, therefore keep in mind that the “Interesting” traffic is used only to bring the line up.

You can then create a 2 nd set of ACL's which defining the traffic that can traverse the ISDN line. Also, the DDR works using a counter, like a time-out counter, once the counter reaches a preset configurable threshold, the line will drop again. This threshold is reduced each time “Interesting” traffic is sent over the ISDN Link, therefore it's also only the “Interesting” traffic that is used to maintain the link.

Steps in configuring DDR (assumes part of the basic steps above have already been configured)

• Define Interesting Traffic (Using dialer-list & access-list)

• Assign Interesting Traffic to an Interface (Using dialer-group)

• Define the destination IP address, hostname and telephone number to dial (Using dialer map)

• Define any additional options (Using dialer idle-timeout, dialer fast-idle, dialer load-threshold)

The Additional Options

Command

Description

dialer idle-timeout seconds

Specifies the number of idle time in seconds before the link is dropped.

dialer fast-idle seconds

Specifies the time that a line showing contention can remain idle for before it is dropped in order to allow the other call to be placed.

dialer load-threshold load [outbound | inbound |either]

Specifies the amount of load on the ISDN before the dialer initiates another call to the same destination (i.e. brings up the second channel making the link 128Kbps). The load is a number from 1 to 255, with 255 equalling 100% load. The final parameters specify which direction of traffic to calculate the load from.

For Example;

Router(config)#isdn dialer map ip 10.10.10.2 name main_office 66552
Router(config)#access-list 101 permit tcp any any eq http
Router(config)#dialer-list 1 protocol ip list 101
Router(config)#interface BRI 0
Router(config-if)#dialer-group 1

What this example does, is allowing all web traffic (http) from anywhere to anywhere. As you can see, the dialer-list is specifying the 101 access list to dialer-list 1. The dialer-group is then specifying the 1, which links to the dialer-list 1.

Dialer Profiles

On Cisco's website it states that “Dialer Profiles implementation of DRR is based on a separation between the logical and physical interface configurations. Dialer profiles also allow the logical and physical configurations to be bound together dynamically on a per-call basis.”

There are several advantages of Dialer Profiles over Legacy DDR, it is much more scalable then Legacy DDR because Legacy DDR is based on a static binding between the per-destination call and the physical interface configuration. Dialer profiles are point-to-point interfaces which mean we no longer need the layer 3 to layer 2 mapping (layer 2 meaning the telephone number) since the profile can only dial a single location (hence point-to-point).

Since the logical and physical configurations are dynamic, it allows physical interfaces to take on different characteristics based on the logical call requirements that is utilising the physical interface. The final advantage that we will include here is that it enables you to have a backup interface that isn't tying up one of the physical interfaces. Providing a spare interface is available, the backup can be used when it's required.

Dialer Profiles are made up of a Dialer Interface, dialer pool and physical interface. Optionally, you can also have a map class. These are highlighted in the table below

Dialer Interface

This is the logical call requirements to the point-to-point connection. The following parameters can be configured; the IP address of the destination network (ip address address mask ), Layer 2 encapsulation type for example ppp (encapsulation ppp ), PPP authentication (ppp authentication chap & pap ), the remote routers authentication name (dialer remote-name username ), the remote destination to call (dialer string dial-string ), dialer pool mapping to use for calls to this destination (dialer pool number ), assign dialer interface to a dialer group (dialer group number ).

There are other optional parameters such as PPP Mulitlink, idle timeout and more.


Dialer Pool


Used for a dialer interface to reference and be associated to a physical interface

Physical Interface


Here we assign a physical interface into a dialer pool (dialer pool-member number) and assign any additional physical features, such as layer 2 encapsulation (encapsulation ppp ), ppp authentication (authentication chap ), etc..

Map Class (Optional)


Used to create a mapping between the remote IP address and phone number required to dial in order to reach it.

Steps in creating a Dialer Profile (assumes part of the basic steps above have already been configured, such as ISDN type);

• Define a Dialer Interface

• Configure a Dialer String

• Assign Physical Interface to a Dialer Pool, plus any additional Physical attributes

• Other steps from the previous sections may need to be performed, for example; if you wanted to active the link using interesting traffic, DDR needs to be configured.

For Example;

Define Dialer Interface

Router(config)#interface dialer1
Router(config-if)#ip address 10.10.10.1 255.255.255.0
Router(config-if)#encapsulation ppp
Router(config-if)#ppp authentication chap
Router(config-if)#dialer remote-name remoteoffice
Router(config-if)#dialer string 999666
Router(config-if)#dialer pool 1
Router(config-if)#dialer-group 1
Router(config-if)#exit

Configure Physical Interface

Router(config)#interface bri0
Router(config-if)#encapsulation ppp
Router(config-if)#dialer pool-member 1
Router(config-if)#ppp authentication chap
Router(config-if)#exit

Configure DDR to specify “Interesting” traffic (http) used to bring the line up

Router(config)#access-list 101 permit tcp any any eq http
Router(config)#dialer-list 1 protocol ip list 101

A Simple Example

The following example includes a variety of different items discussed in this document, in order to help you see how they are applied in a real-case scenario. As always, depending on the security policies and network complexity, the configuration can change quite a bit. For simplicity reasons, we've keep the complexity to a minimum.

Our scenario is based upon two routers who occasionally require to connect their networks via an ISDN dial line, in order to transfer data between them.

Router 1 – Remote Office

Router1(config)#isdn switch-type basic-5ess
Assign the switch type that we are connecting through to on the physical layer, AT&T Basic Rate Switch telco switch

Router1(config)#interface dialer1
Create a dialer interface called dialer1 ready for configuring it

Router1(config)#description Outgoing To HQ
Set a description for this interface.

Router1(config-if)#ip address 10.10.10.1 255.255.255.252
Assign an IP address to the virtual dialer interface

Router1(config-if)#encapsulation ppp
Configure the encapsulation used when we are connecting through this virtual interface

Router1(config-if)#ppp authentication chap pap callin
Set our ppp authentication to use chap, pap. The ‘Callin' parameter ensures our router authenticates the remote router (HQ) on an incoming call. Since we are always the calling party, it does not expect the remote (HQ) router to authenticate, making this authentication process a one-way direction. Remote Office authenticates to the HQ router.

Router1(config-if)#ppp chap hostname remote-office
Set the username for chap authentication protocol

Router1(config-if)#ppp chap password cisco
Set the password for the chap authentication protocol

Router1(config-if)#ppp pap sent-username remote-office password cisco
Set the username & password for the pap authentication protocol.

Router1(config-if)#dialer string 999666
Configure the telephone number to call when connecting through this virtual interface

Router1(config-if)#dialer pool 1
Assign this virtual interface to use any physical interface that's assigned to pool number 1

Router1(config-if)#dialer-group 1
This is to define the interesting traffic that can be used to raise this virtual interface. This command is paired with the "dialer-list 1" command later on.

Router1(config-if)#dialer idle-timeout 300
Disconnect this call after 300 seconds of inactivity

Router1(config-if)#ppp multilink
Make this link ‘ppp multilink' capable, allowing the aggregation of the two available 64K ISDN lines to a total of 128Kbps.

Router1(config-if)#dialer load-threshold 125 either
When the incoming or outgoing (either) traffic reaches half of the available bandwidth (125), then bring up the 2 nd ISDN channel.

Router1(config-if)#exit
Exits out of the interface sub command

Router1(config)#interface bri0
Enters into the interface sub command on the physical interface bri0/0, ready for configuring the physical characteristics

Router1(config-if)#encapsulation ppp
Configure the encapsulation for this physical interface. Optional command since we've already included it in the Dialer Interface

Router1(config-if)#dialer pool-member 1
Assign this physical interface to a pool. This allows this physical interface to be used by any virtual interface in this same pool. In this case, Dialer 1

Router1(config-if)#ppp authentication chap
Set our ppp authentication to use chap. Optional command since we've already included it in the Dialer Interface

Router1(config-if)#exit
Exits out of the interface sub command

Router1(config)#access-list 101 permit tcp any any eq http
Access list used in defining interesting traffic. This line specifies that tcp port 80 traffic from anywhere to anywhere is interesting

Router1(config)#dialer-list 1 protocol ip list 101
Maps the access-list with the dialer-group. As you can see, number 1 is used in the dialer-list and dialer-group statements

Router1(config)#ip route 192.168.0.0 255.255.255.0 10.10.10.2
Creates a route to the 192.168.0.0/24 subnet to go through 10.10.10.2 (will use Dialer1 to get there since it's on the 10.10.10.0 subnet)

Router 2 – HeadQuaters

HQ(config)#username remote-office password cisco
Assign the username & password the remote office router will user while authenticating to this router

HQ(config)#isdn switch-type basic-5ess
Assign the switch type that we are connecting through to on the physical layer, AT&T Basic Rate Switch telco switch

HQ(config)#interface dialer1
Create a dialer interface called dialer1 ready for configuring it

HQ(config)#description Incoming From Remote-Office
Set a description for this interface.

HQ(config-if)#ip address 10.10.10.2 255.255.255.252
Assign an IP address to the virtual dialer interface

HQ(config-if)#encapsulation ppp
Configure the encapsulation used when we are connecting through this virtual interface

HQ(config-if)#ppp authentication chap pap callin
Set our ppp authentication to use chap, pap. The ‘Callin' parameter ensures our router authenticates the remote router (Remote Office) on an incoming call. Since we are always the called party, it will expect the remote router to authenticate. Remote Office authenticates to the HQ router. Username & password will be checked against the credentials we provided in the first line of this router's configuration.

HQ(config-if)#dialer pool 1
Assign this virtual interface to use any physical interface that's assigned to pool number 1

HQ(config-if)#ppp multilink
Make this link ‘ppp multilink' capable, allowing the aggregation of the two available 64K ISDN lines to a total of 128Kbps.

HQ(config-if)#exit
Exits out of the interface sub command

HQ(config)#interface bri0
Enters into the interface sub command on the physical interface bri0/0, ready for configuring the physical characteristics

HQ(config-if)#encapsulation ppp
Configure the encapsulation for this physical interface. Optional command since we've already included it in the Dialer Interface

HQ(config-if)#dialer pool-member 1
Assign this physical interface to a pool. This allows this physical interface to be used by any virtual interface in this same pool. In this case, Dialer 1

HQ(config-if)#exit
Exits out of the interface sub command

HQ(config)#ip route 192.168.5.0 255.255.255.0 10.10.10.1
Creates a route to the 192.168.5.0/24 subnet to go through 10.10.10.1.

Summary

Here's the complete configuration without comments. You should now be able to understand what each command represents:

Router 1 - Remote Office

Router1(config)#isdn switch-type basic-5ess
Router1(config)#interface dialer1
Router1(config)#description Outgoing To HQ
Router1(config-if)#ip address 10.10.10.1 255.255.255.252
Router1(config-if)#encapsulation ppp
Router1(config-if)#ppp authentication chap pap callin
Router1(config-if)#ppp chap hostname remote-office
Router1(config-if)#ppp chap password cisco
Router1(config-if)#ppp pap sent-username remote-office password cisco
Router1(config-if)#dialer string 999666
Router1(config-if)#dialer pool 1
Router1(config-if)#dialer-group 1
Router1(config-if)#dialer idle-timeout 300
Router1(config-if)#ppp multilink
Router1(config-if)#dialer load-threshold 125 either
Router1(config-if)#exit
Router1(config)#interface bri0
Router1(config-if)#encapsulation ppp
Router1(config-if)#dialer pool-member 1
Router1(config-if)#ppp authentication chap
Router1(config-if)#exit
Router1(config)#access-list 101 permit tcp any any eq http
Router1(config)#dialer-list 1 protocol ip list 101
Router1(config)#ip route 192.168.0.0 255.255.255.0 10.10.10.2

Router 2 - Headquaters

HQ(config)#username remote-office password cisco
HQ(config)#isdn switch-type basic-5ess
HQ(config)#interface dialer1
HQ(config)#description Incoming From Remote-Office
HQ(config-if)#ip address 10.10.10.2 255.255.255.252
HQ(config-if)#encapsulation ppp
HQ(config-if)#ppp authentication chap pap callin
HQ(config-if)#dialer pool 1
HQ(config-if)#ppp multilink
HQ(config-if)#exit
HQ(config)#interface bri0
HQ(config-if)#encapsulation ppp
HQ(config-if)#dialer pool-member 1
HQ(config-if)#exit
HQ(config)#ip route 192.168.5.0 255.255.255.0 10.10.10.1

Posted by at No comments:

Cisco Router Modes

Introduction

From my personal experience, I have noticed that the lower end routers (600-1400) use different commands than the mid to upper range routers (1600 and above). The commands we are going to talk about here cover most aspects of the 1600, 1700, 2500, 2600, 3600 series. Most are the same, but there are always a few variations to these commands depending on the interfaces your router has, IOS version, and the type of WAN protocols they support.

Because there is such a wide range of interfaces on a router and also alot of different versions of the Cisco IOS, I decided to stick to an example where our router is running IOS version 12 and has one IDSN S/T (without NT terminator) interface and one Ethernet interface. That's a total of 2 interfaces. I understand that this is quite a specific example, but it would take an enourmous amount of time and effort to cover all cases.

Now, when you power up a Cisco router, it will first run a POST test to ensure all hardware is ok, and then look into the Flash to load the IOS. Once the IOS is loaded, it will then check the NVRAM for any configuration file. Since this is a new router, it won't find any, so the router will go into "setup mode".

Setup Mode

The setup mode is a step-by-step process which helps you configure basic aspects of the router. When using this setup mode, you actually have 2 options:

1) Basic Managment Setup, which configures only enough connectivity for managment to the system.

2) Extended Setup, which allows you to configure some global parameters and interfaces.

It should be noted that when you are prompted to enter a value at the console prompt, whatever is between the square brackets [ ] is considered to be a default value. In other words, if you hit enter without entering anything, the value in those brackets will be set for the specific question.

I'll try to keep this as simple and straightforward as possible.

Cisco routers have different configuration modes (depending on the router model), and by this I mean there are different modes in which different aspects of the router can be configured.

The picture below shows you a quick view of the modes. Notice the red arrow, it's pointing towards the Global Configuration Mode and Privileged mode meaning that some of the specific configuration modes can be entered from Global Configuration Mode and other from Privileged mode:


Cisco Basics - User Exec Mode

Introduction

Let's see what it looks like to be in each one of these modes. Here I have telneted into our lab router and I am in User Exec Mode:

The easiest way to keep track of the mode you're in is by looking at the prompt. The ">" means we are in User Exec Mode. From this mode, we are able to get information like the version of IOS, contents of the Flash memory and a few others.

Now, let's check out the available commands in this mode. This is done by using the "?" command and hitting enter:

Wow, see all those commands available ? And just to think that this is considered a small portion of the total commands available when in Privileged Mode ! Keep in mind that when you're in the console and configuring your router, you can use some short cuts to save you typing full command lines. Some of these are :

Tab: By typing the first few letters of a command and then hitting the TAB key, it will automatically complete the rest of the command. Where there is more than one command starting with the same characters, when you hit TAB all those commands will be displayed. In the picture above, if i were to type "lo" and hit TAB, I would get a listing of "lock, login and logout" because all 3 commands start with "lo".

?: The question mark symbol "?" forces the router to print a list of all available commands. A lot of the commands have various parameters or interfaces which you can combine. In this case, by typing the main command e.g "show" and then putting the "?" you will get a list of the subcommands. This picture shows this clearly:

Other shortcut keys are :

CTRL-A: Positions the cursor at the beginning of the line.

CTRL-E: Positions the cursor at the end of the line.

CTRL-D: Deletes a character.

CTRL-W: Deletes a whole word.

CTRL-B: Moves cursor back by one step.

CTRL-F: Moves cursor forward by one step.

One of the most used commands in this mode is the "Show" command. This will allow you to gather a lot of information about the router. Here I have executed the "Show version" command, which displays various information about the router:

The "Show Interface <interface> " command shows us information on a particular interface. This includes the IP address, encapsulation type, speed, status of the physical and logical aspect of the interface and various statistics. When issuing the command, you need to replace the <interface> with the actual interface you want to look at. For example, ethernet 0, which indicates the first ethernet interface :

Some other generic commands you can use are the show "running-config" and show "startup-config". These commands show you the configuration of your router.

The running-config refers to the running configuration, which is basically the configuration of the router loaded into its memory at that time.

Startup-config refers to the configuration file stored in the NVRAM. This, upon bootup of the router, gets loaded into the router's RAM and then becomes the running-config !

So you can see that User Exec Mode is used mostly to view information on the router, rather than configuring anything. Just keep in mind that we are touching the surface here and not getting into any details.

This completes the User Exec Mode section. If you like, you can go back and continue to the Privileged Mode section.

Cisco Basics - Priveliged Mode

Introduction

To get into Privileged Mode we enter the "Enable" command from User Exec Mode. If set, the router will prompt you for a password. Once in Privileged Mode, you will notice the prompt changes from ">" to a "#" to indicate that we are now in Privileged Mode.

The Privileged Mode (and Global Configuration Mode ) is used mainly to configure the router, enable interfaces, setup security, define dialup interfaces etc.

I have put a screen shot of the router to give you an idea of the commands available in Privileged Mode in comparison to the User Exec Mode. Remember that these commands have sub-commands and can get quite complicated:

As you can see, there is a wider choice of commands in Privileged Mode.

Now, when you want to configure certain services or parts of the router you will need to enter Global Configuration Mode from within Privileged Mode. If you're confused by now with the different modes available try to see it this way :

User Exec Mode (distinguished by the ">" prompt) is your first mode, which is used to get statistics from router, see which version IOS you're running, check memory resources and a few more things.

Privileged Mode (distingushed by the "#" prompt) is the second mode. Here you can enable or disable interfaces on the router, get more detailed information on the router, for example, view the running configuration of the router, copy the configuration, load a new configuration to the router, backup or delete the configuration, backup or delete the IOS and a lot more.

Global Configuration Mode (distingushed by the " (config)# " prompt) is accessable via Privileged Mode. In this mode you're able to configure each interface individually, setup banners and passwords, enable secrets (encrypted passwords), enable and configure routing protocols and a lot more. I dare say that 70% of the time you want to configure or change something on the router, you will need to be in this mode.

Getting into Global Configuration

The picture below shows you how to enter Global Configuration Mode:

As you can see, I have telneted into the router and it prompted me for a password. I entered the password, which is not shown, at this point I am in User Exec Mode and then entered "enable" in order to get into the Privileged Mode. From here to get into Global Configuration Mode you need to enter the "configure selection" command.

Now you must be wondering what the various parameters shown in the picture are, under the "configure" command. These allow you to select how you will configure the router:

  • Configure Memory means you enter Global Configuration Mode and are configuring the router in its NVRAM. This command will force the router to load up the startup-config file stored in the NVRAM and then you can proceed with the configuration. When you're happy with the configuration, save it to NVRAM by entering "copy running-config startup-config".
  • Configure Network means you enter Global Configuration Mode and load a startup-config file from a remote router (using tftp) into your local router's memory and configure it. Once you're finished, you need to enter "copy running-config tftp" which will force the router to copy its memory configuration onto a tftp server. The router will prompt you for the IP address of the remote tftp server.
  • Configure Overwrite-network means that you overwrite the NVRAM's configuration with a configuration stored on a tftp server. Issuing this command will force the router to prompt for an IP address of the remote tftp server. Personally, I have never needed to use this command.
  • Configure Terminal means you enter Global Configuration Mode and work with the configuration which is already loaded into the router's memory (Cisco calls this the running-config). This is the most popular command, as in most cases you need to modify or re-configure the router on the spot and then save your changes.

You will need to save this configuration otherwise everything you configure will be lost upon power failure or reboot of the router !

Below are the commands you need to enter to save the configuration, depending on your network setup:

  • Copy running-config startup-config: Copies the configuration which is running in the router's RAM in to the NVRAM and gives it a file name of startup-config (default). If one already exists in the NVRAM, it will be overwritten by the new one.
  • Copy running-config tftp: Copies the configuration which is running in the router's RAM in to a tftp server which might be running on your network. You will be asked for the IP address of the tftp server and given the choice to select a filename for the configuration. Some advanced routers can also act as tftp servers.

Generic Configuration

There are a few standard things with which you always need to configure the router . For example, a hostname. This is also used as a login name for the remote router to which your router needs to authenticate. Before we get stuck into the interface configuration we are going to run through a few of these commands. The following examples assume no passwords have been set as yet and that the router has a default hostname of "router":

We connect to the router via the console port using the serial cable and type the following

Router> enable (gets us into Privileged Mode)

Router# configure terminal (This command gets us into the appropriate Global Configuration Mode as outlined above)

Router(config)# hostname swiftpond (This command sets the router's hostname to swiftpond. From this moment onwards, swiftpond will appear before the ">" or "#" depending on which mode we are in)

swiftpond(config)# username router2.isp password firewallcx (Here we are telling the router that the remote router which we are connecting to, has a username of "router2.isp" and our password to authenticate to router2.isp is "firewallcx")

This is a standard way of authentication with Cisco routers. Your router's hostname is your login name and your password (in our case "firewallcx") is entered at the same time you define the remote router's hostname.

Next we create a static route so the router will pass all packets originating from our network to the remote router. This is usually the case when you connect to your isp.

swiftpond(config)# ip route 0.0.0.0 0.0.0.0 139.130.34.43 (Here we tell our router to create a default route where any packet -defined by the first 0.0.0.0- no matter what subnetmask -defined by the second 0.0.0.0- is to be sent to ip 139.130.34.43 which would be the router we are connecting to)

In the case where you were not configuring the router to connect to the Internet but to join a small WAN which connects a few offices, then you probably want to use a routing protocol:

swiftpond(config)# router rip (Enables RIP routing protocol. After this command you enter the routing protocols configuration section -see below- where you can change timing parameters and other)

swiftpond(config-router)#

At this prompt you can fine tune RIP or just leave it to the default setting which will work fine. The "exit" command takes you one step back:

swiftpond(config-router)# exit

swiftpond(config)#

Alternatively, you can use IGRP as a routing protocol, in which case you would have to enter the following:

swiftpond(config)# router igrp 1 (The "1" defines the Autonomous system number)

swiftpond(config-router)#

Again, the "exit" command will take you back one step:

swiftpond(config-router)# exit

swiftpond(config)#

After that, we need to create a dialer list which our WAN interface BRI (ISDN) will use to make a call to our ISP.

swiftpond(config)# dialer-list 1 protocol ip permit (Now we are telling the router to create a dialer list and bind it to group 1. The "protocol ip permit" tells the router to initiate a call for an ip packet)

I'll give you a quick example to make sure you understand the reason we put this command:

If you launched your web browser, it would send an http request to the server you have set as a homepage e.g www.firewall.cx. This request which your computer is going to send, is encapsulated in an ip packet that will cause your router to initiate a connection, as it is now configured to do so.

The dialup interface for Cisco routers is broken into 2 parts: a Dialer-list and a Dialer-group.

The Dialer-list defines the rules for placing a call. Later on when you configure the WAN interface, you bind that Dialer-list to the interface by using the Dialer-group command (shown later on).

Configuring Interfaces

In our example we said we have a router with one Ethernet and one basic ISDN interface (max of 128Kbit). We are going to go through the process of configuring the interfaces. We will start with the Ethernet Interface.

In order to configure the interface, we need to be in Global Configuration Mode, so we need to type first "enable" in order to get into Privileged Mode and then "configure terminal" to get into the appropriate Global Configuration Mode (as explained above). Now we need to select the interface we want to configure, in this case the first ethernet interface (E0) so we type "interface e0".

This picture shows clearly all the steps:

Any commands entered here will affect the first ethernet interface only. So we start with the IP address. It's important to understand that this IP address would be visible to both networks to which the router is connected. If we were connecting to the Internet then everyone would be able to see this IP. Futhermore, the IP address would also be the default gateway for our firewall or machine which would physically connect directly to the router.

The following commands will configure the ethernet interface's IP address::

(config-if)# ip address 192.168.0.1 255.255.255.0

or

(config-if)# ip address 139.130.4.5 255.255.255.0 secondary

Now that we have given e0 its IP address, we need to give the ISDN interface its IP as well, so we need to move to the correct interface by typing the following:

(config-if)# exit (this exits from the e0 interface configuration)

(config-if)# interface bri0 (this command enters the configuration for the first ISDN interface)

(config-if)# ip address 10.0.0.2 255.255.255.224 (this command sets the IP address for BRI 0 which is also known as the WAN IP address)

Now when it comes to configuring WAN interfaces, you need more than just an IP address (LAN interfaces such as E0 are a lot easier to configure). You need to set the encapsulation type, the authentication protocol the router will use to authenticate to the remote router, the phone number it will need to dial and a few more:

(config-if)# encapsulation ppp (This command sets the packet's encapsulation to ppp which is 100% compatible with all routers no matter what brand)

(config-if)# dialer string 0294883452 (This command tells the router which phone number it needs to dial in order to establish a connection with our remote router e.g your ISP)

(config-if)# dialer group 1 (This command tells the router to use the dialer list 1 (configured previously) to initiate a connection)

(config-if)# idle-timeout 2000000 (This command is optional and allows us to set an idle timeout so if the router is idle for so many seconds, it will disconnect. A value of 2 million seconds means the router will never disconnect)

(config-if)# isdn switch-type basic-net3 (This command tells the router the type of ISDN interface we are using. Each country has its own type, so you need to consult your Cisco manual to figure out which type you need to put here)

(config-if)# dialer load-threshold 125 outbound (This command is optional and allows us to specify a threshold upon which it will place another call. The value it takes is from 1 to 255. A value of 125 means bring up the second B channel if either the inbound or outbound traffic load is 50%.

That pretty much does it for our ISDN (WAN) interface. All you need to do now is to SAVE the configuration !

Well I hope it wasn't too bad for you, since there is a quite a bit of information on this page. I encourage you to read through it again until you understand what is going on, then you will find it a breeze to configure a Cisco router yourself !
Posted by at No comments:

Routers

Introduction

Welcome to the Routers section. Here we will analyse routers quite some depth; what they do and how they work. I point out to you that you should have some knowlege on the OSI model and understand how data is sent across the network medium. If you find the information a bit too confusing or don't quite understand it, I would suggest you go back to the networking section and do some reading on the OSI model and Protocols.

What are they and what do they do ?

Routers are very common today in every network area, this is mainly because every network these days connect to some other network, whether it's the Internet or some other remote site. Routers get their name from what they do.... which is route data from one network to another.

For example, if you had a company which had an office in Sydney and another one in Melbourne, then to connect the two you would use a leased line to which you would connect a router at each end. Any traffic which needs to travel from one site to another will be routed via the routers, while all the other unecessary traffic is filtered (blocked), thus saving you valuable bandwidth and money.

There are two type of routers: 1) Hardware routers 2) Software routers.

So what's the difference ?

When people talk about routers, they usually don't use the terms "hardware" or "software" router but we are, for the purpose of distinguishing between the two.

Hardware routers are small boxes which run special software created by their vendors to give them the routing capability and the only thing they do is simply route data from one network to another. Most companies prefer hardware routers because they are faster and more reliable, even though their cost is considerably more when compared with a software router.

So what does a hardware router look like? Check the picture below, it displays a Cisco 1600 and 2500 series router along with a Netgear RT338 router. They look like a small box and run special software as we said.

CISCO 1600 Series Router CISCO 2500 Series Router



Netgear RT338 router

Software routers do the same job with the above hardware routers (route data), but they don't come in small flashy boxes. A software router could be an NT server, NetWare server or Linux server. All network servers have built-in routing capabilities.

Most people use them for Internet gateways and firewalls but there is one big difference between the hardware and software routers. You cannot (in most cases) simply replace the hardware router with a software router.Why? Simply because the hardware router has the necessary hardware built-in to allow it to connect to the special WAN link (frame relay, ISDN, ATM etc), where your software router (e.g a NT server) would have a few network cards one of which connects to the LAN and the other goes to the WAN via the hardware router.

I have seen a few cards in the market which allow you to connect an ISDN line directly into them. With these special cards, which retail from $5000 to $15000 depending on their capacity, you don't need the hardware router. But as you can understand, it's a much cheaper solution to buy a hardware router. Plus, the hardware routers are far more advanced and faster than the software routers since they don't have to worry about anything else but routing data, and the special electronic components they have in them are developed with this in mind.

The Flash image below shows us what a router does when it receives packets from the LAN or the Internet. Depending on the source and destination, it will pass them to the other network or send them to the Internet. The router is splitting the below network into 2. Each network has a hub to which all computers on that network connect to. Futher more, the router has one interface connected to each network and one connected to the Internet, this allows it to pass the packets to the right destination:

The picture below illustrates a router's place in the Local Area Network (LAN):

In the example shown, the workstations see the router as their " gateway". This means that any machine on this LAN that wants to send a packet (data) to the Internet or anywhere outside its Local Area Network (LAN) will send the packet via the gateway. The router (gateway) will know where it needs to send it from there on so it can arrive at its destination.

This explains the reason you need to add an Internet Protocol (IP) number for a gateway, when you have a LAN at home or in the office, in your TCP/IP network properties on your windows workstation.

The above figure shows only one example of how routers connect so the LAN gets Internet access. Let's have a look how 2 offices would use routers to connect them.

The routers in the above picture connect using a particular WAN protocol, e.g ISDN.

In reality, there would be a cable (provided by your service provider) which connects to the "WAN" interface of the router and from there the signal goes straight to your service provider's network and eventually ends up at the other router's WAN interface.

Depending on the type of router you get, it will support one of the most commonly used WAN protocols: ISDN, Frame Relay, ATM, HDLC, PPP. These protocols are discused in the protocols section.

It's important to note down and remember a few of the main features of a router:

  • Routers are Layer 3 devices
  • Routers will not propagate broadcasts, unless they are programmed to
  • Most serious routers have their own operating system
  • Routers use special protocols between them to exchange information about each other (not data)

Basics Of Cisco Routers

Introduction

Cisco is well known for its routers and switches. I must admit they are very good quality products and once they are up and running, you can pretty much forget about them because they rarely fail.

We are going to focus on routers here since that's the reason you clicked on this page !

Cisco has a number of different routers, amongst them are the popular 1600 series, 2500 series and 2600 series. The ranges start from the 600 series and go up to the 12000 series (now we are talking about a lot of money).

We are going to begin with the basic components which make up a Cisco router (and switches) and I will be explaining what they are used for, so grab that tea or coffee and let's get going !

The basic components of any Cisco router are :

1) Interfaces

2) The Processor (CPU)

3) Internetwork Operating System (IOS)

4) RXBoot Image

5) RAM

6) NVRAM

7) ROM

8) Flash memory

9) Configuration Register

Now I just hope you haven't looked at the list and thought "Stuff this, it looks hard and complicated" because I assure you, it's less painful than you might think ! In fact, once you read it a couple of times, you will find all of it easy to remember and understand.

Interfaces

These allow us to use the router ! The interfaces are the various serial ports or ethernet ports which we use to connect the router to our LAN. There are a number of different interfaces but we are going to hit the basic stuff only.

Here are some of the names Cisco has given some of the interfaces: E0 (first Ethernet interface), E1 (second Ethernet interface). S0 (first Serial interface), S1 (second Serial interface), BRI 0 (first B channel for Basic ISDN) and BRI 1 (second B channel for Basic ISDN).

In the picture below you can see the back view of a Cisco router, you can clearly see the various interfaces it has:(we are only looking at ISDN routers)

You can see that it even has phone sockets ! Yes, that's normal since you have to connect a digital phone to an ISDN line and since this is an ISDN router, it has this option with the router. I should, however, explain that you don't normally get routers with ISDN S/T and ISDN U interfaces together. Any ISDN line requires a Network Terminator (NT) installed at the customer's premises and you connect your equipment after this terminator. An ISDN S/T interface doesn't have the NT device built in, so you need an NT device in order to use the router. On the other hand, an ISDN U interface has the NT device built in to the router.

Check the picture below to see how to connect the router using the different ISDN interfaces:

...........

Apart from the ISDN interfaces, we also have an Ethernet interface that connects to a device in your LAN, usually a hub or a computer. If connecting to a Hub uplink port, then you set the small switch to "Hub", but if connecting to a PC, you need to set it to "Node". This switch will simply convert the cable from a straight through (hub) to a x-over (Node):

..............

The Config or Console port is a Female DB9 connector which you connect, using a special cable, to your computers serial port and it allows you to directly configure the router.

The Processor (CPU)

All Cisco routers have a main processor that takes care of the main functions of the router. The CPU generates interrupts (IRQ) in order to communicate with the other electronic components in the router. The Cisco routers utilise Motorola RISC processors. Usually the CPU utilisation on a normal router wouldn't exceed 20 %.

The IOS

The IOS is the main operating system on which the router runs. The IOS is loaded upon the router's bootup. It usually is around 2 to 5MB in size, but can be a lot larger depending on the router series. The IOS is currently on version 12, and Cisco periodically releases minor versions every couple of months e.g 12.1 , 12.3 etc. to fix small bugs and also add extra functionality.

The IOS gives the router its various capabilities and can also be updated or downloaded from the router for backup purposes. On the 1600 series and above, you get the IOS on a PCMCIA Flash card. This Flash card then plugs into a slot located at the back of the router and the router loads the IOS "image" (as they call it). Usually this image of the operating system is compressed so the router must decompress the image in its memory in order to use it.

The IOS is one of the most critical parts of the router, without it the router is pretty much useless. Just keep in mind that it is not necessary to have a flash card (as described above with the 1600 series router) in order to load the IOS. You can actually configure most Cisco routers to load the image off a network tftp server or from another router which might hold multiple IOS images for different routers, in which case it will have a large capacity Flash card to store these images.

The RXBoot Image

The RXBoot image (also known as Bootloader) is nothing more than a "cut-down" version of the IOS located in the router's ROM (Read Only Memory). If you had no Flash card to load the IOS from, you can configure the router to load the RXBoot image, which would give you the ability to perform minor maintenance operations and bring various interfaces up or down.

The RAM

The RAM, or Random Access Memory, is where the router loads the IOS and the configuration file. It works exactly the same way as your computer's memory, where the operating system loads along with all the various programs. The amount of RAM your router needs is subject to the size of the IOS image and configuration file you have. To give you an indication of the amounts of RAM we are talking about, in most cases, smaller routers (up to the 1600 series) are happy with 12 to 16 MB while the bigger routers with larger IOS images would need around 32 to 64 MB of memory. Routing tables are also stored in the system's RAM so if you have large and complex routing tables, you will obviously need more RAM !

When I tried to upgrade the RAM on a Cisco 1600 router, I unscrewed the case and opened it and was amazed to find a 72 pin SIMM slot where you needed to attach the extra RAM. For those who don't know what a 72 pin SIMM is, it's basically the type of RAM the older Pentium socket 7 CPUs took, back in '95. This type of memory was replaced by today's standard 168 pin DIMMs or SDRAM.

The NVRAM (Non-Volatile RAM)

The NVRAM is a special memory place where the router holds its configuration. When you configure a router and then save the configuration, it is stored in the NVRAM. This memory is not big at all when compared with the system's RAM. On a Cisco 1600 series, it is only 8 KB while on bigger routers, like the 2600 series, it is 32 KB. Normally, when a router starts up, after it loads the IOS image it will look into the NVRAM and load the configuration file in order to configure the router. The NVRAM is not erased when the router is reloaded or even switched off.

ROM (Read Only Memory)

The ROM is used to start and maintain the router. It contains some code, like the Bootstrap and POST, which helps the router do some basic tests and bootup when it's powered on or reloaded. You cannot alter any of the code in this memory as it has been set from the factory and is Read Only.

Flash Memory

The Flash memory is that card I spoke about in the IOS section. All it is, is an EEPROM (Electrical Eraseable Programmable Read Only Memory) card. It fits into a special slot normally located at the back of the router and contains nothing more than the IOS image(s). You can write to it or delete its contents from the router's console. Usually it comes in sizes of 4MB for the smaller routers (1600 series) and goes up from there depending on the router model.

Configuration Register

Keeping things simple, the Configuration Register determines if the router is going to boot the IOS image from its Flash, tftp server or just load the RXBoot image. This register is a 16 Bit register, in other words has 16 zeros or ones. A sample of it in Hex would be the following: 0x2102 and in binary is : 0010 0001 0000 0010.

Posted by at No comments:

Ethernet

The Ethernet Datalink

Introduction

"Ethernet" is the term that is casually applied to a number of very different data link implementations. You will hear people refer to "Ethernet" and they might be referring to the original DEC, Intel and Xerox implementation of Version 1 or Version 2 Ethernet. This, in a sense, is the "true" definition of "Ethernet". When the IEEE built the 802.3 standards in 1984 the term "Ethernet" was broadly applied to them as well. Today we talk about "Fast Ethernet" and, although this technology bears many similarities to its predecessors, the engineering technology has changed dramatically.

Whatever you call it, this is a Data Link technology - responsible for delivering a frame of bits from one network interface to another - perhaps through a repeater, switch or bridge.

Please select one of the following links :

Frame Formats

The four ways that frames may be structured.

Media Access

Taking turns accessing the cable using the rules of Carrier Sense Multiple Access with Collision Detection (CSMA/CD)


Collisions

The results of simultaneous transmissions on the media: Fragments, Runts, CRC Errors

Propagation Delay

The relationship between maximum cable length and minimum frame size is based on the propagation delay of the signal

Frame Corruption

Troubleshooting coaxial Ethernet networks by examining the types of corruption patterns that result from specific events

Interframe Gap

The 9.6 microsecond interframe gap and an understanding of its purpose

Signal Encoding

Manchester Encoding for the electrical Ethernet signal


AS SOON AS I GET TO STUDY ABOUT THIS TOPIC I WILL DROP IT DOWN FOR YOU GUYS TILL THEN BARE WITH THIS ONLY FOR THE TOPIC ETHERNET



Posted by at No comments:

Fast Ethernet

Introduction

Full motion video for video conferencing requires, typically, at least 25 Mb/sec. That means that a legacy Ethernet, at 10 Mb/sec, can only deliver poor quality real-time video. With 100 Mb/sec, however, you can be watching a broadcast presentation in one window while you're in conference with three people in three other windows (for a total of 100 megabits of bandwidth).

Consider a file server that requires 0.6 Mb/sec (6 million bits per second; 60% utilization on a 10 Mb/sec Ethernet). With a 100 Mb/sec Ethernet this server can now utilize interface hardware that can pump data down the pipe at a greatly increased rate.

It seems clear that the evolution of the industry is moving away from 10 Mb/sec Ethernet and towards the 100 Mb/sec (or higher) rates of data transfer. This section of the compendium discusses 100 Mb/sec Ethernet technology

Virtually everyone who uses Ethernet has wished from time to time that their network had a higher bandwidth. When Ethernet was being designed in the late 1970s, 10Mbps seemed immense. With today's bandwidth-intensive multimedia applications, or even with just the departmental server, that number sometimes is barely adequate. Yes, faster network technologies were available, but they were complicated and expensive. Then came Fast Ethernet.

Anyone who understands classic Ethernet already understands much about Fast Ethernet. Fast Ethernet uses the same cabling and access method as 10Base-T. With certain exceptions, Fast Ethernet is simply regular Ethernet - just ten times faster! Whenever possible, the same numbers used in the design of 10Base-T were used in Fast Ethernet, just multiplied or divided by ten. Fast Ethernet is defined for three different physical implementations.

The Implementations of Fast Ethernet:

  • 100BASE-TX: Category 5
  • 100BASE-FX: Multimode fibre
  • 100BASE-T4: Category 3

Probably the most popular form of Fast Ethernet is 100BASE-TX. 100BASE-TX runs on EIA/TIA 568 Category 5 unshielded twisted pair, sometimes called UTP-5. It uses the same pair and pin configurations as 10Base-T, and is topologically similar in running from a number of stations to a central hub.

As an upgrade to 10Mbps Ethernet over multimode fibre (10Base-F), 100BASE-FX is Fast Ethernet over fibre. Single duplex runs are supported up to 400m and full duplex runs are supported for up to 2km.

Fast Ethernet is possible on Category 3 UTP with 100BASE-T4. There is a popular misconception that Fast Ethernet will only run on Category 5 cable. That is true only for 100BASE-TX. If you have Category 3 cable with all four pairs (8 wires) connected between station and hub, you can still use it for Fast Ethernet by running 100BASE-T4. 100BASE-T4 sends 100Mbps over the relatively slow UTP-3 wire by fanning out the signal to three pairs of wire.

This "demultiplexing" slows down each byte enough that the signal won't overrun the cable. Category 3 cable has four pairs of wire, eight wires total, running from point to point. 10Base-T only uses four wires, two pairs. Some cables only have these two pairs connected in the RJ-45 plug. If the category 3 cabling at your site has all four pairs between hub and workstation, you can use Fast Ethernet by running 100BASE-T4.

Please select on of the following sections:


Differences Between Classic Ethernet And Fast Ethernet

Introduction

The two primary areas for concern when upgrading the network from 10Mbps to 100Mbps are cabling and hubs. As discussed on the Fast Ethernet Introduction page, in Fast Ethernet twisted pair cabling needs either to be category 5 or to be category 3 with proper twist on all four pairs.

The problem with hubs is the number of hubs allowed in a single collision domain. Classic Ethernet allows hubs to be cascaded up to four deep between any two stations. In Fast Ethernet, the number of hubs allowed in a collision domain is drastically reduced - to a single hub. Sometimes it may be possible to have more than one hub in a collision domain, but it will probably be easier in the long term to design a Fast Ethernet network assuming that only one hub is allowed.

What the IEEE 802.3 spec does not explicitly state is that this limitation only applies to shared 100BASE-T, not to switched 100BASE-T. Since switches act like bridges in defining a separate collision domain, installing Fast Ethernet switches will allow you to work around the single-hub problem. Even if it is not necessary to deliver dedicated switched Fast Ethernet to each desktop, Fast Ethernet hubs can be connected to switches. Connecting a number of repeaters to a switch will provide shared Fast Ethernet and allow you to maintain the size of your network.

Intergrating Fast Ethernet into 10MB Ethernet Networks

Introduction

Now that Fast Ethernet is here, the question becomes, "How do I start using it ?" Integrating Fast Ethernet into existing networks need not be done all at once.

Here are some aspects of 100Mbps implementation that should be considered:

  • Implementing Switching
  • Eliminating Bottlenecks
  • Expand The Topology Outwards and Downwards

Implementing Switching

Implement switching in high-traffic areas to concentrate the bottlenecks on the network. Since Fast Ethernet provides higher throughput of bits, it makes sense to figure out which network connections need the most relief. Which segments consistently attempt to pump the most bytes? Which segments consistently demonstrate the highest average percent bandwidth usage according to your protocol analyzer?

Installing switches will help you figure out which network segments are moving the most information due to the effect switches have on your network. Installing switches is like moving from traffic lights to limited-access highways. The idea works extremely well in isolating cross-town traffic, e.g. peer-to-peer networking, but doesn't necessarily help when all of the traffic slows down at particular locations, e.g. an enterprise-wide server or the network Internet firewall. Because there are other ways of isolating network bottlenecks, implementing switches is primarily useful when installing 10/100 switches in preparation for 100Mbps Ethernet.

Installing switches also gives the added benefit of segmenting collision domains. In classic Ethernet, there can be up to four hubs or repeaters between any two stations, but in Fast Ethernet that number is only one or two. Installing switches in place of repeaters spares you having to segment your network at a later point, allowing the cost of the transition to be spread over a longer period of time.

Eliminating Bottlenecks

Once bottlenecks have been identified, upgrade those network connections to 100 Mbps. The primary difficulty in this step is verifying that the existing cabling will be sufficient for Fast Ethernet. On UTP, the cable either needs to meet Category 5 specifications or have four pairs with proper twist maintained on Category 3. If you're planning on using 100BASE-TX, your wiring closet will also need to be certified for a higher speed. There are many devices available such as wire pair scanners, which will make this job much easier.

Installing the initial Fast Ethernet connections is much easier if the switches installed earlier are 10/100, capable of operating at either classic Ethernet speeds or Fast Ethernet speeds. If the switches installed were only 10Mbps switches, they could be used as "hand-me-downs," replacing hubs in segments where users require more bandwidth.

Expand The Topology Outwards and Downwards

Gradually work the Fast Ethernet out into the rest of the network, as far out and down as desired. Note that the price of 10/100 cards is not substantially higher than that of 10Mbps cards, so it may be a wise idea to plan ahead by installing 10/100 cards when installing new machines.

If there comes a point in the future when 100Mbps Ethernet needs to be implemented on that machine, all that will need to be changed is the connection on the other end. On the other hand, upgrading a machine from a 10Mbps card to a 100Mbps card will require reconfiguring the user's machine, installing a new driver, etc. A short-term expenditure can greatly offset the cost in man-hours and down-time later on.

Upgrading And Migrating From Ethernet To Fast Ethernet

Introduction

Here we are going to analyse the following aspects of upgrading/migrating from 10Mbit Ethernet to 100Mbit Ethernet.

  • Cabling
  • Incompatible Implementations
  • Repeaters In Fast Ethernet
    • Replacement Of Illegal Byte
    • Codes Data Translation
    • Error Handling And Partitioning

Cabling

There are two methods of running Fast Ethernet over UTP and one method of running it over fibre.

IMPLEMENTATION ..........CABLE TYPE............... NUMBER OF PAIRS

..100BASE-TX ................ Category 5 .........................2

..100BASE-T4..................Category 3 or 5................. ..4

..100BASE-FX.................. Fiber....................... (Not Applicable)

Category 3 cabling is not rated to carry the fast signaling of 100BASE-TX, so 100BASE-T4 must be used. 100BASE-T4 may also be used on Category 5 cabling, but 100BASE-TX is probably a better choice.

Incompatible Implementations

Fast Ethernet brings a new urgency to an old problem. Many network technologies use RJ-45 connectors. In the past, it was usually not difficult to figure out whether a jack was Ethernet or token ring: even at a site where both were in use they seldom were found in the same vicinity, so the network administrator could make an "educated guess". Today, with Fast and classic Ethernet interspersed and 10/100 cards common, some mechanism is needed to allow quick identification of the signal that is running across the wire.

Autonegotiation works by having each end of the connection send a series of pulses down the wire to the other end. These pulses are the same signals used in 10Base-T to test link integrity and cause the link indicator light to turn on. If a station receives a single pulse, referred to as a Normal Link Pulse (NLP), it recognizes that the other end is only capable of 10Base-T.

If autonegotiation is being used, a station will transmit a series of these pulses spaced closely together, referred to as a Fast Link Pulse (FLP). An FLP consists of 17 "clocking" pulses interspersed with up to 16 "signal" pulses to form a 16-bit code word. If a signal pulse occurs between two clocking pulses, that bit is a one. Absence of a signal pulse is a zero.

By comparing the 16-bit code words received in the FLP, a station and hub will agree on what implementation of Ethernet to use. The 16-bit code word describes what implementations of Ethernet are supported. Both station and hub will compare what it supports to what the other end supports, then choose which implementation to use for that link according to following priorities, defined by IEEE 802.3 clause 28B.3:

100BASE-TX full duplex

100BASE-T4

100BASE-TX 1

10BASE-T full duplex

10BASE-T

If the station supports 100BASE-T4, 100BASE-TX, and 10BASE-T and the hub supports full duplex 100BASE-TX, single-duplex 100BASE-TX, and 10BASE-T, they will each discover that the Ethernet implementations they have in common are 100BASE-TX and 10BASE-T. Since 100BASE-TX is defined to have a higher priority that 10BASE-T, the station and hub will use 100BASE-TX. This decision takes place independently on each side of the link, but since each side uses the same decision-making process and priorities, the same decision is reached on each end. Because each end of the connection agrees on what implementation of Ethernet is being used, the potential problem of incompatible signaling is averted.

Repeaters In Fast Ethernet

In Fast Ethernet the number of repeaters allowed per network segment is only 1 or 2. Whether one or two repeaters may be used is determined by what class of repeater will be used on the segment. Two classes of Fast Ethernet repeater are defined, Class I and Class II. Only one Class I repeater can be used in a single collision domain. Two Class II repeaters are allowed in a single collision domain, with up to a 5 metre inter-repeater link between them. The only technical difference between Class I and Class II repeaters is that Class II repeaters are faster than Class I repeaters. This allows Class I repeaters to provide other services besides simple repeating, such as translating between 100BASE-TX and 100BASE-T4. Class II repeaters are primarily used to link two hubs supporting only a single implementation of Fast Ethernet.

However, with the trade-off in fewer repeaters comes greater intelligence in each repeater. In addition to implementing the functionality of 10Mbps repeaters, 100Mbps repeaters are responsible for the following:

Replacement Of Illegal Byte

Unlike classic Ethernet, Fast Ethernet does not send a straightforward representation of the actual bits across the physical layer. A different representation of the information is sent instead. As a result, there are possible patterns on the wire which are not defined for use in Fast Ethernet. If a repeater detects an illegal pattern on the wire, it may replace that pattern (and every remaining pattern in the frame) with a special symbol identifying that the frame is corrupt.

Codes Data Translation

For repeaters that implement more than one implementation of Ethernet, the repeater will change the data encoding to be appropriate to the outgoing ports. 100BASE-T4 and 100BASE-TX use very different representations when sending data across a network. A Class I repeater which implements both 100BASE-TX and 100BASE-T4 needs to ensure that the signal going across the wire is the appropriate representation for the Ethernet implementation.

Error handling and partitioning

A Fast Ethernet repeater will monitor the state of each port in order to protect the network from any faults that might interrupt the flow of information.

If 60 consecutive collisions are detected from any particular port, the repeater will partition that port: it will stop forwarding information from that port to the rest of the network, but will still continue to repeat all frames from the network to the port. If the station on that port has broken so that it no longer is obeying the rules of CSMA/CD, then it needs to be separated from the network to allow traffic to flow.

However, it is possible that there could be 60 consecutive collisions on an extremely busy segment, so the repeater still forwards information to that port. If the repeater detects between 450 and 560 bits of information from that port without a collision occurring, the repeater will re-activate that port. A legal frame is received from the partitioned port, so we know that the hardware is working.

If between 40000 and 75000 consecutive bits are received from a port, the device at the other end of that cable is assumed to be "jabbering", sending an endless stream of bits, so the output from the port is cut off from the rest of the network. Such a "jabbering" device could prevent any traffic from flowing on a network, since there would never be a break for the other stations to transmit. If the station stops "jabbering", then the repeater will once again activate the port.

In 100BASE-TX and 100BASE-FX, a repeater will further monitor traffic to ensure that only frames with a valid preamble are passed. If two consecutive "false carrier events" occur, or a "false carrier event" lasts for 450-500 bits, the repeater will declare that link to be "unstable" and stop sending information to that port. As a result, faulty links are isolated from the rest of the network, resulting in improved overall network reliability. The link will be reactivated if between 24814 and 37586 bit-times have passed without any information having been received, or if a valid carrier is received after between 64 and 86 bit-times of idle have occurred.

802.3 Fast Ethernet (100 Mb/Sec) Model

Introduction

Here we see a logical drawing of the Fast Ethernet Data Link Layer sublayers. Data is passed down from the upper layers (such as TCP/IP or Novell Netware) to the LLC sublayer. From there it is passed to the MAC sublayer and then, depending on whether this is a 100BASE-T4 or 100BASE-TX environment, either down the right or left-hand path to the wire.

We will intentionally avoid a detailed discussion of exactly what goes on at each of these layers here. Some of the layers' functions, such as 8B6T encoding, Fan-out and NRZI signaling are labeled and will be discussed in this essay.

In 10Mbps Ethernet, the data is handed directly from the MAC layer to the PMA (Physical Medium Attachment) sublayer and onto the wire. The Reconciliation, PCS and PMD sublayers do not exist in 10Mbps Ethernet.


Troubleshooting techniques for Fast Ethernet

Introduction

This page will primarily discuss problems unique to Fast Ethernet.

  • The Collision Domain
  • Incompatible Ethernet Jabber
  • Auto-negotiation Priorities And Alternatives
  • Incompatible Cabling Specifications

The Collision Domain

The single biggest change in network design in Fast Ethernet is the smaller collision domain. Technically, the size of a collision domain in all flavors of Ethernet is exactly the same - 256 bits. On the wire, ten times as many 100Mbps bits can occupy the same space as an equal number of 10Mbps bits, so the collision domain in 100Mbps Ethernet can be only physically one tenth the size of a 10Mbps collision domain.

Effectively this means that whereas up to four hubs can legally be cascaded in 10Base-T between any two stations, only one (or two) hubs can be used in a single segment in 100BASE-T without going through an interconnect device that provides link segmentation; such as a store-and-forward bridge, switch or bridge, or a router. A separate section of the Compendium discusses INTERCONNECT DEVICES in detail. If you see signs of corruption on your network that correspond to propagation delay, check to make sure that you're not cascading too many hubs.

You can make some generalizations regarding the structure of corrupted data frames (as discussed in the 10 Mbps Ethernet FRAME CORRUPTION section) but remember that these corruption patterns may be quite misleading, since you have a hub or switch in the network.

Note that many hub vendors sell stackable hubs. Hubs in a single stack connected via a common backplane are usually considered to be a single hub in terms of propagation delay, but multiple stacks cascaded externally via 100BASE-TX, 100BASE-T4, or 100BASE-FX could definitely cause problems. These 100BASE standards are discussed in the INTRODUCTION to this Fast Ethernet section.

Incompatible Ethernet Jabber

Another potential problem in 100Mbps Ethernet is the use of RJ-45 jacks for more than one flavor of Ethernet. Since 100BASE-TX and 100BASE-T4 both use RJ-45 jacks, as do 10Base-T and many other network technologies, the IEEE 802.3 specified an auto-negotiation protocol to allow stations to figure out the networking technology to use.

Unfortunately, they made its implementation optional. If you're using equipment that does not implement IEEE-spec auto-negotiation, the incompatible Ethernet signals could prevent one of your stations from connecting to your network, or even simulate "jabber" by constantly transmitting a TX idle stream and bringing down the network.

The possibility for this jabber is uncertain, considering that the flavors of Ethernet use different signal formats in transmission. Even if data is not exchanged, it is still possible that incompatible Ethernet flavors could assume that they have a proper connection. Ethernets using RJ-45 connections to a hub use a Link Test Pulse to verify link integrity. This pulse is the same in all flavors of Ethernet if auto-negotiation is not used. The auto-negotiation protocol itself uses a modified form of these pulses to negotiate a common Ethernet implementation.

If Ethernet incompatibility jabber were to occur between 100BASE-TX and another flavor of Ethernet, the results could be catastrophic, as 100BASE-TX transmits a continuous idle signal between frames. Although transparent to 100BASE-TX, this idle signal would completely busy out a 10Base-T or 100BASE-T4 segment. On the other hand, the 802.3 specifies that a Fast Ethernet repeater should implement jabber control, automatically partitioning off any port that is streaming information for more than 40000 to 75000 bits. If the repeater were to partition off the "jabbering" port, the symptom would be reduced to inability to connect the 100BASE-TX station to the network.

Auto-negotiation Priorities And Alternatives

If the station and repeater both support 100BASE-TX and 100BASE-T4 and 802.3 auto-negotiation, the link will autonegotiate to 100BASE-T4 instead of 100BASE-TX. Since 100BASE-TX requires Category 5 cabling but 100BASE-T4 requires only Category 3, 100BASE-T4 is assumed to be a better default.

If the cabling is known to be UTP-5, then it is probably more efficient to turn off auto-negotiation and use 100BASE-TX wherever possible. 100BASE-T4 requires more overhead than TX because it multiplexes and demultiplexes the data stream over three wire pairs. There is also significantly less overhead in translating between 100BASE-TX and 100BASE-FX than between 100BASE-T4, as TX and FX both use 4B5B encoding instead of T4's 8B6T. 100BASE-TX and 100BASE-FX also leave open the possibility of Full Duplex communication, although full duplex is not yet part of the 802.3 spec.

On the other hand, 100BASE-TX sends an idle signal whenever it is not transmitting data. The 802.3 spec implies that it may very well be preferable to use 100BASE-T4 for battery-powered operation, since the card would only be transmitting when there is actual information to be moved.

Incompatible Cabling Specifications

One final problem with the advent of Fast Ethernet is the different cabling specifications. In classic Ethernet it was difficult to mistake 10Base-2 for 10Base-5. With Fast Ethernet, special care must be taken to verify that the entire connection between station and concentrator either supports TX's 31.25MHz signal or maintains T4's four pairs with proper twist. There are a number of good cable testers and pair scanners available to assist you in determining this for your network.

Posted by at No comments:
Subscribe to: Posts (Atom)