What is a Router?

What is a Router?

A router establishes and directs communication between two networks. It is possible to define routing or managing processes as determining the route of a data packet from any station to another station and delivering the data on this route properly without any problems.

It helps the computers in the network to find their way, and in short, it is the internet hardware that has done the job of moving the ip packets in a network from one network to another.

While it directs the roaming of the devices in the network, it ensures that the packets are transmitted from the switch to the port in the most reliable way. These routers are among the most important computer network equipment that provides the organization of network traffic in large network structures.

How to Install a Router?

It may be necessary to follow a different installation order for each Router, but if there is a user manual with a purchased Cisco Router, following the steps in this guide makes it easier to install.

Normally, there is no booklet given to the user for the router, but if there are another installation media instead of the booklet, the installation process can be completed with the help of this media.

According to these, Router modems, which are of a new generation, no longer need to use installation media to use the modem.

After making the connections of the router properly, the necessary settings for the internet connection can be made with the information given to the users through the service provider.

What is the Routing Table?

The routing table contains valid routes on the network.

As you can see here, if you want to send a packet from network A to network C, the router chooses the best route for the packet, but this does not mean that this is the shortest route. It also checks the router Ethernet cables and router Ethernet categories.

What is Hop Number?

For example, you want to send a message to someone who lives in another city. The message to be sent first goes out over the router in the sender’s house and goes to the destination from one of the internet provider’s routers.

With every router the package visits, the number of hops increases by one. As in the example above, if a ping occurs from Network A to Network D, the packet visits 2 routers, therefore the hop count is 2.

What is Access Point?

Access Point devices are expressed as the name given to all devices that connect more than one computer, more than one mobile device, and smartphones, in short, all devices that can access the Internet.

Access Points are mostly used to convert wired connections into wireless connections. Apart from the AP’s ability to convert wired internet to wireless wifi internet, it can also be used as a signal repeater “Repeater”.

In Access Points, the Repeater option is often preferred indoors in order to provide an internet connection to extreme locations or by users who do not want to experience cable pollution.

APs are specially produced depending on the conditions of the environment, whether indoors or outdoors. It is produced for outdoor access points with a special working principle to ensure signal continuity in bad weather conditions and has a high level of durability compared to indoor products.

What are the Differences Between Access Point and Router?

There are many functional and structural differences between access point and router, but when it comes to buying, users do not know what to choose between these two products.

It is seen that these users, who mostly have wireless internet requests, face such a problem. The main reason for choosing a router can be thought of as the process of creating an internet connection for everyone, connecting to the network, and dividing it into computers.

Access Points are generally used as a repeater, so there is no DHCP module on them. Therefore, since it cannot give users an IP, it cannot perform the process of spreading the internet connection to users.

They are used only to strengthen the existing connection and to spread it over more areas. If there is a wireless router at home or in the office, an AP can be used to set up a wireless network.

What is a Modem?

The modem can be defined as a telecommunication system device that converts digital signals into analog signals, that is, into the telephone network, and analog signals, that is, into a computer interface from the telephone network, to digital signals, through DEmodulation and MODulation.

It also has tasks such as converting binary data, message and control signals over the interface, converting signals for establishing and terminating connections, generating data packets, recovering clock in synchronous networks, adapting data signals in binary form in the transmission path.

Related Posts

What is VTP?
What is VLAN?
Router Boot Process
Spanning Tree Protocol (STP)
What is ARP?

What is VTP (Virtual LAN Trunking Protocol)?

VTP (Virtual LAN Trunking Protocol), as it can be understood from the name of the protocol in networks with a large number of switchers, allows us to move VLAN (Virtual Local Area Network) to other switchers thanks to the “trunk” ports. VTP can also be called VLAN Domain in a sense.

Thanks to this, centralized management can be provided in networks with multiple switches. It saves you the hassle of configuring each switcher separately from errors such as adding, deleting, changing names in the managed network and errors that may occur during the configuration. Necessary changes are made on a single switcher and VTP teaches changes to other switches through trunk ports.

The concept of a domain is important. A field is created in a network where VLANs are to be taught with this protocol. Switchers in the same area exchange packages, they do not exchange packages with switchers in different areas. To create a domain, Domain Name is entered in the switcher.

The domain name basically comes empty. Switchers with the same domain are in the same domain. In addition, the Password can be entered optionally for security purposes. Switchers in the same field must be entered with the same password, otherwise, switchers cannot exchange packages.

Trunking Protocol can run in 3 different modes: Server, Client and Transparent.

Server: It is the mode that has the authority to make all the changes on the VLANs, send the change information it has made, receive information and updated features. At least a switcher running in server mode is required for adding and configuring VLANs in each domain. Any changes made in this mode are also announced to that domain and taught to other switchers in the domain. These configurations are stored on NVRAM (Non-Volatile RAM – Nonvolatile memory).

Client: They are switchers that can receive information from their servers, update and send the information they receive, but do not have the authority to make any changes on VLANs. The configuration of this mode is not stored on NVRAM, they are temporary.

Transparent: The switcher working in this mode is actually like a server, VLANs can be created, deleted or changed. These operations only affect the VLAN database of this switcher, the changes made here cannot be transferred to other switchers. In addition, it sends the information received from other switchers to other switchers through trunk ports but does not use the information it receives and does not update its own VLAN database with this information. The configuration for this mode is stored on NVRAM.

VTP Configuration Revision Number

When using VTP to carry VLAN information between switchers, the concept of Revision Number is very important. When a change is made to the VLANs within the network, the switcher in the server mode that has been changed increases one by one.

The switcher whose revision number is changed sends VTP notification to other switchers in the same domain. Switchers receiving the statement compare revision numbers. If the revision number in the notification it receives is larger than its revision number, it updates the VLAN information according to the notification.

There are several ways to reset the revision number of a switcher with a configuration. Some of those;

  • Changing the VTP domain name
  • Deleting the vlan.dat file held in Flash
  • Switching the VTP mode to transparent mode (switching to another mode in transparent mode)

There is also a potentially dangerous aspect of the revision number. If you unwittingly connect a switcher with the same password in the same domain and a larger revision number to the trunk port of a switcher connected to the same network, all VLANs and VLAN information in the network will be destroyed and the VLAN information in the switcher with the high revision number will be valid.


There are 3 types of papers: Summary, Subset and Request Advertisement.

1. Summary Advertisements

Contains information such as domain name, current revision number, and other configuration details. It is sent to switchers with VTP feature running in neighboring server or client mode every 5 minutes.

2. Subset Advertisements

Contains VLAN information. Changes such as creating or deleting a VLAN, turning off or activating a VLAN, changing the VLAN name, and changing the size of the VLAN packet send it immediately after modification to other switchers in the same domain.

3. Request Advertisements

The domain name changes, the receipt of a high summary advertisement from its revision number, the subset advertisement message cannot be received due to any reason, and the switcher is notified to the switchers in the switcher domain if it is closed and opened. The switcher that receives a request advertisement first sends a summary and then subset advertisement.


There are 3 versions: version 1, version 2 and finally version 3. The only difference between versions 1 and 2 is that version 2 supports Token Ring VLANs. Version 3 has brought quite new features compared to previous versions. Some of these features;

Version 3 provides more effective administrative control over the switcher used to update the VLAN information of other switchers. It provides a significant reduction in accidental changes in the network and increases its usability.

With ISL VLANs from 1 to 1001, the Dot1q (802.1Q) VLANs up to 4095 have been transported and functionality has increased significantly in the VLAN environment as well as supporting VLANs as well as Private VLAN (PVLAN) structures.

Version 3 enables the transfer of different databases besides VLAN.


If pruning is enabled in a domain, broadcast traffic related to this VLAN will not flow to a switcher without an active port of a VLAN. VTP pruning; It provides bandwidth by preventing packets of those VLANs from being sent to the device with unused VLANs. In order for VTP pruning to work, it must be implemented in all switchers in the same domain. This feature cannot be activated in client mode. It is activated in Server mode and taught to other devices. VTP pruning is disabled on a device that will be used for the first time and is activated by running the #vtp pruning enable command in global configuration mode on the switcher.

Dot1q (802.1Q)

It is a VLAN encapsulation standard developed by IEEE. It determines what the VLAN ID is, thanks to the bits placed in the Ethernet packets. The 802.1Q standard has been developed to meet the need to divide large networks that occur in the use of VLAN into smaller and manageable parts. Unlike the ISL standard developed by Cisco, its compatibility with different branded devices has made 802.1Q very popular.

In addition, the 802.1Q protocol is 26 bytes smaller than ISL, which makes 30-byte labeling. Although it is not known exactly, it can be said that the size reduction makes the 802.1Q faster than ISL.

ISL (Inter-Switch Link)

ISL is a VLAN encapsulation standard developed by Cisco Systems. It is a protocol especially developed by Cisco that enables the flow of network traffic over the VLAN from the switcher to router or switcher to the switcher. Since this protocol was developed by Cisco, it works only between Cisco devices.

These can only work on Fast or Gigabit Ethernet. This is called “external tagging”, which does not change the original size of the package, but adds a 26 byte ISL header to the package, allowing VLAN recognition between devices. It also adds a 4-byte FCS (frame check sequence) field that controls the pack to the end of the packet. The package can only be recognized by devices that enable ISL after these plugins.

The size of the package can reach up to 1522 bytes so that the maximum length in the ethernet network is 1518 bytes. The ISL protocol does not make any changes to the original frame, so it is very safe and does not cause any changes to the data.

Basic Configuration Commands Related to VTP

To teach VLAN information to other switches, the port to which the switchers are connected must first work as a trunk port. To check this, #show interfaces fastethernet0/1 switch port command must be executed.

If it is not working in trunk mode, you should enter the interface and go to trunk mode with the #switchport mode trunk command.

We can have an idea when we run (vtp ?) Command in global configuration mode.

Whichever version the protocol will run, the version is specified with the command #vtp version “version-number”. After this process, a password must be set for the #vtp domain “domain name” to create a domain and the #vtp password “domain password” domain for security purposes.

In addition, information can be obtained with the protocol executed with the #show vtp status command in privilege mode.

VTP Version: Indicates in which version VTP is working.
Configuration Revision: Specifies the configuration revision number.
Maximum VLANs supported locally: Specifies the maximum number of VLANs that will be stored in the database.
A number of existing VLANs: Specifies the number of VLANs that exist in the database. 5 VLANs are basically created on the device where no process is performed and they cannot be deleted. These VLANs are 1, 1002, 1003, 1004, and 1005 VLANs.
VTP Operating Mode: Indicates in which mode the VTP is operating.
VTP Domain Name: Specifies the VTP domain name. On devices in the same domain, this part should be the same.
VTP Pruning Mode: Indicates whether the VTP Pruning feature is active.

Related Posts

What is CDP?
What is VLAN?
Router Boot Process
Spanning Tree Protocol (STP)
What is ARP?

What is CDP (Cisco Discovery Protocol)?

CDP is a protocol used in Cisco devices that shows neighboring devices directly connected to a device. It is used in all network devices such as Router, Switcher, Access Server, Bridge. This protocol is a protocol used in OSI, Open Systems Interconnection, the second layer (data link layer) of its model.

Thanks to this protocol, the locations of neighboring devices of a device on the network are directly defined. Using CDP, you can easily see not only which device it is but also the device name (device id), open interfaces, ip addresses on the ports of the device, the functional capacities of the devices and the platforms of the devices, the operating system version used on the device. For this to happen, the devices must have the CDP turned on, which is on by default. If desired, this feature can be turned off later by the network administrator. This shutdown process can be applied only to certain ports or to all ports of the device. There are two versions: CDP, and CDP v2.

In version 2, the amount of information we can get from neighboring devices also increases. Examples are VLAN, Virtual Local Area Network information, VTP, VLAN Trunking Protocol namespaces, Full-Half Duplex study information.

The working principle of this protocol is as follows; Each device, whose CDP is not turned off, broadcasts its information as multicast in its network.

In this way, other neighboring devices also access this information. However, Cisco devices do not write this information in the table used in dynamic routing protocols. The tables they use for the information they obtain from the routing protocols are different.

Cisco devices do not need this information from Cisco Discovery Protocol. This protocol is generally useful for people who manage the network. The network administrator uses which devices are neighboring to the network and the information of neighboring devices.

This helps the network administrator when managing the network. Especially in small networks, effective use of CDP by the network administrator enables managing the network without the need for dynamic routing protocols. Since the network topology will be known, the routers can be communicated with the fixed routing process to be performed on the router.

Package sizes in which Discovery Protocol information is sent between devices vary, as there may be different types of devices and device information may differ. Therefore, these packages do not have a standard size.

In general terms, packages used in Discovery Protocol consist of 4 parts. The first part of the package contains the name of the version of the CDP used on the device. The size of this partition is fixed and is 1 byte (8 bit). The second part shows the lifetime of the package called time-to-live, that is, the time it takes to roam without being destroyed in the network. The size of this part is 1 byte (8 bit). Then there is the Checksum section containing the IP addresses. After this section, which consists of a 2-byte area, the rest of the package contains Cisco Discovery Protocol information from the device.

The package size varies depending on whether the size of this information is more or less. For example, there may be many devices adjacent to a device on the network, or this number may be too small. This changes the packet size sent by each device.

These packets sent as multicast are repeated every 60 seconds. However, if there is no news from the same device for 180 minutes, that is 3 times the periodic packet delivery time, this device is deleted from the table, indicating that these two devices are no longer related to the neighborhood.

The main commands are as follows:

  • show cdp neighbors: Shows Cisco devices neighboring the device on which this command is executed.
  • show cdp neighbors detail: This command provides a detailed view of the information received.
  • show cdp traffic: Shows general traffic information (total packet input-output, checksum, and encapsulation errors).
  • clear cdp table: Deletes the table containing the previously obtained CDP information.

Related Posts

What is Packet Tracer?
What is VLAN?
Router Boot Process
Spanning Tree Protocol (STP)
What is ARP?

What is VLAN (Virtual Local Area Network)?

VLAN (Virtual LAN) by IEEE stands for Virtual Local Area Network. It works on the 2nd layer of OSI. Using this technology, network users and resources on a local area network (LAN) are logically grouped and assigned to ports. These logical networks are split broadcast domains. After configuration, since each Virtual LAN receives only its own broadcast, broadcast traffic is reduced and bandwidth is increased. When it is desired to create a different VLAN on the LAN, the empty ports of the switch used can be used. This saves network investment.

Segmenting the network using Virtual LAN enables us to manage users more easily, to configure and implement access permissions more easily, and to identify and resolve potential network problems.

Including a guest user in the system network may not be safe for security. For this reason, it will be safer to take the guest user to the internet environment via a bent network isolated from the system. This is by dividing the network, that is, by configuring the VLAN. In a network, users in VLAN can only communicate with each other, they cannot communicate with users in a different VLAN.

It is done by logically grouping network users and resources on a local area network (LAN) and assigning them to ports on the switch. Since each VLAN will only receive its own broadcast, the bandwidth is increased by reducing broadcast traffic. Virtual LAN definitions can be defined according to location, department, people or even the application or protocol used.

First of all, let’s talk about a few benefits of configuring it on the network you work with.

  • Reduces the traffic by minimizing the mess caused by broadcast messages in the local network.
  • To obtain a more manageable network by assigning at least one VLAN to each unit on the local network.
  • To secure the network by determining the communication (ip-routing) between VLAN blocks.
  • To provide the transmission of many VLAN-networks on the fiberoptic or UTP uplink lines with the Trunk method.

These are the first pluses that come to mind about the benefits of VLAN. While taking precautions with firewalls against possible attacks and attacks from outside, VLAN configuration and authorization will be the first priority for internal threats.

By applying Virtual LANs on the network, many problems caused by 2nd level switching are eliminated. We can basically collect them under 3 headings.

Broadcast Control

Broadcast is produced by every protocol. However, its density varies depending on the protocol, application and how the service is used. In level 2 switching devices that are used flat, the incoming broadcast packet is sent to each port regardless of whether the end users can receive it. The high number of devices on the network causes the broadcast to increase exponentially and send these packets to every device on the network.

A well-designed network should be segmented according to criteria. The most convenient way to do this is through switching and routing. This prevents broadcast traffic between VLANs.


Another disadvantage of a flat network without a VLAN is security. On a network that does not use a switch (via distribution coax cable or hub), the data flow between the two computers is transmitted to all devices connected to the network (collision). This causes traffic problems and is quite unsafe due to software and even hardware that listens to all packets passing on the network and decodes the data part. When a switch is used as a distribution device, this port can be prevented by separating each port into its own collision segment. However, the fact that broadcast is sent to all ports in the switch topology used flat means that all devices on the network receive each other’s broadcast traffic.

A second point is that access to other groups of users on the network that will not have a network relationship with others is provided and broadcast packages are sent. When the network devices on the switch are divided into VLANs, such vulnerabilities will be eliminated. In this way, a user will not be able to connect to any end on the network and listen to the entire network and gain information. However, it will be able to operate on the VLAN it will be connected to.


Broadcast groups were actually created on a network created by creating VLANs. Regardless of its physical location on the switches, you have the flexibility to assign a user to the VLAN you want. Likewise, a growing VLAN over time can be transferred to newly created VLANs. This is possible with a new port definition on the switch.

When the same operation is attempted without using Virtual LAN support, the connection to the central router should be physically provided for the new subnet to be created.

A router or another layer 3 devices is required for routing between VLANs. One end must come from the switch to the router for each VLAN used on the switch.

Relationships Between VLANs

There are two types of VLANs.

1. Static VLANs: They are defined by the network administrator and assigned on switch ports. Unless the port of the switch is changed by the administrator again, it belongs to the Virtual LAN. This method simplifies network management and monitoring. In other words, interfaces of uplink ports in SVLAN configuration are tagged to the desired IDs (Tagged). In the interfaces of other user ports, the label for the VLAN that it will be a member of is removed (Untagged). Therefore, the user using that port will be able to exit only that block of IP, whichever tag is removed from the system administrator.

Finally, all switches, modems, firewalls, routing and monitoring servers in our network must be members of the VLAN-100, which is the “Network Management VLAN”. It will use this VLAN-100 network when communicating among themselves.

2. Dynamic VLANs (DVLAN): It recognizes the DVLAN of the device connected to the switch port in the DVLAN and automatically assigns that port to the DVLAN it recognizes. DVLAN identification can be made on the basis of hardware address (MAC), protocol or even application with network management programs. For example; Suppose MAC addresses are entered into a central VLAN management application. When a device is connected to a switch on the network to a port that does not have a VLAN assigned, the MAC address is asked to the VLAN management database and the received VLAN value is assigned to that port of the switch.

If the user changes or the device connected to the terminal changes, the new VLAN value is requested and assigned to the port. In this case, after the database is carefully prepared, the management and configuration work of the network administrator is reduced. It provides the map database service for VMPS MAC addresses for DVLAN use on Cisco devices. In other words, in DVLAN configuration, the uplink ports on the switch are tagged as in the static configuration.

However, all of the user ports are members of the Virtual LAN of the guest network. With the combination of switch-firewall or switch-DHCP server, thanks to the user mac address, the user is automatically registered to that VLAN. The authorization process is performed between the switch and the DHCP server and the ID of the user computer is sent to the switch and the switch makes this port a member of the VLAN that DHCP requests. This process can be either Computer-defined or user-defined. This is also possible thanks to the switch-DHCP server-active directory server trilogy. If your company has public computers and you want to authorize them according to the users, you can solve it in this way. Thus, VLAN-10 will be automatically authorized in the network if the accountant opens computer A, VLAN-40 if the engineer opens, or VLAN-200 if our guest opens.

VLAN Definitions

VLANs are distributed among connected switches. The package received by the switch is sent to the ports assigned to the VLAN to which it belongs by the method called “frame tagging”. A switch is a group of switches that carry the same information. There are two types of connections in these devices.

Access links; is a connection that belongs only to a VLAN. The device connected to an access link operates on the assumption that it is connected to a broadcast group regardless of the relationships between VLANs and the physical networks. Switches remove the header on the package before sending it to the device connected with the access link. The packets sent by the devices on the access link cannot talk to devices other than their VLANs unless directed by a router or another 3rd layer device.

Trunk links; can carry multiple VLANs on it. It can be made from the Trunk link switch to another switch, a router or a server. It has support only on Fast or Gigabit Ethernet. Cisco switches use two different methods to recognize VLANs on a trunk connection: ISL and IEEE802.1q. Trunk connections are used to move VLANs between devices and can be formatted to carry all or part of the VLANs.

In the frame tagging method, the switch from which the package comes from recognizes the VLAN ID (VLAN number) of the package and finds out what should be done from the filter table to the package. The VLAN header on the packet leaves the packet before leaving the trunk link. If there is another trunk connection on the switch from which the pack came, the packet is sent directly through this port. The last device that the packet will reach cannot access the VLAN information on the packet.

VLAN Identification Methods

Inter-Switch Link (ISL): It is used by Cisco switches and can only work on Fast or Gigabit Ethernet. This method is called “external tagging”, which does not change the original size of the package, but adds a 26 byte ISL header to the package, allowing VLAN recognition between devices. It also adds a 4-byte length FCS (frame check sequence) field that controls the pack to the end of the packet. The package can only be recognized by devices that recognize ISL after these plugins. The size of the pack can reach up to 1522 bytes so that the maximum length in the ethernet network is 1518 bytes. When the package that is enveloped with ISL information, the access link type is going to be connected, it is separated from all its plugins and returns to its original form.

IEEE 802.1q: This standard method developed by IEEE is used to carry multiple VLANs between different brands of switches or routers over a connection. A suitable header is placed on the incoming packet according to the defined standard and the VLAN of the packet is recognized among the devices.

LAN Emulation (LANE): It is used to carry multiple VLANs over a connection in the ATM network.

IEEE 802.10 (FDDI): It is used to carry multiple VLANs over a connection in the FDDI network. It adds a VLAN identification header called SAID to the package.

Routing Procedures Between VLANs

Devices connected to a VLAN can talk freely among themselves and send their broadcasts. VLANs divide the network and separate the traffic. A 3rd layer device is required for devices to talk between VLANs.

In this case, there are two options:

1. A connection is added for each VLAN on a router and the necessary configurations are made on the router and communication between the VLANs is provided.

2. Connection to switch fabric is made on a router that can define VLAN on ISL (or trunk connection), communication between VLANs is provided after necessary configurations.

If the number of VLANs to be defined on the network is small, a router with a number of VLAN outputs is provided by choosing the first option.

However, if the number of VLANs is high and the network is open to expansion, the second option should be preferred. Cisco routers provide ISL support in 2600 and later models. In this case, ISL service is run on a connection of the router (preferably the one with the highest bandwidth) or routing is provided by providing a “route switch module (RSM)” on the router. RSM provides 1005 VLAN support and packet processing is less time since it works on the router’s backplane. VLAN routing is called “router-on-a-stick” by running ISL on the router’s Fast or Gigabit Ethernet connection.

VLAN Trunk Protocol (VTP)

Cisco created the VLAN Trunk Protocol (VTP) protocol for VLAN management of connected switches on the network. It enables the VTP network administrator to perform operations such as changing, adding, deleting names on VLANs and notifies new information to all switches on the network. VIP; With multi-switch networks, central management eliminates errors such as lack of configuration and inaccuracy. It enables the establishment of VLAN trunk connections between different networks. For example, Ethernet shares the VLAN definitions between ATM (LANE), FDDI. It allows VLAN monitoring and monitoring without errors. It reports dynamically added VLANs to all switches.

In order to manage VTP on the network, a VTP server must serve the network. All servers and switches to which the information is to be shared must be formatted into the same VTP domain group. Switches broadcast VTP domain information, configuration renewal number and all known VLANs with their parameters. Switches can be set to send VTP information via trunk port, but not receive it and not update the VTP database (transparent mode).

Switches listen to upcoming VTP information, get the definition of new VLAN, and wait for new information about this VLAN from trunk ports. The VTP information that can come from can be ID, IEEE 801.10, SAID or LANE. Updates are provided by increasing the configuration renewal number. When the switch receives a higher configuration renewal number from it, the switch knows that a newer configuration has arrived and saves the new incoming information on the old database.

There are three types of VTP operating modes: Server, Client, Transparent.

Server; It comes preinstalled on the Cisco Catalyst series switches. At least one VTP server is required for adding, removing, and configuring VLANs for each VTP domain. Any changes made on a switch running in server mode are announced to that VTP domain. Its configuration is stored on NVRAM (Non-Volatile RAM – Nonvolatile memory).

Client; These are switches that receive information from VTP servers, receive and send update information, but cannot make any changes. Its configuration is not stored on NVRAM (Non-Volatile RAM – Nonvolatile memory), it is temporary.

transparent; These are the switches that send the incoming VTP information exactly through the trunk ports without joining the VTP domain group. They do not forward any changes that can be made to the VTP database on them through trunk ports. Its configuration is stored on NVRAM (Non-Volatile RAM – Nonvolatile memory).


It is changing the VTP configuration to reduce broadcast, multicast, and other unicast packets in order to save bandwidth. VTP pruning service sends the incoming broadcast to trunk ports that need to receive that information, not to others. For example; VLAN 5 broadcast, which comes to a switch that does not have any port of VLAN 5, is not sent over any port of the switch. It comes off in VTP pruning switches. In order to activate VTP pruning, it must be activated on all VTP domains. VLAN 2-1005 is pruning configurable VLAN numbers. Since VLAN 1 is a management VLAN, it can never be pruned.

Related Posts

What is Packet Tracer?
What is CCIE?
Cisco Boot Process
Spanning Tree
What is ARP?

What is Spanning Tree Protocol (STP)?

Spanning Tree Protocol (STP) is an IEEE 802.1 standard and blocks some ports to keep only one active link between any LAN segment (collision domain) using the software-based spanning-tree algorithm on all bridge devices, including switchers. It also prevents cycles that may occur with multiple active paths between stops.

The Spanning-tree algorithm is used in bridge and switcher-based networks and decides the best way traffic can travel from source to destination. This algorithm takes into account all backup paths and activates only one of them at any time.

For networks where the Spanning-tree Protocol is actively used, one root bridge per root network (the root bridge), one non-root bridge (root port) for each non-root bridge, and traffic to pass through each segment. there is one designated port.

Some Spanning Tree Terms

  • Bridge ID: The MAC address of the switcher is its bridge ID. It is important for root bridge selection in the network.
  • Non-root Bridge: All other bridges, except the root bridge, are non-root bridges.
  • Root Port: The root port is always the port that is directly connected to the root bridge or closest.
  • Designated Port Cost: If there is more than one root connection between two switchers, it is taken into consideration. It is calculated by looking at the bandwidth.
  • Bridge Protocol Data Unit (BPDU): All switchers and bridges included in the spanning-tree protocol in the same local area network (LAN) communicate with each other with BPDU messages. BPDUs are; It includes information such as the switcher’s priority, port priority, port value, MAC address. The spanning-tree protocol also uses this information when selecting the root bridge, root port, and assigned port.
  • Convergence: Convergence occurs when all the ports of the switchers and bridges go from the blocking state to the transmission state. Data is not transmitted until convergence is complete. All devices need to be updated before data can be transmitted again. Convergence is important to ensure that all devices have the same database, but it takes some time.

Root Bridge Selection

The root bridge is the logical center of spanning-tree topology in switched networks. Each bridge on topology sends messages called “hello BPDU” to each other and claims that it is the root. In these messages;

  • The identity of the root bridge (BID): This value is its own ID, as each bridge initially shows itself as the root bridge.
  • Priority: It belongs to the root bridge. Again, this value is its priority, as every bridge shows itself as the root bridge.
  • Cost of reaching the root: Initially zero.

The root with the lowest priority in the root bridge selection process. If the priorities are equal, the root with the lowest ID will be.

All other switchers and bridges in the network are called non-root bridges.

Bandwidth STP Cost
4 Mbps 250
10 Mbps 100
16 Mbps 62
45 Mbps 39
100 Mbps 19
155 Mbps 14
622 Mbps 6
1 Gbps 4
10 Gbps 2

Responses to Network Exchange

Root bridges send the “hello” BPDUs they send every two seconds to indicate that they are working. All other switchers and bridges receive these BPDUs. If “Hellos” come from the path where the data is moved, the path to the root is still standing. Spanning-tree operation starts again if there is a wait in receiving “hello”. “Hello” BPDU defines the time that bridges should wait while responding to the network change. These times are; “Hello Time” is the longest waiting time (max-age) and forward delay.

  • “Hello Time”: Indicates how often the root will send periodically “hello” BPDUs to be transmitted by bridges/switch in succession. The default duration is 2 seconds.
  • Longest Waiting Time: It is the time that the switch/bridges have to wait for the STP to change the topology after hearing the “hello”. The default duration is 20 seconds.
  • Transmission Delay: The time it takes for the interface to change from the blocking state to the forwarding state.

STP operation in a stable network works as follows:

  1. The root sends “hello” BPDUs from all its interfaces. (The cost of these BPDUs is 0.)
  2. Neighbor switch/bridges add and transmit “hello” BPDUs to their cost from non-root designated ports.
  3. Repeats step 2 when each switch/bridge “hello” in the network receives the BPDU.
  4. Each bridge repeats step 1 at every “hello time”
  5. If a bridge/switch did not receive “hello” BPDU during the “hello time” period, it continues to operate normally for the longest waiting time, if it still does not receive the BPDU, the STP reacts to change the topology.

The Mission of the Spanning Tree Protocol

The Spanning-tree algorithm brings each bridge and switcher port to one of the blocking or transmission states. These port states;

Blocking state: Frame cannot be sent or received from ports, it only listens to BPDUs. The purpose of this situation is to prevent the formation of loops. When the switchers are operated, all ports are in the blocking state by default.

Listening State: Ports listen to BPDUs before passing the frames to ensure that no looping occurs in the network. While the ports are in this state, they are prepared to transmit data without preparing the MAC address table.

Learning State: The ports listen to BPDUs and learn all the paths in the network. Ports in this state begin to form the MAC address table, but do not transmit frames yet.

Forwarding State: The ports are considered to be in an active spanning-tree. All of the transmission ports can receive and send frames.

Disable State: The passive state does not participate in frame transmission and STP.

Spanning Tree Port States

Ports on Bridge and switchers running STP switch between five different states.

Blocking State: The port in the heap state does not transmit frames, it only listens to BPDUs. The purpose of this situation is to prevent the formation of loops. By default, all ports are heaped when switchers are operated.

Listening State: Ports listen to BPDUs before passing the frames to ensure that no looping occurs in the network. While the ports are in this state, they are prepared to transmit data without preparing the MAC address table.

Learning State: The ports listen to BPDUs and learn all the paths in the network. Ports in this state begin to form the MAC address table, but do not transmit frames yet.

Forwarding State: The port both sends and receives all data frames.

Passive (Disable): The passive (administrative) port does not participate in frame transmission and STP.

Related Posts

What is Packet Tracer?
What is CCIE?
Cisco Boot Process
What is GNS3
What is ARP

What is GNS3, the Most Preferred Simulator Program to Prepare for Cisco Exams?

GNS3; It is a software that provides an interface to emulation software such as Dynamips, VirtualBox, QEMU and enables the emulation and configuration of network systems with different devices (Cisco, Juniper, HP, Arista, Citrix, Brocade routers and switching devices) and different operating systems. A real Cisco operating system IOS can be run with Dynamips. With QEMU, Juniper operating system Junos, Cisco ASA, and IDS / IPS systems can be operated. In this way, it is possible to test different physical hardware with GNS3. With Virtualbox, it is possible to add computers that emulate different operating systems to the virtual network system. GNS3 can be installed on various operating systems.

If we compare GNS3 with another popular software used in education; Cisco Packet Tracer is a very widely used simulation software especially in the Cisco Network Academy Program. The biggest difference of GNS3 software from Cisco Packet Tracer software is that GNS3 is an emulator and Cisco Packet Tracer is a simulator. So while GNS3 runs the operating system used on a real router, Packet Tracer uses a software-defined virtual operating system. While this prevents us from using all configuration commands in the Packet Tracer software, all commands valid for IOS used in GNS3 can be used. Another important difference is that switching devices (switch) are not emulated in GNS3, while this is possible in packet tracer. In GNS3 software, switching devices can be used only as unmanageable switches. Although the switching devices available by default in the GNS3 software are unmanageable, this can be overcome by using routers as a switching device. With the module support provided by GNS3, there are a number of operations that need to be implemented to turn a router into a switching device. For example, this can be accomplished by adding the NM-16ESW module.

Building a Network with GNS3

GNS3 software needs more memory and a faster processor depending on the number of devices to be emulated. Considering today’s computers, the 4-core Intel Core i5 or equivalent processor is sufficient for satisfactory device emulation. The number of different images and different router models used in GNS3 is another factor that increases the amount of processor and ram usage.

For example; A computer with the following hardware is used to create a virtual network with 20 mid-range routers:

  • Intel Core i5
  • 16 GB RAM
  • 250 GB HDD

In the laboratory environment to be installed, Cisco 3725 IOS will be used and 256 MB DRAM will be assigned for each router. Since there are 26 devices that can be used by students in the lab environment, it means 6700 MB RAM for the created virtual 26 routers. Considering system needs and virtual machine requirements, it requires at least 8 GB of RAM and 16 GB of RAM for a healthy operation, but considering the benefits, GNS3 offers to us, these costs are very low.

Although the need for RAM and processor in GNS3 grows in parallel with the number of routers we add, the idle PC value should be used to limit/reduce excessive consumption. This value calculates the times of virtual routers emulated by dynamips, putting the virtual router to sleep. The virtual router that goes into the sleep state (idle) does not use a processor. When Idle-PC is not enabled in the system, it can increase the CPU usage to 100% and cause the machine on which it operates to not respond to requests. To avoid this situation, the correct idle PC value should be calculated.

Studies on a virtual router scenario with 20 routers gave the following results; From the moment the devices are started, the processor usage reaches 100% and the RAM usage reaches 6.4 GB. In the process of calculating the idle PC value, right-click each of the routers in the virtual network or select the Idle-PC option in one of the router groups using the same type of IOS. The system will calculate the values ​​and present us with the most appropriate value with the * symbol. By selecting these values, a reduction in processor and memory (ram) usage can be achieved. Sometime after the Idle-PC Value was assigned, the processor load dropped to 18% and RAM usage to 3.2 GB.

Related Posts

What is Packet Tracer?
What is CCIE?
Cisco Boot Process
What is RIPv2
What is EIGRP

Cisco Router Boot Process

A router initially loads the following two files into RAM:

IOS image file: IOS simplifies the basic operation of the device’s hardware components. The IOS image file is stored in flash memory of router.

Initial configuration file: The initial configuration file contains commands that are used to perform the initial configuration of the router and to create the running configuration file stored in RAM. The initial configuration file is stored in NVRAM. All configuration changes are stored in the running configuration file and in the IOS.

The running configuration is changed when the network administrator performs the device configuration. When changes are made to the running-config file, it must be saved to the NVRAM as the initial configuration file if the router restarts or shuts down.

Router Boot Process

The boot process consists of three main steps:

1. Performs POST and loads the boot program.
2. Find and install the Cisco IOS software.
3. Locates the initial configuration file, loads it, or enters setup mode.

1. Power-on Self-Test (POST) is a common process that occurs on almost any computer at startup. POST is used to test the router hardware. When the router is turned on, the software in the ROM chip runs POST. During this self-diagnostics, the router works with the ROM diagnosis of various hardware components including CPU, RAM, and NVRAM. When POST is finished, the router runs the boot program.

After POST, the boot program is copied from ROM to RAM. After entering the RAM, the CPU performs the instructions of the boot program. The main task of the boot program is to find the Cisco IOS and install it in RAM.

Note: If there is a console connection to the router, the results appear on the screen.

2. Typically, IOS is stored in flash memory and copied to RAM for CPU operation. During the self-decompression of the IOS image file, a symbol sequence is displayed.

If the IOS image is not in flash memory, the router can search with the TFTP server. If a full IOS image is not found, a reduced version of the IOS from the ROM is copied to RAM. This version of IOS is used to help diagnose any problem and can be used to install the full version of IOS into RAM.

3. The bootstrap program then looks for the initial configuration file (also known as “startup-config da) in NVRAM. The file contains previously saved parameters and configuration commands. If so, it is copied to RAM as a running configuration file or “running-config”.

The Running-config file contains interface addresses, initiates routing, configures router passwords, and defines other device properties.

If the start-config file is not present in the NVRAM, the router can search for a trivial file transfer protocol (TFTP) server. If the router detects an active connection to another configured router, it sends a broadcast to search for a configuration file over the active connection.

If a TFTP server is not found, the router displays the request to enter setup mode. The setup mode consists of a series of questions that ask the user for basic configuration information. Setup mode is not designed to enter complex router configurations, and network administrators normally do not use it.

Related Posts

What is Packet Tracer?
What is CCIE?
What is ARP?
What is RIPv2
What is EIGRP

What is ARP in Networking and How it Works?

For IPv4 addresses to resolve to MAC addresses, the frames to be placed in a LAN environment must be the destination MAC address.

When a packet is sent to the data link layer to be enclosed in a frame, the node queries a table in its memory to find the address of the data link layer assigned to the destination IPv4 address. This table is called the ARP table or ARP cache. The ARP table is stored in the RAM hardware of the device.

Each entry or row in the ARP table links an IP address to a MAC address. The relationship between the two values ​​is called a map, which means that you can find an IP address in the table and find the corresponding MAC address. In the ARP table, device assignments are temporarily stored (cached) in the local LAN.

To begin processing, a transmitting node attempts to find the MAC address assigned to an IPv4 destination. If this map is found in the table, the node uses the MAC address as the target MAC in the frame that contains the IPv4 packet. The frame is then encoded in the network environment.

Understanding ARP (Address Resolution Protocol)

The ARP table is maintained dynamically. There are two ways in which a device can collect MAC addresses. The first is to monitor the traffic that occurs in the segment of the local network. Because a node receives frames from the media, it can save the source IP and MAC addresses as mappings in the table. When frames are transmitted on the network, the device completes the ARP table with address pairs.

A device can also receive address pairs by sending an request as shown in the figure. An ARP request is a Layer 2 broadcast transmitted to all devices on an Ethernet LAN. The ARP request includes the IP address and the broadcast MAC address of the target host, FFFF.FFFF.FFFF. Because it is a broadcast, all nodes in the Ethernet LAN receive and examine the content. The IP address responds to the node that matches the IP address in the request. The response is a unicast frame containing the MAC address corresponding to the IP address in the request. This response is used to create a new entry in the ARP table of the sending node.

The entries in the ARP table have a timestamp similar to the MAC table entries in the switches. If a device does not receive a frame from a particular device before the time stamp expires, its entry is removed from the table.

Additionally, static assignment entries can be entered in an table, but this is not very common. Static entries in the ARP table do not expire over time and must be manually removed.

How Does ARP Protocol Work?

What does the node do when a frame needs to create a frame and the ARP cache does not include an IP address assigned to a destination MAC address? When the ARP receives a request to map an IPv4 address to a MAC address, it searches for the map stored in the table. If no input is found, IPv4 packet encapsulation is not performed, and Layer 2 operations notify the ARP that a map is needed.

The ARP then sends an request packet to find the MAC address of the target device of the local network. If a device receiving the request has a destination IP address, it responds with an response. A map is created in the table. Packets of this IPv4 address can now be placed in frames. If no device responds to an request, the packet is discarded because no frames can be created. This encapsulation error is reported to the upper layers of the device.

Related Posts

What is Packet Tracer?
What is CCIE?
Download Packet Tracer
What is RIPv2
What is EIGRP

What is CCIE (Cisco Certified Internetwork Expert)?

CISCO is the world’s leading company in Information Technology, and CCIE (Cisco Certified Internetwork Expert) is one of the most respected certifications issued by the Information Industry worldwide.

CCIE is an advanced certificate that recognizes training, experience, and skills in structuring, testing, and troubleshooting complex networks.

Cisco CCIE and New Cisco Certificates

By continuing to analyze the announcement of Advanced Certificates issued by Cisco on Monday (June 10th), I now want to address the issue of professional-level certificates.

Professional-level certifications have never been the largest CCNA level, but for many years have been a clear path of professional development for those wishing to pursue a career in networks.
The natural continuity of CCNA (and therefore undertaken by most people) emerged as the step before CCI, and over the years they have become 8 different certifications in different areas of networks.

This reorganization of the certification system has led to significant developments that we need to consider.

General aspects of the next level of this CCNP Professional level certificates do not have formal prerequisites. That is, there is no longer a prerequisite for having a valid CCNA certificate.

To get a certificate, you still need to pass multiple exams, but now you only need to pass 2 exams.

In each architecture, however, there are several specialist options, ranging from 3 to 6 Concentrations that will certainly lead to different specialties.

Each Concentration exam results in Expert certification on a particular technology.

The diversity of “CCNPs” has been significantly reduced. There is now a professional certificate for each architecture: Enterprise, Data Center, Security, Service Provider, and Collaboration.

Exams will be valid until February 23, 2020.

New certification exams will be available from 24 February 2020.

Existing certificates remain in effect until each reapprovals date.

Those who have received a valid CCNP certificate by February 24 will have the corresponding CCNP certificates.

As of February 24, those who hold a CCNP Routing and Switching Certificate, CCNP Wireless and/or CCDP, will receive the new CCNP Enterprise certificate that intensifies these three.

For those who are in the certification process but do not meet all requirements from 23 February, an immigration plan is planned, which partially recognizes the approved exams to qualify for new certificates.

In any case, relevant formal training is planned for next July.

There is currently no official explanation of how Cisco NetAcad academies will pass.

There is an online tool to facilitate the transition to the new system: Migration Tool

Professional Level Certificates

  • There are no formal prerequisites.
  • In each case, the re-certification period is 3 years.
  • In each case, the certificate is obtained by passing the Core exam of the desired architecture and a Concentration exam in particular field technology, 2 exams are required.
  • For each exam, Cisco will provide formal training through the Learning Partners.

Certificates are issued in 5 architectures recommended by Cisco:

  • CCNP Enterprise
  • CCNP Data Center
  • CCNP Security
  • CCNP Service Provider
  • CCNP Collaboration

Related Posts

What is Cisco Packet Tracer?
How to Install Packet Tracer
Download Packet Tracer
What is RIPv2
What is EIGRP

How to Install Cisco Packet Tracer 7.2.2 in openSUSE Linux OS

OpenSUSE Leap 15.1 was released last May 2019. Ready to use and enjoy your computer, this is a stable version of the GNU / Linux distribution.

Today, openSUSE developers are pleased to announce that they are updating the new version of their operating system to the new openSUSE 15 version, which includes updated components and technologies based on the next SUSE Enterprise Linux 15 series and designed for advanced users.

With the latest release of SUSE Linux Enterprise 15, support is provided for local cloud applications that enable companies to move to the next level.

At this year’s Open Source Summit in Shanghai, China, SUSE made a big statement about the release of SUSE Linux Enterprise 15 Service Pack 1. He said his products would support both traditional and workloads. As a result, companies using this operating system can benefit both today and in the long run.

After you give some information about openSUSE, let’s move on to installing Packet Tracer, great software for preparing for Cisco exams on this system.

How to Use Packet Tracer on SUSE Linux

The latest version of Packet Tracer, developed by Networking Academy, customized and released for free, is 7.2.2.

To install Packet Tracer on your Linux computer, follow these instructions:

Step 1: First, download the Packet Tracer for Linux systems by clicking here.

Step 2: Start the installation by double-clicking on the downloaded setup file.

Step 3: In the first step of the Packet Tracer installation wizard, click Next.

Step 4: Configure the installation folder to / opt / pt / and click Next.

Step 5: After configuring the installation location, accept the simulator’s license agreement and click Next.

Step 6: In the Ready to Install phase, click the Install button to start the installation.

Step 7: Enter your root password during installation and click OK to continue the installation.

Step 8: After installation, click Finish and execute the packettracer command on the terminal to run the program.

Step 9: If the Cisco simulator software is not running on your openSUSE operating system, download the libpng package using the command below.

wget http://ftp.us.debian.org/debian/pool/main/libp/libpng/libpng12-0_1.2.50-2+deb8u3_amd64.deb

Step 10: Since deb packages are not installed on SUSE OS, download and install the DPKG package with the command below.

sudo zypper install dpkg

Step 11: Now you can run your Packet Tracer software by copying libpng12.so.0 to /opt/pt/bin/ after executing the following commands!

mkdir cpt; dpkg -x libpng12-0_1.2.50-2+deb8u3_amd64.deb ./cpt
sudo cp ./cpt/lib/x86_64-linux-gnu/libpng12.so.0 /opt/pt/bin/

Related Posts

Kali Packet Tracer
Linux Mint Packet Tracer
Debian Packet Tracer
Ubuntu Packet Tracer
What is CCENT?